Reimbursement was issued for Flex drivers in 2021.Amazon has agreed to pay the District of Columbia $3.95 million to settle a lawsuit alleging that the retail giant had stolen more than $60 million in tips intended for its Flex delivery drivers. DC Attorney General Brian L. Schwalb announced the settlement today, which includes $2.45 million in penalties and requires Amazon to clearly disclose how tips are being used for any purpose besides compensating drivers.The lawsuit was filed in December 2022 in an effort to reprimand Amazon for withholding nearly one-third of drivers tips between 2016 and 2019 after changing its payment model to use the compensation to cover a portion of Flex driver base wages. Amazon didnt notify drivers of this change and assured consumers that drivers would receive 100 percent of their tips, according to a complaint raised by the Federal Trade Commission in 2021.$61.7 million was later reimbursed to drivers by the FTC following a settlement with Amazon, but by filing the 2022 lawsuit, former DC Attorney General Karl Racine sought to hold Amazon to full account for its unlawful actions, and to send a clear message to employers not to divert tips for their own benefit.When companies mislead customers to boost their profits by stealing tips intended for their workers, they are cheating their consumers, their employees, and their competitors who play by the rules, said Schwalb. Its not sufficient, after being caught, to simply give back the ill-gotten gains. Rather, there must be meaningful consequences to deter misconduct from happening in the first place.While Amazon has agreed to the settlement within 30 days, the company denies the DC allegations and maintains that it made truthful, complete, unambiguous, and accurate representations to customers regarding its tipping process for drivers.

Elon Musk and the team at the Department of Government Efficiency figured out one thing really fast: if you control the computers, you control everything. And so Musk and his merry band of engineers have spent the last week or so parading into various US government agencies and taking control of their systems. Theres so much about whats really happening here who has what access, when anyone will try and stop them, whether this small group really will successfully shut down agencies and convince thousands of federal employees to leave their jobs that we dont know. But however it shakes out, the X-ification of the US government is not a good thing.On this episode of The Vergecast, we start by trying to, if not make sense of things, at least try and explain them. Nilay, David, and The Verges Richard Lawler talk about why DOGE is operating the way it is, how it has been able to so quickly assume so much control over the government, and what might come next.Subscribe: Spotify | Apple Podcasts | Overcast | Pocket Casts | MoreAfter that, the hosts pivot to talking about tariffs, which are at least slightly less complicated and confusing. But only slightly! We …Read the full story at The Verge.

Super Smash Bros. creator Masahiro Sakurai has re-posted the Nintendo Switch 2 Direct date and time announcement with a single sound of excitement and fans are freaking out about it teasing a new entry in the beloved brawler series.As reported by Automaton, Sakurai shared the Japanese version of Nintendo's announcement that it will fully unveil the Nintendo Switch 2 on April 2. "Ooh!" he said in the post, and while this could just be his own excitement, fans are hoping it means a new Super Smash Bros. game is coming to the next-generation hardware.While the post doesn't mean too much by itself, there has been a stream of small hints and teases that could signify Sakurai is gearing up for another Super Smash Bros. game reveal. The famed developer began his own YouTube channel in 2022 but wound it down after promising he wasn't done making games, and his final video revealed he'd been working on a new game that could be revealed "sooner or later."Nothing has been announced regarding a new Super Smash Bros. game, however, and Sakurai said previously he doesn't know how the franchise can get any bigger or better than the Switch entry, which even includes characters from beyond Nintendo like Sephiroth from Final Fantasy 7, Sora from Kingdom Hearts, Joker from Persona 5, Steve and Alex from Minecraft, and many more.But it seems likely there will be a new Super Smash Bros. game for Switch 2, given the incredible sales success of Ultimate (35.88 million and counting). And it's worth remembering Nintendo has released a new Super Smash Bros. game for each of its consoles ever since the launch of the original Super Smash Bros. for N64 in 1999.Ryan Dinsdale is an IGN freelance reporter. He'll talk about The Witcher all day.

