Last weekend, a gunman tried to get into the White House Correspondents’ Dinner in Washington, DC, while President Donald Trump, Vice President JD Vance, and other top officials were present. News outlets and Trump himself quickly named the suspect as Cole Tomas Allen, a 31-year-old engineer and computer scientist from California. He was arrested at the scene on Saturday and appeared in the US District Court for the District of Columbia on Monday, facing three federal charges: attempted assassination of the president, transporting a firearm across state lines, and firing a gun during a violent crime.
This week, the FIDO Alliance—an organization that sets authentication standards—launched new working groups alongside Google and Mastercard to create technical safeguards for verifying and securing transactions started by AI agents. At the same time, as AI use grows more widespread and sensitive, OpenAI introduced an “advanced” security risk mode for ChatGPT and Codex accounts that face a higher threat of cyberattacks.
New findings this week highlighted a disturbing incident in which 90,000 screenshots taken from a European celebrity’s phone were leaked online. This underscores the dangers posed by off-the-shelf spyware—not only as a violation of personal privacy but also as a gateway to large-scale data leaks and misuse. Separately, WIRED reported on arrests in the United Arab Emirates linked to people sharing screenshots and other digital content online.
And there’s more. Every week, we compile the security and privacy stories we didn’t cover in detail. Click the headlines to read the full reports. And stay safe out there.
The Happiest Place on Earth just got a little more unsettling. The Walt Disney Company announced this week that guests visiting Disneyland Park and Disney California Adventure Park can now “opt in” to enter through lanes equipped with facial recognition technology. While Disney emphasizes that using facial recognition is “entirely optional,” it also notes that “you may still have your image captured” even if you use non-facial-recognition entry lanes. Like most such systems, Disney’s converts facial images into numerical codes that can be used to match faces in other photos. The company says these codes will be deleted after 30 days, “unless retention is required for legal or fraud-prevention reasons.”
Facial recognition is now common across the U.S. and globally. Police departments routinely use it, but it’s also spread into daily life—from airports and major sports venues like MLB and NFL stadiums to places like Madison Square Garden.
Anthropic’s Mythos Preview AI model has proven so skilled at uncovering exploitable software flaws that access has been tightly controlled to keep it out of the hands of cybercriminals. So it’s hardly surprising that the National Security Agency is already testing it.
Bloomberg News and Axios reported this week that the NSA was among a select group of agencies and companies given early access to Mythos, which so far has been shared with only 40 organizations, according to Axios. The agency has used the tool to scan Microsoft’s software for vulnerabilities—unsurprisingly, since Microsoft powers most of the world’s PCs—and sources speaking anonymously to Bloomberg said the NSA was impressed by how quickly and effectively Mythos found exploitable weaknesses. After all, part of the NSA’s mission includes helping the U.S. government identify and fix security holes in its own software, while also sometimes leveraging those same flaws for intelligence operations.
The NSA’s use of Anthropic’s AI tool appears to be moving forward despite the Department of Defense’s official ban on the company, which followed Defense Secretary Pete Hegseth’s claim that Anthropic poses a supply chain risk. Hegseth stated in February that the DOD would phase out Anthropic’s tools over six months, and Anthropic has filed a lawsuit to block the ban. Since the NSA falls under the DOD, it remains unclear whether the agency is simply using Mythos during the transition period—or whether the tool’s capabilities might lead the NSA to reconsider the ban or grant an exception.
The ransomware group Scattered Spider has carried out some of the most destructive extortion-driven hacking campaigns in recent years, including attacks on MGM Resorts, Caesars Entertainment, and retailers like M&S and Harrods. What sets it apart from other ransomware gangs is its membership: often very young, English-speaking hackers based in countries that cooperate with U.S. law enforcement—making them more likely to be caught.
The latest alleged member to be charged is 19-year-old Peter Stokes, arrested at a Finnish airport as he was about to board a flight to Japan. According to the Chicago Tribune, a now-sealed criminal complaint details Stokes’ alleged role in targeting four companies hit by Scattered Spider. He is accused of helping steal millions from these unnamed victims, which included an online communications platform and a luxury retailer. The complaint also describes his lavish lifestyle—traveling from Dubai to Thailand to New York—and includes a photo of him wearing a diamond-studded necklace inscribed with “HACK THE PLANET.”
A Medicare database accidentally left exposed on the public internet revealed Social Security numbers and other sensitive personal details of healthcare providers across the U.S., according to the Washington Post. The database was part of an online directory run by the Centers for Medicare and Medicaid Services (CMS), designed to help patients check which insurance plans their providers accept. The Post reports that the exposed data was accessible for “at least several weeks.” The directory’s rollout is part of the Trump administration’s push to “build a national database of healthcare providers,” overseen by Amy Gleason, acting head of the U.S. DOGE Service and a CMS official.
