Breaking AI & Tech News Analyzed

The Lead Apple has rolled out critical security updates for older iPhone and iPad models to counter a sophisticated web-based attack known as DarkSword. The release of iOS 18.7.7 and iPadOS 18.7.7 is a direct response to a leaked set of hacking tools that can compromise devices running versions 18.4 through 18.7. Understanding the DarkSword Vulnerability DarkSword is a sophisticated exploit kit that operates through a 'drive-by download' mechanism. Attackers do not need to trick users into clicking suspicious links; instead, simply visiting a legitimate website that has been breached can trigger the malicious code. This allows the toolkit to break into Apple devices and install spyware without the user's immediate knowledge. The Data Impact of the Exploit The capabilities of the DarkSword toolkit pose a significant threat to user privacy. Once a device is compromised, attackers gain access to a wide range of sensitive information, including: Private messages Browser history Location data Cryptocurrency wallet credentials Security researchers have observed these tools being used in targeted attacks across China, Malaysia, Turkey, Saudi Arabia, and Ukraine. User Friction and Update Resistance Despite the severity of the threat, Apple notes that millions of users remain vulnerable because they have chosen not to update their devices. The primary driver for this resistance is the user experience; many users have opted out of the latest software updates to avoid the new 'liquid glass' interface, prioritizing familiarity over security patches. The Role of Lockdown Mode For users who remain at high risk, Apple’s optional Lockdown Mode offers a robust defense. The company has confirmed that this feature effectively blocks attacks that would bypass standard protections, including those from government-sponsored spyware campaigns. Future Outlook on Web-Based Threats The publication of the DarkSword toolkit on the open web signals a worrying trend. As these tools become more accessible, we can expect an increase in low-cost, high-impact cyberattacks targeting older device versions that lack the latest security protocols.

The recent half-billion-dollar bet on oil prices just before Donald Trump's announcement of 'productive talks' with Iran has raised eyebrows. It appears that some traders had prior knowledge of the event, allowing them to make a profitable wager. This incident is not an isolated case. Suspiciously timed trades have been observed on Polymarket, an online prediction market, before major events like the US attack on Iran and the Venezuelan coup. A single account made over $400,000 in a short period, sparking concerns about insider trading and conflicts of interest within the Trump administration. The White House denies any wrongdoing, but the Trump family's cryptocurrency ventures and $1.5 billion in earnings during Trump's second term have fueled speculation. The lack of regulation in betting markets, which use cryptocurrency and are decentralized, makes it difficult to track and shut down these activities. The article highlights a broader cultural shift towards monetizing everything, including politics, and the glorification of being one's own boss. This environment has created a culture of unscrupulous greed, where politicians and influencers promote dubious investment platforms and side hustles. The author suggests that Trump's actions represent an acceleration of existing dynamics, rather than a new phenomenon. The blurring of lines between politics and entertainment has turned politics into a global get-rich scheme. While we may never know if Trump directly benefited from these suspicious trades, it is clear that he is well adapted to this deregulated, rapacious, speculative culture.

A recent investigation has revealed a sophisticated scam operation where individuals are paid to write fake Google reviews in exchange for cryptocurrency. The scam, which was discovered on Telegram, involved recruiters posing as representatives of legitimate companies, offering individuals up to $800 per day to write fake reviews for various businesses, including hotels and restaurants. The scammers used a division of labor approach, with different individuals handling recruitment, coaching, and payment processing. The investigation found that the scammers were using Telegram channels to advertise their services and recruit new victims. These channels had thousands of subscribers and posted a steady stream of job offers, with payments starting at $5 per review. The scammers' main target was not just to create fake reviews but also to launder money and extract cash from their victims. They used cryptocurrencies to make payments, which were then laundered through a process called 'tumbling' to obscure their origin. The investigation also found that the scammers were using AI-generated images and stolen profiles to create fake identities. The UK's Competition and Markets Authority (CMA) has estimated that fake reviews cause annual harm of between £50m to £312m to UK consumers. Google has taken steps to combat fake reviews, removing over 240m fake reviews since 2024 and restricting 900,000 accounts for violating policies.

Raoul Peck's documentary about George Orwell and his enduring relevance takes as its keynote the heretical masterpiece Nineteen Eighty-Four and its famous scene about the state compelling people to believe whatever it says is the truth: that two and two make five. This Orwellian anti-arithmetic of tyranny has become a political meme often repeated in social media debates.The simple experience of hearing Orwell's prose, both from his published work and letters and diaries, read aloud by Damian Lewis, is invigorating and refreshing. There's an interesting emphasis on Orwell's physical frailty, with him effectively composing his masterwork in the shadow of death. Peck amusingly juxtaposes Orwell's sickness with Winston Smith being made to do exercises and the infatuation of tyrannical regimes with public displays of physical fitness.Peck cites various movie and TV adaptations of Nineteen Eighty-Four and includes footage of Jura, where Orwell went to live, and archive photo records of Orwell's childhood and early working life as a policeman in Burma. The film also shows how Orwell predicted the rise of AI in propaganda and in soulless bread-and-circuses for the masses.The film falls down in not focusing on actual theocracies of the present day and the Orwellian qualities of Isis and Hamas. The question of how far Orwell renounced his own earlier antisemitic tendencies is not entirely addressed in this film.Orwell was disliked by some on the left for daring to write Nineteen Eighty-Four and disliked still more with the revelation 30 years ago that in 1949 he had handed over to British authorities the names of 38 public figures he considered 'crypto-communists' – a fact from which this film averts its eyes. But Orwell's complications don't compromise his genius for truth-telling.

Google has issued a warning that quantum computers could potentially break most existing encryption systems by 2029, posing a significant threat to current cryptographic standards. The tech giant is urging banks, governments, and technology providers to prepare for this emerging threat.In a blog post, Google stated that the encryption currently used to keep information confidential and secure could easily be broken by a large-scale quantum computer in the coming years. The company, owned by Alphabet, emphasized the need for post-quantum cryptography migration to protect sensitive data.While quantum computers are still a nascent technology, Google, Microsoft, and universities across the UK and the US are actively building systems that harness the physics of quantum mechanics to perform extremely sophisticated mathematical calculations. However, constructing a powerful quantum computer with hundreds of thousands or even millions of stable qubits remains a significant technological challenge.Leonie Mueck, formerly the chief product officer of Riverlane, a Cambridge-based quantum startup, noted that Google's statement does not necessarily mean a working quantum computer capable of breaking encryption will definitely exist by 2029. Most timelines for a cryptographically relevant quantum computer range from the 2030s to the 2050s.Despite this, governments and organizations are already preparing for the eventuality that data stored to today's encryption standards would be exposed when the technology sufficiently advances. The UK's cybersecurity agency, the National Cyber Security Centre, has urged organizations to guard their systems against quantum hackers by 2035.Google's timeline suggests that engineering teams across the technology industry should consider measures to protect sensitive data by migrating to more advanced encryption systems now. Certain kinds of attacks predicated on the future availability of quantum decryption – “store now, decrypt later” – may currently be being deployed across the field.

The UK government has introduced a temporary ban on cryptocurrency donations to political parties, following a review into countering foreign financial influence and interference in UK politics. The ban, recommended by Philip Rycroft, a former senior civil servant, aims to allow regulators to catch up with the risks associated with crypto assets.Rycroft's review highlighted that crypto assets are used as a vehicle to channel in foreign money, posing a risk to the integrity of the political finance system. While a full ban is not deemed necessary, the moratorium will remain in place until parliament and the Electoral Commission are satisfied that new rules are effective.The Electoral Commission has warned parties that the same verification procedures for cash donations also apply to crypto donations, including checking the source of donations over £500 and reporting donations from a single source over £11,180. The commission has noted that cryptoassets present particular challenges and risks in meeting electoral law requirements.Concerns over crypto donations have been raised due to the potential for using 'mixers' to obscure the true source of a donation or AI tools to split donations, which could evade reporting thresholds. The joint committee on the national security strategy has called for a ban on crypto donations, citing the risk to the integrity of the political finance system.Only three parties have said they will accept crypto donations: Reform UK, the far-right Homeland Party, and the Other Party. Reform UK has received crypto donations, but they have not exceeded the £11,180 threshold. The party accepts crypto donations through a Polish payment platform called Radom, which claims to follow UK rules around verifying the identity of donors.

Revolut, the UK banking app, has reported a 57% increase in profits for 2025, but warned that its support for energy-intensive sectors such as crypto and AI could lead to a reputational risk. The fintech company, which can now launch as a fully fledged UK bank after a five-year wait for regulatory approval, offers crypto trading and has applied for a banking licence in the US.The company's annual report highlighted that cryptocurrency mining and AI datacentres demand large amounts of power, with competition for electricity supplies getting steeper since the US-Israel war on Iran sent energy prices soaring over the past month. Revolut's chief executive, Nik Storonsky, hailed another “landmark year” for the company, which has 68.3 million individual customers and 767,000 business customers.Revolut's growth has been rapid, with revenues climbing 46% to £4.5bn and a £1.7bn pre-tax profit for 2025. The company plans to offer a wider array of banking services in the future, such as lending and other products, and has launched mortgage refinancing in Lithuania. Despite the potential risks, Revolut believes its digital-first approach and emphasis on financial inclusion could lead to it being “relatively insulated and even benefit from an orderly energy transition, relative to traditional financial institutions”.

Rapid‑Action Spyware: The Darksword Campaign UnveiledResearchers at Google, iVerify and Lookout traced a fresh wave of iPhone attacks against Ukrainian users to a toolkit they named Darksword. The tool, linked to the threat actor UNC6353, infiltrates devices via compromised Ukrainian websites, siphons passwords, photos, messaging app data and wallet credentials, then vanishes within minutes.Technical Footprint and Quick‑Turnover MetricsInfection vector: malicious scripts on Ukrainian‑hosted sites, active only for visitors inside Ukraine.Data exfiltration window: minutes of dwell time, depending on volume of harvested information.Capabilities: extraction of WhatsApp, Telegram, SMS, browser history, and cryptocurrency wallet keys.Design: modular architecture allowing rapid addition of new functions, mirroring the earlier Coruna toolkit.Geopolitical and Security ImplicationsThe Darksword operation underscores a growing trend of state‑aligned actors deploying highly specialized mobile spyware for short‑term, high‑value “smash‑and‑grab” missions. While the campaign was geographically limited to Ukraine, its sophistication suggests that similar tools could be repurposed for broader espionage or financial theft, raising concerns for iPhone users worldwide and prompting a reassessment of mobile threat models.Future Outlook: Modular Spyware on the RiseAnalysts predict that the success of Darksword will encourage further development of modular iPhone exploits that prioritize rapid data theft over persistent surveillance. Defensive measures will likely focus on hardening web‑delivery chains, improving app‑store vetting, and enhancing on‑device anomaly detection to counter fleeting, high‑impact attacks.