For today's Cyber Mornings Daily, we're tracking major headlines in digital privacy and online security. French regulators have fined Google $379 million and Chinese e-commerce giant Shein $175 million for violating cookie consent laws, specifically for setting advertising cookies on users' browsers without securing their consent and encouraging choices that favored personalized advertisements. Google also faces a $425 million judgment in the U.S., as a jury found the company violated users' privacy by collecting their data even after they opted out of Web & App Activity tracking. Child data privacy is a significant focus as well, with Disney agreeing to a $10 million settlement with the U.S. Federal Trade Commission (FTC) over allegations that it collected personal data from children watching YouTube videos without parental notification or consent, violating the U.S. Children's Online Privacy Protection Rule (COPPA). The FTC is also taking action against Apitor Technology, a China-based robot toy maker, for allegedly permitting a third-party to collect children's geolocation data without their knowledge and parental consent via its Android app. In a new and evolving threat, actors are exploiting X's built-in AI assistant, Grok, to bypass link posting restrictions. This technique, dubbed "Grokking," involves hiding malicious links in video ad metadata and then prompting Grok to reply with the clickable link, thereby boosting its credibility and reach to millions of impressions. Lastly, in a major law enforcement success, the Alliance for Creativity and Entertainment (ACE) and Egyptian authorities have successfully disrupted Streameast, which was identified as the world's largest illegal live sports streaming network, leading to the arrest of two individuals allegedly associated with the operation and the redirection of many of its domains.