Image by Javi Hoffens, from Unsplash

Trump Signs Law Banning Deepfake Revenge Porn

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Sarah Frazier Former Content Manager

President Trump signed a groundbreaking law Monday banning deepfake revenge porn and forcing social media to act quickly on victim reports.

In a rush? Here are the quick facts:

• Offenders face up to 3 years in prison for non-consensual explicit content.
• Websites must remove reported deepfakes within 48 hours.
• The law has strong bipartisan support across Congress.

In a step toward online safety, President Donald Trump signed the Take It Down Act into law on Monday, as first reported by Bloomberg . The new legislation makes it a crime to knowingly post AI-generated sexually explicit images, also known as deepfakes , without the person’s consent.

“With the rise of AI image generation, countless women have been harassed with deepfakes and other explicit images distributed against their will,” Trump said during the White House Rose Garden ceremony, reports Bloomberg. “It’s just so horribly wrong […] and today, we’re making it totally illegal,” he added.

Under the law, offenders can face up to three years in prison. Social media companies and websites must remove the content within 48 hours of a victim’s report and make reasonable efforts to delete all copies. Platforms that fail to comply may face civil penalties.

“This legislation is a powerful step forward in our efforts to ensure that every American, especially young people, can feel better protected from their image or identity being abused,” said First Lady Melania Trump, who has championed the measure as part of her youth safety efforts. “Thank you all for coming together to prioritize people over politics.”

AOL reports that the bill passed Congress with overwhelming bipartisan support, and gained backing from both Republicans and Democrats. Notable sponsors included Sen. Ted Cruz (R-Texas) and Sen. Amy Klobuchar (D-Minn.), along with Reps. Elvira Salazar (R-Fla.) and Madeline Dean (D-Pa.).

Bloomberg notes, however, that tech leaders like Meta and Google have supported the bill, while others raised concerns about free speech.

Al Jazeera reports that the Electronic Frontier Foundation warned that the law’s rules for taking down flagged content could threaten “free expression, user privacy, and due process, without addressing the problem it claims to solve.”

“Lawful content – including satire, journalism, and political speech – could be wrongly censored,” the group said in a February statement, according to Al Jazeera .

AOL reports that supporters argue the law respects First Amendment rights by targeting only content that would mislead a “reasonable person.”

Image by Matthew Manuel, from Unsplash

Microsoft Files Lawsuit After Nearly 400K PCs Hit by Data-Stealing Malware

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Sarah Frazier Former Content Manager

Microsoft has shut down a major cybercrime operation after finding 394,000 Windows computers infected with the Lumma Stealer malware worldwide.

In a rush? Here are the quick facts:

• Lumma malware infected nearly 400,000 Windows PCs between March and May 2025.
• Hackers stole passwords, banking data, and crypto wallets using Lumma Stealer.
• Microsoft seized 1,300+ malicious domains; Europol helped with 300 more.

Microsoft has taken legal action to shut down a widespread malware campaign that infected nearly 400,000 Windows computers across the world, as reported by Reuters . The cybercriminals employed Lumma Stealer malware to steal passwords, credit card numbers, bank account information, and cryptocurrency wallet details.

The Digital Crimes Unit (DCU) of the company took the lead in this operation by working with international law enforcement agencies. The cybercriminals used the malware to steal data on a massive scale between March 16 and May 16, 2025.

“Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims,” Microsoft said . Microsoft also announced that it had taken control of more than 1,300 malicious domains through seizure or redirection, while Europol helped seize or redirect 300 domains.

Microsoft received a court order from the U.S. District Court in Georgia, allowing it to take down web domains supporting Lumma’s network. The U.S. Department of Justice later seized Lumma’s “central command structure” and took down marketplaces selling the malware, as reported by CNBC .

According to Reuters, the FBI’s Dallas Field Office currently leads the investigation. Microsoft stated that Lumma Stealer was available for purchase on dark web forums since 2022 and its developers continuously updated the malware to evade detection.

Reuters reports that in a separate blog post, Microsoft said, “The growth and resilience of Lumma Stealer highlight the broader evolution of cybercrime and underscore the need for layered defenses and industry collaboration to counter threats.”

The cybercriminals used fake Booking.com branding to deceive users into downloading Lumma malware. The malware targeted various sectors including gaming communities as well as schools and healthcare organizations and manufacturing facilities and logistics operations.