The Latest

Back in April, Samsung announced its plans to shutter its proprietary Messages app. It shouldn't have come as too much of a shock to Galaxy users: It's been a long time since Samsung Messages was the default choice on Galaxy devices. In fact, the company didn't even ship the app with newer devices, choosing Google Messages as its new messaging standard. Galaxy S26 users can't even download the app at all.

In its initial announcement, the company said Samsung Messages would shut down sometime in July, but declined to offer a definitive date. So when July 1 hit, and the app was still working, perhaps some users felt a small sense of comfort: Maybe Samsung wasn't serious about ending the app. That, unfortunately, wasn't the case. It seems the company chose July 7 as its deprecation day, as the app is officially defunct. You can still open Samsung Messages, but if you try to send a message, you'll find the text field grayed out.

What should Samsung Messages users do now?

While Samsung Messages is no longer supported, the app isn't gone forever. As I said, you can still access it, which means you can also see your message history. And, per Samsung, you can still use the app, albeit under extremely limited circumstances. If your device runs Android 11 or something older, Samsung Messages will continue to work. In addition, all users can contact emergency services from Samsung Messages, as well as their emergency contacts. If you set someone as an emergency contact, you have a workaround for continuing to use Samsung Messages.

There is another workaround here, but I don't recommend it. As Android Authority highlights, you can uninstall app updates to restore access by heading to Settings > Apps > Samsung Messages > More options and choosing "Uninstall Updates." From here, head to the Galaxy Store, then go to Menu > Updates > Samsung Messages > More options. Here, disable "Enable auto-update" to ensure that the Galaxy Store and One UI don't check in with Samsung Messages anymore. Per Android Authority, this should let you keep using Samsung Messages as if it were not shut down, but I discourage you from doing so for more than a short period. Now that the app isn't receiving new updates, any security vulnerabilities that pop up in the future will not be patched. As such, Samsung Messages users will likely be targets for phishing and hacking, putting their devices and data at risk.

Switching to Google Messages is the best course of action

Unfortunately, the best course of action for most Samsung Messages users is to switch to Google Messages. While I imagine many Samsung Messages fans are loath to switch to Google's app, it really is the easiest transition. Once you make Google Messages your default messaging app, your conversation history will automatically begin migrating over from Samsung Messages—though Samsung says there are no guarantees about how long this process can take.

That said, there are third-party apps out there you can choose from instead. Focusing specifically on SMS apps, you'll find similar features with Textra, Chomp SMS, and Handcent SMS. The issue is that your Samsung Messages history might not automatically transfer over when moving to one of these apps. You can try a third-party SMS backup too, like SMS Backup & Restore, but again, it's not clear whether you'll be able to migrate your messages over. If your main concern is moving your messages over to a new app, Google Messages may be the best move here.


from Lifehacker https://ift.tt/kXihsHu

We may earn a commission from links on this page. Deal pricing and availability subject to change after time of publication.

The Anker Prime Foldable MagSafe Charger is currently down to $99.74 from $149.99, about a 34% discount—and price trackers indicate that's the lowest price for this device so far. This charger makes the most sense for someone who travels with an iPhone, Apple Watch, and AirPods, or just wants a cleaner charging setup on a desk or nightstand. It is not a standalone power bank, so it still needs to stay plugged into the wall, but the included 45W USB-C adapter and 5-foot USB-C cable help make the price easier to justify, since you do not have to buy a separate brick to use it properly.

Folded down, this MagSafe charger measures 3.74 by 2.38 by 1.22 inches and weighs 8.11 ounces, about the weight of a large iPhone. That makes it easy to throw into a bag, desk drawer, or carry-on. Open it up and it can charge a compatible iPhone magnetically, charge an Apple Watch on the built-in watch charger, and charge AirPods with a wireless charging case on the base. That makes this particularly useful in a hotel room, where outlet space is often limited, or on a nightstand where three separate cables quickly becomes annoying. The catch here is compatibility: This is built for the Apple ecosystem, so it is not the right buy for someone using a Samsung watch or a mix of non-Apple devices.

