Visa is rolling out new technology that will allow the payments giant to share more information about customers' preferences [non-paywalled source] based on their shopping history with retailers as it seeks to remain a top player in the competitive e-commerce space. From a report: The data will be shared via the payments giant's proprietary "tokens," which provide an added layer of security between a consumer's bank information and a merchant. Shopping inclinations and other information based on past transactions -- such as preferred categories, like movies or golf -- will be shared via token with retailers with the consent of consumers.

"It's almost entirely blind to almost all consumers," Visa Chief Executive Officer Ryan McInerney said in an interview of the company's token technology. "They just know their payments work better." The sharing of shopping data via token is one of a handful of innovations Visa unveiled at a conference in San Francisco, where it's based. Visa, one of the largest e-commerce technology companies in the world, is finding itself increasingly fending off competitors seeking larger slices of the fees merchants must pay to carry out consumer transactions.

In an op-ed on Windows Central, the site's co-managing editor Jez Corden laments Microsoft's "short-sighted" decision-making and "inconsistent" investment in its products and services, which he argues has led to a loss of trust among customers and missed opportunities in the tech industry. Despite Microsoft's advancements in AI and cloud computing, the company has made "baffling" decisions such as shutting down Windows Phone, under-investing in Xbox, and canceling promising Surface products.

The author argues that Microsoft's lack of commitment to security, customer support, and long-term quality has "damaged" its reputation and hindered its potential for growth. Examples include recent hacking scandals, poor customer service experiences, and the aggressive promotion of Microsoft Edge at the expense of user choice. The author also expresses concern over Microsoft's handling of the Xbox brand, particularly the decision to release exclusive games on PlayStation, which could undermine the reasons for customers to choose Xbox. The op-ed concludes that while Microsoft has the potential to be a leader in the tech industry, its pattern of short-sighted decisions and failure to learn from past mistakes has led to a growing sense of doubt among its customers and observers.

The recent surge in bitcoin prices has the phones at crypto wallet recovery firms ringing off the hook, as retail investors locked out of their digital vaults make frantic calls to regain access to their accounts. From a report: Cryptocurrencies exist on a decentralized digital ledger known as blockchain and investors may opt to access their holdings either through a locally stored software wallet or a hardware wallet, to avoid risks related to owning crypto with an exchange, as in the case of the former FTX. Losing access to a crypto wallet is a well-known problem. Investors forgetting their intricate passwords is a primary reason, but loss of access to two-factor authentication devices, unexpected shutdowns of cryptocurrency exchanges and cyberattacks are also common.

Wallet passwords are usually alphanumeric and the wallet provider also offers a set of randomized words, known as "seed phrases," for additional security - both these are known only to the user. If investors lose the passwords and phrases, access to their wallets is cut off. With bitcoin prices regaining traction since last October and hitting a record high of $73,803.25 in March, investors seem to be suffering from a classic case of FOMO, or the fear of missing out. Reuters spoke to nearly a dozen retail investors who had lost access to their crypto wallets. Six of them contacted a recovery services firm and managed to regain access to their holdings.

Intel unveiled Thunderbolt Share on Wednesday with which it promises to streamline screen and file sharing between two PCs. Tom's Hardware: Thunderbolt Share will allow PC owners to connect their two computers with a wired connection that leverages Thunderbolt's speed (40Gbps or higher), low latency, and built-in security. It allows PC-to-PC access that shares the screen, keyboard, mouse, and storage. The software also enables folder synchronization or easy drag-and-drop file transfer between the computers. [...]

Thunderbolt Share also provides uncompressed screen sharing between two PCs in the original resolution of the source computer. It also claims low latency for a smooth, responsive experience that includes the screen, keyboard, and mouse with full HD screen mirroring at up to 60 frames per second (fps). Higher resolutions could result in fewer frames per second, but Ziller said it would still be a "great experience."

The FBI has seized the notorious BreachForums hacking forum that leaked and sold stolen corporate data to other cybercriminals. From a report: The seizure occurred on Wednesday morning, soon after the site was used last week to leak data stolen from a Europol law enforcement portal. The website is now displaying a message stating that the FBI has taken control over it and the backend data, indicating that law enforcement seized both the site's servers and domains. [...] The seizure message also shows the two forum profile pictures of the site's administrators, Baphomet and ShinyHunters, overlaid with prison bars.

