Apple is making a big change to Family Sharing with iOS 26.4: Once the update hits, you’ll be able to use your own payment method in Family Sharing groups that have Purchase Sharing turned on. This might sound small, but it’s a significant change to how Apple handles payments in these situations.

Payment Sharing no longer exclusively goes through the family organizer

Payment Sharing can be a convenient way for Family Sharing groups to take advantage of shared plans and content. That could include subscriptions, like Apple One, Apple Music, Apple TV, or Apple News+; purchased music from iTunes; movies and TV shows from the Apple TV app; books from Apple Books; or apps bought on the App Store. It means anyone within the family can access these items, but it also traditionally came with a limitation: With Purchase Sharing turned on, you couldn’t buy your own shared things. All purchases went through the payment method set up by the organizer of the family group, unless you happened to have an account balance from a gift card or allowance.

This makes a lot of sense when the family members are children, but not as much when those family members are adults. Not all Family Sharing groups are necessarily “families,” either: Friends can pool their accounts together to take advantage of shared services like iCloud plans. When all shared purchases go through one person’s credit card, it’s a bit of a pain.

That’s what iOS 26.4 is changing. Once you update, you can choose to put new shared purchases on your own card—assuming you are an adult. (Minors still need to go through the family organizer’s payment method.) If you want to sign the group up for Apple Fitness+, you can pay for it; if you want to buy a movie on the Apple TV app that others can watch too, that can come from your card. It’s a long overdue update to the system that will make Family Sharing groups a bit easier to use for adults.

What else is new with iOS 26.4

Apple has a number of new features and changes coming with iOS 26.4. In addition to this Family Sharing update, Apple Music gets a visual overhaul, plus you can now generate playlists with AI. There are eight new emojis rolling out here, following the Unicode 17 standard, plus Apple finally fixed iOS 26’s buggy keyboard.

While iOS 26.4 is still technically in beta testing, Apple rolled out the Release Candidate this week. Barring any major bugs, this is the version of iOS 26.4 that will launch to the public, and we’ll likely see it sometime next week.

For the second time in the past month, an AI agent went rogue at Meta — this time giving an engineer incorrect advice that briefly exposed sensitive data. The Verge reports: A Meta engineer was using an internal AI agent, which Clayton described as “similar in nature to OpenClaw within a secure development environment,” to analyze a technical question another employee posted on an internal company forum. But the agent also independently publicly replied to the question after analyzing it, without getting approval first. The reply was only meant to be shown to the employee who requested it, not posted publicly. An employee then acted on the AI’s advice, which “provided inaccurate information” that led to a “SEV1” level security incident, the second-highest severity rating Meta uses. The incident temporarily allowed employees to access sensitive data they were not authorized to view, but the issue has since been resolved.

According to Clayton, the AI agent involved didn’t take any technical action itself, beyond posting inaccurate technical advice, something a human could have also done. A human, however, might have done further testing and made a more complete judgment call before sharing the information — and it’s not clear whether the employee who originally prompted the answer planned to post it publicly. “The employee interacting with the system was fully aware that they were communicating with an automated bot. This was indicated by a disclaimer noted in the footer and by the employee’s own reply on that thread,” Clayton commented to The Verge. “The agent took no action aside from providing a response to a question. Had the engineer that acted on that known better, or did other checks, this would have been avoided.”

Read more of this story at Slashdot.

DoorDash has launched a new option for its gig economy workers to earn some extra cash. The delivery service introduced Tasks, which it describes as “short activities Dashers can complete between deliveries or in their own time.” It gives taking pictures of restaurant dishes or recording video of unscripted conversations in languages other than English as examples. These materials will be used to train artificial intelligence and robotics models. 

A representative from DoorDash told Bloomberg News that it will use Tasks content for evaluating its in-house AI models as well as those made by its partner companies in retail, insurance, hospitality and tech. DoorDash is piloting a standalone app for Tasks where Dashers will submit their content. The blog post notes that pay will be displayed upfront, and compensation will vary based on the complexity of the activity.

