Category: Technology

Google and cybersecurity companies Lookout and iVerify have detailed a new hacking technique that potentially puts a significant portion of iPhone users in danger, just by visiting the wrong web page. The hack is called “DarkSword” and since it specifically targets several different versions of iOS 18, it could affect “close to a quarter of iPhones,” Wired writes.

DarkSword is a “fileless” hack that leverages a collection of exploits to access sensitive data when an iPhone visits an infected website. Rather than install spyware that hangs around on a user’s phone after messages and other private information are stolen, fileless hacks like DarkSword take control of “the legitimate processes in an iPhone’s operating system to steal data,” according to Wired. Even more troubling, DarkSword deletes any evidence it was running on an iPhone after it finishes stealing your information.

The hack starts as soon as an iOS device encounters an “malicious iframe embedded in a web page,” after which it works its way through your iPhone, gathering sensitive information like passwords before deleting itself. DarkSword can abscond with things like messages and iCloud content, but it’s also specifically designed to access crypto currency wallets, Lookout says, which could indicate who was using DarkSword before it became widely available.

DarkSword has reportedly been used in Ukraine, Saudi Arabia, Malaysia, Turkey and Russia, and its origins could be tied to a different hacking toolkit called Coruna that TechCrunch reports may have been created for the US government by a company called Trenchant. Regardless of where DarkSword came from, the tool didn’t become widely available until its Russian users left DarkSword’s source code on a website for anyone to access, “complete with explanatory comments in English that describe each component and include the ‘DarkSword’ name for the tool,” Wired writes.

Apple patched the exploits that DarkSword and Coruna used in recent updates to iOS 26, the yearly software release from 2025 that followed iOS 18. DarkSword targets iOS 18 releases between iOS 18.4 and iOS 18.6.2, and according to Apple’s latest iOS usage stats for developers, around 24 percent of iOS devices are still on some version of iOS 18.

However, Apple simultaneously released iOS 26 and iOS 18.7 on September 15, 2025. So even if people didn’t want to upgrade to iOS 28, a secure patch has been available for six months. Despite the fact that Apple’s stats indicate that about 24 percent of iPhone users are still on iOS 18, the actual number of potentially vulnerable phones is much lower. Still, it’s a good reminder to stay on top of software updates if only for the security features if nothing else.

Update, March 19, 2026, 10:10AM ET: This story has been updated to note that while this vulnerability targets iOS 18, Apple released iOS 18 updates over the last six months that are secure against this attack.

Amazon’s next-generation smart assistant has entered its Early Access program in the UK, marking Alexa+’s European debut following rollouts in the US, Canada and Mexico. Starting March 19, invitations to start using the smarter, more conversational Alexa will be sent out to “hundreds of thousands” of willing participants, Amazon said in a press release, adding that Alexa is the most popular voice assistant in the UK.

As well as its more natural communication, agentic capabilities, contextual awareness and ability to remember previous conversations across devices, Amazon that users across the pond are getting an “authentically British” AI-powered assistant. It understands slang terms like “cuppa” and might even accuse you of taking the mick in the middle of a conversation. Can we rule out some cringe-inducing cockney impersonations? Absolutely not. It also distinguishes between, for example, how people in the UK say the date — “the 1st of April” — versus how it’s said in the US.

Amazon said that engineers, linguists and speech scientists have worked together at the company’s Cambridge-based Tech Hub to ensure the voice assistant understands British users, with naturally flowing conversations being a crucial part of the Alexa+ experience.

On the agentic side of things, the current lineup of UK partners will include OpenTable and, soon, JustEat, alongside existing partnerships with services like Spotify, Philips and Apple Music. Amazon also sources news from the likes of The Guardian and Future Publishing.

UK-based customers who purchase a new supported Echo device will automatically qualify for Early Access, and if you already own one you can register here to receive an invite. You can also try Alexa+ on select Fire TV devices and in a web browser.