Tech columnist and venture investor MG Siegler, commenting on the new iPad Pro: I love the iPad for the things it's good at. And I love the MacBook for the things it's good at. What I want is less a completely combined device and more a single device that can run both macOS and iPadOS. And this new iPad Pro, again equipped with a chip faster than any MacBook, can do that if Apple allowed it to.

At first, maybe it's dual boot. That is, just let the iPad Pro load up macOS if it's attached to the Magic Keyboard and use the screen as a regular (but beautiful) monitor -- no touch. Over time, maybe macOS is just a "mode" inside of iPadOS -- complete with some elements updated to be touch-friendly, but not touch-first. Steven Sinofsky, the former head of Microsoft's Windows division, chiming in: It is not unusual for customers to want the best of all worlds. It is why Detroit invented convertibles and el caminos.

But the idea of a "dual boot" device is just nuts. It is guaranteed the only reality is it is running the wrong OS all the time for whatever you want to do. It is a toaster-refrigerator. Only techies like devices that "presto-change" into something else. Regular humans never flocked to El Caminos, and even today SUVs just became station wagons and almost none actually go off road :-)

Two things that keep going unanswered if you really want macOS on an iPad device:

1. What software on Mac do you want for an iPad device experience? What software will get rewritten for touch? If you want "touch-enabled" check out what happened on the Windows desktop. Nearly everything people say they want isn't features as much as the mouse interaction model. People want overlapping windows, a desktop of folders, infinitely resizable windows, and so on. These don't work on touch very well and certainly not for people who don't want to futz.
2. Will you be happy with battery life? The physics of an iPad mean the battery is 2/3rds the size of a Mac battery. Do you really want that? I don't. The reason the iPad is the 5.x mm device is because the default doesn't have a keyboard holding the battery. This is about the realities. The metaphors that people like on a desktop, heck that they love, just don't work with the blunt instrument of touch. It might be possible to build all new metaphors that use only tough and thus would be great on an iPad but that isn't what they tried. The device grew out of a phone. It's only their incredible work on iPhone that led to Mx silicon and their tireless work on the Mac-centric frameworks that delivered a big chunk (but not all) the privacy, reliability, battery life, security, etc. of the phone on Mac. [...]

A panel of judges in the Netherlands has found Alexey Pertsev, one of the developers behind crypto anonymizing tool Tornado Cash, guilty of money laundering. Wired: Over the course of two days in March, the Russian national was tried on the allegation that the tool he developed had allowed criminals -- among them hackers with ties to North Korea -- to freely launder $1.2 billion in stolen cryptocurrency. "The management of Tornado Cash welcomed the bank robbers with open arms," the prosecutors wrote in a March court filing.

Dutch judges sentenced Pertsev to five years and four months in prison on Tuesday, which was the term requested by prosecutors in the case. "With Tornado Cash, the defendant created a shortcut for financing crimes and terrorism," said the court in a statement, translated from Dutch. "He chose to look away from the abuse and did not take any responsibility." The purpose of tools like Tornado Cash, known as crypto mixers or tumblers, is to mask the origin and destination of users' coins. Funds belonging to many parties are pooled, jumbled up, and spat out into brand-new wallets, by which time it is no longer clear whose crypto is whose. These services are promoted as a way to improve the level of privacy available to crypto users, but have been readily co-opted for the purpose of money laundering.

On August 8, 2022, Tornado Cash was sanctioned in the United States, making it illegal for US citizens to use the service. Any product that "indiscriminately facilitates anonymous transactions," wrote the US Treasury's Office of Foreign Assets Control, represents a "threat to US national security." Two days later, Pertsev was arrested in the Netherlands, where he resided. Money laundering activity, the Dutch prosecutors claim, accounted for more than 30 percent of the funds that passed through Tornado Cash between 2019 and 2022. [...] Pertsev built his defense on the argument that Tornado Cash, which remains in operation, is under nobody's control -- including his own -- as a piece of software that runs on the Ethereum blockchain, a distributed network of computers. Further reading: Coinbase Employees and Ethereum Backers Sue US Treasury Over Tornado Cash Sanctions (September 2022).

This week, The Register reported: If you are still running RHEL 7, which is now approaching a decade old, there's good news. Red Hat is offering four more years of support for RHEL 7.9, which it terms Extended Life Cycle Support or ELS.

