Not only is it the first release to support the upcoming Steam Machine living room gaming PC, it comes with long-awaited features for Valve’s handhelds and more support for other companies’ handhelds than we’ve seen to date — including Microsoft and Asus’ Xbox Ally series, the Lenovo Legion Go 2, the OneXPlayer X1, and additional support for MSI, GPD, Anbernic, OrangePi, and Zotac.

The one that excites me most: Valve is adding genuine hibernation and “memory power down” modes to the Steam Deck — though just the LCD model to start — which should help extend battery life when you hit the power button or leave them idle. Some Windows machines currently last longer than the Steam Deck when asleep, because they self-hibernate to save power, while the Steam Deck has an instant-on sleep mode.

Plus, Valve has finally added a setting in its gaming mode to let you use your Bluetooth headset microphones — something I’ve been asking for since the beginning. (Valve did add it to the Linux desktop mode last year.) And the Steam Deck LCD is finally getting Bluetooth Wake re-enabled, so you can turn on your TV-connected Deck with a wireless controller from your couch.

The update comes with all sorts of improvements for the Linux desktop modes that sound like they’ll come in handy on a Steam Machine plugged into a TV or monitor, too, including desktop HDR, VRR display support, per-display scaling, “improved windowing behavior for games running in Proton,” and an upgrade to KDE Plasma 6.4.3 among other things.

And for a Steam Machine or Steam handheld plugged into a home entertainment system, they can now detect how many audio channels you have over HDMI to enable surround sound. (I believe surround sound was already a thing, so perhaps this is just a different and better automatic implementation.)

There’s also a new Arch system base and an updated graphics driver.

Perhaps most surprisingly, the “Non-Deck” section of the changelog is huge. Valve says long-pressing your power button should work “across a wide variety of devices” to power off, restart, or switch to the desktop mode. You should be able to change your processor’s power modes on the Xbox Ally now, and night mode and screen color settings should work on AMD Z2 Extreme handhelds in general.

There’s also “Greatly improved video memory management with discrete GPU platforms,” you can limit how far the battery charges in any of the Lenovo Legion Go handhelds (in desktop mode), and it should fix “washed out colors for Zotac and OneXPlayer handhelds with OLED.”

There’s a lot in this update, and it’s possible I missed a feature you care about, so check out the whole changelog here and below.

For almost two hours last week, Meta employees had unauthorized access to company and user data thanks to an AI agent that gave an employee inaccurate technical advice, as previously reported by The Information. Meta spokesperson Tracy Clayton said in a statement to The Verge that “no user data was mishandled” during the incident.

A Meta engineer was using an internal AI agent, which Clayton described as “similar in nature to OpenClaw within a secure development environment,” to analyze a technical question another employee posted on an internal company forum. But the agent also independently publicly replied to the question after analyzing it, without getting approval first. The reply was only meant to be shown to the employee who requested it, not posted publicly.

An employee then acted on the AI’s advice, which “provided inaccurate information” that led to a “SEV1” level security incident, the second-highest severity rating Meta uses. The incident temporarily allowed employees to access sensitive data they were not authorized to view, but the issue has since been resolved.

According to Clayton, the AI agent involved didn’t take any technical action itself, beyond posting inaccurate technical advice, something a human could have also done. A human, however, might have done further testing and made a more complete judgment call before sharing the information — and it’s not clear whether the employee who originally prompted the answer planned to post it publicly.

“The employee interacting with the system was fully aware that they were communicating with an automated bot. This was indicated by a disclaimer noted in the footer and by the employee’s own reply on that thread,” Clayton commented to The Verge. “The agent took no action aside from providing a response to a question. Had the engineer that acted on that known better, or did other checks, this would have been avoided.”

Last month, an AI agent from open source platform OpenClaw went more directly rogue at Meta when an employee asked it to sort through emails in her inbox, deleting emails without permission. The whole idea behind agents like OpenClaw is that they can take action on their own, but like any other AI model, they don’t always interpret prompts and instructions correctly or give accurate responses, a fact Meta employees have now discovered twice.

