Notepad++ Subject to Supply Chain Attack for Months
The popular text editor Notepad++ had their infrastructure compromised from about June 2025 to December 2025, allowing the attackers to deliver malicious updates to unsuspecting users.
Fria Reyes
Fria is a privacy advocate and synthwave enthusiast who has been volunteering with Privacy Guides since 2023. They are an unapologetic tech optimist, and believes with the right technology we can solve any problem.
Google Introduces Stronger Theft Protections in Android
Google announced that they're bolstering Android's pre-existing theft protection features with security improvements and more granular control.
Apple Acquires Q.ai Startup for "Silent" Voice Input
In its second biggest acquisition ever, Apple has acquired a company called Q.ai that promises to use "facial micromovements" to provide "private answers to silent questions."
WhatsApp Implements Optional "Strict Account Settings" Mode for Increased Security
WhatsApp has announced a new setting called Strict Account Settings that increases security against sophisticated threats, similar to Apple's Lockdown Mode or Android's Advanced Protection mode.
Google Accidentally Leaks Upcoming AluminiumOS Desktop Interface
According to 9to5Google, a bug report (currently inaccessible) about Chrome Incognito tabs leaked the desktop interface for the upcoming AluminiumOS, Google’s merging of ChromeOS and Android.
Windows Update Stops Machines from Booting
The disastrous KB5074109 Windows update has reportedly caused some people's computers to fail to boot, among the myriad other issues.
Pwn2Own Automotive Shows How Insecure Our Vehicles Are
The first day of the Pwn2Own Automotive hacking competition has kicked off in Tokyo, Japan, with “a record 73 entries” showing that our vehicles are juicier targets than ever.
Mandiant Releases Rainbow Tables for Outdated Windows NTLMv1
Mandiant, a cybersecurity firm and subsidiary of Google, has released a rainbow table for the outdated Windows NTLMv1 authentication protocol, allowing attackers to crack administrator passwords in under 12 hours using consumer hardware that costs less than $600.
ChatGPT Announces Ads Coming for Free and Go Users
OpenAI has announced it’ll be incorporating ads into ChatGPT for Free and Go users.
Bluetooth Exploit Leaves Hundreds of Millions of Accessories Vulnerable to Full Takeover
Researchers have discovered a vulnerability in Google Fast Pair, dubbed WhisperPair, that leaves affected accessories open to being fully controlled by an attacker.
Trail of Bits Exposes Vulnerabilities in Agentic Browsers, Compares to Cross-Site Scripting
Security research and consulting firm Trail of Bits analyzed agentic AI in browsers and found vulnerabilites that resemble cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.
Encrypted RCS Spotted in iOS 26.3 Beta
Mention of the long-awaited RCS end-to-end encryption (E2EE) support in the iOS 26.3 beta was spotted by Tiion-X83 on X via a carrier bundle setting that would let carriers enable E2EE for RCS messaging.
Instagram Password Reset Emails Sent Out to Users Unprompted
Instagram users were sent password reset emails recently that they didn’t request, but Instagram says there was no breach of their system.
Logitech macOS Software Fails, Leaving Mice and Keyboards Malfunctioning
Logitech’s G HUB and Logi Options+ software stopped working, leaving users who relied on it for managing their mice and keyboards high and dry.
Telegram Adds Passkey Support, Still Requires Phone Number
Telegram has added support for passkeys, a secure and convenient sign-in method, replacing SMS verification codes.
Multiple Vulnerabilities Found in GnuPG
Gnu Privacy Guard, a popular implementation of the OpenPGP standard, was found to have multiple vulnerabilities including modifying the plaintext shown to the user and modifying files on the user’s system.
Connectivity Standard Alliance Launches Aliro Standard for Smart Locks
The Connectivity Standards Alliance has launched their new standard for secure, interoperable smart locks called Aliro.
AI Data Centers May Start Using Radio Instead of Copper
AI data centers are running up against the physical limits of copper for transmitting data, so radio is being considered as a replacement.
Cloudflare Explains Plan for Resilience After Multiple Outages
Following multiple outages, Cloudflare outlines their plan to improve resilience of their network, titled “Code Orange: Fail Small.”
The Linux Foundation Announces Formation of the Agentic AI Foundation
The Linux Foundation announced the newly formed Agentic AI Foundation to standardize and support an open, collaborative ecosystem for agentic AI.
Neobank Bunq Shares Customers’ Investments to Their Contacts Without Permission
Bunq, a Dutch neobank that’s been growing in popularity in recent years, has started sharing users’ investments with others on their contacts list, according to RTL.