To finance the acquisition of AOL as well as future M&A, Bending Spoons also announced the successful completion of a $2.8 billion debt financing package. Read...

Global internet outages are being reported after Microsoft web services crash. Read...

Several police staff are under investigation following an audit of staff internet usage, sparked by the resignation of former Deputy Police Commissioner Jevon McSkimming. Read...

I talk a lot about passkeys these days, and for good reason—bad actors have only upped their pace and intensity of attacks. If they’re not hacking websites to filch data, they’re grabbing passwords and other such info directly from individuals via infostealing malware. Case in point, Have I Been Pwned recently updated its database of breached accounts, which included Gmail passwords—with infostealer logs and credential stuffing lists as the sources. Passkeys sidestep the biggest weaknesses of passwords. For starters, attackers can’t steal them the way they can a password. They can’t guess or remotely use them, either. A passkey is resistant to phishing, too, and can’t be used on a phony site. And, best of all, you have nothing to memorize! Their only drawback is that, like physical keys, it’s a good idea to create extras per service in case you lose your first passkey. But that’s about to get a lot easier, thanks to a new partnership between Yubico and Best Buy. Yubico makes security hardware keys—small dongles that connect to a PC or phone via USB or NFC. These YubiKeys can fit on a keyring for portability or be easily hidden away in a home. Modern security hardware keys can store passkeys as well as serve as a method for two-factor authentication (useful for sites that still only authenticate via password).  Saving a passkey to a YubiKey is as easy as connecting it to your device and then pressing on the key. No extra accounts or bulkier devices to mess with. And you can secure them with a PIN code, so that if they fall into unwanted hands, so that your secrets can’t immediately be used to log into your accounts. The Best Buy single and two-pack versions of the YubiKey 5C NFC security hardware key. Alaina Yee / Foundry Previously, you could only buy YubiKeys online. (I preferred going through Yubico’s direct store, just to ensure authenticity.) Being able to grab either just one key or a pack of two from a local store is much faster—and much easier for people who might not otherwise be able to easily look into this high-security passkey storage option. Most of Yubico’s lineup is available at Best Buy, with initial rollout to about 350 locations. The flagship YubiKey 5 NFC and 5C NFC are part of the mix: YubiKey 5 NFC ($50) YubiKey 5C NFC ($55) YubiKey 5 NFC, 2-pack ($90) YubiKey 5C NFC, 2-pack ($100) YubiKey 5Ci ($75) YubiKey 5C Nano ($65) YubiKey Security NFC ($25) YubiKey Security C NFC ($29) For the greatest compatibility with passkey and two-factor authentication, the YubiKey 5 variants will give you the most flexibility. But if you only want to save passkeys, then the more affordable Security series keys will still work great. For all the paranoid nerds out there who may have concerns about physical tampering of these products—when I asked this question of Yubico, a representative told me that all YubiKey packaging is evaluated for tampering risks. This applies no matter where they’re sold—from Yubico directly, third-party sites like Amazon, Staples, and Walmart, or now physically in-store at Best Buy. The Best Buy packaging includes a perforated tab that shows visible signs of wear. You can also always test your YubiKeys to ensure they’re genuine via this Yubico web application. (Not interested in YubiKeys? You can buy other hardware security keys too, like the Google Titan Security Key, but they’re online-only still.) It used to be that hardware security keys were a concern for businesses and security nerds. But with the rise in AI-assisted online attacks, which have sped up the frequency of ransomware, malware, and phishing campaigns, even us consumers need the help of the strongest security measures available. Fortunately, this one’s easy to use. Just plug and play. Read...

