Twitter is officially 20 years old. In another reality, that might make me kind of nostalgic. I’ve been lurking and scrolling and tweeting for 16 years; most of my adult life. There was a time when Twitter was a place where some internet strangers became my IRL friends, when I was excited to “live-tweet”. When my infinitely more well-adjusted friends would send me memes, I would smugly say “I saw that on Twitter days ago.”

Twitter stopped being that place a long time ago, but I don’t have any nostalgia for it. I don’t really feel anything at all, actually.

Because I can already hear the comments: Yes, I’m still on X. I don’t spend as much time there as I did a decade ago, but it’s still quite a lot of time, an unhealthy amount, if I’m being honest. My job is to report on social media companies, so I keep (doom)scrolling. That’s what I tell myself anyway.

A few of my favorite posters are still around. Dril’s still got it. The memes are still, occasionally, good, even though X’s recommendation algorithm seems to prefer pointing me toward endless AI slop, boring hot takes from thirsty mid-tier tech execs and blatant engagement bait. X’s algorithm — what little we can learn about it, anyway — now relies on Grok’s predictions about what you’ll like.The same Holocaust-loving Grok that has spewed racism and referred to itself as MechaHitler and declared Elon Musk “the single greatest person in modern history.” The same Grok that allegedly generated thousands of images of child abuse material. Hey @grok is that true?

X is not Twitter but it’s also not not-Twitter. Last year, an online marketplace startup bought the 560-pound Twitter bird that once adorned the company’s San Francisco office and blew it up in a Nevada desert surrounded by Tesla CyberTrucks as part of an elaborate publicity stunt. Dumb? Yes. But also a somehow fitting adieu for “Larry.”

It’s been 20 years since Jack Dorsey sent the first-ever tweet, which was never even a good tweet anyway. It’s been five years, by the way, since he turned that tweet into an NFT (remember NFTs??) and auctioned it for nearly $3 million. It’s now functionally worthless. Another chapter in Dorsey’s confusing, complicated legacy.

The flash from my iPhone camera illuminates my dirty socks and underwear as I hold each item up for the video recording to capture clearly. As I load my smelly clothes into the washer, I tremble a bit each time the phone loudly beeps, detecting that my hands may be out of frame. Gotta see those fingers! No, I haven’t pivoted to filming some kind of fetish content to make ends meet—I’m trying the latest gig work app from DoorDash, called Tasks.

The new Tasks app from food delivery app DoorDash has nothing to do with delivering food—it’s all about gathering training data from humans, that’s you, for improving generative AI models and humanoid robots. “This data helps AI and robotic systems understand the physical world,” reads DoorDash’s press release. “Pay is shown upfront and determined based on effort and complexity of the activity.” Most of the gigs involve strapping a smartphone to your chest and recording your hands performing specific tasks.

This kind of video data can be used by developers of AI models and robotics to improve performance. For example, thousands of videos of people folding laundry, with their hands clearly visible, could help teach a robot how to do the same task using computer vision.

Photograph: Reece Rogers

DoorDash plans to expand this service to include an even wider range of tasks and users in the future. It’s unclear where exactly the app is available for users at launch in the US—residents of California, New York City, Seattle, and Colorado are explicitly blocked from using Tasks. (I was able to use the Tasks app and complete gigs while residing in Kansas.)

Curious about what kinds of tasks DoorDash is offering right now, I signed up to be a “dasher” and downloaded the Tasks app. After logging in, the onboarding quest was to film yourself moving three objects across a table. Easy! I turned the camera on and shifted my coffee cup, pen, and laptop from one side of my desk to the other. My reward for this wasn’t cash—DoorDash shipped a free body-mount for my smartphone camera afterward, so I could complete more gigs in the app.

After that quick onboarding session, I could see the full list of potential jobs and start making some cash. The gigs currently available in the Tasks app mainly fall into five major categories: household chores, handiwork projects, cooking food, location navigation, and foreign language conversations.

The tasks within these categories are fairly broad. The chore list includes everything from making a bed and loading a dishwasher to repotting plants and taking out the trash. The handiwork projects range from simple tasks, like changing a lightbulb, to more complex ones, like pouring cement. The cooking gigs mostly revolve around eggs: frying them, poaching them, scrambling them. Navigation gigs include exploring a museum and walking around an apartment complex. For the language-based tasks, the app requests “natural conversations” in Russian and Mandarin Chinese, as well as other languages.

