In the Picture with The IT Privacy and Security Weekly Update for the week ending September 9th. 2025

EP 259  In this week’s update:
Affordable LookCam devices, marketed as home security solutions, harbor critical vulnerabilities that could allow strangers to access your private video feeds.
VirusTotal uncovers a sophisticated phishing campaign using SVG files to disguise malware, targeting users with fake Colombian judicial portals.
Plex alerts users to a data breach compromising emails, usernames, and hashed passwords, urging immediate password resets to secure accounts.
Philips Hue’s innovative MotionAware feature transforms smart bulbs into motion sensors, enhancing home automation with cutting-edge RF technology.
A massive supply chain attack compromises npm packages, affecting billions of downloads through a phishing scheme targeting maintainers’ accounts.
Google faces a $425.7 million verdict for covertly tracking nearly 98 million smartphones, violating user privacy despite opt-out settings.
Switzerland’s Apertus, a fully open-source AI model, sets a new standard for privacy, offering transparency and compliance with stringent data laws.
An AI-driven tool, Auto Exploit, revolutionizes cybersecurity by generating exploit code in under 15 minutes, reshaping defensive strategies.
ICE’s adoption of Paragon’s Graphite spyware, capable of infiltrating encrypted apps, sparking concerns over privacy and surveillance in immigration enforcement.
Look closely and perhaps you’ll see it in the picture.