Aaaah! Act now! Hurry! Change ALL your passwords! Your password was stolen by malware on your device so change it now... on your device... that still has malware... Wait a minute. Shouldn't this article at least suggest removing the malware first?
this post was submitted on 19 Jun 2025
141 points (87.3% liked)
Technology
73534 readers
2386 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
I need more information. How is the malware being distributed to these devices? How can we check if our credentials are in this dump? Shouldn't the respective platforms be doing due diligence to notify those effected and asking them to change their passwords?
I feel it may be fairly likely that this inforstealer Malware is the type distributed by dubious apps the play store and similar have had to take down but aren't actively notifying users who installed them. Is it predominantly phones that are effected or is this malware PC based? Changing your passwords is important but sounding the alarm with no actual information is just... Ill advised. It's fear mongering.
“This is not just a leak – it’s a blueprint for mass exploitation,” the researchers said.
Are the researchers chatgpt? Because that looks almost word for word how chatgpt would write something like that, right down to the em-dash.
Man, I love my em-dashes, but now im a bot for using it 😭
Yeah, same. Long-time user of an em-dash—love a cheeky en-dash in my ranges too. But now LLMs are using them all the time, out of context, and with spaces on either side.
Is nothing safe?! Next it'll be semicolons!
Yeah, what’s with the spaces? I’ve been an emdash slut for 20 years, but I’ve never put spaces on either side. I’ve also scarcely seen anyone else do that, until LLMs became popular.
It’s probably your fault, you loved em dashes too much that AI started using them after stealing all your content
I was going to say "I don't use em-dashes in my books for when they sole all those books" but then I went into my first book and found 22 em-dashes so... oops. I thought the word processor changed -- into an en-dash and not an em-dash.
I think you'd probably be ok with using em-dashes (I typically use en-dashes myself but I'm lazy), but don't use cliche phrases like "It's not [x] -- it's [reframed x]"
If it is, their stupid model forgot a "more" in this passage:
Password compromise is no joke; it leads to account compromise and that leads to, well, the compromise of most everything you hold dear in this technological-centric world we live in. It’s why Google is telling billions of users to replace their passwords with much secure passkeys.
(Wow, much secure. Very password.)
This passage reads 100% like AI wrote. Right down to the over used turns of phrase that AI inserts into every output to the prompts you give it
Whenever I read any sort of AI response all I can hear is 'All your bases are belong to me'.
What you say?
What does the article say more than the title?
Nothing, each paragraph is a remash of the previous saying nothing more than the title.
That's AI filling up a white page with words.
Reads more like an advertorial. Low on detail, high on "passkeys are the future", and plenty of typos.
I couldn't find in the article a list of all platforms affected, only this:
billions of login credentials from social media, VPNs, developer portals and user accounts for all the major vendors.
Since I don't use the big three, I'd be really interested to see a list, before I go through every online account I ever created with a throwaway email.
Yeah the closest to listing off affected services was this:
The information contained, the researchers stated, open the door to “pretty much any online service imaginable, from Apple, Facebook, and Google, to GitHub, Telegram, and various government services.”
Which doesn't say very much :s. If you don't use any of these big online services and use a locally managed password manager I'd wager you're fine.
Is this real? The article gives no concrete details.
Need a breakdown first before everyone starts freaking out. This sounds like a UUID leak.
What's the total human population again, 8 billion?
I don't know about you, but I have 2 Apple accounts, 2 Facebook accounts, and like 9 Google accounts. I know I'm above average, but it's not hard to have 1 of each for normal uses.
I have like a dozen Gmail accounts, and I know plenty of others who do too. Before I owned my own domain, I used the different accounts for different things.