Former BioWare developers have offered their thoughts on Dragon Age: The Veilguard and recent comments from the CEO of EA about its relative failure.During a financial call, EA boss Andrew Wilson said Dragon Age: The Veilguard failed to "resonate with a broad enough audience."Last week, EA restructured Dragon Age developer BioWare to focus on Mass Effect 5 only, meaning some who worked on The Veilguard were moved to projects at other EA studios, while other staff were laid off.The decision followed EAs announcement that Dragon Age: The Veilguard had underperformed on its expectations for the long-awaited action RPG. EA said Dragon Age "engaged" 1.5 million players during its recent financial quarter, which was down nearly 50% from the company's projections.IGN has chronicled some of Dragon Age: The Veilguards development challenges, including layoffs and the departure of several project leads at different stages. According to Bloomberg reporter Jason Schreier, BioWare staff believe it was a miracle Dragon Age: The Veilguard released a complete game after EA forced live-service into it, then reversed course.Wilson, however, suggested BioWares role-playing games need to have shared-world features and deeper engagement alongside high-quality narratives to reach the success EA demands.In order to break out beyond the core audience, games need to directly connect to the evolving demands of players who increasingly seek shared-world features and deeper engagement alongside high-quality narratives in this beloved category, Wilson said.Dragon Age had a high-quality launch and was well-reviewed by critics and those who played. However, it did not resonate with a broad enough audience in this highly competitive market.Most took Wilsons comments to mean that if Dragon Age: The Veilguard had shared-world features" and deeper engagement, it might have sold more copies. But, as IGN has reported, a development reboot, backed by EA, saw Dragon Age shift from the skeleton of a multiplayer game with repeatable quests, a tech base, and the outline of a story, to a full-blown single-player RPG.Now, former prominent BioWare staff are having their say on social media. David Gaider, who created the setting for Dragon Age and was its narrative lead before leaving BioWare in 2016, said EA isnt learning the right lessons from The Veilguard.There are certainly all sorts of lessons a company could learn from a game like Veilguard (I still haven't played it, so I'm going off what other people have said), but maybe it should have been live service being the takeaway seems a bit short-sighted and self-serving, Gaider, now creative director at Stray Gods: The Roleplaying Musical developer Summerfall Studios, said.Not that there's any shortage of that, when it comes to deciding why a game doesn't do well. For the anti-woke crowd, for instance, there are woke games that do well and woke games that do poorly and only the ones that did poorly did so *because* they were woke. Says more about them than the game.Gaider then said EA should follow the lead of Baldurs Gate 3 developer Larian and double-down on what Dragon Age did best. Baldurs Gate 3 is of course a massive hit, and while it has multiplayer co-op, it is a predominantly single-player RPG experience.My advice to EA (not that they care): you have an IP that a lot of people love. Deeply. At its height, it sold well enough to make you happy, right? Look at what it did best at the point where it sold the most. Follow Larian's lead and double down on that. The audience is still there. And waiting, Gaider continued.Gaider wasnt the only former prominent Dragon Age developer to respond to Wilsons comments. Mike Laidlaw, chief creative officer at Eternal Strands developer Yellow Brick Games and former creative director on Dragon Age, went further and said that hed quit if forced to turn a much-loved single-player game into a purely multiplayer game.Look, I'm not a fancy CEO guy, but if someone said to me the key to this successful single-player IP's success is to make it purely a multiplayer game. No, not a spin off: fundamentally change the DNA of what people loved about the core game to me, I'd probably, like, quit that job or something, he said.Laidlaw continued: Just thinking out loud, of course. Who'd be silly enough to demand something like that?...twice.The upshot of recent events is that Dragon Age now appears dead, and BioWare is fully focused on Mass Effect 5, which is led by series veterans including Mike Gamble, Preston Watamaniuk, Derek Watts, and Parrish Ley.EA CFO Stuart Canfield touched on EAs decision to restructure BioWare to focus on the next Mass Effect, which has reportedly involved cutting the 200-person studio down to less than 100 people.Historically, blockbuster storytelling has been the primary way our industry bought beloved IP to players, Canfield said. The game's financial performance highlights the evolving industry landscape and reinforces the importance of our actions to reallocate resources towards our most significant and highest potential opportunities.Wesley is the UK News Editor for IGN. Find him on Twitter at @wyp100. You can reach Wesley at wesley_yinpoole@ign.com or confidentially at wyp100@proton.me.

