Lmst

@humanhorseshoes @briankrebs OFC it is too weak ON PURPOSE!

#GDPR should've been sharper and harder than #BDSG and #COPPA together, banning the #BusinessModel of #DataBrokers like #NSAbook / #StasiBook for good!

La salud mental adolescente y la soledad centran la primera Semana de la Psicología en Aragón

https://fed.brid.gy/r/https://arainfo.org/la-salud-mental-adolescente-y-la-soledad-centran-la-primera-semana-de-la-psicologia-en-aragon/

BAGNOLI (NA): I COMITATI BLOCCANO I TIR DELLA COPPA AMERICA CHE PROVOCANO VORAGINI E INQUINAMENTO https://www.radiondadurto.org/2026/02/11/bagnoli-na-i-comitati-bloccano-i-tir-della-coppa-america-che-provocano-voragini-e-inquinamento/ #Movimento #NAZIONALI #Ambiente #america #bagnoli #blocchi #Salute #lavori #napoli #Coppa #digos #Eddy #cup #tir

This is extremely alarming but not at all surprising.
The argument in this article is that OpenAI's new "Dime" ChatGPT-powered earbuds cannot possibly be legal because they cannot possibly avoid violating COPPA.
And leaving aside the legalities, this article also explains how incredibly harmful this product will be to users and society.
Read the whole article, I can't do it justice in a post.
https://www.linkedin.com/pulse/device-cant-legally-exist-room-children-travis-gilly-icmpe/
#OpenAI #Dime #COPPA #infosec #privacy #ChatGPT

In a recent Corporate Compliance Insights article, Stacey Brandenburg and Yiannis Vandris explain how three recent FTC child-related cases provide insight into potential COPPA risks for businesses and compliance professionals.

#COPPA #FTC #Privacy

https://www.zwillgen.com/publication/what-recent-ftc-enforcement-actions-reveal-about-coppa-risks

@phpete so yeah I hope none of the users were #EU citizens or residents, cuz #GDPR fines make #COPPA look like pocket change...

RADIO AFRICA: L’AMICIZIA TRA SENEGAL E MAROCCO OLTRE IL CALCIO, LE ELEZIONI IN UGANDA E IL RISARCIMENTO DEI CRIMINI COLONIALI https://www.radiondadurto.org/2026/01/29/radio-africa-lamicizia-tra-senegal-e-marocco-oltre-il-calcio-le-elezioni-in-uganda-e-il-risarcimento-dei-crimini-coloniali/ #Internazionale #INTERNAZIONALI #AlbertoMagnani #KadduModuModu #AbdouNdao #sole24ore #Economia #Politica #elezioni #Museveni #Diritti #Marocco #nairobi #SENEGAL #Africa #uganda #Coppa #kenya #radio #2026

⚖️ #Google agrees to pay $8.25M to settle a class-action over claims it tracked children’s data in Play Store apps without parental consent and violated children’s privacy protections

Read: https://hackread.com/google-settlement-child-data-tracking-play-store/

#Privacy #ChildSafety #Lawsuit #PlayStore #COPPA

Congress Wants To Hand Your Parenting To Big Tech

https://fed.brid.gy/r/https://www.techdirt.com/2026/01/21/congress-wants-to-hand-your-parenting-to-big-tech/

El Colegio de Psicología de Aragón alerta del aumento de la depresión y reclama la incorporación de profesionales en Atención Primaria

https://fed.brid.gy/r/https://arainfo.org/coppa-aragon-depresion-atencion-primaria/

@CatAClock @Daojoan #Roblox is just a shitshow and should be #banned for being a violation of #COPPA, being full of #CSAM, pedos grooming and sexting minors, child #Gambling and minors exploiting each other for #labour and #money!
1
2

I'm not angry, just disappointed…

#Disney agrees to pay a $10M civil penalty after the US DOJ and FTC say its YouTube videos weren’t properly labeled as for kids, allowing children’s data to be collected without parental consent under #COPPA.

Read: https://hackread.com/disney-fine-violating-children-privacy-laws-youtube/

#ChildPrivacy #YouTube #DataProtection #CyberSecurity #Privacy

Alright team, it's been a pretty packed start to the year in cyber! We've got some interesting developments on active exploitation, new malware campaigns, and a couple of big names facing regulatory heat. Let's dive in:

Recent Cyber Attacks ⚠️

- Unleash Protocol, a decentralised IP platform, lost approximately $3.9 million in crypto due to an unauthorised smart contract upgrade, initiated by an external address gaining administrative control via multisig governance.
- A Lithuanian national was extradited to South Korea for infecting 2.8 million systems globally with clipboard-stealing malware, disguised as the KMSAuto Windows/Office activator, siphoning around $1.2 million in virtual assets.
- Amazon successfully blocked over 1,800 suspected North Korean operatives from infiltrating its workforce since April 2024, who were posing as IT workers or recruiters to steal credentials and source code, as DPRK crypto theft surged to $2 billion in 2025.

