Lockdown Mode is “not necessary” for most people and “tightly constrains how ChatGPT can interact with external systems to reduce the risk of prompt injection–based data exfiltration,”according to OpenAI.

[OpenAI]

Yes, Wyze hashad its own issues, butthis video is pretty funny.

Researchers raised alarms when over 400 malicious skills were uploaded to ClawHub and GitHub in just one week. That prompted an outcry, so OpenClawpartnered with VirusTotal to scan third-party skills. The company acknowledges it’s not a “silver bullet,” but it should provide at least some reassurance to concerned users.

404 Media reports that security researcherJamieson O’Reilly found a vulnerability that allows humans to controlOpenClaw’s AI agents on Moltbook — the network that recently went viral for hosting “discussions” between supposed AI bots.

Wizdug into the misconfiguration as well, uncovering 1.5 million exposed API keys and 35,000 email addresses. Moltbook has since secured the database.

[404 Media]

Two days after Nick Bensonasked for donated dashcams in order to document the behavior of federal immigration agents flooding his city,Renee Nicole Good wasshot and killed byfederal agentJonathan Ross.

”It was immediately clear that ICE was lying about it,” Benson told404 Media. Donations have jumped since then, and Benson distributes the cameras to local community organizers and whoever wants them.

[404 Media]

The company says an “unauthorized individual gained access to certain Betterment systems through social engineering” to send the messageon Friday. Betterment believes the individual accessed information like “certain names, email addresses, physical addresses, phone numbers, and birthdates,” though so far, its investigation has shown that no passwords were compromised.

[Betterment]

Seemsa lot of people gotpassword reset requests from Instagram over the last few days, including several Verge staffers and members of their family. The email might look legit. It might even have that littleblue checkmark in Gmail. But, it probablycame from a scammer. Honestly, it’s best practice to never click links in emails anyway.

In June,Aflac disclosed a data breach involving a “sophisticated cybercrime group” that stole names, social security numbers, contact information, health data, and more from its systems. The insurance provider hasnow revealed just how many people are affected, adding that it is currently “not aware of any fraudulent use of personal information.”

[SecurityWeek]

On Thursday, Trust Wallet announceda “security incident” affecting version 2.68 of its Chrome extension. Binance founderChangpeng Zhao confirmed that Trust Wallet “will cover” the losses and that the team is investigating the hack.

[CoinDesk]

The feature wasfirst piloted in the UK earlier this year, and works by automatically warning users when they launch eligible financial apps while screen sharing during calls with numbers that aren’t in the device’s contact list. The warning forces a 30-second pause period that aims to “break the spell of the scammers’ social engineering,” according to Google.

An exposed dataset from the license plate surveillance company Flock, which is known to work with theUS Border Patrol andICE via local police, showed that some of theAI annotators paid to classify American license plates are located in the Philippines.

After404 Media contacted Flock for comment, the dataset disappeared.

The infrastructure buildout will add nearly 1.3 gigawatts of capacity for AI and cost up to $50 billion,the company said. US government customers will have access to both AWS Trainium AI chips and NVIDIA chips, and Amazon said it plans to start building the data centers in 2026.

On November 12,hackers stoleaccount records and legal agreements from a company you’ve probably never heard of: SitusAMC. It handles commercial real estate and residential loans for the likes of JPMorgan Chase and Citi, who were among Situs’ Wall Street clients notified about the breach, theNew York Times reported.

[The New York Times]