Plus: France blames Russia for a series of cyberattacks, the US is taking steps to crack down on a gray market allegedly used by scammers, and Microsoft pushes the password one step closer to death.

Researchers unveiled a cluster of vulnerabilities in Apple’s wireless media streaming platform AirPlay this week that leave millions of third-party devices like speakers and TVs vulnerable to takeover if an attacker is on the same Wi-Fi network as the victim gadget. These “AirBorne” vulnerabilities have all been patched—including some that potentially impacted Apple’s Mac computers—but, in practice, third-party devices may not all get fixes, and even if they do, patch adoption could be low.

Records reviewed by WIRED show that utilizing car subscription features can substantially raise your risk of being subjected to government surveillance, because such services generate troves of data that are valuable to law enforcement. WIRED also did a deep dive on North Korea’s yearslong campaign to place IT workers inside companies in North American, the United Kingdom, and Europe. The schemes are more effective than ever as scammers incorporate AI into their workflows.

WhatsApp designed a special cloud processing platform called Private Processing to allow new AI tools to work in the secure messenger without compromising its end-to-end encryption. Experts warn, though, that it could create enticing targets for hackers. And we have a guide for navigating the privacy risks of using ChatGPT’s new image generator to do seemingly fun and innocuous projects like making an action figure version of yourself.

But wait, there's more! Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

**Three British Retailers Hacked in Spate of Cyberattacks**

Three separate retailers in the UK—including the supermarket Co-op and thedepartment stores Marks & Spencer and Harrods—have all revealed they have recently been subject to cyberattacks, with the intrusions and widespread impact seemingly ongoing. Toward the end of April, Marks & Spencer revealed it had been the victim of a “cyber incident.” Over the following two weeks, it has been forced to pause online orders within its apps, some food has been missing from its shelves, and it has paused recruitment and other “normal processes.” Staff at Co-op have been told to keep webcams turned on during remote meetings and check who is attending calls, after shutting down parts of its IT systems in response to its own hack. Harrods, meanwhile, told customers to “not do anything differently at this point.”

At the time of writing, none of the retailers have detailed the specific nature of the cyberattacks or the full scale of the impacts. It is also unclear if the attacks are linked. Bloomberg has reported a ransomware cartel dubbed DragonForce has claimed it and its partners were behind the attacks. The so-called cartel provides “infrastructure and tools” to hackers but “doesn't require affiliates to deploy its ransomware,” according to research from security firm Secureworks. The hacked companies did not respond to Bloomberg about the claims.

Bleeping Computer originally reported that the threat actors known as Scattered Spider were allegedly behind the attack on Marks & Spencer. The publication reported that the company’s servers were encrypted by ransomware, with the intrusion beginning as early as February. The attribution to Scattered Spider has not been confirmed by Marks & Spencer.

Over the past two years, Scattered Spider has emerged as one of the most prolific and dangerous sets of hackers currently operating. The threat actors are not a well-defined group of hackers. Instead, they’re more a loose collective that uses social engineering—such as phishing and voice calls—to gain initial access into company networks. Scattered Spider members are often English-speaking, teenaged, and can be members of the heinous criminal group the Com. The hackers have been active since June 2022 and have targeted more than 100 companies—including the high-profile hacks on Caesar's Entertainment and MGM Resorts in 2023.

**France (Finally) Names Russian Hackers for the First Time**

French authorities have condemned Russia’s military intelligence agency, accusing it of orchestrating a series of high-profile cyberattacks—including the hacking of Emmanuel Macron’s 2017 presidential campaign, a brazen 2015 assault on the TV channel TV5 Monde, and recent intrusion attempts targeting organizations involved in preparing the 2024 Paris Olympic Games.

French authorities have also disclosed the name and location of a GRU unit tied to the notorious hacking group APT28—information that had never before been officially released. Unit 20728 is based in the southern Russian city of Rostov-on-Don and operates out of the "166th Information Research Center."

This marks the first time French officials have publicly assigned blame to a foreign intelligence service following an internal attribution process. The timing is significant, coming as Paris positions itself at the forefront of Europe’s support for Ukraine.

**US Moves to Crack Down on ‘Largest Illicit Marketplace’**

The Trump administration has taken the first step toward blacklisting a Cambodian financial conglomerate at the center of a global money laundering network. On Thursday, the Treasury Department designated Huione Group as a money-laundering operation, alleging that the company and its affiliates have laundered more than $4 billion for criminals, including North Korean hackers and online scammers.

These scammers—who defraud victims through bogus investments and other schemes—rely on Huione and its affiliates to move funds abroad to evade both law enforcement and anti-money-laundering systems. The proposed action represents the most significant effort yet to crack down on Huione, which is tied to what experts believe to be the “largest illicit marketplace”: Huione Guarantee. According to WIRED’s January report, the marketplace has likely facilitated over $24 billion in gray-market transactions. Experts believe the platform operates as a one-stop shop for scammers, offering everything from victim contact lists and deepfake tools to fake investment websites and other illicit services.

**New Microsoft Accounts Won’t Need Passwords Anymore**

Slowly but surely, the password is dying. Over the past two years, passkeys—a stronger method of authentication that doesn’t require you to remember or use a password—have become more common. The rollout of the technology has been piecemeal, but big tech companies have worked for years to create the alternative, which is more secure than passwords. This week, Microsoft announced that people setting up new accounts with the company won’t have to create passwords at all. “New Microsoft accounts will now be ‘passwordless by default,’” the company wrote in a blog post. Microsoft is also pushing people further away from passwords and will “detect” the best way for people to lo in to their accounts if they have set up alternatives to passwords.

Hacking Spree Hits UK Retail Giants

Researchers found a set of vulnerabilities that puts all devices leveraging Apple's AirPlay at risk.

Researchers found a set of vulnerabilities in Apple’s AirPlay SDK that put billions of users at risk of their devices being taking over.

AirPlay is Apple’s proprietary wireless technology that allows you to stream audio, video, photos, and even mirror your device’s screen from an iPhone, iPad, or Mac to other compatible devices like Apple TV, HomePod, smart TVs, or speakers. It works over Wi-Fi, so you don’t need cables.

Apple added the necessary updates on April 28 to the March 31 update. The update—iOS 18.4 and iPadOS 18.4—was initially issued on March 31, but the additional security fixes were delivered through Rapid Security Responses, or minor patches that Apple incorporated after the initial release. Rapid Security Response (RSR) is a type of software patch delivering security fixes between Apple’s regular, scheduled software updates.

The good news is if you installed the March 31 update, you should be fine. Otherwise, check manually if any updates are available.

To check if you’re using the latest software version, go to **Settings > General > Software Update**. You want to be on iOS 18.4.1 or iPadOS 18.4.1, so update now if you’re not. It’s also worth turning on Automatic Updates if you haven’t already. You can do that on the same screen.

*   The latest version of macOS is 15.4.1. Learn how to update the software on your Mac and how to allow important background updates.
*   The latest version of tvOS is 18.4.1. Learn how to update the software on your Apple TV.
*   The latest version of watchOS is 11.4. Learn how to update the software on your Apple Watch.
*   The latest version of visionOS is 2.4.1. Learn how to update the software on your Apple Vision Pro.

The AirPlay SDK (Software Development Kit) is a set of programming tools Apple provides to app developers to integrate AirPlay functionality into their apps. Using the AirPlay SDK, developers can add features that allow their apps to stream audio or video content wirelessly to AirPlay-compatible devices. This makes apps “AirPlay-ready” by handling the streaming and control behind the scenes.

Combining vulnerabilities allows an attacker on the local network to potentially take control of devices that support AirPlay—both Apple devices and third-party devices that leverage the AirPlay SDK.

Apple released updates to fix the vulnerabilities on April 29 for members of the Apple MFi Program, who are developers of Apple-compatible accessories or software.

