This is Maybe this is only a serious issue with people hosting meetings, I do not know. See below for further information. Once it gains access to your calendar, it will attempt to join other sessions. DO NOT LET IT JOIN or kick it out. and warn attendies to REFUSE it. Update: further research seems to indicate the primary method of infection is by accessing people's calendars, and entering other sessions by logging in, not hiding its name (so far) of "firefly.ai". Once in, it asks other users to activate it, gaining access to their calendars (which you probably want to make NOT public if you have any URLs in it) If they think they are doing a service, they will continue to try to connect with Firefly in their name, so just not admitting them should be sufficient. If they are truly malevolent, they will connect with real-sounding names like fredjones, then change their name to be that of the host before asking the person to approve them. It might be wise to turn on the waiting room and not let it in. As a part of this, there is apparently an add-on to Zoom (and other conferencing sessions) called firefly, purportedly doing an AI analysis of your session. It will try to act like it is part of the session and ask attendees to click and approve it, infecting them. An AI search seems to indicate it is hard to get rid of. As an attendee, in the session where I clicked "yes" thinking the host supported it, I deleted all cookies; I doubt that was sufficient. Here are the full AI instructions to remove it if you get infected. Since it seems to update your Zoom account, a complaint should probably be made to them to not allow that (by somebody paying them money). I was not logged into my free-level Zoom account so I don't know if this will affect others. To remove yourself from Fireflies.ai, follow these steps: 1. Disconnect from Meetings: If Fireflies is integrated with your Microsoft Teams or Zoom meetings, disconnect it through the Fireflies settings page. In Teams, scroll to the bottom of the Fireflies settings and click "Disconnect". In Zoom, go to the Zoom App Marketplace, sign in, click your profile icon, select Manage, then Installed Apps, find Fireflies.ai, and click Uninstall. 2. Delete Your Account: Log in to your Fireflies web app, navigate to Settings > Account Settings, and scroll down to the "Delete Account" section. Click "Delete my account". You will be prompted to select a reason for leaving and can optionally provide feedback. Confirm the deletion when prompted. 3. Account Deletion Process: Your account will be deactivated immediately, but the permanent deletion of your data will occur after a 30-day grace period. During this time, you can contact support to recover your data if needed. After 30 days, your data will be permanently erased and cannot be recovered. 4. Remove App Integrations: Ensure all linked integrations, such as calendar connections, are disabled to prevent lingering access. 5. Uninstall the Application: If you have the Fireflies app installed on your computer, uninstall it. On Windows, go to Settings > Apps > Installed Apps, search for Fireflies.ai, click the three dots, and select Uninstall. On Mac, open Finder, locate Fireflies.ai in the Applications folder, drag it to the Trash, and empty the Trash. 6. Remove Browser Extensions: If you have the Fireflies extension installed in your browser, go to your browser's settings, navigate to Extensions, find Fireflies.ai, and click Remove. 7. Check for Residual Files: Search your computer for any remaining Fireflies.ai files. On Windows, search for %AppData% in File Explorer and delete any related folders. On Mac, check ~/Library/Application Support/ and remove any Fireflies.ai-related files. 8. Admin Actions (if applicable): If you are an administrator and need to block Fireflies for your organization, you can do so through the Microsoft Teams Admin Center by managing apps and blocking Fireflies.ai, or through Google's API controls to block traffic. Further information: The presence of Fireflies.ai in Zoom and other online sessions is considered a serious privacy and security concern by users and IT administrators alike. The issue stems from Fireflies.ai's ability to join meetings unexpectedly, often without explicit user consent, due to its integration with calendar services like Google Calendar and Outlook. This behavior has been described as "creepy" and invasive, with users reporting that the bot appears in meetings even after accounts are deactivated or the app is uninstalled. A major concern is that Fireflies.ai can gain access to meetings through calendar integrations, allowing it to auto-join meetings it knows about, even if the user never authorized it. This persistence is likened to a "plague" that is difficult to remove, with some users stating that simply disconnecting the app from their calendar or removing it from Zoom's app marketplace does not fully stop its intrusion. The issue is compounded by the fact that the bot may have already been granted access to previously scheduled meetings, requiring manual removal from each event. The situation is particularly problematic for organizations, as Fireflies.ai can automatically join meetings across a company's network if a single user has previously connected their account, potentially exposing sensitive information. Despite attempts to block the app via API controls or admin settings, some users report that Fireflies.ai continues to join meetings, indicating that the issue may not be fully resolved by standard administrative measures. Furthermore, the bot's behavior raises legal and compliance concerns. Users are legally responsible for ensuring that all participants consent to being recorded, and if Fireflies.ai joins a meeting without consent, the host could face liability. This is especially critical in contexts involving healthcare, legal, financial, or government discussions where confidentiality is paramount. In summary, the "infection" of Zoom and other online sessions by Fireflies.ai is serious due to its invasive auto-join behavior, difficulty in removal, potential for unauthorized recording, and the legal risks it poses to users and organizations. My experience: I joined a session, it asked me to approve it. In the process, it asked me for access to my calendar, which I turned off. it then asked again, without the option to refuse access to my calendar. Since I thought it was something the host encouraged, I accepted. I am sure others will have accepted the first time. When the host said she did not know what it was, I deleted all cookies, but I do not think that is sufficient. I have made my Google calendar private; if you can do that, it is probably wise. To do that, click on the gear at the upper right of your calendar page Click "settings" Under settings for your calendars, click on your calendar Under "access permissions for events" UN-click "make available to the public" Carey