Our privacy is most at risk from companies, governments, and AI models, according to a new public survey from Malwarebytes.

Bad vibes are big news in privacy right now, with the public feeling isolated in securing their sensitive information from companies, governments, AI models, and scammers.

That’s the latest from Malwarebytes research conducted this month, which revealed that the vast majority of people are concerned about wrongful data access from nearly every corner of their lives. For example, 89% of people “agreed” or “strongly agreed” that they are “concerned about my personal data being used inappropriately by corporations,” and another 72% agreed or strongly agreed that they are “concerned about my personal data being accessed and used inappropriately by the government.”

The anxieties are easy to trace.

In just the first three months of 2025, the UK government asked Apple for access to encrypted cloud storage for users across the _globe_, the US government exposed active Social Security Numbers in releasing files related to the assassination of former President John F. Kennedy, and the announced bankruptcy of genetic testing company 23andMe prompted many customers to delete their data.

Against this backdrop, many users are taking privacy into their own hands. More than 40% of people have stopped using either TikTok, Instagram, or X (formerly Twitter), and 26% stopped using a fertility or period tracking app. A robust 75% said they “opt out of data collection, as possible,” and 23% have gone a step further, using a data removal service to help clean up any personal information that is easily found online.

These findings come from a pulse survey that Malwarebytes conducted of its newsletter readers in March via the Alchemer Survey Platform.

Broadly, Malwarebytes found that:

*   89% of people are “concerned about my data being used by AI tools without my consent.”
*   70% of people “feel resigned that my personal data is already out there, and I can’t get it back.”
*   77% of people said that “many online transactions today, from purchases to downloads to creating new accounts, feel like ploys to take my data.”
*   While 87% of people “support national laws regulating how companies can collect, store, share, or use our personal data,” 60% feel that “we will never have simple, meaningful ways to protect our data.”
*   To protect their personal information and that of their family, at least 40% of people have stopped using Instagram, TikTok, and X (formerly Twitter).
*   26% of people stopped using a fertility app or period tracking app.

****Institutional distrust****

The public believe that the biggest threats to their privacy right now are AI models, companies, governments, and, well, pretty much every single interaction they have with the internet at large.

Aside from the 89% of people concerned about their data being “accessed and used inappropriately by the government,” another 50% said they were concerned about wrongful government access of their “private conversations.”

Elsewhere, an astounding 89% of people said that they are “concerned about my data being used by AI tools without my consent.” It is unclear exactly where these fears lie. People may be concerned that AI tools are scraping public websites for their information—like the facial recognition company ClearView AI does by scouring articles, mugshot websites, and publicly listed social media profiles—or they may fear that tools like ChatGPT and Google’s Gemini are recording “conversations” or questions for future use.

Exacerbating these concerns is, likely, the current murkiness around AI technology and what it requires to function. The New York Times is currently suing OpenAI for allegations that its large language model wrongfully ingested the outlet’s copyrighted articles as training data, human contractors that helped train the AI recognition systems for Roomba vacuums mistakenly leaked sensitive photos on Facebook, and a national mental health support chatline siphoned off some of its users’ conversations to train an AI-powered customer support chatbot in an effort to boost funding.

But it isn’t just AI that the public distrust, it’s also the many ways they’re forced to engage with the internet, overall, as 77% agreed or strongly agreed that “many online transactions today, from purchases to downloads to creating new accounts, feel like ploys to take my data.”

They may have a point. Downloading a mobile game can reveal your location data to countless ad companies, searching for airline tickets on a Mac device can force you into paying higher prices, and buying a car can subject your sex life—seriously—to data collection. And these are the largely _legal_ consequences of everyday life! Real-deal cybercriminal campaigns like “malvertising,” that abuse Google search results to direct victims to malicious websites, only make matters worse.

Amidst this landscape, the public broadly agreed that they wanted privacy protections that, unfortunately, they feel no one is going to grant them.

A full 87% of people “support national laws regulating how companies can collect, store, share, or use our personal data,” while 70% also believe “we will never have simple, meaningful ways to protect our data.”

So, in the absence of legal or corporate protections, the public are taking matters into their own hands.

****Individual action****

The dire privacy concerns shared by many respondents have, for the most part, not resulted in privacy nihilism. In fact, a heartening 60% of respondents did _not_ agree that they have “become less vigilant about my data privacy and security because there is little I can do these days.”

Instead, as Malwarebytes found, many people have started disengaging from major online platforms and adding privacy-conscious tools and habits to their daily regimen.

For instance, to protect their and their family’s personal information, 47% of people said they “stopped using TikTok,” 45% said they “stopped using X” (formerly Twitter), 44% said they “stopped using Instagram,” and 37% said they “stopped using Facebook.” Another 26% said they “stopped using a fertility/period tracking app.”

Elsewhere, 69% of people said they “use an ad blocker for online browsing,” and 75% of people “opt out of data collection, as possible.” Another 42% said they use a VPN, which can provide an extra level of comfort by encrypting all web traffic when connecting to public or unknown Wi-Fi networks.

Malwarebytes also found that 69% of respondents said they use “multifactor authentication,” or MFA. MFA is one of the strongest security protections against account takeovers and hacking, requiring that login attempts aren’t approved with _just_ a username and password, but with a separate piece of information, like a one-time passcode that is texted to a user’s device. Though understood as a cybersecurity best practice, MFA also strengthens a user’s privacy. After all, thieves don’t hack into accounts just for fun—they hack into accounts to sometimes steal any sensitive information stored within.

Finally, a smaller percentage of people said they use identity theft protection solutions (43%) and personal data removal services (23%). These are critical tools for catching and stopping identity theft, and for making it harder for scammers to find and target victims.

Malwarebytes understand that privacy isn’t “easy” right now—it never necessarily has been—but that doesn’t mean it’s time to give up. Thankfully, many people responded that, despite their serious concerns, they aren’t about to take corporate and government privacy invasions willingly. That’s the type of attitude that the public needs more than ever, and we’re grateful to see it.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 72% of people are worried their data is being misused by the government, and that&#8217;s not all&#8230; 

Crypto software wallets are invincible in the micro range. If you own multiple crypto assets, you need safe and reliable wallets, too.

Crypto wallets offer an extra layer of security against **malicious attacks** targeting everyday users. It’s not always easy to open your online crypto account every time you want to make a payment, and many merchants still don’t support direct crypto transactions. That’s where digital wallets step in. They make payments easier, but in 2025, the biggest concern around crypto wallets is safety.

That’s why it makes sense to focus on wallets that are both cost-effective and secure. Before choosing one, it’s important to understand how its security system works. At the same time, the wallet should be flexible enough to let you buy, sell, or stake crypto without hassle.

There are over a hundred crypto wallets available this year, but we’re going to focus on 10 that stand out as some of the safest options.

****1: Zengo****

The wallet has more than 380 coins. As you can do frequent transactions, we would categorize it as a hot wallet. Meanwhile, it is not a hardware-compatible wallet. The cost of maintaining the wallet is 19.99 every month. However, the annual subscription is only $129. 

They claim that they have been providing services to over 1.5 million customers and “0 wallets” have been hacked.

****Special features** **

It is the best wallet for security-conscious users. The strong and integrated security design can stop any kind of phishing crimes or bad entry gates. 

The company says that there are 1.5 billion customers who have had zero wallet attacks to date. 

****Benefits** **

Firstly, you get a secure infrastructure with this wallet. Moreover, you will get weekly software updates. You can easily buy or sell Crypto from the wallet. Therefore, it is a good option to keep your fiat currency in it. 

****Limitations** **

The price of the wallet is slightly on the higher side. Moreover, no hardware devices are compatible with it. Lastly, it allows only third-party access for withdrawals. 

Understandably, this measure is important from a security point of view. But it is stunted from the utility point of view. 

****2: Coinbase** **

This wallet can support more than 5500 cryptocurrencies. It is a hot wallet for sure. Like the previous one, it has no hardware wallet compatibility. But the best part is that it is a free wallet. This is the reason why it is more popular among users. Moreover, Coinbase has over **90 govt crypto assets** too. 

****Why should beginners use it?****

Beginners can use it for practice. It has easy navigation. You can use it on the website as well. Meanwhile, you can easily download it from various platforms and start using it without any concern. But it is the best option for the low-cost beginners. 