During the Early Access period, which ran for nearly a year in the US before its nationwide rollout last month, Alexa+ will be free, and will remain free for Prime members. On its own it will cost £20 per month. As a reminder, Prime costs £9 per month in the UK (£95 annually) so it makes no sense whatsoever to pay more for Alexa+ exclusively when it’s included in the main membership anyway.

UK’s Ofcom has fined 4chan a total of £520,000 ($690,000) over the website’s failure to comply with the rules of Online Safety Act 2023. The biggest chunk of the amount came from 4chan’s failure to ensure children cannot encounter pornographic content on its website by implementing an effective age check mechanism. For that violation, the website has received a penalty of £450,000 ($598,000) and an order to apply an age check system by April 2. It carries a daily rate penalty of £500 ($664) until the website is compliant or until June 1, whichever comes sooner.

Ofcom also found that 4chan has failed to carry out sufficient illegal content risk assessment on its website and has fined it £50,000 ($66,400) for that violation. 4chan has until April 2 to conduct a risk assessment, or it has to pay an additional £200 ($266) per day. Finally, the regulator has determined that 4chan failed to include provisions in its terms of service that specify how it protects users from illegal content. That carries a fine of £20,000 ($26,600), with a daily rate penalty of £100 ($133) a day from its compliance deadline of April 2 to June 1.

The regulator started investigating 4chan, famous for its anonymous and unmoderated messaging boards, in June 2025 to determine if it was failing to meet its obligations under the law. In October, Ofcom announced its decision for some of the investigations it opened. It slapped 4chan with a £20,000 ($26,700) fine for ignoring its requests for a copy of the website’s illegal harms risk assessment and to provide information about its qualifying worldwide revenue. The regulator has confirmed to Engadget that 4chan has yet to pay that previous fine, which also earned cumulative daily punishment fees for 60 days.

The Information reported that an AI agent within Meta took unauthorized action that led to an employee creating a security breach at the social company last week. According to the publication, an employee used an in-house agentic AI to analyze a query from a second employee on an internal forum. The AI agent posted a response to the second employee with advice even though the first person did not direct it to do so.

The second employee took the agent’s recommended action, sparking a domino effect that led to some engineers having access to Meta systems that they shouldn’t have permission to see. A representative from the company confirmed the incident to The Information and said that “no user data was mishandled.” Meta’s internal report indicated that there were unspecified additional issues that led to the breach. A source said that there was no evidence that anyone took advantage of the sudden access or that the data was made public during the two hours when the security breach was active. However, that may be the result of dumb luck more than anything else.

Many tech leaders and companies have touted the benefits of artificial intelligence, this is just the latest incident where human employees have lost control over an AI agent. Amazon Web Services experienced a 13-hour outage earlier this year that also (apparently coincidentally) involved its Kiro agentic AI coding tool. Moltbook, the social network for AI agents recently acquired by Meta, had a security flaw that exposed user information thanks to an oversight in the vibe-coded platform.

During a Senate hearing, FBI Director Kash Patel confirmed that his agency has bought information that could be used to track individuals’ movement and location. “We do purchase commercially available information that’s consistent with the Constitution and the laws under the Electronic Communications Privacy Act, and it has led to some valuable intelligence for us,” he said.

Law enforcement is required to obtain a warrant in order to get location data from cell service providers following the Carpenter v United States ruling from 2018. But why bother with all that hassle when they can just buy the information from the open market?

“Doing that without a warrant is an outrageous end run around the Fourth Amendment, it’s particularly dangerous given the use of artificial intelligence to comb through massive amounts of private information,” Sen. Ron Wyden, (D-Ore.) said during the Intelligence Committee hearing. Wyden is one of several lawmakers pushing for an overhaul of when and how the government can obtain citizens’ personal information.

