A Meta agentic AI sparked a security incident by acting without permission

The Information reported that an AI agent within Meta took unauthorized action that led to an employee creating a security breach at the social company last week. According to the publication, an employee used an in-house agentic AI to analyze a query from a second employee on an internal forum. The AI agent posted a response to the second employee with advice even though the first person did not direct it to do so. 

The second employee took the agent’s recommended action, sparking a domino effect that led to some engineers having access to Meta systems that they shouldn’t have permission to see. A representative from the company confirmed the incident to The Information and said that “no user data was mishandled.” Meta’s internal report indicated that there were unspecified additional issues that led to the breach. A source said that there was no evidence that anyone took advantage of the sudden access or that the data was made public during the two hours when the security breach was active. However, that may be the result of dumb luck more than anything else. 

Many tech leaders and companies have touted the benefits of artificial intelligence, this is just the latest incident where human employees have lost control over an AI agent. Amazon Web Services experienced a 13-hour outage earlier this year that also (apparently coincidentally) involved its Kiro agentic AI coding tool. Moltbook, the social network for AI agents recently acquired by Meta, had a security flaw that exposed user information thanks to an oversight in the vibe-coded platform.

This article originally appeared on Engadget at https://www.engadget.com/ai/a-meta-agentic-ai-sparked-a-security-incident-by-acting-without-permission-224013384.html?src=rss 

The FBI confirms it’s buying Americans’ location data

During a Senate hearing, FBI Director Kash Patel confirmed that his agency has bought information that could be used to track individuals’ movement and location. “We do purchase commercially available information that’s consistent with the Constitution and the laws under the Electronic Communications Privacy Act, and it has led to some valuable intelligence for us,” he said. 

Law enforcement is required to obtain a warrant in order to get location data from cell service providers following the Carpenter v United States ruling from 2018. But why bother with all that hassle when they can just buy the information from the open market?

“Doing that without a warrant is an outrageous end run around the Fourth Amendment, it’s particularly dangerous given the use of artificial intelligence to comb through massive amounts of private information,” Sen. Ron Wyden, (D-Ore.) said during the Intelligence Committee hearing. Wyden is one of several lawmakers pushing for an overhaul of when and how the government can obtain citizens’ personal information. 

It’s an overhaul that’s badly needed. Patel already has a history of dubious use of government resources, such as ordering SWAT protections for his girlfriend and somehow horning in on men’s hockey victory celebrations at the recent winter Olympics, so one would hope he’s not also stretching the limits of the few privacy protections that do exist. Then outside the FBI, we have the Department of Homeland Security being sued for illegally tracking immigration raid protestors and the Pentagon’s labeling of Anthropic as a supply-chain risk after the AI company refused to let its products be used for mass surveillance of Americans.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/the-fbi-confirms-its-buying-americans-location-data-230835196.html?src=rss 

Senator Blackburn introduces the first draft of a federal AI bill

The White House has been promising a set of national rules to guide artificial intelligence since late last year, and today Sen. Marsha Blackburn (R-Tenn.) fired the first volley. The senator shared a discussion draft for codifying the executive order signed by President Donald Trump in December calling for an AI bill. Her stated goal is a policy that “protects children, creators, conservatives and communities from harm.”

Blackburn has called for tougher policies for AI safety, and one of the core messages in this discussion draft is that it “places a duty of care on AI developers in the design, development and operation of AI platforms to prevent and mitigate foreseeable harm to users.” It also draws a line on the many copyright infringement questions raised by creative industries: “an AI model’s unauthorized reproduction, copying, or processing of copyrighted works for the purpose of training, fine-tuning, developing, or creating AI does not constitute fair use under the Copyright Act.” 

Some of the other notable provisions are:

Requires covered online platforms, including social media platforms, to implement tools and safeguards to protect users under the age of 17 against online harms.

Protects the voice and visual likenesses of individuals and creators from the proliferation of digital replicas without their consent.

Sets new federal transparency guidelines for marking, authenticating and detecting AI-generated content.

