<!–> ZDNET’s key takeaways Fantastic rechargeable hand warmer with a wide range of temperatures that also acts as a great emergency power bank. This unit is water- and dust-resistant, making it perfect for outdoor use. The unit is rather chunky, and you feel it in a pocket. –> I spend a lot of time outdoors, […] More
ZDNETIn the last decade, spyware tools have been repeatedly found on the phones of journalists, activists, and politicians, including US officials, raising concerns over the unprecedented proliferation of spyware technologies and, subsequently, the lack of protections within the tech space amid growing threats.Also: Google releases responsible AI report while removing its anti-weapons pledgeLast Friday, Meta’s WhatsApp revealed that it had discovered a hacking campaign targeting about 90 users, mostly journalists and civil society members across two dozen countries. According to a WhatsApp spokesperson, the Israeli spyware company Paragon Solutions — now acquired by Florida-based private equity firm AE Industrial Partners — was behind the attack.What is a zero-click capability? Graphite, Paragon’s spyware, was found to have infiltrated WhatsApp groups by simply sending users a malicious PDF attachment. Without users’ knowledge, it can access and read messages on encrypted applications like WhatsApp and Signal.This is also known as a zero-click attack, which means that targets do not have to take any actions for their devices to become compromised. In contrast, phishing or one-click attacks require user interaction with a malicious link or attachment. Once a phone is infected with a zero-click capability, the operator of the attack can secretly gain total access to the phone by exploiting a security vulnerability.Also: How to turn on Private DNS Mode on Android – and why it’s a must for securityIn an interview with ZDNET, Rocky Cole, co-founder of mobile threat protection company iVerify, said that “in the case of graphite, via WhatsApp, some kind of payload, like a PDF or an image, [was sent to the victims’ devices] and the underlying processes that receive and handle those packages have vulnerabilities that the attackers exploit [to] infect the phone.”While public reporting does not specify “whether graphite can engage in privilege escalation [vulnerability] and operate outside WhatsApp or even move into the iOS kernel itself, we do know from our own detections and other work with customers, that privilege escalation via WhatsApp in order to gain kernel access is indeed possible,” Cole said.iVerify has uncovered instances where “a number of WhatsApp crashes on [mobile] devices [they’re] monitoring with iVerify” have appeared to be malicious in nature, leading the iVerify team to believe that the malicious attacks are “potentially more widespread” than just the 90 people reported to have been infected by graphite.While the WhatsApp attack was predominantly launched against members of civil society, mobile spyware is an emerging threat against everyone because mobile exploitation is more widespread than one might think, Cole said. Moreover, “the result is an emerging ecosystem around mobile spyware development and an increasing number of VC-backed mobile spyware companies are ‘under pressure to become profitable enterprises,'” he said.This ultimately “creates marketing competition” for spyware merchants and “lowers barriers” that would deter these mobile exploitation attacks.Also: The top 10 brands exploited in phishing attacks – and how to protect yourselfJust a month ago, WhatsApp won a lawsuit against NSO after a federal judge in California found that NSO was exploiting a security vulnerability within the messaging app to deliver Pegasus. The infamous NSO Group — known for infecting the phones of journalists, activists, and Palestinian rights organizations — has used similar zero-click capabilities through their Israeli-made Pegasus spyware, a commercial spyware and phone hacking tool.Historically, the NSO Group has avoided selling to US-based clients and has also been banned by the US Commerce Department under the Biden administration for allegedly supplying spyware to authoritarian governments. However, “shifting political dynamics [under the Trump administration] raises the possibility that spyware may become more prevalent in the United States” — exacerbating mobile exploitation.”And the world is totally unprepared to deal with that,” Cole said. More
wildpixel/Getty Images Regulators across the world are increasingly taking action against DeepSeek AI, the controversial Chinese startup behind two open-source models that have shaken up the industry. Also: What is DeepSeek? Here’s what you should know On Tuesday, South Korea’s Personal Information Protection Commission (PICP) announced it was removing DeepSeek’s chatbot app from Google Play and […] More
