A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live session cookies from 14 browsers, 16 cryptocurrency wallets, and more than 200 extensions.

Netskope Threat Labs researcher Jan Michael Alcantara told The Register the team initially observed the campaign last month, and has seen similar instances as recently as last week.

ClickFix is a super popular social engineering tactic used to trick people into executing malicious commands on their own computers, usually by clicking a fake computer problem fix or CAPTCHA prompt.

While the researchers don't know who the cookie thief is, they note the malware can infect both Windows and macOS machines - Netskope previously warned about the Windows-focused attacks - by using a client-side JavaScript to filter victims by user-agent, ignoring mobile devices and directing desktop users to either a Windows or macOS-specific payload.

There were clues from the start that it was too good to be true. A headhunter emailed me with a job prospect – a journalist role with “a leading US technology and markets editorial team”. The opportunity, she said, was part of a confidential expansion and hadn’t been publicly posted.

My spidey-sense was tingling, but the timing was auspicious. I was on the lookout for new work as my maternity leave was coming to an end. Initially, the email seemed legitimate. When I Googled the sender, I found a headhunter with the same name and profile picture on LinkedIn, and the message was clearly tailored to me: It referenced several roles I’d previously held and identified my specific areas of expertise. “Your focus on the real-world impacts of AI, digital culture and the gig economy aligns perfectly with an internal, high-priority mandate I’m managing,” the headhunter wrote.

I emailed back. The headhunter asked me to send over my CV, along with my salary expectations, preferred work structure (remote, hybrid, or on-site), and geographic flexibility. In return, she shared a more detailed job description. The role was, indeed, perfect for me. Too perfect – as if someone had put my CV into ChatGPT and asked it to create a job description based directly on my experience. It was located in the city in which I live and offered a hybrid working arrangement, just as I’d requested. The biggest tell: I’d been ambitious with my salary suggestion, but this was offering significantly more.

By this point I was fairly sure I was being taken for a ride, but I still couldn’t figure out the scam. I found myself trying to justify the anomalies. It’s an American company, and salaries are generally higher there, aren’t they? I asked about next steps. Then the headhunter gave me feedback. My CV undersold my leadership skills, she said; it needed refining. If I liked, she could connect me with a specialist who would make my profile more compelling. They would discuss pricing directly with me.

I fell for a "resume help" scam a couple of years ago via LinkedIn. I don't even use the site anymore.

Internal documents reveal that Microsoft plans to temporarily suspend individual account signups to its GitHub Copilot coding product, as it transitions from requests (single interactions with Copilot) towards token-based billing.

The documents reveal that the weekly cost of running Github Copilot has doubled since the start of the year.

Microsoft also intends to tighten the rate limits on its individual and business accounts, and to remove access to certain models for those with the cheapest subscriptions.

archive link

cross-posted from: https://lazysoci.al/post/46451012

cross-posted from: https://lazysoci.al/post/46451015

Apple announced on Monday that it had named a replacement for Tim Cook as CEO, with head of hardware engineering John Ternus succeeding him on 1 September. Cook will stay at the company in the role of executive chair.

“It has been the greatest privilege of my life to be the CEO of Apple and to have been trusted to lead such an extraordinary company. I love Apple with all of my being,” Cook said in a press release.

Cook, who succeeded Apple co-founder Steve Jobs, has been CEO since 2011. He has overseen the global expansion of the company and its steady series of new, updated devices, though never attained the same tech visionary status as Jobs.

Cook’s tenure as CEO has marked a lucrative period of expansion for Apple as it entrenched its products in society and sought out new markets, in particular the iPhone. Apple reported earlier this year it had its best ever quarter for iPhone sales, driven by renewed demand in China. The company’s market capitalization grew from around $350bn at the start of Cook’s time to over $4tn today.

Hundreds of previously redacted records reveal how Amazon has put pressure on independent sellers using its platform into raising their prices on the sites of competitors such as Walmart and Target, so that Amazon can appear to have lower prices, California authorities allege.

The global conglomerate became concerned even if a competitor was selling an item for as little as a penny less, according to one segment of the newly unredacted evidence.

The documents – which have never previously been reported on – include internal emails, deposition testimony and confidential corporate presentations that the California attorney general, Rob Bonta, obtained as part of a civil case his office launched in 2022 accusing Amazon of large-scale price-fixing.

The Guardian obtained and reviewed the cache of evidence, which has been filed in San Francisco county superior court but has not yet become publicly available. Within the documents, lawyers for the state of California have unmasked key details, paragraphs and sometimes whole pages that had previously been blacked out. A judge permitted some redactions to remain at Amazon’s request.

OnlyFans, the UK adult video platform, is in talks to sell a minority stake to a US investor that will value the business at more than $3bn (£2.2bn).

The London-based company is in advanced talks to sell a stake of less than 20% to the San Francisco-based investment firm Architect Capital, according to the Financial Times. Sources familiar with the process confirmed the talks to the Guardian.

OnlyFans has decided that offloading a minority stake is the best guarantee of stability for a business dealing with the death of its owner, Leonid Radvinsky. Radvinsky, a Ukrainian-American billionaire, died of cancer last month at the age of 43.

It is understood that OnlyFans is interested in a deal with Architect because the firm has expertise in the financial services sector, reflecting the UK company’s interest in offering banking products to its creators, who have struggled to access such services owing to the nature of their work.

