Normal view
-
Security.NL maakt Nederland veilig
- Bedenkers Flipper One vragen hulp voor ontwikkeling van open Linux-platform
Bedenkers Flipper One vragen hulp voor ontwikkeling van open Linux-platform
Police seize “First VPN” service used in ransomware, data theft attacks
-
Fortinet All Blogs
- Defending Critical Infrastructure: Why OT Security Demands a Threat-Informed Approach
Defending Critical Infrastructure: Why OT Security Demands a Threat-Informed Approach
Nvidia haalt opnieuw recordomzet, 92 procent daarvan dankzij AI en datacenters
-
The Register – Security
- Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach
Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach
Cisco Patches Critical Vulnerability in Secure Workload
Insufficient validation and authentication in the Secure Workload’s REST APIs provide remote attackers with Site Admin privileges.
The post Cisco Patches Critical Vulnerability in Secure Workload appeared first on SecurityWeek.
ASUS brengt zijn laptops zonder Windows en Linux niet uit in Nederland en België
-
The Hacker News

- ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

High-NA-machines van ASML maken in de komende maanden hun eerste echte chips
Ocean Emerges From Stealth With $28M for Agentic Email Security Platform
The company has developed a platform that uses specialized AI agents to inspect every incoming message.
The post Ocean Emerges From Stealth With $28M for Agentic Email Security Platform appeared first on SecurityWeek.
-
Security.NL maakt Nederland veilig
- Grafana: aanvallers konden door vergeten GitHub-token broncode stelen
Grafana: aanvallers konden door vergeten GitHub-token broncode stelen
Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw
-
SecurityWeek
- Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention
Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention
The company blocked over 1.1 billion accounts and $2.2 billion in potentially fraudulent transactions.
The post Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention appeared first on SecurityWeek.
-
Security.NL maakt Nederland veilig
- Consumentenbond: Google, Meta en TikTok laten malafide advertenties staan
Consumentenbond: Google, Meta en TikTok laten malafide advertenties staan
TikTok, YouTube, and Roblox face scrutiny, but age gates won’t fix child safety
A damaging new report from Ofcom, the UK’s communications regulator, has delivered a stark verdict: TikTok and YouTube’s content feeds are “not safe enough” for children. This isn’t just another regulatory slap on the wrist. Ofcom is putting out a wake-up call for anyone working in cybersecurity, threat intelligence, and online safety.
In its own words:
“Notably, TikTok and YouTube failed to commit to any significant changes to reduce harmful content being served to children, maintaining their feeds are already safe for children.”
On the positive side, Snap, Meta, and Roblox agreed to adopt further safety measures to protect children from online grooming and “stranger danger.”
The BBC reports that an Ofcom survey found 84% of children aged 8 to 12 were still using at least one major service with a minimum age of 13. We reported earlier about how easy it was to fool some of the age verification methods. Researchers using under-13 accounts also reported encountering sexual content and offensive language shortly after entering specific Roblox games.
Speaking of Roblox, The Guardian reports that US advocacy groups have formally requested the Federal Trade Commission (FTC) investigate Roblox for what they call “unfair and deceptive” practices. The complaint focuses on:
- In-game purchases pressuring children to spend money
- Chat functionality exposing children to strangers
- Features designed to maximize engagement, which critics argue may be addictive
Drew Benvie, CEO of Battenhall and founder of youth safety nonprofit Raise, noted:
“Although Roblox is implementing new age-based safety measures, young players are adept at circumventing these protections.”
The cybersecurity point of view
What keeps cybersecurity researchers up at night is another angle to this problem. Many proposed age assurance solutions require users to hand over government IDs or biometric selfie data. We already talked about this in our blog, Age verification: Child protection or privacy risk?
Age verification systems create massive data collection opportunities that become prime targets for:
- Data breaches exposing sensitive personally identifiable information (PII)
- Identity theft facilitated by centralized ID databases
- Biometric data theft, which cannot be changed like passwords
- Malware and scams targeting users on less-secure platforms
When restrictions push young users toward smaller or less secure sites, they encounter:
- No basic safety protections
- Higher exposure to malware
- Increased phishing and scam risks
- Unmoderated harmful content
This is exactly what we see in threat intelligence: As defenders secure one vector, cybercriminals adapt and move elsewhere.
