Jury Rules Against Meta In Child Exploitation Case

A jury has found Meta Platforms liable in a major child safety case, ruling that the company failed to adequately protect young users on its platforms and misled the public about associated risks.

The verdict, delivered in New Mexico, orders Meta to pay US$ 375 million in damages.

The case stems from a lawsuit filed by New Mexico Attorney General’s Office, which accused Meta of creating conditions that allowed child predators to operate on platforms like Facebook and Instagram.

Jurors concluded that the company engaged in unfair and deceptive trade practices and acted in ways deemed unconscionable under state law.

The trial included evidence from an undercover investigation in which officials created fake accounts posing as minors.

These accounts reportedly received sexually explicit content and solicitations, leading to arrests in some cases. Prosecutors argued that Meta failed to implement adequate safeguards to prevent such interactions.

Meta denied the allegations and said it plans to appeal the ruling.

"We respectfully disagree with the verdict and will appeal," CNN quoted a company spokesperson as saying.

The decision adds to growing legal pressure on social media companies over how their platforms are designed and how effectively they protect vulnerable users.

During the trial, prosecutors argued that Meta’s systems, particularly its recommendation algorithms, could inadvertently connect predators with minors.

Meta, however, maintained that it has invested heavily in safety measures. A spokesperson told CNN, "We work hard to keep people safe on our platforms and are clear about the challenges of identifying and removing bad actors or harmful content."

The case also raised concerns about encrypted messaging features, which prosecutors argued could make it harder for law enforcement to detect harmful activity. Meta has indicated it may roll back certain encryption features on Instagram.

Testimony from former employees suggested that internal concerns about safety were not fully addressed.

New Mexico Attorney General Raúl Torrez said in a statement to CNBC, "The jury’s verdict is a historic victory for every child and family who has paid the price for Meta’s choice to put profits over kids’ safety."

The New Mexico case is part of a broader wave of litigation targeting major tech platforms.

Similar lawsuits across the United States are examining whether social media companies have knowingly designed addictive or harmful features, particularly for younger users.

Legal experts say these cases could reshape how platforms are regulated, especially if courts begin holding companies accountable not just for content, but for design decisions that influence user behavior.

Read More

Fake Google Page Can Be A Spyware

There is a new phishing scam is tricking people into installing malware by pretending to be a Google security check. The page looks convincing and tells users that their Google account needs additional protection. It walks them through a simple setup process that appears to strengthen their security and protect their devices.

If users follow those steps, they may end up installing what looks like a harmless security tool. In reality, security researchers say the page installs a malicious web app that can spy on their device. It can steal login verification codes, watch what users copy and paste, track their location and quietly send internet traffic through their browser.

The most troubling part is that nothing is technically hacked. Instead of exploiting a software flaw, attackers simply trick users into granting the permissions they need. Once that happens, their own browser can start working for them without anybody realizing it.

Security researchers at Malwarebytes, a cybersecurity company, recently discovered a phishing website that pretends to be part of Google's account protection system. The site uses the domain google-prism[.]com and presents what looks like a legitimate security page asking users to complete a short verification process.

Visitors are told they should complete a four-step setup to improve their account protection. The page explains that these steps will help secure Google account and protect devices from threats. During the process, the site asks users to approve several permissions and install what it claims is a security tool.

The tool it installs is actually a Progressive Web App. This type of application runs through the browser but behaves like a regular app on any computer. It opens in its own window, can send notifications and can run tasks in the background.

Once installed, the malicious web app can collect contacts, read information users copy to their clipboard, track GPS location data and attempt to capture one-time login codes sent to their phone. These codes are commonly used when they sign in to accounts that use two-factor authentication.

The fake security page may also offer an Android companion app described as a "critical security update." Researchers found that this app requests 33 permissions, including access to text messages, call logs, contacts, microphone recordings and accessibility features.

Those permissions give attackers the ability to read messages, capture keystrokes, monitor notifications and maintain control over parts of the device. Even if the Android app is never installed, the web app alone can still collect sensitive information and quietly run activity through the browser.

The scam works because it looks like something anybody would normally trust. Many people expect security alerts from the services they use, especially when it comes to protecting email or cloud accounts. Attackers take advantage of that trust by presenting the fake page as a helpful security feature.

When users approve the permissions and install the web app, they are essentially giving the attackers access to certain parts of their device. One of the main things they try to capture is one-time passwords. These are the short codes users receive when logging in to accounts that require two-factor authentication.

If attackers manage to capture those codes while also knowing the password, they may be able to break into their accounts. That could include email, financial services or cryptocurrency wallets, depending on which accounts they use. The malware also watches what users copy and paste. Many people copy cryptocurrency wallet addresses before sending digital currency, and those addresses can be valuable to criminals. The malicious app can collect that information and send it back to the attackers.

Another feature allows attackers to route internet requests through the browser. This means they can run online activity through the device so it appears to come from ythe users home network. The app can also send notifications that look like security alerts or system warnings. When users click those notifications, the app opens again and gains another opportunity to capture information such as login codes or clipboard data.

Read More

KadNap Malware Hijacked 14k Devices

Recently, there is a new type of malware going around, and it has so far infected over 14,000 devices, according to new reports from the Black Lotus Labs team at Lumen.

The malware, which is being called KadNap, primarily appears to target Asus-branded routers, though other edge devices have also been affected. And so far, the team estimates that at least 60 percent of the victims of the attacks driven by KadNap have been located within the United States — with a smaller percentage being detected in Russia, the United Kingdom, Brazil, France, and a few other countries throughout the world.

