Technology
Major US shipping platform left customer data wide open to hackers
NEWYou can now listen to Fox News articles!
Cargo theft is no longer just about stolen trucks and forged paperwork. Over the past year, security researchers have been warning that hackers are increasingly targeting the technology behind global shipping, quietly manipulating systems that move goods worth millions of dollars.
In some cases, organized crime groups use hacked logistics platforms to redirect shipments, allowing criminals to steal goods without ever setting foot in a warehouse. One recent case involving a critical U.S. shipping technology provider shows just how exposed parts of the supply chain have been, and for how long.
Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter
A key shipping platform was left wide open
CRIME RINGS, HACKERS JOIN FORCES TO HIJACK TRUCKS NATIONWIDE, FUELING MAJOR HOLIDAY SHIPPING SECURITY FEARS
Digital shipping platforms now control how goods move worldwide, making cybersecurity failures a direct risk to the global supply chain. (John Keeble/Getty Images)
The company at the center of this incident is Bluspark Global, a New York-based firm whose Bluvoyix platform is used by hundreds of companies to manage and track freight moving around the world. While Bluspark isn’t a household name, its software supports a large slice of global shipping, including major retailers, grocery chains and manufacturers.
For months, Bluspark’s systems reportedly contained basic security flaws that effectively left its shipping platform exposed to anyone on the internet. According to the company, five vulnerabilities were eventually fixed, including the use of plaintext passwords and the ability to remotely access and interact with the Bluvoyix platform. These flaws could have given attackers access to decades of shipment records and customer data.
Bluspark says those issues are now resolved. But the timeline leading up to the fixes raises serious concerns about how long the platform was vulnerable and how difficult it was to alert the company in the first place.
How a researcher uncovered the flaws
Security researcher Eaton Zveare discovered the vulnerabilities in October while examining the website of a Bluspark customer. What started as a routine look at a contact form quickly escalated. By viewing the website’s source code, Zveare noticed that messages sent through the form passed through Bluspark’s servers using an application programming interface, or API.
From there, things unraveled fast. The API’s documentation was publicly accessible and included a built-in feature that allowed anyone to test commands. Despite claiming authentication was required, the API returned sensitive data without any login at all. Zveare was able to retrieve large amounts of user account information, including employee and customer usernames and passwords stored in plaintext.
Worse, the API allowed the creation of new administrator-level accounts without proper checks. That meant an attacker could grant themselves full access to Bluvoyix and view shipment data going back to 2007. Even security tokens designed to limit access could be bypassed entirely.
Why it took weeks to fix critical shipping security flaws
One of the most troubling parts of this story isn’t just the vulnerabilities themselves, but how hard it was to get them fixed. Zveare spent weeks trying to contact Bluspark after discovering the flaws, sending emails, voicemails, and even LinkedIn messages, without success.
With no clear vulnerability disclosure process in place, Zveare eventually turned to Maritime Hacking Village, which helps researchers notify companies in the shipping and maritime industries. When that failed, he contacted the press as a last resort.
Only after that did the company respond, through its legal counsel. Bluspark later confirmed it had patched the flaws and said it plans to introduce a formal vulnerability disclosure program. The company has not said whether it found evidence that attackers exploited the bugs to manipulate shipments, stating only that there was no indication of customer impact. It also declined to share details about its security practices or any third-party audits.
10 ways you can stay safe when cyberattacks hit supply chains
Hackers can break into a shipping or logistics platform without you ever realizing your data was involved. These steps help you reduce risk when attacks like this happen.
1) Watch for delivery-related scams and fake shipping notices
After supply chain breaches, criminals often send phishing emails or texts pretending to be shipping companies, retailers, or delivery services. If a message pressures you to click a link or “confirm” shipment details, slow down. Go directly to the retailer’s website instead of trusting the message.
2) Use a password manager to protect your accounts
If attackers gain access to customer databases, they often try the same login details on shopping, email, and banking accounts. A password manager ensures every account has a unique password, so one breach doesn’t give attackers the keys to everything else.
Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com
3) Reduce your exposed personal data online
Security researchers found exposed APIs that allowed access to sensitive shipping data without proper authentication. (Portra/Getty Images)
Criminals often combine data from one breach with information scraped from data broker sites. Personal data removal services can help reduce how much of your information is publicly available, making it harder for criminals to target you with convincing scams.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com
4) Run strong antivirus software on your devices
Strong antivirus software can block malicious links, fake shipping pages, and malware-laced attachments that often follow high-profile breaches. Keeping real-time protection enabled adds an important layer when criminals try to exploit confusion.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
HUGE DATA LEAK EXPOSES 14 MILLION CUSTOMER SHIPPING RECORDS
5) Enable two-factor authentication wherever possible
Two-factor authentication (2FA) makes it much harder for attackers to take over accounts, even if they have your password. Prioritize email, shopping accounts, cloud storage and any service that stores payment or delivery information.
6) Review your account activity and delivery history
Check your online shopping accounts for unfamiliar orders, address changes, or saved payment methods you don’t recognize. Catching changes early can prevent fraud from escalating.
7) Consider identity theft protection
Identity theft protection services can alert you to suspicious credit activity and help you recover if attackers access your name, address or other personal details. Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com
8) Place a free credit freeze to stop new fraud
If your name, email, or address was exposed, consider placing a credit freeze with the major credit bureaus. A freeze prevents criminals from opening new accounts in your name, even if they obtain additional personal data later. It’s free, easy to lift temporarily, and one of the most effective steps you can take after a breach. To learn more about how to do this, go to Cyberguy.com and search “How to freeze your credit.”
9) Lock down your shipping and retailer accounts
Review the security settings on major shopping and delivery accounts, including retailers, grocery services and shipping providers. Pay close attention to saved delivery addresses, default shipping locations and linked payment methods. Attackers sometimes add their own address quietly and wait before making a move.
10) Businesses should review third-party logistics access
If you run a business that relies on shipping or logistics platforms, incidents like this are a reminder to review vendor access controls. Limit administrative permissions, rotate API keys regularly, and confirm vendors have a clear vulnerability disclosure process. Supply chain security depends on more than just your own systems.
Hackers increasingly target logistics technology, manipulating systems to redirect shipments without physical theft. (Thomas Trutschel/Photothek via Getty Images)
Kurt’s key takeaway
Shipping platforms sit at the intersection of physical goods and digital systems, making them attractive targets for cybercriminals. When basic protections like authentication and password encryption are missing, the consequences can spill into the real world, from stolen cargo to supply chain disruption. The incident also highlights how many companies still lack clear, public ways for researchers to report vulnerabilities responsibly.
Do you think companies that quietly power global supply chains are doing enough to protect themselves from cyber threats? Let us know by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter
Copyright 2026 CyberGuy.com. All rights reserved.
Nothing’s next budget phone is the latest victim of RAMageddon. As 9to5Google reports, Nothing co-founder Akis Evangelidis announced in a post on X that a follow-up to the CMF Phone 2 Pro won’t be coming this year:
We were working on a successor but with memory prices where they are right now, we can’t build a phone that feels like a genuine step forward at a price that makes sense for CMF. As a result, we’ve decided not to launch a new CMF phone this year.
Last week, Nothing CEO and co-founder Carl Pei also said the RAM shortage has impacted the cost of the company’s mid-range phone, stating, “For Phone 4A, memory costs doubled between when we decided to build the device and when it launched. They’ve doubled again since.” According to Pei, “memory is now the most expensive component in a smartphone.” Nothing is far from the only company facing RAM pricing challenges — earlier this week, Tim Cook announced Apple will be raising prices, saying “the situation has become unsustainable.”
While there won’t be a new CMF phone this year, Evangelidis added in his post that CMF still has “several new products launching as well as some entirely new categories.” He also hinted that “the smartphone launch season at Nothing isn’t over yet.”
China approves world’s first commercial brain chip
Apple unveils new child safety tools, enabling parents to manage kid accounts, media access, communication, apps, and browsing. Tech companies like Meta, Roblox, YouTube and TikTok enhance safety with age verification, content moderation and time limits. China approves the world’s first commercial brain chip, raising privacy concerns.
NEWYou can now listen to Fox News articles!
A coin-sized brain chip in China could help people with paralysis control devices using their thoughts. China has approved a brain-computer interface called NEO for commercial medical use in certain patients with paralysis caused by spinal cord injuries. That moves brain-chip technology out of research trials and closer to real-world medical care.
Developed by researchers at Tsinghua University and Shanghai-based Neuracle Technology, NEO sits under the skull but rests on the brain’s protective outer layer rather than piercing deep into brain tissue. That design could make it less invasive than some competing implants.
