Pete Recommends Weekly highlights on cyber security issues, July 4, 2026

Subject: Polestar says Commerce Department is banning US sales of its cars
Source: CNN via WTAE
https://www.wtae.com/article/polestar-ban-us-commerce-department/71733700

The company said the Commerce Department’s Bureau of Industry and Security denied the company an authorization to sell vehicles, starting with the 2027 model year, under a regulation known as the Connected Vehicle Rule.

The rule, instituted during the final days of the Biden administration and kept under the Trump administration, cites national security concerns to ​ban “connected vehicle manufacturers owned by, controlled by, or subject to the jurisdiction or direction of China or Russia, and vehicles using their covered software.”

None of Polestar’s vehicles sold in the United States are built in China. The Polestar 3 is built in a Volvo plant in Charleston, South Carolina, while the Polestar 4 is built in South Korea.

Polestar said it will continue to sell the existing stock of its Polestar 3 and Polestar 4 models in the U.S. and will continue to support customers, including providing access to its service network. But the company said it will focus on future sales growth in Europe instead, where it already had 80% of its sales.


Subject: Administration to Decide Access to ChatGPT Upgrade
Source: WSJ via Newser
https://www.newser.com/story/391806/openai-to-let-administration-decide-access-to-upgrade.html

OpenAI’s newest AI is here—but whether anybody can use it is up to the Trump administration. The company on Friday said its GPT-5.6 models will roll out first to a small set of users cleared by the administration, in what OpenAI called a temporary gatekeeping step that it argues shouldn’t become standard practice and that the AP calls an unprecedented vetting. The White House has been pushing to tighten case-by-case controls on powerful AI systems in the name of national security, the Wall Street Journal reports.


Subject: Polls Reveal Just How Often Scammers Hit Us
Source: Newser
https://www.newser.com/story/391714/polls-reveal-just-how-often-scammers-hit-us.html

Most Americans are inundated with scam attempts on a daily basis—and about 3 in 10 have personally lost money or personal information to scams, according to a new AP-NORC poll. A separate survey conducted by Gallup and the Stop Scams Alliance that was provided exclusively to the AP found that last year alone, about 1 in 10 US adults said they or someone else from their household was deceived by a scammer into losing money or providing access to a financial account, with nearly half saying they lost more than $500. The landscape:


Subject: Supreme Court rules that broad cellphone location data sweeps require warrants
Source: NBC News
https://www.nbcnews.com/politics/supreme-court/supreme-court-rules-geofence-cell-phone-data-warrant-required-rcna345950

WASHINGTON — In a ruling applying individual constitutional protections to new technology, the Supreme Court on Monday ruled that sweeping use of cellphone location data requires a warrant.

The case focused on a Virginia bank robbery, where a conviction rested in part on cellphone location information law enforcement received from Google through a so-called geofence warrant. These allow law enforcement to obtain data showing cellphone users who were in the vicinity of a crime scene, even if they are not targeting a specific suspect.

Privacy rights advocates have raised concerns about geofence warrants, calling them a form of dragnet surveillance because the information is not just about one suspect, but anyone who was in the location in question. They have warned that such warrants could be used to target disfavored political groups, including protesters.

The Supreme Court has, in previous cases, addressed how the Fourth Amendment applies to new technology, ranging from wiretaps and thermal imaging to GPS tracking devices. In a similar case, the court ruled in 2017 that warrants are required to obtain location information derived from data picked up from cellphone towers.


Subject: Cybersecurity firms targeted by fraudulent OpenAI organization invites
Source: BleepingComputer
https://www.bleepingcomputer.com/news/security/cybersecurity-firms-targeted-by-fraudulent-openai-organization-invites/
[h/t Sabrina] Threat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company information in chats and projects.

Push Security discovered what they dub as the “Poisoned Tenant” campaign after multiple employees received invitations to join an OpenAI organization named “Push Security Inc.”  While the invite was legitimate, coming directly from OpenAI, the ChatGPT tenant had been created by an attacker using Gmail addresses rather than by the company.