The company charges 0 network fees either. Plus, you can customize and minimize the wallet anytime. If you check the **BTC heatmap, you’ll see that Bitcoin has most of the investors’ shares**. Hence, you need a free wallet source for Bitcoin investors. 

****Benefits** **

It is the best option for beginners. Moreover, it is a low-cost platform with various amenities. You can trade more than 5500 coins over it. 

****Limitations** **

The wallet code is not an open-source code. You cannot generateay new address for every single transaction. It is not comfortable with the hardware assets. However, you can connect your ledger wallet to transfer assets. 

****3: Exodus****

The coin supports more than 281 currencies. It is a hot wallet for sure. However, the best part is that it is hardware-compatible. It is free of cost, too. 

****Why choose it?****

You can choose it as it makes slots to manage individual digital currencies on your mobile platform itself. The fiat payment methods are also separate. You can find them easily in your wallet. 

Lastly, you can use it to purchase or sell your coins. At the same time, you can swap or stake the coins easily. But the best part is that you can do all of these directly from your mobile phone. 

****Benefits** **

The platform offers intuitive integration across mobile and desktop. It also offers the same to and from any browser platform. The software wallet is compatible with hardware wallets like Trezor.

So, it is an exceptional quality which premium wallets also don’t offer often. 

****Limitations** **

Customer support is very limited. It is available through email only. There is no in-house exchange policy with this wallet. Lastly, it is not an open-source option.

****4: Electrum****

It is a bitcoin-only wallet. On that note, it is one of the major downsides of this wallet. However, you can treat it as a hot as well as a cold wallet. Moreover, it is hardware-compatible. But the best part is that it is free of cost.

****Why Should You Choose It?****

You should choose a wallet that’s tailored to secure your Bitcoin. And that’s Electrum for you. Moreover, the Electrum app is available over a range of platforms. 

****Benefits****

Firstly, it is a free and downloadable wallet option. At the same time, it is well compatible with all the hardware wallets. Lastly, its source code is auditable. You may also peer review the codes and send suggestions. 

****Limitations** **

The biggest drawback of the platform is that it does not have the best trading features. So, buying, selling, and staking are not options you can pursue on this platform. You may simply keep your Bitcoin safe here. 

Moreover, there are no customer support options here. You will get community support at best. Lastly, you need genuine technical expertise to develop your wallet. 

This wallet is widely used for managing Ethereum and ERC-20 tokens. It is a hot wallet and works as a browser extension or mobile app. While it doesn’t support hardware wallet integration by default, it can be connected to devices like Ledger. One major reason for its popularity is its simple interface and easy access to decentralized apps.

****Why Should You Choose It?****

If you’re working mostly with Ethereum and related tokens, MetaMask is a smart choice. It’s user-friendly, supports quick access to decentralized apps, and works smoothly across both mobile and browser platforms.

****Benefits****

MetaMask is free to use and easy to install on both desktop and mobile devices. It offers seamless access to Ethereum-based dApps, supports custom tokens, and can be connected to hardware wallets like Ledger for added security. It’s also open-source, so developers can review and contribute to its code.

****Limitations****

MetaMask is limited to Ethereum and ERC-20 tokens, so it’s not ideal if you deal with a wide range of cryptocurrencies. It doesn’t offer built-in options for staking or advanced trading. Customer support is minimal, and new users might find the interface a bit technical at first.

****6: Trust Wallet****

The wallet supports more than 10,000 cryptocurrencies, including all major tokens and coins. It is a hot wallet designed for frequent on-the-go transactions. Trust Wallet is not tied to any specific hardware wallet by default, but it does support hardware integration through third-party connections. The wallet is free to download and use, with no monthly subscription costs.

It’s owned by Binance, which adds a layer of credibility. The wallet has been downloaded over 60 million times and has maintained a strong track record with no major security breaches reported.

****Special features****

Trust Wallet is known for its built-in Web3 browser that lets users interact with decentralized apps (dApps) directly from within the wallet. It also supports staking of various coins and offers a secure backup feature using a single recovery phrase.

The wallet runs with a strong emphasis on user privacy. No personal data or KYC is needed to set up or use it.

****Benefits****

Trust Wallet is a beginner-friendly wallet that supports a huge range of assets. It includes built-in staking, token swapping, and direct access to dApps. It’s available on both Android and iOS platforms, and it also supports NFTs across multiple blockchains.

Since it’s backed by Binance, there’s strong ongoing development, regular security updates, and integration with popular tools.

****Limitations****

The wallet doesn’t come with its own in-house customer support; users rely on community forums or Binance channels for help. Although it can connect with Ledger, it’s not fully optimized for hardware wallet security. Also, as a mobile-only wallet, it may not suit users looking for a full desktop experience.

Lastly, being owned by Binance may raise concerns for users looking for more decentralized control.

The Crypto.com DeFi Wallet supports over 1000 cryptocurrencies and is designed as a hot wallet, allowing users to make frequent transactions with ease. It’s non-custodial, meaning users have full control over their private keys. While it isn’t tied directly to a hardware wallet, it can integrate with Ledger devices for added security. The wallet is completely free to use with no subscription or maintenance costs.

The wallet is part of the broader Crypto.com ecosystem, which has tens of millions of users globally. It is separate from the centralized Crypto.com app, giving users the option to keep their assets fully decentralized.

****Special features****

One of the standout features is the ability to stake and earn rewards on various assets directly from the wallet. It also includes token swapping, DeFi access, and NFT storage. Users get full control over their keys, with backup options via a recovery phrase.

The wallet is also open-source, which means its code is publicly auditable, a major plus for transparency and community trust.

****Benefits****

The wallet provides access to decentralized finance without sacrificing usability. You can connect it easily with the Crypto.com exchange or app for seamless transfers. There’s a built-in swap function that supports multiple chains, and the app is available on both iOS and Android.

Another benefit is the ability to stake coins directly from the wallet and earn passive income. The user interface is clean and intuitive, especially for users already familiar with Crypto.com’s services.

****Limitations****

Although the wallet offers Ledger integration, it’s not natively built for hardware security, so users must go through extra steps to sync. There’s no desktop version of the wallet; it’s mobile only, which might not suit all users.

Also, as with most DeFi wallets, there’s no way to recover your funds if you lose your recovery phrase. And while support exists, it may not be as responsive as that of fully centralized platforms.

****8: BitBox02****

BitBox02 is a hardware wallet that supports major cryptocurrencies like Bitcoin, Ethereum, and Litecoin, along with ERC-20 tokens. It’s a cold wallet, which means it stores your assets offline for maximum protection. Unlike hot wallets, it’s not meant for frequent daily transactions. It is a paid device, with a one-time cost of around $129, depending on where you buy it.

Developed by Shift Crypto, a Swiss company, BitBox02 is known for its strong focus on privacy, security, and open-source principles. It’s available in two versions: Bitcoin-only and multi-coin, giving users the option to choose based on their needs.

****Special features****

BitBox02 comes with a built-in screen and touch sensors for transaction confirmation, and it uses a microSD card for backup instead of the traditional 12 or 24-word recovery phrase. This makes backup and restoration more straightforward and secure for some users.

The wallet’s firmware and companion app are open-source, which allows for public audits and community contributions, a solid trust factor for security-focused users.

****Benefits****

As a cold wallet, BitBox02 offers high-end security. Your private keys never touch an internet-connected device. The use of a microSD card for encrypted backups is a unique feature that enhances safety and user convenience.

The device is lightweight, portable, and works with Windows, macOS, and Linux. It also supports Tor for added privacy, and users can verify all addresses on the device screen before sending transactions.

****Limitations****

BitBox02 isn’t ideal for those looking for a wallet for everyday use; it’s designed for long-term holding and security, not frequent trading. The supported coins list is more limited compared to some multi-coin software wallets.

It also doesn’t support mobile use; it must be connected to a computer. Finally, while the microSD backup system is secure, it’s a less familiar method that could confuse users accustomed to seed phrases.

****9: SafePal S1****

The SafePal S1 is a hardware wallet supporting over 10,000 cryptocurrencies, including Bitcoin (BTC), Ethereum (ETH), Binance Coin (BNB), and various ERC-20 tokens. As a cold storage device, it keeps assets offline, enhancing security. The wallet operates independently without direct integration with other hardware wallets. Priced at $49.99, it offers a cost-effective solution for secure crypto storage.