On Feb 6, 2025, Gellar posted the following on Instagram to address the news reported earlier in the week that another Buffy revival was nearing a pilot order from Hulu.Gellar recounts being approached by producer Gail Berman (exec producer on Buffy throughout its run, and a powerhouse in US television perhaps unfairly famed among Whedon fans as having been the FOX exec to pull the plug on Firefly) to meet with the director of Best Picture Oscar winner Nomadland (and the less-feted Marvels Eternals) Chlo Zhao to hear her take on a potential Buffy revival. Gellar took the meeting, enjoyed it, agreed to nothing there-and-then but kept the conversation going. Talks continued, Poker Face writer-producers Nora and Lilla Zuckerman were added to their creative team, and, as Gellar puts it in her Insta post, ultimately, one day, we landed on an idea. She continued:I have always listened to the fans and heard your desire to revisit Buffy and her world, but it was not something I could do unless I was sure we would get it right. This has been a long process, and its not over yet. I promise you, we will only make this show if we know we can do it right. And I will tell you that we are on the path there.I feel so lucky to be on this journey with these four unbelievably talented women, all of whom love Buffy as much as I do. And as much as you do. Thank you to all the fans who never stopped asking for this. This will be for you.Immediately underneath Gellars post was an endorsement from actor Emma Caulfield, who played ex-demon Anya in Buffy seasons three to seven, and who called Gellars words Perfect. So, Anyas into it.There are so many questions to ask about a Buffy TV revival. Would the show will ignore the comic books series that continued the story? Which of the original cast would return (Nicholas Brendon, who played Xander Harris on the show, has had a string of arrests and charges for drugs and violent behaviour including domestic violence in recent years)? If actors James Marsters and David Boreanaz were to come back as their non-ageing vampire characters Spike and Angel, would they be digitally de-aged to cover up the 20-odd years that have passed since last we saw them, and if so, would it look weird?

Swiss foodies could soon be served an experimental new delicacy: cultivated burgers.The lab-grown cuisine is the brainchild of Dutch scaleup Mosa Meat. Founded in 2013, the company cultivates beef from cells extracted from cows. The blend is then formed into burgers that are indistinguishable from the mince on supermarket shelves. The lucky cattle, meanwhile, amble back to the farm.Mosa calls the product the worlds kindest burger.Cultivated meat could also slash our carbon footprints, but the concept first needs support from regulators around the world.The of EU techThe latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!Swiss authorities are the latest target for Mosa. The company announced today that its requested a novel food authorisation in Switzerland that focuses on one ingredient: cultivated fat.Going fat-first is a local strategy. Like the EU, Switzerland requires cultivated ingredients to be submitted individually for regulatory approval.Fat is a logical starting point. It plays a critical role in delivering the taste, aroma, and mouthfeel of beef, making it essential to the culinary experience. Once approved, the fat can be mixed with plant-based ingredients into beefy products. Maarten Bosch, Mosas CEO, told TNW that the company plans to sell burgers formed from the blend. The scaleup is also in talks with plant-based food firms about adding cultivated fat to their products.By starting with cultivated fat, we are paving the way to bring our first burgers to market while staying true to our long-term vision, Bosch said.The cultivated meat marketThe Swiss submission marks the latest milestone in Mosas journey to commercialise cultivated meat.In 2013, the companys chief scientific officer, Mark Post, created the worlds first cultivated burger. Costing a whopping 250,000 to make, the patty was also the worlds most expensive burger. Google co-founder Sergey Brin paid the bill.Three years later, Mosa Meat was founded. Since then, the company has pioneered a cultivation technique that removes the controversial fetal bovine serum, earned the industrys first B Corp certificate, and raised over 130mn from investors including Leonardo DiCaprio.Mosa is now focusing on routes to market.Last year, the company hosted the first public tasting of cultivated beef in the EU. In January, Mosa submitted the unions second-ever application to sell cultivated meat. The first was for a lab-grown foie gras made in(where else?) France.Across Europe, however, no cultivated meat for human consumption has been approved for sale yet. Globally, the only countries to have given the green light are Singapore, the US, and Isreal.Singapore became the first in 2020. Unlike Switzerland and the EU, the country assesses full cultivated meat products for approval.Mosas new application, by contrast, focuses on just the fat. The company expects the approval process to last around 18 months. Story by Thomas Macaulay Managing editor Thomas is the managing editor of TNW. He leads our coverage of European tech and oversees our talented team of writers. Away from work, he e (show all) Thomas is the managing editor of TNW. He leads our coverage of European tech and oversees our talented team of writers. Away from work, he enjoys playing chess (badly) and the guitar (even worse). Get the TNW newsletterGet the most important tech news in your inbox each week.Also tagged with

