The global digital rights conference RightsCon 2026 has been cancelled just days before its scheduled start in Lusaka, after Zambia’s government intervened, citing concerns over the event’s themes and participation. The decision has left thousands of attendees stranded or forced to change plans, marking a major disruption for one of the world’s largest gatherings focused on digital rights. The conference, hosted by Access Now, was set to begin on May 5 and expected to bring together more than 2,600 in-person participants and 1,100 online attendees from over 150 countries. However, organisers confirmed that RightsCon 2026 will not proceed either in Zambia or virtually.

Sudden Cancellation of RightsCon 2026

The first indication of trouble emerged when Zambia’s Minister of Technology and Science raised concerns about incomplete security clearances and the nature of the conference’s discussions. Soon after, state-owned media announced that the government had “postponed” the event. Organisers say the move came without formal consultation. In a detailed statement, Access Now described the situation as unprecedented and deeply disruptive. “To our community, We are devastated to be writing to you instead of gathering together as planned and we know we’re not alone. The frustration and disappointment stemming from the loss of RightsCon 2026 is felt deeply by all of us, especially our partners in the region who worked tirelessly alongside our team.” The organisation added that the scale of the event made postponement impractical, noting that planning had been underway for more than a year with over 500 sessions scheduled.

Allegations of Foreign Interference

A key issue highlighted by organisers was alleged external pressure linked to participation from Taiwanese civil society groups. According to Access Now, concerns were raised after communication from Zambian officials regarding diplomatic pressure. “We believe foreign interference is the reason RightsCon 2026 won’t proceed in Zambia or online.” The organisers said they were informally told that for the conference to go ahead, certain topics would need to be moderated and some communities excluded, including Taiwanese participants. This, they said, crossed a fundamental line. “This was our red line. Not because we were unwilling to engage, but because the conditions set before us were unacceptable and counter to what RightsCon is and what Access Now stands for.”

Breakdown in Communication

Access Now detailed a breakdown in communication with Zambian authorities in the final days leading up to the event. Despite prior agreements, including a signed memorandum of understanding and coordination on visa processes, organisers said they received no clear explanation before the cancellation was publicly announced. At 9:33 pm local time on April 28, the postponement was reported in the media before organisers received official confirmation. A formal letter followed later, stating that the decision was “necessitated by the need for comprehensive disclosure of critical information relating to key thematic issues proposed for discussion.” Organisers said the explanation lacked clarity and did not specify actionable concerns.

Impact on Global Digital Rights Community

The cancellation of RightsCon 2026 has had immediate consequences for the global digital rights community. Thousands of participants were already travelling to Lusaka when the announcement was made. “It is with heavy hearts that we share: RightsCon will not proceed in Zambia or online.” “We do not recommend registered participants travel to Lusaka for RightsCon.” The event has long been considered a key platform for discussions on internet governance, privacy, cybersecurity, and freedom of expression. Its cancellation raises broader concerns about shrinking civic space and restrictions on global dialogue. Access Now described the situation as part of a wider challenge facing civil society. “We see this unilateral decision, and the way it was taken, as evidence of the far reach of transnational repression targeting civil society, and effectively shrinking the spaces in which we operate.”

What Comes Next After RightsCon 2026 Cancellation

Despite the setback, organisers reaffirmed their commitment to the event’s mission and the broader digital rights movement. “RightsCon may not happen in Zambia, but we will come together again; how and where we do so will be informed by you, our community.” Access Now also acknowledged the support received from partners, governments, and participants in the aftermath of the cancellation. The abrupt halt of RightsCon 2026 highlights the challenges facing international forums that address sensitive issues such as digital freedoms.

Tom Eston interviews offensive AI researcher and PhD candidate Andrew Wilson, a former Bishop Fox partner who helped grow the firm from under 20 people to nearly 500, built award-winning AI solutions for SOC modernization, founded Cactus Con, and relocated his family to Guadalajara to open and scale a Bishop Fox office. They discuss Mexico’s […]

The post The Real State of Offensive Security: AI, Penetration Testing & The Road Ahead with Andrew Wilson appeared first on Shared Security Podcast.