This idea isn’t new. We’ve seen other startups in AI and robotics offering payment for content filmed by regular people. Considering how many lawsuits are underway against AI companies that have already benefited from unauthorized use of copyrighted materials, at least this approach lets people be directly compensated for training content.

This article originally appeared on Engadget at https://www.engadget.com/ai/doordash-will-start-paying-gig-workers-for-creating-content-to-train-ai-models-204048743.html?src=rss

Google is testing a version of its Gemini app for macOS, Bloomberg reports. The app would bring the AI assistant to uncharted territory, and in more direct competition with OpenAI’s ChatGPT and Anthropic’s Claude, both of which offer standalone Mac apps.

Gemini remains accessible through the web, and it sounds like the macOS app offers the same set of features, with the ability to respond to prompts, search the web and generate text, images and code. The major differentiator of the Mac app could be a feature called “Desktop Intelligence,” which gives Gemini a new source of information and context for its responses. According to a message in the app’s code viewed by Bloomberg, “when you enable apps for Desktop Intelligence you are enabling Gemini to see what you see (such as screen context) and pull content directly from these apps to improve and personalize your experience only when Gemini is in use.”

The ability to refer to information in apps and what’s currently on your screen is offered by both the Claude and ChatGPT macOS apps, and something Gemini is capable of on mobile devices. It’s not clear if Gemini for macOS will be able to actually take action in the apps it can view — like, for example, Anthropic’s popular Claude Cowork feature — but Google has already started offering that experience in a limited form on smartphones, so who’s to say that couldn’t come to desktop operating systems, too.

Bloomberg reports that the Gemini app is being tested with non-Google employees, which could be a sign it’s making its way to a public release. Thanks to Apple and Google’s AI partnership, whether the app sees the light of day or not, some of the technology that makes Gemini possible will run on macOS in the future. Google and Apple announced in January that Google’s Gemini models would power future versions of Apple Intelligence. Apple is also reportedly overhauling Siri into more of a chatbot, an experience likely made possible by Gemini.

This article originally appeared on Engadget at https://www.engadget.com/ai/google-is-reportedly-testing-a-gemini-app-for-mac-203703372.html?src=rss

We may earn a commission from links on this page. Deal pricing and availability subject to change after time of publication.

As useful as robot vacuums and mops are, they can sometimes be clunky eyesores. If you’re looking for a hybrid cleaner that actually prioritizes design, you’ll want to check out the well-reviewed Roborock Saros 10R robot vacuum and mop. It’s one of the slimmest models on the market, getting into areas that bulkier vacuums can’t, and, just as importantly, the base it comes with is sleek and compact for all the functions it packs in, so it won’t look out of place in your home. Right now, the Roborock Saros 10R is $500 off, bringing it down to $1,099 (originally $1,599).

Roborock Saros 10R Robot Vacuum and Mop

$1,599.00
at Amazon

$1,599.00
at Amazon

The Roborock Saros 10R combines performance, automation, and aesthetics, making it one of the best robot vacuum and mop combos available. At just 3.14 inches tall, it can easily glide under low-profile furniture where dust collects (and areas that taller robot vacuums often miss) and it climbs thresholds over 1.5 inches. It checks all our boxes, with strong 22,000Pa suction, AI navigation, a built-in voice assistant, and obstacle-avoidance tech via Roborock’s StarSight Autonomous System. A built-in front-facing camera helps with navigation and lets you monitor your home from the dock. The anti-tangle dual-brush system collects hair and fur, while an extending side brush and rotating mop pad get around tight spots and clean along baseboards. 

Despite having a fully automated charging station that charges the robot in around 2.5 hours and handles self-emptying, hot-water mop washing, and drying, it has an understated look with a black mirror finish that blends into most spaces. That said, the glossy surface can also make fingerprints more visible, especially if you’re refilling the water tank often. And while it does have impressive suction when set to the highest level, the trade-off is more noise and faster battery drain—while it’s advertised as lasting 180 minutes, that time drops to 120 minutes when set to Max+ mode. Pet owners should also note that it may struggle with heavier fur and require multiple passes.