The researchers who found and reported these flaws warn they can be exploited without any user interaction—or with just a single click—to execute remote code. Attackers could also use them for man-in-the-middle interceptions, denial-of-service disruptions, and to bypass access controls and user prompts. On top of that, these vulnerabilities may allow unauthorized access to sensitive data and local files, making them a serious risk that demands immediate attention.

**Technical details**

In total, the researchers responsibly disclosed 23 vulnerabilities to Apple, leading to 17 CVEs being issued. A complete list and description of these CVEs, as well as specific attack scenarios they enable, can be found on their blog.

The most important vulnerabilities are:

CVE-2025-24252: Successful exploitation of the use-after-free vulnerability could allow a remote attacker to execute arbitrary code. When exploited together with CVE-2025-24206, the attacker is able to perform zero-click remote code execution on other vulnerable AirPlay-enabled devices in the same network, without any user interaction. The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10.

CVE-2025-24206: Successful exploitation of the vulnerability could allow an attacker to bypass authentication and conduct malicious activities without user interaction when exploited with other vulnerabilities.

CVE-2025-24132: Successful exploitation of the stack-based buffer overflow vulnerability could allow an attacker to perform zero-click remote code execution on vulnerable AirPlay SDK devices and potentially leak sensitive information by eavesdropping.

That the attacker does need to be on the same network, but exploitation require minimal to no interaction of the target.

**Possible protective actions**

These depend very much on the types of devices you are using, so I will try to give some general guidance and the reasons behind them.

*   As we said above, make sure your devices are fully updated
*   Use up-to-date and active malware protection
*   Disable AirPlay if you’re not using it, or set it to **Ask** as a minimum

*   Disable AirPlay Receiver if it is not in use.
*   Be extra careful on public networks. This vulnerability could theoretically spread in airports, offices, hotels, or conferences where many Apple devices are in close proximity. In such cases, avoid using unsecured Wi-Fi.
*   Restrict AirPlay settings: Change the **Allow AirPlay for** to **Current User**. While this does not prevent all of the issues, it does reduce the protocol’s attack surface.

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 Apple AirPlay SDK devices at risk of takeover—make sure you update 

Researchers reveal a collection of bugs known as AirBorne that would allow any hacker on the same Wi-Fi network as a third-party AirPlay-enabled device to surreptitiously run their own code on it.

Apple’s AirPlay feature enables iPhones and Macbooks to seamlessly play music or show photos and videos on other Apple devices or third-party speakers and TVs that integrate the protocol. Now newly uncovered security flaws in AirPlay mean that those same wireless connections could allow hackers to move within a network just as easily, spreading malicious code from one infected device to another. Apple products are known for regularly receiving fixes, but given how rarely some smart-home devices are patched, it’s likely that these wirelessly enabled footholds for malware, across many of the hundreds of models of AirPlay-enabled devices, will persist for years to come.

On Tuesday, researchers from the cybersecurity firm Oligo revealed what they’re calling AirBorne, a collection of vulnerabilities affecting AirPlay, Apple’s proprietary radio-based protocol for local wireless communication. Bugs in Apple’s AirPlay software development kit (SDK) for third-party devices would allow hackers to hijack gadgets like speakers, receivers, set-top boxes, or smart TVs if they’re on the same Wi-Fi network as the hacker’s machine. Another set of AirBorne vulnerabilities would have allowed hackers to exploit AirPlay-enabled Apple devices too, Apple told Oligo, though these bugs have been patched in updates over the last several months, and Apple tells WIRED that those bugs could have only been exploited when users changed default AirPlay settings.

Those Apple devices aside, Oligo’s chief technology officer and cofounder, Gal Elbaz, estimates that potentially vulnerable third-party AirPlay-enabled devices number in the tens of millions. “Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch—or they will never be patched,” Elbaz says. “And it's all because of vulnerabilities in one piece of software that affects everything.”

Despite Oligo working with Apple for months to patch the AirBorne bugs in all affected devices, the Tel-Aviv-based security firm warns that the AirBorne vulnerabilities in many third-party gadgets are likely to remain hackable unless users act to update them. If a hacker can get onto the same Wi-Fi network as those vulnerable devices—whether by hacking into another computer on a home or corporate network or by simply connecting to the same coffeeshop or airport Wi-Fi—they can surreptitiously take over these gadgets. From there, they could use this control to maintain a stealthy point of access, hack other targets on the network, or add the machines to a botnet of infected, coordinated machines under the hacker’s control.

Oligo also notes that many of the vulnerable devices have microphones and could be turned into listening devices for espionage. The researchers did not go so far as to create proof-of-concept malware for any particular target that would demonstrate that trick.

Oligo says it warned Apple about its AirBorne findings in the late fall and winter of last year, and Apple responded in the months since then by pushing out security updates. The researchers collaborated with Apple to test and validate the fixes for Macs and other Apple products.

Apple tells WIRED that it has also created patches that are available for impacted third-party devices. The company emphasizes, though, that there are limitations to the attacks that would be possible on AirPlay-enabled devices as a result of the bugs, because an attacker must be on the same Wi-Fi network as a target to exploit them. Apple adds that while there is potentially some user data on devices like TVs and speakers, it is typically very limited.

Below is a video of the Oligo researchers demonstrating their AirBorne hacking technique to take over an AirPlay-enabled Bose speaker to show their company’s logo for AirBorne. (The researchers say they didn’t intend to single out Bose, but just happened to have one of the company’s speakers on hand for testing.) Bose did not immediately respond to WIRED’s request for comment.

The AirBorne vulnerabilities Oligo found also affect CarPlay, the radio protocol used to connect to vehicles’ dashboard interfaces. Oligo warns that this means hackers could hijack a car’s automotive computer, known as its head unit, in any of more than 800 CarPlay-enabled car and truck models. In those car-specific cases, though, the AirBorne vulnerabilities could only be exploited if the hacker is able to pair their own device with the head unit via Bluetooth or a USB connection, which drastically restricts the threat of CarPlay-based vehicle hacking.

The AirPlay SDK flaws in home media devices, by contrast, may present a more practical vulnerability for hackers seeking to hide on a network, whether to install ransomware or carry out stealthy espionage, all while hiding on devices that are often forgotten by both consumers and corporate or government network defenders. “The amount of devices that were vulnerable to these issues, that's what alarms me,” says Oligo researcher Uri Katz. “When was the last time you updated your speaker?”

The researchers originally started thinking about this property of AirPlay, and ultimately discovered the AirBorne vulnerabilities, while working on a different project analyzing vulnerabilities that could allow an attacker to access internal services running on a target’s local network from a malicious website. In that earlier research, Oligo’s hackers found they could defeat the fundamental protections baked into every web browser that are meant to prevent websites from having this type of invasive access on other people’s internal networks.

While playing around with their discovery, the researchers realized that one of the services they could access by exploiting the bugs without authorization on a target’s systems was AirPlay. The crop of AirBorne vulnerabilities revealed today is unconnected to the previous work, but was inspired by AirPlay’s properties as a service built to sit open and at the ready for new connections.

And the fact that the researchers found flaws in the AirPlay SDK means that vulnerabilities are lurking in hundreds of models of devices—and possibly more, given that some manufacturers incorporate the AirPlay SDK without notifying Apple and becoming “certified” AirPlay devices.

“When third-party manufacturers integrate Apple technologies like AirPlay via an SDK, obviously Apple no longer has direct control over the hardware or the patching process,” says Patrick Wardle, CEO of the Apple device-focused security firm DoubleYou. “As a result, when vulnerabilities arise and third-party vendors fail to update their products promptly—or at all—it not only puts users at risk but could also erode trust in the broader Apple ecosystem."