Everyone knows what a password is. But we can’t say the same for two-factor authentication or passkeys, which is a shame because these two security features dramatically boost the safety of your online accounts. Using both is actually your best bet, but when to use one over the other can be confusing. If you don’t know much about 2FA or passkeys or you’re unsure which is better, this guide should clear that right up. What is 2FA? Two-factor authentication is a second layer of security you add to an account—think of it like another deadbolt on a door. In order to successfully log in, you must verify yourself a second time. Traditionally, a password (your first “factor”) is something you know. Your second “factor” is something you have (like a phone or a security key) or something you are (like a fingerprint). Two-factor authentication methods include one-time-use codes sent via text message or generated by an app, push notifications via phone app, and a hardware security key (e.g., a YubiKey). Hardware security keys like this YubiKey make 2FA very simple.Alaina Yee / Foundry Not all forms of 2FA are equally secure. Text message codes are the weakest due to the security weaknesses of SMS and mobile phone line porting. (For example, text messages can be intercepted via SS7 attacks, while a SIM jack can steal your phone number from under your nose.) Hardware security keys are the strongest. An attacker would need physical access to the dongle to use it. What is a passkey? A passkey is actually a set of encryption keys used for account authentication. It’s a form of asymmetric encryption (aka public-key cryptography) based on the WebAuthn standard. Creating a passkey generates a unique public-private key pair, bound to the device and website it was made for. The website stores the public key. You keep the private key, which always remains secret—though part of the authentication process, it’s never directly shared. It can’t be derived from the public key, either. You can store a passkey in several ways. For more convenience, save them to a cloud-based password manager. Such a service can be the one built-in to your Google or Microsoft account, or an independent company like Bitwarden or Dashlane. For greater security, save them to a specific device like your Windows PC (not your Microsoft account) or a hardware security key. You can secure a passkey in several ways. You can also create more than one passkey for an account, in case you need backup methods of logging in.PCWorld You can create more than one passkey per account. Though each is unique, they still serve as backups for one another—in the sense that if you lose one, you can still log in with a different one. Making more than one passkey to store on different devices is smart, because you can lose a phone or security key, or have your laptop stolen. And recently, the group behind passkeys (the FIDO Alliance) enabled support for passkey transfers—so if supported by your password managers, you can move between ecosystems or services with little hassle.(Currently, only a handful of password managers support passkey portability, with Apple as the biggest participant. But the list continues to expand.) To use a passkey, you must first initiate an authentication request on the site you’re logging into. (Basically, choose the option for signing in with a passkey.) Then you’ll use biometrics like your fingerprint or a PIN to authorize use of your passkey. Security experts consider biometrics more secure, but privacy experts advise a PIN in certain circumstances. (For example, in the United States, the government cannot compel you to share a PIN, but biometric data is not protected in the same way.) So, which is better? Fun fact about passkeys and 2FA—they’re not mutually exclusive! A website or app can choose to allow you to enable 2FA in addition to a passkey for login. However, you won’t find this combination much at all, at least for now. (Amazon is the only major website I’ve seen that still asks for 2FA codes after using a passkey.) If 2FA is enabled, Amazon will still text a one-time use code to your phone after successfully logging in with a passkey.Mark Hachman / IDG Why? A passkey is inherently more secure than a password, since it can’t be stolen or easily shared like passwords. It also blends both information you have (a private cryptography key) and something you are or know (either biometrics or a PIN). Two-factor authentication becomes less necessary to protect against phishing, credential stuffing, and other common attacks that rely on weak or compromised passwords. So our showdown here is more about when best to use one or the either—if you even get the choice. 2FA vs Passkeys: Convenience You can make 2FA pretty seamless — my favorite trick for this is to use a hardware security key and leave it plugged into your PC. Any time you need to authenticate for 2FA, you just touch the key. Meanwhile, a passkey works across all devices without extra setup or purchases, assuming you’re signed up for a free cloud storage service. A Microsoft account will be the most seamless way to get started for PC users, but a Google, Apple, or even Bitwarden account works great too. Ultimately, what’s best for you will be based on personal preference. But for most people, the win goes to passkeys for how cheap (free!) and easy they are to set up and use. Winner: Passkeys 2FA vs Passkey: Security First, so we don’t lose sight of the big picture—any form of two-factor authentication is better than no 2FA. That said, 2FA is only as secure as the method you choose. As mentioned above, text messages (SMS) have exploitable weaknesses. Push notifications are a little better, but they too can be compromised by hackers. If a bad actor knows your password, they can try an MFA fatigue attacks to get into your account—that is, spamming you with successful password use, hoping you accidentally approve a 2FA push notification request during the deluge. I recommend starting with app-generated one-time codes, since they cannot be easily compromised or attacked. But they’re still vulnerable to phishing attacks, where an attacker can steal your 2FA code after you input it into a fake website they control. (This very kind of attack managed to trip up a security guru earlier this year.) The strongest method of 2FA is a hardware security token, which requires human touch to work—and are encrypted in a way not easily compromised. An attacker would need physical access to use such a security key. Meanwhile, for passkeys, its pair of encryption keys are theoretically not crackable by today’s computers. However, storing them in a cloud-based password manager does run a theoretical risk. If that account becomes compromised, your passkeys could be used across the web by the attacker—or ported to another service you don’t control. So in my opinion, this head-to-head works out to a draw. Both of these methods greatly improve security in their own ways, but cannot be compared directly. Also, not all websites support both two-factor authentication and passkeys, so you may not have a choice. I think of these more as complementary security options, rather than head-to-head competitors. That said, if you don’t use strong passwords and will also realistically never turn on 2FA, then passkeys win every time. Winner: Draw 2FA vs Passkey: Price Passkeys are free. The ways you store them may not be. (Maybe you like hardware security keys best.) Many forms of 2FA are free, too. But again, how you approach them could require extra devices. For example, I know individuals who maintain a second cheap cell phone line, used exclusively for 2FA text codes. (Some banks don’t offer other methods of 2FA.) They never share the number, so it can’t be associated with them publicly, and thus minimizes the risk of a successful SIM jacking attack. But paying to use either is optional, even if you don’t own a smartphone. My take? For each person, the winner of this comes down to what forms of 2FA are available to you, your take on security versus convenience, and the supported security features of the websites and apps you use. Plus, how paranoid you are about losing your primary and secondary forms of 2FA or the device(s) with passkeys stored on them. But broadly speaking, I think it’s a draw—convenience and security will play bigger roles in which one you choose. Winner: Draw Read...

