The Trump administration has handed the Department of Homeland Security “limitless authority” in effect to search travelers’ devices without a warrant, the ACLU’s Esha Bhandari says.
WIRED reported Wednesday that Customs and Border Protection searched 14,899 devices between April and June, a record quarterly total and a 16.7 percent jump over the previous high of at least 12,766 in early 2022. The increase comes as the second Trump administration takes aggressive actions on migration, including massive DHS/ICE budgets and a focus on incarcerating migrants in remote camps and federal prisons.
Despite Trump’s campaign pledge to target the “worst of the worst,” recent data shows more than a third of ICE arrests in June were of people who have no criminal convictions or pending charges.
In related news this week, a Senate investigation led by Senator Jon Ossoff has so far identified more than 500 credible reports of abuse in US immigration detention since January—including miscarriages, child neglect, and sexual abuse—spanning facilities in 25 states, Puerto Rico, US military bases, and charter deportation flights.
Ossoff cited, among other public reporting, a June investigation by WIRED that revealed a pattern of medical crises at 10 of the nation’s largest ICE facilities, with incidents ranging from pregnancy complications and suicide attempts to seizures, head injuries, and allegations of sexual assault.
In somehow perhaps even worse news, new research shared exclusively with WIRED by International Justice Mission (IJM) links 493 child sextortion reports made to the National Center for Missing and Exploited Children (NCMEC) over two years to scam compounds in Cambodia, Myanmar, and Laos; another 18,017 NCMEC reports contained IP addresses used at those locations. IJM cross-referenced more than 1.1 million “online enticement” incidents and mobile ad data, concluding that at least 40 of 44 known compounds are tied to the reports—the first clear evidence connecting forced scamming centers to child sextortion.
In data breach news, an unsecured database exposed nearly a million medical-cannabis patient records—including Social Security numbers, government IDs, and health details—likely tied to Ohio Medical Alliance, security researcher Jeremiah Fowler found. The 323-GB trove was taken offline a day after Fowler notified the company on July 14. Ohio Medical Alliance informed WIRED that it could not immediately provide a comment, requiring additional time to “investigate this alleged incident.”
And that’s not all. Each week, we round up the security and privacy news we didn’t cover in-depth ourselves. Click the headlines to read the full stories. And stay safe out there.
Justice Department Seeks Medical Records of Young Transgender People
In a subpoena issued earlier this year to the Children’s Hospital of Philadelphia, The Washington Post reports, the Department of Justice sought an extraordinarily broad range of information about care for trans minors dating back to 2020. This included the names, dates of birth, Social Security numbers, and addresses of CHOP patients who were prescribed hormone therapy or puberty blockers, as well as medical records relating to prescriptions. Other records sought include personnel files for anyone with authority to direct “any aspect of [CHOP] affairs,” for “employees, contractors, or affiliates who have authority to prescribe medications or perform medical evaluations,” and for anyone “engaged in billing activities.”
Post sources said that similar subpoenas have targeted information about the provision of gender-affirming care to patients under 19, including in states where such care was and is legal. President Donald Trump has issued executive orders purporting to define sex and block hospitals offering a range of treatments to minors from receiving federal funds, but for now those have been stayed by the courts.
“I’m looking over my shoulder driving home,” a doctor whose hospital was targeted by a subpoena told the Post.
Kristi Noem Relocates to Military Housing After Doxxing
Homeland Security secretary Kristi Noem has temporarily moved into secure military housing after the location of her Washington, DC, apartment was exposed online, triggering what DHS called “vicious doxxing” and a wave of death threats, the New York Post reports. A DHS official said the relocation was necessary for safety, though Noem continues to pay rent on her Navy Yard residence.
The move comes as Noem has pointed to what she describes as a sharp rise in violence against ICE agents, citing what it claims to be a nearly 1,000 percent uptick in assaults—figures ICE has not fully explained and that The Washington Post has questioned for lacking specificity. While DHS has not publicly detailed the sources of the alleged threats against her, Noem has framed them as part of a broader climate of hostility toward immigration enforcement.
Nearly Every Fortune 500 Firm May Have Unknowingly Hired North Korean IT Workers
North Korea has reportedly infiltrated the global IT job market by posing as remote employees at Fortune 500 companies, Axios reports. The operation—backed by groups like Jasper Sleet and Moonstone Sleet—uses stolen identities and AI-assisted applications to bypass hiring systems and conceal the workers’ true origins.
The scheme funnels salaries back to Pyongyang and raises serious cybersecurity concerns, from intellectual property theft to the risk of extortion if the workers are exposed. The Justice Department has announced charges against several individuals tied to the plot, while the FBI has conducted raids on “laptop farms” supporting it, ABC News reports. The Times of India, meanwhile, reported in June that Microsoft had suspended roughly 3,000 Outlook and Hotmail accounts allegedly connected to the scheme.
Earlier this month, WIRED reported on a related trove of leaked documents obtained by cybersecurity researcher SttyK and presented at the Black Hat security conference. The cache provides a rare look inside these North Korean IT worker operations, detailing their meticulous job tracking, internal quotas, and even glimpses of daily life under close regime surveillance.
FBI Partners With Texas Universities on Cybersecurity and Infrastructure Research
Texas Tech University has signed a research agreement with the FBI focused on defending key services against cyberattacks and other disruptions, the Midland Reporter-Telegram reports. The partnership will reportedly grant the bureau access to Tech’s Critical Infrastructure Security Institute, which studies vulnerabilities in the power grid, water systems, communications networks, and military facilities.
Angelo State University will also contribute access to its cybersecurity programs and Regional Security Operations Center, where students train while monitoring real-world networks in West Texas. University leaders and FBI officials said the deal is meant to turn academic research into practical tools and expand the pipeline of graduates prepared for defense and cybersecurity roles.
The push to expand research partnerships, however, contrasts with reporting in The New York Times this week that the FBI may be moving away from its traditional role as an intelligence agency, with plans to lower recruiting standards and focus more on street crime. Critics say that shift risks leaving the bureau with less capacity for complex, technical cases, even as it seeks outside expertise through agreements like the one with Texas Tech.
Google Issues Emergency Chrome Security Update
Google has pushed an urgent security update for its Chrome browser, urging users worldwide—estimated in the billions—to install the patch immediately, The Sun reports. The update addresses multiple vulnerabilities, including the high‑severity CVE‑2025‑8901 in Chrome’s ANGLE graphics engine, which could allow attackers to hijack devices merely by luring users to a malicious webpage.
Although there’s no evidence of any real‑world exploitation yet, Google emphasizes that the risk remains until the update is installed and the browser is restarted. The fixes are rolling out across all major platforms—Windows, macOS, Linux, Android, and iOS—and Google advises users to apply them promptly to stay protected.
