EngadgetModify

2026-03-19 06:40:13

The Information reported that an AI agent within Meta took unauthorized action that led to an employee creating a security breach at the social company last week. According to the publication, an employee used an in-house agentic AI to analyze a query from a second employee on an internal forum. The AI agent posted a response to the second employee with advice even though the first person did not direct it to do so. 

The second employee took the agent's recommended action, sparking a domino effect that led to some engineers having access to Meta systems that they shouldn't have permission to see. A representative from the company confirmed the incident to The Information and said that "no user data was mishandled." Meta's internal report indicated that there were unspecified additional issues that led to the breach. A source said that there was no evidence that anyone took advantage of the sudden access or that the data was made public during the two hours when the security breach was active. However, that may be the result of dumb luck more than anything else. 

Many tech leaders and companies have touted the benefits of artificial intelligence, this is just the latest incident where human employees have lost control over an AI agent. Amazon Web Services experienced a 13-hour outage earlier this year that also (apparently coincidentally) involved its Kiro agentic AI coding tool. Moltbook, the social network for AI agents recently acquired by Meta, had a security flaw that exposed user information thanks to an oversight in the vibe-coded platform.

2026-03-19 04:37:45

Google and cybersecurity companies Lookout and iVerify have detailed a new hacking technique that potentially puts a significant portion of iPhone users in danger, just by visiting the wrong web page. The hack is called "DarkSword" and since it specifically targets several different versions of iOS 18, it could affect "close to a quarter of iPhones," Wired writes.

DarkSword is a "fileless" hack that leverages a collection of exploits to access sensitive data when an iPhone visits an infected website. Rather than install spyware that hangs around on a user's phone after messages and other private information are stolen, fileless hacks like DarkSword take control of "the legitimate processes in an iPhone's operating system to steal data," according to Wired. Even more troubling, DarkSword deletes any evidence it was running on an iPhone after it finishes stealing your information.

The hack starts as soon as an iOS device encounters an "malicious iframe embedded in a web page," after which it works its way through your iPhone, gathering sensitive information like passwords before deleting itself. DarkSword can abscond with things like messages and iCloud content, but it's also specifically designed to access crypto currency wallets, Lookout says, which could indicate who was using DarkSword before it became widely available.

DarkSword has reportedly been used in Ukraine, Saudi Arabia, Malaysia, Turkey and Russia, and its origins could be tied to a different hacking toolkit called Coruna that TechCrunch reports may have been created for the US government by a company called Trenchant. Regardless of where DarkSword came from, the tool didn't become widely available until its Russian users left DarkSword's source code on a website for anyone to access, "complete with explanatory comments in English that describe each component and include the 'DarkSword' name for the tool," Wired writes.

Apple patched the exploits that DarkSword and Coruna used in recent updates to iOS 26, the yearly software release from 2025 that followed iOS 18. The problem is that not everyone is using Apple's latest update. DarkSword targets iOS 18 releases between iOS 18.4 and iOS 18.6.2, and according to Apple's latest iOS usage stats for developers, around 24 percent of iOS devices are still on iOS 18. Without more detail, it's hard to know how many people that leaves exposed, but as a rule of thumb, if your iOS device can update to a newer software release, you should do so as soon as possible to stay secure.

2026-03-19 04:25:09

The White House has been promising a set of national rules to guide artificial intelligence since late last year, and today Sen. Marsha Blackburn (R-Tenn.) fired the first volley. The senator shared a discussion draft for codifying the executive order signed by President Donald Trump in December calling for an AI bill. Her stated goal is a policy that "protects children, creators, conservatives and communities from harm."

Blackburn has called for tougher policies for AI safety, and one of the core messages in this discussion draft is that it "places a duty of care on AI developers in the design, development and operation of AI platforms to prevent and mitigate foreseeable harm to users." It also draws a line on the many copyright infringement questions raised by creative industries: "an AI model's unauthorized reproduction, copying, or processing of copyrighted works for the purpose of training, fine-tuning, developing, or creating AI does not constitute fair use under the Copyright Act." 

Some of the other notable provisions are:

• Requires covered online platforms, including social media platforms, to implement tools and safeguards to protect users under the age of 17 against online harms.

• Protects the voice and visual likenesses of individuals and creators from the proliferation of digital replicas without their consent.

• Sets new federal transparency guidelines for marking, authenticating and detecting AI-generated content.

• Requires certain companies and federal agencies to issue reports on AI-related job effects, including layoffs and job displacement to the U.S. Department of Labor (DOL) on a quarterly basis.

It includes ending Section 230, marking the latest attempt to retire a law that has been questioned as a possible loophole for AI companies to escape liability when their tools cause harm. While AI critics might see positive signs here, remember that this is just the initial version of the framework. Lawmakers will likely spend a lot of time negotiating over the eventual result, which may be notably de-fanged from its current state. It could wind up with a lot more requirements echoing this Republican complaint: "Combats the consistent pattern of bias against conservative figures demonstrated by AI systems by requiring third-party audits to prevent discrimination based on political affiliation." Despite the claims of suppression and censorship, we’ve consistently seen this conservative argument to be false — or at the very least misleading.