****Special Features****

The SafePal S1 employs a 100% air-gapped signing mechanism, ensuring complete offline operation without Bluetooth, Wi-Fi, NFC, or USB connections. It features an EAL 5+ independent secure element, a true random number generator, multiple layers of security sensors, and an anti-tampering self-destruct mechanism. Additionally, its compact design, comparable to a credit card, enhances portability.

****Benefits****

Users benefit from managing unlimited tokens within a single device, with support for over 100 blockchains and continuous additions. The wallet integrates seamlessly with the SafePal App, providing access to decentralized applications (DApps) and facilitating cross-chain swaps and trades. Its user-friendly interface supports 15 languages, catering to a global audience.

****Limitations****

While the SafePal S1 offers robust security features, it lacks direct USB connectivity, relying solely on QR code scanning for transactions, which may be less convenient for some users. Additionally, as a hardware wallet, it requires physical possession for access, which might not suit users who prefer software-based solutions. Furthermore, being a relatively newer entrant in the hardware wallet market, it may not have the same extensive track record as some established competitors.

****10: Ledger Nano X****

The Ledger Nano X is a hardware wallet that supports over 5,500 cryptocurrencies, including major assets like Bitcoin (BTC), Ethereum (ETH), and Binance Coin (BNB). As a cold storage device, it keeps your private keys offline, providing enhanced security. The Nano X is compatible with both desktop and mobile devices via Bluetooth connectivity. Priced at $149, it offers a comprehensive solution for managing a diverse crypto portfolio.

****Special Features****

The Nano X features Bluetooth Low Energy (BLE) connectivity, allowing users to manage their crypto assets on the go through the Ledger Live app on smartphones. It incorporates a Secure Element (SE) chip, ensuring that private keys remain isolated and protected from potential threats. The device can install up to 100 apps simultaneously, accommodating a wide range of cryptocurrencies.

****Benefits****

The Ledger Nano X offers extensive support for a vast array of cryptocurrencies, making it suitable for users with diverse portfolios. Its Bluetooth functionality enhances user experience by enabling wireless management of assets via mobile devices. The integration with the Ledger Live app provides a unified platform for buying, selling, swapping, and staking various cryptocurrencies. Additionally, the device’s robust security features, including the Secure Element chip and custom operating system, offer peace of mind to users.

****Limitations****

While Bluetooth connectivity adds convenience, some users may have concerns about potential security risks associated with wireless connections. However, Ledger emphasizes that only non-sensitive data is transmitted via Bluetooth, and private keys never leave the device. The device’s price point of $149 may be considered high compared to other hardware wallets. Additionally, the battery is not replaceable, which could affect the device’s longevity.

Top Crypto Wallets of 2025: Balancing Security and Convenience

Worried parents tracking their children with T-Mobile SyncUP devices suddenly found that they were looking at the location of random other children. And could not locate their own.

Not one but several worried parents that tracked their children by using T-Mobile tracking devices suddenly found that they were looking at the location of random other children. And could not locate their own.

T-Mobile sells a small GPS tracker called SyncUP, which can be used to track, among others, the locations of young children who don’t have cell phones yet. SyncUP uses a combination of GPS technology, Wi-Fi, and T-Mobile’s LTE nationwide network to locate registered devices and comes in the form of a small tag, a car tracker or a kids watch.

According to our friends at 404 Media, several users reported receiving information that came from another tracker, not their own. And from some of the statements it’s very clear that the disclosed locations belonged to other children because of the names and pictures associated with the accounts.

One woman who spoke to 404 Media could see the location address where the random children were, as well as their name and the last time the location was updated. In many cases, the time said “just now” or “one minute ago.”

> “I was probably shown more than eight children. I would log in and I couldn’t see my children but I could see a kid in California. I refreshed and then I had no trackers, and then I refreshed again and would see a different child.” 

Car owners using SyncUP Drive, the car tracking device, reported similar problems.

Here are some of the potential issues that this mix up could bring up:

*   A big concern about tracking devices is their vulnerability to hacking, potentially exposing personal data. No hacking was needed here. Every time some of the users tried they would get the location of a different tracker.
*   Without consent, tracking devices can infringe on individuals’ privacy rights. While you may say this is mainly about tracking without consent, nobody consented to strangers tracking their children.
*   GPS tracking must comply with privacy laws like the Electronic Communications Privacy Act (ECPA) and the Driver’s Privacy Protection Act (DPPA) to prevent unauthorized surveillance. Did T-Mobile fail to comply, even if only for a short time?
*   Inaccurate tracking, or not being able to track, can compromise personal safety if devices are used for emergency services or monitoring vulnerable individuals.
*   Repeated problems can erode the trust in the underlying GPS tracking technology.

This raises the question for parents to ask themselves: What’s worse, not knowing where your child is exactly or running the risk of exposing their location to other people?

Privacy concerns surrounding tracking devices are multifaceted. On one hand, these devices are designed to give users a sense of safety and security by providing accurate location information. However, they also pose risks if not properly secured.

We have reported multiple times about stalkerware users getting exposed by security flaws in the apps they used. While SyncUP may be more secure than some of the stalkerware apps we wrote about, this incident shows it’s not watertight either.

T-Mobile did not disclose the exact problem, but told 404 Media the incident is now resolved:

> “Yesterday we fully resolved a temporary system issue with our SyncUP products that resulted from a planned technology update. We are in the process of understanding potential impacts to a small number of customers and will reach out to any as needed. We apologize for any inconvenience.”

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 Location, name, and photos of random kids shown to parents in child tracker mix up 

Accidentally deleted some photos from your iPhone? You’re definitely not alone; most iPhone users have done it at…

Accidentally deleted some photos from your iPhone? You’re definitely not alone; most iPhone users have done it at some point. The good news is that it’s often not the end of the road. In this guide, we’ll walk you through several straightforward ways to recover those deleted pictures, with clear steps anyone can follow.

****Can You Get Deleted Photos Back on iPhone?****

In short? Yes, most of the time, you can. Apple knows people accidentally delete stuff all the time. Maybe you tapped the wrong photo while half-asleep or thought you had a backup when you didn’t. Whatever the reason, iPhones aren’t unforgiving. There are built-in options that can help you get those photos back.

First up is the Recently Deleted album – Apple’s built-in “Are you sure about that?” folder. Deleted photos usually stick around there for 30 days before they’re permanently removed.

But if it’s been more than 30 days, or you have already emptied that folder, don’t give up just yet. There’s still hope. Between iCloud backups, Finder or iTunes backups, and specialized recovery software, there are still ways to bring those photos back even if they seem long gone.

The key is knowing where to look and acting quickly before the data gets overwritten.

****How to Get Deleted Photos from iPhone in the Photos App****

Alright, let’s start with the easiest way – the _Recently Deleted_ folder. It’s the first thing anyone, including Apple’s official guide, will tell you to check. And honestly, they’re right. This little folder has saved us more times than we’d like to admit.

How to get deleted photos back using the Recently Deleted folder:

1.  Open the **Photos** app on your iPhone.
2.  Scroll down and find the **Recently Deleted** folder under _Utilities_.
3.  Open it – you’ll see photos and videos that were deleted in the last 30 days.
4.  All you have to do is tap **Select**, choose the photo (or photos) you want back, hit **Recover** or **Recover All**, and they jump right back into your photo library like nothing ever happened. It’s almost too easy, which is maybe why some people forget it’s even there.  
    

Now, if you don’t see the photos you’re looking for, it’s probably because it’s already been more than 30 days, or maybe you cleared this folder out yourself. But don’t stop here – this is always step one, sure, but it’s definitely not the only one.

If the _Recently Deleted_ folder came up empty, there’s still a classic option: backups.

A lot of iPhone users don’t realize they might already have copies of their deleted photos tucked away in an iCloud backup or on their computer from the last time they synced using Finder or iTunes. The catch? Getting those photos back usually means restoring your iPhone to an earlier state, rewinding your entire device to how it was at the time of the backup.

But here’s something important to check before you even start digging through backups: if you had iCloud Photos turned on, your photos weren’t part of your iPhone backup at all. They were syncing separately with iCloud. So, in that case, restoring a backup won’t help because the photos were never included in the backup to begin with.

This part trips up a lot of people, and it comes up all the time on Apple’s official discussion forums – Many users don’t realize until it’s too late that iCloud Photos and iCloud Backups don’t work together the way they assumed.

Now, if you _didn’t_ have iCloud Photos turned on, you’re still in the game. Let’s break down the two main types of backups you can check.