TL;DR: For just $14.97, get a lifetime license to Microsoft Windows 11 Pro (MSRP $199). Still cruising on Windows 10 and pretending nothing’s broken? Relatable—“Remind me later” is muscle memory. But support for Windows 10 just officially ended. With this deal, you can finally make the jump to Windows 11 Pro for just $14.97. That’s a full-fledged, professional-grade operating system for the price of two fancy lattes. First of all, Windows 11 Pro is smooth. Like, way smoother than its predecessors. The redesigned interface is clean, centered, and customizable, which is great for focus and flow. Plus, it comes with features that make multitasking feel like second nature: snap layouts, virtual desktops, and lightning-fast search tools. You get enterprise-grade features like BitLocker encryption, Windows Hello biometric login, and TPM 2.0 compatibility — all designed to protect your work, files, and peace of mind. And Windows Copilot is now baked in, meaning you can ask for help, automate tasks, summarize web pages, or even brainstorm new ideas, all from your desktop. If you’re a developer, creative, remote worker, or small business owner, Windows 11 Pro is an upgrade that can give you a serious productivity boost. Don’t miss upgrading to Windows 11 Pro while it’s on sale for just $14.97 (MSRP $199) for a limited time. Microsoft Windows 11 ProSee Deal StackSocial prices subject to change. Read...

ATMs, EFTPOS and PayWave are all still working, ANZ says. Read...

AI-driven scams and web skimming attacks have surged in New Zealand, with web skimming up 416% and tech support scams rising 437% in Q3 2025, warns Gen Digital. Read...