Requires certain companies and federal agencies to issue reports on AI-related job effects, including layoffs and job displacement to the U.S. Department of Labor (DOL) on a quarterly basis.

It includes ending Section 230, marking the latest attempt to retire a law that has been questioned as a possible loophole for AI companies to escape liability when their tools cause harm. While AI critics might see positive signs here, remember that this is just the initial version of the framework. Lawmakers will likely spend a lot of time negotiating over the eventual result, which may be notably de-fanged from its current state. It could wind up with a lot more requirements echoing this Republican complaint: “Combats the consistent pattern of bias against conservative figures demonstrated by AI systems by requiring third-party audits to prevent discrimination based on political affiliation.” Despite the claims of suppression and censorship, we’ve consistently seen this conservative argument to be false — or at the very least misleading.

This article originally appeared on Engadget at https://www.engadget.com/ai/senator-blackburn-introduces-the-first-draft-of-a-federal-ai-bill-202509852.html?src=rss 

Amazon will reportedly cut its USPS shipments by at least two-thirds

A recent change in how the US Postal Service handles shipping partners appears to have forced Amazon to make alternative plans. The company reportedly plans to cut the number of packages it ships through USPS by at least two-thirds later this year. It says the decision came after USPS ended negotiations “at the eleventh hour” in favor of a new bidding process.

On Tuesday, the Wall Street Journal reported that Amazon plans to reduce the shipments it hands off to USPS. Last year, the company accounted for nearly 15 percent of the Postal Service’s package deliveries. Cutting that by nearly two-thirds diminishes one of the USPS’s most reliable sources of revenue. In fiscal 2025, the agency reported a net loss of $9 billion.

Amazon’s current contract with USPS ends on September 30. In a public response to the WSJ story, the company said it notified USPS in October 2025 that it would need to complete a new deal by December. “You can’t add capacity for hundreds of millions of packages overnight — it requires major capital investment, long-term infrastructure planning, hiring, and logistics coordination,” Amazon wrote.

According to Amazon, USPS then pulled the plug on negotiations at the last second. “We negotiated with [USPS] in good faith for more than a year to reach a deal that would bring them billions in revenue and believed we were heading toward an agreement,” Amazon wrote in a statement. “Our goal was to increase our volumes with USPS, not reduce them — until USPS abruptly walked away at the eleventh hour in December.”

Postmaster General David Steiner (AP Photo/Cliff Owen, File)

ASSOCIATED PRESS

That’s when Postmaster General David Steiner implemented a new bidding process for last-mile deliveries, replacing a long-established one where USPS negotiated with shipping partners individually. He described the move as “a fair bidding process that enables the marketplace to find the best mix of local shipping attributes for the best volume-driven pricing.” Steiner was appointed to the post in May 2025, following the departure of former head Louis DeJoy.

Amazon said it submitted a bid in February using the new system but hasn’t heard back. “This creates significant uncertainty for our long-term network planning,” the company said. “Despite this, we participated in good faith and submitted a bid in February 2026. We’ve received no response.”

USPS plans to announce the bidding results in Q2 2026. Contracts are expected to be finalized by Q3. Despite apparently moving forward with the contingency plan, Amazon said it’s still “ready to continue this partnership.”

As for Postmaster Steiner, he spent Tuesday asking Congress to loosen USPS regulations and let him raise prices. Warning that the agency will “run out of cash” in about a year, he told a House subcommittee that he wants to raise the agency’s current $15 billion debt cap. He also asked for the ability to increase postage prices and reform its retiree pension obligations.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/amazon-will-reportedly-cut-its-usps-shipments-by-at-least-two-thirds-200915702.html?src=rss 

A new iPhone hacking tool puts anyone still on iOS 18 at risk

Google and cybersecurity companies Lookout and iVerify have detailed a new hacking technique that potentially puts a significant portion of iPhone users in danger, just by visiting the wrong web page. The hack is called “DarkSword” and since it specifically targets several different versions of iOS 18, it could affect “close to a quarter of iPhones,” Wired writes.