****1\. Use Finder or iTunes Backup****

If you’ve ever plugged your iPhone into your computer and made a backup, even if you don’t remember when, there’s a chance your photos are still in there. To check, connect your iPhone to your Mac. If you’re using Windows, you’ll be using iTunes instead.

*   On a Mac, open up **Finder** like you normally would. On Windows, fire up **iTunes** if you still have it installed. From there, your iPhone should pop up in the sidebar.
*   Select your iPhone.

*   In the _General_ or _Summary_ tab, click Restore Backup.
*   Choose a backup from before you lost the photos.
*   Click **Restore** and wait – it might take a while, depending on the size of your backup.

Once it’s done, your iPhone will look the way it did when you made that backup, photos included.

Quick heads up: Restoring a backup will replace everything on your iPhone with whatever was saved at that time. So anything added after that, like messages, apps, or photos, could be lost unless it’s backed up somewhere else.

****2\. Use iCloud Backup****

If you don’t use a computer for backups, no worries – iCloud might still have your back. But fair warning, this method is a bit more involved because you’ll need to reset your iPhone before you can load an older backup.

Here’s how it works:

*   First, check if you even have a usable backup. Go to **Settings** > **Apple ID** (your name at the top) > **iCloud** > **iCloud** **Backup**.

*   Tap on your device name and look at the date of the latest backup. If the backup was made _before_ you deleted the photos, you’re in business.

*   Next, go back to **Settings** > **General** > **Transfer or Reset iPhone** > **Erase All Content and Settings**.

*   Your iPhone will reset and bring you to the setup screen. Follow the prompts until you reach the **Apps & Data** screen.

*   Choose **Restore from iCloud Backup** and sign in to your Apple ID.

*   Select the backup you just checked and let the restore run its course.

Once it finishes, your iPhone will be back to how it looked on the day of that backup – photos, messages, and all.

Quick reminder: if iCloud Photos was turned on, your photos weren’t included in your iPhone backup. They live in your iCloud Photos library, separate from the backup itself.

If that’s the case, check your other synced devices or log into iCloud.com from any browser. There’s always a small chance that the sync didn’t complete. Maybe your iPhone was in low power mode or the Wi-Fi wasn’t cooperating, and your deleted photos are still sitting safely in the cloud.

****How to Retrieve Permanently Deleted Photos from an iPhone with Software****

If you had no success with any of the previous steps, it might be worth it to try data recovery tools. This kind of software can recover deleted photos, videos, messages, contacts, and much more, even when they are not included in recent iPhone backups.

The good news is that there are plenty of options out there, and some of the best data recovery software tools in 2025 make the process way less intimidating than it sounds. One such popular one is **Disk Drill**, which we’ll use as an example here.

It works on both Mac and Windows and is pretty straightforward. Disk Drill can scan your iPhone directly for recoverable photos or dig into your Finder/iTunes backups and pull out individual files – which means you won’t even need to erase your entire phone to get those photos back.

Here’s how to recover deleted photos from your iPhone with this tool:

*   Download Disk Drill from the official www.cleverfiles.com website and install it on your Mac like you would any regular app.

*   Once it’s installed, open it up and look for the **iPhones & iPads** section in the sidebar.

*   Select your iPhone if you want to try scanning the device directly for deleted photos. Or, if you’re hoping to pull photos from an older backup, you can select an available Finder or iTunes backup right inside Disk Drill.

*   Next, click the **Search for lost data** button to kick off the scan.

*   Your iPhone will ask you for your device password – go ahead and enter it directly on the phone. If you’re dealing with an encrypted backup instead, Disk Drill will pop up a password prompt – you’ll need to enter your backup password to continue.

*   Now, sit tight and let Disk Drill do its thing. Scans can take a while depending on how much data you have.

*   Once the scan finishes, head over to the **Photos** section in the results. You’ll see previews of the photos Disk Drill found. _Pro tip_: hit the spacebar to bring up a quick preview.

*   When you’re ready, select the photos you want back, click **Recover**, and choose a spot on your Mac to save them.

A couple of things to keep in mind:

*   Disk Drill needs free space – about double the used space on your iPhone – to run the scan properly.

*   The free version lets you preview all recoverable photos, but if you want to actually recover them, you’ll need to upgrade to Disk Drill Pro.

****Video Guide****

****The Bottom Line****

There are a few ways you can try to recover deleted photos on an iPhone. Start with the _Recently Deleted_ folder, then check any backups, and if that doesn’t work, you can try using recovery software for photos that were permanently deleted.

But let’s be honest: if the photos are truly gone, what are your chances? It’s complicated. iPhones keep photos in secure databases, and when something is deleted, it’s not wiped right away. It’s just marked as deleted. Recovery tools don’t dig directly into the phone. Instead, they create a backup through Finder or iTunes and look in that backup for traces of those photos that haven’t been fully erased yet.

Here’s the most important thing to know: As soon as you realize something was deleted and there’s no backup, put your iPhone in Airplane Mode and stop using it for anything else. The more it’s used, the more likely it is that the deleted data will be overwritten.

Acting quickly gives you the best shot at getting your photos back.

How to Recover Deleted Photos from an iPhone

Plus: Alleged Snowflake hacker will be extradited to US, internet restrictions create an information vacuum in Myanmar, and London gets its first permanent face recognition cameras.

After senior Trump administration members mistakenly included The Atlantic editor Jeffrey Goldberg in a secret group chat about bombing Houthi targets in Yemen, encrypted messaging app Signal found itself at the center of a storm this week. Some commentators criticized the app, going as far to blame it for the scandal.

But the whole affair that’s dubiously been dubbed “SignalGate” isn’t about Signal at all: Experts say officials shouldn’t invite untrusted contacts into sensitive chats and should only use authorized devices, platforms, and procedures when discussing top-secret military operations. In other words, the people who set up the chat made numerous mistakes, and they had nothing to do with how secure Signal is. In fact, Signal has seen its biggest-ever spike in US downloads as a result of the news.

In other news linked to _that_ Houthi group chat, national security adviser Mike Waltz—an account with the name “Michael Waltz” originally invited Goldberg to the group—left his Venmo account open to public view. As WIRED reported, a “Michael Waltz” Venmo account displayed the names of the adviser’s colleagues and friends, revealing people in Waltz’s wider social network. After WIRED reached out to the White House, the Waltz account hid its friends list. There’s more though: WIRED also discovered other Venmo accounts linked to officials in the Signal chat. Information about who officials associate with could be highly lucrative for foreign spies and hackers.

Elsewhere, we reported on all the ways the White House adopting Elon Musk’s Starlink as an alternative Wi-Fi network could be bad news for network security. There are also early signs in Europe that some companies are going cold on cloud services from Google, Amazon, and Microsoft, as they reassess the risks of dealing with the volatile second Trump administration. And, as crossing the United States border becomes more perilous—for both citizens and visa holders—we updated our guide to keeping your digital privacy intact when you are entering the US.

That’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click on the headlines to read the full stories. And stay safe out there.

**Top US Security Officials’ Passwords and Personal Phone Numbers Discovered Online**

On top of SignalGate and Venmo accounts being left exposed, German news outlet Der Spiegel reported that sensitive personal information linked to several senior Trump administration security officials is easily discoverable online. Reporters from the publication found that mobile phone numbers, email addresses, and “some” passwords for top officials could be found on the internet.

Using people-search engines and information contained in public data breaches, Der Spiegel discovered personal information belonging to Waltz, director of national intelligence Tulsi Gabbard, and Pete Hegseth, the secretary of defense. “Most of these numbers and email addresses are apparently still in use, with some of them linked to profiles on social media platforms like Instagram and LinkedIn,” the news organization reported. The details were also linked to Dropbox, Microsoft Teams, Signal, and WhatsApp accounts used by the officials.

While millions of people have been caught up in online data breaches and use inadequate privacy settings on their online accounts, high-level government security officials are exposed to a broader and more severe range of online threats, particularly from nation-state hackers, than most people. Officials told the news organization that many of the accounts and personal details were no longer used or had been updated. However, messages Der Spiegel sent to WhatsApp and Signal accounts belonging to Waltz and Gabbard were delivered, the publication reported. Only after they approached the government for comment were some of the accounts restricted.

