MacDefender

„Dieses System soll Daten aus Hunderten NHS-Einrichtungen zentral zusammenführen. Interne Dokumente zeigen nun, dass externe Palantir-Mitarbeiter „unbegrenzten Zugriff“ auf personenbezogene, identifizierbare Patientendaten erhalten – nicht nur auf anonymisierte Statistiken.“ tkp.at/2026/05/20/pal…

‼️🚨 BREAKING: GitHub has been compromised by TeamPCP. GitHub has confirmed the internal breach. A poisoned VS Code extension on an employee device exfiltrated ~3,800 internal repositories. TeamPCP is already selling the data on a cybercrime forum.

A free game on Steam called Beyond The Dark contained hidden malicious software. The game originally started as a simple title named Rodent Race. Someone hijacked the developer’s account and quickly changed the name, images, and other details. This tricked Steam, which does not verify updates. The malware was hidden in a file called UnityPlayer.dll. The game often crashes when run, but the malware keeps operating in the background. It searches for crypto wallet extensions in Chrome, such as MetaMask, connects to a malicious server, and downloads tools to steal passwords, browser data, and cryptocurrency. Some reports say it may also steal Roblox information. YouTuber Eric Parker discovered the malware and made a video about it. Steam then removed the game completely. If you downloaded or played it: >Delete the game immediately. >Run a full virus scan with updated antivirus software. >Change all important passwords, especially for email, browsers, and crypto accounts. >Check your crypto wallets for missing funds and transfer any remaining balance to a new secure wallet on another device. This is a common tactic on Steam now

This is called the the bulging checkerboard illusion.

Is there a way to downgrade to the last version again? The current 26 and 26.0.1 have too many bugs like constant blinking refreshing of my windows or not showing correct disk/free size of my disks. According to 26.0.1 my disk has 0 free space and all 245Gb used while Finder correctly shows 80GB free. Also is there a way to get the fully highlighted folder texts in tag color back as I don't like those little dots?

Something’s changing in Path Finder. Soon.

Reminder that Instagram is shutting down end-to-end encrypted messaging on May 8, 2026 - from this day on, Meta will have full access to your conversations:

‼️🚨 Microsoft calls this "intended behaviour," so here we go. How to dump the credentials of every user stored in Microsoft Edge: 1. Open Edge. Don't browse anywhere, just open it. 2. Flip to Task Manager, find Edge, expand the task. 3. Highlight the "browser" sub-task, right-click, and choose "Create Memory Dump." 4. Open the dump file and look for credentials. The logged-in Windows user can dump every stored Edge credential with no additional rights. Which means any malware that user executes has those credentials for the asking. Thanks to Rob VandenBrink at SANS: isc.sans.edu/diary/32954

Microsoft Edge keeps every saved password as plain readable text in its memory as soon as you open the browser. This includes passwords for websites you have not even visited yet. Google Chrome only unlocks passwords when you actually need them. A security researcher created a tool that shows how admins can easily copy passwords from other users’ Edge browsers on shared computers or work setups. Microsoft says this is “by design.” But the browser still asks you to log in again, even while it holds all the passwords unprotected in memory. This creates real risks on shared devices.

Nach dieser Grafik wäre Deutschland mit 60 Millionen gehackter Datensätze von IDMerit das weltweit am drittstärksten betroffene Land. IDMerit ist ein Anbieter KI-gestützter Lösungen zur digitalen Identitätsverifikation. Das Unternehmen bedient den Fintech- und Finanzdienstleistungssektor und unterstützt Unternehmen mit Echtzeit-Verifizierungstools. KYC-Verfahren (Know Your Customer) sind eine globale Norm, bei der Nutzer ihre Identität beim Einrichten verschiedener Konten verifizieren. Zu den geleakten Daten gehören Personalausweisnummern, vollständige Namen, Adressen, Telefonnummern und möglicherweise Telekommunikations-Metadaten. Warum berichtet kein einziges deutsches Medium darüber, warum kein BSI oder kein Innenministerium? cybernews.com/de/sicherheit/…

Digital ist besser Das ist das Schöne an der EU: Die überzeugendsten Gegenargumente für all ihre dämlichen Projekte liefert sie immer kostenlos & zeitgleich mit. Hier sehen Sie die (guten!) Gründe Nr. 1 - 2.378, warum es der EU niemals, aber wirklich NIEMALS!, gelingen darf, digitale IDs, Chatkontrolle, Altersverifikation, Gesichtserkennung, biometrische Datenspeicherung und digitales Geld einzuführen...

🚨Study involving 1.7 million children has found that Myocarditis & Pericarditis only appeared in children who had received COVID mRNA vaccines. Not a single unvaccinated child in the group suffered from these heart-related problems.

🚨 BREAKING: Someone just open-sourced software that sees you through walls using only WIFI signals. it’s called WiFi-DensePose. It maps your exact body pose in real-time. no cameras. no sensors. just your living room router. 100% Open Source.

