(Credit: Getty Images)
Last week, we covered a new iPhone hack called “DarkSword” that targets mostly iPhones running iOS 18.4 to 18.7. Well, that story has taken a predictable (but still terrifying) turn this week, as the code for the vulnerability has leaked on GitHub and is now in the hands of anyone willing to make it work on newer devices. So if you haven’t updated to iOS 26, now’s the time—seriously.
The trouble with DarkSword is that it can be secretly installed if hosted on a malicious website. All an unsuspecting user on a vulnerable device has to do is visit the site, and that’s it. Even worse, security researchers say the leaked version on GitHub will work pretty much out of the box, so anyone can download and deploy it for their own ends. Apple also suggested that iPhone users consider using Lockdown Mode, which we definitely recommend.
This week, we reported that Crunchyroll, the Sony-owned anime streaming service, was breached through an outsourced customer service firm, and hackers were able to get over 100GB of data from more than 8 million support ticket records, including 6.8 million email addresses, Crunchyroll account usernames, login names, geographic locations, IP addresses, and more.
In other news, a 35-year-old man in China reportedly created a vast network of sites on the dark web designed to dangle illegal content in front of would-be buyers (but never actually deliver), and made over $400,000 in profit as a result. The scheme has since been exposed following an investigation launched in 2021. Europol has taken down the sites, and they’ve issued an international arrest warrant for the suspect. Additionally, since buying the material the suspect was allegedly selling is also illegal, law enforcement tracked the cryptocurrency payments to over 400 buyers who are now also under investigation.
Last, but certainly not least, the PCMag security team has been at the 2026 RSAC Conference this week, which is just wrapping up. While we compile our thoughts on the scariest, most interesting things we saw at the event, take a look at some of our coverage from the show, which includes Sandra Joyce, Google vice president for threat intelligence, urging security professionals to take the fight to hackers by making their jobs as risky and expensive as possible. We also covered a panel of four former NSA chiefs, who pointed out that, collectively, we’ve become numb to cybersecurity threats and that there isn’t much political interest or will to pass national privacy or cybersecurity legislation. We also covered a talk on the show floor that pointed out that while more and more people, especially domestic abuse survivors, are turning to AI chatbots for help, those same systems simply aren’t designed or prepared to help, or even help keep their conversations safe from potential abusers.
Let’s see what else is going on in the infosec world this week.
Navia Breach Exposed Employee Benefit Info of More Than 2.7M People
When you think of major hacks, you usually also associate them with big companies, like the huge National Public Data breach or the notorious Equifax hack. That’s fine, but sometimes it’s the companies you’ve never heard of that hold the most data. Navia Benefit Solutions is a company that, as its name suggests, manages employee benefits, including health care and retirement solutions, for thousands of companies in the United States. That means they have a lot of personal information on a lot of people. Between December 2025 and January 2026, hackers had access to the company’s networks and, by extension, a ton of personal data on millions of people.
The company discovered the intrusion in late January, and subsequently said that the hackers had access to names, social security numbers, dates of birth, whether a person had Health Reimbursement Arrangements (HRAs) and Flexible Spending Accounts (FSAs), as well as employee termination dates, benefit start dates, and COBRA status. Navia representatives said in a statement that no claims data or specific financial information was lost in the breach, but let’s be real: the information that was lost is more than enough to enable targeted phishing attacks. Of course, the company is offering a year of free credit monitoring and identity theft protection to anyone impacted by the breach, which is the bare minimum we expect these days, but we’ll see if anything more (like a class action lawsuit) comes out of this one in the future.
Millions of ‘Anonymous’ Tips Exposed in Massive Crime Stoppers Hack
You’ve probably seen Crime Stoppers on the evening news, or on posters in public places, where the police request tips or offer rewards for information leading to the arrest of someone who allegedly committed a crime. What you may not know is that Crime Stoppers, the non-profit, actually contracts with a private intelligence management company, P3 Global Intel, to collect and organize the tips that you send to them. P3’s other clients include the US military, public school systems, and, of course, law enforcement agencies. And like any company that handles sensitive data, security is important and should be taken seriously.
So when Straight Arrow News reported that a hacktivist group called The Internet Yiff Machine managed to obtain millions of “anonymous” tips collected by P3 and claimed its servers were hilariously insecure, I wasn’t that surprised. But what was surprising was how much personal information was associated with those “anonymous” reports.
In fact, the data included everything from social security numbers, criminal histories, full names, addresses, dates of birth, license plate numbers, and more, not just for the people the tipsters called to report, but also for the tipsters themselves. For its part, P3 says it hasn’t determined whether a breach occurred and is investigating, but it doesn’t look good for the company, given the clients it has and the sensitive information it collects. The hacktivists have so far shared the data only with the nonprofit leak archive DDoSecrets, which the group says contains tips from February 1987 to November 2025, along with customer support requests and user accounts on P3’s servers. Perhaps most damning is that the leak includes confidential company documentation on how P3 clients can track tipsters even if they wish to stay anonymous, as well as a laundry list of vulnerabilities and issues with P3’s infrastructure.
AI Has Supercharged Ransomware Attacks. Defense? Not So Much
If the emails in my inbox on any given morning are any indication, AI is a revolutionary tool for cybersecurity. It must be true if all the press releases from AI-powered security companies say so, right? Well, if you actually ask security professionals, the perspective is a little different. Dark Reading reports on a pair of surveys that point out that while most companies are rushing to add AI to their products and workflows, security is a second thought. Additionally, the majority of security professionals report that the real benefit of AI so far has been for hackers, who can make their attacks more complex, harder to spot, and easier to duplicate and reproduce. Meanwhile, survey respondants said that AI hasn’t really helped them defend against those attacks.
This is especially true when it comes to ransomware, which has become the attack method of choice for anyone looking to profit from cybercrime. There’s huge demand for the massive leaks and databases of sensitive data obtained from simple access-and-exfiltrate attacks on companies, and that’s not even mentioning the potential ransom payouts that can come from holding that data hostage. Combine that with what you can get by uploading that data to the dark web, and it’s no surprise ransomware is big business. In short, when it comes to security, AI has a lot of catching up to do to help defenders protect themselves, but it’s already extremely valuable...to hackers.