Edmonton Police Facial Scans, New Jersey Men North Korea Sentence

Edmonton Police Silently Scan Faces with Body Cameras on Watchlist

  • Up to 50 officers tested AI-powered facial recognition on body-worn cameras during a December 2025 pilot.
  • The system matched faces against a watchlist of approximately 6,341 flagged individuals plus 724 warrant entries.
  • No public notification occurred during the proof-of-concept trial conducted only in daylight hours.

EDMONTON, Apr 20 (TNGB) – The Edmonton Police Service reportedly equipped up to 50 patrol officers with body-worn cameras featuring artificial intelligence facial recognition during a December 2025 proof-of-concept pilot. The software scanned faces in real time and compared them against a watchlist containing roughly 6,341 individuals flagged for violent behavior, weapons offenses, or high-risk status, plus an additional 724 entries tied to serious criminal warrants or officer safety alerts. The trial, conducted in partnership with technology providers and limited to daylight hours, operated without notifying the public or individuals scanned. Internal assessments later described the approach as proactive surveillance, and documents obtained by journalists revealed a brief system outage that prevented matches for seven days during the pilot period.

The program marked Canada’s first live test of facial recognition technology on body-worn cameras.

Why This Matters: Real-time biometric scanning by police without individualized suspicion or public notice raises fundamental questions about consent and oversight in public spaces.

Lovable Denies Data Leak Citing Intentional Behavior and HackerOne Issues

  • Lovable rejected breach allegations and attributed visible information to intentional user actions and unclear documentation.
  • The company later blamed its bug bounty partner HackerOne for failing to escalate reports on public project visibility.
  • An apology acknowledged that earlier statements had not adequately addressed the configuration error.

USA, Apr 20 (TNGB) – The vibe coding platform Lovable reportedly denied experiencing a data breach and initially attributed publicly visible project information to intentional user behavior combined with unclear documentation. In a follow-up statement the company shifted responsibility to HackerOne, claiming the bug bounty service had closed reports without escalation because reviewers believed visibility of public project chats represented intended functionality. Lovable subsequently issued an apology on its official channel acknowledging that its initial response had not properly addressed the underlying configuration mistake that allowed certain project communications to appear publicly. The vulnerability involved settings that should have kept specific project elements private by default.

Evolving explanations from technology companies can delay clear communication to affected users during security incidents.

Why This Matters: Disputes between platforms and security researchers can complicate timely notification and remediation for users whose data or projects may have been exposed.

New Jersey Men Sentenced for Facilitating North Korea Business Infiltration

  • Kejia Wang, 42, of Edison, New Jersey, received 108 months in prison.
  • Zhenxing Wang, 39, of New Brunswick, New Jersey, received 92 months in prison.
  • The pair operated laptop farms that enabled North Korean operatives to pose as U.S.-based IT workers at over 100 companies, generating more than 5 million dollars for the regime.

NEW JERSEY, Apr 20 (TNGB) – A federal court in Massachusetts reportedly sentenced two New Jersey residents on April 15 for their roles in a multi-year scheme that helped North Korean operatives secure remote information technology positions at more than 100 U.S. companies. Kejia Wang, 42, of Edison, received a 108-month prison term, while Zhenxing Wang, 39, of New Brunswick, received 92 months. The defendants managed laptop farms inside the United States that used stolen identities of at least 80 Americans to create the appearance of domestic employment. The operation generated more than 5 million dollars in illicit revenue for the Democratic People’s Republic of Korea. Both men had pleaded guilty earlier to charges including conspiracy to commit wire fraud, money laundering, and identity theft.

The sentencings illustrate the persistence of state-sponsored efforts to infiltrate American technology infrastructure and steal wages and intellectual property.

Why This Matters: Laptop farm operations allow foreign adversaries to bypass sanctions and export controls while conducting espionage and financial fraud on U.S. soil.

DOJ Blocks France Probe into X Platform Over First Amendment Concerns

  • The Department of Justice refused to assist a French criminal investigation into the X platform.
  • Officials cited First Amendment protections against foreign attempts to regulate U.S. speech through criminal processes.
  • The probe centered on allegations of algorithm manipulation and content moderation failures under French law.

