2.
400+ Arch Linux AUR packages compromised by a fake maintainer
An attacker adopted orphaned AUR packages and inserted infostealer malware and a rootkit, making old community-maintained packages an immediate audit target
@IntCyberDigest on Backlist
4 appearances on the backlist front page in the last 30 days.
10.
Meta account recovery reportedly exposes PII from a username
Unauthenticated account recovery revealing emails or phone numbers from usernames would be a severe privacy failure at social-network scale
13.
German police bought app-derived location data without warrants
Commercial phone-location datasets let German state police track devices outside normal warrant processes, exposing a surveillance loophole in the data-broker economy
17.
EU digital identity wallets require Apple or Google accounts
Europe’s sovereign digital identity wallet depending on Apple or Google accounts exposes a gap between digital sovereignty goals and mobile platform reality