_Updated 10 am ET, April 29, 2024: Clarified that the logo in Oligo's video is for AirBorne, not the company itself._

Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi

Records reviewed by WIRED show law enforcement agencies are eager to take advantage of the data trails generated by a flood of new internet-connected vehicle features.

Automakers are increasingly pushing consumers to accept monthly and annual fees to unlock preinstalled safety and performance features, from hands-free driving systems and heated seats to cameras that can automatically record accident situations. But the additional levels of internet connectivity this subscription model requires can increase drivers’ exposure to government surveillance and the likelihood of being caught up in police investigations.

A cache of more than two dozen police records recently reviewed by WIRED show US law enforcement agencies regularly trained on how to take advantage of “connected cars,” with subscription-based features drastically increasing the amount of data that can be accessed during investigations. The records make clear that law enforcement’s knowledge of the surveillance far exceeds that of the public and reveal how corporate policies and technologies—not the law—determine driver privacy.

“Each manufacturer has their whole protocol on how the operating system in the vehicle utilizes telematics, mobile Wi-Fi, et cetera,” one law enforcement officer noted in a presentation prepared by the California State Highway Patrol (CHP) and reviewed by WIRED. The presentation, while undated, contains statistics on connected cars for the year 2024. “If the vehicle has an active subscription,” they add, “it does create more data.”

The CHP presentation, obtained by government transparency nonprofit Property of the People via a public records request, trains police on how to acquire data based on a variety of hypothetical scenarios, each describing how vehicle data can be acquired based on the year, make, and model of a vehicle. The presentation acknowledges that access to data can ultimately be limited due to choices made by not only vehicle manufacturers but the internet service providers on which connected devices rely.

One document notes, for instance, that when a General Motors vehicle is equipped with an active OnStar subscription, it will transmit data—revealing its location—roughly twice as often as a Ford vehicle. Different ISPs appear to have not only different capabilities but policies when it comes to responding to government requests for information. Police may be able to rely on AT&T to help identify certain vehicles based on connected devices active in the car but lack the ability to do so when the device relies on a T-Mobile or Verizon network instead.

Charlotte McCoy, a GM spokesperson, tells WIRED the company now requires a court order before handing over location data to law enforcement. “We review each request individually to assess the circumstances and the nature of the request before providing any information,” they say. “Connectivity offers many benefits—including navigation, communication, safety, and maintenance—and customers can mask their location or turn off connectivity at any time.”

Other car manufacturers listed in the CHP presentation, including Ford, did not respond to a request for comment.

“There's definitely a role being played by the companies in deciding what kind of standard they're going to insist on,” says Andrew Crocker, the surveillance litigation director at the Electronic Frontier Foundation. “And this is a dynamic we've seen in other areas of tech. Google and Facebook and Apple all played a role in saying, ‘We'll only provide this data in response to a warrant; other data we'll provide in response to a subpoena.’”

When police are investigating a specific suspect, they will often use a technique known as a “ping” to geographically locate a specific device known to belong to that individual. But when canvassing near a crime scene for an unknown perpetrator, authorities commonly rely on a procedure known as a “tower dump,” requesting that ISPs cast a wider net and identify virtually any devices that have connected to a specific cell tower during a certain window of time. Police analysts can then comb through this data and attempt to identify a culprit, often using surveillance footage or witness testimony about a vehicle’s color, make, or model.

Nearly all subscription-based car features rely on devices that come preinstalled in a vehicle, with a cellular connection necessary only to enable the automaker's recurring-revenue scheme. The ability of car companies to charge users to activate some features is effectively the only reason the car’s systems need to communicate with cell towers. The police documents note that companies often hook customers into adopting the services through free trial offers, and in some cases the devices are communicating with cell towers even when users decline to subscribe.

In an August 2022 email, one detective noted: “In some vehicles, again \[it\] depends on manufacturer, the vehicle is still doing this despite the lack of an active subscription, and just sending the data back to the mother ship. This could be due to collecting user data for what the manufacturer sells it for, to providing this data to try to sell you on renewing your \[subscription\] package that lapsed.”

The “tower dump” technique is becoming increasingly unpopular in US courts following the US Supreme Court’s acknowledgement in 2018 that location data raises significant Fourth Amendment concerns. While the Supreme Court specifically avoided addressing tower dumps in its landmark _US v. Carpenter_ decision, a Fifth Circuit ruling last year placed the capability in great jeopardy, concluding that a warrant to “geofence” an area and collect evidence from a wide variety of individuals is inherently unconstitutional.

On the back of that decision, a federal magistrate in Mississippi ruled two months ago that tower dumps are likewise unconstitutional. While a “tower dump” and a “geofence” are not precisely the same—the latter relying on GPS coordinates obtained from internet companies such as Google, as opposed to a cell tower—the results are more or less identical: offering police a dragnet with which to accumulate vast amounts of location data on individuals, many if not most of whom are not suspected of committing a crime.

In response to the rapid changes in case law surrounding location data, Google—historically a frequent target of geofence warrants—announced technical changes to its software last year, making it effectively impossible to respond to these types of warrants.

“Location data is some of the most sensitive, revealing information that is generated by our devices, including our cars,” the EFF’s Crocker says. “It's extremely revealing of obviously where you go and where you've been, but also all the people you associate with and all the things you're doing. You can paint a very clear picture of someone's life with just a list of all the places they've been in their car. The Supreme Court has made that very clear.”

The police documents reviewed by WIRED alone demonstrate the arbitrary nature of vehicle surveillance upon this shifting legal landscape, with police noting, for instance, that while Verizon will refuse to allow police to define their own radius when requesting cell tower data, its competitors impose no such limitations. Another document notes that while AT&T will conduct “pings,” locating a device in real time, it will only do so for “voice devices.”

What is also clear from the documents is that US police are aware of the control corporations have over their ability to acquire vehicle location data, expressing fears that they could abruptly decide to kill off certain capabilities at any time.

In a letter sent in April 2024 to the Federal Trade Commission, US senators Ron Wyden and Edward Markey—Democrats from Oregon and Massachusetts, respectively—noted that a range of automakers, from Toyota, Nissan, and Subaru, among others, are willing to disclose location data to the government in response to a subpoena without a court order. Volkswagen, meanwhile, had its own arbitrary rules, limiting subpoenas to fewer than seven days’ worth of data. The senators noted that these policies stood in contrast to public pledges previously made by some automakers to require a warrant or court order before surrendering a customer’s location data.

Automakers “differ significantly on the important issue of whether customers are ever told they were spied on,” the senators wrote. At the time of the letter, only Tesla had a policy, they said, of informing customers about legal demands. “The other car companies do not tell their customers about government demands for their data, even if they are allowed to do so.”

“We respect our customers’ privacy and take our responsibility to protect their personal information seriously,” Bennet Ladyman, a T-Mobile spokesperson, says.

AT&T spokesperson Jim Kimberly says: “Like all companies, we are required by law to provide information to law enforcement and other government entities by complying with court orders, subpoenas, and other lawful discovery requests. In all cases, we review requests to determine whether they are valid. We require a search warrant based on the probable-cause standard for all government demands for real-time or historical location information, except in emergency situations. For government demands for cell tower searches, we require a probable-cause search warrant or a court order, except in emergency situations.”

Verizon did not respond to a request for comment.

“Especially now, with American civil liberties eroding rapidly, people should exercise great caution in granting new surveillance powers to law enforcement,” says Ryan Shapiro, executive director of Property of the People.

Jay Stanley, a senior policy analyst at the American Civil Liberties Union, notes that the police documents reviewed by WIRED contained substantial detail about car surveillance that appear to be publicly unavailable, suggesting that corporations are being far more open with law enforcement than they are with their own customers.

“It's an ongoing scandal that this kind of surveillance is taking place without people being aware of it, let alone giving permission for it,” Stanley says. “If they're carrying out surveillance on the public, the public should know. They should have meaningful knowledge and give meaningful consent before any kind of surveillance is activated, which clearly is not the case.”