Ultimately, if you’re looking for an attractive, low-profile robot vacuum and mop that performs well on mixed floors with minimal hands-on assistance needed on your part, the Roborock Saros 10R robot vacuum and mop is the total package in most areas. At $500 off, it’s one of the most highly rated cleaning assistants on the market—especially if design and space-savings matter to you just as much as cleaning performance.

iPhone hacking techniques have sometimes been described almost like rare and elusive animals: Hackers have used them so stealthily and carefully against such a small number of hand-picked targets that they’re only rarely seen in the wild. Now a recent spate of espionage and cybercriminal campaigns has instead deployed those same phone-takeover tools, embedded in infected websites, to indiscriminately hack phones by the thousands. And one new technique in particular—capable of taking over any of hundreds of millions of iOS devices—has appeared on the web in an easily reusable form, putting a significant fraction of the world’s iPhone users at risk.

Researchers at Google and cybersecurity firms iVerify and Lookout on Wednesday jointly revealed the discovery of a sophisticated iPhone hacking technique known as DarkSword that they’ve seen in use on infected websites, capable of instantly and silently hacking iOS devices that visit those sites. While the technique doesn’t affect the latest updated versions of iOS, it does work against iOS devices running versions of Apple’s previous operating system release, iOS 18, which as of last month still accounted for close to a quarter of iPhones, according to Apple’s own count.

“A vast number of iOS users could have all of their personal data stolen simply for visiting a popular website,” says Rocky Cole, iVerify’s cofounder and CEO. “Hundreds of millions of people who are still using older Apple devices or older operating system versions remain vulnerable.”

Read full article

Comments

Meta has pulled a 180 on its flagship metaverse app. On Tuesday, the company announced the date it planned to shut down virtual hangspace Horizon Worlds. Then late yesterday, the company announced it will actually keep Worlds open to VR users “for the foreseeable future.” In an Instagram story, Meta’s CTO Andrew Bosworth said, “We decided, just today in fact, that we will keep Horizon Worlds working in VR for existing games, to support the fans who have reached out.”

According to Bosworth, Meta won’t be working on any new VR games within Worlds, but the current content will still be around for VR users. “People who already have games they like, that they’re using in Horizon Worlds, will be able to download the Horizon Worlds app and use it in VR for the foreseeable future,” Bosworth said.

While Worlds will remain open to VR users, Meta is focusing on mobile users. Any new Meta-made content will be geared toward users on their phones. “Most of our energy is going toward mobile,” Bosworth said, “because that’s where most of the consumer and creator energy already was.”

Meta initially revealed its plan to shut down Horizon Worlds to VR in February, then announced concrete plans to pull the plug on Tuesday.

A shaky future for the metaverse

Putting its flagship metaverse app in maintenance mode for VR users is a huge turnaround for a company that rebranded itself as “Meta.” CEO Mark Zuckerberg unveiled both the name change and Horizon Worlds itself at his company’s Connect event in 2021, touting the metaverse as “a successor to the mobile internet” that would eventually host over a billion people. That’s not how things have worked out: Meta’s Reality Labs division, of which Horizon Worlds is a part, has burned through an estimated $83.55 billion since 2021, and Meta has since slashed jobs at the division, cutting loose departments devoted to first-party VR game and fitness content.

At its peak, Horizon Worlds reportedly had only 200,000 monthly users. For comparison, Roblox has 381 million monthly users. But it’s nice that Meta is at least keeping the lights on for that relatively small number of fans. There might not be as many as Meta would like, but there are definitely passionate members of the Worlds community, who will now still be able to gather in their VR spaces.

Headsets are out; smart glasses are in

Even though Meta has recently reiterated its commitment to supporting third-party VR developers and promised “a robust roadmap of future VR headsets,” the company is clearly focusing on AI and smart glasses moving forward. Its scaling back of Worlds and other first-party Meta VR content reveals where the market is: Unlike the Quest line of headsets, Meta’s AI-powered smart glasses have proven an unqualified success for the company, which reportedly plans to manufacture 20 million pairs of smart glasses in 2026. “Face computers” that interact with and augment the world we actually live in are more popular than headsets that transport us to other worlds.