**Internet Restrictions May Hide Initial Toll of Myanmar Earthquake Damage**

On Friday, a huge 7.7-magnitude earthquake and aftershock hit Myanmar, with widespread damage being reported hundreds of miles away in Thailand. At the time of writing, at least 144 people have been confirmed dead with hundreds of others injured in Myanmar. As the first impacts of the devastating quake started to emerge, The New York Times reported that long-standing and widespread internet restrictions in worn-torn Myanmar were likely making it harder for news of the damage to be understood. Since the country’s military junta took power in 2021, connectivity within Myanmar has been widely disrupted or blocked. For instance in 2023, 13 out of Myanmar’s 14 states faced internet disruptions.

In the wake of the earthquake, more video footage and news could be seen immediately emerging from neighbouring Thailand, experts told the Times. “Compare the coverage of the earthquake in Thailand, where tremors and damage have been extensively reported, posted and documented, to Myanmar, where we still don’t have a clear picture of the extent of the damage and loss and may not for some time,” Joe Freeman from Amnesty International said. The lack of connectivity may also make the recovery and humanitarian efforts harder to coordinate, once again highlighting the vital need for people to have reliable and open access to the internet.

**Alleged Snowflake Hacker Connor Moucka Agrees to US Extradition**

Last summer’s Snowflake hacking spree, where customers of the cloud storage company had their accounts targeted, was likely one of the largest mass data exfiltrations that’s publicly known. Toward the end of 2024, Canadian authorities arrested Alexander “Connor” Moucka, 26, who allegedly used online handles such as “Waifu” and “Judische,” in connection to the hacking activity. This week, Moucka consented to be extradited to the United States to face the alleged charges. According to Cyberscoop, Moucka faces 20 federal charges, including those linked to computer fraud, wire fraud, and aggravated identity theft. Moucka is not the only person allegedly behind the Snowflake hacking, with John Binns and Cameron Wagenius being named in indictments. It is unclear when Moucka’s extradition will take place.

**London Is Getting Its First Permanent Face Recognition Cameras**

Police forces across the UK have massively increased their use of live face recognition cameras in recent years. Use of the controversial technology has historically been temporary: mounting cameras on top of police vehicles and deploying them for specific events and set periods of time. That’s now set to change with the first permanent face recognition cameras being rolled out in London. The city’s Metropolitan Police are in the process of installing fixed cameras in Croydon, in the south of the city.

“This will mean our use of LFR technology will be far more embedded as a ‘business as usual’ approach rather than relying on the availability of the LFR vans that are in high demand across London,” a police official wrote in a letter seen by The Times of London. Reportedly, the cameras will not be used continuously, only when officers are nearby to monitor potential alerts. However, privacy campaigners fear the move could be further rolled out across the city, leading to a network of permanent face recognition cameras unlike those seen in any other democratic countries.

Top Trump Officials’ Passwords and Personal Phone Numbers Discovered Online

When you think of malware, your mind probably jumps to malicious downloads or email attachments. But it turns…

When you think of malware, your mind probably jumps to malicious downloads or email attachments. But it turns out, some pretty innocent-looking devices can also be used as sneaky vectors for malicious software. Here are five surprising gadgets that could become malware delivery systems, and how to protect yourself.

****1\. Headphones and Speakers****

Yes, you read that right! Your trusty headphones or speakers could spread malware. This isn’t about plugging them into an infected device but rather using them to transmit data through sound waves. Researchers have demonstrated how malware can convert audio output devices into ultrasonic transmitters.

In one proof-of-concept attack called “AirHopper,” headphones were used to leak data from air-gapped computers by sending high-frequency audio signals that could be picked up by a nearby compromised device with a microphone.

While this kind of attack is rare and highly sophisticated, it shows that even your headphones can be weaponized. To minimize risk, always update your audio drivers and keep your system security tight.

****2\. Smart Light Bulbs****

Your fancy smart lighting system could be more than just mood lighting — it could also be a way for hackers to infiltrate your network. Researchers have shown that some smart bulbs can be infected with malware, which then spreads to other connected devices.

A notable example is the “Philips Hue” vulnerability discovered in 2020. Hackers could exploit flaws to jump from the smart bulb to the home network. Once inside, they could potentially access sensitive data or take control of other smart gadgets.

To stay safe, always update your smart devices’ firmware and keep them on a separate network from your primary devices.

****3\. Barcode Scanners****

Believe it or not, barcode scanners can become vectors for malware, too. In one case known as “Zombie Zero,” attackers embedded malware into the firmware of barcode scanners before they even left the factory.

Once these compromised scanners were used in warehouses, they infected connected systems, allowing hackers to spy on corporate networks and steal data. This is a prime example of a supply chain attack where infected hardware is shipped directly from the manufacturer.

Always check for firmware updates and run security scans even on seemingly simple devices like scanners.

****4\. Smart Coffee Maker****

Who knew your morning coffee could be a security risk? Some high-tech coffee makers come with Wi-Fi connectivity and smartphone control, making them vulnerable to attacks. Researchers have shown that smart coffee machines can be hacked to not only disrupt their functions but also act as a gateway into your home network.

One security researcher demonstrated how they could make the coffee maker constantly boil water or refuse to brew until a ransom was paid; a quirky but serious take on ransomware. However, a real-world cyber attack on a coffee machine has already happened. It happened in July 2017 when a coffee machine was compromised to infect computer devices at a factory company that has multiple petrochemical factories making chemicals in Europe.

****5\. Traffic Lights****

Smart traffic lights, essential for managing city traffic, are vulnerable to cyberattacks. Hackers can exploit weak security protocols or outdated software to manipulate signals, causing chaos on the roads. In some cases, malware can alter light patterns or disable systems entirely, leading to accidents or gridlock. Researchers have demonstrated how vulnerabilities in communication protocols allow control over signals.

****How to Stay Safe****

*   **Keep Firmware Updated:** No matter how harmless a device seems, make sure its software is up to date.

*   **Segment Your Network:** Keep IoT devices on a separate network from your primary devices.

*   **Use Strong Passwords:** Set unique, complex passwords for each device.

*   **Monitor Network Activity:** Regularly check which devices are connected to your network.

It’s crazy to think that everyday gadgets, from headphones to coffee makers, can become cybersecurity nightmares. However, that’s just how the world of cybersecurity works – make security part of your daily routine.

5 Unexpected Devices You Didn’t Know Could Spread Malware

The ad hoc addition to the otherwise tightly controlled White House information environment could create blind spots and security exposures while setting potentially dangerous precedent.

As the Trump administration's Department of Government Efficiency (DOGE) continues to rampage through the United States federal government, essentially guided by Elon Musk, the group has also been upending traditional IT boundaries—evaluating digital systems and allegedly accessing personally identifiable information as well as data that has typically been off-limits to those without specific training. Last week, The New York Times reported that the White House is adding Musk-owned SpaceX’s Starlink Wi-Fi “to improve Wi-Fi connectivity on the complex,” according to a statement from White House press secretary Karoline Leavitt. The White House's Starlink internet service is reportedly being donated by the company.

Spotty internet is an annoying but highly solvable problem that WIRED has reported on extensively. Of course, the White House is a highly complex organization operating out of a historic building, but network security researchers, government contractors, and former intelligence analysts with years of experience in US federal government security all tell WIRED that adding Starlink Wi-Fi in a seemingly rushed and haphazard way is an inefficient and counterproductive approach to solving connectivity issues. And they emphasized that it could set problematic precedents across the US government: that new pieces of technology can simply be layered into an environment at will without adequate oversight and monitoring.

“This is shadow IT, creating a network to bypass existing controls,” alleges Nicholas Weaver, a member of the nonprofit International Computer Science Institute's network security team and a computer science lecturer at UC Davis. He adds that while secret and top secret information is typically (but not always) processed only on special, separate federal networks that have no wireless access, the security and uniformity of White House Wi-Fi is still extremely important to national security. “A network like the White House unclassified side is still going to be very sensitive,” he says.

“Just like the Biden Administration did on numerous occasions, the White House is working to improve WiFi connectivity on the complex,” White House spokesperson Karoline Leavitt tells WIRED in a statement.

A White House source who asked not to be named supported the switch, arguing that in some areas of the campus, “the old Wi-Fi was trash.”

Researchers point out that while Starlink is a robust commercial ISP like any other, it is not clear that it is being implemented in compliance with White House Communication Agency requirements. If the controls on the White House Starlink Wi-Fi are more lax than on other White House Wi-Fi, it could introduce security exposures and blind spots in network monitoring for anomalous activity.