Car Subscription Features Raise Your Risk of Government Surveillance, Police Records Show

Customs and Border Protection has broad authority to search travelers’ devices when they cross into the United States. Here’s what you can do to protect your digital life while at the US border.

Entering the United States has become more precarious since the start of the second Trump administration in January. There has been an apparent surge in both foreign visitors and US visa holders being detained, questioned, and even deported at the border. As the situation evolves, demand for flights from Canada and Europe has plummeted as people reevaluate their travel plans.

Many people, though, can’t avoid border crossings, whether they are returning home after traveling for work or visiting friends and family abroad. Regardless of the reason for travel, US Customs and Border Protection (CBP) officials have the authority to search people’s phones and other devices as they determine who is allowed to enter the country. Multiple travelers have reported being questioned or turned away at the US border in recent weeks in relation to content on their phones.

While not unique to the US border—other nations also have powers to inspect phones—the increasingly volatile nature of the Trump administration’s border policies is causing people to rethink the risks of carrying devices packed with personal information to and from the US. Canadian authorities have updated travel guidance to warn of phone searches and seizures, some corporate executives are reconsidering the devices they carry, some officials in Europe continue to receive burner phones for certain trips to the US, and the Committee to Protect Journalists has warned foreign reporters about device searches at the US border.

With this in mind, here’s the WIRED guide to planning for bringing a smartphone across the border. You should also use WIRED’s guide to entering the US with your digital privacy intact to get a broader view of how to minimize data and take precautions. But start here for everything smartphone.

**What Can CBP Access?**

Do CBP officials have the authority to search your phone at the border? The short answer is yes. Searches are either manual, with a border official looking through the device, or more advanced, involving forensic tools to extract data en masse. To get into your phone, border officials can ask for your PIN or biometric to unlock the phone. However, your legal status and right to enter the US will make a difference in what a search might look like at the border.

Generally, border zones—which includes US international airports—fall outside of Fourth Amendment protections that require a warrant for a device to be searched (though one federal court has ruled otherwise). As such, CBP has the power to search any traveler’s phone or other electronic devices, such as computers and cameras, when they’re entering the country. US citizens and green card holders can refuse a device search without being denied entry, but they may face additional questioning or temporary device seizure. And as the Trump administration pushes the norms of acceptable government conduct, it is possible that, in practice, green card holders could face new repercussions for declining a device search. US visa holders and foreign visitors can face detention and deportation for refusing a device search.

“Not everybody has the same risk profile,” says Molly Rose Freeman Cyr, a member of Amnesty International’s Security Lab. “A person’s legal status, the social media accounts that they use, the messaging apps that they use, and the contents of their chats” should all factor into their risk calculus and the decisions they make about border crossings, Cyr says.

If you feel safe refusing a search, make sure to disable biometrics used to unlock your device, like face or fingerprint scanners, which CBP officers can use to access your device. Instead, use only a PIN or an alphanumeric code (if available on your device). Make sure to keep your phone’s operating system up to date, which can make it hard to crack with forensic tools.

You should also consider factors like nationality, citizenship, profession, and geopolitical views in assessing whether you or someone you’re traveling with could be at higher risk of scrutiny during border crossings.

In short, you need to make some decisions before you travel about whether you would be prepared to refuse a device search and whether you want to make changes to your devices before your trips.

Keep in mind that there are simple steps anyone can take to keep your devices out of sight and, hopefully, out of mind during border crossings. It’s always a good idea to obtain a printed boarding pass or prepare other paper documents for review and then turn your phone off and store it in your bag before you approach a CBP agent.

**Traveling With an Alternate Phone**

There are two ways to approach device privacy for border crossings. One is to start with a clean slate, purchasing a phone for the purpose of traveling or wiping and repurposing your old phone—if it still receives software updates.

The device doesn’t need to be a true “burner” phone, in the sense that you will be carrying it with you as if nothing is out of the ordinary, so you don’t need to purchase it with cash or take other steps to ensure that it can’t be connected to you. The idea, though, is to build a sanitized version of your digital life on the travel phone, ideally with separate communication and social media accounts created specifically for travel. This way, if your device is searched, it won’t have the back catalog of data—old text messages, years of photos, forgotten apps, and access to many or all of your digital accounts—that exists on your primary phone and could reveal details of your political views, your associations, or your movements over time.

Starting with a clean slate makes it easy to practice “data minimization,” or reducing the data available to another person: Simply put the things you’ll need for a trip on the phone without anything you won’t need. You might make a travel email address, some alternate social media accounts, and a separate account for end-to-end encrypted communications using an app like Signal or WhatsApp. Ideally you would totally silo your real digital life from this travel life. But you can also include some of your regular personal apps, building back from the ground up while determining on a selective basis whether you have existing accounts that you feel comfortable potentially exposing. Perhaps, for example, you think that showing a connection to your employer or a community organization could be advantageous in a fraught situation.

Privacy and digital rights advocates largely prefer the approach of building a travel device from scratch, but they caution that a phone that is too squeaky clean, too much like a burner phone, can arouse suspicion.

“You have to ‘seed’ the device. Use the phone for a day or even for a few hours. It just can't be _clean_ clean. That’s weird,” says Matt Mitchell, founder of CryptoHarlem, a security and privacy training and advocacy nonprofit. “My recommendation is to make a finsta for travel, because if they ask you what your profile is, how are you gonna say ‘I don't use any social media’? Many people have a few accounts anyway. One ratchet, one wholesome—add one travel.”

Cyr, from Amnesty International, also points out that a true burner phone would be a “dumb” phone, which wouldn’t be able to run apps for encrypted communications. “The advantage that we all have with smartphones is that you can communicate in an encrypted way,” Cyr says. “People should be conscious that any nonencrypted communication is less secure than a phone call or a message on an application like Signal.”

While a travel device doesn’t need to use a prepaid SIM card bought with cash, it should not share your normal phone number, since this number is likely linked to most if not all of your key digital accounts. Buy a SIM card for your trip or only use the device on Wi-Fi.

**Traveling With Your Primary Phone**

The other approach you can take to protecting your device during border crossings is to modify your primary smartphone before travel. This involves removing old photos and messages and storing them somewhere else, cleaning out nonessential apps, and either removing some apps altogether or logging out of them with your main accounts and logging back in with travel accounts.

Mohammed Al-Maskati, digital security helpline director at the rights group Access Now, says that people should consider this type of clean-out before they travel. “I will look at my device and see what apps I need,” he says. “If I don't need the app, I just remove it.”

Al-Maskati adds that he suggests people particularly remember to remove dating apps and anything related to LGBTQI communities, especially if they consider themselves to be at higher risk of facing a device search. And generally, this approach is only safe if you are particularly diligent about removing every app that might expose you to risk.

You could use your own phone as a travel phone by backing it up, wiping it, building a travel device with only the apps you really need while traveling, going on your trip, and then restoring from the backup when you get home. This approach is doable but time consuming, and it creates more opportunities for operational security mistakes or what are known as “opsec fails.” If you try to delete all of your old, unwanted apps, but miss one, you could end up exposing an old social media account or other historic service that has forgotten data in it. Messaging apps can have easily searchable archives going back years and can automatically save photos and files without you realizing it. And if you back up all of your data to the cloud and take it off your device, but are still logged into the cloud account underpinning other services (like your main Google or Apple account), you could be asked to produce the data from the cloud for inspection.

Still, if you assess that you are at low risk of facing scrutiny during a border crossing or you don’t have access to an additional device for travel, modifying your main smartphone is a good option. Just be careful.