The invitation emails were sent from OpenAI’s legitimate notification address, [email protected], passed email authentication checks, and were identical to a normal invitation to join an organization’s ChatGPT workspace.

BleepingComputer contacted OpenAI to ask whether it has received additional reports of similar campaigns, what protections organizations can use against these attacks, and whether it plans to introduce additional safeguards to prevent attackers from creating organizations impersonating legitimate companies. We will update this article if we receive a response.

Tagged:


Subject: PrivacyHawk Enterprise helps organizations find shadow IT and minimize third-party cyber risk
Source: Help Net Security
https://www.helpnetsecurity.com/2026/06/29/privacyhawk-enterprise/

PrivacyHawk has announced the general availability of PrivacyHawk Enterprise, a solution that identifies and eliminates the shadow IT accounts, abandoned SaaS subscriptions, and forgotten third-party services quietly exposing organizations to breach risk.

Every organization has an invisible attack surface. Shadow AI tools. Free trials nobody cancelled. Third-party services still holding employee data from years ago. Over time, that hidden footprint grows largely undetected, and traditional security tools were never built to find it.

PrivacyHawk Enterprise solves that gap. The service gives security teams full visibility into their employees’ external digital footprint, automates data deletion across thousands of third-party services, and reduces the exposure that existing tools leave behind.

“Organizations with hundreds or thousands of employees can have millions of third-party shadow IT accounts they didn’t even know existed,” said Aaron Mendes, CEO of PrivacyHawk. “Every one of those is a potential data exposure waiting to happen. We’ve already helped millions of American consumers reduce their digital footprint — now we’re bringing that same automated capability to businesses, nonprofits, and government agencies that need it just as badly.”


Subject: US tech dependence: A risk report for European businesses
Source: Proton Blog
https://proton.me/business/blog/us-tech-risk-report-for-europe

Across Europe, most companies run on American technology — often without realizing just how much of their day‑to‑day operations depend on it. From email and video calls to customer support systems, hundreds of mission-critical tools pass through a handful of US platforms.

For decades, that felt like a reasonable trade‑off: powerful tools, competitive prices, and confidence in the US as a geopolitical ally. But those assumptions no longer hold: Big Tech tools are no longer the only option, and EU policymakers believe they’re not worth the price of European sovereignty.

As political tensions intensify and privacy demands increase, Europe’s reliance on US tech is starting to look less like a convenience and more like a liability — especially for small- and mid-sized businesses without a business continuity option.

To help European businesses navigate the uncertainty and the transition to tech sovereignty, Proton is releasing a new intelligence report today, US tech dependence: A risk report for European businesses. In it, we examine how this dependence developed, where it creates risk, and what leaders can do to regain control.

How deep does Europe’s dependence go?

[above PDF is 17 pages] ToC:

Table of Contents

  • 01
    Europe’s digital sovereignty problem 2
    Business liabilities of US tech dependence 401
    Geopolitical tensions 5
    Downtime and security vulnerabilities 6
    US government surveillance concerns 8
    Compliance and regulatory issues 9
    Loss of digital sovereignty 10
  • 02
    Strategies to protect your business 11
    Diversification and staying agile 12
    Transparency and aligned values 12
    Non-US providers 13
    Avoiding unnecessary dependencies 13
    Conclusion
    About Proton
    Sources

Subject: FBI Seizes NetNut Proxy Platform, Popa Botnet
Source: Krebs on Security
https://krebsonsecurity.com/2026/07/fbi-seizes-netnut-proxy-platform-popa-botnet/

