Thousands of men are members of Telegram groups and channels that advertise and sell hacking and surveillance services that can be used to harass friends, wives and girlfriends, and former partners, new research has uncovered. The findings, from a European nonprofit group, also say that the communities are involved in extensive trading, selling, and promotion of a huge variety of abusive content, including nonconsensual intimate images of women, so-called nudifying services, plus folders of images that sellers claim include child sexual abuse material and depictions of incest and rape.

Over six weeks earlier this year, researchers at the algorithmic auditing group AI Forensics analyzed nearly 2.8 million messages sent across 16 Italian and Spanish Telegram communities that are regularly posting abusive content targeting women and girls. More than 24,000 members of the Telegram groups and channels took part in posting 82,723 images, videos, and audio files over the course of the study, the analysis says. Many posts target celebrities and influencers, but men in the groups also frequently victimize women they know.

“We tend to forget that most victims are ordinary women who sometimes don’t even know that their pictures are shared or manipulated in these types of channels,” says Silvia Semenzin, a researcher at AI Forensics who previously exposed Italian Telegram channels engaging in similar behavior as far back as 2019. “The majority of this violence is directed towards people who the perpetrators know,” she says, suggesting that Telegram, which has over 1 billion monthly active users, according to company founder Pavel Durov, should be subject to stricter regulation and classed as a “very large online platform” under Europe’s online safety rules.

The findings come as Durov is fighting back against Russia’s efforts to block the messaging app in that country, which has long positioned itself as a messaging app that allows free speech but has simultaneously been used by some to share terrorist, sexual abuse, and cybercrime materials. Durov is under criminal investigation in France relating to alleged criminal activity taking place on Telegram, although he has consistently denied the allegations.

A Telegram spokesperson tells WIRED that the company removes “millions” of pieces of content per day using “custom AI tools” and has policies in Europe that do not allow the promotion of violence, illegal sexual content including nonconsensual imagery, and other content such as doxing and selling illegal goods and services.

Among the extensive types of abusive content and services observed by the AI Forensics researchers were frequent references to the access, publishing, and doxing of women’s private information, sharing their Instagram or TikTok content, as well as references to spying or hacking. “Victims are often named, tagged, and locatable via shared profile links,” the group’s report says.

One translated post on Telegram titled “Professional hacking on commission” claimed to be able to give customers “access to phone gallery and extraction of photos and videos,” as well as “anonymous social media hacking.” Another message says: “I hack and recover any type of social media service. I can spy on your partner’s account. Send me a private message.”

Across the dataset there were more than 18,000 references to spying or spy content. One post reads: “Hi, do you have the desire to spy on a girl’s gallery? We sell a bot that does it for info DM.” Meanwhile, users were observed asking if people could find phone numbers connected to Instagram accounts and other requests, “who exchanges spy photos and videos?”

The iPhone is the least fixable phone on the market, according to repairability experts. Phones from Samsung and Google are not far behind.

The latest repairability ratings are from an annual report called “Failing the Fix” put out today by the consumer advocacy group US PIRG. A 2021 French law required products to be labeled with repairability scores, and US PIRG says this is the first report since then that really shows which companies are—or are not—making progress. The answer is that repairability is progressing much more quickly in some places than others.

The results were good for phones made by Motorola, which got a B+. Google’s phones got a C–. The verdict was worse for Samsung phones, which got a D. Last on the list was Apple with a D–. Apple and Samsung did not immediately respond to requests for comment.

Scores were better for laptops than smartphones, with Asus at the top with a B+ and Apple on the bottom with its MacBooks at a C–.

The authors of the report are hoping that publishing these low scores will encourage manufacturers to do better.

“Putting these right incentives in place could push these companies to make innovations that are actually beneficial,” says Nathan Proctor, senior director of the US PIRG campaign for the right to repair. “Instead of coming up with new ways to jam AI down our throats, you can make stuff that lasts and that we can fix.”

Despite many right-to-repair concessions companies have made—like making their tools, parts, and repair instructions publicly available—those rankings are lower than in years past, largely because of the new information that has been gleaned from European laws requiring repair scores to be printed on product packaging.

The French law grades products based on how easily they can be disassembled, whether documentation and tools are provided, and the availability and price of spare parts. In 2023, the European Union passed a law establishing the European Product Registry for Energy Labelling, a process that grades devices on key repairability factors like whether products have easy access and disassembly, battery endurance, ingress protection like waterproofing, and the durability to handle repeated falls. The rankings go from A to F.