Phishing emails are getting more convincing every day. Scammers copy the look of trusted brands and rely on urgency to get you to click before you think. But sometimes the most misleading part of a scam is not the email itself. It is the signal your own email app gives you.

A CyberGuy reader recently sent us a screenshot of an email that looked suspicious but included something surprising at the top. Apple Mail displayed a banner that said, “This message was sent from a trusted sender.” At first glance, that message feels reassuring. Many people would assume the email must be legitimate. The reader sent the screenshot with the subject line “Another sneaky trick.” In the image, Apple Mail labels the message as coming from a trusted sender even though the email itself shows several signs of a phishing scam.

Here is the catch. That label comes from Apple Mail itself, not from Apple and not from a system verifying the email. In other words, a phishing email can still appear trusted. Understanding how this happens can help you avoid handing your Apple ID or other personal information to scammers.

APPLE APP PASSWORD SCAM EMAIL WARNING

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Why Apple Mail may label a phishing email as a trusted sender

Apple Mail automatically adds the trusted sender banner in certain situations. It usually appears when the email address looks familiar to your device. For example, Apple Mail may display the banner if:

• The sender’s address is saved in your Contacts
• You have replied to that email address before
• The address appears in previous email conversations

The feature is designed to help you quickly recognize people you communicate with often. It is meant as a convenience signal, not a security verification. That distinction is important.

Warning signs of a fake Apple account email

Phishing emails often copy the look of real Apple notifications. The goal is to create urgency so the victim clicks before thinking. The email in the screenshot contains several classic warning signs.

Generic greeting

The message begins with “Dear user” instead of addressing the recipient by name. Legitimate account emails typically reference your name or Apple ID information.

Slightly incorrect branding

The email references “Cloud+ subscription.” Apple’s real service is called iCloud+. Small branding mistakes often appear in phishing campaigns.

Urgent scare tactics

The message warns that personal data could be permanently removed from cloud storage. Fear and urgency are common tools in phishing scams.

Payment problems tied to account threats

Scammers often claim a subscription payment failed and your account is at risk. The goal is to push victims to click a link and enter login details. Apple does not send emails threatening immediate deletion of iCloud data because of a billing issue.

Why the Apple Mail trusted sender banner can be misleading

Because the banner relies on familiarity, scammers can sometimes exploit it. Cybercriminals often spoof real email addresses so their messages appear to come from someone you know. If that address matches a contact or previous message history, Apple Mail may still mark it as trusted.

REAL APPLE SUPPORT EMAILS USED IN NEW PHISHING SCAM

That can create a false sense of safety. The banner simply reflects your email history. It does not confirm the sender’s identity or verify that the message actually came from Apple or any legitimate company. In some cases, that visual signal can make a phishing email look more believable than it really is.

Ways to stay safe from Apple phishing emails

Phishing emails continue to evolve, but a few simple habits can greatly reduce your risk.

1) Avoid clicking links in account warning emails

If you receive a notice about your Apple account, open your browser and go directly to Apple’s official website instead of using the email link.

2) Use strong antivirus software

Strong antivirus software can help detect malicious links, suspicious downloads, and phishing pages before they reach your device. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

3) Use a data removal service

Scammers often gather personal information from data broker websites to make phishing emails look more convincing. Removing your data from these sites reduces the information criminals can use to target you. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

4) Check your Apple account settings directly

You can verify subscriptions by opening Settings on your device, tapping your Apple ID and selecting Subscriptions.

5) Look closely at branding and wording

Misspelled product names, unusual formatting, and generic greetings often reveal a phishing email.

6) Enable two-factor authentication

Two-factor authentication (2FA) adds another layer of protection, even if someone manages to steal your password.

Kurt’s key takeaways

Email apps often try to help by identifying messages that appear familiar. Unfortunately, scammers understand how those systems work. The trusted sender banner in Apple Mail reflects your contact history. It does not confirm that the message came from Apple or any legitimate company. That means one simple habit still offers the best protection. Pause before clicking any urgent account warning. Because in the world of phishing scams, the messages that look the most convincing are often the most dangerous.

If your email app told you a message was trusted, would you still double-check before clicking? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report 
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com. All rights reserved.