Meta fixes bug that leaked AI chats
A security researcher found that by altering the ID attached to Meta AI prompts, he could get their chatbot to spit out someone else’s prompt and AI-generated responses
AI impersonation in the White House
Journalistic skepticism is pretty normal. But now we need to question someone’s literal voice. That’s a bit new
Airline data is flying all over the place
Getting back to the basics can help you mitigate the impact of mass data breaches
Oh, Brother (printers)!
The best time to patch your connected devices is all the time
Should you try Google Advanced Protection?
It’s the digital security training team at Freedom of the Press Foundation (FPF), with security news that keeps you, your sources, and your devices safe. If someone shared this newsletter with you, please subscribe here.Android 16 drops — and with it, Advanced Protection modeJournalists and other at-risk …
New journalism curriculum module teaches digital security for border journalists
New journalism curriculum module teaches digital security for border journalists Module developed by Freedom of the Press Foundation, Electronic Frontier Foundation, and University of Texas at El Paso guides students through threat modeling and preparation San Francisco – A new college journalism curriculum module teaches students how to protect themselves …
Journalist searched and detained at US airport
CBP searched an Australian journalist’s phone. He noted he was questioned over materials in his blog, social media posts, and reporting
Report examines scams on the rise
The report also examines users’ choices in authentication methods, highlighting passkeys
The automated license plate reader dragnet
Automated license plate readers are everywhere, and they can often tell a story about your movement
Signal blocks Microsoft Recall from recalling
Signal is making it harder for your private messages to get pulled into Microsoft’s new Recall AI feature
Telegram’s growing mountain of data requests
Telegram’s transparency reporting bot suggests their compliance with data requests from authorities has exploded between 2024 and 2025.
NSO Group fined in WhatsApp suit
The lawsuit also reveals more about how NSO Group executed its attacks on WhatsApp users, including journalists.
More Signalgate than we can tolerate
Look, neither one of us wants this. But we’re going to have to keep talking about how defense officials are using Signal in unusual ways
Chrome concedes third-party cookie fight
Third-party cookie ad tracking in Chrome is here to stay. If you’re sticking with Chrome, let’s talk about some safer settings.
Signalgate: The saga continues
The Signalgate saga continues. This time, Defense Secretary Pete Hegseth sent operational Yemen missile strike details to his wife and brother. Fortunately you can learn from Hegseth’s mistakes.
Tariffs and security updates
If you’re like me, you’re thinking about whether to buy electronics ahead of potential tariffs, and how long those devices will receive updates
Siding with Apple, court rejects UK’s secrecy request
A transparency win in a case concerning backdoor requests to Apple
Move over Signalgate, let’s talk Venmogate
Friends don’t let friends show the national security adviser is on their Venmo contact list
Security lessons from a Signal group chat
The editor-in-chief of The Atlantic is added to a Signal group chat discussing national security information — presumably by accident
Ad CEO boasts about data broker capabilities
If our digital security trainer were in charge of data broker services, he might keep his cards closer to the vest. But that’s just him
Dropping malicious browser extensions
Browser extensions are powerful, but not all are trustworthy. Here’s how to scale back to the ones you trust
Google’s personal data removal updates
Google updates its “Results about you” tool to help users remove unwanted or outdated information about themselves
Apple pulls encrypted iCloud from the U.K.
After government demands for global access to Apple’s end-to-end encrypted iCloud, the company disables the feature regionally
X temporarily blocks Signal links
While X might be able to block links, it will have a tougher time blocking Signal usernames
U.K. officials demand iCloud backdoor
The “snoopers’ charter” order for access to end-to-end encrypted iCloud accounts applies globally