To arrive at its own ratings, US PIRG collates the EPREL and France’s repair indexes with other US-specific factors, like whether companies are actively lobbying against the right to repair or are members of trade associations that do so.

“If you’re buying your equipment from a company that’s spending their money to lobby against your right to repair that thing, that doesn’t speak well for their support, for your ability to fix that,” Proctor says. “So we also dock points for some of those legislative activities.”

Apple’s phones are getting better scores than in years past, like when iPhones were assigned an F rating in 2022. (iPhones got a C– in 2025.) The low rating for Apple’s phones comes down to software support, and how the EU laws track the information about what companies enable in their products. Based on the EU laws, companies have to self-report how their devices meet repair requirements. And those rankings tend to score pretty low.

“When we’ve been grading on a curve, Apple has not been a standout in the bad column,” Proctor says. “But why are we grading on a curve? We should just have longer-lasting products.”

The ultimate goal of these rankings, Proctor says, is to bring attention to the importance of repairability, accessibility, and waste reduction.

“This is an emerging, vitally important issue that we need better leadership on from companies and from other public policy officials,” Proctor says. “We should not be trashing all of our internet-connected stuff every couple of years because it’s impossible to use it with the software. It’s totally unsustainable. It’s crazy. Let’s not build that world. That world is a dystopia.”

“I’m actually pretty confident that some of that stuff’s going to get addressed,” Proctor adds. “Apple engineers are good at making stuff. They’re good at solving problems.”

Following leaked revelations at the end of March that Anthropic had developed a powerful new Claude model, the company formally announced Mythos Preview on Tuesday along with news of an industry consortium it has convened, known as Project Glasswing, to grapple with the cybersecurity implications of the new model and advancing capabilities more generally across the AI field.

The group includes Microsoft, Apple, and Google as well as Amazon Web Services, the Linux Foundation, Cisco, Nvidia, Broadcom, and more than 40 other tech, cybersecurity, critical infrastructure, and financial organizations that will have private access to the model, which is not yet being generally released. The idea, in part, is simply to give the developers of the world’s foundational tech platforms time to turn Mythos Preview on their own systems so they can mitigate vulnerabilities and exploit chains that the model develops in simulated attacks. More broadly, Anthropic emphasizes that the purpose of convening the effort is to kickstart urgent exploration of how AI capabilities across the industry are on the precipice, the company says, of upending current software security and digital defense practices around the world.

“The real message is that this is not about the model or Anthropic,” Logan Graham, the company’s frontier red team lead, tells WIRED. “We need to prepare now for a world where these capabilities are broadly available in 6, 12, 24 months. Many things would be different about security. Many of the assumptions that we’ve built the modern security paradigms on might break.”

Models developed and trained by multiple companies have increasingly been able to find vulnerabilities in code and propose mitigations—or strategies for exploitation. This creates a next generation of security’s classic cat-and-mouse game in which a tool can aid defenders but can also fuel bad actors and make it easier to carry out attacks that were once too expensive or complex to be practical.

“Claude Mythos preview is a particularly big jump,” Anthropic CEO Dario Amodei said on Tuesday in a Project Glasswing launch video. “We haven’t trained it specifically to be good at cyber. We trained it to be good at code, but as a side effect of being good at code, it’s also good at cyber.” He adds in the video that “more powerful models are going to come from us and from others. And so we do need a plan to respond to this.”

Anthropic’s Graham notes that in addition to vulnerability discovery—including producing potential attack chains and proofs of concept—Mythos Preview is capable of more advanced exploit development, penetration testing, endpoint security assessment, hunting for system misconfigurations, and evaluating software binaries without access to its source code.

In carrying out a staggered release of Mythos Preview, beginning with an industry collaboration phase, Graham says that Anthropic sought to draw on tenets of coordinated vulnerability disclosure, the process of giving developers time to patch a bug before it is publicly discussed.

“We’ve seen Mythos Preview accomplish things that a senior security researcher would be able to accomplish,” Graham says. “This has very big implications then for how capabilities like this should be released. Done not carefully, this could be a meaningfully accelerant for attackers.”

Project Glasswing partners, including some of Anthropic’s competitors, struck a collaborative tone in statements as part of the launch.

“Google is pleased to see this cross-industry cybersecurity initiative coming together,” Heather Adkins, Google’s vice president of security engineering, says in a statement. “We have long believed that AI poses new challenges and opens new opportunities in cyber defense.”