Apple is planning to modify its Hide My Email service by transitioning generated addresses to a new dedicated subdomain. Currently, these anonymous addresses use the standard @icloud.com domain, making them indistinguishable from primary user accounts. In the coming weeks, the service will shift to using @private.icloud.com for all newly created aliases.

Source

The FBI, in collaboration with Google and Black Lotus Labs, has successfully disrupted a massive Chinese phishing-as-a-service operation known as Outsider Enterprise. This cybercrime network utilized artificial intelligence to generate and distribute sophisticated phishing kits that impersonated trusted global brands. Authorities seized administration servers, a Telegram bot containing customer data, and thousands of fraudulent domains now redirecting to an official law enforcement splash page.

Source

Researchers have identified critical security flaws in OpenClaw, a self-hosted AI agent, that allow attackers to execute arbitrary code or steal sensitive data. One vulnerability involves "agentjacking," where malicious instructions are hidden within shared contacts, vCards, or location pins that the agent processes without user intervention. Because these message objects lack proper boundary markers, the underlying large language model cannot distinguish between legitimate metadata and injected commands.

Source