ZDNETStress is rampant across the world these days. It’s practically unavoidable. From politics, finances, work, school, and relationships, everything seems to be getting wrapped up in a cocoon of chaos that threatens our peace.That’s why, any time I can, I will reach for something capable of easing me back into a state of calm.The developers of the Opera browser understand this, so they developed a new web browser built specifically to level us out, bring us peace, and help us get through those stressful days.This browser, dubbed your “Mindful Browser,” is designed to soothe the nerves raging against the machine in your head, and it does so with:Break remindersBinaural beatsMeditation and relaxation toolsA minimal Scandinavian design with a “frosted glass” look A floating sidebarOpera Air is currently still in the early access phase (released Feb. 4, 2025) and is available to download and install on MacOS and Windows (hopefully, a Linux version will come soon).Also: How Opera’s new Air browser helped me to keep calm and surf onI was doubtful about the effectiveness of Opera Air at first, but then I saw the binaural beats feature and was immediately intrigued. I’ve used binaural beats quite a bit, especially in situations that could lead to tension or even when working on a writing project that requires intense concentration. I’ve installed apps and created Spotify playlists for binaural beats, and having that built into a browser convinced me that Opera Air was something I definitely needed to try.And try I did. More
<!–> ZDNET’s key takeaways The Ecovacs Deebot X8 Pro Omni is a robot vacuum and mop combination available for $1,400. This robot vacuum and mop features an extendable self-washing mop roller instead of rotating mop pads and 18,000Pa of suction power. While the robot promises streak-free mopping, it can leave streaks if your floors are […] More
ZDNETAccording to the Ark Invest Big Ideas 2025 report, agents will increase enterprise productivity via software. Companies that deploy agents should be able to increase unit volume with the same workforce and optimize their workforce toward higher-value activities. Artificial intelligence (AI) will also supercharge knowledge work. Through 2030, Ark expects the amount of software deployed per knowledge worker to grow considerably as businesses invest in productivity solutions. AI agents are poised to accelerate the adoption of digital applications and create an epochal shift in human-computer interaction.Also: Here’s what AI likely means for traditional BI and analytics toolsAccording to the 2025 Connectivity Benchmark Report by MuleSoft and Deloitte Digital, 93% of IT leaders report intentions to introduce autonomous AI agents within the next two years, and nearly half have already done so. However, the journey to agentic AI adoption and a digital labor force will not be easy without a deliberate focus on data and knowledge management strategy. More
ZDNETBy design, Linux is about as secure an operating system as you’ll find. However, that level of security doesn’t mean there aren’t steps you can take to make it more secure.One thing you can do is enable two-factor authentication (2FA) for desktop logins. With this feature added to the process, you tap a six-digit code you retrieve from an authenticator app on your phone to log in to services and your user password.Also: The best VPN services (and how to choose the right one for you)Believe it or not, 2FA is pretty easy to set up. I would suggest, however, that you try this approach on a test machine. You do not want to get locked out of your main desktop, because, should that happen, it can be a nightmare to resolve.With that said, let me show you how to set up 2FA. More
Bluestar is a stunning Linux desktop operating system. Screenshot by Jack Wallen/ZDNETI love a customized desktop. Anytime a developer (or team of developers) can deliver a unique take on any of the Linux desktop environments, I’m all for it — and Bluestar Linux does not disappoint.Also: If you’re ready to break up with Windows, this is the Linux distro I suggest for new usersWhat is Bluestar Linux?Bluestar Linux is based on Arch and designed to be user-friendly. The desktop focuses on a unique aesthetic for KDE Plasma. Bluestar Linux features up-to-date packages and kernel, a full range of desktop and multimedia software, a live version, a customized KDE Plasma desktop environment, and is available in 32 and 64-bit versions. There is also a Bluestar Linux software repository, which is maintained to provide additional applications outside the standard repositories.Also: Archcraft is a solid, super fast distro for anyone ready to move beyond beginner LinuxBluestar Linux has three main editions: Desktop, Deskpro, and Developer. Each of the editions is geared to specific users. I opted to review the Desktop version, which most users will want.The default installation includes apps like GIMP, VLC media player, LibreOffice, FileZilla (FTP client), Firefox, Pidgin (messaging client), a Bluesky app, Thunderbird, and much more. More
