Matt Burgess Maddy Varner Lily Hay Newman Dell Cameron Security Apr 11, 2026 6:30 AM Security News This Week: Your Push Notifications Aren’t Safe From the FBI Plus: Iran’s internet blackout hits the 1,000-hour mark, cryptocurrency scams result in a record amount of money stolen from Americans, and more. Photo-Illustration: Darrell Jackson; Getty Images Save this story Save this story Amid horrific threats from United States president Donald Trump as the US and Iran negotiated a ceasefire, the US government warned this week that Iran-linked hackers were carrying out attacks against US energy and water infrastructure targets. With nearly one in five people in Lebanon displaced by Israeli attacks, the government is attempting to manage the crisis without modern digital infrastructure and an emergency system that is barely hanging on. Plus, a WIRED analysis looked at Syrian government account hijacks in March and the inadequacies they expose in Syria’s baseline cybersecurity defenses. Amid rising fears of political violence, a WIRED investigation found that US political candidates are spending more on security , including purchasing equipment like home alarms and bulletproof vests. And recent research looking at Telegram groups found that men are sharing thousands of nonconsensual images of women and girls , purchasing spyware to use against their wives and friends, and engaging in doxing and sexual abuse. Meanwhile, as governments scramble to address growing industrial scamming originating from Southeast Asia, China has emerged as the biggest enforcer , but also a selective one, resulting in crime syndicates shifting their focus abroad to avoid Chinese targets. Anthropic formally announced its new Claude Mythos Preview model this week and said that for now it will only make the model available to a select group of a few dozen leading tech and financial organizations, including Apple, Microsoft, Google, and the Linux Foundation. The consortium, dubbed Project Glasswing, will explore Mythos Preview’s advanced hacking and other cybersecurity capabilities and assess the best ways to improve software and hardware defenses before capabilities like the ones in Mythos Preview proliferate more broadly across other models and inevitably end up in the hands of attackers. The announcements sparked controversy about whether Mythos Preview and similar capabilities will truly be as consequential for cybersecurity as Anthropic says. Experts told WIRED that while it may not be a dramatic catastrophe, it is important for defenders to come together and use their early access to make changes in how software is developed and how organizations around the world invest in patching. Finally, a WIRED investigation found that nonprofit groups linked to Customs and Border Protection facilities were selling challenge coins that celebrated the Trump administration’s immigration raids, including one coin that depicted Charlotte’s Web characters in riot gear. And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there. Your Push Notifications Aren’t Safe From the FBI The FBI recently got its hands on copies of encrypted Signal messages being sent to a defendant's iPhone because the contents of those messages were included in push notifications, 404 Media reports. Even though Signal had been removed from the phone prior to it being seized by the FBI, the notifications still lived on in the phone's internal memory. The issue affects all apps that send push notifications, not just Signal, but users of that app can adjust their settings to not show the content of a message or the name of the sender in push notifications. To adjust your settings for notifications going forward, open Signal and go to Settings , then Notifications , and change the option to Name Only or No Name or Content . Iran’s Internet Access Has Been Cut for 1,000 Hours Despite the tenuous and contested ceasefire enacted in the US-Israel war with Iran, tens of millions of ordinary Iranians are still without regular and reliable internet connectivity. The regime-imposed internet blackout, which started during the first hours of the war on February 28, is now reaching the 1,000 hour point, according to internet monitoring group NetBlocks . In recent weeks, the internet shutdown has become the longest in Iranian history and one of the longest worldwide—depriving Iranians of accurate news about the war, stopping them contacting family and loved ones, and causing further economic harm to the nation. US-based Iranian digital rights project Filter Watch has detailed how the Iranian regime, while being bombarded during the conflict, has labeled anti-censorship tools as “malicious” and claimed to have arrested individuals using Starlink internet connections to get around the block. Cryptocurrency Scams Cost Americans $11 Billion Last Year The FBI’s annual internet crime report typically paints a bleak picture: year-on-year, the number of cybercrime reports increases and the amount of money lost by Americans shoots up. Unfortunately, 2025 was no different. Last year, according to the FBI’s annual report , losses reported to the Internet Crime Complaint Center topped $20 billion —an increase of 26 percent compared to 2024. More than half of these reported losses ($11.3 billion) were linked to cryptocurrency scams, often through fraudulent investment schemes , according to the FBI. Business email compromise, tech and customer support scams, personal data breaches, and confidence or romance scams, make up the other most common crime reports. Crimes mentioning AI led to $893 million in losses. Gmail's End-to-End Encryption Finally Lands on Mobile—for a Select Few Google this week expanded Gmail’s end-to-end encryption to its Android and iOS apps, allowing enterprise users to compose and read E2EE messages natively on mobile for the first time without separate apps or mail portals required. Encrypted emails appear as standard threads in the Gmail app for recipients using Gmail, while those on other providers can access them via a secure browser view. This rollout builds on the client-side encryption model introduced to Google Workspace web users in April 2025, where messages are encrypted with customer-controlled keys, preventing Google from accessing their contents. The approach is particularly appealing for organizations with strict compliance requirements, including HIPAA, export controls, and data sovereignty regulations. Access, however, remains limited: The feature is available only to Google Workspace Enterprise Plus customers with the Assured Controls or Assured Controls Plus add-on, and is not supported for personal Gmail accounts. Administrators must also explicitly enable the Android and iOS clients in the admin interface before eligible users can access the feature, which is off by default. End users then toggle encryption per-message by tapping the lock icon and selecting "Additional encryption," mirroring the web workflow. The rollout is available immediately to both Rapid Release and Scheduled Release domains. Comments Back to top You Might Also Like In your inbox: Upgrade your life with WIRED-tested gear What you need to know about the foreign-made router ban Big Story: Anduril wants to own the future of war tech How Trump’s plot to grab Iran's nuclear fuel would actually work WIRED Health: Join the boldest minds in healthcare Written by WIRED Staff Topics security roundup cybersecurity hacking security Iran cryptocurrency Crime scams Anthropic artificial intelligence Gmail FBI Read More Iranian Hackers Breached Kash Patel’s Email—but Not the FBI’s Plus: Apple makes big claims about the effectiveness of its Lockdown Mode anti-spyware feature, Russia moves to implement homegrown encryption for 5G, and more. Andrew Couts Iranians Don’t Have a Missile Alert System, So Volunteers Built Their Own Warning Map The crowdsourced website and app Mahsa Alert provides citizens in Iran with crucial information amid the country’s ongoing war with the US and Israel—and an internet blackout. Matt Burgess The Hack That Exposed Syria’s Sweeping Security Failures When Syrian government accounts were hijacked in March, the breach looked chaotic. But it revealed something more troubling: a state struggling with the most basic layer of cybersecurity. Danny Makki Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites. Andy Greenberg Hackers Are Posting the Claude Code Leak With Bonus Malware Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as part of an ongoing supply chain hacking spree, and more. Andrew Couts US Takes Down Botnets Used in Record-Breaking Cyberattacks The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Justice Department. Andy Greenberg A Hacker Accidentally Broke Into the FBI’s Epstein Files Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more. Maddy Varner Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool As DarkSword spreads, Apple tells WIRED it will enable iOS 18-specific fixes for millions of iPhone owners who remain on that iOS version rather than force them to update to iOS 26. Andy Greenberg China Is Cracking Down on Scams. Just Not the Ones Hitting Americans As Beijing clamps down on fraud at home, researchers say crime syndicates are shifting their focus to victims elsewhere. Lily Hay Newman How ‘Handala’ Became the Face of Iran’s Hac