It’s an overhaul that’s badly needed. Patel already has a history of dubious use of government resources, such as ordering SWAT protections for his girlfriend and somehow horning in on men’s hockey victory celebrations at the recent winter Olympics, so one would hope he’s not also stretching the limits of the few privacy protections that do exist. Then outside the FBI, we have the Department of Homeland Security being sued for illegally tracking immigration raid protestors and the Pentagon’s labeling of Anthropic as a supply-chain risk after the AI company refused to let its products be used for mass surveillance of Americans.

Horizon Worlds, Meta’s first pass at a metaverse, will be inaccessible via virtual reality headset after June 15, 2026. The company shared plans to separate Horizon Worlds from Quest VR platform and focus exclusively on the smartphone version of the app in February, and now in a new post on its community forums, Meta detailed when the VR version of Horizon Worlds will be deprecated.

By March 31, Meta says individual Horizon Worlds and Events will no longer be listed in the Quest’s Store and headset owners will be unable to visit worlds like “Horizon Central, Events Arena, Kaiju and Bobber Bay.” Then, after June 15, the app will be removed from Quest headsets and worlds will be completely unavailable to visit in VR. From that point on, the easiest place to visit Horizon Worlds will be in the Meta Horizon app for iOS and Android.

Additionally, Hyperscape Capture, a recently added beta feature that allows Quest headset owners to capture, share and visit each other in detailed 3D scans of real-life locations, is also being removed from Horizon Worlds. Meta says users will still be able to capture and view Hyperscapes, “but sharing, inviting, and co-experiencing Hyperscapes with others will no longer be supported.”

While Meta’s original blog detailing its 2026 VR strategy left open the possibility that a committed Quest owner might still be able to access some part of Meta’s original VR metaverse, that apparently was never the company’s plan. Meta saw enough “positive momentum” focusing on supporting the mobile version of Horizon Worlds in 2025 that it made sense to completely abandon the VR one in 2026. While that seems to run contrary to Meta’s positioning as a “metaverse company,” it does reflect where the company is spending the most money and seeing the most (relative) success: AI and smart glasses.

Subnautica 2 has weathered the storm and has rescheduled its early access release. IGN reported today that the sequel to the underwater survival game will begin early access on PC and Xbox in May, although a more specific date was not provided.

The news comes a day after a judge ruled that former Unknown Worlds Entertainment CEO Ted Gill should be rehired at the game studio. That decision capped off a dramatic year for the team behind Subnautica, which was acquired by Krafton in 2021. The studio and its new owners entered a legal battle because the purchase of Unknown Worlds included a promise of an up to $250 million payout from Krafton if the team met certain performance goals by the end of 2025. In July of that year, however, Krafton fired several studio leaders and then delayed the sequel’s early access launch. The court case has raised questions about which side was trying to either secure or avoid making that multi-million payment.

With yesterday’s ruling, a rep from Krafton said that “we are evaluating our options as we determine our path forward.” It’s unclear if that path, or the other litigation still underway over the project, will create further delays to the planned early access date.

Denon is addressing an omission in its current turntable lineup: Bluetooth streaming. With the new DP-500BT, the company combines refined design, analog sound and high-resolution wireless connectivity. With its semi-automatic operation and switchable phono preamp, this model has the features to suit beginners and experienced vinyl listeners alike.

The DP-500BT has a belt drive system, a balanced S-shaped tonearm and an aluminum die cast platter. There’s also a pre-installed moving magnet (MM) cartridge with a CN-6518 stylus and a built-in preamp that can be disabled in favor of a more robust external unit or powered speakers. Semi-automatic operation combines auto lift with playback stop to simplify the listening process for both novice and advanced vinyl lovers. This feature also protects both the stylus and your records.

In terms of design, Denon says it took inspiration from its DP-3000NE turntable for the DP-500BT. The similarities are clear, but more importantly, this decision gives the new $899 model a much more refined look compared to the company’s more affordable record players. The DP-3000NE is a $2,799 turntable, after all.

Bluetooth streaming is what sets the DP-500BT apart in the Denon lineup. Here, you’ll have the option of aptX, aptX HD and apt Adaptive when you need to streaming wirelessly to speakers or headphones. This turntable also works with the company’s HEOS amplifiers and Home speakers, which allow for multi-room audio while listening to that record collection.

