🔐 My pick for home security: Most security systems respond only after a break-in has started, and that’s too late. SimpliSafe is different. It’s proactive, not reactive. Get 50% off your new security system today!
Saving passwords in your browser? Stop that.
ChatGPT
“Hi, Kim, I save all my passwords in my browser. So why do I need a password manager? Thanks for your newsletter. I can tell it’s a lot of work. The quality every single day is incredible.” — Robby in South Carolina
Thanks for your question and kind words, Robby. Now, l get this question a lot. Let me break it down.
Plenty of people still rely on their browser’s built-in memory for passwords. Chrome, Safari, Edge, they all pop up with that little offer: “Want me to remember this for you?” Which sounds sweet … until you realize it’s like giving your house key to a raccoon.
⚠️ The risks
Those saved passwords are stored in plain text behind your account login, not wrapped in the same heavy-duty encrypted professional password vault.
If someone cracks into your computer, steals your phone or sneaks into your Google account, congratulations! They inherited the keys to your entire digital kingdom.
Apple’s iCloud Keychain and Google Password Manager work fine if you stay in one ecosystem forever, but life isn’t that neat. Maybe you’re an iPhone person with a PC. Or use an Android tablet alongside your Mac. Suddenly those passwords don’t follow you everywhere you need them.
🧩 The difference
A true password manager generates long, unique passwords for every site you use and syncs them seamlessly across all your devices.
Open your phone, laptop, tablet, and your logins are securely filled in with a click. Many managers monitor the dark web for breaches and send you an alert the moment one of your accounts shows up in a leak. That’s something no browser is going to do for you.
🫡 The hidden bonuses
Good password managers also give you great tools for the long haul. Need to share Netflix with your family without typing your password into a group text? Done. Want to make sure your spouse or kids can access critical accounts if something happens to you? The best managers include emergency access. You can’t do that with passwords saved in a browser.
The airlines sold you out
ChatGPT
Let’s talk about something no one thinks about when booking a flight: where your travel info really goes.
An investigative bombshell from 404 Media just uncovered that the Airlines Reporting Corporation (ARC), a company owned by the biggest U.S. airlines, has been giving federal agencies access to passenger records.
Identity thieves are coming for your insurance
Midjourney
I was shocked by this stat the other day. The National Insurance Crime Bureau says identity theft–driven insurance fraud is projected to spike 49% by the end of 2025.
Really, insurance fraud?
⚠️ Keep your email private: Big email providers like Gmail and Yahoo track what you do. I use StartMail because it keeps my inbox secure, stops spam and keeps my personal info private. Try it free for 7 days, and when you sign up, you’ll get my 60% off deal for the first year! It’s a terrific service.
⚡ Hands off my wallet: The BBB says crooks are pulling a new move called “ghost tapping” (paywall link). They carry a legit-looking wireless card reader, like the ones you see at coffee shops, and only need to get a few feet from your tap-to-pay card or phone. Bump into you at a concert? Stand too close in a line? Boom, tiny “test” charge hits your account. The scam works best on debit cards since the money comes out instantly. Easiest defenses: Toss your cards in an RFID-blocking sleeve (they’re cheap), turn on instant bank alerts and always check the terminal screen before tapping your phone, debit or credit card. If something feels sketchy, swipe or insert instead. It’s pickpocketing, just upgraded for 2025. These scams are getting nuts.
We may earn a commission from purchases, but our recommendations are always objective.
🔥 Delete these apps now: Hackers snuck 224 fake apps into Google Play, downloaded over 38 million times. Yes, you read that right. Disguised with names like CreateCreatives, Foocus, ChatGLM and ClapTrack (ahem, clap to find your phone?), they looked harmless but installed shady ads. Then came the real damage: The apps hijacked devices, silently launching invisible web browsers that ran 24/7, draining battery life, eating up data, slowing down performance and overheating phones, all to generate 2.3 billion fake ad views per day. Ad networks paid out as if real users were watching, while your phone was working overtime behind your back. Check your device for any apps listed here.