The charger is Qi2.2 certified and can deliver up to 25W wireless charging to supported iPhones. Anker says it can charge an iPhone 17 Pro to 50% in 26 minutes, though your results can vary depending on the case, room temperature, and battery level.


Deals are selected by our commerce team

from Lifehacker https://ift.tt/qHwxGjd

Criminal IP has integrated its threat intelligence with OpenCTI, enabling security teams to automatically convert IP addresses, domains, and URLs into structured intelligence within the platform’s knowledge graph.

The integration automatically enriches ingested indicators with Criminal IP’s infrastructure intelligence, dual-perspective reputation scoring, vulnerability data, behavioral signals, and phishing analysis. The enriched data is structured as OpenCTI entities and relationships, allowing analysts to investigate connected infrastructure, map attack surfaces, and prioritize indicators.

Criminal IP OpenCTI threat intelligence

Integration highlights

  • Contextual risk scoring: Criminal IP delivers dual-perspective risk scoring reflecting both inbound targeting and outbound behavior. This model provides signals to assist analysts with the prioritization of high-risk infrastructure.
  • Infrastructure intelligence: The integration creates structured OpenCTI entities and relationships, mapping vulnerabilities (CVEs), Autonomous Systems (ISPs), and geolocation to allow analysts to pivot across components within the graph.
  • Service exposure & vulnerability correlation: By linking observed services to known CVEs, the integration provides insight into whether an IP is malicious, exploitable, or actively leveraged in attacks.
  • Threat labeling & behavioral signals: Generated labels incorporate multiple data points including anonymization technologies (VPN, proxy, TOR), hosting characteristics, and malicious classifications.
  • Domain & phishing intelligence: Criminal IP performs URL analysis for domains to detect phishing activity, credential harvesting, suspicious files, and impersonation techniques, providing tied confidence scores.
  • Infrastructure mapping: Indicators are linked to network ownership (Autonomous Systems), physical locations, and resolved IP infrastructure to identify hosting patterns and regional clustering.

Key use cases

  • SOC triage and alert validation: Validates suspicious IPs and domains using risk scoring, infrastructure context, and phishing intelligence to prioritize high-risk indicators.
  • Threat hunting and infrastructure pivoting: Utilizes enriched relationships such as CVEs, Autonomous Systems, and geolocation to trace connected infrastructure and attacker operations.
  • Phishing and campaign analysis: Identifies malicious domains, credential harvesting pages, and supporting infrastructure to track broader campaign patterns.


from Help Net Security https://ift.tt/YqhSxFt

You've got all kinds of options when it comes to choosing how to communicate digitally with friends and family: not just dedicated messaging apps such as iMessage and WhatsApp, but also the DM features built into social media platforms like Instagram, Facebook, and Snapchat. Some of these apps put a lot of emphasis on security and privacy, with mentions of end-to-end encryption and disappearing messages (WhatsApp now lets you hide your phone number for example). For the ultimate in private messaging, though, there's an app you might not have heard of before.

Delta Chat is decentralized (so there's no one point of failure or control), open-source, end-to-end encrypted, and anonymous—you don't need to supply a phone number to get started. You can even message people who don't have the app. Here's what you need to know, and why you might want to make use of it.

How Delta Chat works

Delta Chat has been around for about a decade now, and started as a way to keep your messages out of the clutches of big tech companies. Over the years, it's added more and more features, become easier to use, and expanded to more platforms. There have also been some changes in the way Delta Chat works as a platform.

For much of Delta Chat's existence, it's worked through email: You signed up with your email address, and the chat app was essentially a wrapper for certain conversations in your inbox. Much of the storage and infrastructure work was handled by your email provider of choice, and anyone with an email address could join in.

Now, though, Delta Chat provides an email address for you, and handles all of the necessary plumbing behind the scenes. Not only does this make the service more convenient, it means you don't need to reveal anything to use it—you won't be asked for a phone number, an email address, a name, or anything else.

Delta Chat
You don't have to give any personal details when creating an account. Credit: Lifehacker

That may sound like it leaves the service open to spam, but the encryption stops that: Essentially, no one can spam you without knowing your specific encryption key. Your address is a random string of characters that you can pass on to trusted contacts—there's no public directory of users, and no way of looking someone up.