The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa botnet, a collection of at least two million devices that have been compromised by malicious software with little or no consent from victims.On June 19, three different security firms issued similar findings: That NetNut is a residential proxy network which populates a botnet called Popa, and distributes software for devices commonly found in homes, such as smart TVs and streaming boxes. NetNut’s software turns those systems into always-on residential proxy nodes that are rented to others, who predominantly use them to relay abusive and intrusive Internet traffic, such as mass content scraping, advertising fraud, and account takeover activity.Earlier today, NetNut’s homepage was replaced with a seizure notice from the FBI and the Internal Revenue Service Criminal Investigation division. The seizure notice thanked Google, Lumen, Shadowserver and other industry partners for their help in dismantling hundreds of domains tied to the Popa botnet, which experts say has long been synonymous with NetNut’s residential proxy infrastructure

“These bad actors can use NetNut to mask their origin IP address when accessing victim environments, accessing their own infrastructure, and conducting password spray attacks,” Google’s GTIG wrote. “Furthermore, when a consumer device becomes an exit node, unauthorized network traffic passes through it. This means bad actors can access other private devices on the same home network, effectively exposing them to Internet threats.”

Brundage said NetNut’s apparent demise is likely to be a great disadvantage for the cybercrime community, which was already reeling from legal actions by Google earlier this year that seized infrastructure for NetNut’s biggest competitor — IPIDEA.

“I think this takedown is going to have a big impact, because NetNut gained significant popularity after the IPIDEA takedown,” he said. “Also NetNut has been incredibly common among resellers, and they were on par with IPIDEA in terms of their daily traffic, quality, size, price per gigabyte, all of it.”


Subject: FBI released a PSA about TeamPCP
Source: Brian Krebs Mastodon toot
https://infosec.exchange/@briankrebs/116851299579479396

The FBI has released a PSA about TeamPCP, a data extortion group blamed for what’s been called the longest running streak of software supply-chain hacks ever. TeamPCP is responsible for a godawful number of popular code packages getting backdoored over the past six months. In the process they’ve compromised even more repos in a wormlike fashion, including a number of security tools like Trivy/Aqua Security, CheckMarx, and LiteLLM. TeamPCP also recently compromised GitHub, infecting at least 3,800 repositories with credential-stealing malware.

Subject: Google Loses Final Appeal Over €4.1B EU Android Fine
Source: AndroidHeadlines
https://www.androidheadlines.com/2026/07/google-loses-final-appeal-eu-android-antitrust-fine.html

The Court of Justice of the European Union has dismissed Alphabet’s final appeal, officially upholding a historic €4.1 billion ($4.67 billion) antitrust fine first imposed on Google in 2018. The ruling solidifies findings by the European Commission that Google leveraged its massive Android market dominance to freeze out mobile rivals by forcing device manufacturers to pre-install Google Search and Chrome as exclusive defaults.

The tech world’s longest legal boxing match has finally reached its closing round, and the final decision is a massive blow to Alphabet. In a recent ruling, the Court of Justice of the European Union—the bloc’s highest judicial authority—has officially dismissed Google‘s final appeal, permanently sealing a record-setting €4.1 billion ($4.67 billion) antitrust fine originally handed down by regulators nearly a decade ago.

The mobile pre-installation trap – The corporate dispute dates back to a 2016 investigation by the European Commission. Regulators discovered that Google was systematically abusing its dominant market position to squeeze out competing web browsers and search platforms. To put some perspective, Google currently exceeds an 80% market share across multiple European territories.

To achieve this near-monopoly, Google forced Android mobile network operators and hardware manufacturing companies to pre-install Google Search, the Chrome browser, and the Google Play app ecosystem onto their devices as an exclusive, mandatory default configuration. If phone brands wanted access to essential apps, they had to play by Google’s rigid rules. The Court of Justice ruled that lower tribunals made no legal errors when evaluating the severe anticompetitive effects of these deployment strategies. This way, they confirm that the multi-billion-dollar penalty perfectly matched the gravity of the infraction (via Reuters).

Posted in: AI, Cybercrime, Cybersecurity, Economy, Financial System