If you are running the free version, CentOS Linux 7, that hits its end-of-life on the same date: June 30, 2024. CIQ, which offers CentOS Linux rebuild Rocky Linux, has a life cycle extension for that too, which it calls CIQ Bridge. The company told The Reg: "CIQ Bridge, essentially a long-term support service tailored for CentOS 7 users on the migration path to Rocky Linux, is offered under an annual, fixed-rate subscription. CIQ Bridge includes access to CentOS 7 extended life package updates for an additional three years and security updates for CVSS 7 issues and above. Security updates for CVSS 5 and 6 are available at an elevated subscription tier. CIQ Bridge is designed to support CentOS 7 users until they are ready for CIQ guidance and support in migration to Rocky Linux." CIQ believes there's a substantial market for this, and points to research from Enlyft that suggests hundreds of thousands of users still on CentOS Linux 7.

The Dillo browser dates back to 1999, writes the Register, with its own rendering engine. And now Dillo "has returned with a new release, version 3.1.

"It's nearly nine years after version 3.05 appeared on the last day of June 2015." Version 3.1 incorporates dozens of fixes and improvements, as the official announcement describes.

Project lead Rodrigo Arias Mallo announced his resurrection attempt on Hacker News early this year. He has taken the last available code from the project's Mercurial repository, incorporated about 25 outstanding fixes, and added as many again of his own.

Dillo is a super-lightweight graphical web browser for Unix-like OSes, written using the Fast Light Toolkit. The latest version has a number of new features, although one of the most significant is support for Transport Layer Security. TLS is the successor to SSL, with a Microsoft-approved name. Dillo 3.1 supports it thanks to the Mbed-TLS library.
It doesn't support frames, embedded media playback, or JavaSccript — but it can run on very low-end hardware...

Thanks to Lproven (Slashdot reader #6,030) for sharing the news.

The Russia-linked ransomware group Black Basta is responsible for Wednesday's cyberattack on St. Louis-based Ascension health system, according to sources reported by CNN. The attack disrupted access to electronic health records, some phone systems and "various systems utilized to order certain tests, procedures and medications," the company said in a statement. From a report: On Friday, the nonprofit group Health-ISAC (Information Sharing and Analysis Center) issued an alert about the group, saying that Black Basta has "recently accelerated attacks against the healthcare sector." HHS said that Black Basta was initially spotted in early 2022, known for its double extortion attack. The group not only executes ransomware but also exfiltrates sensitive data, operating a cybercrime marketplace to publicly release it should a victim fail to pay a ransom.

"The level of sophistication by its proficient ransomware operators, and reluctance to recruit or advertise on Dark Web forums, supports why many suspect the nascent Black Basta may even be a rebrand of the Russian-speaking RaaS threat group Conti, or also linked to other Russian-speaking cyber threat groups," the alert from HHS said. According to one report from blockchain analytics firm Elliptic and cybersecurity risk-focused Corvus Insurance, Black Basta in less than two years has won itself more than $100 million via ransomware schemes from 329 organizations. Previous victims of its attacks include Dish Network, the American Dental Association, business process services firm Capita and tech firm ABB.

The U.S. FBI is working towards charging hackers from the aggressive Scattered Spider criminal gang who are largely based in the U.S. and western countries and have breached dozens of American organisations, a senior official said. From a report: The young hackers grabbed headlines last year when they broke into the systems of casino-operators MGM Resorts International and Caesars Entertainment locking up the companies' systems and demanding hefty ransom payments. From health and telecom companies to financial services, they have hacked a range of organisations over two years, piling pressure on law enforcement agencies to thwart them.

"We are working towards charging individuals where we can with criminal conduct, in this case, largely around the Computer Fraud and Abuse Act," Brett Leatherman, the FBI's cyber deputy assistant director, told Reuters in an interview. The group was a rare alliance of hackers in Western countries with veteran cybercriminals from eastern Europe, he said on the sidelines of the RSA Conference in San Francisco Wednesday. "Often we don't see that mingling of geographical hackers working together outside the confines of like hacktivism, for example," he said. Security researchers have tracked Scattered Spider since at least 2022 and say the group is far more aggressive than other cybercrime gangs - skilled especially at hijacking the identities of IT helpdesk staff to penetrate into company networks. Caesars paid around $15 million to free its systems from the hackers.

