2025
Archive.today: inside the web archiving service
When a web page disappears from the internet—deleted by its author, censored by a government or simply lost to time—one service has made it its mission to preserve those digital artefacts permanently. That service is archive.today, and its story reveals as much about the tensions of the modern internet as it does about the fragility of online information.
Built to fail: the structural indicators that doom CISOs
If nearly a quarter of Fortune 500 chief information security officers last just one year in the role, we need to stop asking what’s wrong with CISOs—and start asking what’s wrong with how we set them up.
Prompting Strategies to Reduce AI Sycophancy
Recent research has shown that many advanced AI systems tend to agree with users or offer flattering answers, even when those answers are incomplete or wrong. This behaviour—known as sycophancy—can increase overconfidence, reduce critical thinking and influence decision-making in subtle ways. The good news is that with the right prompt strategies, users can reduce these effects and get more balanced, useful responses from any AI model.
Daily Cyber Threat Intelligence Briefing – Oct. 6, 2025
This post is part of our ongoing daily CTI briefing series, highlighting verified, high-impact cyber incidents from the past 48 hours. All entries meet strict inclusion criteria and have been validated across multiple authoritative sources to support operational decision-making and strategic situational awareness.
AI Sycophancy: What the Latest Research Means for Cybersecurity and Privacy
New research from Stanford University, Carnegie Mellon University and the University of Oxford highlights a behavioural risk in today’s most advanced AI systems: sycophancy. This occurs when models agree with users or flatter them, even when they are wrong. The findings are relevant to anyone who relies on AI assistants for work, decision-making or communication.
Cybersecurity in the Era of Agentic AI: Weaponization, Defences and Governance
Agentic artificial intelligence—systems that perceive, decide and act autonomously—has moved from laboratory theory to operational threat. Attackers and defenders alike now deploy autonomous agents that plan multi-step attacks, invoke tools and adapt in real time. The same capabilities that accelerate detection and response can also scale reconnaissance, social engineering and exploitation.
Apple’s walled garden: why browser choice on your iPhone isn’t what it seems
If you browse the web on an iPhone or iPad, your experience is governed by a single, unyielding rule: every web page you see is drawn by Apple’s own technology, WebKit. On iOS and iPadOS, all store-distributed browsers must use Apple’s rendering engine and JavaScript stack. Familiar names like Chrome, Firefox and Edge are present, but on Apple’s mobile platforms they are WebKit-based shells rather than their Blink- or Gecko-based desktop counterparts.
For most of the world, including Canada and the United States, that remains the status quo. Apple created a path for authorised non-WebKit engines in the European Union with iOS 17.4 via a new framework called BrowserEngineKit; elsewhere, the WebKit requirement still applies. Japan has passed legislation that will require Apple to permit third-party browser engines by December 2025.
The great resignation is over. Welcome to the era of 'job clinging.'
In an uncertain economic climate, a new trend is emerging in the global workforce: “job clinging.” Workers, increasingly anxious about their prospects, are choosing to stay in their current roles — often delaying job searches despite dissatisfaction. This phenomenon, born of economic pressure and a cooling labour market, has significant implications for employees, businesses, and the broader economy. While its roots are visible in the United States, its effects are rippling across the world in different ways.
iPhone's "Help Apple Improve Search": what it is, where it lives, and how Apple says it treats your data
Apple includes a setting called Help Apple Improve Search that uses activity from Spotlight, Siri and Safari to refine search quality. Apple says this data is de-identified and not linked to your Apple ID.
Perplexity's Comet browser raises privacy questions over data collection
Perplexity has launched Comet, a Chromium-based “agentic” browser that uses AI to automate tasks and personalize the browsing experience. The rollout began in July 2025 with invite-only access for Perplexity Max subscribers, followed by regional expansions. [Reference: Perplexity Comet launch materials, July 2025; coverage of regional availability updates, September 2025]
France’s Mistral AI is making a push for Canadian talent and business - The Logic Mistral AI, a French company, is expanding its operations in Canada, specifically in Montreal, by hiring local talent and courting potential clients in various sectors. CEO Arthur Mensch highlighted the high concentration of AI talent in Montreal and the firm’s plans to recruit engineers, sales, and marketing staff. Mistral is targeting sectors like financial services, energy, manufacturing, logistics, and mining, with existing clients including Axa, Orange, and TotalEnergies.
App for outing Charlie Kirk’s critics leaked its users’ personal data An app called “Cancel the Hate,” designed to anonymously report individuals accused of criticizing conservative activist Charlie Kirk, leaked user data including email addresses and phone numbers. The app, founded by Jason Sheppard, was taken offline after the security flaw was discovered. Despite claims of receiving over 38,000 reports, Sheppard’s social media profiles and those of the app have since been deleted.
Privacy commissioners find TikTok collected sensitive data from Canadian children | CBC News A joint investigation by Canadian privacy authorities found TikTok’s age-verification methods ineffective, leading to the collection of sensitive information from underage users. TikTok has agreed to enhance its age-verification methods to prevent this.
SolarWinds Makes Third Attempt at Patching Exploited Vulnerability - SecurityWeek SolarWinds released a hotfix for a remote code execution vulnerability (CVE-2025-26399) in Web Help Desk, marking the third attempt to address this issue. The vulnerability is a patch bypass of previous vulnerabilities (CVE-2024-28988 and CVE-2024-28986) and is considered highly critical. Users are advised to apply the hotfix immediately due to the potential for exploitation.
News alert: SpyCloud report finds security teams overconfident as identity exposures fuel ransomware - The Last Watchdog The 2025 SpyCloud Identity Threat Report reveals a disconnect between security leaders’ confidence and the reality of identity-based attacks. While 86% of security leaders feel confident, 85% of organizations experienced a ransomware incident in the past year. The report highlights the need for a holistic approach to identity protection, emphasizing the importance of detecting and remediating identity exposures across all digital footprints.
Patch Bypassed for Supermicro Vulnerability Allowing BMC Hack - SecurityWeek Supermicro patched two BMC vulnerabilities, CVE-2025-7937 and CVE-2025-6198, discovered by Binarly. These vulnerabilities, allowing malicious firmware updates and bypassing security features, highlight the fragility of firmware validation. While there is no evidence of exploitation, the vulnerabilities pose a significant risk to enterprise organizations.
Gains and Risks for Enterprises With DeepSeek V3.1 DeepSeek’s V3.1 model shows significant performance improvements over previous versions, particularly in software bug-fixing and command-line reasoning. However, security testing by Splx revealed persistent vulnerabilities, including the potential for generating phishing-style messages and harmful content. While hardened prompts improved security and safety scores, adversarial threats remain a concern, especially in risk-averse industries.
USB-C cables look identical — their performance doesn’t
As USB-C becomes ubiquitous in professional environments, understanding cable capabilities is essential for IT and business leaders. Two cables can share the same connector yet behave very differently for power, data and displays. Here’s how to buy the right one — and avoid boardroom surprises.
iPhone 17 telephoto: what “8× optical-quality” really means
Apple put real distance between models this year. The Pro phones add a longer-reach telephoto, while the iPhone Air markets a single rear camera as “four lenses.” Here’s what that language means—and what it doesn’t—so buyers set the right expectations.
iPhone 17 Pro Fast Charging: What Changed, Why It’s Faster and What You Need
Apple has increased wired charging performance with the iPhone 17 Pro models. With a 40-watt (or higher) USB-C power adapter, you can reach about 50 per cent in 20 minutes—a meaningful improvement for professionals who need quick charges during a busy day.