Multiple security flaws have been found in the DeepSeek iOS app, which is still one of the most popular downloads in the App Store after topping the charts when it first launched.The latest findings are far worse than the previous security failure which exposed chat history and other sensitive information in a database requiring no authentication While wed mentioned it before it made headlines, for most people DeepSeek came out of nowhere and overnight became the most downloaded iPhone app.AI researchers were shocked at the capabilities of an app which had dramatically lower hardware requirements than chatbots of similar power, and the news sent the share price of a number of US AI companies tumbling.It wasnt long, however, before security and privacy concerns were raised. Italys privacy watchdog questioned whether the app was compliant with European privacy law, with Ireland asking similar questions. US officials are also investigating potential national security implications.It was then discovered that the company inadvertently failed to secure a database containing more than a million lines of log entries, including chat history and secret keys.Multiple security flaws found in DeepSeek iOS appMobile security company NowSecure has found multiple security flaws in the iPhone app including a failure to use Apples built-in App Transport Security (ATS) system. ATS is designed to ensure that sensitive personal data is only sent over encrypted channels, but NowSecure found that DeepSeek had switched this off.The DeepSeek iOS app globally disables App Transport Security (ATS) which is an iOS platform level protection that prevents sensitive data from being sent over unencrypted channels. Since this protection is disabled, the app can (and does) send unencrypted data over the internet.The company says that while the data exposed might seem innocuous, it can easily be combined to de-anonymize users.While none of this data taken separately is highly risky, the aggregation of many data points over time quickly leads to easily identifying individuals. The recent data breach of Gravy Analytics demonstrates this data is actively being collected at scale and can effectively de-anonymize millions of individuals.Where data is encrypted, the company is using an outdated encryption method which is known to be flawed.The encryption algorithm chosen for this part of the application leverages a known broken encryption algorithm (3DES) which makes it a poor choice to protect the confidentiality of data.Additionally, data collected by the app could be used to identity potential espionage targets.[A sample user] is operating on the latest iPad, leveraging a cellular data connection that is registered to FirstNet (American public safety broadband network operator) and ostensibly the user would be considered a high value target for espionage.Bear in mind that not only are 10s of data points collected in the DeepSeek iOS app but related data is collected from millions of apps and can be easily purchased, combined and then correlated to quickly de-anonymize users.The lengthy analysis concludes that the DeepSeek iOS app is not safe to use, and notes that the Android version is even less secure.9to5Macs TakeWhile the DeepSeek app is technically impressive, and its been interesting to test its capabilities, wed caution against anyone using it for real-life tasks that involve any disclosure of personal data. You should assume that DeepSeek can identify you and see the content of your interactions.Were still at a relatively early stage of security researchers examining the app, so its probable that additional security and privacy issues will be revealed. Personally, Ive now removed it from my iPhone and would advise others to do the same.Image: 9to5MacAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Its being reported that the British government secretly ordered Apple to create a security backdoor into all content uploaded by iCloud users anywhere in the world. Apple is certain to refuse the demand, leading to the possibility of a similar privacy stand-off to the one seen between the iPhone maker and the FBI back in the San Bernardino shooter case British government demands iCloud backdoorThe Washington Post reports that the order was sent to Apple last month.Security officials in the United Kingdom have demanded that Apple create a back door allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud, people familiar with the matter told The Washington Post.The British governments undisclosed order, issued last month, requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account, and has no known precedent in major