“The only reason they'd need Starlink would be to bypass existing security controls that are in place from WHCA,” claims former NSA hacker Jake Williams. “The biggest issues would be: First, if they don't have full monitoring of the Starlink connection. And second, if it allows remote management tools, so they could get remote access back into the White House networks. Obviously anyone could abuse that access.”

One baffling aspect of the arrangement is that Starlink and other satellite internet is designed to be used in places that have little or no access to terrestrial internet service—in other words, places where there are no reliable fiber lines or no wired infrastructure at all. Instead of a traditional ISP modem, Starlink customers get special panels that they install on a roof or other outdoor place to receive connectivity from orbiting satellites. The New York Times reported, though, that the White House Starlink panels are actually installed miles away at a White House data center that is routing the connectivity over existing fiber lines. Multiple sources emphasized to WIRED that this setup is bizarre.

“It is extra stupid to go satellite to fiber to actual site,” ICSI's Weaver says. “Starlink is inferior service anyplace where you have wire-line internet already available and, even in places which don't, inferior if you have reasonable line of sight to a cell tower.”

Weaver and others note that Starlink is a robust product and isn't inherently unreliable just because it is delivered via satellite. But in a location where fiber lines are highly available and, ultimately, the service is being delivered via those lines anyway, the setup is deeply inefficient.

While Starlink as a service is technically reliable, incorporating it in the White House could create a long-term federal dependence on an Elon Musk–controlled service, which could create future instabilities. After European officials raised concerns earlier this month on whether Starlink might stop serving Ukraine, Musk posted on social media: “To be extremely clear, no matter how much I disagree with the Ukraine policy, Starlink will never turn off its terminals … We would never do such a thing or use it as a bargaining chip.”

_Updated at 3 pm ET, March 24, 2025, to add comment from the White House, additional details from a White House source, and further context around the transmission of classified materials._

Using Starlink Wi-Fi in the White House Is a Slippery Slope for US Federal IT

A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration's continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to send their Social Security number or date of birth in a password-protected email attachment -- presumably with the password needed to view the file included in the body of the email.

A message posted on Monday to the homepage of the **U.S. Cybersecurity & Infrastructure Security Agency** (CISA) is the latest exhibit in the Trump administration’s continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to send their Social Security number or date of birth in a password-protected email attachment — presumably with the password needed to view the file included in the body of the email.

The homepage of cisa.gov as it appeared on Monday and Tuesday afternoon.

On March 13, a Maryland district court judge ordered the Trump administration to reinstate more than 130 probationary CISA employees who were fired last month. On Monday, the administration announced that those dismissed employees would be reinstated but placed on paid administrative leave. They are among nearly 25,000 fired federal workers who are in the process of being rehired.

A notice covering the CISA homepage said the administration is making every effort to contact those who were unlawfully fired in mid-February.

“Please provide a password protected attachment that provides your full name, your dates of employment (including date of termination), and one other identifying factor such as date of birth or social security number,” the message reads. “Please, to the extent that it is available, attach any termination notice.”

The message didn’t specify how affected CISA employees should share the password for any attached files, so the implicit expectation is that employees should just include the plaintext password in their message.

Email is about as secure as a postcard sent through the mail, because anyone who manages to intercept the missive anywhere along its path of delivery can likely read it. In security terms, that’s the equivalent of encrypting sensitive data while also attaching the secret key needed to view the information.

What’s more, a great many antivirus and security scanners have trouble inspecting password-protected files, meaning the administration’s instructions are likely to increase the risk that malware submitted by cybercriminals could be accepted and opened by U.S. government employees.

The message in the screenshot above was removed from the CISA homepage Tuesday evening and replaced with a much shorter notice directing former CISA employees to contact a specific email address. But a slightly different version of the same message originally posted to CISA’s website still exists at the website for the **U.S. Citizenship and Immigration Services**, which likewise instructs those fired employees who wish to be rehired and put on leave to send a password-protected email attachment with sensitive personal data.

A message from the White House to fired federal employees at the U.S. Citizenship and Immigration Services instructs recipients to email personal information in a password-protected attachment.

This is hardly the first example of the administration discarding Security 101 practices in the name of expediency. Last month, the **Central Intelligence Agency** (CIA) sent an unencrypted email to the White House with the first names and first letter of the last names of recently hired CIA officers who might be easy to fire.

As cybersecurity journalist **Shane Harris** noted in _The Atlantic_, even those fragments of information could be useful to foreign spies.

“Over the weekend, a former senior CIA official showed me the steps by which a foreign adversary who knew only his first name and last initial could have managed to identify him from the single line of the congressional record where his full name was published more than 20 years ago, when he became a member of the Foreign Service,” Harris wrote. “The former official was undercover at the time as a State Department employee. If a foreign government had known even part of his name from a list of confirmed CIA officers, his cover would have been blown.”

The White House has also fired at least 100 intelligence staffers from the **National Security Agency** (NSA), reportedly for using an internal NSA chat tool to discuss their personal lives and politics. Testifying before the House Select Committee on the Communist Party earlier this month, the NSA’s former top cybersecurity official said the Trump administration’s attempts to mass fire probationary federal employees will be “devastating” to U.S. cybersecurity operations.

**Rob Joyce**, who spent 34 years at the NSA, told Congress how important those employees are in sustaining an aggressive stance against China in cyberspace.

“At my former agency, remarkable technical talent was recruited into developmental programs that provided intensive unique training and hands-on experience to cultivate vital skills,” Joyce told the panel. “Eliminating probationary employees will destroy a pipeline of top talent responsible for hunting and eradicating \[Chinese\] threats.”

Both the message to fired CISA workers and DOGE’s ongoing efforts to bypass vetted government networks for a faster Wi-Fi signal are emblematic of this administration’s overall approach to even basic security measures: To go around them, or just pretend they don’t exist for a good reason.

On Monday, _The New York Times_ reported that U.S. Secret Service agents at the White House were briefly on alert last month when a trusted captain of Elon Musk’s “Department of Government Efficiency” (DOGE) visited the roof of the Eisenhower building inside the White House compound — to see about setting up a dish to receive satellite Internet access directly from Musk’s **Starlink** service.

The White House press secretary told The Times that Starlink had “donated” the service and that the gift had been vetted by the lawyer overseeing ethics issues in the White House Counsel’s Office. The White House claims the service is necessary because its wireless network is too slow.

**Jake Williams**, vice president for research and development at the cybersecurity consulting firm **Hunter Strategy**, told The Times “it’s super rare” to install Starlink or another internet provider as a replacement for existing government infrastructure that has been vetted and secured.

“I can’t think of a time that I have heard of that,” Williams said. “It introduces another attack point,” Williams said. “But why introduce that risk?”

Meanwhile, **NBC News** reported on March 7 that Starlink is expanding its footprint across the federal government.

“Multiple federal agencies are exploring the idea of adopting SpaceX’s Starlink for internet access — and at least one agency, the General Services Administration (GSA), has done so at the request of Musk’s staff, according to someone who worked at the GSA last month and is familiar with its network operations — despite a vow by Musk and Trump to slash the overall federal budget,” NBC wrote.

The longtime Musk employee who encountered the Secret Service on the roof in the White House complex was **Christopher Stanley**, the 33-year-old senior director for security engineering at **X** and principal security engineer at SpaceX.

On Monday, Bloomberg broke the news that Stanley had been tapped for a seat on the board of directors at the mortgage giant **Fannie Mae**. Stanley was added to the board alongside newly confirmed Federal Housing Finance Agency director Bill Pulte, the grandson of the late housing businessman and founder of PulteGroup — William J. Pulte.

In a nod to his new board role atop an agency that helps drive the nation’s $12 trillion mortgage market, Stanley retweeted a Bloomberg story about the hire with a smiley emoji and the comment “Tech Support.”

But earlier today, Bloomberg reported that Stanley had abruptly resigned from the Fannie board, and that details about the reason for his quick departure weren’t immediately clear. As first reported here last month, Stanley had a brush with celebrity on Twitter in 2015 when he leaked the user database for the DDoS-for-hire service **LizardStresser**, and soon faced threats of physical violence against his family.

My 2015 story on that leak did not name Stanley, but he exposed himself as the source by posting a video about it on his Youtube channel. A review of domain names registered by Stanley shows he went by the nickname “enKrypt,” and was the former owner of a pirated software and hacking forum called **error33\[.\]net**, as well as **theC0re**, a video game cheating community.