Safer systems beat stricter age gates
Protecting children should focus on building safer digital experiences overall. This is the only viable path forward because:
- Stronger moderation actually removes harmful content rather than just blocking access
- Safer recommendation systems prevent algorithmic amplification of harmful content
- Better platform accountability means companies can’t prioritize engagement over safety
- Avoiding invasive data collection prevents creating massive honeypots for attackers
As someone who analyzes malware and threats daily, I can tell you: security through obscurity (age gates) doesn’t work. Security through robust system design (moderation, safer algorithms, accountability) does.
Scammers don’t need to hack you. They just need you to click once.
Malwarebytes Identity Theft Protection catches suspicious activity before it becomes a problem.
TikTok, YouTube, and Roblox face scrutiny, but age gates won’t fix child safety
A damaging new report from Ofcom, the UK’s communications regulator, has delivered a stark verdict: TikTok and YouTube’s content feeds are “not safe enough” for children. This isn’t just another regulatory slap on the wrist. Ofcom is putting out a wake-up call for anyone working in cybersecurity, threat intelligence, and online safety.
In its own words:
“Notably, TikTok and YouTube failed to commit to any significant changes to reduce harmful content being served to children, maintaining their feeds are already safe for children.”
On the positive side, Snap, Meta, and Roblox agreed to adopt further safety measures to protect children from online grooming and “stranger danger.”
The BBC reports that an Ofcom survey found 84% of children aged 8 to 12 were still using at least one major service with a minimum age of 13. We reported earlier about how easy it was to fool some of the age verification methods. Researchers using under-13 accounts also reported encountering sexual content and offensive language shortly after entering specific Roblox games.
Speaking of Roblox, The Guardian reports that US advocacy groups have formally requested the Federal Trade Commission (FTC) investigate Roblox for what they call “unfair and deceptive” practices. The complaint focuses on:
- In-game purchases pressuring children to spend money
- Chat functionality exposing children to strangers
- Features designed to maximize engagement, which critics argue may be addictive
Drew Benvie, CEO of Battenhall and founder of youth safety nonprofit Raise, noted:
“Although Roblox is implementing new age-based safety measures, young players are adept at circumventing these protections.”
The cybersecurity point of view
What keeps cybersecurity researchers up at night is another angle to this problem. Many proposed age assurance solutions require users to hand over government IDs or biometric selfie data. We already talked about this in our blog, Age verification: Child protection or privacy risk?
Age verification systems create massive data collection opportunities that become prime targets for:
- Data breaches exposing sensitive personally identifiable information (PII)
- Identity theft facilitated by centralized ID databases
- Biometric data theft, which cannot be changed like passwords
- Malware and scams targeting users on less-secure platforms
When restrictions push young users toward smaller or less secure sites, they encounter:
- No basic safety protections
- Higher exposure to malware
- Increased phishing and scam risks
- Unmoderated harmful content
This is exactly what we see in threat intelligence: As defenders secure one vector, cybercriminals adapt and move elsewhere.
Safer systems beat stricter age gates
Protecting children should focus on building safer digital experiences overall. This is the only viable path forward because:
- Stronger moderation actually removes harmful content rather than just blocking access
- Safer recommendation systems prevent algorithmic amplification of harmful content
- Better platform accountability means companies can’t prioritize engagement over safety
- Avoiding invasive data collection prevents creating massive honeypots for attackers
As someone who analyzes malware and threats daily, I can tell you: security through obscurity (age gates) doesn’t work. Security through robust system design (moderation, safer algorithms, accountability) does.
Scammers don’t need to hack you. They just need you to click once.
Malwarebytes Identity Theft Protection catches suspicious activity before it becomes a problem.
Flipper One project needs community help to build open Linux platform
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution.
The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek.
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