📰 The Hacker News | https://thehackernews.com/2026/01/threatsday-bulletin-ghostad-drain-macos.html

Actively Exploited Vulnerabilities 🛡️

- The RondoDox botnet has been actively exploiting the critical React2Shell (CVE-2025-55182, CVSS 10.0) RCE flaw in React Server Components and Next.js since December 2025, targeting IoT devices and web servers to deploy crypto miners and Mirai botnet variants.
- A coordinated campaign, primarily from Japan-based infrastructure, systematically exploited over 10 Adobe ColdFusion CVEs from 2023-2024 during Christmas 2025, leading to direct code execution, credential harvesting, and JNDI lookups.
- Researchers identified a 4-second window where AWS IAM eventual consistency allows attackers to leverage deleted access keys to create new ones, achieving persistence even after defenders believe credentials are revoked.

📰 The Hacker News | https://thehackernews.com/2026/01/rondodox-botnet-exploits-critical.html
📰 The Hacker News | https://thehackernews.com/2026/01/threatsday-bulletin-ghostad-drain-macos.html

New Threat Research & Malware Campaigns 🚨

- The GlassWorm supply chain campaign has resurfaced, now targeting macOS users with malicious Open VSX extensions (50,000 downloads) to steal funds from over 50 browser extension wallets, iCloud Keychain data, and developer credentials.
- OceanLotus (APT) is targeting China's Xinchuang initiative, exploiting CVE-2023-52076 (RCE in Atril document viewer) and deploying custom ELF Trojans specifically designed to bypass traditional Linux system checks on indigenous innovation platforms.
- The IPCola proxy network, offering 1.6 million IPs, is powered by the GaGaNode decentralised bandwidth monetization service, whose SDK contains a critical RCE vulnerability, enabling broad compromise of IoT, desktop, and mobile devices.
- Large-scale mobile adware campaigns, GhostAd (Android) and SkyWalk (iOS), are draining device resources and defrauding advertisers by running persistent background ad engines and serving invisible ads, respectively.
- Magecart attacks are evolving into full identity compromise, hijacking checkout and account creation flows with fake payment forms, phishing iframes, and anti-forensics techniques to steal credentials and personal information.
- A new cybercrime tool, ErrTraffic, automates "ClickFix" attacks by generating fake browser glitches on compromised websites, tricking users into installing information stealers or Android banking trojans.
- Kaspersky discovered 'Keenadu', a pre-installed backdoor in libandroid_runtime.so on certain Android tablet models, providing remote access for data exfiltration and command execution.

📰 The Hacker News | https://thehackernews.com/2026/01/threatsday-bulletin-ghostad-drain-macos.html

Threat Landscape & AI Concerns 🧠

- Reddit banned the r/ChatGPTJailbreak subreddit (229,000 users) for violating rules, highlighting ongoing challenges with LLM safety filters, prompt injections, and the potential for generating non-consensual deepfakes; poetic prompts were found to increase attack success rates fivefold.
- Research details "hacktivist proxy operations" where ideologically aligned non-state cyber groups conduct disruptive activities (DDoS, defacement) that align with state geopolitical interests, providing plausible deniability for the benefiting state.

📰 The Hacker News | https://thehackernews.com/2026/01/threatsday-bulletin-ghostad-drain-macos.html

Regulatory & Corporate Accountability ⚖️

- Reuters reported that Meta developed a "playbook" to mislead regulators about the prevalence of scam ads on its platform, by systematically deleting fraudulent ads from its Ad Library during regulatory searches.
- Disney agreed to pay a $10 million civil penalty to settle FTC allegations of violating children's privacy laws (COPPA) by misdesignating YouTube content, leading to unlawful data collection and targeted advertising without parental consent.

📰 The Hacker News | https://thehackernews.com/2026/01/threatsday-bulletin-ghostad-drain-macos.html

#CyberSecurity #ThreatIntelligence #Vulnerabilities #RCE #Botnet #Malware #APT #SupplyChain #Adware #AdFraud #CryptoScam #NationState #DPRK #AI #LLM #DataPrivacy #COPPA #RegulatoryCompliance #InfoSec #IncidentResponse

Disney hit with a $10 million penalty for alleged child privacy violations on YouTube. The Justice Department announced the settlement, which also prohibits Disney from operating in ways that violate the Children's Online Privacy Protection Act. This marks a significant step in safeguarding children's online data. Discover the full story: https://www.cnbc.com/2025/12/30/disney-child-privacy-youtube.html #Privacy #COPPA #YouTube #Disney

@eunews how about arrest warrants for #DSA / #GDPR / #BDSG violations, @EUCommission @Bundesregierung ?

After all, the #US wouldn't hesitate either to when it comes to #COPPA & #HIPAA!

AI w zabawkach dla dzieci – czy misiom brakuje zdrowego rozsądku?

Co może powiedzieć pluszowy miś z “AI”, kiedy dziecko pyta go o ulubioną bajkę? Jeśli wierzyć najnowszym testom, potrafi wejść w rozmowy o seksie, narkotykach, a nawet powtarzać chińską propagandę.

Czytaj dalej:
https://pressmind.org/ai-w-zabawkach-dla-dzieci-czy-misiom-brakuje-zdrowego-rozsadku/

#PressMindLabs #coppa #filtrytresci #generatywnaai #propaganda #prywatnoscdzieci