Facebook will soon roll out passkeys for Facebook on mobile devices
Passkeys offer greater security and easier login than passwords
Passkeys for Messenger will also soon be available
Meta has introduced passkey support for Facebook on mobile devices which will significantly decrease the chance of someone hacking into your account.
Rather than using a clumsy and easily guessed password to log in, you can now use a fingerprint, face or PIN to verify that you are logging in to your account.
Better still, passkeys are often faster to use than passwords, meaning your whole Facebook experience should be even easier.
Facebook gets passkeys
Passkeys for Facebook on iOS and Android mobile devices “will soon be available”, Meta said, with passkeys for Messenger also due to be released in the “coming months.”
Passkeys are a much more resilient alternative to passwords and one-time-codes as they cannot be stolen and are much less susceptible to malicious sites looking to steal your login details, such as typo-squatting domains. They can also be a good alternative to using a password manager that requires constant back-and-forth between apps in order to enter your password.
Your passkey is stored locally on your device, meaning Meta doesn’t have access to it. One unfortunate downside of passkeys is that if you lose your mobile device that stores your passkey, it can be a bit of a hassle getting back into your account and setting up a new passkey.
Meta also announced passkeys will also be used to verify payments through Meta Pay, and will soon also be used to protect your encrypted message backups once Passkeys for Messenger arrive.
(Image credit: Facebook)
To set up a passkey, head to the Settings menu on the Facebook app, and then click on Accounts Center → Password and security → Passkey. If passkeys are available, Facebook may even prompt you to set one up the next time you log in.
Check Point Research finds hundreds of malicious GitHub repositories
These impersonate different mods or cheats for Minecraft
The infostealers grab Minecraft data, as well as browser and crypto wallet information
Minecraft players are being actively targeted by a group of cybercriminals interested in their login credentials, authentication tokens, and crypto wallet information, experts have warned.
Cybersecurity researchers Check Point Research recently discovered the large-scale operation, run by a group called the Stargazers Ghost Network, a distribution-as-a-service (DaaS) operation active for a year now, distributing malware and infostealers on behalf of other cybercriminals.
In this campaign, the crooks abused the fact that Minecraft is one of the largest games in the world, with an active, thriving community of players and modders. Minecraft mods are player-built additions to the game and as per the researchers, there are more than a million modders out there.
Hundreds of repos
The attackers created malicious GitHub repositories, spoofing legitimate mods, and pretending to be cheats: Skyblock Extras, Polar Client, FunnyMap, Oringo, and Taunahi, are just some of the names making rounds.
CheckPoint says these have had thousands of views on Pastebin, suggesting that the campaign is rather successful.
To make matters worse, since these are custom-built to target Minecraft users, and since both the downloader and the malware are written in Java, they are currently going undetected by all antivirus engines.
"We have identified approximately 500 GitHub repositories, including those that are forked or copied, which were part of this operation aimed at Minecraft players," one of the researchers told BleepingComputer.
"We've also seen 700 stars produced by approximately 70 accounts." Stars are used to boost the legitimacy of the repositories, thus improving the chances of infection.
The attack is split into two phases. The first phase targets Minecraft account tokens, and user data from both the Minecraft launcher, and some third-party launchers. It also steals Discord and Telegram information.
The second stage deploys a more “traditional” infostealer called “44 Caliber”, which steals browser data, VPN information, crypto wallet data, and more.
Keyview 13" Touch is a mechanical keyboard with a built-in 13-inch touchscreen
It works with phones, tablets, laptops, desktops, and even game consoles
There’s no battery or touchpad unfortunately, so you'll need to provide power and a mouse
The Keyview 13" Touch, from Aura Displays, is a compact 82-key mechanical keyboard (83 keys for the UK version) with a fun, and useful twist - it has an integrated 13-inch touchscreen attached.
We’ve also encountered various DIY projects that produced laptops without displays, as well as notebook docking stations with built-in screens, but few of those have been as polished or feature-packed as this.
RGB lighting and custom shortcuts
The Keyview 13" Touch's screen folds from 0 to 90 degrees and delivers a 1920 x 720 matte IPS display. It supports full 10-point multitouch and has a wide 178° viewing angle, making it usable for video, docs, or just as a second screen.