There are plenty of the usual chat app features here: audio and video calls, group chats, read receipts, and the option to have your messages disappear after a certain amount of time. You can easily share files with contacts, and you can log in on multiple devices simultaneously.

Getting started with Delta Chat

You can start your Delta Chat journey through the desktop apps for Windows or macOS, or through the mobile apps for Android or iOS. As noted above, you don't need to provide any personal information to sign up for the service: Just tap or click Create new profile on the opening splash screen to begin.

The app will ask you for a username that your contacts will recognize you by, but it doesn't have to be your real name, and there's the option to add a profile picture as well. You are then taken to the main chat screen, though you won't have any chats yet—just a welcome message and a folder for your saved messages.

To add someone on Delta Chat, tap the QR code icon at the top (Android and desktop) or bottom (iOS) of the interface. Ask your prospective contact to scan this with Delta Chat on their own device, though there are also options if you're doing the scanning. You can also generate an invite link to paste into an email or another messaging app.

Delta Chat
The chat interface is a familiar one. Credit: Lifehacker

Everything works very much as you would expect once you're in the Delta Chat interface. Via a long press on mobile or a right-click on the desktop, you can find options for muting, pinning, and archiving specific conversations, while the new chat button (a plus icon on Android and the desktop; a pen-in-a-box icon on iOS) lets you start a new conversation or create a new group chat.

To get to the settings for an individual chat, tap the three dots (top right) on Android, tap the contact name at the top then the three dots (top right) on iOS, and click the three dots (top right) on the desktop. The options here let you set up disappearing messages, search through chats, and clear the conversation history, as well as muting and archiving.

There's a main settings screen, via the large cog icon on the desktop app interface, the three dots (top right) on Android, and the Settings tab on iOS. The options here include being able to set backgrounds for your chat, turn read receipts on and off, and configure the quality of shared media files.

Why pick Delta Chat over the competition?

There are all kinds of encrypted, secure chat apps out there, including WhatsApp and Signal—so what are the compelling reasons to pick Delta Chat instead? The fact that you don't have to offer any personal data is a big one: You don't need a phone number or an email address, and no one is going to find you (or spam you) unless you specifically decide to add them.

Then there's the decentralized aspect of it. Delta Chat's storage servers and nodes are spread out in several different locations, so one power outage or technical failure doesn't bring down the entire system. You can even host your Delta Chat data yourself, if you want.

Due to the email infrastructure underpinning Delta Chat, it's also harder to block and censor than something like Signal, and easier to get your messages exported out.

If you decide to give this app a go, there is the standard problem of trying to convince family and friends to install it too, on top of whatever they're already using—but you don't necessarily have to persuade your entire contacts list to join Delta Chat: It could work well as a private app for you and a handful of people closest to you.


from Lifehacker https://ift.tt/RptZGu3

Owners of the Flipper Zero, the pocket-sized wireless testing tool, spent recent weeks worried that its official firmware had gone quiet. Pavel Zhovner, CEO of Flipper Devices, moved to settle that concern with word that the company has set aside staff to keep the firmware maintained and to support outside contributions. The work will run under a fresh set of rules covering feature requests, code submissions, and testing.

Flipper Zero firmware development

How the quiet period began

The firmware reached a settled state in 2024. That release, stable firmware 1.0, arrived after the launch of the Apps Catalog and gave app developers a stabilized API and SDK. Developers could build against it without rebuilding their apps every month to keep up with API changes. Once the core was steady, Flipper Devices narrowed its firmware work to infrastructure upkeep and critical bug fixes, and turned its attention to new hardware.

A design limit drove much of that architecture. The device carries only 700 KB of flash memory for firmware, and the team hit that ceiling early. Their answer was dynamic app loading from the microSD card, which moved device functions, including core features, out of the firmware and into separate apps. That approach became the base of the 1.0 release.

What changed the plan

Community reaction pushed the company to revisit its stance.