Uh oh, Meta is implementing a change that some users aren’t going to like (and others are going to applaud). Due to new guidelines for WhatsApp business accounts, soon AI chatbots will no longer be allowed when they’re used as the main purpose of the messenger app. The relevant policy text says: Providers and developers of artificial intelligence or machine learning technologies, including but not limited to large language models, generative artificial intelligence platforms, general-purpose artificial intelligence assistants … are strictly prohibited from accessing or using the WhatsApp Business Solution, whether directly or indirectly, for the purposes of providing, delivering, offering, selling, or otherwise making available such technologies when such technologies are the primary (rather than incidental or ancillary) functionality being made available for use, as determined by Meta in its sole discretion. In layman’s terms, this means that AI tools like ChatGPT will be removed from WhatsApp, and AI providers (such as Perplexity) will no longer be allowed to offer chatbots via WhatsApp. The only AI you’ll be allowed to use for support on WhatsApp will be Meta’s own AI. Officially, the change won’t take effect until January 16th, 2026, but it’s possible that OpenAI will remove ChatGPT from WhatsApp before then to avoid conflicts with Meta. Why is WhatsApp banning AI chatbots? According to Meta (via TechCrunch), chatbots like ChatGPT “placed a lot of burden on its system with increased message volume and required a different kind of support, which the company wasn’t ready for.” However, the fact that Meta’s own AI has also been available in WhatsApp since earlier this year is also likely to be a factor that led to this decision, especially as Meta’s AI can’t be deactivated or deleted. Starting January 2026, it’ll still be possible to use chatbots and AI in WhatsApp, for example to provide support or customer service. But there can no longer be a real AI assistant. Anyone who fails to adhere to the guidelines risks being banned from WhatsApp Business Solutions. What should you do about this? To date, over 50 million people are said to have used ChatGPT via WhatsApp, which should be seen as a huge success for both apps. Nevertheless, the end of the brief collaboration is inevitable. Starting January 2026, anyone who wants to continue using ChatGPT will have to use one of ChatGPT’s apps (like the Android version on the Play Store) or directly in the web browser. Both options offer more features than ChatGPT via WhatsApp, and they’re less limited when it comes to uploading files or voice input. Alternatively, you can start chatting with Meta AI via the search bar in WhatsApp. Meta AI is currently based on the Llama 4 language model, which offers efficient and solution-oriented answers but isn’t as good at working with context as ChatGPT is. Note that Meta AI will start snooping on your chats soon for personalizing ads and content. If you don’t want to lose access to your chat history with ChatGPT, you should back it up by January 15th, 2026. To do this, you need to link your WhatsApp account to your ChatGPT account, which you can do via ChatGPT on WhatsApp by clicking the three-dot menu and then View contact. Scroll down, then select Link your ChatGPT account. Further reading: Fun ways to use ChatGPT when you’re bored Read...

