Popular VPN Apps Exposed as Security Risk After Shocking Report

Citizen Lab released a report on August 19, 2025, uncovering that many popular VPNs, including Turbo VPN, Snap VPN, and VPN Monster, are secretly owned by the same companies. Researchers found that these apps share code, servers, and even the same hard-coded passwords, creating serious risks for millions of users.

The study, titled Hidden Links, was co-authored by Benjamin Mixon-Baca, Jeffrey Knockel, and Jedidiah Crandall. It revealed that companies like Innovative Connecting, Autumn Breeze, and Lemon Clove, with over 700 million downloads, are tied to Qihoo 360, a Chinese security firm sanctioned by the U.S. government. “If one app in a family is vulnerable, so are all the others,” the researchers warned.

The investigation also showed that these VPNs used weak encryption and Shadowsocks technology, originally designed to bypass Chinese censorship, not protect privacy. Some apps even collected user locations despite claiming otherwise.
Citizen Lab urged greater transparency and stricter checks by app stores to protect users from these hidden risks.

Read: https://hackread.com/citizen-lab-vpn-networks-sharing-ownership-security-flaws/

UK Retreats After US Pressure Forces End to Apple Encryption Backdoor Plan

The U.K. government has dropped its January 2025 order demanding Apple build a secret backdoor into iCloud, which would have weakened encryption for U.S. citizens. The reversal followed strong pushback from U.S. officials and civil liberties advocates.

U.S. Director of National Intelligence Tulsi Gabbard confirmed the news in a statement, saying, “The U.K. has agreed to drop its mandate for Apple to provide a backdoor that would have encroached on our civil liberties.” Apple had previously disabled its Advanced Data Protection feature for British users after the order, sparking outrage.

The secret mandate was issued under the Investigatory Powers Act, which critics warned could open the door for hackers and authoritarian regimes to exploit. Apple stood firm, declaring, “We have never built a backdoor or master key to any of our products or services, and we never will.”

It remains unclear if Apple will restore Advanced Data Protection in the U.K., but the government’s retreat is seen as a major win for privacy rights.

Read: https://thehackernews.com/2025/08/uk-government-drops-apple-encryption.html

BIS Proposes Transaction Scoring System to Enforce Crypto AML Compliance

Economists at the Bank for International Settlements (BIS) have proposed a compliance framework for cryptoassets that introduces an “AML compliance score” to evaluate each unit of value based on its transaction history. Under the model, each bitcoin UTXO or stablecoin wallet would receive a score from 0 to 100, depending on whether it has passed through wallets that meet Know Your Customer (KYC) requirements. Assets linked to deny-listed or no-KYC wallets would be rated poorly, rendering them ineligible for redemption at regulated off-ramps.

This system relies on the existence of on-chain allow lists comprising verified wallets, and would apply even to non-custodial or unhosted wallets. The BIS envisions a market-driven model in which compliance is incentivized by economic necessity. To support this, a new class of compliance service providers could offer users affordable tools to assess coin histories before transacting, reinforcing what the paper calls a “duty of care.”

However, the proposal effectively shifts the burden of compliance from institutions to individuals. It assumes that everyday users will be responsible for verifying the origin of digital assets before accepting or using them—an expectation comparable to requiring individuals to validate the history of every physical banknote before use.

Read: https://www.therage.co/bank-of-international-settlements-kyc-non-custodial-wallets/


Google Sparks Outrage After GOP Fundraising Emails Sent to Spam

Google is once again under fire after a memo revealed that Gmail flagged Republican fundraising emails as “dangerous” and sent them to spam. The issue was reported in June and July 2025 by consulting firm Targeted Victory, which works with Republican leaders such as Rep. Steve Scalise and Sen. Marsha Blackburn. In contrast, Democratic fundraising emails were delivered without problems.

The firm’s tests showed that emails with links to WinRed, the GOP fundraising platform, were blocked, while ActBlue links for Democrats passed through. “The only difference between the two emails was the link. ActBlue delivered. WinRed got flagged,” the memo said.
Google spokesperson José Castañeda defended the company, saying filters “apply equally to all senders, regardless of political ideology.” Yet this isn’t the first time Google has faced accusations of political bias.

Critics, including former President Donald Trump, argue that this filtering could unfairly influence campaigns. Targeted Victory warned, “This should alarm every campaign and committee that relies on email to connect with voters.”

Read: https://nypost.com/2025/08/13/business/google-caught-flagging-gop-fundraiser-emails-as-suspicious-sending-them-directly-to-spam-memo/


ChatGPT 5 Leaves Users Shocked With Strange Changes and Hidden Tricks

ChatGPT-5 rolled out last week, and many users quickly noticed something had changed. Mark E. Jeftovic, who had been working with GPT-4’s Agent Mode, said the feature suddenly vanished after the update. When he asked GPT-5 to add citations to a draft, it bizarrely cited the very document he was working on. “It just seemed like suddenly, ChatGPT became a little brain-dead,” Jeftovic wrote.
Confused by the shift, he discovered a video by Dylan T. Davis, known as D-Squared, explaining the major update. GPT-5 now uses a routing engine to decide which model responds, and users can guide it more effectively with structured prompts like XML tags.

The video also introduced OpenAI’s new prompt optimizer, allowing users to refine requests and even create rubrics for better answers. These hidden tricks can unlock more accurate responses. Jeftovic concluded that if ChatGPT feels different, it’s not your imagination. Something really has changed with GPT-5.

Read: https://axisofeasy.com/leveraging-ai-and-llms/chatgpt-5-is-out-is-it-brain-dead-or-are-we/


Allianz Life Hack Exposes Data of Over a Million Customers

Allianz Life confirmed in July that hackers breached its systems, stealing data from a Salesforce-hosted database. The attack exposed personal details of 1.1 million customers, according to breach tracker Have I Been Pwned. Stolen data includes names, birth dates, emails, home addresses, and phone numbers. Later filings in Texas and Massachusetts revealed that Social Security numbers were also compromised.

The breach hit not only customers but also Allianz employees, with the company admitting that the “majority” of its 1.4 million clients were affected. Brett Weinberg, spokesperson for Allianz Life, declined to comment further, saying the investigation is still ongoing.
The hacking group ShinyHunters is believed to be behind the attack. Known for social engineering tricks, the group has also hit Google, Cisco, Qantas, Pandora, and HR giant Workday in recent months. Experts warn ShinyHunters may soon launch a data leak site to pressure victims into paying ransoms.

“This should alarm every campaign and committee that relies on email to connect with voters,” warned the memo.

Read: https://techcrunch.com/2025/08/18/hr-giant-workday-says-hackers-stole-personal-data-in-recent-breach/