2026-03-19 04:09:15

A recent change in how the US Postal Service handles shipping partners appears to have forced Amazon to make alternative plans. The company reportedly plans to cut the number of packages it ships through USPS by at least two-thirds later this year. It says the decision came after USPS ended negotiations “at the eleventh hour” in favor of a new bidding process.

On Tuesday, the Wall Street Journal reported that Amazon plans to reduce the shipments it hands off to USPS. Last year, the company accounted for nearly 15 percent of the Postal Service’s package deliveries. Cutting that by nearly two-thirds diminishes one of the USPS’s most reliable sources of revenue. In fiscal 2025, the agency reported a net loss of $9 billion.

Amazon’s current contract with USPS ends on September 30. In a public response to the WSJ story, the company said it notified USPS in October 2025 that it would need to complete a new deal by December. “You can't add capacity for hundreds of millions of packages overnight — it requires major capital investment, long-term infrastructure planning, hiring, and logistics coordination,” Amazon wrote.

According to Amazon, USPS then pulled the plug on negotiations at the last second. “We negotiated with [USPS] in good faith for more than a year to reach a deal that would bring them billions in revenue and believed we were heading toward an agreement,” Amazon wrote in a statement. “Our goal was to increase our volumes with USPS, not reduce them — until USPS abruptly walked away at the eleventh hour in December.”

ASSOCIATED PRESS

That’s when Postmaster General David Steiner implemented a new bidding process for last-mile deliveries, replacing a long-established one where USPS negotiated with shipping partners individually. He described the move as “a fair bidding process that enables the marketplace to find the best mix of local shipping attributes for the best volume-driven pricing.” Steiner was appointed to the post in May 2025, following the departure of former head Louis DeJoy.

Amazon said it submitted a bid in February using the new system but hasn’t heard back. “This creates significant uncertainty for our long-term network planning,” the company said. “Despite this, we participated in good faith and submitted a bid in February 2026. We've received no response.”

USPS plans to announce the bidding results in Q2 2026. Contracts are expected to be finalized by Q3. Despite apparently moving forward with the contingency plan, Amazon said it’s still “ready to continue this partnership.”

As for Postmaster Steiner, he spent Tuesday asking Congress to loosen USPS regulations and let him raise prices. Warning that the agency will “run out of cash” in about a year, he told a House subcommittee that he wants to raise the agency’s current $15 billion debt cap. He also asked for the ability to increase postage prices and reform its retiree pension obligations.

2026-03-19 04:05:07

Update, 4:05PM ET: A few hours after this story was published, Google reached out to retract the news. The company provided Engadget with the following statement:

"Search Live has not rolled out globally to all users. It remains available in the US and India, with testing currently underway in additional markets. We apologize for the earlier miscommunication."

Given that the company says it is testing in more markets, it seems entirely possible that the global Search Live release will happen sooner than later. But, for now, it’s on hold.

The original, unedited article follows below:

After rolling out Search Live to all US Google app users last September, Google is now bringing the feature to every place where it offers its AI Mode chatbot. Search Live, if you need a reminder, allows you to point your phone's camera at an object or scene and ask questions about what you see in front of you. Google debuted the tool at I/O 2025 before it began rolling it out to users. With today's expansion, Search Live is available in more than 200 countries and territories. 

What's more, Google has updated the feature to run off its Gemini 3.1 Flash model, an upgrade the company says should translate to more natural conversations, in addition to a faster and more reliable experience. The new model is also natively multilingual. You can access Search Live from the Google app on Android and iOS. Tap the "Live" button below the search bar to get started. You can also access Search Live through Google Lens. As in the Google app, look for the "Live" icon, here located near the bottom of the screen, to start chatting.

2026-03-19 02:58:17

NASA and ESA have released new images from the Hubble Space Telescope of a comet breaking up as it exits the solar system, captured as part of study recently published in the journal Icarus. The images are notable not only because they offer a more detailed view of the inside of a comet, which could offer new information about the early days of the universe, but also because they were taken by accident.

Photographing K1, or "Comet C/2025 K1" as it's officially known, wasn't the original intention of the study. "This comet [was] observed because our original comet was not viewable due to some new technical constraints after we won our proposal," John Noonan, a research professor in the Department of Physics at Auburn University in Alabama said. "We had to find a new target — and right when we observed it, it happened to break apart, which is the slimmest of slim chances."

The comet broke up over a period of days into "at least four pieces," each with a "fuzzy envelope of gas and dust" around them, with Hubble specifically capturing the disassembly from November 8 through November 10, 2025. K1 was interesting before it started to crumble because at "around 8 kilometers across" (about 5 miles), it's larger than the average comet, and having footage of it shattering will likely offer new insights into the physics of comets in general. Additionally, the lack of carbon in the gases released by the comet as it broke is apparently "chemically very strange," which suggests the composition of K1 could bear scientific fruit, too.

Hubble has tracked comets of different sizes and compositions for years. Studying them remains a focus because comets are frequently made of ice and rock from the primordial period when solar systems were first forming. The ESA hopes to dramatically expand our understanding of that period with its "Comet Interceptor" mission, which is supposed to launch in 2028 or 2029, and aims to use photos captured from multiple angles to create a 3D model of a comet.