For patients who have lost movement, this kind of technology could be life-changing. It could help restore a level of independence that once felt out of reach. But here’s where we need to slow down a bit. If a brain chip can turn your brain signals into digital commands, we need to ask who controls that data and how well it is protected.
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
BRAIN IMPLANT ENABLES ALS PATIENT TO COMMUNICATE USING AI
China’s NEO brain implant could help some paralysis patients control devices, like prosthetic hands, with their thoughts while raising concerns over brain data privacy. (Tsinghua University)
What is China’s NEO brain chip?
NEO is a brain-computer interface, often called a BCI. These systems read brain activity and translate it into commands for an external device. In this case, the implant uses sensors placed near the brain’s motor-control area. Those signals can help a patient operate equipment such as a robotic glove or computer interface.
What makes NEO especially notable is its placement. Brain-computer interfaces can be designed in different ways, and some go deeper into the brain than others. The company most people know in this space is Neuralink, the brain-chip startup co-founded by Elon Musk. Its implant uses tiny threads that enter the brain’s cortex. NEO takes a less invasive approach by placing electrodes on the dura mater, which is the protective membrane around the brain.
That design matters because every brain implant carries medical risk. Surgery can cause bleeding, swelling, infection or tissue damage. Even a small complication in the wrong part of the brain can affect speech or movement.
China’s approval does not mean brain chips are suddenly available for anyone who wants one. This remains a medical device for a narrow group of patients. Right now, the focus centers on helping people with severe paralysis regain some digital or assisted movement control.
Why China’s brain chip breakthrough matters
The medical upside here is hard to deny. More than three billion people worldwide live with neurological conditions, according to the World Health Organization. That includes people dealing with stroke, epilepsy, Parkinson’s disease, spinal cord injuries and other serious conditions.
For someone who has spent years unable to move freely or communicate easily, even a small amount of restored control could feel enormous. That is why brain-computer interfaces are getting so much attention. They could give some patients a new way to interact with the world around them.
Neuralink has already shown what that can look like in real life. Audrey Crews, a Neuralink trial participant who has been paralyzed for years, publicly shared that she wrote her name using the implant by controlling her computer.
ELON MUSK SHARES PLAN TO MASS-PRODUCE BRAIN IMPLANTS FOR PARALYSIS, NEUROLOGICAL DISEASE
How China’s brain chip compares with Neuralink
Elon Musk’s Neuralink has attracted most of the public attention in the U.S. brain-chip race. Musk has talked openly about restoring movement, helping people communicate and one day addressing vision loss.
Neuralink received approval to begin human trials, and more than 20 people have reportedly received its implant through testing. However, it has not received broad FDA approval for general commercial use.
China’s NEO approval puts a different kind of pressure on the field. It shows that China wants to move brain-computer interface technology into its health system and build a major industry around it.
This also fits a larger pattern. China has made BCI development part of its strategic technology push. The country wants breakthroughs by 2027 and a globally competitive brain-computer interface industry by 2030.
The coin-sized NEO brain chip rests on the brain’s protective outer layer, making it less invasive than implants that pierce brain tissue. (Tsinghua University)
Why brain chip privacy is such a big concern
We already worry about phones listening, apps tracking location and smart TVs collecting viewing habits. Brain-computer interfaces take that concern to another level.
A BCI collects signals from the nervous system. Today, that may mean decoding movement intent, such as whether a patient wants to move a cursor left or right. But as the technology improves, the data could become more sensitive.
That raises some big questions. Who owns the brain data? Can it be sold, shared or used to train AI systems? Could an insurer, employer or government ever demand access? What happens if a company changes its privacy policy after the implant becomes part of someone’s daily life?
Those questions sound dramatic until you remember how many connected devices began as conveniences and turned into data pipelines.
A brain chip designed for medical help should not become another ad platform, another surveillance tool or another database waiting to be breached.
YOUR HEALTH DATA IS BEING SOLD WITHOUT YOUR CONSENT
Could hackers target brain-computer interfaces?
This is where the whole brain-chip conversation gets very serious. Any device that connects to a computer raises security questions. A brain-computer interface raises even bigger ones because it deals with signals from your body and, in some cases, the devices that help you move or communicate.
The concern here is someone getting access to neural data, device settings or the commands moving between the implant and outside equipment. Think about that for a second. If a brain chip helps someone control a robotic hand, a wheelchair or a communication device, a security failure could affect far more than privacy. It could affect that person’s independence and safety. That to me is scary.