DarkSword is a “fileless” hack that leverages a collection of exploits to access sensitive data when an iPhone visits an infected website. Rather than install spyware that hangs around on a user’s phone after messages and other private information are stolen, fileless hacks like DarkSword take control of “the legitimate processes in an iPhone’s operating system to steal data,” according to Wired. Even more troubling, DarkSword deletes any evidence it was running on an iPhone after it finishes stealing your information.

The hack starts as soon as an iOS device encounters an “malicious iframe embedded in a web page,” after which it works its way through your iPhone, gathering sensitive information like passwords before deleting itself. DarkSword can abscond with things like messages and iCloud content, but it’s also specifically designed to access crypto currency wallets, Lookout says, which could indicate who was using DarkSword before it became widely available.

DarkSword has reportedly been used in Ukraine, Saudi Arabia, Malaysia, Turkey and Russia, and its origins could be tied to a different hacking toolkit called Coruna that TechCrunch reports may have been created for the US government by a company called Trenchant. Regardless of where DarkSword came from, the tool didn’t become widely available until its Russian users left DarkSword’s source code on a website for anyone to access, “complete with explanatory comments in English that describe each component and include the ‘DarkSword’ name for the tool,” Wired writes.

Apple patched the exploits that DarkSword and Coruna used in recent updates to iOS 26, the yearly software release from 2025 that followed iOS 18. The problem is that not everyone is using Apple’s latest update. DarkSword targets iOS 18 releases between iOS 18.4 and iOS 18.6.2, and according to Apple’s latest iOS usage stats for developers, around 24 percent of iOS devices are still on iOS 18. Without more detail, it’s hard to know how many people that leaves exposed, but as a rule of thumb, if your iOS device can update to a newer software release, you should do so as soon as possible to stay secure.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/a-new-iphone-hacking-tool-puts-anyone-still-on-ios-18-at-risk-203745949.html?src=rss 

Perplexity’s Comet AI browser is now available for iPhones

Perplexity’s Comet AI browser is now available as a standalone app for iPhone users. The tool initially debuted last summer on PCs, but cost $200 a month. The new app is free, as is the recently-released Android version.

Comet is an AI-powered browser, which has become a hot product category throughout the past year or so. This is basically a web browser combined with a chatbot that can perform some tasks on a user’s behalf. Like related tools, people can ask it to summarize a webpage or conduct additional research for more context about a subject.

Comet is now available for iOS.

Download on the App Store: https://t.co/JCfCIO3Fdw pic.twitter.com/DitCKlmg65

— Perplexity (@perplexity_ai) March 18, 2026

Perplexity says that Comet “acts as a personal assistant and thinking partner” to “turn curiosity into momentum.” Those are certainly words. The company boasts that folks can use the tool to shop and make schedules. I advise some caution for both of these tasks, given that AI browsers are notorious marks that easily fall for various online scams.

One cool thing here is that the app takes full advantage of Apple’s Liquid Glass technology. It certainly looks easy on the eyes and that address bar really pops. The iOS version does suffer from some limitations inherent to Apple’s walled-garden approach, according to a preview by MacStories. Users cannot install third-party extensions here, though it can be made the default browser.

Finally, there’s a privacy concern worth considering. Perplexity has been open about the fact that it uses browsers in part to collect customer data for ad targeting. There’s a reason why something that used to cost $200 is now available for free.

The Comet browser is now available for iPhones, Android devices, Windows PCs and Macs. There isn’t a native iPad app yet, but the standard Perplexity app is available for Apple’s tablets so maybe the browser will follow suit.

This article originally appeared on Engadget at https://www.engadget.com/apps/perplexitys-comet-ai-browser-is-now-available-for-iphones-183947569.html?src=rss 

Hubble catches rare view of a comet crumbling

NASA and ESA have released new images from the Hubble Space Telescope of a comet breaking up as it exits the solar system, captured as part of study recently published in the journal Icarus. The images are notable not only because they offer a more detailed view of the inside of a comet, which could offer new information about the early days of the universe, but also because they were taken by accident.