Technology giant Dell notified customers on Thursday that it experienced a data breach involving customers' names and physical addresses. TechCrunch: In an email seen by TechCrunch and shared by several people on social media, the computer maker wrote that it was investigating "an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell."

Dell wrote that the information accessed in the breach included customer names, physical addresses, and "Dell hardware and order information, including service tag, item description, date of order and related warranty information." Dell did not say if the incident was caused by malicious outsiders or inadvertent error. The breached data did not include email addresses, telephone numbers, financial or payment information, or "any highly sensitive customer information," according to the company. The company downplayed the impact of the breach in the message.

An anonymous reader quotes a report from TechCrunch: The federal government agency responsible for granting patents and trademarks is alerting thousands of filers whose private addresses were exposed following a second data spill in as many years. The U.S. Patent and Trademark Office (USPTO) said in an email to affected trademark applicants this week that their private domicile address -- which can include their home address -- appeared in public records between August 23, 2023 and April 19, 2024. U.S. trademark law requires that applicants include a private address when filing their paperwork with the agency to prevent fraudulent trademark filings.

USPTO said that while no addresses appeared in regular searches on the agency's website, about 14,000 applicants' private addresses were included in bulk datasets that USPTO publishes online to aid academic and economic research. The agency took blame for the incident, saying the addresses were "inadvertently exposed as we transitioned to a new IT system," according to the email to affected applicants, which TechCrunch obtained. "Importantly, this incident was not the result of malicious activity," the email said. Upon discovery of the security lapse, the agency said it "blocked access to the impacted bulk data set, removed files, implemented a patch to fix the exposure, tested our solution, and re-enabled access." Last June, the USPTO inadvertently exposed about 61,000 applicants' private addresses "in a years-long data spill in part through the release of its bulk datasets," reports TechCrunch. It told affected individuals that the issue was fixed.

An anonymous reader quotes a report from The Register: Ransomware infections have morphed into "a psychological attack against the victim organization," as criminals use increasingly personal and aggressive tactics to force victims to pay up, according to Google-owned Mandiant. "We saw situations where threat actors essentially SIM swap the phones of children of executives, and start making phone calls to executives, from the phone numbers of their children," Charles Carmakal, Mandiant's CTO, recounted during a Google Security Threat Intelligence Panel at this year's RSA Conference in San Francisco on Monday.

"Think about the psychological dilemma that the executive goes through – seeing a phone call from the children, picking up the phone and hearing that it's somebody else's voice? Sometimes, it's caller ID spoofing. Other times, we see demonstrated SIM swapping family members." Either way, it's horrifying. It's the next step in the evolution of ransomware tactics, which have now moved far beyond simply encrypting victims' files and even stealing their data. "There are a few threat actors that really have no rules of engagement in terms of how far [they] try to coerce victims," Carmakal noted, recalling ransomware incidents in which the criminals have directly contacted executives, their family members, and board members at their homes.

The criminals have moved from just staging an attack against a company, its customers and their data, and becomes "more against the people," he added. It changes the calculation involved in deciding whether to pay the extortion demand, Carmakal said. "It's less about 'do I need to protect my customers?' But more about 'how do I better protect my employees and protect the families of employees?' That's a pretty scary shift."

Less than two weeks after President Biden signed a bill that will force TikTok's Chinese owner, ByteDance, to sell the popular social media app or face a ban in the United States, TikTok said it sued the federal government on Tuesday, arguing the law was unconstitutional. From a report: TikTok said that the law violated the First Amendment by effectively removing an app that millions of Americans use to share their views and communicate freely. It also argued that a divestiture was "simply not possible," especially within the law's 270-day timeline, pointing to difficulties such as Beijing's refusal to sell a key feature that powers TikTok in the United States.

"For the first time in history, Congress has enacted a law that subjects a single, named speech platform to a permanent, nationwide ban, and bars every American from participating in a unique online community with more than one billion people worldwide," the company said in the 67-page petition it provided, which initiates the lawsuit. "There is no question: The act will force a shutdown of TikTok by Jan. 19, 2025." TikTok is battling for its survival in the United States, with the fight set to play out primarily in courts over the next few months. While lawmakers who passed the bill have said the app is a national security threat because of its ties to China, the courts must now weigh those concerns against TikTok's argument that a sale or ban would violate the First Amendment free-speech rights of its users and hurt small businesses that owe their livelihood to the platform.

