ICE revives contract for spyware
Targeted malware is the sharpest edge of the spear, but simple steps also do a great deal to lower your risk of attack
Device searches hit record numbers at U.S. border
The rise in device searches at U.S. ports of entry is consistent with ongoing upward trend — but there are things you can do to prepare
Added to the ICE group chat
ICE officers used unsecured text messages to communicate about a target marked for deportation. Then, they added a stranger
Defend against phone number theft
AT&T rolled out a new feature to help customers lock down their accounts. But it’s not just AT&T — your phone company may have their own version as well
Lock down those Firefox add-ons
Mozilla warns of phishing attacks targeting developers of Firefox add-ons
Apple’s least fun alerts
Research shows that in recent months, Apple has notified at least a dozen Iranian iPhone users of targeted spyware, including those in civil society
Ask a security trainer: What about the password for my password manager?
Definitely use a strong password on your password manager. But it’s also a good move to have backup plans
Meta fixes bug that leaked AI chats
A security researcher found that by altering the ID attached to Meta AI prompts, he could get their chatbot to spit out someone else’s prompt and AI-generated responses
AI impersonation in the White House
Journalistic skepticism is pretty normal. But now we need to question someone’s literal voice. That’s a bit new
Oh, Brother (printers)!
The best time to patch your connected devices is all the time
Should you try Google Advanced Protection?
It’s the digital security training team at Freedom of the Press Foundation (FPF), with security news that keeps you, your sources, and your devices safe. If someone shared this newsletter with you, please subscribe here.Android 16 drops — and with it, Advanced Protection modeJournalists and other at-risk …
Journalist searched and detained at US airport
CBP searched an Australian journalist’s phone. He noted he was questioned over materials in his blog, social media posts, and reporting
Report examines scams on the rise
The report also examines users’ choices in authentication methods, highlighting passkeys
The automated license plate reader dragnet
Automated license plate readers are everywhere, and they can often tell a story about your movement
Signal blocks Microsoft Recall from recalling
Signal is making it harder for your private messages to get pulled into Microsoft’s new Recall AI feature
Telegram’s growing mountain of data requests
Telegram’s transparency reporting bot suggests their compliance with data requests from authorities has exploded between 2024 and 2025.
Ask a security trainer: Checking identities in Signal
Welcome to “Ask a security trainer,” the column where the Digital Security Training team at Freedom of the Press Foundation (FPF) answers your burning questions at the intersection of journalism and security. Submit yours here! Let’s jump right into this week’s question.Dear DST,I’ve been seeing this story …
NSO Group fined in WhatsApp suit
The lawsuit also reveals more about how NSO Group executed its attacks on WhatsApp users, including journalists.
Chrome concedes third-party cookie fight
Third-party cookie ad tracking in Chrome is here to stay. If you’re sticking with Chrome, let’s talk about some safer settings.
Signalgate: The saga continues
The Signalgate saga continues. This time, Defense Secretary Pete Hegseth sent operational Yemen missile strike details to his wife and brother. Fortunately you can learn from Hegseth’s mistakes.
Tariffs and security updates
If you’re like me, you’re thinking about whether to buy electronics ahead of potential tariffs, and how long those devices will receive updates
Siding with Apple, court rejects UK’s secrecy request
A transparency win in a case concerning backdoor requests to Apple
Move over Signalgate, let’s talk Venmogate
Friends don’t let friends show the national security adviser is on their Venmo contact list
Security lessons from a Signal group chat
The editor-in-chief of The Atlantic is added to a Signal group chat discussing national security information — presumably by accident
Ask a security trainer: Should I be concerned about AI transcription tools?
There are some great uses for time-saving AI transcription tools, but it’s important to also know when to avoid uploading to a cloud provider