WASHINGTON D.C., Apr 20 (TNGB) – The U.S. Department of Justice reportedly declined to provide assistance to French authorities conducting a criminal investigation into the X platform owned by Elon Musk. In a letter from the Office of International Affairs dated around April 17, officials stated that the French probe sought to use criminal legal processes to regulate a public forum for expression in a manner inconsistent with the First Amendment. The investigation focused on allegations of algorithm manipulation and failures to address illegal content or coordinated disinformation as required under French law. French prosecutors responded by affirming their judicial independence and stating they had no prior knowledge of the specific U.S. communication.

The refusal highlights increasing friction between U.S. constitutional standards and European efforts to regulate global social media platforms.

Why This Matters: International disputes over platform governance can affect content moderation policies and legal compliance strategies for companies operating across multiple jurisdictions.

Microsoft Teams Increasingly Targeted in Helpdesk Impersonation Attacks

  • Threat actors increasingly abuse external Microsoft Teams chats and calls to impersonate IT support staff.
  • Victims are tricked into granting remote access through legitimate tools such as Quick Assist.
  • The tactic enables rapid credential theft, lateral movement, and data exfiltration.

USA, Apr 20 (TNGB) – Microsoft security researchers reportedly documented a rising trend of attackers exploiting external Microsoft Teams collaboration features to conduct helpdesk impersonation campaigns. The actors send cross-tenant messages or initiate voice calls posing as internal support personnel, then convince employees to launch remote assistance sessions that grant initial network access. Once inside, the intruders pivot quickly to credential harvesting, persistence mechanisms, and data exfiltration using legitimate administrative tools. The April 18 advisory noted that the tactic has become more prevalent as organizations rely heavily on the platform for daily operations and remote support.

Collaboration tools have emerged as high-value targets because they bypass traditional email security filters and leverage existing trust relationships.

Why This Matters: Successful Teams-based intrusions can compromise entire enterprise networks before conventional detection systems register anomalous behavior.

GitHub Adjusts New Copilot Account Sign-Ups Amid Plan and Rate Limit Changes

  • GitHub implemented adjustments to new Copilot account sign-ups tied to plan-specific rate limits and tier changes.
  • The modifications affected Pro, Pro+, and Student account tiers amid sustained high demand.
  • Existing subscribers experienced no interruption during the transition period.

USA, Apr 20 (TNGB) – GitHub reportedly adjusted acceptance of new account sign-ups for its Copilot artificial intelligence coding assistant in response to plan-specific rate limits and tier adjustments for Pro, Pro+, and Student accounts. The changes followed sustained high demand that required recalibration of access controls to maintain service quality across user categories. No disruption occurred for existing subscribers, and the company indicated the adjustments were temporary measures to balance capacity with growing usage. The modifications occurred without broader infrastructure strain announcements.

Rapid adoption of AI-assisted development tools continues to require ongoing platform tuning to match user demand patterns.

Why This Matters: Access adjustments on popular developer tools can temporarily slow onboarding for new users while organizations scale supporting infrastructure.

Microsoft Pulls Problematic Update After Teams Launch Failures Reported

  • Microsoft withdrew a recent service update that caused widespread Teams client launch failures.
  • Users across multiple regions encountered repeated errors when attempting to open the application.
  • A corrected patch was released within hours, restoring functionality for most customers.

USA, Apr 20 (TNGB) – Microsoft reportedly rolled back a service update for the Teams client after widespread reports of launch failures began surfacing among both enterprise and consumer users. The faulty code prevented the application from starting properly on affected devices, disrupting scheduled meetings and daily workflows for thousands of organizations. Company engineers identified the root cause quickly and issued a replacement update that restored functionality for the majority of customers within a short timeframe. The incident occurred during a period of frequent feature rollouts across the platform used by hundreds of millions daily.

Frequent client-side issues can frustrate users and prompt organizations to delay adoption of new collaboration features.

Why This Matters: Reliability problems in widely deployed workplace software directly reduce productivity and increase support costs for organizations.

NIST Narrows Vulnerability Database Focus Due to Overwhelming Defect Reports

  • The National Institute of Standards and Technology adjusted priorities for its National Vulnerability Database on or around April 15.
  • Officials cited an unsustainable volume of incoming security flaw submissions that exceeded analysis capacity.
  • Lower-severity issues will receive reduced attention to preserve the database’s overall utility for defenders.