The DP-500BT is available today from Denon and other retailers for $899.

There are many E Ink tablets out there, but most of them are basically digital notebooks. They are great for reading and handwriting notes, but not so great for doing all of that regular tablet stuff like checking emails and doomscrolling. Boox, however, has released a number of E Ink tablets that can access the Google Play Store, opening up users to the wide world of traditional smartphone apps.

The company’s latest product is a refresh of the Go 10.3 tablet, called the Go 10.3 Lumi. This introduces plenty of new features and, as the name suggests, one is a front light. The tablet has been designed for both natural sunlight and low-light environments. The previous model was great, but it turns into a useless paperweight without access to ambient light.

Despite the front-facing light, the Go 10.3 Lumi is still lighter than its predecessor, at 12.8 ounces. It’s also on the thinner side, with a 4.8mm profile.

The basic specs are similar to the Go tablet, with an octa-core processor, 4GB of RAM and 64GB of internal storage. It runs on Android 15, which is a massive improvement for both security and access to apps. The previous iteration ran on Android 12, and Google stopped officially supporting that OS last year. That means no more critical security updates.

In addition to beefed up security, Boox promises the upgrade to Android 15 offers users improved memory management, better multitasking and smoother UI interactions. E Ink devices can be sluggish so I’m all for anything that speeds things up.

It integrates with external keyboards and boasts integrated speakers, which will certainly come in handy when navigating apps downloaded from the Play Store. Despite the screen technology, this is an Android tablet. It should be able to run just about any app available.

However, the E Ink technology will likely run into hiccups with video-based apps and games. It’s just not made for that. This could be a great little gadget for emails and text-based social media, but not for something like TikTok. It should be able to handle non-animated games just fine, like crossword puzzles and stuff like that.

Boox says the tablet gets “substantial battery life” and has been “optimized for extended usage cycles.” The company hasn’t announced detailed battery specs, but did say people “can work all day without looming battery anxiety.” E Ink devices tend to last a good while, so I’m not worried about that.

The Boox Go 10.3 Lumi is available to order right now and costs $450. If you want to save a few bucks and have no interest in a front light, there’s a stripped down version that also runs Android 15 but costs $420.

At GTC 2026, NVIDIA and Bolt announced what they hope will be a symbiotic partnership. Bolt gets NVIDIA technology that would be costly and impractical to build on its own. Meanwhile, NVIDIA not only gains a major customer but also access to the European rideshare company’s driving data.

Bolt says its fleet data will build a “learning engine” for autonomous vehicles (AVs) using NVIDIA tech. The rideshare company will use NVIDIA Cosmos to curate and search driving data. It will tap into NVIDIA Omniverse to reconstruct digital twins of real-world driving logs, then use Cosmos again to generate and augment data at scale.

NVIDIA’s Alpamayo model, designed specifically for AVs, will help the AI learn how to drive safely and appropriately in European cities. Finally, Bolt will integrate NVIDIA’s Drive Hyperion platform into its AVs.

“Autonomous vehicles require a full-stack approach that unifies AI models, high-performance compute, and a robust sensor architecture,” NVIDIA EMEA Automotive VP Philippe Van Den Berge said. “By combining Bolt’s real-world operational data with the NVIDIA Drive Hyperion platform, AI infrastructure, and open models & libraries across Omniverse, Cosmos, and Alpamayo, we’re enabling a scalable foundation for safe, high-performance autonomous mobility services designed for the complexity and diversity of European roads.”

Bolt has been busy gearing up for an autonomous future. In late 2025, it announced partnerships with Pony.ai and Stellantis.

The companies haven’t announced a timeline for when we can expect to see NVIDIA-powered Bolt robotaxis in European cities. However, they promise that Bolt’s fleet data will comply with GDPR standards. They also say they’ll provide open-source access to European universities and small- and medium-sized businesses.