Companies building these devices need to treat cybersecurity like part of the surgery, not some software update they figure out later. Encryption, strict access controls, medical-grade testing and clear update policies should be baked in from day one.
And because a brain implant may stay inside a person’s body for years, long-term support has to be part of the deal. No one should end up with an outdated implant in their head because a company moved on to the next big product launch.
What China’s brain chip means to you
For now, this technology is geared toward patients with serious medical needs. So, no, most of us are not lining up for a brain chip anytime soon. But this should still get your attention.
We already give up a lot of personal data through our phones, watches, cars and smart home devices. A brain implant takes that to a whole different level because the data comes from inside the body. That is about as personal as it gets.
Before this technology moves beyond hospitals and medical trials, patients need plain answers before they agree to anything. They should know who can access the data, how long it gets stored, whether it can be shared and whether it can help train AI systems.
The medical potential here is incredible. Helping someone regain control or communicate again could change a life. But the privacy protections need to be just as strong as the technology itself.
NEURALINK BRAIN IMPLANT HELPS ARIZONA MAN REGAIN CONTROL OF HIS LIFE
Brain-computer interfaces, like Neuralink, pictured here, could restore independence for some patients, but experts say neural data needs strong privacy and cybersecurity protections. (Neuralink)
Watch the CyberGuy Live replay: Lock Down Your Phone in 30 Minutes
Your phone holds your email, passwords, photos, banking apps and personal data. In this free CyberGuy Live replay, Kurt the CyberGuy walks you step by step through simple phone security fixes you can do at your own pace. You’ll learn how to improve your privacy settings, spot the latest phone scams, use trusted security tools and walk away with a simple checklist to stay protected. Watch the replay and get our checklist here: CyberGuyLive.com
Kurt’s key takeaways
China’s NEO brain chip could be a huge step forward for people living with paralysis. If this technology helps someone regain control or communicate again, that is powerful. But I also think we need to be very careful here. Once a device connects your brain signals to outside technology, the privacy stakes change fast. We are talking about data tied to your nervous system. That to me is the line we need to watch closely. Brain chips could do incredible good. But companies and governments need clear limits before this technology moves any further into everyday life. The promise is real. So are the risks. And when the data comes from inside your own head, “trust us” will never be enough.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Would you ever consider a brain implant if it could restore movement or communication, or does the privacy risk feel too personal to accept? Let us know by writing to us at CyberGuy.com.
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
Relativity Space, the rocket company led by former Google executive Eric Schmidt, was picked to launch NASA’s Aeolus payload to Mars in 2028, as reported earlier by TechCrunch. Under a new public-private partnership, Relativity Space will provide the “spacecraft, rocket, and cruise operations” to fly Aeolus to Mars, where the payload will “provide the first integrated, daily, global view of Martian winds, temperatures, dust, and clouds.”
The Aeolus payload will have four instruments on board for studying the Martian atmosphere, which NASA says will “directly inform entry, descent, and landing systems and support safer, more predictable mission planning for astronauts.”
Schmidt, who served as CEO of Google from 2001 to 2011, became Relativity Space’s CEO in 2025, a couple of years after it launched the “world’s first 3D-printed rocket,” Terran 1, which failed shortly after launch. Relativity Space’s larger Terran R rocket isn’t scheduled to have its first launch until later this year.
-
Atlanta, GA5 minutes agoAtlanta Ballet Returns to the Fox Theatre to Present Cinderella for One Weekend Only This Fall
-
Minneapolis, MN8 minutes agoMERAUDER, JUDGE, ARKANGEL and many more announced for Minneapolis’ Snow and Flurry 2026
-
Indianapolis, IN13 minutes agoThird Public Safety Camera Added on Washington Street in Downtown Indy
-
Pittsburg, PA20 minutes agoAnalysis: Most Pittsburgh‑area communities are losing residents — here’s why that might be OK
-
Washington, D.C23 minutes agoTrump’s DC makeover frenzy bewilders locals and visitors: ‘It’s like we’re under occupation’
-
Augusta, GA23 minutes agoAugusta Regional Airport hosts drone camp for students
-
Cleveland, OH35 minutes agoCleveland police arrest suspect in involuntary manslaughter investigation, find fentanyl and PCP
-
Austin, TX38 minutes agoAustin community celebrates ‘Black Artists Matter’ mural before removal
