### Meta's Dormant Face Recognition Code Raises Privacy Alarms **Meta** has reportedly been storing dormant face recognition code, internally dubbed **NameTag**, within the companion app for its **Ray-Ban** and **Oakley** smart glasses on over 50 million phones. As reported by **WIRED**, this feature, if activated, would allow users to identify individuals by matching captured faces against a biometric gallery stored on their device. This development comes years after **Meta** publicly stated it was moving away from such technologies, following billions paid out to settle biometric privacy lawsuits in states like Texas and Illinois. ### xAI Demands Anonymity Drop in Deepfake Lawsuit In a concerning legal move, **xAI** is asking a federal judge to compel four individuals suing the company over **Grok**-generated deepfake nudes to reveal their real names. This includes one plaintiff who alleges the chatbot was used to fabricate sexual images of her as a child. The plaintiffs argue that revealing their identities would expose them to harassment and doxing from **Musk**'s online supporters, stating they would rather drop the suit. **xAI**'s lawyers, however, contend that with the deepfakes remaining under seal, there is "nothing inherently stigmatizing" about naming the victims. ### Google Fights AI Impersonation Scams with New Android Feature **Google** has rolled out a new **Android** feature aimed at combating the rising wave of AI-powered impersonation scams. These sophisticated scams allow fraudsters to spoof familiar numbers and clone voices. Integrated with **Google Dialer** and available on phones running **Android 12** or later, the feature performs a silent cryptographic handshake with the caller’s device. If the call is deemed fake, **Android** will flag it and remove the contact photo from the screen. A significant limitation, however, is that both parties must be using **Google Dialer**, leaving **iPhones** without this protection. ### New FROST Attack Fingerprints Browser Tabs and Apps Researchers have unveiled a clever new browser side-channel attack named **FROST**. This attack can fingerprint other open browser tabs and, in some cases, even identify applications running on a user's device. **FROST** achieves this by meticulously measuring the time it takes to read from a sandboxed file on the solid-state drive (SSD). Operating entirely in JavaScript, the attack feeds these timing traces into a neural network trained on the I/O signatures of common software. While highly potent, there is currently no evidence of **FROST** being exploited in the wild. ### Meta AI Support Exploit Led to High-Profile Account Hacking A significant security flaw in **Meta AI**'s automated account support system allowed hackers to easily reset passwords and take over high-profile **Instagram** accounts. Since **Meta** announced in March that AI would increasingly handle support functions, including password updates, attackers exploited this to gain access to accounts belonging to figures such as former President **Barack Obama**, the chief master sergeant of the **US Space Force**, and the makeup chain **Sephora**, as reported by **404 Media**. **Meta** states the issue has been fixed and affected accounts secured, but the incident underscores the inherent risks of offloading critical security functions to AI, especially for companies like **Meta** that are aggressively integrating AI across their platforms. ### Anthropic Aids NSA in Offensive Hacking Capabilities AI firm **Anthropic**'s powerful **Mythos** tool, known for its ability to rapidly identify previously hidden software vulnerabilities, initially raised concerns when the **US National Security Agency (NSA)** was included in its early access program. While initial reports suggested the **NSA** might use **Mythos** for defensive purposes, such as securing popular software, the **Financial Times** now reports a more concerning development: **Anthropic** is deploying its own engineers to the **NSA** to assist the agency in learning to use the AI tool for offensive hacking. While the **FT** could not confirm active hacking operations, this move signals a significant step towards the integration of advanced AI in state-sponsored cyber intrusions. ### Bill Pulte Appointed Acting Director of National Intelligence **Donald Trump** has named **Bill Pulte** as the temporary Acting Director of National Intelligence. **Pulte** steps into the role following **Tulsi Gabbard**'s resignation due to family health issues. As Acting Director, **Pulte** will be responsible for coordinating the entire U.S. intelligence community, which includes 18 different agencies such as the **Central Intelligence Agency (CIA)** and the **NSA**, playing a crucial role in national cybersecurity and threat intelligence.