The keyboard itself uses yellow mechanical switches and PBT keycaps. It’s fully customizable, with hot-swappable keys, RGB lighting, and support for custom shortcuts.
The device includes USB-C, HDMI, two USB 3.0 ports, an SD/TF slot, and an M2 SSD bay for internal storage expansion. It also supports 60W PD fast charging.
It’s compatible with macOS, Windows, Android, Linux, and ChromeOS. That means it works with laptops, desktops, full-featured USB-C phones like the Galaxy line, latest iPhones, tablets, and even game consoles.
The case is made from aluminum alloy, ABS, and PC plastic. It’s solid but weighs 2.12kg, which makes it more of a backpack item than something pocketable.
There’s also a built-in speaker, rated at 1W. That's nothing special, but it will be fine for notifications or quick audio tasks.
There are a couple of bigger drawbacks, though - there’s no battery for starters, so you’ll need to plug it in every time you want to use it. And there’s no touchpad either, so unless your device is touch-capable, you’ll want to bring a mouse too.
Still, for a certain type of user, especially those wanting to turn their phone into a capable workstation, it’s an unusual and potentially useful option. You can buy it direct from Aura now for $399.00, 20% off its usual MSRP of $499.
Security researchers claim Anubis ransomware is adding a file wiper
The wiper reduces all files to 0 KB, irreversibly destroying them
This could be an additional pressure point during negotiations
Anubis, a relatively new Ransomware-as-a-Service (RaaS) operation, added a new feature to its encryptor that irreversibly destroys all encrypted files on the compromised system.
Cybersecurity researchers Trend Micro has published a new in-depth report about the operation, revealing the group is currently working on adding new features to the encryptor, among which is the file-wiping ability.
“What further sets Anubis apart from other RaaS and lends an edge to its operations is its use of a file wiping feature, designed to sabotage recovery efforts even after encryption,” Trend Micro said. “This destructive tendency adds pressure on victims and raises the stakes of an already damaging attack.”
Pressuring the victims
When the threat actors activate the feature, the wiper erases the contents of the files and reduces their size to 0 KB. The filenames and the structure remain intact, which means it’s impossible to recover the files.
The best way to stay protected is, obviously, to tighten up on security and minimize the chances of getting a ransomware infection. However, out of an abundance of caution, businesses should have a separate, possibly air-gapped backup, that would allow them to restore the files safely.
Usually, ransomware actors would exfiltrate sensitive files from their target’s IT infrastructure, and then encrypt the systems.
They would then demand money, usually in bitcoin, in exchange for the decryption key that returns the victims access to their locked files. Since many companies deny paying the ransom, and instead keep an updated backup that can be restored in case of an attack, the hackers started stealing files and threatening to release them to the public.
Releasing sensitive files is, in many cases, more disruptive than encryption, since it can lead to class-action lawsuits, data watchdogs fines, loss of credibility among customers and partners, and loss of competitive edge after IP leaks.
Besides the file wiper, which is definitely a big threat, ransomware actors also sometimes engage in DDoS attacks, as well, to put pressure on both the front-end and the back-end of the business. In some instances, they would also call the victims on the phone in an attempt to get them to pay the ransom demand.
- Officially renewed in May
- Main cast expected to return
- No official trailer released yet
- Plot details remain under wraps
- Writing for season 2 has commenced
The Four Seasons season 2 is officially on the way, thanks to a swift renewal just days after the show premiered on Netflix.
Based on the 1981 film of the same name, season 1 followed six friends, made up of three married couples, as they vacationed together during each season of the year – four trips, four seasons.
Over eight episodes, the couples experienced the highs, lows and laughs of being long-term friends and long-term lovers. Until, during the final season of winter, tragedy struck the group and the devastation threatened to tear them apart. Fortunately, it seemed to bring them closer together. Although, how about that Ginny twist?
Season 2 will take what co-showrunners Tina Fey, Lang Fisher and Tracey Wigfield lovingly crafted in the first run and hurtle viewers through another rollercoaster of emotions on one of the best streaming services.