Stanley is one of more than 50 DOGE workers, mostly young men and women who have worked with one or more of Musk’s companies. The Trump administration remains dogged by questions about how many — if any — of the DOGE workers were put through the gauntlet of a thorough security background investigation before being given access to such sensitive government databases.

That’s largely because in one of his first executive actions after being sworn in for a second term on Jan. 20, President Trump declared that the security clearance process was simply too onerous and time-consuming, and that anyone so designated by the White House counsel would have full top secret/sensitive compartmented information (TS/SCI) clearances for up to six months. Translation: We accepted the risk, so TAH-DAH! No risk!

Presumably, this is the same counsel who saw no ethical concerns with Musk “donating” Starlink to the White House, or with President Trump summoning the media to film him hawking Cybertrucks and Teslas (a.k.a. “Teslers”) on the White House lawn last week.

Mr. Musk’s unelected role as head of an ad hoc executive entity that is gleefully firing federal workers and feeding federal agencies into “the wood chipper” has seen his Tesla stock price plunge in recent weeks, while firebombings and other vandalism attacks on property carrying the Tesla logo are cropping up across the U.S. and overseas and driving down Tesla sales.

President Trump and his attorney general Pam Bondi have dubiously asserted that those responsible for attacks on Tesla dealerships are committing “domestic terrorism,” and that vandals will be prosecuted accordingly. But it’s not clear this administration would recognize a real domestic security threat if it was ensconced squarely behind the Resolute Desk.

Or at the pinnacle of the **Federal Bureau of Investigation** (FBI). _The Washington Post_ reported last month that Trump’s new FBI director **Kash Patel** was paid $25,000 last year by a film company owned by a dual U.S. Russian citizen that has made programs promoting “deep state” conspiracy theories pushed by the Kremlin.

“The resulting six-part documentary appeared on Tucker Carlson’s online network, itself a reliable conduit for Kremlin propaganda,” The Post reported. “In the film, Patel made his now infamous pledge to shut down the FBI’s headquarters in Washington and ‘open it up as a museum to the deep state.'”

When the head of the FBI is promising to turn his own agency headquarters into a mocking public exhibit on the U.S. National Mall, it may seem silly to fuss over the White House’s clumsy and insulting instructions to former employees they unlawfully fired.

Indeed, one consistent feedback I’ve heard from a subset of readers here is something to this effect: “I used to like reading your stuff more when you weren’t writing about politics all the time.”

My response to that is: “Yeah, me too.” It’s not that I’m suddenly interested in writing about political matters; it’s that various actions by this administration keep intruding on my areas of coverage.

A less charitable interpretation of that reader comment is that anyone still giving such feedback is either dangerously uninformed, being disingenuous, or just doesn’t want to keep being reminded that they’re on the side of the villains, despite all the evidence showing it.

Article II of the U.S. Constitution unambiguously states that the president shall take care that the laws be faithfully executed. But almost from Day One of his second term, Mr. Trump has been acting in violation of his sworn duty as president by choosing not to enforce laws passed by Congress (TikTok ban, anyone?), by freezing funds already allocated by Congress, and most recently by flouting a federal court order while simultaneously calling for the impeachment of the judge who issued it. Sworn to uphold, protect and defend The Constitution, President Trump appears to be creating new constitutional challenges with almost each passing day.

When Mr. Trump was voted out of office in November 2020, he turned to baseless claims of widespread “election fraud” to explain his loss — with deadly and long-lasting consequences. This time around, the rallying cry of DOGE and White House is “government fraud,” which gives the administration a certain amount of cover for its actions among a base of voters that has long sought to shrink the size and cost of government.

In reality, “government fraud” has become a term of derision and public scorn applied to anything or anyone the current administration doesn’t like. If DOGE and the White House were truly interested in trimming government waste, fraud and abuse, they could scarcely do better than consult the inspectors general fighting it at various federal agencies.

After all, the inspectors general likely know exactly where a great deal of the federal government’s fiscal skeletons are buried. Instead, Mr. Trump fired at least 17 inspectors general, leaving the government without critical oversight of agency activities. That action is unlikely to stem government fraud; if anything, it will only encourage such activity.

As _Techdirt_ founder **Mike Masnick** noted in a recent column “Why Techdirt is Now a Democracy Blog (Whether We Like it or Not),” when the very institutions that made American innovation possible are being systematically dismantled, it’s not a “political” story anymore: It’s a story about whether the environment that enabled all the other stories we cover will continue to exist.

“This is why tech journalism’s perspective is so crucial right now,” Masnick wrote. “We’ve spent decades documenting how technology and entrepreneurship can either strengthen or undermine democratic institutions. We understand the dangers of concentrated power in the digital age. And we’ve watched in real-time as tech leaders who once championed innovation and openness now actively work to consolidate control and dismantle the very systems that enabled their success.”

“But right now, the story that matters most is how the dismantling of American institutions threatens everything else we cover,” Masnick continued. “When the fundamental structures that enable innovation, protect civil liberties, and foster open dialogue are under attack, every other tech policy story becomes secondary.”

DOGE to Fired CISA Staff: Email Us Your Personal Data

Spring Break vacationers could open themselves up to online scams and cyberthreats this year, according to new research from Malwarebytes.

This year, Spring Break vacationers are packing more than their flip-flops, bucket hats, and sunglasses—they’re also packing a few cybersecurity anxieties for the trip.

According to new research from Malwarebytes, 52% of people said they “worry about being scammed while traveling,” while another 40% admitted that they “worry about my kids or family sharing trip details online.” While most people said they will act on these concerns—63% will make sure their security software is up to date, 53% will back up their data—roughly 10% of people said they will take no precautions whatsoever into protecting their security or privacy while on vacation.

The findings reveal that the public approaches cybersecurity as a patchwork quilt, implementing some best practices while forgoing others, and engaging in a few behaviors that carry significant risk online.

For this research, Malwarebytes conducted a pulse survey of its customers in March via the Alchemer Survey Platform.

Broadly, Malwarebytes found that:

*   52% of people “agreed” or “strongly agreed” that they “worry about being scammed while traveling.”
*   20% of people “agreed” or “strongly agreed” that they “don’t really think about protecting my data while traveling.”
*   38% of people said they will book their next travel opportunity through a “general search,” which could leave them vulnerable to malvertising.
*   Apps are a way of life, as 66% of people said they use between one and six apps specifically for travel (such as hotel apps, airline apps, and translation apps). A particularly plugged-in 8% of people said they manage more than seven apps for the same purposes.
*   To stay cybersecure and private on vacation, the majority of people will backup their data (53%), ensure their security software is up to date (63%), and set up credit card transaction alerts (56%), but 10% will take none of these—or other—steps.
*   53% of people refuse to take a single laptop with them on vacation, whereas just 1% leave even their smartphone behind—talk about a holiday.

****Risky business break****

The cybersecurity risks around personal vacations are unlike those around the holidays for major organizations and businesses, in which cybercriminals know that low staffing will leave companies more vulnerable to an attack or breach.

Instead, far-flung Spring Breakers can engage in a series of behaviors both before and during their holidays that leave them open to online scams and theft.

Take, for example, the 38% of people who told Malwarebytes that they would conduct a “general search online” in booking their next vacation. While Google searches are probably one of the most common tasks for any vacation planning, the results that people see can be manipulated through a type of cybercrime called malvertising, short for “malicious advertising.” 

In malvertising, cybercriminals will create a fake website that looks like a popular service, like Facebook, Slack, or eBay. Cybercriminals will also pay a small sum so that these fake websites show up near the top of Google’s sponsored results for relevant searches. Once users click on the websites, which appear legitimate, they’re tricked into downloading malware or handing over sensitive information to scammers.

A safer option for vacationers is to book travel directly with an airline or hotel chain. Many participants wrote this approach into the Malwarebytes survey when selecting the “Other” option (14%). Interestingly, the 29% of respondents who said they use a travel agent for booking likely also receive some extra safeguards, simply because another, experienced, person is involved in the process.

But in the same way that cybercriminals have begun abusing Google search results to send victims to dangerous websites, they’ve also done the same to trick users into downloading fake versions of popular apps.