“It’s genuinely moving that this project and everything we’ve built together matters to you. That’s why we’re ready to revisit some of our past decisions. We decided to allocate resources to continue supporting community contributions, but with a new approach,” Zhovner wrote.

Async contact through GitHub

Communication with the development team now runs through GitHub Discussions. Users can post concrete feature requests, formatted to a set template, and vote on the ones they want built. The team has committed to reviewing the requests that gather the most votes on a weekly cycle. Abstract questions, general talk, and help requests move to Discord, Reddit, and social media.

The company disabled direct messages on its social accounts some time ago, once the user base crossed one million. The number of incoming requests had made real-time contact unworkable, and niche asks blended into broad demand with no way to sort one from another. Voting gives the team a signal about what a wider group of users wants prioritized.

Tighter code review

Pull request review gets stricter under an updated contribution guide. Extra scrutiny goes to AI-generated code that touches low-level libraries and proves hard to verify, and to changes that alter the device interface and call for documentation edits. The QA team’s integration test cases are now public, and every firmware change will need to pass them. Flipper Devices plans to bring community members into part of the regression testing.
Submissions to the Apps Catalog continue under the existing process.

Must read:


from Help Net Security https://ift.tt/dWOBSbK

Payment fraud is becoming more organized as criminal groups use fake websites, large-scale operations, and, in some cases, forced labor to steal money and personal information. Advances in agentic AI could automate many stages of payment fraud, from collecting and assembling stolen credentials to deploying password-cracking tools.

key payment fraud trends

What kind of payment fraud concerns you most? (Source: Capco)

CAPCO’s “US Payment Fraud Survey” found that consumers increasingly value fraud protection when choosing payment providers. Security was one of the most important factors for 63% of respondents, and 50% selected advanced fraud protection. Both ranked ahead of customer service, transaction speed, brand reputation, and rewards.

“Payment fraud in the US is becoming more organized, automated and sophisticated, with scammers increasing their use of modern technologies and AI-enabled tools. Our US Payment Fraud survey highlights the value consumers put on security and advanced fraud protection, as well as their concerns about key defenses including some forms of biometric authentication,” said Matthew Cohn, Partner & US Head of Banking & Payments at Capco.

Account takeover fraud

Account takeover remains one of the most common payment fraud threats. Attackers use stolen credentials to gain access to bank accounts, transfer funds, open credit accounts, or create mule accounts. They obtain credentials through phishing campaigns, data breaches, dark web marketplaces, and information people share online.

35% of respondents ranked account takeover as one of their top payment fraud concerns, and 25% of those who experienced an attempted payment fraud said someone tried to take over their account.

Defenses such as passwords, security questions, and some forms of MFA are becoming less effective as criminals use AI to improve phishing campaigns and automate credential theft.

Deepfake technology is increasing the risk for voice and facial biometric authentication. Eighty-nine percent of respondents said they were concerned that personal information available online could help attackers impersonate them or answer security questions.

Why APP fraud keeps growing

Authorized push payment (APP) fraud has become one of the fastest-growing payment fraud threats because victims authorize the transaction after scammers manipulate them. Attackers impersonate bank employees, government agencies, company representatives, or family members to convince victims that their money is at risk or that an urgent payment is required.

Scams begin with a text message, email, or phone call before escalating into conversations designed to build trust and create a sense of urgency.

AI-generated audio, video, and other content are making these impersonation scams more convincing and easier to scale. Criminals are exploring ways to make fraudulent transactions appear legitimate by creating the impression that customers authorized the payment.

Card fraud moves to digital channels

Payment card fraud increasingly relies on stolen card numbers and personal information. Criminals obtain payment data through phishing campaigns, fake websites, skimming attacks, compromised payment terminals, and dark web marketplaces. They then use the stolen credentials to make online purchases or add cards to digital wallets.

More than 90% of credit card fraud involves cards that remain in the owner’s possession. The continued growth of ecommerce and online payment data storage has expanded opportunities for card fraud.

Card and card data theft was the payment fraud concern cited most often by survey respondents, with 46% selecting it. One-third of respondents who experienced an attempted payment fraud said it involved card or card data theft.