What is especially troubling about KadNap is the fact that once a device is infected, it essentially allows the threat actors to market the devices as part of a proxy service called Doppelgänger.

Once part of the service, it can then be utilized in completely anonymous DDoS attacks, which allow bad actors to hide behind thousands of devices that don't belong to them. Hiding malware within everyday apps has become a well-known way to distribute infected files.

The security researchers who discovered the malware say that this service is essentially a rebrand of a previous proxy service called Faceless, which has previously been associated with another type of malware known as TheMoon, which has been going around since 2014.

Based on information pulled from the website for the service, the researchers note that Doppelgänger has been launched since May or June of 2025. Malware like this is one reason the FBI has warned Americans to replace certain routers.

As our world continues to move toward acceptance of more connected devices, the threat of malware like KadNap is only growing. That's because, as we rely more on the Internet of Things (IoT), threat actors are finding new ways to exploit those devices.

Additionally, Lumen says that edge devices like the routers targeted by KadNap are also susceptible to other malware, which makes it difficult to tell exactly which malware is driving the car, so to speak. And, as the malware creators become smarter and more advanced, they're finding ways to even hide their network traffic within the legitimate peer-to-peer traffic.

The only reason Black Lotus Labs was able to discover the KadNap malware is that it detected over 10,000 Asus devices that were all corresponding with a very particular server set. From here, their investigation uncovered that a file had been used to download a malicious shell script from those servers. This file, the researchers note, is what "sets the stage" for KadNap to incorporate the victim into the P2P network." Further, because it utilizes a proxy the way it does, the researchers believe the intention behind the threat is very clear. They want to avoid any type of detection and make it as difficult as possible for people to defend against the threat.

Thankfully, as of the posting of its report, Lumen notes that it has proactively begun blocking network traffic from Doppelgänger, with plans to share the compromising indicators in public feeds so that others can help disrupt the threat that KadNap poses. Google recently started taking down another huge proxy system like this, so it's promising to see another under fire, too.

Read More

Social Media Contributes To Sadness

Heavy social media use contributes to a stark decline in well-being among young people, with the effects particularly worrying in teenage girls in English-speaking countries and Western Europe, according to the World Happiness Report 2026 published last 19 March.

The annual report, published by the Wellbeing Research Centre at the University of Oxford, also found that Finland is the happiest land in the world for the ninth year in a row, with other Nordic countries such as Iceland, Denmark, Sweden and Norway ranking among the top 10 countries.

It highlighted how life evaluations among under 25-year-olds in the United States, Canada, Australia and New Zealand have dropped significantly over the past decade, and suggested that long hours spent scrolling through social media is a key factor in that trend.

A new entry to the top five on the list is Costa Rica, which climbed to fourth place this year after rising through the ranks from 23rd place in 2023.

The report attributes that to well-being boosts from family bonds and other social connections.

"We think it’s because of the quality of their social lives and the stability that they currently enjoy," said Jan-Emmanuel De Neve, an Oxford economics professor who directs the Wellbeing Research Centre and co-edits the World Happiness Report.

"Latin America more generally has strong family ties, strong social ties, a great level of social capital, as a sociologist would call it, more so than in other places," he added.

The report said Finland and the other Northern European countries’ steady ranking on top is related to a combination of wealth, its equal distribution, having a welfare state that protects people from the risks of recessions, and a healthy life expectancy.

As in previous years, nations in or near zones of major conflict remain at the foot of the rankings. Afghanistan is ranked as the unhappiest country again, followed by Sierra Leone and Malawi in Africa.

Country rankings were based on answers given by around 100,000 people in 140 countries and territories who were asked to rate their own lives. The study was done in partnership with the analytics firm Gallup and the U.N. Sustainable Development Solutions Network.

Read More

Google's "Call Home" Is No Longer Available

BGR reported that several Google Home users noticed that a useful feature had suddenly vanished from the interface of the Google Home app. First introduced in 2019, Google's "Call Home" feature added support to directly call Google Home devices like the Nest Hub Max, allowing users to reach out to their home devices easily right from the app.

However, Google Home users over on Reddit noticed a couple of months ago that the feature seemed to have vanished from the app following recent updates. Even more reports started cropping up recently, too, with 9to5Google further corroborating the feature removal by digging through the app.

While the feature wasn't especially well known, it was useful. Some parents have even noted that it was the primary way they contacted their children at home, as it didn't require another device to be present in the home beyond their Google Home devices. Some even used it as a way to broadcast messages to their family throughout the house, making it easy to keep up with everyone.

This change comes right on the heels of Google's Gemini push in Google Home as it works to turn the AI assistant into a true Google Assistant replacement. For anyone that followed Assistant's downfall, you've likely become used to Google removing features as time goes on, with those features likely expected to return with the arrival of Gemini sometime in the future. Well, the AI-powered changes have already started rolling out to users, but we're still seeing useful features removed.

What's more frustrating for users about this recent change, though, is that Google continues to remove useful features without any warning.

One user on Reddit noted that they had were trying to be patient because of how much they'd invested in their smart home setup using Google. However, they did note that the "last straw" for them was when Google continued to remove features they used for no apparent reason, even pointing toward specific features like the ability to trigger automations using NFC tags.

Of course, whether or not the feature could make a comeback at any point is unclear. For now, it seems Google has removed it entirely, with the latest update officially pulling it out of the app for even more users. It might not have been the most popular feature, but those who did use it are definitely going to miss it.

Read More