The post The Real State of Offensive Security: AI, Penetration Testing & The Road Ahead with Andrew Wilson appeared first on Security Boulevard.

💾

Last summer, a conversation took place between a group of security professionals from EclecticIQ and Booz Allen Hamilton. The topic was straightforward: The Hague is home to NATO, Europol, the Dutch NCSC, and The Hague Security Delta - the largest security cluster in Europe. It is also home to major global enterprises, financial institutions, and critical national infrastructure that represent some of the most significant concentrations of cyber risk on the continent. By any measure, The Hague is one of the most important security hubs in the world.  

And yet it had no grassroots community event to reflect that status. No accessible, practitioner-led space where the community could come together, share real knowledge, and connect outside of a commercial setting... and notably, no BSides event. 

The question was simple. Why had nobody done this? What followed was equally simple.  

We decided we would. 

Researchers have discovered a new attack targeting Mac users. It lures them to a fake job website, then tricks them into downloading malware via a bogus software update.

The attackers pose as recruiters and contact people via LinkedIn, encouraging them to apply for a role. As part of the application process, victims are required to record a video introduction and upload it to a special website.

On that website, visitors are tricked into installing a so-called update for FFmpeg media file-processing software which is, in reality, a backdoor. This method, known as the Contagious Interview campaign, points to the Democratic People’s Republic of Korea (DPRK).

Contagious Interview is an illicit job-platform campaign that targets job seekers with social engineering tactics. The actors impersonate well-known brands and actively recruit software developers, artificial intelligence researchers, cryptocurrency professionals, and candidates for both technical and non-technical roles.

The malicious website first asks the victim to complete a “job assessment.” When the applicant tries to record a video, the site claims that access to the camera or microphone is blocked. To “fix” it, the site prompts the user to download an “update” for FFmpeg.

Much like in ClickFix attacks, victims are given a curl command to run in their Terminal. That command downloads a script which ultimately installs a backdoor onto their system. A “decoy” application then appears with a window styled to look like Chrome, telling the user Chrome needs camera access. Next, a window prompts for the user’s password, which, once entered, is sent to the attackers via Dropbox.

The end-goal of the attackers is Flexible Ferret, a multi-stage macOS malware chain active since early 2025. Here’s what it does and why it’s dangerous for affected Macs and users:

After stealing the password, the malware immediately establishes persistence by creating a LaunchAgent. This ensures it reloads every time the user logs in, giving attackers long-term, covert access to the infected Mac.

FlexibleFerret’s core payload is a Go-based backdoor. It enables attackers to:

• Collect detailed information about the victim’s device and environment
• Upload and download files
• Execute shell commands (providing full system control)
• Extract Chrome browser profile data
• Automate additional credential and data theft

Basically, this means the infected Mac becomes part of a remote-controlled botnet with direct access for cybercriminals.

How to stay safe

While this campaign targets Mac users, that doesn’t mean Windows users are safe. The same lure is used, but the attacker is known to use the information stealer InvisibleFerret against Windows users.

The best way to stay safe is to be able to recognize attacks like these, but there are some other things you can do.

• Always keep your operating system, software, and security tools updated regularly with the latest patches to close vulnerabilities.
• Do not follow instructions to execute code on your machine that you don’t fully understand. Never run code or commands copied from websites, emails, or messages unless you trust the source and understand the action’s purpose. Verify instructions independently. If a website tells you to execute a command or perform a technical action, check through official documentation or contact support before proceeding.
• Use a real-time anti-malware solution with a web protection component.
• Be extremely cautious with unsolicited communications, especially those inviting you to meetings or requesting software installs or updates; verify the sender and context independently.
• Avoid clicking on links or downloading attachments from unknown or unexpected sources. Verify their authenticity first.
• Compare the URL in the browser’s address bar to what you’re expecting.

---

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.