An anonymous reader quotes a report from Wired: In April, Apple sent notifications to iPhone users in 92 countries, warning them they'd been targeted with spyware. "Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID," the notification reads. Users quickly took to social media sites including X, trying to work out what the notification meant. Many of those targeted were based inIndia, but others in Europe also reported receiving Apple's warning. Weeks later, little is still known about the latest iPhone attacks. Former smartphone giant Blackberry, now a security firm, has released research indicating they are linked to a Chinese spyware campaign dubbed "LightSpy," but Apple spokesperson Shane Bauer says this is inaccurate.

While Apple says the latest spyware notifications aren't linked to LightSpy, the spyware remains a growing threat, particularly to people who may be targeted in Southern Asia, according to Blackberry's researchers. Described as a "sophisticated iOS implant," LightSpy first emerged targeting Hong Kong protesters in 2020. However, the latest iteration is much more capable than the first. "It is a fully-featured modular surveillance toolset that primarily focuses on exfiltrating victims' private information, including hyper-specific location data and sound recording during voice over IP calls," the researchers wrote. April's warnings were not the first time Apple has issued notifications of this kind. The iPhone maker has sent out alerts to people in over 150 countries since 2021 as spyware continues to target high-profile figures across the globe.

Spyware can be weaponized by nation-state adversaries -- but this is relatively rare and expensive. Its deployment is typically highly targeted against a very specific group of people, including journalists, political dissidents, government workers, and businesses in certain sectors. "Such attacks are vastly more complex than regular cybercriminal activity and consumer malware, as mercenary spyware attackers apply exceptional resources to target a very small number of specific individuals and their devices," Apple wrote in an advisory in April. "Mercenary spyware attacks cost millions of dollars and often have a short shelf life, making them much harder to detect and prevent. The vast majority of users will never be targeted by such attacks." Plus, Apple says its Lockdown Mode feature can successfully protect against attacks. "As we have said before, we are not aware of anyone using Lockdown Mode being successfully attacked with mercenary spyware," Bauer says. Still, for those who are targeted and caught unaware, spyware is extremely dangerous. There are a number of ways to protect yourself against spyware and zero-click exploits in particular:

1. Regularly Update Devices: Keep your devices updated to the latest software to protect against known vulnerabilities.
2. Restart Devices Daily: Regularly restarting your device can help disrupt persistent spyware infections by forcing attackers to reinfect the device, potentially increasing their chances of detection.
3. Disable Vulnerable Features: Consider disabling features prone to exploits, such as iMessage and FaceTime, especially if you suspect you're a target for spyware.
4. Use Multifactor Authentication and Secure Sources: Employ multifactor authentication and only install apps from verified sources to prevent unauthorized access and downloads.
5. Monitor for Indicators: Be vigilant for signs of infection such as battery drain, unexpected shutdowns, and high data usage, though these may not always be present with more sophisticated spyware.
6. Seek Professional Help: If you suspect a spyware infection, consider professional assistance or helplines like Access Now's Digital Security Helpline for guidance on removal.
7. Utilize Advanced Security Features: Activate security features like Apple's Lockdown Mode, which limits device functionality to reduce vulnerabilities, thus safeguarding against infections.

Researchers have discovered a new attack that can force VPN applications to route traffic outside the encrypted tunnel, thereby exposing the user's traffic to potential snooping or manipulation. This vulnerability, named TunnelVision, is found in almost all VPNs on non-Linux and non-Android systems. It's believe that the vulnerability "may have been possible since 2002 and may already have been discovered and used in the wild since then," reports Ars Technica. From the report: The effect of TunnelVision is "the victim's traffic is now decloaked and being routed through the attacker directly," a video demonstration explained. "The attacker can read, drop or modify the leaked traffic and the victim maintains their connection to both the VPN and the Internet." The attack works by manipulating the DHCP server that allocates IP addresses to devices trying to connect to the local network. A setting known as option 121 allows the DHCP server to override default routing rules that send VPN traffic through a local IP address that initiates the encrypted tunnel. By using option 121 to route VPN traffic through the DHCP server, the attack diverts the data to the DHCP server itself. [...]