democracies.Given Apples strong privacy stance, there seems absolutely no prospect of the company agreeing to the demand, raising the prospect of a court battle similar to that seen in the 2016 case with the FBI.In that case, the US government demanded that Apple create an iOS backdoor to help the FBI break into an iPhone belonging to a suspected shooter. Apple refused, and the case went to court. The drama eventually ended when the law enforcement agency managed to gain access via a third-party company without Apple assistance.9to5Macs TakeThe British governments demand is as technically clueless as it is outrageous.First, much of the data is protected by end-to-end encryption (E2EE). This means that Apple does not hold a copy of the key, and would be unable to decrypt it. You can ensure your iCloud data uses E2EE by switching on Advanced Data Protection.Second, even for the data Apple could supply, there are already legal mechanisms in place for law enforcement agencies to request it. They simply need to go to a judge to apply for a court order. The judge will weigh the interests of justice against those of privacy and make an individual determination based on the specific circumstances in that case. Where a judge agrees to issue a court order, Apple complies with these to the extent that it is able to do so.There is absolutely no justification whatsoever for any government to have uncontrolled access to the personal data of every iCloud user on the planet.We know that Apple will refuse, not only because it did so in the San Bernardino and Pensacola cases, but because weve been down this road before in the UK.Back in 2023, the British government demanded access to iMessages and FaceTime calls, both of which are end-to-end encrypted. Apple would have had no way to comply without removing E2EE, and it refused to do so, saying it would withdraw the services from the UK rather than comply.In the end, the government backed down, issuing an unconvincing statement about postponing the measure. Both past and present UK governments have voted in favor of repressive legislation granting widespread powers to spy not just on their own citizens but on tech users worldwide.Photo byDima PechurinonUnsplashAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Feb 07, 2025The Hacker NewsVulnerability / MalwareThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild.The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution."This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server," CISA said in an advisory dated February 6, 2025.The flaw affects the following versions -Cityworks (All versions prior to 15.8.9)Cityworks with office companion (All versions prior to 23.10)While Trimble has released patches to address the security defect as of January 29, 2025, CISA has warned that it is being weaponized in real-world attacks.The Colorado-headquartered company also noted that it has received reports of "unauthorized attempts to gain access to specific customers' Cityworks deployments."Indicators of compromise (IoCs) released by Trimble show that the vulnerability is being exploited to drop a Rust-based loader that launches Cobalt Strike and a Go-based remote access tool named VShell, among other unidentified payloads.It's currently not known who is behind the attacks, and what the end goal of the campaign is. Users running affected versions of the software are advised to update their instances to the latest version for optimal protection.Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Feb 07, 2025Ravie LakshmananFinancial Security / Regulatory ComplianceIndia's central bank, the Reserve Bank of India (RBI), said it's introducing an exclusive "bank.in" internet domain for banks in the country to combat digital financial fraud."This initiative aims to reduce cyber security threats and malicious activities like phishing; and, streamline secure financial services, thereby enhancing trust in digital banking and payment services," the RBI said in a statement issued today.To that end, the Institute for Development and Research in Banking Technology (IDRBT) will act as the exclusive registrar. Registrations for the domains are expected to start from April 2025.The RBI also said it plans to roll out a separate exclusive domain "fin.in" for other non-bank entities in the financial sector.As part of broader efforts to enhance trust in online payments, the RBI said it's also debuting what's called Additional Factor of Authentication (AFA) for cross-border card-not-present (CNP) online transactions.AFA, also called multi-factor authentication (MFA), refers to the process of using more than one factor to authenticate users, and, in this case, complete digital transactions undertaken via cards, prepaid instruments and mobile banking channels."This will provide an additional layer of security in cases where the overseas merchant is enabled for AFA," the RBI said.However, it's worth noting that the RBI has not mandated a specific factor for AFA. The digital payments ecosystem in India largely embraced SMS-based one-time passwords (OTPs) as AFA.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE