Breaking AI & Tech News Analyzed

Booking.com, a leading accommodation reservation website, has suffered a significant data breach that has exposed customer information to unauthorized parties. The company, which lists over 30 million accommodation venues worldwide, detected suspicious activity involving unauthorized access to some guests' booking information.Upon discovering the breach, Booking.com took immediate action to contain the issue and updated the PIN numbers for affected reservations. The company has also informed affected customers about the breach. According to Booking.com, financial information was not accessed during the breach.The breach is the latest in a series of cybercrime attempts on Booking.com, which has recently struggled with a rising number of online scams on its platform. In 2018, the company reported a breach that exposed the booking data of over 4,000 people. Booking.com was fined €475,000 for reporting the breach 22 days late to the Dutch privacy regulator.The company, owned by Booking Holdings, a $137 billion US company, employs over 24,000 people worldwide. The breach highlights the growing concern of fake listings on booking websites and the need for increased cybersecurity measures in the industry.

Labour has challenged Nigel Farage over the cost of his private jet trip to the Maldives, questioning his claim that it cost as little as £25,000. Farage, the leader of Reform UK, initially recorded the two-day trip as costing £12,500, funded by Thailand-based Reform megadonor Christopher Harborne, before later upgrading the cost to £25,000. The Labour Party's chair, Anna Turley, wrote to Farage arguing that chartering a private jet of a similar size would cost many times more than the sum declared. According to publicly available flight logs, the 11,000-mile round trip lasted just over 23 hours, using a model of plane that is currently advertised on multiple private jet websites as costing at least $11,500 (£8,500) per hour to charter. Turley highlighted that the plane's ownership is linked to Harborne, who has given the party more than £12m. She asked Farage to clarify how he valued the cost of the flight, which did not end in him reaching the Chagos Islands, as he did not have permission. Farage has described the visit as a "humanitarian mission", saying he undertook the trip to highlight the plight of the Chagossians, whose families were removed from the islands in the 1960s and are seeking to return. The trip has sparked controversy over the valuation of the private jet donation and Farage's attempts to reach the Chagos Islands, which are subject to a UK government decision to hand sovereignty to Mauritius.

Social media users in the UK are posting, sharing, and commenting less on tech platforms, driven by the rise of video-oriented apps and fears that online posts could harm their reputation. According to Ofcom, 49% of adult social media users now post, share, or comment, down from 61% in 2024.The proportion of users exploring new websites has also decreased, from 70% to 56%. Joseph Oxlade, senior research manager at Ofcom, cited the popularity of video apps like TikTok and Instagram Reels as a reason for the decline in active use.Concerns about the long-term impact of online posts on personal and professional lives are also a factor. 49% of adults are now concerned about posts causing them problems in the future, up from 43% in 2024. This fear is not unfounded, as historic internet posts have been known to cause embarrassment for public figures.Despite this, social media use remains widespread, with 89% of adult internet users using at least one social media platform. The Ofcom data was based on a survey of 7,500 people across the UK last year over the age of 16.The data also showed that use of AI tools like ChatGPT has increased, with 54% of UK adults using them, up from 31% in 2024. Some users are interacting with AI as if it were a person, using it for tasks like seeking relationship advice or generating creative content.

The Super League marked a significant milestone recently, celebrating 30 years since its launch in 1996. To commemorate the occasion, the league hosted a special event at Headingley, where Leeds played Warrington in a repeat of one of the original fixtures. The event featured a nostalgic look back at the league's early days, with Sky Sports anchor Brian Carney welcoming guests to reminisce about their past heroics. In 1996, only three Super League games were televised, despite Sky Sports investing £87m in the new competition. Fast-forward to the present, and the media landscape has transformed dramatically. Today, fans can access live broadcasts of almost every Super League game, with Sky Sports paying £21.5m to show every game this season, a significant decrease from the £17.3m they paid for two games a week in 1996. The way people consume sports media has also undergone a substantial shift. Fans now rely on their phones for updates, rather than traditional radio bulletins. The proliferation of social media and online platforms has changed the way journalists work, with many now producing content for rugby league websites, such as Serious About Rugby League and Love Rugby League. The number of full-time reporters covering the sport has dwindled, with most journalists now working part-time or for online publications. Despite this, the sport remains popular, with radio coverage expanding to include live broadcasts of almost every Super League game on BBC's local stations, 5 Live Sports Extra, or TalkSport. Veteran journalists, such as Paul Fitzpatrick and Andy Wilson, reflect on the changes they've seen over the years. They note that while the sport has become more accessible, the media landscape has become more challenging, with fewer resources and a greater emphasis on online content. Nevertheless, the openness of rugby league players and the humility of the sport's stakeholders have made it a pleasure to cover.