Longtime Slashdot reader UnknowingFool writes: Rapper Afroman, born Joseph Edgar Foreman, famous for his 2000 hit “Because I Got High”, has won a defamation lawsuit that seven Ohio police offers filed against him. A jury found he did not defame the officers in music videos he made about a 2022 police raid of his home. In August 2022, Adams County Sheriff’s Department raided Afroman’s home on suspicion of drug trafficking and kidnapping. Neither drugs nor kidnapping victims were found, and charges were never filed. However, local officials would not pay for damages occurred during the raid including a broken front door and a video surveillance camera. Afroman used his home security footage of the raid to create music rap videos criticizing the police over the incident; “Will You Help Me Repair My Door?”, “Why You Disconnecting My Video Camera?”, and “Lemon Pound Cake”. He posted the videos on YouTube.
In March 2023, seven officers filed a lawsuit against Afroman for invasion of privacy and the unauthorized use of their images from the security footage in addition to defamation claims. The officers requested an injunction for Afroman to stop speaking about them or using their photos. The officers also wanted all proceeds from the videos, song sales, performances, and merchandise claiming they had suffered “emotional distress” due to the videos. Afroman’s defense included Freedom of Speech rights to criticize public officials. The ACLU filed an amicus brief supporting the rapper, arguing that the lawsuit was a SLAPP suit only meant to silence criticism. In October 2023, the court agreed and dismissed the invasion of privacy, “right of publicity”, and “unauthorized use of individual’s persona” claims but allowed the defamation case to proceed.
Defamation claims by the officers included the allegation Afroman repeatedly had sex with the wife of Randolph L. Walters, Jr. When Afroman’s lawyer asked Walters “But we all know that’s not true, right?”, the officer replied he did not know. Defamation from emotional damages requires that harm arise from a false statement; however, if a statement is so outrageous that no one would believe it to be true, then reputational damage cannot be a result.

Read more of this story at Slashdot.

Three years after saying it had stopped buying location data of Americans without a warrant, the FBI acknowledged it has restarted the purchases. During questioning at a Senate Select Committee on Intelligence hearing yesterday, FBI Director Kash Patel said the location data purchases have produced valuable information, and he did not commit to stopping the practice.

In March 2023, then-FBI Director Christopher Wray confirmed that the agency had previously bought location data of US citizens without obtaining a warrant. “To my knowledge, we do not currently purchase commercial database information that includes location data derived from Internet advertising,” Wray, who led the agency during Trump’s first term and during the Biden era, said at the time. “I understand that we previously—as in the past—purchased some such information for a specific national security pilot project. But that’s not been active for some time.”

At yesterday’s hearing, Sen. Ron Wyden (D-Ore.) recounted Wray’s 2023 statement and asked Patel, “Is that the case still and, if so, can you commit this morning to not buying Americans’ location data?”

Read full article

Comments

If a battle is fought in space, it will look nothing like those depicted in the Star Wars franchise, with sleek TIE fighters blasting enemy ships with laser cannons and mag-pulses. Instead, these battles will be cerebral and unhurried, somewhat like the 1973 film The Day of the Jackal, a slow-burning political thriller with a plot that somehow mixes tension with clinical precision.

In that film, an assassin sets out to murder the French president. The main character’s moves are meticulously planned, with backup plans for backup plans. A police commissioner, just as clever, must pursue the assassin and stop the conspiracy. The events play out over weeks and months, not seconds and minutes.

True Anomaly, which emerged from stealth just three years ago, is planning for The Day of the Jackal in space. The startup’s primary hardware product, aptly named Jackal, is a war-ready satellite platform designed for mass production. In nature, jackals are known for their intelligence, adaptability, and hunting prowess. True Anomaly’s Jackal boasts similar traits in space.

Read full article

Comments

We may earn a commission from links on this page.