**What To Do, If Nothing Else**

Given all of this, you may be hyped up and ready to throw your phone in the ocean. Or you may be thinking there’s no way in hell that you’re ever going to take the time to deal with any of this. For those in the latter camp, you’ve come this far, so don’t click away just yet. If you don’t want to take the time to make a bunch of changes, and you don’t think you’re at particular risk during border crossings (though keep in mind that it’s possible your risk is higher than you realize), there are still a few easy things you can do to protect your digital privacy that are better than nothing.

First, as mentioned above, print a paper boarding pass and any other documents you might need. Even if you don’t turn your phone off and stow it in a bag for your entire entry or exit process, you can put it in your pocket and have your paper ticket and other documents ready while actually interacting with agents. And taking basic digital hygiene steps, like updating your phone and removing apps and data you no longer need, can go a long way.

“We all need to be recognizing that authorities may scrutinize your online presence, including social media activity and posts you’ve published,” says Danacea Vo, founder of Cyberlixir, a cybersecurity provider for nonprofits and vulnerable communities. “Since people have gotten more vocal on social media, they’re very worried about this. Some have even decided not to risk traveling to or from the US this year.”

How to Protect Yourself From Phone Searches at the US Border

Plus: The Department of Homeland Security begins surveilling immigrants' social media, President Donald Trump targets former CISA director who refuted his claims of 2020 election fraud, and more.

The Israeli spyware maker NSO Group has been on the US Department of Commerce “blacklist” since 2021 over its business of selling targeted hacking tools. But a WIRED investigation has found that the company now appears to be working to stage a comeback in Trump's America, hiring a lobbying firm with the ties to the administration to make its case.

As the White House continues its massive gutting of the United States federal government, remote and hybrid workers have been forced back to the office in a poorly coordinated effort that has left critical employees without necessary resources—even reliable Wi-Fi. And Elon Musk’s so-called Department of Government Efficiency (DOGE) held a “hackathon” in Washington, DC, this week to work on developing a “mega API” that could act as a bridge between software systems for accessing and sharing IRS data more easily.

Meanwhile, new research this week indicates that misconfigured sexual fantasy-focused AI chatbots are leaking users' chats on the open internet—revealing explicit prompts and conversations that in some cases include descriptions of child sexual abuse.

And there's more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories, and stay safe out there.

In a secret December meeting between the US and China, Beijing officials claimed credit for a broad hacking campaign that has compromised US infrastructure and alarmed American officials, according to Wall Street Journal sources. Tensions between the two countries have escalated sharply in recent weeks, because of President Donald Trump's trade war.

In public and private meetings, Chinese officials are typically firm in their denials about any and all accusations of offensive hacking. This makes it all the more unusual that the Chinese delegation specifically confirmed that years of attacks on US water utilities, ports, and other targets are the result of the US's policy support of Taiwan. Security researchers refer to the collective activity as having been perpetrated by the actor “Volt Typhoon.”

Meanwhile, the National Counterintelligence and Security Center, along with the FBI and Pentagon’s counterintelligence service, issued an alert this week that China’s intelligence services have been working to recruit current and former US federal employees by posing as private organizations like consulting firms and think tanks to establish connections.

**DHS Is Now Monitoring Immigrants’ Social Media for Antisemitism**

US Citizenship and Immigration Services said on Wednesday that it is starting to monitor immigrants' social media activity for signs of antisemitic activity and “physical harassment of Jewish individuals.” The agency, which operates under the Department of Homeland Security, said that such behavior would be grounds for “denying immigration benefit requests.” The new policy applies to people applying for permanent residence in the US as well as students and other affiliates of “educational institutions linked to antisemitic activity.” The move comes as Immigration and Customs Enforcement has made controversial arrests of pro-Palestinian student activists, including Mahmoud Khalil of Columbia University and Rumeysa Ozturk of Tufts University, over alleged antisemitic activity. Their lawyers deny the allegations.

**Trump Revokes Security Clearance, Orders Investigation of Ex-CISA Director**

President Trump this week ordered a federal investigation into former US Cybersecurity and Infrastructure Security Agency director Chris Krebs. An executive order on Wednesday revoked Krebs’ security clearance and also directed the Department of Homeland Security and the US attorney general to conduct the review. Krebs was fired by Trump in November 2020 during his first term after Krebs publicly refuted Trump’s claims of election fraud during that year's presidential election. The executive order alleges that by debunking false claims about the election while in office, Krebs violated the First Amendment's prohibition on government interference in freedom of expression.

In addition to removing Krebs' clearance, the order also revokes the clearances of anyone who works at Krebs' current employer, the security firm SentinelOne. The company said this week in a statement that it “will actively cooperate in any review of security clearances held by any of our personnel” and emphasized that the order will not result in significant operational disruption, because the company only has a handful of employees with clearances.

**NSA, Cyber Command Officials Cancel RSA Security Conference Appearances**

NSA Cybersecurity Division Director Dave Luber and Cyber Command Executive Director Morgan Adamski will no longer speak at the prominent RSA security conference, scheduled to begin on April 28 in San Francisco. Both appeared at the conference last year. A source told Nextgov/FCW that the cancellations were the result of agency restrictions on nonessential travel. RSA typically features top US national security and cybersecurity officials alongside industry players and researchers. President Trump recently fired General Timothy Haugh, who led both the NSA and US Cyber Command.

China Secretly (and Weirdly) Admits It Hacked US Infrastructure

Stay secure on the move. Protect your devices, data, and privacy with smart habits, reliable gear, updated software…

Stay secure on the move. Protect your devices, data, and privacy with smart habits, reliable gear, updated software and proper cybersecurity knowledge wherever you work.

Running a business today often means working from anywhere: airports, coffee shops, hotel rooms, or even the back of a van. But while mobility offers freedom and flexibility, it also introduces serious cybersecurity challenges.

Devices are exposed, networks are untrusted, and sensitive data becomes more vulnerable with every mile. To keep your business safe while on the move, you need a proactive strategy that protects both your physical and digital assets. Here’s how to stay one step ahead.

****Start with Reliable Hardware Protection****

The first layer of defense for mobile professionals is the hardware they carry. Laptops, tablets, and phones are high-value targets not just for their price tags but for the sensitive information they store.

Use devices that support biometric authentication, such as fingerprint or facial recognition, to ensure only you can access them. Enable full-disk encryption and make sure every device requires a strong password or passcode.

If you’re regularly working in places with limited access to outlets, carry a portable power station. This allows you to stay connected without relying on public charging ports, which can be vulnerable to juice jacking malicious attacks that install malware or steal data while you charge.

A good-quality laptop sleeve and an RFID-blocking backpack can also go a long way in protecting your physical gear from theft and unauthorized scanning.

****Secure Your Connection Every Time****

One of the biggest risks for mobile workers is using public Wi-Fi networks. These open connections are convenient but notoriously insecure, making it easy for hackers to intercept data.

Always use a virtual private network (VPN) when you connect to public Wi-Fi in a café, airport, or hotel. A VPN will encrypt your traffic, which makes it a lot harder for anyone to steal sensitive information. Stick to VPNs from reputable providers that don’t log your browsing activity.

Avoid accessing financial accounts or sharing sensitive business information over unsecured networks. When possible, tether your laptop to your phone’s mobile hotspot instead. It’s a more secure option and gives you greater control over your data connection.

****Keep Your Software and Systems Updated****

Outdated software is one of the easiest ways for attackers to exploit your system. Hackers often target known vulnerabilities in older versions of apps, operating systems, and browsers.

Always update your devices so security patches are applied as soon as they’re released. Make a habit of checking your antivirus, browser extensions, and firewalls to ensure they’re functioning properly and up to date.

Regularly back up your data to encrypted cloud storage or an external drive you keep with you. That way, if your device is lost, stolen, or compromised, your business-critical information isn’t gone forever.