The attack can most effectively be carried out by a person who has administrative control over the network the target is connecting to. In that scenario, the attacker configures the DHCP server to use option 121. It's also possible for people who can connect to the network as an unprivileged user to perform the attack by setting up their own rogue DHCP server. The attack allows some or all traffic to be routed through the unencrypted tunnel. In either case, the VPN application will report that all data is being sent through the protected connection. Any traffic that's diverted away from this tunnel will not be encrypted by the VPN and the Internet IP address viewable by the remote user will belong to the network the VPN user is connected to, rather than one designated by the VPN app.

Interestingly, Android is the only operating system that fully immunizes VPN apps from the attack because it doesn't implement option 121. For all other OSes, there are no complete fixes. When apps run on Linux there's a setting that minimizes the effects, but even then TunnelVision can be used to exploit a side channel that can be used to de-anonymize destination traffic and perform targeted denial-of-service attacks. Network firewalls can also be configured to deny inbound and outbound traffic to and from the physical interface. This remedy is problematic for two reasons: (1) a VPN user connecting to an untrusted network has no ability to control the firewall and (2) it opens the same side channel present with the Linux mitigation. The most effective fixes are to run the VPN inside of a virtual machine whose network adapter isn't in bridged mode or to connect the VPN to the Internet through the Wi-Fi network of a cellular device. You can learn more about the research here.

Google is streamlining the process of setting up two-factor authentication (2FA). From a report: Instead of entering your phone number first to enable 2FA, you can now add a "second step method" to your account such as an authenticator app or a hardware security key to get things set up. This should make it safer to turn on 2FA, as it lets you avoid using less secure SMS verification. You can choose to enter a time-based one-time passcode through apps like Google Authenticator, or you can follow the steps to link a hardware security key.

An international coalition of police agencies have resurrected the dark web site of the notorious LockBit ransomware gang, which they had seized earlier this year, teasing new revelations about the group. From a report: On Sunday, what was once LockBit's official darknet site reappeared online with new posts that suggest the authorities are planning to release new information about the hackers in the next 24 hours, as of this writing. The posts have titles such as "Who is LockBitSupp?," "What have we learnt," "More LB hackers exposed," and "What have we been doing?"

In February, a law enforcement coalition that included the U.K.'s National Crime Agency, the U.S. Federal Bureau of Investigation, as well as forces from Germany, Finland, France, Japan and others announced that they had infiltrated LockBit's official site. The coalition seized the site and replaced information on it with their own press release and other information in a clear attempt to troll and warn the hackers that the authorities were on to them.

Wednesday Rest of World noticed an overlooked tech story in Argentina: Olga de León looked confused as she walked out of a nightclub on the edge of Buenos Aires on a recent Tuesday afternoon. She had just had her iris scanned. "No one told me what they'll do with my eye," de León, 57, told Rest of World. "But I did this out of need." De León, who lives off the $95 pension she receives from the state, had been desperate for money. Persuaded by her nephew, she agreed to have one of her irises scanned by Worldcoin, Sam Altman's blockchain project. In exchange, she received nearly $50 worth of WLD, the company's cryptocurrency.

De León is one of about half a million Argentines who have handed their biometric data over to Worldcoin. Beaten down by the country's 288% inflation rate and growing unemployment, they have flocked to Worldcoin Orb verification hubs, eager to get the sign-up crypto bonus offered by the company. A network of intermediaries — who earn a commission from every iris scan — has lured many into signing up for the practice in Argentina, where data privacy laws remain weak. But as the popularity of Worldcoin skyrockets in the country, experts have sounded the alarm about the dangers of giving away biometric data. Two provinces are now pushing for legal investigations. "Seeing that [iris scans have] been banned in European countries, shouldn't we be trying to stop it, too?" Javier Smaldone, a software consultant and digital security expert, told Rest of World.
Last month Worldcoin's web site announced that more than 10 million people in 160 countries had created a World ID and compatible wallet (performing 75 million transactions) — and that 5,195,475 people had also verified their World ID using Worldcoin's iris-scanning Orb.

But the article notes a big drop in the number of countries even allowing Worldcoin's iris-scanning — from 25 to just eight. While in less than a year Worldcoin opened nearly 60 centers across Argentina...