The Trump administration is pressing forward with legal action against states that have refused to allow Immigration and Customs Enforcement agents to register undercover license plates. The Department of Justice filed lawsuits targeting four states, claiming their policies violate the Constitution by imposing different rules on federal officers compared to state officers, who can easily obtain such plates.

In the lawsuits, the DOJ pointed to websites such as ICEList.info and ICESpy.org as evidence of alleged doxing threats against ICE agents. The department argued that these sites expose officers to harassment and invasive tracking, though it did not provide specific evidence linking the sites to actual harm.

The DOJ contended that denying undercover plates increases risks for ICE agents, including potential harassment and the possibility that enforcement targets could evade arrest more easily. The lawsuits assert that state policies unlawfully hinder federal law enforcement operations.

The four states targeted in the lawsuits have not yet publicly responded to the DOJ's allegations. The legal challenge marks an escalation in the ongoing conflict between the federal government and states that have adopted policies limiting cooperation with ICE.

The DOJ's filings emphasize the need for uniform treatment of federal officers, arguing that state restrictions create unconstitutional burdens. The cases are expected to test the limits of state authority over federal immigration enforcement.

No court dates have been set for the lawsuits, and the DOJ has not indicated whether additional states may face similar legal action. The administration continues to push for expanded ICE access to undercover plates as part of its broader immigration enforcement strategy.

Authorities in the Netherlands announced the dismantling of a botnet that included more than 17 million devices. The network was managed by 200 servers, according to a joint operation by the police and the National Cyber Security Center (NCSC). The action was made public on Thursday.

The investigation began after a security researcher reported the sprawling network to authorities. The host infrastructure was located in the Netherlands, the NCSC stated. Police subsequently seized several botnet servers from a hosting provider for further investigation.

The botnet was taken offline by the provider because it was used for criminal purposes, the NCSC explained. The scale of the botnet, with millions of compromised devices, highlights the ongoing threat of such networks for cybercrime activities.

The NCSC did not disclose the specific criminal activities the botnet was used for, but botnets are commonly employed for distributed denial-of-service attacks, spam campaigns, and credential theft. The dismantling disrupts the infrastructure that enabled these operations.

No arrests have been reported in connection with the takedown. The authorities continue to analyze the seized servers to understand the full scope of the botnet's operations and identify those responsible.

The operation underscores the importance of collaboration between security researchers and law enforcement. The NCSC encouraged other researchers to report similar threats to help protect digital infrastructure.

Details about the hosting provider or the specific malware used to compromise the devices were not released. The NCSC advised device owners to keep their software updated and use strong passwords to prevent their devices from being enlisted in botnets.

The takedown represents a significant blow to cybercriminal infrastructure, but the NCSC warned that similar networks may still be active. The agency continues to monitor the threat landscape and coordinate with international partners.

A senior US lawmaker has issued a stark warning against the adtech industry, labeling it a national security threat after reports emerged that military personnel were tracked using location data. Senator Ron Wyden, a prominent privacy advocate, stated that the incident underscores the urgent need for stricter regulations on data collection and sharing practices. The senator's comments came in response to a report detailing how commercial data brokers sold location information that could be used to identify and target US troops stationed abroad.

The report, published by the nonprofit organization Tech Inquiry, revealed that data from popular apps and advertising networks was aggregated and sold to entities that could potentially exploit it. The data included precise geolocation information from devices used by military personnel, allowing for the tracking of their movements and routines. This information, the report noted, could be accessed by foreign adversaries or malicious actors seeking to harm US service members.

Senator Wyden, who chairs the Senate Finance Committee, emphasized that the adtech industry's business model poses a direct threat to national security. He called for immediate action to curb the unfettered collection and sale of personal data, particularly location information. Wyden has long advocated for comprehensive privacy legislation, including the introduction of the Fourth Amendment Is Not For Sale Act, which would prohibit law enforcement and intelligence agencies from purchasing data that would otherwise require a warrant.

The report highlighted several instances where location data from military bases and personnel was available for purchase through data brokers. In one case, data from a fitness tracking app revealed the locations of US military personnel in sensitive areas. The findings have reignited debates about the lack of federal privacy laws in the United States, which allow data brokers to collect and sell personal information with minimal oversight.

Industry representatives have pushed back against the characterization of adtech as a national security threat, arguing that data collection is conducted with user consent and is essential for the digital economy. However, privacy advocates and lawmakers contend that the current system fails to protect individuals, especially those in vulnerable positions such as military personnel. The Federal Trade Commission has also taken steps to address data privacy concerns, including recent actions against data brokers for selling location data without proper safeguards.

The issue has drawn bipartisan attention, with several lawmakers expressing concern over the potential misuse of personal data. In addition to Senator Wyden, other members of Congress have introduced bills aimed at restricting data collection and enhancing consumer privacy protections. The debate is expected to intensify as the 2024 election cycle approaches, with privacy emerging as a key issue for voters.

As of now, no specific legislation has been passed to address the concerns raised by the report. Senator Wyden has vowed to continue pushing for reforms, stating that the adtech industry must be held accountable for its role in compromising national security. The report's findings are likely to fuel further investigations and calls for action from both Congress and regulatory agencies.

A security lapse at Pay Tel, a company providing pay phone services to prisons, exposed over 300,000 callers' driver's licenses and inmate communications. The breach was discovered by security researchers who found the data publicly accessible on the internet. The exposed information included sensitive identification documents and recorded conversations between inmates and their contacts.

The researchers reported the vulnerability to Pay Tel, which subsequently secured the exposed data. The incident highlights ongoing concerns about the security of communication systems used in correctional facilities. Pay Tel's services are widely used across the United States, allowing inmates to make calls to family and legal representatives.

The leaked data contained high-resolution images of driver's licenses, revealing personal details such as names, addresses, dates of birth, and identification numbers. Additionally, recordings of inmate calls were accessible, raising privacy and legal issues. The researchers noted that the data was stored on an unsecured server without password protection.

Pay Tel has not disclosed how long the data was exposed or whether any unauthorized parties accessed it. The company stated that it takes security seriously and has implemented measures to prevent future incidents. However, the breach underscores the risks associated with third-party services handling sensitive information in the prison system.

The researchers who discovered the leak emphasized the potential for misuse, including identity theft and harassment. They also pointed out that inmates and their families often have limited choices for communication services, making them vulnerable to such security failures. The incident has prompted calls for stricter oversight of prison communication providers.

Pay Tel operates in multiple states, providing phone services to inmates. The company has faced criticism in the past for high call rates and fees. This security lapse adds to the scrutiny of its operations. The exposed data has been taken offline, but affected individuals may face long-term risks from the exposure of their personal information.

The researchers recommended that Pay Tel notify affected individuals and offer credit monitoring services. They also urged the company to conduct a thorough security audit. The incident serves as a reminder of the importance of data protection in specialized service sectors like prison communications.

Pay Tel has not announced any plans to compensate affected callers. The company's response has been limited to securing the server and stating that it is reviewing its security protocols. The breach was reported to relevant authorities, though it remains unclear if any regulatory action will follow.

As of now, Pay Tel has not provided a timeline for when the data was first exposed or how long it remained accessible. The researchers discovered the leak in early 2025 and reported it promptly. The company acted to close the vulnerability after being notified, but the full extent of any potential data misuse remains unknown.