Photographing K1, or “Comet C/2025 K1” as it’s officially known, wasn’t the original intention of the study. “This comet [was] observed because our original comet was not viewable due to some new technical constraints after we won our proposal,” John Noonan, a research professor in the Department of Physics at Auburn University in Alabama said. “We had to find a new target — and right when we observed it, it happened to break apart, which is the slimmest of slim chances.”

The comet broke up over a period of days into “at least four pieces,” each with a “fuzzy envelope of gas and dust” around them, with Hubble specifically capturing the disassembly from November 8 through November 10, 2025. K1 was interesting before it started to crumble because at “around 8 kilometers across” (about 5 miles), it’s larger than the average comet, and having footage of it shattering will likely offer new insights into the physics of comets in general. Additionally, the lack of carbon in the gases released by the comet as it broke is apparently “chemically very strange,” which suggests the composition of K1 could bear scientific fruit, too.

Hubble has tracked comets of different sizes and compositions for years. Studying them remains a focus because comets are frequently made of ice and rock from the primordial period when solar systems were first forming. The ESA hopes to dramatically expand our understanding of that period with its “Comet Interceptor” mission, which is supposed to launch in 2028 or 2029, and aims to use photos captured from multiple angles to create a 3D model of a comet.

This article originally appeared on Engadget at https://www.engadget.com/science/space/hubble-catches-rare-view-of-a-comet-crumbling-185817544.html?src=rss 

UK reverses course on AI copyright position after backlash

Chalk up a win for creative artists against AI companies. On Wednesday, the UK government abandoned its previous position on copyrighted works. It’s currently working on a data bill that, if unaltered, would have allowed AI companies like Google and OpenAI to train models on copyrighted materials without consent. Artists and other copyright holders would only have been offered a mere opt-out clause.

After significant backlash, the UK backed off from that position. “We have listened,” Technology Secretary Liz Kendall said on Wednesday. However, the government’s new stance is, well, not a stance at all. It currently “no longer has a preferred option” about how to handle the issue.

Still, backpedaling from its previous position is viewed as a win for artists. UK Music CEO Tom Kiehl described the decision as “a major victory,” while promising to work with the government on the next steps.

Elton John and Dua Lipa spoke out against the government’s previous stance. (Photo by Kevin Mazur/Getty Images for Elton John AIDS Foundation)

Kevin Mazur via Getty Images

Last year, some of Britain’s highest-profile artists objected to the government’s position. Sir Elton John and Dua Lipa were among those speaking out. Even Sir Paul McCartney weighed in, warning that the AI industry could “rip off” artists and lead to a “loss of creativity.”

“You get young guys, girls, coming up, and they write a beautiful song, and they don’t own it, and they don’t have anything to do with it,” McCartney told the BBC in 2025. “And anyone who wants can just rip it off. The truth is, the money’s going somewhere… somebody’s getting paid.”

The government will now weigh its options, taking “the time needed” to balance the wishes of artists and the tech industry. “We will not introduce reforms to copyright law until we are confident that they will meet our objectives for the economy and UK citizens,” it wrote in a report. “This means protecting the UK’s position as a creative powerhouse, while unlocking the extraordinary potential of AI to grow the economy and improve lives.”

“Any reform must ensure that right holders can be fairly rewarded for the economic value their work creates, and that they are protected against unlawful and unfair use of their work. It must also ensure that AI developers can access high-quality content.”

This article originally appeared on Engadget at https://www.engadget.com/ai/uk-reverses-course-on-ai-copyright-position-after-backlash-175630732.html?src=rss 

Microsoft will finally let you turn off Quick Resume for individual games

Microsoft is rolling out a number of Xbox Series X|S updates to those on its Xbox Insiders program, and one of them has been requested by the community for years. You’ll soon be able to disable the Quick Resume feature for specific games, meaning they’ll boot up fresh each time you launch them.