An international law enforcement action called Operation Alice has shut down over 373,000 dark web sites that offered fake CSAM packages.

The investigation, led by Germany and supported by Europol, began in mid-2021 and focused on a platform called “Alice with Violence CP,” operated by a 35-year-old suspect based in China.

These sites advertised child sexual abuse material (CSAM) and cybercrime-as-a-service offerings, including stolen credit card data and access to compromised systems.

According to Europol, the sites used showed previews of claimed CSAM “packages” to trick users into entering their email addresses and paying between EUR 17 and EUR 250 in Bitcoin, receiving nothing in return.

“Each package had an estimated cost of between EUR 17 and EUR 215, and promised data volumes ranging from a few gigabytes to several terabytes of CSAM,” explains Europol.

“However, these were purely fraudulent sites where CSAM was advertised and previewed but never delivered.”

The fraudulent CSAM platform fooled around 10,000 users into paying roughly $400,000 to the operator of the sites. Of those, the authorities have identified 440 users in 23 countries, and are currently investigating 100 of them.

Although these people never received the illegal material, they still tried to purchase CSAM, financially supporting child abuse and demonstrating criminal intent. Even attempting to buy such material is prosecuted in many jurisdictions.

At its peak, the scam network’s infrastructure comprised 287 servers, with a significant portion (105) located in Germany, all of which have now been seized. German authorities have also issued an international arrest warrant for the Chinese operator.

Europol highlights its broader child protection work, including the Help4U support platform launched in November 2025, and its “Stop Child Abuse – Trace an Object” initiative, which invites people to identify the origin of objects seen in CSAM material that may lead to the identification of perpetrators, and the saving of children from abuse.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report

Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your account.

Azure Monitor is Microsoft’s cloud-based monitoring service that collects and analyzes data from Azure resources, applications, and infrastructure. It enables users to track performance, notify about billing changes, detect issues, and trigger alerts based on various conditions.

Over the past month, numerous people have reported receiving Azure Monitor alerts warning of suspicious charges or invoice activity on their accounts, urging them to call an enclosed phone number.

“Alert rule description MICROSOFT CORPORATION BILLING AND ACCOUNT SECURITY NOTICE (REF: MS-FRA-6673829-KP). Our system has detected a potentially unauthorized charge on your account. Transaction Details: Merchant: Windows Defender. Transaction ID: PP456-887A-22B. Amount: 389.90 USD. Date: 03/05/2026l,” reads the fake billing alert.

“For your protection, this transaction has been temporarily placed on hold by our Fraud Detection Team. To prevent possible account suspension or additional fees, please verify this transaction immediately. If you did NOT authorize this payment, contact our 24/7 Microsoft Account Security Support at +1 (864) 347-2494 or +1 (864) 347-4846.”

“We apologize for any inconvenience and appreciate your prompt response. Microsoft Account Security Team.”

Unlike other phishing campaigns, these messages are not spoofed, but are sent directly by the Microsoft Azure Monitor platform using the legitimate azure-noreply@microsoft.com email address.

As the emails are sent through Microsoft’s legitimate email platforms, they pass SPF, DKIM, and DMARC email security checks, making them appear more trustworthy.

Authentication-Results: relay.mimecast.com;
	dkim=pass header.d=microsoft.com header.s=s1024-meo header.b=CKfQ8iOB;
	arc=pass ("microsoft.com:s=arcselector10001:i=1");
	dmarc=pass (policy=reject) header.from=microsoft.com;
	spf=pass (relay.mimecast.com: domain of azure-noreply@microsoft.com designates 40.107.200.103 as permitted sender) smtp.mailfrom=azure-noreply@microsoft.com

The threat actors are conducting this campaign by creating alerts in Azure Monitor for easily triggered conditions, such as new orders, payments, generated invoices, and other billing events. 

When creating alerts, you can enter any message you want in the description field, which the attackers use to put their callback phishing message.

These alerts are then configured to send emails to what is believed to be a mailing list under the attacker’s control, which forwards the email to all the targeted people in the attack.

