Security

Security Follow Follow Cybersecurity is the rickety scaffolding supporting everything you do online. For every new feature or app, there are a thousand different ways it can break – and a hundred of those can be exploited by criminals for data breaches, identity theft, or outright cyber heists. Staying ahead of those exploits is a full-time job, and one of the most lucrative and sought-after skills in the tech industry. All too often, it’s something up-and-coming companies decide to skip out on, only to pay the price later on. J External Link Jay Peters Feb 16 Link ChatGPT is getting a Lockdown Mode. Lockdown Mode is “not necessary” for most people and “tightly constrains how ChatGPT can interact with external systems to reduce the risk of prompt injection–based data exfiltration,” according to OpenAI . Introducing Lockdown Mode and Elevated Risk labels in ChatGPT [ OpenAI ] J Instagram Jay Peters Feb 11 Link Wyze is sticking it to Ring. Yes, Wyze has had its own issues , but this video is pretty funny . Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links Emma Roth Feb 11 Microsoft is keeping Secure Boot alive with Windows updates Jess Weatherbed Feb 10 T Twitter Terrence O'Brien Feb 7 Link OpenClaw is scanning AI skills after hundreds of malicious add-ons were found on ClawHub. Researchers raised alarms when over 400 malicious skills were uploaded to ClawHub and GitHub in just one week. That prompted an outcry , so OpenClaw partnered with VirusTotal to scan third-party skills. The company acknowledges it’s not a “silver bullet,” but it should provide at least some reassurance to concerned users. Substack data breach exposed users’ emails and phone numbers Jess Weatherbed Feb 5 OpenClaw’s AI ‘skill’ extensions are a security nightmare Emma Roth Feb 4 Google Cloud’s customer chief returns to Microsoft as head of security Tom Warren Feb 4 Notepad++ updates got hijacked for months and could have spied for China Stevie Bonifield Feb 2 E External Link Emma Roth Feb 2 Link Is Moltbook really a “social network” for AI agents? 404 Media reports that security researcher Jamieson O’Reilly found a vulnerability that allows humans to control OpenClaw’s AI agents on Moltbook — the network that recently went viral for hosting “discussions” between supposed AI bots. Wiz dug into the misconfiguration as well , uncovering 1.5 million exposed API keys and 35,000 email addresses. Moltbook has since secured the database. Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site [ 404 Media ] OpenClaw: all the news about the trending AI agent Emma Roth Feb 15 WhatsApp’s new ‘lockdown’ settings add another layer of protection against cyberattacks Emma Roth Jan 27 Gmail’s spam filter and automatic sorting are broken Terrence O'Brien Jan 24 Ring can verify videos now, but that might not help you with most AI fakes Jay Peters Jan 23 1Password is introducing a new phishing prevention feature Andrew Liszewski Jan 22 Sony, Anker, and other headphones have a serious Google Fast Pair security vulnerability Andrew Liszewski Jan 16 E External Link Elissa Welle Jan 14 Link 500 dashcams in Minneapolis. Two days after Nick Benson asked for donated dashcams in order to document the behavior of federal immigration agents flooding his city, Renee Nicole Good was shot and killed by federal agent Jonathan Ross . ”It was immediately clear that ICE was lying about it,” Benson told 404 Media . Donations have jumped since then, and Benson distributes the cameras to local community organizers and whoever wants them. How One Guy Crowdsourced More Than 500 Dashcams for Minneapolis to Film ICE [ 404 Media ] J External Link Jay Peters Jan 12 Link Betterment shares more detail about last week’s crypto scam message. The company says an “unauthorized individual gained access to certain Betterment systems through social engineering” to send the message on Friday . Betterment believes the individual accessed information like “certain names, email addresses, physical addresses, phone numbers, and birthdates,” though so far, its investigation has shown that no passwords were compromised. Important security update from Betterment [ Betterment ] Instagram says it fixed the issue that let someone send all those password reset emails Terrence O'Brien Jan 11 T TikTok Terrence O'Brien Jan 10 Link Don’t click anything in that Instagram password reset email, no matter how official it looks. Seems a lot of people got password reset requests from Instagram over the last few days, including several Verge staffers and members of their family. The email might look legit. It might even have that little blue checkmark in Gmail. But, it