As a reminder, Quick Resume is a feature that Microsoft introduced with its current generation of consoles. It lets you suspend a number of games simultaneously so they’re running in the background even when the console is turned off. When you want to return to a game that supports Quick Resume, it’ll drop you back in exactly where you left it within a few seconds, often even when it’s been months since you last played that game. It’s a pretty neat feature, and still impressive more than five years since the Series X|S launched.

But over the years, players have discovered that Quick Resume isn’t ideal for every title, particularly always-online games. When you take these out of their suspended state, they’ll often shout at you for letting them disconnect, forcing you to manually close the game down properly and then relaunch it. Other games just don’t seem to get on with it for a variety of other reasons. You can manually close any game you want at any time, but it takes a few more button presses than Quick Resume, so it’s easy to forget.

The latest Xbox update finally addresses this, letting you turn off the feature on a game-by-game basis by selecting “More Options” and then “Manage Quick Resume” on a game tile. That way you can ensure it’s only enabled for single-player titles in which the ability to instantly pick up where you left off is very appealing. It’s a change that has gone down well with ex-Xbox icon Larry “Major Nelson” Hryb, who said on X that he first requested it five years ago when still employed by Microsoft.

Love this. I filed a feature request to make Quick Resume per title in 2021. Great to finally see it happen. https://t.co/eDn56MIMSu

— Larry Hryb, Gamer Emeritus 📱⌨️🖱️🎮 (@majornelson) March 18, 2026

Microsoft is also adding more customization options to the Xbox dashboard in the upcoming update. You’ll be able to create custom background colors, rather than having to select one of the existing color options, while the amount of Groups you can add to your Home screen has been increased from two to 10. These can be reordered in the same way you reorder individual game tiles.

Select Xbox Insiders can start using the new features now, before they’re eventually made available to everyone.

This article originally appeared on Engadget at https://www.engadget.com/gaming/xbox/microsoft-will-finally-let-you-turn-off-quick-resume-for-individual-games-174639730.html?src=rss 

Double Fine’s Kiln pops out of the oven and onto PC, Xbox and PS5 on April 23

Double Fine is following up on Keeper — one of our favorite games of 2025 — with Kiln, a “multiplayer online pottery party brawler.” The game was showcased during Xbox’s Developer Direct stream in January and now it has a release date. It’s coming to Xbox Series X/S, Xbox on PC, Xbox Cloud, PlayStation 5 and Steam on April 23. Xbox said Kiln will be Handheld Optimized from the jump. 

In Kiln, you’ll use a virtual pottery wheel to shape a piece of clay into a vessel and then decorate it. The size and shape will determine how much health you have, the water capacity of your vessel and your speed. For instance, smaller pots will be able to attack faster, while a larger, slower pot might be more powerful. The shape you opt for (bowl, bottle, chalice and so on) determines which special ability you have. The decorations are purely cosmetic.

In the main Quench mode, the aim is to gather water and be the first team of four to put out the other side’s kiln three times (which sounds a bit like a MOBA to me). Doing so won’t exactly be straightforward, of course. When you run into an enemy vessel, you can try to smash it, and they’ll probably attempt to do the same to you.

In one map, you’ll be able to pour water onto sponges to create barriers. In another, there’s a “disco dance floor that compels players to dance on the flashing squares for a short while.” There’s no in-game voice chat, but players could easily get around that using their console’s built-in party features or the likes of Discord.

An open beta will take place on Steam from April 9 to 11. Pre-orders will go live at that time as well. The base version of the game is $20. A $30 “Fired Up” edition includes premium cosmetic options as well as extra chips, the in-game currency that’s used to unlock customizations. Otherwise, chips can only be earned through gameplay.

This article originally appeared on Engadget at https://www.engadget.com/gaming/xbox/double-fines-kiln-pops-out-of-the-oven-and-onto-pc-xbox-and-ps5-on-april-23-171433966.html?src=rss 

Generated by Feedzy
Exit mobile version