Ever since I came home from a trip to Japan in 2019, I’ve been using a bidet. Japan takes its hygiene and bidet game seriously. Their bidets were incredible, with features and technology I’ve never imagined people were using on their toilets. But I decided to start simple, with a basic $56 bidet that got the job done. But as winter arrived, the water and toilet seats in our non-insulated bathroom became intolerable, so we decided it was time to upgrade. The Coway Bidetmega 500S has impressed my wife and me so much that we sometimes hold our necessities until we get home just to use our shiny new bidet.

Elongated size.

Coway Bidetmega 500S

$460.49
at Amazon

$512.02
Save $51.53

$460.49
at Amazon

$512.02
Save $51.53

Round size.

Coway Bidetmega 500S

$429.00
at Amazon

$699.00
Save $270.00

$429.00
at Amazon

$699.00
Save $270.00

The Coway 500S comes in the elongated and smaller round sizes, both of which are easy to install. But I urge anyone spending over $400 on a luxury bidet to first upgrade to an elongated toilet, which you can find for $100 at Home Depot. The installation is not hard— did it myself by watching YouTube videos, but you can always get a plumber to do it for you for around $150. The experience on an elongated toilet makes a big difference. The toilet seat on bidets are already smaller than regular seats, so a smaller round one makes things rather cramped (I tried the round version first and did not enjoy it). One important thing to keep in mind is that you’ll need a grounded outlet close to the toilet to plug the bidet tino.

Credit: Daniel Oropeza

As I mentioned earlier, my bathroom is not insulated, so mornings are freezing cold. That has made us appreciate the seat and water heating features a lot. There are three levels you can use to adjust the temperature levels with the remote: green, orange, and red, with each getting gradually warmer. There’s also a neat user profile on the remote that saves the settings under that user, that way my wife and I don’t have to keep fighting over the settings.

Credit: Daniel Oropeza

As much as I enjoy the heating features, there’s another aspect that makes this bidet worth every penny: the self-cleaning nozzle. With my old bidets, the self-cleanings were not great, meaning every once in a while, I would have to put some elbow grease on the bidet to get it decent again (I hated it). The Coway 500S does the self-cleaning automatically and leaves it looking brand new with three methods: a UV light, a nozzle cleaning spray, and a water shield that catches particles from moving up and out of the bowl. So far, I’ve been very impressed with this feature.

There are other features, too, including an air dryer (I personally don’t find this especially effective), a touch button on the remote to open the lid (works about 80% of the time), a night light, and a deodorizer. If you’re a bidet lover, the Coway 500S is an amazing bidet that transports me back to Japan. It has elevated my quality of life and, to me, was worth every penny.

If you have an iPhone, listen up: There’s a new security risk that hackers have been actively exploiting since at least November. While you’re not likely to be the target of such an attack, your iPhone is nevertheless vulnerable, unless you take the following (albeit simple) action: update your iPhone.

What is DarkSword?

Google Threat Intelligence Group (GTIG) identified the new “full-chain exploit,” in partnership with security firms Lookout and iVerify. The exploit, called “DarkSword,” takes advantage of six zero-day vulnerabilities to compromise iPhones. GTIG says, as of November, it observed “multiple commercial surveillance vendors and suspected state-sponsored actors” using DarkSword in malware campaigns. As of now, those targets have been in Saudi Arabia, Turkey, Malaysia, and Ukraine.

DarkSword can attack iPhones running iOS 18.4 through iOS 18.7, according to GTIG (though iVerify and Lookout say the exploit they tested ends at iOS 18.6.2). The chain uses three malware families (GHOSTBLADE, GHOSTKNIFE, and GHOSTSABER), and is similar to a previously-discovered malware kit named Coruna. As it happens, Apple recently issued patches for Coruna exploits for older iPhones.

DarkSword is designed to quickly and stealthily scrape credentials and personal information off your device, including passwords, keys, documents, emails, crypto wallets, usernames, photos, among other data points. This is done in seconds or minutes, so it doesn’t take long for DarkSword to work. An attack works like this: You’re browsing a website in Safari embedded with a malicious iframe. Once Safari encounters it, DarkSword can breakout of the WebContent sandbox, which typically prevents unauthorized services from running in areas of iOS they’re not supposed to. As such, it quickly gives itself permission to access privileged processes, and gains access to sensitive parts of iOS.