****Be Mindful of Your Surroundings****

Not all security threats are digital. When working in public, physical awareness matters just as much as software protection.

Avoid displaying sensitive information on your screen when others are nearby. Use a privacy screen if you’re often working in busy locations like trains or lounges. Never leave your devices unattended, even for a quick coffee run.

If you’re taking business calls in public, be conscious of what you’re saying and who might be listening. Sensitive details should be saved for private, secure environments.

****Stay Alert, Stay Safe****

Security isn’t something you handle once and forget. It requires ongoing awareness, regular updates, and a willingness to adapt to new threats as they emerge.

Keep an eye on industry news, attend cybersecurity webinars, or follow trusted security blogs to stay informed. Knowing what’s out there can help you act fast when something feels off.

And always trust your instincts. If a network looks suspicious, if a message seems strange, or if your system behaves unexpectedly, don’t ignore it; act on it.

****Working Smart Means Working Secure****

Mobility is a major advantage for modern businesses, but it should never come at the cost of security. The tools, habits, and awareness you build now will protect your data, your team, and your reputation for years to come.

Your office might be wherever you are, but your security should be with you, too, every step of the way.

Top/Featured Image via Unsplash!

Protecting Your Business on the Move: A Modern Cybersecurity Guide

Our privacy is most at risk from companies, governments, and AI models, according to a new public survey from Malwarebytes.

Bad vibes are big news in privacy right now, with the public feeling isolated in securing their sensitive information from companies, governments, AI models, and scammers.

That’s the latest from Malwarebytes research conducted this month, which revealed that the vast majority of people are concerned about wrongful data access from nearly every corner of their lives. For example, 89% of people “agreed” or “strongly agreed” that they are “concerned about my personal data being used inappropriately by corporations,” and another 72% agreed or strongly agreed that they are “concerned about my personal data being accessed and used inappropriately by the government.”

The anxieties are easy to trace.

In just the first three months of 2025, the UK government asked Apple for access to encrypted cloud storage for users across the _globe_, the US government exposed active Social Security Numbers in releasing files related to the assassination of former President John F. Kennedy, and the announced bankruptcy of genetic testing company 23andMe prompted many customers to delete their data.

Against this backdrop, many users are taking privacy into their own hands. More than 40% of people have stopped using either TikTok, Instagram, or X (formerly Twitter), and 26% stopped using a fertility or period tracking app. A robust 75% said they “opt out of data collection, as possible,” and 23% have gone a step further, using a data removal service to help clean up any personal information that is easily found online.

These findings come from a pulse survey that Malwarebytes conducted of its newsletter readers in March via the Alchemer Survey Platform.

Broadly, Malwarebytes found that:

*   89% of people are “concerned about my data being used by AI tools without my consent.”
*   70% of people “feel resigned that my personal data is already out there, and I can’t get it back.”
*   77% of people said that “many online transactions today, from purchases to downloads to creating new accounts, feel like ploys to take my data.”
*   While 87% of people “support national laws regulating how companies can collect, store, share, or use our personal data,” 60% feel that “we will never have simple, meaningful ways to protect our data.”
*   To protect their personal information and that of their family, at least 40% of people have stopped using Instagram, TikTok, and X (formerly Twitter).
*   26% of people stopped using a fertility app or period tracking app.

****Institutional distrust****

The public believe that the biggest threats to their privacy right now are AI models, companies, governments, and, well, pretty much every single interaction they have with the internet at large.

Aside from the 89% of people concerned about their data being “accessed and used inappropriately by the government,” another 50% said they were concerned about wrongful government access of their “private conversations.”

Elsewhere, an astounding 89% of people said that they are “concerned about my data being used by AI tools without my consent.” It is unclear exactly where these fears lie. People may be concerned that AI tools are scraping public websites for their information—like the facial recognition company ClearView AI does by scouring articles, mugshot websites, and publicly listed social media profiles—or they may fear that tools like ChatGPT and Google’s Gemini are recording “conversations” or questions for future use.

Exacerbating these concerns is, likely, the current murkiness around AI technology and what it requires to function. The New York Times is currently suing OpenAI for allegations that its large language model wrongfully ingested the outlet’s copyrighted articles as training data, human contractors that helped train the AI recognition systems for Roomba vacuums mistakenly leaked sensitive photos on Facebook, and a national mental health support chatline siphoned off some of its users’ conversations to train an AI-powered customer support chatbot in an effort to boost funding.

But it isn’t just AI that the public distrust, it’s also the many ways they’re forced to engage with the internet, overall, as 77% agreed or strongly agreed that “many online transactions today, from purchases to downloads to creating new accounts, feel like ploys to take my data.”

They may have a point. Downloading a mobile game can reveal your location data to countless ad companies, searching for airline tickets on a Mac device can force you into paying higher prices, and buying a car can subject your sex life—seriously—to data collection. And these are the largely _legal_ consequences of everyday life! Real-deal cybercriminal campaigns like “malvertising,” that abuse Google search results to direct victims to malicious websites, only make matters worse.

Amidst this landscape, the public broadly agreed that they wanted privacy protections that, unfortunately, they feel no one is going to grant them.

A full 87% of people “support national laws regulating how companies can collect, store, share, or use our personal data,” while 70% also believe “we will never have simple, meaningful ways to protect our data.”

So, in the absence of legal or corporate protections, the public are taking matters into their own hands.

****Individual action****

The dire privacy concerns shared by many respondents have, for the most part, not resulted in privacy nihilism. In fact, a heartening 60% of respondents did _not_ agree that they have “become less vigilant about my data privacy and security because there is little I can do these days.”

Instead, as Malwarebytes found, many people have started disengaging from major online platforms and adding privacy-conscious tools and habits to their daily regimen.

For instance, to protect their and their family’s personal information, 47% of people said they “stopped using TikTok,” 45% said they “stopped using X” (formerly Twitter), 44% said they “stopped using Instagram,” and 37% said they “stopped using Facebook.” Another 26% said they “stopped using a fertility/period tracking app.”

Elsewhere, 69% of people said they “use an ad blocker for online browsing,” and 75% of people “opt out of data collection, as possible.” Another 42% said they use a VPN, which can provide an extra level of comfort by encrypting all web traffic when connecting to public or unknown Wi-Fi networks.

Malwarebytes also found that 69% of respondents said they use “multifactor authentication,” or MFA. MFA is one of the strongest security protections against account takeovers and hacking, requiring that login attempts aren’t approved with _just_ a username and password, but with a separate piece of information, like a one-time passcode that is texted to a user’s device. Though understood as a cybersecurity best practice, MFA also strengthens a user’s privacy. After all, thieves don’t hack into accounts just for fun—they hack into accounts to sometimes steal any sensitive information stored within.

Finally, a smaller percentage of people said they use identity theft protection solutions (43%) and personal data removal services (23%). These are critical tools for catching and stopping identity theft, and for making it harder for scammers to find and target victims.

Malwarebytes understand that privacy isn’t “easy” right now—it never necessarily has been—but that doesn’t mean it’s time to give up. Thankfully, many people responded that, despite their serious concerns, they aren’t about to take corporate and government privacy invasions willingly. That’s the type of attitude that the public needs more than ever, and we’re grateful to see it.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 72% of people are worried their data is being misused by the government, and that&#8217;s not all&#8230; 

Crypto software wallets are invincible in the micro range. If you own multiple crypto assets, you need safe and reliable wallets, too.

Crypto wallets offer an extra layer of security against **malicious attacks** targeting everyday users. It’s not always easy to open your online crypto account every time you want to make a payment, and many merchants still don’t support direct crypto transactions. That’s where digital wallets step in. They make payments easier, but in 2025, the biggest concern around crypto wallets is safety.

That’s why it makes sense to focus on wallets that are both cost-effective and secure. Before choosing one, it’s important to understand how its security system works. At the same time, the wallet should be flexible enough to let you buy, sell, or stake crypto without hassle.

