The EU has proposed two versions of Chat Control legislation designed to detect illegal content in encrypted communications. Both proposals face significant technical and privacy concerns.
Chat Control 1.0 and 2.0 represent the European Union's attempts to combat child sexual abuse material (CSAM) and terrorism financing through private messaging platforms.
Chat Control 1.0 proposed mandatory scanning of all messages before encryption, requiring platforms to implement detection systems. The proposal faced widespread backlash from security experts, privacy advocates, and tech companies over backdoor encryption risks.
Chat Control 2.0 modified the approach to focus on detection of known CSAM hashes and terrorist content rather than blanket scanning. However, it still requires platforms to implement reporting mechanisms and detection infrastructure.
Key concerns include:
- Undermining end-to-end encryption
- Creating security vulnerabilities exploitable by bad actors
- Privacy implications for lawful users
- Technical feasibility challenges
Neither proposal has achieved legislative approval. Security researchers maintain that the plans conflict with encryption principles and could weaken digital security infrastructure. The debate continues between EU regulators seeking safety measures and cryptography experts warning of unintended consequences.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.