This also preserves the original Microsoft headers and authentication results, helping the emails bypass spam filters and user suspicion.

BleepingComputer has seen multiple alert categories used in this campaign, mostly using invoice and payment-themed rules designed to resemble automated billing notifications:

• Azure monitor alert rule order-22455340 was resolved for invoice22455340
• Azure monitor alert rule Invoice Paid INV-d39f76ef94 was resolved for invd39f76ef94
• Azure monitor alert rule Payment Reference INV-22073494 was resolved for purchase22073494
• Azure monitor alert rule Funds Successfully Received-ec5c7acb41 was triggered for subec5c7acb41
• Azure monitor alert rule MemorySpike-9242403-A4 was triggered
• Azure monitor alert rule DiskFull-3426456-A6 was triggered for locker3426456

The campaign relies on creating a sense of urgency, which in this case is the unusual $389 Windows Defender charge, to trick the users into calling the listed phone number.

While BleepingComputer did not call the number in this scam, previous callback phishing campaigns led to credential theft, payment fraud, or the installation of remote access software.

As these emails use a more enterprise or corporate theme, they may be intended to gain initial access to corporate networks for follow-on attacks.

Users should treat any Azure or Microsoft alert that includes a phone number or urgent request to resolve billing issues with suspicion.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report

The Government of Mexico City has launched Xoli, a chatbot that will provide information on services, tourism, and cultural offerings. It’s available now via WhatsApp in both English and Spanish.

The platform was designed to meet the demand of the millions of visitors expected to arrive during the 2026 FIFA World Cup. However, the authorities assure that the tool will remain active once the sporting event is over, with the aim of promoting economic activities and facilitating access to public services in the capital.

In a press conference, Clara Brugada, head of the Mexico City government, stated that Xoli “will be the technological instrument that will allow us to link culture, tourism, recreation, and entertainment with the population.”

Chat With Xoli

The tool was developed entirely by the capital’s government, as a result of the collaboration between the Digital Agency for Public Innovation and the local Ministries of Tourism and Culture.

The chatbot is already available on mobile devices and will operate continuously, seven days a week, 24 hours a day. To use it, just open WhatsApp, start a chat with the number 55 6565 9395, and send the word “Hola.”

Xoli (pronounced sho-lee) will immediately ask if you want to continue in English or Spanish. After selecting the preferred language, users will be able to access a menu with various categories of information, including culture, tourism, gastronomy, and mobility, or just ask a question about anything in the city.

In the context of the 2026 World Cup, there will be a specific section with information about the competition, including special events, match details, broadcasts of games in public places, and ticket purchase options.

Screenshot of Xoli, Mexico City’s tourist chatbot for the 2026 World Cup.

Advertisement

Cortesía Xoli

The capital’s government highlighted that this technology contributes to the city’s consolidation as “a more innovative and accessible city,” by speeding up access to official information, offering timely responses and strengthening tourism promotion strategies.

Alejandra Frausto, head of Mexico City’s Ministry of Tourism, pointed out that close to 3,000 tourist, recreational, and cultural activities are carried out daily in the capital. In seasons of high demand, this figure can increase to 5,000 events a day. “Translating this data into reliable and accessible information involves a great effort, but it is now possible thanks to this chatbot,” he says.

A Good Sport

The launch of Xoli adds to the technological efforts driven by the federal government to turn the upcoming World Cup into an engine of development for commerce, sports, tourism, and culture throughout the country.

Late last year, Mexican president Claudia Sheinbaum presented the Mexico 2026 Social World Cup plan, which calls for more than 177 festivities and 5,000 activities linked to the tournament, as well as 74 tournaments and soccer cups aimed at students, workers, and the general public. The program also includes around 1,500 actions within the Vive Saludable (Live Healthy) initiative, aimed at promoting healthy lifestyles, as well as the rehabilitation of 4,200 public sports fields and spaces.

Among the actions announced is the creation of the Conoce México app developed jointly by the Agency for Digital Transformation and Telecommunications (ATDT) and the Ministry of Tourism. This app will allow fans, both national and foreign, to get updated information on matches, venues, routes, services, and cultural activities.