Feed aggregator

Article URL: https://whisperanywhere.app

Comments URL: https://news.ycombinator.com/item?id=47246673

Points: 1

# Comments: 0

The startup aims to provide organizations with visibility into how AI operates across their environment.

The post AI Security Firm JetStream Launches With $34 Million in Seed Funding appeared first on SecurityWeek.

Google has patched 129 vulnerabilities in Android in its March 2026 Android Security Bulletin, including a Qualcomm display flaw that is known to be actively exploited.

You can check your device’s Android version, security update level, and Google Play system update in Settings. You should get a notification when updates are available, but you can also check for them yourself.

On most phones, go to Settings > About phone (or About device), then tap Software updates to see if anything new is available. The exact steps may vary slightly depending on the brand and Android version you’re on.

If your Android phone shows a patch level of 2026-03-05 or later, these issues are fixed.

Keeping your device up to date protects you from known vulnerabilities and helps you stay safe. We know that because of patch gaps and end-of-support cycles, some users may not receive these updates. That’s why additional protection for your Android device is important.

Technical details

The Android zero-day, tracked as CVE-2026-21385, is a high‑severity bug in a Qualcomm graphics/display component that attackers are already exploiting in limited, targeted attacks.

The vulnerability lives in an open‑source Qualcomm graphics/display component used by a large number of Android chipsets, with Qualcomm listing that well over 230 different chipset models are affected. Based on recently published Android and chipset market‑share percentages, it is reasonable to assume the issue affects hundreds of millions of devices worldwide, even if the exact number is hard to pin down.

On most Android phones, you can view the processor model in Settings > About phone (or About device) > Detailed info and specs, and look for entries such as “Processor,” “Chipset,” or “SoC.” Names like “Snapdragon 8 Gen 2,” “Snapdragon 778G,” or “Qualcomm SM8xxx/SM7xxx,” indicate a Qualcomm chipset and that the device may be in the affected family.

Google says there are signs that CVE‑2026‑21385 is already being used in “limited, targeted exploitation,” which usually means a small number of high‑value targets rather than broad, drive‑by attacks on the general public. Current descriptions point to a memory corruption scenario in the graphics component. The official description says:

“Memory corruption while using alignments for memory allocation.”

This means that if an attacker can get a malicious app or local code onto the device, they can feed specially crafted data into the graphics component’s driver and corrupt memory in a controlled way. In practice, a bug like this is a good candidate for turning a normal app’s limited access into something much more powerful, like using it as a building block in a chain of exploits to escalate privileges or to escape a sandbox.

As you can see, the attacker needs some kind of local foothold first, such as getting you to install a malicious app, exploiting another vulnerability, or abusing a compromised app already on the device. 

How to stay safe

From the available information, attackers would need to trick a user into installing a malicious app that could then compromise the device. That’s why it’s a good idea to follow these safety precautions:

• Only install apps from official app stores whenever possible and avoid installing apps promoted in links in SMS, email, or messaging apps.
• Before installing finance‑related or retailer apps, verify the developer’s name, number of downloads, and user reviews rather than trusting a single promotional link.
• Protect your devices. Use an up-to-date, real-time anti-malware solution like Malwarebytes for Android.
• Scrutinize permissions. Does an app really need the permissions it’s requesting to do the job you want it to do? Especially if it asks for accessibility, SMS, or camera access.
• Keep Android, Google Play services, and all other important apps up to date so you get the latest security fixes.

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

When I searched to see if you can make popcorn in an air fryer, I couldn’t find a clear answer, so I reached out to a manufacturer and pro chefs.

We're telling you where to watch it all, plus F1 extras on Apple Music, Apple Sports and other Apple apps.

The attackers are sending out fake alerts claiming unauthorized access or master password changes.

The post LastPass Warns of New Phishing Campaign appeared first on SecurityWeek.

Commentary: I love the idea behind the dedicated Camera Control button on recent iPhones, but it keeps getting in the way.

A pair of US lawmakers are calling for an investigation into how easily spies can steal information based on devices’ electromagnetic and acoustic leaks—a spying trick the NSA once codenamed TEMPEST.

Join the webinar as we explore a blueprint for an OT SOC leveraging an integrated OT Security Platform to safeguard operations and maintain business continuity.

The post Webinar Today: Designing an OT SOC for Safety, Reliability, and Business Continuity appeared first on SecurityWeek.

Public servant of over 40 years, who has been waiting four months for pension payments to begin, says government has lost control

Last week I started using Claude Code. My colleague, who has been prompting AI models for months, looked at what I was sending and said he had no idea what I was asking for.

If an experienced user couldn't parse it, the model definitely wasn't getting the best version of it either.

So I built flompt. The idea is simple: instead of writing a prompt as a wall of text, you decompose it into typed visual blocks (role, context, objective, constraints, examples, output format), arrange them, and compile to a structured format optimized for the model you're targeting. Claude gets XML, ChatGPT and Gemini get Markdown, each formatted the way the model actually processes it best.

It also ships as a Claude Code MCP so you can build and inject structured prompts directly from your editor, and as a Chrome extension that puts it as a sidebar inside ChatGPT, Claude and Gemini.

A few things I cared about: - Assembly is 100% local, nothing leaves your browser during compile - No account required - You can paste a rough idea and let the AI decompose it into blocks automatically

Try it: https://flompt.dev/app Chrome extension: https://chromewebstore.google.com/detail/mbobfapnkflkbcflmed...

https://flompt.dev

Comments URL: https://news.ycombinator.com/item?id=47246218

Points: 1

# Comments: 0

Article URL: https://github.com/agentactionprotocol/aap

Comments URL: https://news.ycombinator.com/item?id=47246213

Points: 1

# Comments: 0

Article URL: https://www.youtube.com/watch?v=fI0qy0lnAWQ

Comments URL: https://news.ycombinator.com/item?id=47246208

Points: 1

# Comments: 0

Article URL: https://chorebound.com

Comments URL: https://news.ycombinator.com/item?id=47246202

Points: 1

# Comments: 0

The SunBooster mounts onto a laptop or monitor to hopefully give you a dose of energy when you can't see the sun.

Article URL: https://github.com/ashinvinod/chernoffOT

Comments URL: https://news.ycombinator.com/item?id=47246190

Points: 1

# Comments: 1

Starting September 2026, new Chrome iterations will be released twice as fast, part of a two-week cycle.

The post Google Plans Two-Week Release Schedule for Chrome appeared first on SecurityWeek.

Article URL: https://en.wikipedia.org/wiki/Mitra_15

Comments URL: https://news.ycombinator.com/item?id=47246164

Points: 1

# Comments: 0

Article URL: https://www.youtube.com/watch?v=uysbzFmZto4

Comments URL: https://news.ycombinator.com/item?id=47246132

Points: 1

# Comments: 0

Article URL: https://terriblesoftware.org/2026/03/03/nobody-gets-promoted-for-simplicity/

Comments URL: https://news.ycombinator.com/item?id=47246110

Points: 3

# Comments: 1