This is concerning, since the malware only requires the user to visit a malicious website to work. You don’t need to be tricked into downloading a malicious file; just clicking the wrong link seals the deal. That’s how GTIG initially discovered DarkSword: Hackers targeted users in Saudi Arabia with a fake Snapchat website called “Snapshare,” which brought the user to a legitimate Snapchat site while silently stealing their information in the background. In another example, a group suspected of working with the Russian government targeted users in Ukraine with malicious versions of official Ukrainian government and news sites.

How to protect yourself from DarkSword

Luckily, GTIG reported DarkSword to Apple back in late 2025, and since then, Apple has fully patched the exploits involved. The company didn’t issue the patches all at once, however; rather, Apple ran individual patches through various updates, releasing the final fixes with iOS 26.3 and iOS 18.7.3. As such, you need to be running at least those versions of either iOS 26 or iOS 18 in order to protect yourself from this malware kit.

Updating your iPhone isn’t hard, and it makes it easier that Apple doesn’t require you to update to the most recent version (i.e. iOS 26) in order to patch your device. However, there are many iPhones in this world, and getting everyone to update to the proper version isn’t easy. According to Apple, 66% of iPhones in the world run iOS 26, while 24% still run iOS 18. While we can’t know for sure which of those iPhones are running iOS 26.3 or iOS 18.7.3 or newer, it’s safe to say many are running outdated versions of each. There could be millions of iPhones at risk.

That risk, in my view, is quite low: Based on the current reports, these threat actors are targeting users in limited areas, and are being run by sophisticated networks, including those funded by governments. If you don’t have reason to be in the crosshairs of a government agency, especially one that would target users in Saudi Arabia, Turkey, Malaysia, and Ukraine, you’re not likely to be a victim of DarkSword.

Still, why take the risk, however small? If DarkSword continues to spread, perhaps its affects will as well. When the solution is as simple as updating your iPhone, what’s the harm?

Google has detailed how users will be able to sideload apps from unverified developers once it implements its more restrictive policy towards downloading software on Android. The company originally planned to require all developers to be “verified” to distribute on Android, but softened its stance in November 2025 to allow carveouts for Android power-users and hobbyist developers.

For the average Android users, the ability to sideload apps will now be locked behind a multi-step one-time process. Users will first have to enable developer mode in settings, confirm they’re not being coached into disabling security, restart their phone (to cut off any phone calls), then wait a day and confirm their identity with biometric authentication or a pin before installing any apps. Google says you can enable the ability to install apps from unverified developers for seven days or indefinitely, but regardless of what you’ll choose, you’ll still have to dismiss a warning telling you the app you’re installing is from an unverified developer.

For hobbyist developers or students who want people to try their app but don’t want to create a verified developer account, Google also plans to offer free “limited distributions accounts” that let you share apps without being verified. These accounts will let you share apps with up to 20 devices without having “to provide a government-issued ID or pay a registration fee.”

Google is implementing its new verification process in the name of security, and has likened the requirements being asked of developers to “an ID check at the airport, which confirms a traveler’s identity but is separate from the security screening of their bags.” Neither the verification nor this new approach to sideloading entirely closes off getting apps from unverified developers onto your Android device, they just make it harder to download something dangerous directly from the internet onto your phone.

Google appears to be trying to split the difference on Android, tightening up what apps can be distributed via verification, while cutting its own Play Store fees and changing its stance towards third-party app stores. Requiring verification to distribute software extends Google’s influence outside of its own apps and app store, which is why some developers and digital rights organizations have publicly pushed back on the company’s plan. 

Developers can sign-up for early access to the developer verification process now. Google says its new workflow for enabling sideloading and small distributions of apps will go live in August.

This article originally appeared on Engadget at https://www.engadget.com/apps/android-will-hide-app-sideloading-behind-a-new-one-time-security-process-184651171.html?src=rss