Eliana Willis

Max Buondonno/ZDNETZDNET’s key takeawaysThe Nomad Tracking Card More

Elyse Betters Picaro / ZDNETWindows users who don’t always install the updates rolled out by Microsoft each month for Patch Tuesday will want to install the ones for June. That’s because the latest round of patches fixes a flaw that could allow an attacker to control your PC through bootkit malware.Designated as CVE-2025-3052, the Secure Boot bypass flaw is a serious one, according to Binarly security researcher Alex Matrosov, who discovered the vulnerability. In a Binarly blog post published Tuesday, he described the problem as a memory corruption issue that exploits Microsoft’s Secure Boot. Also: Massive data breach exposes 184 million passwords for Google, Microsoft, Facebook, and more”Attackers can exploit this vulnerability to run unsigned code during the boot process, effectively bypassing Secure Boot and compromising the system’s chain of trust,” Matrosov said. “Because the attacker’s code executes before the operating system even loads, it opens the door for attackers to install bootkits and undermine OS-level security defenses.” Crafty and dangerous malwareBootkit malware is especially crafty and dangerous. By running before your PC boots up, it’s able to skirt past your usual security protection and evade detection. Plus, such malware can allow attackers to control your PC, infect it with additional malware, or even access your confidential information. The irony here is that Microsoft implemented Secure Boot on Windows PCs specifically to prevent malware from loading during the boot-up process. This security feature has been available on PCs that use Unified Extensible Firmware Interface (UEFI) firmware as a more modern replacement for the older BIOS firmware. Also: Apple, Google, and Microsoft offer free password managers – but should you use them?In this case, however, the flaw lets an attacker bypass Secure Boot by signing a vulnerable UEFI application with Microsoft’s third-party certificates, essentially giving it carte blanche to run. Though the flaw itself has not been exploited in the wild, the vulnerable application has been around since late 2022, and was uploaded to the VirusTotal security site, which is where Matrosov discovered it. More

Maria Diaz/ZDNETLast year, Apple announced a redesigned Photos app, touting it as “the biggest-ever redesign.” Over the past year, we’ve seen users complaining about the redesign and wanting to go back to iOS 17’s Photos app. Apple seems to have listened to all the feedback and fixed its Photos app with the new iOS 26 update.Also: Everything announced at Apple’s WWDC 2025 keynote: Liquid Glass, MacOS Tahoe, and more”Many of you missed using tabs in the Photos app,” said Craig Federighi, Apple’s Senior Vice President of Software Engineering, in his keynote at WWDC 2025. “Photos now features separate tabs for Library and for Collections,” he added. With the new Photos app on iOS 26, Apple is keeping the best of both iOS 17 and iOS 18. More

<!–> ZDNET’s key takeaways The OnePlus Pad 3 starts at $699 for the 12GB of RAM and 256GB of storage configuration. It’s got a larger battery and display this year, as well as an updated Qualcomm chipset. The tablet is an OLED panel, a fingerprint scanner, and a floating keyboard case away from perfect. –> […] More

Adam Breeden/ZDNETMobile devices are always a tempting target for cybercriminals. That’s true not just for consumers but for companies. According to Google, more than half of organizations have pointed to smartphones as their most exposed endpoint, and data breaches often occur from improper use of these devices. In a blog post released on Tuesday, Google describes the latest protections available with its Android Enterprise platform.Also: Your Android phone is getting 4 big upgrades, thanks to Android 16Mobile devices have become popular, convenient tools among workers, as they can access email, apps and other internal business resources from anywhere. But often an employee’s phone is unmanaged and uncontrolled, leading to security weaknesses that can be exploited by hackers and attackers. Android Enterprise offers organizations and IT admins a way to better manage these devices, whether they’re company-owned or employee-owned. Though Android Enterprise has been around for a number of years, here are some of the latest initiatives Google has introduced. Security features Advanced protection: Employees can better thwart targeted attacks through strong mobile device protection. With just a single tap, they can enable multiple security features to defend against online attacks, malicious apps, unsafe websites, scam calls and other threats. This feature is accessible on Android 16 and higher but may only be available on certain devices and in specific regions. Identity Check: This feature prevents scams such as PIN theft and shoulder surfing, in which nearby thieves can pick up the PIN or password used to access a phone. With Identity Check, signing in to the device and apps requires a biometric method, such as facial or fingerprint recognition. This feature is also available on Android 16 and higher on certain devices. Also: 7 simple things I always do on Android to protect my privacy – and why you should tooCorporate badges in Google Wallet: Employees can add their corporate ID badge to the Google Wallet app and then use their phones to securely gain entry to NFC-enabled buildings and offices. Secure network access with Access Point Name: Access Point Name, or APN, is a secure gateway between a mobile network and the public internet. With APN enabled, IT admins can apply custom cellular network configurations on managed devices to control how they use cellular data. More

<!–> ZDNET’s key takeaways The Redmagic 10 Air Android phone is available now on Amazon for $729. The 10 Air phone is as elegant as it is powerful and can handle some of the more challenging games. This camera system isn’t necessarily flagship level, and you’ll want to pay attention to network band support. –> […] More

<!–> ZDNET’s key takeaways The Bowers & Wilkins Px7 S3 are available for $449 in Anthracite Black, Canvas White, and Indigo Blue. These headphones provide a listening experience and design profile unlike any other headphones in the same price range. Although these are the best sounding and looking headphones at this price, they fall behind […] More

Reddit (TheACwarriors) / Elyse Betters Picaro / ZDNETIf you’re a Samsung phone user, you can take advantage of a pretty sweet offer: a free year of Perplexity Pro.Samsung doesn’t appear to have made any official announcement about the promotion, so it would be easy not to know about it, but users are seeing the offer under the “Deals and events” tab of the Galaxy Store app. This is a $240 value if you pay monthly, or a $200 value if you pay yearly. Also: 5 projects Perplexity’s new Labs AI tool can whip up for you now – in minutesThe deal comes just a week after news broke that Samsung and Perplexity were in some sort of partnership. Samsung will be preloading Perplexity’s app and assistant on future Samsung devices, and plugging Perplexity’s AI search engine into the Samsung web browser. Perplexity hasn’t been shy about offering freebies to entice users to check out its service. It promoted a free year of Perplexity Pro to anyone with a .gov email address earlier this year, and a free year to Xfinity customers and college students. How Samsung users can get Perplexity Pro for free Here’s how to get your free year of Perplexity Pro. You’ll need to start clean, so if you already have the Perplexity app downloaded, delete it. Go to the Galaxy Store and download the Perplexity app.Open the app and make an account or log in if you already have one (free accounts only).Also: I tested ChatGPT’s Deep Research against Gemini, Perplexity, and Grok AI to see which is bestIf you follow those steps, your free account should be upgraded to Perplexity Pro (it worked when a ZDNET staffer tried it just now). You’ll know you’ve received the upgrade when you get an email titled “You’ve been upgraded to Perplexity Pro via Samsung Galaxy.” More