USA, Apr 20 (TNGB) – The National Institute of Standards and Technology reportedly narrowed the scope of its National Vulnerability Database after determining that the annual influx of reported security defects had exceeded available analysis resources. The agency announced on or around April 15 that it would deprioritize lower-severity vulnerabilities while focusing resources on higher-impact entries that pose greater risks to critical systems and widely deployed software. The decision followed internal assessments showing that processing every submission had become operationally unsustainable. NIST emphasized that the change aims to maintain the database as a reliable and timely reference for security professionals worldwide.

Resource constraints at national vulnerability clearinghouses directly affect the speed and completeness of information available to organizations defending their systems.

Why This Matters: Incomplete or delayed vulnerability coverage can leave organizations unaware of emerging risks in software and hardware they rely upon daily.

British Scattered Spider Hacker Pleads Guilty to Crypto Theft Charges

  • British national Tyler Buchanan pleaded guilty in a California federal court to cryptocurrency theft conspiracy charges.
  • The charges stemmed from his role in operations linked to the Scattered Spider hacking collective.
  • Sentencing is scheduled for later in 2026.

CALIFORNIA, Apr 20 (TNGB) – British national Tyler Buchanan reportedly pleaded guilty on or around April 17-18 in a U.S. federal court in California to charges of conspiracy to commit cryptocurrency theft. Prosecutors linked Buchanan’s activities to the Scattered Spider collective, which has conducted multiple high-value attacks against cryptocurrency exchanges and individual wallets. Court records indicate the plea agreement covers his participation in coordinated campaigns that compromised digital asset platforms and facilitated the theft of significant cryptocurrency holdings. Additional details regarding the full scope of the conspiracy and any cooperation with authorities are expected to surface during the sentencing hearing later this year.

The guilty plea advances U.S. law enforcement efforts against one of the most active cybercrime groups targeting financial services.

Why This Matters: Prosecutions of Scattered Spider members in U.S. courts demonstrate international cooperation in disrupting ransomware and cryptocurrency theft networks that operate across borders.

Trump Branded Data Center Project Fails to Achieve Greatness Again

  • A data center development tied to the Trump brand encountered significant construction and financing delays.
  • The project entered a reorganization phase after failing to meet earlier announced milestones.
  • Previous public statements had positioned the initiative as a major infrastructure achievement.

USA, Apr 20 (TNGB) – A data center project associated with the Trump brand reportedly stalled and entered a formal reorganization process after failing to meet construction and financing milestones outlined in earlier announcements. Company filings revealed extended timelines and unresolved funding arrangements that had been highlighted in prior public statements promoting the initiative as a flagship technology infrastructure effort expected to create substantial economic activity. Current status indicates limited forward progress despite repeated announcements of imminent breakthroughs and groundbreaking events.

High-visibility technology infrastructure projects frequently encounter execution challenges that extend beyond initial promotional timelines.

Why This Matters: Delays in major data center developments can affect regional economic development plans and the broader availability of computing capacity for cloud and AI workloads.

  • TP-Link faces ongoing federal review despite operating from a California headquarters.
  • U.S. authorities have alleged potential espionage risks linked to Chinese corporate ties.
  • The company has petitioned for exemptions from proposed router restrictions.

CALIFORNIA, Apr 20 (TNGB) – TP-Link reportedly engaged federal regulators in discussions regarding potential exemptions from a proposed router ban while maintaining its operational base in California. U.S. officials have expressed concerns that the company’s Chinese corporate origins could facilitate intelligence collection activities through network equipment supplied to American consumers and businesses. Company representatives have asserted full compliance with American laws and emphasized its status as a domestic entity with no direct foreign control. The review continues amid broader policy debates over supply chain security for critical communications infrastructure used by homes, businesses, and government agencies.

Corporate nationality claims do not automatically resolve national security concerns in technology procurement and regulatory decisions.

Why This Matters: Ongoing scrutiny of networking equipment manufacturers can influence procurement decisions by government agencies, critical infrastructure operators, and millions of individual consumers.