The U.S. has been quietly building up a set of state-level laws that push operating system providers into the age verification plague.

California's AB 1043, signed in October 2025, requires OS providers to collect age data at account setup and pipe it to apps through a real-time API. It kicks in on January 1, 2027.

Colorado is working on something nearly identical. SB26-051 (which we covered when it was still a proposal) passed the state Senate 28-7 on March 3, 2026, and is now waiting on a House vote to become law there too.

However, these are just state-level laws. A new federal bill, H.R.8250, introduced on April 13, 2026, by Rep. Josh Gottheimer, with Rep. Elise M. Stefanik signing on as cosponsor, has us intrigued.

Mozilla are leaning even more into AI, with the announcement today of Thunderbolt - their open-source and self-hostable AI client.

Google began rolling out “personal intelligence” in Gemini early this year, giving AI subscribers the option of a more customized experience when using the company’s chatbot. Today, it’s using personal intelligence to tie its image-generation model to Google Photos. If you opt in, generated images will have access to your photos and associated labels to simplify prompts and produce more accurate AI images.

This change essentially streamlines an existing workflow. Google’s Nano Banana 2 is among the best AI image generators available, and it was already possible to feed it images of yourself or others to use as context for creating new AI content. Adding personal intelligence to the mix makes that process smoother by turning the image bot loose on the content of your photos, if indeed that’s something you want to do.

It is generally true that adding more personal data to an AI prompt results in a better output. Google offers a few examples of how connecting Nano Banana to Photos can help in this way. You won’t have to pack as much context into your prompts—you can just refer to “my family” or “my dog” to let the robot find useful images in your Photos library.

Just what I need. Family photos that never happened. "OK, Google, show me a Christmas photo where my dad actually went out for a pack of smokes and immediately returned."

If you’ve never seen Jim Carrey’s 2007 psychological thriller The Number 23, then congratulations. It is a film about a man who sees the number 23 so many times that he ends up going bonkers. I used to think this film was stupid. However, now I appear to be living it.

My own personal number 23 is a rhetorical device: “It’s not X, it’s Y.” Everywhere I look, there it is. Whenever I hate myself enough to scroll through Facebook’s wilderness of algorithmically suggested posts, I find myself being smacked in the face with sentences such as: “Self-improvement isn’t a trend, it’s a lifestyle shift,” and “The small wins aren’t just moments, they’re the majority of your life.” Once you notice it, it becomes impossible to ignore. This weekend during a Peloton class (I know, shut up), I heard an instructor bark a variation of “this isn’t X, it’s Y”. Yesterday, a character did the same during a TV show I was reviewing, and I dropped a star from its score in retaliation.

You know where this is coming from, don’t you? “It’s not X, it’s Y” is an AI mainstay. It’s one of ChatGPT’s most insidious tells. No matter how innocuous a prompt you enter, AI will always find a way to sneak it into its response. Ask it if you should put more ham in your pasta, and it will tell you: “Ham doesn’t just taste good – it makes everything else taste better.” Ask it if you should chase a bee around your garden and it will say: “Bees aren’t stupid – they’re hyper-specialised”.

It's beyond irritating to me that because LLMs were trained on writing that uses such constructions, being competent at writing now makes me get accusations of using one to create a post or comment.

This isn't really the case on Beehaw, but head over to Reddit, post a cogent, well-reasoned comment, and the knives are out.

I think the most infuriating part is that instead of engaging with the content (I'm there mostly for debate, anyway), they attack the structure and lob accusations. That's not a conversation.

While Larry was producing most of the content for the "Request/Reponse" chapter for the next edition of our book, I took the lead on writing a section on QUIC, since I have closely followed its development.

Our expectation is that the role of QUIC will be about as important as that of TCP in the coming years, which means it warrants more substantial coverage than we provided in the last edition. So I dug a bit deeper into the bits and bytes of QUIC than I have previously, with a goal of bringing the coverage up to par with our TCP coverage. In addition to reading through the RFCs, I found lots of good information in the original QUIC design spec as well as some conference publications on the design and evaluation of SPDY (predecessor of HTTP/2) and QUIC.

One rather trivial thing that makes it harder for me to get to grips with QUIC is the fact that its RFCs (four of them, spanning hundreds of pages) lack pictures of the packet headers. The rationale for this, I believe, is that QUIC makes extensive use of fields that are variable in length and frequently not aligned on 32-bit boundaries, which makes packet header pictures a bit complicated and less tidy.

So you thought you’d just read that webpage and then go back to the previous page? A bold assumption. All too often, clicking the back button in your browser doesn’t actually take you back. It’s called back button hijacking, and Google has thus far tolerated it. That ends in June, when the company will designate it a “malicious practice,” and any site continuing to do it will face consequences.

Back button hijacking is a way of wringing more pageviews out of visitors. It’s common on sites that live and die on search traffic. You may end up on a page because it looks like something you want, but instead of letting you leave the domain, it manipulates your page history to insert something else when you click back.

The phantom page is usually a collection of additional content suggestions or a pop-up that tries to eke out a few more clicks from each visitor. Some sites get a little more creative with it, though. For example, LinkedIn has a nasty habit of sending you “back” to the social feed after you land on a link to a profile or job posting.

Google says the back button should always do what you expect it to do—go back. Anything else amounts to a deceptive user experience that can discourage users from visiting unfamiliar pages in the future.