Here's what we know so far about The Four Seasons season 2 release date, predicted cast, plot and more.
The Four Seasons season 2: is there a release date?
When it comes to The Four Seasons season 2 release date, well, there isn't one just yet. But, the show was officially renewed on May 14, just under two weeks after season 1 premiered on Netflix.
In the announcement on Netflix's Instagram, the words "It's time for another trip" appear alongside clips from season 1 of the cast discussing going on vacation again with Anne suggesting "someplace warm".
The show's co-creators and co-showrunners Fey, Fisher and Wigfield told The Hollywood Reporter: "We are so grateful that audiences worldwide share our love of cozy sweaters, drinks by the ocean, and picking fights in a hot tub. See you on our next vacation together!"
No word yet on The Four Seasons season 2 filming though, so I'd predict that we won't see the return of the show until at least mid to late 2026.
The Four Seasons season 2: has a trailer been released?
With season 2 yet to commence filming, there's no official trailer to share(Image credit: Netflix)
There's no The Four Seasons season 2 trailer yet, which isn't all that surprising considering the cast and crew haven't started filming.
For season 1, a teaser dropped in mid-March with the official full trailer landing only a couple of weeks before the show launched on Netflix. So, I'll keep an eye out and update here in what I imagine will be 2026.
The Four Seasons season 2: predicted cast
The main cast all predicted to return(Image credit: Netflix)
I'm almost certain that for The Four Seasons season 2 cast, the main characters will all reprise their roles (bar one obvious emission):
Tina Fey as Kate
Will Forte as Jack
Colman Domingo as Danny
Marco Calvani as Claude
Kerri Kenney-Silver as Anne
Erika Henningsen as Ginny
Julia Lester as Lila
It's pretty much a given that the main cast listed above will return considering they're the core of the entire show. Especially considering Wigfield told TVLine if the show was renewed for season 2 (which, of course, it now has been): "It wouldn't be, like, an anthology. We would keep our group because I think that's what makes the show so great, this particular group."
What isn't a given is whether Steve Carell (Nick) would return at all, given his shocking demise in season 1, but there's always a chance of flashbacks. After all, there's a long history between the friends he left behind and there may well be story left to tell.
While Nick and Anne's daughter, Lila, starred in a number of episodes it's not clear whether she'd be returning, so we'll wait to confirm when we hear more.
The Four Seasons season 2: story synopsis and rumors
Ginny's pregnancy opens new doors for The Four Seasons season 2(Image credit: Netflix)
Full spoilers forThe Four Seasonsseason 1 to follow. Plus, potential spoilers for season 2.
The Four Seasons season 1 brought comedy and a breadth of emotion with the six friends vacationing together over the course of a year.
And over that year, a lot happened. Like Nick leaving his wife Anne for a much-younger girlfriend, Ginny. And then Nick suddenly dying in the second-to-last episode. Oh, and then Ginny telling the group that she is in fact pregnant with Nick's baby. Excuse us while we try and ground ourselves ready for season 2.
With so much to unpack, we imagine the friends will literally be packing and unpacking their bags ready for four more vacations across four more seasons of the year with Tudum telling viewers to "settle in for another winter, spring, summer and fall."
More seasons means more vacations(Image credit: Netflix)
And we'd predict that those vacation spots will be entirely new ones. Unless, of course, Ginny can lure them all back to the Eco Resort...
Other than where season 1 left viewers, there's not much known about the season 2 plot and that's probably because they only headed back into the writer's room in May.
Though Tina Fey told The Hollywood Reporter, when it comes to writing season 2: "The writers have been very generous a lot of what you saw in season one, a lot is obviously from the movie but a lot also came from all of our lives. Adding: "We are kind of starting from scratch."
To this, Fey's co-creator and co-showrunner Wigfield expanded: "We set up fun dynamics in the finale. Ginny is pregnant, and this friend group is kind of moving on in the wake of their friend's death. There is going to be really interesting stuff to play and already we're starting to talk about it and it's really exciting."
And when it comes to Claude's part in season 2, in conversation with Variety Marco Calvani expressed his hopes for what's next: "Well, it would be fun to see Danny and Claude's group of gay friends.