Everyone’s missing the real story here. Meta’s Ray-Ban glasses need human data annotators to train the AI. When you say “Hey Meta” and ask the glasses to analyze something, that video gets sent to Meta’s servers, then routed to Sama, a subcontractor in Nairobi, Kenya. Workers there manually label objects in your footage. They see everything you recorded, intentionally or not. 7 million pairs sold in 2025 alone. Every single pair generates training data that flows through human eyes in Kenya. Workers told Swedish journalists they see people undressing, using bathrooms, having sex, and accidentally filming bank card details. One worker said “we see everything, from living rooms to naked bodies.” Meta’s automatic face anonymization is supposed to protect people in the footage. Workers say it fails in certain lighting. Faces that should be blurred are sometimes fully visible. The person you recorded without knowing? A stranger in Nairobi can identify them. Buried in Meta’s terms of service is one sentence doing enormous legal work: the company reserves the right to conduct “manual (human) review” of your AI interactions. That’s the legal cover for routing intimate footage from Western homes to a $2/hour labor force operating under NDAs, office surveillance cameras, and a strict no-questions policy. Workers say if you raise concerns about what you’re seeing, you’re fired. This is the same company, Sama, that TIME exposed in 2023 for paying Kenyan workers $2/hour to label graphic content for OpenAI while being billed at $12.50/hour per worker. Workers described the experience as torture. Sama ended that contract, then pivoted to labeling Meta’s glasses footage. Same workforce. Same rates. Meta markets these glasses as “designed with your privacy in mind.” The privacy design is a tiny LED light on the frame that most people don’t notice. The data pipeline behind it routes your bedroom footage to a contractor with a documented history of worker exploitation, failed anonymization, and union-busting lawsuits. And the next generation of these glasses? Meta is planning to add facial recognition. The same system that can’t reliably blur faces in training data wants to start identifying them on purpose. The LED light on the frame is doing about as much for your privacy as the terms of service nobody reads.

JUST IN: Meta sold 7 million Ray-Ban smart glasses in 2025 alone. Workers in Kenya are watching the footage. Not metadata. Not anonymized clips. The actual videos. People undressing. People in bathrooms. People having sex. Bank cards. Medical documents. The blurring is supposed to protect privacy. It fails constantly. The contractors see everything. Here is the part that should stop you cold: You did not buy the glasses. You did not agree to the terms of service. You did not consent to anything. But if someone wearing Meta glasses walks into your bedroom, your bathroom, your doctor's office, your home, a contractor on the other side of the world may be watching you right now. The person wearing the glasses consented. Everyone else in the room did not. Meta's defense is that this is all disclosed in the privacy policy. They are technically correct. Buried in language so dense that 99% of users never read it. And even if they did, it would not matter, because the terms govern the wearer's data. Not yours. You are not a party to the contract. You are the product being annotated. Millions of AI-enabled cameras walking around in public. Recording constantly. Uploading to servers. Reviewed by humans earning a few dollars an hour to label your most intimate moments so the algorithm gets smarter. This is not a bug. This is the business model. The EU is already asking questions. MEPs submitted formal inquiries to the Commission this week demanding answers on GDPR compliance. The problem is obvious: European data protection law requires consent from data subjects. Bystanders are data subjects. Bystanders never consented. The entire architecture violates the regulation by design. Meta's response has been silence and a reference to terms of service that do not apply to the people actually being filmed. Google Glass died because people called the wearers "Glassholes" and banned them from bars. Meta solved the social problem by making the glasses look normal. They did not solve the privacy problem. They hid it. Seven million units sold in 2025. The installed base is accelerating. Every unit is a potential surveillance node operated by someone who may not understand what they are feeding into the system and reviewed by contractors who see everything the algorithm cannot process. The question is not whether this becomes a scandal. The question is whether the scandal arrives before or after the glasses are on 50 million faces. Watch the EU. If Brussels moves on GDPR enforcement, Meta faces a choice: disable human review in Europe and cripple the AI training pipeline, or accept fines that could reach billions. Neither outcome is priced into the stock. The glasses are selling faster than ever. The contractors keep watching. And somewhere right now, someone you have never met is looking at footage of you that you never knew existed.

@vxdb I'm using @EnpassApp . Used 1Password for years till they started forcing me to subscriptions and cloud with version 8. Switched to Enpass as its all local and I can sync the vault to all my Macs with syncthing. Never missed 1Password.

What password manager do you use? I wanna see if anyone is moving away from 1Password since the price increase

@vxunderground I also loved using 1Password but stopped using it with their forced subscription model and cloud. Switched to @EnpassApp as a replacement and can recommend it. No passwords into the cloud and all stored local. Vaults is synced on all my Macs automatically with syncthing.

1Password said, "Hello, we like money, we are going to increase our pricing by 33%. It is now $47.88/year". I said, "Hello, I am terminating my subscription and deleting my account."

🚨BREAKING NOW: Massive data exposure from AI identity verification firm IDMerit leaked 1 BILLION personal records across 26 countries with full names, national IDs, addresses, phones, emails, DOBs. Nearly 1TB of data. 🇺🇸 US hit hardest: over 200M records exposed.

@guacho08 @ProtonVPN You can take a look at @nym

We have become aware of recent reports concerning legal proceedings in Spain that may affect VPN services, including Proton VPN. At this stage, we were not aware of any proceedings that may have been underway prior to these reports coming to light and have not been formally notified of any proceedings or judgment. Moreover, any judicial order issued without proper notification to the affected parties, thereby denying them the opportunity to be heard, would be procedurally invalid under fundamental principles of due process. Spanish courts, like all courts operating under the rule of law, are bound by procedural safeguards that ensure parties are given a fair opportunity to present their case before any binding judgment is rendered.

An international group of plaintiffs sued Meta Platforms, alleging the WhatsApp owner can store, analyse, and access virtually all of users' private communications. mybroadband.co.za/news/security/…

Major wind turbine manufacturers have been hit by an asbestos scandal. At Australia's $4 billion Golden Plains wind farm, testing on turbines has come back positive. Units are now quarantined and the manufacturer is launching global checks across its supply chain. This follows the asbestos found at a number of Chinese turbine manufacturers. Serious environmental concerns are now mounting. Wind blades can't be recycled, not economically or at scale. So tens of thousands of tons of blades are dumped every year, buried in pits with endless more coming as first-generation turbines hit their end of life, which is typically just 15 years. An industry sold as clean is leaving mountains of toxic waste that can't be recycled.