Website skimming and automated card credential testing are becoming more common. North America accounted for 51% of global website skimming detections.

“Fraudsters are selling data, services and tools to each other as they build an AI-enabled criminal industry on a global scale. To strengthen defenses and preserve consumer trust, banks and other payment institutions must adopt a coordinated stance across each enterprise, the wider financial sector and other relevant industries,” said Gregg Henzel, Managing Principal, US Financial Crime, Risk, Regulation and Finance at Capco.

Criminals create synthetic identities at scale

Identity fraud allows criminals to open bank accounts, apply for loans, and obtain credit using stolen personal information. Synthetic identity fraud goes a step further by combining real and fabricated information to create new identities.

The share of newly opened bank credit card accounts linked to synthetic identities more than doubled between mid-2021 and mid-2024. Auto lenders carried an estimated $2 billion in synthetic identity debt by mid-2024. Criminal groups are using AI to combine stolen credentials, create convincing documents, and bypass liveness checks during identity verification.

Insider fraud expands the attack surface

Insider fraud remains a significant payment fraud risk because employees and contractors can abuse their access to systems and customer data or help external attackers bypass security controls. Insiders may steal money or credentials, share sensitive information with criminal groups, override fraud controls, or expose organizations through negligence.

Third-party providers can expand the attack surface, making third-party risk management an important part of insider fraud prevention.


from Help Net Security https://ift.tt/zD9WbvO

Open source antivirus scanning sits inside mail gateways, file upload checks, and endpoint tooling at organizations of every size. Much of that work runs through ClamAV, the scanning engine maintained by Cisco’s Talos group. The project released two patch versions, 1.5.3 and 1.4.5, carrying fixes for seven security flaws along with smaller hardening changes.

ClamAV security patch

Packer and PE parsing flaws

Most of the patched bugs sit in the code that unpacks and parses executable formats, the part of a scanner built to handle hostile input. CVE-2026-20213 is an integer overflow in the PE rebuild size calculation that a malformed Aspack-packed file can trigger, leading to a heap buffer overflow write. The related CVE-2026-20214 covers an FSG unpacker loop underflow that can write past the section array during a scan of a crafted PE file. Both reach far back through the codebase, with the FSG issue present in builds dating to 2004.

CVE-2026-20217 rounds out the PE group. A bug in the PESpin unpacker cleanup path could free pointers into the scanned file buffer and crash the scanner. That flaw has lived in the code since 2005.

Archive and image format bugs

Three more fixes address archive and disk-image handling. CVE-2026-20215 is a 7z parser substream count overflow that can under-allocate parser metadata arrays and then write past them when reading a crafted archive. CVE-2026-20243 covers ALZ parser size handling errors that can make malformed ALZ archives panic, abort the scanner, or skip expected scan-limit handling. CVE-2026-20216 is an InstallShield archive extraction limit bypass that can write far more temporary data than intended and drain temporary storage.

The last parsing flaw, CVE-2026-20244, sits in the 32-bit DMG parser. A short mish stripe table could pass validation and crash the scanner. This one affects only 32-bit builds, going back to version 0.98.1, and leaves 64-bit builds untouched.

Quarantine race condition

The releases also harden the quarantine actions in clamscan, clamdscan, and clamonacc against time-of-check/time-of-use races. Under unsafe quarantine directory settings, those races could redirect files as the scanner copied, moved, or removed them. Hiroki Imai of Ricerca Security, Inc. reported the issue.

Version 1.5.3 adds a few items beyond 1.4.5. It upgrades the Rust tar dependency to resolve two RUSTSEC advisories and moves the Rust openssl dependency past CVE-2026-41676. Metadata preclass scans now run before the final scan verdict. A ClamOnAcc fix addresses hash bucket list corruption when two watched paths land in the same bucket. Both releases raise the minimum CMake version to 3.17 to repair Linux builds that link static dependencies against libcurl v8.21.0.

The release files are available on the GitHub release page, and through Docker Hub in Alpine and Debian containers.

Must read:

Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here!


from Help Net Security https://ift.tt/KkVT6g0