"But you know, the group will be dealing with a baby now. I have a feeling Claude will confront his desire for a family. It would also be cool to have some scenes with Ginny. We're a bit of the outsiders in the group."
Will there be more seasons of The Four Seasons?
Will the friends reunite for another season?(Image credit: Netflix)
As of right now, there's really no saying whetherThe Four Seasons will return for another series.
Since season 2 hasn't commenced filming yet. In fact, it's still in the writing stages. So, it seems unlikely that there will be any intel on whether season 3 is a possibility until a little while down the road.
The renewal for season 2 happened just days after season 1's release, so if we're to hear any thoughts on season 3, I imagine it won't be until at least 2026. What I do know is that I've never written the word season so many times in my life.
Whether you’re looking for fast speeds or affordable pricing, these are the most dependable internet providers in San Antonio, according to CNET's experts.
AI-generated documents are replacing traditional forgeries and bypassing verification faster than ever imagined
Synthetic identity fraud has surged 195% globally, with Europe and North America hardest hit
Most fraud now happens after onboarding, using tricks like credential stuffing and device spoofing
Synthetic identity document fraud is now spreading at an alarming pace globally, driven almost entirely by the misuse of generative AI, experts have warned.
New data from Sumsub has claimed the creation of fake documents using AI grew by 195% worldwide between Q1 2024 and Q1 2025.
The most dramatic spike was recorded in Europe, where synthetic ID fraud surged by 378%, followed by North America (311%) and the MENA region (258%).
Traditional forgery declines
This trend appears to be gaining ground on traditional document forgery, which has declined sharply in most regions, dropping by 82% in Africa and 50% in North America - with Europe the exception, where traditional forgeries increasing by 33%.
This shift suggests scammers are moving from conventional techniques to AI-generated identities, which can now be produced in seconds using largely unregulated tools.
The industries most affected by this trend include crypto, trading, transportation, fintech, and gambling, all sectors which often rely on rapid onboarding processes and may not yet have strong enough safeguards to detect synthetic documents before damage is done.
Compounding this vulnerability is the fact over three quarter (76%) of fraud now occurs after the onboarding stage, using methods such as device fingerprint spoofing, credential stuffing, and so-called “money muling.”
“The rise of AI-generated fraud is exposing critical flaws in traditional verification systems, and this data shows sophisticated fake documents are becoming a key tool in the fraudster’s arsenal,” said Pavel Goldman-Kalaydin, Head of AI/ML at Sumsub.
“We expect companies like OpenAI to strengthen safeguards controlling the use of its programs to generate passports, IDs, and other personal documents.”
Parallel to this trend is a dramatic rise in deepfake-related fraud, where North America saw a staggering 1,100% increase in such cases, with Europe following at 900%.
Nations like Hong Kong, Singapore, and Germany saw the highest individual surges, raising concerns about the future role of manipulated visual media in identity fraud schemes.
For individuals and organizations trying to protect themselves, relying solely on conventional KYC protocols may no longer be enough. Businesses are advised to use identity management software and multi-layered verification systems for stronger protection.
Consumers should also consider top-rated ID theft protection solutions, especially those that monitor for synthetic identity use. Using reputable people search tools can add an extra layer of safety when verifying unknown contacts or confirming someone’s legitimacy online.
Fake wallet apps ask for your 12-word phrase and quietly drain your crypto funds
CRIL found over 20 Play Store apps built solely to steal users’ crypto credentials
Malicious apps used WebView to fake real login pages from PancakeSwap and others
New research by Cyble Research and Intelligence Labs (CRIL) has uncovered a large-scale phishing campaign involving more than 20 Android applications listed on the Google Play Store.
These apps, which appeared to be legitimate cryptocurrency wallet tools, were created with a singular purpose: stealing users’ mnemonic phrases, the crucial 12-word keys that provide full access to crypto wallets.
Once compromised, victims risk losing their entire cryptocurrency holdings, with no possibility of recovery.
How the apps work and what makes them dangerous
Many of the malicious apps were built using the Median framework, which enables the rapid conversion of websites into Android applications.