probably came from a scammer . Honestly, it’s best practice to never click links in emails anyway. Betterment’s financial app sends customers a $10,000 crypto scam message Jay Peters Jan 10 Reolink made a local AI hub for its security cameras Jess Weatherbed Jan 6 Ring’s Mobile Security Trailer provides 360-degree coverage anywhere Barbara Krasnoff Jan 6 Ugreen is expanding into AI-powered smart home surveillance Cameron Faulkner Jan 6 Anker adds features and style to its smart home security Barbara Krasnoff Jan 5 You can unlock SwitchBot’s first deadbolt smart lock with your face Jess Weatherbed Jan 4 Two cybersecurity employees plead guilty to carrying out ransomware attacks Emma Roth Dec 30, 2025 E External Link Emma Roth Dec 30, 2025 Link Aflac says a data breach impacted 22.65 million of its customers. In June, Aflac disclosed a data breach involving a “sophisticated cybercrime group” that stole names, social security numbers, contact information, health data, and more from its systems. The insurance provider has now revealed just how many people are affected, adding that it is currently “not aware of any fraudulent use of personal information.” 22 Million Affected by Aflac Data Breach [ SecurityWeek ] Ubisoft shuts down ‘Rainbow Six Siege’ servers following hack Terrence O'Brien Dec 28, 2025 E External Link Emma Roth Dec 26, 2025 Link Hack drains $7 million in crypto from Binance’s Trust Wallet. On Thursday, Trust Wallet announced a “security incident” affecting version 2.68 of its Chrome extension. Binance founder Changpeng Zhao confirmed that Trust Wallet “will cover” the losses and that the team is investigating the hack. Users of Binance-owned Trust Wallet lose $7 million to hacked Chrome extension [ CoinDesk ] Dozens of Flock AI camera feeds were just out there Emma Roth Dec 23, 2025 Google’s turning off its dark web monitoring service that scoured data breaches for your info Stevie Bonifield Dec 15, 2025 Pentagon’s Signalgate report finds Pete Hegseth violated military policies Richard Lawler Dec 4, 2025 J Jess Weatherbed Dec 3, 2025 Link Android expands in-call scam protections to the US. The feature was first piloted in the UK earlier this year, and works by automatically warning users when they launch eligible financial apps while screen sharing during calls with numbers that aren’t in the device’s contact list. The warning forces a 30-second pause period that aims to “break the spell of the scammers’ social engineering,” according to Google. The warning message will also provide guidance on how to avoid being scammed and prompt users to end the call. Image: Google E Elissa Welle Dec 1, 2025 Link AI annotators overseas may be reviewing Flock license plate camera footage from the US. An exposed dataset from the license plate surveillance company Flock, which is known to work with the US Border Patrol and ICE via local police , showed that some of the AI annotators paid to classify American license plates are located in the Philippines. After 404 Media contacted Flock for comment, the dataset disappeared. Screenshot of the exposed material from the surveillance company Flock, as spotted by 404 Media. Image: 404 Media The VPN panic is only getting started Dominic Preston Nov 27, 2025 E Elissa Welle Nov 24, 2025 Link Amazon is investing billions in data centers for the feds. The infrastructure buildout will add nearly 1.3 gigawatts of capacity for AI and cost up to $50 billion, the company said . US government customers will have access to both AWS Trainium AI chips and NVIDIA chips, and Amazon said it plans to start building the data centers in 2026. E External Link Elissa Welle Nov 24, 2025 Link The FBI is investigating a Wall Street data breach. On November 12, hackers stole account records and legal agreements from a company you’ve probably never heard of: SitusAMC. It handles commercial real estate and residential loans for the likes of JPMorgan Chase and Citi, who were among Situs’ Wall Street clients notified about the breach, the New York Times reported . A Swath of Bank Customer Data Was Hacked. The F.B.I. Is Investigating. [ The New York Times ] Signal’s secure message backups arrive on iOS Emma Roth Nov 24, 2025 Press a button and this SSD will self-destruct with all your data Andrew Liszewski Nov 21, 2025 Most Popular Most Popular Apple’s doing something on March 4th Why are Epstein’s emails full of equals signs? OpenClaw founder Peter Steinberger is joining OpenAI The Pocket Taco is the best way to turn your phone into a Game Boy Anker’s USB-C cable that lets you charge two gadgets at once is 20 percent off Advertiser Content From This is the title for the native ad