There are over a hundred crypto wallets available this year, but we’re going to focus on 10 that stand out as some of the safest options.

****1: Zengo****

The wallet has more than 380 coins. As you can do frequent transactions, we would categorize it as a hot wallet. Meanwhile, it is not a hardware-compatible wallet. The cost of maintaining the wallet is 19.99 every month. However, the annual subscription is only $129. 

They claim that they have been providing services to over 1.5 million customers and “0 wallets” have been hacked.

****Special features** **

It is the best wallet for security-conscious users. The strong and integrated security design can stop any kind of phishing crimes or bad entry gates. 

The company says that there are 1.5 billion customers who have had zero wallet attacks to date. 

****Benefits** **

Firstly, you get a secure infrastructure with this wallet. Moreover, you will get weekly software updates. You can easily buy or sell Crypto from the wallet. Therefore, it is a good option to keep your fiat currency in it. 

****Limitations** **

The price of the wallet is slightly on the higher side. Moreover, no hardware devices are compatible with it. Lastly, it allows only third-party access for withdrawals. 

Understandably, this measure is important from a security point of view. But it is stunted from the utility point of view. 

****2: Coinbase** **

This wallet can support more than 5500 cryptocurrencies. It is a hot wallet for sure. Like the previous one, it has no hardware wallet compatibility. But the best part is that it is a free wallet. This is the reason why it is more popular among users. Moreover, Coinbase has over **90 govt crypto assets** too. 

****Why should beginners use it?****

Beginners can use it for practice. It has easy navigation. You can use it on the website as well. Meanwhile, you can easily download it from various platforms and start using it without any concern. But it is the best option for the low-cost beginners. 

The company charges 0 network fees either. Plus, you can customize and minimize the wallet anytime. If you check the **BTC heatmap, you’ll see that Bitcoin has most of the investors’ shares**. Hence, you need a free wallet source for Bitcoin investors. 

****Benefits** **

It is the best option for beginners. Moreover, it is a low-cost platform with various amenities. You can trade more than 5500 coins over it. 

****Limitations** **

The wallet code is not an open-source code. You cannot generateay new address for every single transaction. It is not comfortable with the hardware assets. However, you can connect your ledger wallet to transfer assets. 

****3: Exodus****

The coin supports more than 281 currencies. It is a hot wallet for sure. However, the best part is that it is hardware-compatible. It is free of cost, too. 

****Why choose it?****

You can choose it as it makes slots to manage individual digital currencies on your mobile platform itself. The fiat payment methods are also separate. You can find them easily in your wallet. 

Lastly, you can use it to purchase or sell your coins. At the same time, you can swap or stake the coins easily. But the best part is that you can do all of these directly from your mobile phone. 

****Benefits** **

The platform offers intuitive integration across mobile and desktop. It also offers the same to and from any browser platform. The software wallet is compatible with hardware wallets like Trezor.

So, it is an exceptional quality which premium wallets also don’t offer often. 

****Limitations** **

Customer support is very limited. It is available through email only. There is no in-house exchange policy with this wallet. Lastly, it is not an open-source option.

****4: Electrum****

It is a bitcoin-only wallet. On that note, it is one of the major downsides of this wallet. However, you can treat it as a hot as well as a cold wallet. Moreover, it is hardware-compatible. But the best part is that it is free of cost.

****Why Should You Choose It?****

You should choose a wallet that’s tailored to secure your Bitcoin. And that’s Electrum for you. Moreover, the Electrum app is available over a range of platforms. 

****Benefits****

Firstly, it is a free and downloadable wallet option. At the same time, it is well compatible with all the hardware wallets. Lastly, its source code is auditable. You may also peer review the codes and send suggestions. 

****Limitations** **

The biggest drawback of the platform is that it does not have the best trading features. So, buying, selling, and staking are not options you can pursue on this platform. You may simply keep your Bitcoin safe here. 

Moreover, there are no customer support options here. You will get community support at best. Lastly, you need genuine technical expertise to develop your wallet. 

This wallet is widely used for managing Ethereum and ERC-20 tokens. It is a hot wallet and works as a browser extension or mobile app. While it doesn’t support hardware wallet integration by default, it can be connected to devices like Ledger. One major reason for its popularity is its simple interface and easy access to decentralized apps.

****Why Should You Choose It?****

If you’re working mostly with Ethereum and related tokens, MetaMask is a smart choice. It’s user-friendly, supports quick access to decentralized apps, and works smoothly across both mobile and browser platforms.

****Benefits****

MetaMask is free to use and easy to install on both desktop and mobile devices. It offers seamless access to Ethereum-based dApps, supports custom tokens, and can be connected to hardware wallets like Ledger for added security. It’s also open-source, so developers can review and contribute to its code.

****Limitations****

MetaMask is limited to Ethereum and ERC-20 tokens, so it’s not ideal if you deal with a wide range of cryptocurrencies. It doesn’t offer built-in options for staking or advanced trading. Customer support is minimal, and new users might find the interface a bit technical at first.

****6: Trust Wallet****

The wallet supports more than 10,000 cryptocurrencies, including all major tokens and coins. It is a hot wallet designed for frequent on-the-go transactions. Trust Wallet is not tied to any specific hardware wallet by default, but it does support hardware integration through third-party connections. The wallet is free to download and use, with no monthly subscription costs.

It’s owned by Binance, which adds a layer of credibility. The wallet has been downloaded over 60 million times and has maintained a strong track record with no major security breaches reported.

****Special features****

Trust Wallet is known for its built-in Web3 browser that lets users interact with decentralized apps (dApps) directly from within the wallet. It also supports staking of various coins and offers a secure backup feature using a single recovery phrase.

The wallet runs with a strong emphasis on user privacy. No personal data or KYC is needed to set up or use it.

****Benefits****

Trust Wallet is a beginner-friendly wallet that supports a huge range of assets. It includes built-in staking, token swapping, and direct access to dApps. It’s available on both Android and iOS platforms, and it also supports NFTs across multiple blockchains.

Since it’s backed by Binance, there’s strong ongoing development, regular security updates, and integration with popular tools.

****Limitations****

The wallet doesn’t come with its own in-house customer support; users rely on community forums or Binance channels for help. Although it can connect with Ledger, it’s not fully optimized for hardware wallet security. Also, as a mobile-only wallet, it may not suit users looking for a full desktop experience.

Lastly, being owned by Binance may raise concerns for users looking for more decentralized control.

The Crypto.com DeFi Wallet supports over 1000 cryptocurrencies and is designed as a hot wallet, allowing users to make frequent transactions with ease. It’s non-custodial, meaning users have full control over their private keys. While it isn’t tied directly to a hardware wallet, it can integrate with Ledger devices for added security. The wallet is completely free to use with no subscription or maintenance costs.

The wallet is part of the broader Crypto.com ecosystem, which has tens of millions of users globally. It is separate from the centralized Crypto.com app, giving users the option to keep their assets fully decentralized.

****Special features****

One of the standout features is the ability to stake and earn rewards on various assets directly from the wallet. It also includes token swapping, DeFi access, and NFT storage. Users get full control over their keys, with backup options via a recovery phrase.

The wallet is also open-source, which means its code is publicly auditable, a major plus for transparency and community trust.

****Benefits****

The wallet provides access to decentralized finance without sacrificing usability. You can connect it easily with the Crypto.com exchange or app for seamless transfers. There’s a built-in swap function that supports multiple chains, and the app is available on both iOS and Android.

Another benefit is the ability to stake coins directly from the wallet and earn passive income. The user interface is clean and intuitive, especially for users already familiar with Crypto.com’s services.

****Limitations****

Although the wallet offers Ledger integration, it’s not natively built for hardware security, so users must go through extra steps to sync. There’s no desktop version of the wallet; it’s mobile only, which might not suit all users.