Using this method, threat actors embedded phishing URLs directly into the app code or within privacy policy documents.
These links would then load deceptive login pages via a WebView, tricking users into entering their mnemonic phrases under the false belief they were interacting with trusted wallet services such as PancakeSwap, SushiSwap, Raydium, and Hyperliquid.
For example, a fraudulent PancakeSwap app used the URL hxxps://pancakefentfloyd[.]cz/api.php, which led to a phishing page mimicking the legitimate PancakeSwap interface.
Likewise, a fake Raydium app redirected users to hxxps://piwalletblog[.]blog to carry out a similar scam.
Despite variations in branding, these apps shared a common objective: extracting users’ private access keys.
CRIL's analysis revealed that the phishing infrastructure supporting these apps was extensive. The IP address 94.156.177[.]209, used to host these malicious pages, was linked to over 50 other phishing domains.
These domains imitate popular crypto platforms and are reused across multiple apps, indicating a centralized and well-resourced operation.
Some malicious apps were even published under developer accounts previously associated with legitimate software, such as gaming or streaming applications, further lowering user suspicion.
This tactic complicates detection, as even advanced mobile security tools may struggle to identify threats hidden behind familiar branding or developer profiles.
To protect against such attacks, CRIL advises users to download apps only from verified developers and avoid any that request sensitive information.
Using reputable Android antivirus or endpoint protection software, along with ensuring that Google Play Protect is enabled, adds an important, though not infallible, layer of defense.
Strong, unique passwords and multi-factor authentication should be standard practice, and biometric security features should be enabled when available.
Users should also avoid clicking on suspicious links received via SMS or email, and never enter sensitive information into mobile apps unless their legitimacy is certain.
Ultimately, no legitimate app should ever request a full mnemonic phrase through a login prompt. If that happens, it’s likely already too late.
Attackers use real Google URLs to sneak malware past antivirus and into your browser undetected
This malware only activates during checkout, making it a silent threat to online payments
The script opens a WebSocket connection for live control, completely invisible to the average user
A new browser-based malware campaign has surfaced, demonstrating how attackers are now exploiting trusted domains like Google.com to bypass traditional antivirus defenses.
A report from security researchers at c/side, this method is subtle, conditionally triggered, and difficult for both users and conventional security software to detect.
It appears to originate from a legitimate OAuth-related URL, but covertly executes a malicious payload with full access to the user's browser session.
Malware hidden in plain sight
The attack begins with a script embedded in a compromised Magento-based ecommerce site which references a seemingly harmless Google OAuth logout URL: https://ift.tt/axqznMW.
However, this URL includes a manipulated callback parameter, which decodes and runs an obfuscated JavaScript payload using eval(atob(...)).
The use of Google’s domain is central to the deception - because the script loads from a trusted source, most content security policies (CSPs) and DNS filters allow it through without question.
This script only activates under specific conditions. If the browser appears automated or the URL includes the word “checkout,” it silently opens a WebSocket connection to a malicious server. This means it can tailor malicious behavior to user actions.
Any payload sent through this channel is base64-encoded, decoded, and executed dynamically using JavaScript’s Function constructor.
The attacker can remotely run code in the browser in real time with this setup.
One of the primary factors influencing this attack's efficacy is its ability to evade many of the best antivirus programs currently on the market.
The script's logic is heavily obfuscated and only activates under certain conditions, making it unlikely to be detected by even the best Android antivirus apps and static malware scanners.
They will not inspect, flag, or block JavaScript payloads delivered through seemingly legitimate OAuth flows.
DNS-based filters or firewall rules also offer limited protection, since the initial request is to Google’s legitimate domain.
In the enterprise environment, even some of the best endpoint protection tools may struggle to detect this activity if they rely heavily on domain reputation or fail to inspect dynamic script execution within browsers.
While advanced users and cybersecurity teams may use content inspection proxies or behavioral analysis tools to identify anomalies like these, average users are still vulnerable.
Limiting third-party scripts, separating browser sessions used for financial transactions, and remaining vigilant about unexpected site behaviors could all help reduce risk in the short term.