As an IT expert, I’m used to building digital fortresses. Firewalls, virus scanners, complex passwords, two-factor authentication: My tech life is a high-security zone. I thought my physical home was, too–at least until I went into my garage one morning and realized the brackets for my planned solar-panel installation, which had been stored on a pallet in front of it, were missing. Foil cut, opened, and stolen. In the middle of the night. After the initial anger and the police report, my rage gave way to cool analysis: It was time to invest in more security. But my goal was to spend less than $500. Burglars are at their peak in autumn The risk of burglary increases dramatically during the darker months of the year, when dusk can set late in the afternoon. The darkness provides criminals with the anonymity they need to operate undisturbed. Contrary to the cliché, burglars don’t just come in the middle of the night, but specifically exploit the evening hours between 5:00 and 9:00 p.m., when unlit windows signal that no one’s home. While the FBI reported an 8.1 percent decline in property crime in the U.S., it still tracked an estimated 5,986,400 property crime offenses in 2024. Fortunately, many of these offenses get stuck at the attempted stage, often due to existing security technology at the scene. This was the decisive motivation for me to act to protect my own property from future losses. My security product selection My plan was to create a smart and networked system that would act as a deterrent and immediately raise the alarm in the event of an emergency. I chose an expandable alarm system from X-Sense, one of the best-rated providers on Amazon, as the central control unit. Amazon The X-Sense AS08 is a wireless smart home security system with four door/window sensors, two motion sensors, a numeric keypad (for arming/disarming) and a base station that connects everything to the internet. It costs less than $140. You can conveniently control your home remotely via the app or with Alexa. With a 100dB alarm, real-time notifications, simple installation, and up to five years of battery life, the X-Sense system offers reliable protection and flexible expansion options. See the X-Sense AS08 at Amazon The visible presence of cameras alone often acts as a deterrent. For outdoor use, I opted for the weatherproof Reolink Argus 4 Pro Wi-Fi camera with night vision and motion detection. Christoph Hoffmann This 4K surveillance camera normally costs around $180, but it’s nearly always on sale for less: $145 at Amazon as of this writing. Thanks to the solar panel and rechargeable battery, the surveillance camera is independent of electricity. As soon as someone enters my property, I receive a push notification on my smartphone and can call up the live stream. Christoph Hoffmann See the Reolink Argus 4 Pro at Amazon For the interior of my home, especially on the ground floor, I have placed two inconspicuous Reolink E1 Pro indoor cameras for a total expenditure of about $90. They cover the entrance and living area and deliver razor-sharp images even in low light thanks to their 3K resolution (2,880 × 1,616 pixels) and large F1.6 aperture. These cameras are easy to set up, thanks to their Bluetooth and dual-band Wi-Fi connectivity (2.4-/5GHz), and their auto-tracking pan/tilt functions capture every movement. AI-based detection reliably differentiates between people and pets, and they even recognize baby noises. Christoph Hoffmann See the Reolink E1 Pro at Amazon Another feature I like about Reolink’s security cameras that they can connect to a central storage and management device that eliminates the need for a subscription to store video in the cloud. The Reolink Home Hub ($100) acts as a central management and storage solution for up to eight Reolink cameras. The Reolink Home Hub comes with 64GB of onboard storage, but it also has two microSD card slots, each of which can handle user-provided cards offering up to 512GB each.Michael Ansaldo/Foundry Whether you use its ethernet port or its onboard Wi-Fi 6 adapter, you’ll get smooth 4K live views and fast transmission of recorded video. A dedicated siren alerts you when it detects uninvited guests. See the Reolink Hub at Amazon What you can and cannot monitor with an outdoor security camera or video doorbell? When installing cameras outdoors, the legal situation is clear. You are only allowed to film your own private property. Public areas such as pavements or roads and neighbors’ properties are off limits. Even if these areas are only recorded slightly, this can constitute a violation of personal rights with legal consequences. An inexpensive sign warning that your property is subject to video surveillance can also act as a deterrent to potential offenders, and it might even be required by law (check your jurisdiction). Such a sign also ensures transparency, while creating a bond of trust with your neighbors. And if you need to use a recording as forensic evidence of a crime, it should be admissible in a court of law. It’s a small effort that can have a big protective impact. Even more security with smart sensors For me, a comprehensive security concept does not end with burglary protection. Fire, smoke, water, and invisible gases pose just as great a threat. That’s why I expanded my setup with additional X-Sense component. Since I already have the X-Sense SBS50 base station, these security add-ons cost me just 130 euros. Instead of relying on individual stand-alone solutions, the manufacturer offers networkable smoke, heat, and carbon monoxide detectors as well as water-leak sensors. And as an added bonus, some of the can be integrated with the X-Sense SBS50 base station in the home security system I mentioned earlier. TechHive has favorably reviewed the X-Sense XS01-M interconnected smoke alarm system. I use that system myself as well as the X-Sense XH02-M Interconnected Smart Heat Alarm and the X-Sense SWS0A Ultra-thin Smart Water Leak Alarm. The interconnected advantage: If a detector in one room triggers an alarm, the signal is relayed to every other sensor of the same type that you’ve installed in the house. So, if there’s a water leak in the basement, you’ll get a warning even if you’re in the attic (assuming you installed a sensor there, of course). Some of the sensors don’t require the base station. Those then don’t have this interconnected feature and work independently. But the X-Sense smartphone app will sends notifications about alarms, battery level, and test status, so you’re informed at all times. Up to 12 family members can access and manage alarms via the app. See the X-Sense SX01-M smoke alarm at Amazon See the X-Sense XH02-M Heat Alarm at Amazon See the X-Sense SWS0A Water Leak Alarm at Amazon Beware the Wi-Fi trap If your Wi-Fi network goes down, many smart cameras and sensors will lose their connection to their smartphone app and/or the cloud. Live transmission and push notifications will no longer possible. Devices with local storage–such as cameras with microSD card slots–will continue to record video. As soon as the connection is re-established, that data will be synchronized and the events transmitted accordingly. Systems that rely exclusively on cloud storage, on the other hand, stop working completely, as they can neither stream nor record without a connection to internet. The recent Amazon Web Services debacle is a case in point. The behavior of smart sensors depends on whether they are connected to a base station or operate solely via Wi-Fi. Sensors with their own wireless connection to a base station, as is the case with many security hubs, continue to function even without Wi-Fi, and they will trigger alarms locally. More sophisticated home security systems–read about TechHive’s top picks in home security system–have hubs that establish back-up internet connections via cellular connections should your regular broadband connection fail. Independent wireless sensors will also remain active, but they will only emit local alarms, such as tones or voice warnings. To avoid the so-called Wi-Fi trap, you should therefore look out for devices with local storage, integrated alarms, and secondary wireless connections, so your home remains reliably protected in the event of an internet failure. Goal achieved! My total expenditure for all the devices listed above? Just $403. Smart home protection doesn’t have to break the bank. This story was originally published on our sibling site PC Welt and was translated and localized from German. This story is part of TechHive’s in-depth coverage of the best DIY home security systems and best home security cameras. Read...