PCWorld reports that Google's Threat Intelligence Group documented state-sponsored hackers from Russia, China, North Korea, and Iran exploiting Gemini AI for cyberattacks. These malicious actors leverage Gemini's capabilities for surveillance, target identification, vulnerability discovery, and debugging exploit code, including developing WinRAR exploits. Google restricts access for identified bad actors, but the report highlights AI's dual-use nature and emerging cybersecurity challenges. "AI" systems aren't just great for raising the price of your electronics, giving you wrong search results, and filling up your social media feed with slop.

AI is already making online swindles easier. It could get much worse. Some cybersecurity researchers say it's too early to worry about AI-orchestrated cyberattacks. Others say it could already be happening. Anton Cherepanov is always on the lookout for something interesting. And in late August last year, he spotted just that.

You'll get the best VPN experience by paying, but prices don't have to be steep. When talking about the best VPNs, I frequently warn about the dangers of trusting free VPNs without verifying them. Although there are a few free VPNs worth recommending, many other free providers are ineffective, malicious or looking to profit off their users (or sometimes all three). Even the best free VPNs work a lot better once you subscribe and access their full service. This can be frustrating if you want to enjoy the benefits of a VPN but don't have the budget for yet another subscription.

The first step is always to figure out how easy or hard the VPN is to use. Windscribe and other VPNs are important tools, but you'll never use them if the UI gets in the way. I tested Windscribe's desktop apps on Windows and Mac, its mobile apps on iOS and Android and its Chrome and Firefox browser extensions. To start with, let me say that installing Windscribe is a breeze no matter where you do it. The downloaders and installers handle their own business, only requiring you to grant a few permissions. The apps arrive on your system ready to use out of the box.

This "dream wish list for criminals" includes millions of Gmail, Facebook, banking logins, and more. The researcher who discovered it suspects they were collected using infostealing malware. A database containing 149 million account usernames and passwords--including 48 million for Gmail, 17 million for Facebook, and 420,000 for the cryptocurrency platform Binance --has been removed after a researcher reported the exposure to the hosting provider. The longtime security analyst who discovered the database, Jeremiah Fowler, could not find indications of who owned or operated it, so he worked to notify the host, which took down the trove because it violated a terms of service agreement. In addition to email and social media logins for a number of platforms, Fowler also observed credentials for government systems from multiple countries as well as consumer banking and credit card logins and media streaming platforms.

Advances in artificial intelligence are creating a perfect storm for those seeking to spread disinformation at unprecedented speed and scale. And it's virtually impossible to detect. In 2016, hundreds of Russians filed into a modern office building on 55 Savushkina Street in St. Petersburg every day; they were part of the now-infamous troll farm known as the Internet Research Agency . Day and night, seven days a week, these employees would manually comment on news articles, post on Facebook and Twitter, and generally seek to rile up Americans about the then-upcoming presidential election. When the scheme was finally uncovered, there was widespread media coverage and Senate hearings, and social media platforms made changes in the way they verified users.

Apple's Siri AI will be powered by Gemini Google said it provided its hardware partners with recommended fixes in September. Google told Engadget its affected Pixel Buds are already patched. Now would be a good time to update all your Bluetooth audio devices. On Thursday, reported on a security flaw in 17 headphone and speaker models that could allow hackers to access your devices, including their microphones. The vulnerability stems from a faulty implementation of Google's one-tap (Fast Pair) protocol .

Apple's Siri AI will be powered by Gemini The government still plans to fully transition to digital right-to-work checks by 2029. Protesters take part in a'No to Digital ID' demonstration. The UK government has backtracked on a plan to require all workers to have a digital ID following a backlash. It will no longer be mandatory to register with the digital ID program to prove one has the right to work in the country, as the reports. The government announced the now-scrapped digital ID requirement in September.

An Instagram data breach reportedly exposed the personal info of 17.5 million users As spotted by Malwarebytes, the alleged leak includes usernames, email addresses, phone numbers and more. If you received a bunch of password reset requests from Instagram recently, you're not alone. As reported by Malwarebytes, an antivirus software company, there was a data breach revealing the sensitive information of 17.5 million Instagram users. Malwarebytes added that the leak included Instagram usernames, physical addresses, phone numbers, email addresses and more. The company added that the data is available for sale on the dark web and can be abused by cybercriminals.

We propose the Uncertainty Contrastive Framework (UCF), a Positive-Unlabeled (PU) representation learning framework that integrates uncertainty-aware contrastive loss, adaptive temperature scaling, and a self-attention-guided LSTM encoder to improve classification under noisy and imbalanced conditions. UCF dynamically adjusts contrastive weighting based on sample confidence, stabilizes training using positive anchors, and adapts temperature parameters to batch-level variability. Applied to malicious content classification, UCF-generated embeddings enable multiple traditional classifiers to achieve more than 93.38% accuracy, precision above 0.93, and near-perfect recall, with minimal false negatives and competitive ROC-AUC scores. Visual analyses confirm clear separation between positive and unlabeled instances, highlighting the framework's ability to produce calibrated, discriminative embeddings. These results position UCF as a robust and scalable solution for PU learning in high-stakes domains such as cybersecurity and biomedical text mining.