Also, as with most DeFi wallets, there’s no way to recover your funds if you lose your recovery phrase. And while support exists, it may not be as responsive as that of fully centralized platforms.

****8: BitBox02****

BitBox02 is a hardware wallet that supports major cryptocurrencies like Bitcoin, Ethereum, and Litecoin, along with ERC-20 tokens. It’s a cold wallet, which means it stores your assets offline for maximum protection. Unlike hot wallets, it’s not meant for frequent daily transactions. It is a paid device, with a one-time cost of around $129, depending on where you buy it.

Developed by Shift Crypto, a Swiss company, BitBox02 is known for its strong focus on privacy, security, and open-source principles. It’s available in two versions: Bitcoin-only and multi-coin, giving users the option to choose based on their needs.

****Special features****

BitBox02 comes with a built-in screen and touch sensors for transaction confirmation, and it uses a microSD card for backup instead of the traditional 12 or 24-word recovery phrase. This makes backup and restoration more straightforward and secure for some users.

The wallet’s firmware and companion app are open-source, which allows for public audits and community contributions, a solid trust factor for security-focused users.

****Benefits****

As a cold wallet, BitBox02 offers high-end security. Your private keys never touch an internet-connected device. The use of a microSD card for encrypted backups is a unique feature that enhances safety and user convenience.

The device is lightweight, portable, and works with Windows, macOS, and Linux. It also supports Tor for added privacy, and users can verify all addresses on the device screen before sending transactions.

****Limitations****

BitBox02 isn’t ideal for those looking for a wallet for everyday use; it’s designed for long-term holding and security, not frequent trading. The supported coins list is more limited compared to some multi-coin software wallets.

It also doesn’t support mobile use; it must be connected to a computer. Finally, while the microSD backup system is secure, it’s a less familiar method that could confuse users accustomed to seed phrases.

****9: SafePal S1****

The SafePal S1 is a hardware wallet supporting over 10,000 cryptocurrencies, including Bitcoin (BTC), Ethereum (ETH), Binance Coin (BNB), and various ERC-20 tokens. As a cold storage device, it keeps assets offline, enhancing security. The wallet operates independently without direct integration with other hardware wallets. Priced at $49.99, it offers a cost-effective solution for secure crypto storage.

****Special Features****

The SafePal S1 employs a 100% air-gapped signing mechanism, ensuring complete offline operation without Bluetooth, Wi-Fi, NFC, or USB connections. It features an EAL 5+ independent secure element, a true random number generator, multiple layers of security sensors, and an anti-tampering self-destruct mechanism. Additionally, its compact design, comparable to a credit card, enhances portability.

****Benefits****

Users benefit from managing unlimited tokens within a single device, with support for over 100 blockchains and continuous additions. The wallet integrates seamlessly with the SafePal App, providing access to decentralized applications (DApps) and facilitating cross-chain swaps and trades. Its user-friendly interface supports 15 languages, catering to a global audience.

****Limitations****

While the SafePal S1 offers robust security features, it lacks direct USB connectivity, relying solely on QR code scanning for transactions, which may be less convenient for some users. Additionally, as a hardware wallet, it requires physical possession for access, which might not suit users who prefer software-based solutions. Furthermore, being a relatively newer entrant in the hardware wallet market, it may not have the same extensive track record as some established competitors.

****10: Ledger Nano X****

The Ledger Nano X is a hardware wallet that supports over 5,500 cryptocurrencies, including major assets like Bitcoin (BTC), Ethereum (ETH), and Binance Coin (BNB). As a cold storage device, it keeps your private keys offline, providing enhanced security. The Nano X is compatible with both desktop and mobile devices via Bluetooth connectivity. Priced at $149, it offers a comprehensive solution for managing a diverse crypto portfolio.

****Special Features****

The Nano X features Bluetooth Low Energy (BLE) connectivity, allowing users to manage their crypto assets on the go through the Ledger Live app on smartphones. It incorporates a Secure Element (SE) chip, ensuring that private keys remain isolated and protected from potential threats. The device can install up to 100 apps simultaneously, accommodating a wide range of cryptocurrencies.

****Benefits****

The Ledger Nano X offers extensive support for a vast array of cryptocurrencies, making it suitable for users with diverse portfolios. Its Bluetooth functionality enhances user experience by enabling wireless management of assets via mobile devices. The integration with the Ledger Live app provides a unified platform for buying, selling, swapping, and staking various cryptocurrencies. Additionally, the device’s robust security features, including the Secure Element chip and custom operating system, offer peace of mind to users.

****Limitations****

While Bluetooth connectivity adds convenience, some users may have concerns about potential security risks associated with wireless connections. However, Ledger emphasizes that only non-sensitive data is transmitted via Bluetooth, and private keys never leave the device. The device’s price point of $149 may be considered high compared to other hardware wallets. Additionally, the battery is not replaceable, which could affect the device’s longevity.

Top Crypto Wallets of 2025: Balancing Security and Convenience

Worried parents tracking their children with T-Mobile SyncUP devices suddenly found that they were looking at the location of random other children. And could not locate their own.

Not one but several worried parents that tracked their children by using T-Mobile tracking devices suddenly found that they were looking at the location of random other children. And could not locate their own.

T-Mobile sells a small GPS tracker called SyncUP, which can be used to track, among others, the locations of young children who don’t have cell phones yet. SyncUP uses a combination of GPS technology, Wi-Fi, and T-Mobile’s LTE nationwide network to locate registered devices and comes in the form of a small tag, a car tracker or a kids watch.

According to our friends at 404 Media, several users reported receiving information that came from another tracker, not their own. And from some of the statements it’s very clear that the disclosed locations belonged to other children because of the names and pictures associated with the accounts.

One woman who spoke to 404 Media could see the location address where the random children were, as well as their name and the last time the location was updated. In many cases, the time said “just now” or “one minute ago.”

> “I was probably shown more than eight children. I would log in and I couldn’t see my children but I could see a kid in California. I refreshed and then I had no trackers, and then I refreshed again and would see a different child.” 

Car owners using SyncUP Drive, the car tracking device, reported similar problems.

Here are some of the potential issues that this mix up could bring up:

*   A big concern about tracking devices is their vulnerability to hacking, potentially exposing personal data. No hacking was needed here. Every time some of the users tried they would get the location of a different tracker.
*   Without consent, tracking devices can infringe on individuals’ privacy rights. While you may say this is mainly about tracking without consent, nobody consented to strangers tracking their children.
*   GPS tracking must comply with privacy laws like the Electronic Communications Privacy Act (ECPA) and the Driver’s Privacy Protection Act (DPPA) to prevent unauthorized surveillance. Did T-Mobile fail to comply, even if only for a short time?
*   Inaccurate tracking, or not being able to track, can compromise personal safety if devices are used for emergency services or monitoring vulnerable individuals.
*   Repeated problems can erode the trust in the underlying GPS tracking technology.

This raises the question for parents to ask themselves: What’s worse, not knowing where your child is exactly or running the risk of exposing their location to other people?

Privacy concerns surrounding tracking devices are multifaceted. On one hand, these devices are designed to give users a sense of safety and security by providing accurate location information. However, they also pose risks if not properly secured.

We have reported multiple times about stalkerware users getting exposed by security flaws in the apps they used. While SyncUP may be more secure than some of the stalkerware apps we wrote about, this incident shows it’s not watertight either.

T-Mobile did not disclose the exact problem, but told 404 Media the incident is now resolved:

> “Yesterday we fully resolved a temporary system issue with our SyncUP products that resulted from a planned technology update. We are in the process of understanding potential impacts to a small number of customers and will reach out to any as needed. We apologize for any inconvenience.”

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

Tag

#wifi