Data Safety & Cyber Security

The article explains how a malicious browser extension is being used to deliberately crash users’ browsers as a social engineering tactic to get them to infect themselves with malware. When the browser fails or freezes, victims are shown instructions telling them to take manual steps that actually bypass built-in security protections and install harmful software. The fake extension often ....

Newly unsealed court documents say Meta knew as far back as 2018 that adults were able to find and message minors on Instagram, including sending explicit images, yet Instagram only rolled out automatic blurring of sexually explicit images in teen direct messages in September 2024. The details come from a deposition involving Instagram head Adam Mosseri and an internal ....

The article explains that Google Cloud API keys that developers used to treat as safe to publish, like keys embedded in public JavaScript for Maps or other services, can now often act like real credentials for the Gemini API. Researchers found roughly 2,800 exposed keys in public code that could authenticate to Gemini, creating a risk that attackers could ....

Samsung agreed to change how its smart TVs collect and sell viewing data in Texas after a settlement with the Texas Attorney General over Automated Content Recognition, a feature that identifies what you watch by sampling audio or video and matching it to a database. Under the deal, Samsung must stop collecting ACR data from Texans without clear, informed ....

OpenClaw is an open source AI agent that runs on your own computer and can act like a hands on assistant, connecting to chat apps and other tools to browse the web, run commands, and read or edit files. It has drawn attention not just for hype, but for security headaches, including confusing rebrands that attracted impersonation campaigns and ....

Los Angeles County has sued Roblox, saying the platform misleads parents about safety while exposing children to predators, grooming, and sexually explicit content, and it is the first California government body to take the company to court over child safety. The complaint argues Roblox chose growth and profit over protections, noting that until November 2024 adults could message and ....

An independent developer created an Android app called Nearby Glasses that scans Bluetooth Low Energy signals to warn you when smart glasses are probably nearby, focusing on devices tied to Meta, Luxottica’s Meta Ray Bans, and Snap. He built it after reading reports of people using smart glasses to secretly film others, and he frames it as a small ....

Meta has been granted a US patent for an AI system that could learn from a person’s posts, messages, voice notes, likes, and other activity, then act as a stand in that can reply in feeds and DMs, and even simulate audio or video calls. The patent explicitly says it could be used when someone is away for a ....

The article argues that password managers are still a smart way to handle passwords, but “zero knowledge” cloud based managers can be weaker than their marketing implies if the provider’s server is malicious or fully compromised. Researchers tested several services and showed how features like shared vaults, group and admin key handling, and account recovery policies can be abused ....

Criminals are now using AI website builders to quickly clone the look and feel of major brands, turning a cheap, similar-looking domain into a convincing trap for payments, logins, or malware downloads. The article highlights a fake Malwarebytes site that appeared to be generated with Vercel’s v0 tool, showing how attackers can copy a real site’s layout in minutes ....

TikTok’s US app forced users to accept new terms in a January 22, 2026 pop-up, and many panicked after seeing “citizenship or immigration status” listed as sensitive information TikTok might process. The article says that wording is not new, it first appeared around August 2024, and it does not mean TikTok is asking people to enter their immigration status. ....

Mozilla is adding a simple “AI off switch” to Firefox so people can disable generative AI features with one click instead of hunting through scattered settings. In Firefox 148, rolling out February 24, a new AI Controls section includes a master “Block AI enhancements” toggle that blocks current and future AI features and hides any pop-ups or prompts promoting ....

Edward Coristine, a former DOGE staffer known online as “Big Balls,” appeared on influencer Nick Shirley’s podcast and was described as helping Shirley use government Medicaid data to target alleged fraud in California. It frames their collaboration as part of a broader Trump-aligned push to crowdsource investigations into “waste, fraud, and abuse,” while noting that Shirley’s earlier videos have ....

The article warns that a flaw in Microsoft Authenticator on iOS and Android could let a malicious app on the same device intercept one-time login codes or sign-in links, which could then be used to access the victim’s accounts. It says the attack is not automatic, because the user would first have to install a harmful app and then ....

Malwarebytes uncovered a large scam campaign called FriendlyDealer that uses more than 1,500 fake websites made to look like the Google Play Store or Apple App Store, tricking people into thinking they are installing real gambling apps. Instead of downloading a normal app, users install a web app that looks legitimate, can send notifications, tracks activity, and then pushes ....

Apple is making a rare exception to its usual update policy by sending security fixes to iPhones still running iOS 18, instead of forcing users to move to iOS 26 to stay protected. The change comes after DarkSword, a hacking tool that can silently compromise some iPhones through infected websites, began spreading more widely and becoming easier for different ....