Android “phishing” apps are a serious threat to users today—Malwarebytes detected 22,800 of them last year alone—and, as we wrote before, they represent the next step in camouflaged cyber-scamming:

> “By disguising themselves as legitimate apps—including for services like TikTok, Spotify, and WhatsApp—Android phishing apps can trick victims into typing in their real usernames and passwords on bogus login screens that are controlled entirely by cybercriminals.”

The threat here endures long after the app is installed. If enough victims unwittingly send their passwords, cyber thieves could bundle the login credentials for sale on the dark web. Once the passwords are sold, the new, malicious owners will attempt to use individual passwords for a variety of common online accounts—testing whether, say, an email account password is the same one used for a victim’s online banking system, their mortgage payment platform, or their Social Security portal.

This wouldn’t be too much a problem if modern traveling didn’t involve so many apps.

According to our survey, 44% of people manage between two to four apps specifically for travel purposes, and 9% manage between five and six apps. And while 20% of people use zero apps for travel and 14% use just one app, there are 8% of people who rely on more than seven apps strictly for travel purposes.

That could include airlines apps, hotel apps, translation apps, and more. But as more apps help with traveling needs, more opportunities arise for those apps to be falsely emulated and maliciously advertised online.

As for what people do while physically on vacation, many engaged in online behaviors that could prove risky, but they can hardly be criticized for it.

For example, 25% of people said they scan QR codes while on vacation. These codes could lead people to malicious websites, but QR codes have become normalized at restaurants that no longer have physical menus. And 33% of people “log into financial institution sites or apps to manage \[their\] budget, check purchases, etc.” This type of activity was susceptible to online eavesdropping many years ago, but everyday internet connections have become far more secure in the past decade. That said, it’s inspiring to see that 41% of people “download or install a VPN” to provide an extra level of security when browsing on public Wi-Fi.

****Safe travels****

Cybersecurity is probably the last thing people want to “pack” before going away on a break, but, thankfully, it’s something that a majority of people said they do.

For instance, 63% said they “check that \[their\] security software is up to date,” while 53% said they “backup \[their\] data.” Similarly, 56% said they “set up credit card transaction alerts.” And while it isn’t quite a majority, 47% said they turn on “Find my Device” features which can help in case of a lost or stolen device. Interestingly, people do not commit to the same precautions for their bags—just 21% of survey participants said they “put a tracker in \[their\] luggage.”

Still, there’s progress to be made.

Not only did 10% of survey participants share that they take zero cybersecurity or data privacy precautions before traveling, but 20% also agreed or strongly agreed with the statement “I don’t really think about protecting my data while traveling.”

For safety abroad, here are a few tips travelers can take before and during their next vacation:

*   **Backup your data before you head out**. Losing a device or having it stolen while on vacation won’t just ruin the trip itself—it will return the return journey, too. Backing up your data will help ensure that any lost device doesn’t lead to lost files.
*   **Turn on “Find My” features**. To respond to a lost or stolen device, turn on the “Find My” features on iPhones and Androids before your vacation so you can track a device’s location in real time.
*   **Protect your devices with antivirus and cybersecurity tools**. Modern cybersecurity tools don’t just stop viruses from landing on your devices, they also warn you about dangerous websites and links that could steal your info.
*   **Update your software**. Ensure that your devices are running on the latest versions of their operating systems. This helps prevent any known weaknesses from being exploited by cybercriminals.
*   **Use a password manager and 2FA**. Your most sensitive accounts shouldn’t just have a unique password. They should also be protected by two-factor authentication, which requires more than a password for anyone to login.
*   **Consider a VPN**. If you are doing something sensitive online, it never hurts to use a VPN. Bonus: If you’re travelling to another country where your favourite streaming shows aren’t available, a VPN can help here too.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 1 in 10 people do nothing to stay secure and private on vacation 

February 2025 saw a record 126% surge in ransomware attacks, with Cl0p leading the charge. Hackers exploited file…

February 2025 saw a record 126% surge in ransomware attacks, with Cl0p leading the charge. Hackers exploited file transfer flaws, infostealers, and AI-driven tactics, reveals Bitdefender’s latest Threat Debrief report.

Cybersecurity just reached a new milestone; and not in a good way. According to Bitdefender’s latest Threat Debrief report, February 2025 was the worst month in history for ransomware attacks, with a 126% increase in claimed victims compared to the same period last year.

This surprising jump saw the number of victims soar from 425 in February 2024 to a staggering 962 in February 2025. The massive surge in ransomware attacks occurred despite the United States-led alliance of 40 countries, announced in November 2023, aimed at dismantling ransomware gangs and their infrastructure. The initiative focused on disrupting payments, taking down infrastructure, and enhancing intelligence sharing.

****Clop (Cl0p) Ransomware at Its Peak****

According to Bitdefender’s report shared with Hackread.com ahead of publishing on Thursday, Cl0p ransomware group Clop was responsible for more than a third of the attacks, claiming 335 victims in just one month. This makes a 300% increase from the previous month.

So, what’s behind this sudden rise in attacks? Cybersecurity experts point to a new trend that’s not so new: attackers are increasingly targeting vulnerabilities in edge network devices, such as file transfer systems and remote access tools.

Instead of focusing on specific industries, these opportunistic hackers are scanning the internet for easily exploitable flaws and launching automated attacks. For example, the Cl0p ransomware gang is notorious for exploiting vulnerabilities in MOVEit, a managed file transfer (MFT) software, with the highest frequency in 2023. The group stole so much data through MOVEit vulnerabilities that it launched a clearnet website to leak stolen information from victims worldwide.

In December 2024, Cl0p also announced exploiting security vulnerabilities in Cleo’s managed file transfer software, specifically targeting Cleo Harmony, VLTrader, and LexiCom products. Bitdefender’s Threat Debrief report also spotted Cl0p’s exploitation of Cleo vulnerabilities, especially CVE-2024-50623 and CVE-2024-55956 both rated 9.8 out of 10 in severity.

Both flaws allow attackers to execute commands remotely on compromised systems and were disclosed late last year. Despite patches being available, many organizations failed to update their systems in time, leaving them wide open to exploitation leading to the surge in victims seen in February 2025.

The illustration highlights the rapid pace at which ransomware gangs exploit vulnerabilities and shift to new targets. (Credit: Ditdefender)

****Other Notable Developments in the Ransomware World****

Beyond the record-breaking numbers, Bitdefender researchers noticed several other noteworthy trends in February 2025 including:

****FunkSec’s New Infostealer****

FunkSec, a growing ransomware group, released Wolfer, a tool designed to extract sensitive information from infected machines. It communicates with a Telegram bot to gather system details, Wi-Fi passwords, and more.

A ransomware gang using infostealers is bad news, especially as researchers recently found that cybercriminals are successfully breaching U.S. national security with infostealers as cheap as $10. Even high-security institutions like the military and the FBI have had their systems compromised, with access being sold on the dark web.

****Black Basta Gets Analyzed by AI****

On February 11, 2025, the notorious Black Basta ransomware gang had its internal chats leaked. These chats contained over 200,000 Russian-language messages. Hudson Rock’s researchers created a chatbot called BlackBastaGPT to sift through the chat logs.

Insights revealed details about their profits, use of deepfake technology, and internal conflicts. The group’s leader emphasized avoiding detection by using built-in system tools, a tactic known as “living off the land.”

****Ghost Ransomware Under Scrutiny****

A joint advisory from CISA highlighted Ghost (also known as Cring), a China-based ransomware operation exploiting older but still unpatched vulnerabilities. Recommendations include patching affected software, segmenting networks, and backing up data regularly.

****Akira’s Webcam Hack****

The Akira ransomware gang found a creative way to bypass security by hijacking a victim’s webcam. Since the device ran Linux and wasn’t monitored closely, it became the perfect launchpad for encrypting files across the network undetected.

****Top 10 Companies Most Targeted by Ransomware Gangs****

The United States, Canada, the UK, Germany, and other developed nations remain the biggest targets of ransomware groups. These countries are highly vulnerable due to their reliance on connected edge devices, cloud infrastructure, and critical business data.

In total, these are the top 10 companies most targeted by ransomware gangs:

1.  USA
2.  Canada
3.  The UK
4.  Germany
5.  France
6.  Australia
7.  Brazil
8.  Mexico
9.  Italy
10.  Sweden

For those looking to understand the full scope of modern ransomware operations and how to fight back, Bitdefender has published a comprehensive whitepaper detailing current attack methods and defence strategies. You can access it here.

Tag

#wifi