Security

The company has introduced Proton Authenticator, an open-source two-factor authentication app that can sync 2FA codes across devices using end-to-end encryption. Though Proton’s password manager already comes with a built-in 2FA feature, Proton says using its standalone Authenticator offers an “extra layer of security” by generating codes in a separate app.

Until now it’s stayed quiet on whether it received the same order to open a backdoor to user data as Apple, but a spokesperson confirmed to TechCrunch that it never did. If it had, Google wouldn’t be allowed to say so.

The vulnerability (CVE-2025-31199), which Apple patched in a March 31st update, could give bad actors access to files inside a device’s Downloads folder and data cached by Apple Intelligence. That includes geolocation data, media metadata, and facial recognition info, according to a report from Microsoft Threat Intelligence.

I appeared on On the Media to discuss our story about the Anime Nazi who allegedly hacks universities. I explain why the identity of the alleged hacker is important, why the Times’ obfuscation of its sources is troubling, and what’s at stake in the Republican war on higher education: upward mobility.

Senate Commerce Committee Ranking Member Maria Cantwell (D-WA) is hunting for answers about the state of US telecom network security after the Salt Typhoon hack first reported late last year. The attack was so massive that US officials encouraged Americans to use encrypted apps to prevent their conversations from being seen by hackers. Cantwell is asking digital forensics firm Mandiant to hand over assessments behind AT&T and Verizon’s claims that their networks are now secure.

The full report, which you can find here, shows that Google’s Threat Analysis Group (TAG) terminated almost 11,000 channels between April and June of 2025 as part of an investigation into “coordinated influence operation campaigns.”

More than $2.17 billion has been stolen from crypto services this year, more than the entirety of 2024, according to a report from blockchain analytics firm Chainalysis. Then again, most of that came from a single hack — a $1.46 billion heist of Bybit linked to North Korean hackers, the largest crypto theft in history — and without that, the numbers would look a little rosier.

A Department of Homeland Security memo, obtained by Property of the People through a freedom of information request, reveals the group — suspected to have links to China — “extensively compromised a U.S. state’s Army National Guard network” for nine months last year.

Cameron John Wagenius, aka kiberphant0m, had already pleaded guilty on two charges for hacking T-Mobile and Verizon, and could face 20 years in prison after pleading guilty Tuesday to additional conspiracy, extortion, and identity theft charges.

Security researchers Ian Carroll and Sam Curry broke into the backend of McDonald’s hiring system by entering the username and password “123456,” as reported by Wired. They were then able to view the data of the more than 64 million applicants who interacted with McDonald’s AI hiring bot, Olivia.

The company built Zero-Knowledge Proof (ZKP) into Google Wallet earlier this year, a technology that allows users to verify their age across different apps and platforms without linking it to their identity.

That’s according to FBI Cyber division head Brett Leatherman, who told Cyberscoop that the China-linked hackers are “largely contained” and “dormant” in telecom networks.

The airline says the Monday attack stole personal data of six million customers via a third-party service platform:

The idea is to make using passkeys a little more seamless. But this isn’t available to everyone just yet: Microsoft is initially rolling it out to Windows Insiders in the Dev Channel and you need to install the 1Password beta.

The original source of the report, Cybernews, says that since the start of the year, its researchers have “discovered 30 exposed datasets containing from tens of millions to over 3.5 billion records each. In total, the researchers uncovered an unimaginable 16 billion records.”