📅 Invite from hell: One poisoned Google Calendar invite can trick ChatGPT into leaking Gmail if connectors are on. Apple folks recently got hit, too, with fake iCloud invites pushing PayPal scams. Different tech, same headache. Fix your calendar settings so only invites from people you actually know land on your schedule. In Google Calendar, go to Settings > Event settings > Add invitations to my calendar, and switch it to Only if the sender is known.
💻 Microsoft doomsday alert: Mark your calendars, November 2025 is when Windows 11 23H2 (Home & Pro) officially stops getting updates. Translation: Your laptop becomes an all-you-can-eat buffet for malware. Enterprise folks get an extra year, but for everyone else, upgrade to 24H2 or roll the dice. Some PCs can’t upgrade because of … audio drivers and wallpaper software. Yes, wallpapers. Unbelievable.
🙂 Don’t worry, be happy: Or just move to Hawaii, Maryland or Nebraska. Those are apparently the three happiest states, where the biggest stress is whether your corn’s tall enough, your crab’s spicy enough or your mai tai’s strong enough. WalletHub crunched 30 metrics (depression, income, job security) and crowned the trio champs of health, wealth and vibes.
🏁 Drive‑by hacking? It’s a thing: Researchers discovered serious security flaws in Apple’s CarPlay systems that allow attackers to remotely take control of a car. Once inside, they can play music, hijack in‑car displays, eavesdrop on conversations and track a vehicle’s location. No patch from Apple yet.
⚠️ Keep your email private: Big email providers like Gmail and Yahoo track what you do. I use StartMail because it keeps my inbox secure, stops spam with unlimited aliases, and it keeps my personal info private. You can try it free for 7 days, and when you sign up, you’ll get my 60% off deal for the first year! It’s a terrific service.
Apple ups privacy: Websites can still track you by stitching together your IP, device info and time zone into a “fingerprint.” No opt-out. iOS 26 (out Sept. 16) will auto-block that in Safari. Add in spam call screening and link-tracking protection, and Apple’s getting a privacy facelift.
Calendar con job: Here’s a fun new nightmare. Hackers are sliding scams straight into Apple Calendar invites. They toss fake “big purchases” into event notes, slap on a shady customer service number and wait for you to panic-call. Do that, and congrats, you’ve just invited malware into your phone. Even your 8 a.m. dentist reminder isn’t safe anymore. Be scam aware.
My pick for antivirus protection: TotalAV delivers strong, real-time protection that blocks malware, cleans junk and keeps your devices running fast. Start your first year of protection for $19 today!
🚨 Microsoft Patch Tuesday: The latest update fixes 86 security flaws across Windows, Office, SharePoint and more. The scariest? A remote code execution bug in Microsoft’s High Performance Compute pack. Go to Settings > Windows Update > Check for updates.
🛸 Missile vs. UFO: Congress just dropped a wild video of a U.S. drone firing a Hellfire missile at a glowing orb off Yemen. The missile bounced off. I’m no military expert, but that’s not business as usual. Veterans testified they’ve seen triangles, cubes and Tic Tacs in the sky, claiming the government buried reports and retaliated against whistleblowers.
🚀 Golden Dome race: Varda Space nailed a capsule reentry (paywall link) in Australia, on target at hypersonic speed. Sounds nerdy, but here’s the point: The U.S. is funding a “missile shield” against future threats, and tech startups are competing to build it. Translation: Silicon Valley is shifting from dating apps to defense contracts.
⚡ Crypto malware scare: In the biggest supply chain hack in history, hackers hijacked 18 huge npm packages (chalk, debug and others), slipping in code that swapped crypto wallet addresses mid-transaction. Those poisoned packages? Downloaded over a billion times. Developers yanked the infected versions and purged caches in record time. Mischief managed, but it shows how fragile the web’s plumbing really is.
👀 Romance scam face-off: A Florida grandma thought she was chatting up a retired Army general. Nope, just scammers milking her for $60K. Deputies say one guy pocketed $30K and bought a Hyundai Kona. She got to confront him face-to-face. He swears he was “scamming the scammer.” The vehicle of choice for world-class con artists: midrange compact SUV.