The Erosion of Digital Anonymity Apple's 'Hide My Email' feature, designed to shield user identities from apps and websites, has been exposed as ineffective against federal subpoenas. The company recently revealed it provided real names and email addresses to the FBI and ICE, undermining the feature's promise of anonymity for paying iCloud+ subscribers. This disclosure highlights a critical vulnerability in the privacy architecture of major tech platforms, where 'anonymity' often depends on the willingness of the provider to withhold data. The 'Hide My Email' Loophole The feature allows iCloud+ subscribers to generate anonymous email aliases that forward messages to their private inbox. While Apple claims it does not read the content of these forwarded messages, the legal mechanism allows authorities to bypass the alias entirely. In a recent affidavit, the FBI revealed that Apple provided the real identity behind an anonymized address used in a threat investigation against Kash Patel's girlfriend. Similarly, ICE agents obtained records linking multiple anonymized accounts to a specific individual involved in an alleged identity fraud scheme. Metadata vs. Content The data shared with law enforcement goes beyond simple forwarding logs; Apple provided the account holder's full name, email address, and billing information. In one instance, Apple disclosed records for 134 anonymized email accounts created via the feature. This indicates that while the content of emails remains private, the ownership of the account is easily accessible to authorities with a valid legal request. The distinction between encrypted content and unencrypted metadata is becoming the primary battleground for digital privacy. End-to-End Encryption Limits This incident underscores a critical distinction in modern cybersecurity: the difference between end-to-end encryption (E2EE) and account metadata. Apple touts its services as E2EE, meaning only the user can access their data. However, this protection does not extend to the account registration details, billing history, and unencrypted routing information that Apple stores. As a result, the demand for alternative privacy tools like Signal, which offer stronger protections against metadata collection, is likely to increase among privacy-conscious users. The Future of Privacy vs. Security As law enforcement agencies increasingly rely on metadata to solve crimes, tech companies will face mounting pressure to balance user privacy with national security obligations. We can expect a rise in legal battles regarding the scope of 'anonymized' services and a potential shift in consumer behavior, where users seek out services that offer true anonymity rather than just obfuscation.

The Coruna and DarkSword Threat For years, the prevailing narrative among iPhone security experts was that breaking through Apple's defenses was a rare, high-barrier event requiring significant resources. However, recent investigations by Google, iVerify, and Lookout have shattered this assumption. Researchers have documented broad-scale hacking campaigns utilizing two specific tools, Coruna and DarkSword, which have been used to target victims globally who are not running the latest software updates. Attack Vectors: Hackers are compromising legitimate websites and creating fake pages to deliver spyware. Key Actors: Involvement of Russian spies and Chinese cybercriminals. Tool Availability: The source code for these tools has leaked online, allowing anyone to launch attacks against older iPhones. The Two-Tier iPhone Security Landscape The discovery of Coruna and DarkSword highlights a critical data point in the current security ecosystem: the existence of two distinct classes of iPhone users. This bifurcation is driven by the introduction of Memory Integrity Enforcement in iOS 26, a feature designed to prevent memory corruption bugs—the very vulnerabilities exploited by DarkSword. Class A (Secure): Users on the latest iPhone 17 models running iOS 26 are protected by memory-safe code and Lockdown Mode, making them resistant to these specific memory-based hacks. Class B (Vulnerable): Users running iOS 18 or older versions remain exposed to memory corruption attacks, as these older systems lack the new safety enforcement layers. Challenging the 'Rare Hack' Myth The widespread use of these leaked tools suggests that spyware attacks are becoming more common and less exclusive. This shift is fueled by a thriving "second-hand" market for exploits, where brokers resell vulnerabilities before they are patched. Experts argue that the rarity of iPhone hacks has been overstated simply because they are rarely documented. As noted by Patrick Wardle, the baseline capability for such attacks is now accessible to a wider range of actors, moving beyond state-sponsored actors to include cybercriminals. The End of the 'Rare Hack' Era The future of mobile security appears to be one of continuous escalation. With the code for Coruna and DarkSword now public, the barrier to entry for launching attacks against older devices has lowered significantly. This indicates that memory-based exploits will continue to plague lagging users, and the market for exploit development will likely expand as brokers seek to monetize vulnerabilities before updates are applied.

The European Commission has initiated an investigation into Snapchat over concerns that the social messaging app is putting children at risk of grooming, sexual exploitation, and other criminal activities. This probe is part of the EU's efforts to enforce its Digital Services Act (DSA), which aims to protect European society from a wide range of internet harms, including child safety provisions to combat cyberbullying, exposure to adult content, and illegal products.In a separate decision, the commission also accused four pornographic websites - Pornhub, Stripchat, XNXX, and XVideos - of failing to prevent minors from accessing adult content, which could lead to mental health issues, negative gender attitudes, and increased tolerance of violent sexual behaviors.The investigations follow a landmark ruling in a Los Angeles court that found two social media companies, Meta and YouTube, had deliberately created addictive products that harmed a young user. The EU is now considering whether to follow Australia and ban social media for under-16s.Snapchat reports 94.7 million monthly users in the EU and is hugely popular among teenagers and young people. However, EU regulators believe the company is failing to ensure its age limit of 13 is respected, and users are not given adequate guidance on privacy and safety features.The commission's tech spokesperson, Thomas Regnier, described the situation as 'quite terrible' in EU member states, citing statistics on the prevalence of minors accessing pornographic websites. The companies may now examine the findings and mount a defense, before any final decision is taken. If the complaint is upheld, the four websites could be fined up to 6% of global annual turnover.

Apple has introduced a new requirement for UK iPhone users, mandating them to confirm they are 18 or older to use certain services. This move, believed to be a first for a European market, comes as part of a broader effort to protect children online. The age verification process can be completed by uploading a credit card or scanning an ID, such as a driving license or national ID. Ofcom, the online regulator, has welcomed the change, calling it “a real win for children and families” and part of a wider drive to “keep young people away from harmful content”. The update is part of a software update and aims to restrict access to certain services and features for users under 18. However, some users have expressed concerns about the privacy implications of uploading personal information for age verification. Apple has assured users that if they already have an account, they can confirm their age with a payment method on file or other eligible methods. The company was unable to immediately specify which services, features, or actions would be inaccessible without age confirmation. This development follows the introduction of age verification gates on many web services, including pornography websites, to comply with the Online Safety Act. Ofcom noted that Apple’s decision makes the UK one of the first countries to receive new child safety protections on devices. The watchdog plans to report on the use of app stores by children and evaluate the effectiveness of age assurance by app store providers.

Amazon's cloud computing unit, Amazon Web Services (AWS), has confirmed that its region in Bahrain was disrupted due to drone activity. This incident marks the second time in a month that the company's operations have been affected by the war in the Middle East.An Amazon spokesperson confirmed the disruption, stating that the company is helping customers migrate to alternate AWS regions while it recovers from the incident. However, the company did not provide additional details on the extent of the damage or the expected duration of the disruption.The disruption comes after Iran's Islamic Revolutionary Guard Corps (IRGC) threatened to attack 'economic centres and banks' related to US and Israeli entities in the region. The IRGC-affiliated Tasnim news agency released a list of offices and infrastructure run by top US companies with Israeli links, including Google, Microsoft, and Oracle, which have branches in multiple Israeli cities and Gulf countries.AWS is critical for the operation of many well-known websites and government operations and is Amazon's main driver of profits. Earlier this month, AWS reported that facilities in Bahrain and the United Arab Emirates had lost power, and the company was working to transfer computing workloads to other regions.These attacks come after Iran claimed it is targeting US assets across the Gulf Arab states in retaliation for the joint attack on Iran by the US and Israel that began on February 28. Gulf states have accused Tehran of targeting civilian infrastructure, such as airports and energy facilities.