Weekly Security & Privacy Highlights: Key Developments and Breaking News

Notable Incidents and Regulatory Updates

• Minneapolis Shooting and ICE Testimony: On Wednesday, a federal agent fatally shot 37-year-old Renee Good in Minneapolis. WIRED has since published December 2024 federal court testimony from Jonathan Ross, the reported ICE shooter, who identified himself as a firearms trainer with "hundreds" of professional encounters with drivers during enforcement actions.

• AI Chatbot Controversy: xAI’s Grok, an AI-powered chatbot developed by Elon Musk, faced scrutiny this week after the platform expanded access to digital "undressing" capabilities, enabling users to generate and share nude images of individuals on the social media platform X. A WIRED review revealed Grok’s official website hosted more explicit content—including violent sexual imagery and depictions of apparent minors—than X itself. Researchers and activists have criticized the app stores of Apple and Google for retaining Grok and X, noting other "nudify" apps were removed for violating terms of service. On Friday, X restricted image generation with Grok to paid, "verified" users, though sexualized content creation persists on the platform.

• Privacy and Security Tips: For WhatsApp users, we provide guidance to enhance privacy in the end-to-end encrypted app. Additionally, with invasive spyware continuing to spread globally, we offer a comprehensive guide to smartphone protection.

Major Global Security Developments

1. ICE’s New Surveillance Tools Enable Neighborhood-Scale Monitoring

Materials obtained by 404 Media have shed light on Penlink’s Tangles and Webloc surveillance platforms, contracted by ICE in September. These tools monitor entire neighborhoods for mobile phones and track devices over time, leveraging commercial location data to map individuals’ residential, occupational, and social patterns.

Nathan Freed Wessler, deputy project director at the ACLU’s Speech, Privacy, and Technology Project, stated: "This is a very dangerous tool in the hands of an out-of-control agency. This granular location information paints a detailed picture of who we are, where we go, and who we spend time with."

2. Iran Reimposes Nationwide Internet Blackout Amid Protests

Over the past two weeks, thousands of Iranians have protested against economic and political grievances. In response, Iran imposed a 24-hour+ internet shutdown as of January 9, blocking social media and disrupting financial services. This marks the latest in a pattern of digital isolation—previous shutdowns occurred in 2025, 2022, and 2019—aimed at suppressing protests and information dissemination, while causing severe economic harm.

3. Extradition of Alleged $15 Billion Scam Ring Leader

Cambodian national Chen Zhi, accused of orchestrating a $15 billion scam and forced labor compounds across Cambodia, was extradited to China from Cambodia this week. U.S. and U.K. officials sanctioned Chen and his company, Prince Holding Group, in October. While charges against Chen remain unclear, authorities frame his case as part of a global crackdown on transnational scam networks.

4. China’s "Salt Typhoon" Hackers Compromise U.S. Congressional Emails

State-backed Chinese hackers from the "Salt Typhoon" group breached emails of U.S. congressional staff in December, targeting the House China Committee, Intelligence Committee, and others. This follows a series of high-profile breaches, providing Chinese intelligence with access to U.S. government communications—a significant escalation in state-sponsored espionage.

Weekly Security & Privacy News Roundup

We summarize additional stories not covered in-depth this week. Click headlines for full analysis: [Full Story Links]

Stay informed and prioritize digital safety.