Technology

Zebra mussels, hydrilla, and now a water flea have made their homes in New Croton Reservoir.

The league leaders travel to Hamburg.

It was my birthday a few weeks ago, and as if that didn’t make me feel old enough, the Firefox browser has just turned exactly 20 years old today. Yes, Firefox version 1.0 launched on November 9, 2004 – and I've been using it for almost as long as it's been alive, picking it up in the mid-noughties and loading it onto every computer I’ve used in the years since.

Over all that time, I’ve stuck with Firefox through thick and thin (and Chrome's increasing dominance). It’s clear to me that Firefox has always done a few things far better than rivals like Chrome and Safari – things that those web browsers are unlikely to ever match.

Right from when I started using Firefox, what drew me to it was its strong stance on privacy. It’s always been important to me that my data stays my own and is not sold to anyone else for profit. It’s not always possible to stop that happening, but with Firefox, it’s a whole lot easier.

That’s because Firefox blocks all sorts of trackers that can invade your privacy and follow you around the web. Cookies are isolated to stop them building a detailed picture of you, and Firefox limits access to data that can be used to create a digital “fingerprint” of your browsing habits by less conscientious websites and services.

That’s just scratching the surface of its privacy-protecting features, and I’m still glad to have them at my disposal whenever I use the web.

Chrome’s privacy problem

(Image credit: Growtika / Unsplash)

Take a look at Google Chrome and the contrast is stark. Chrome doesn’t block trackers by default, nor does it offer fingerprint blocking. It monitors the websites you visit and uses this data to send you targeted ads. While you can block some of the topics it identifies, you can’t stop it finding other ad topics to share with websites. It’s going to sell your private data, whether you want it to or not.

While Google has considered implementing pro-privacy features, it’s often backtracked when it became apparent how much that could impact third-party advertisers and data brokers. Just look at the Privacy Sandbox, which Google has watered down significantly, or the way Google often uses so-called dark patterns to lure you into sharing as much of your data as possible.

Ultimately, we shouldn’t be surprised at Chrome’s behavior. Google runs the world’s largest advertising network and has a built-in incentive to violate your privacy (and limit what you can do to stop it). Google’s privacy efforts will always be half-hearted as long as implementing policies that keep your info safe hurt its bottom line. Money talks, after all.

Things are different for Firefox because it’s developed by Mozilla, a group that puts privacy at the forefront of its work. Firefox is open source, too, so you know exactly what you’re getting without having to worry about hidden nasties making it into your browsing experience. In other words, it’s the antithesis of Chrome.

Actions speak louder than words, and Mozilla doesn’t just talk the talk – it follows through on what it promises, even when its features might hurt its ability to make money from its users.

In contrast, it’s clear that this is absolutely not the case with Chrome, and nor will it ever be. I know which browser I’d rather trust.

Why don’t I just use Safari?

(Image credit: Photo Illustration by Omar Marques/SOPA Images/LightRocket via Getty Images)

If privacy is a priority for me, why haven’t I switched to Apple’s Safari browser? There’s an argument for me doing so: like Mozilla, Apple is well-known for its pro-privacy stances. Safari is generally faster than Firefox, too, helping it offer the best of both Firefox and Chrome.

But there’s a problem: Safari is limited to Apple’s own devices. I use both Windows and macOS in my day-to-day life, so I need something that will function on every device I own. Safari can’t do that, and given how disappointing Safari for Windows was back when it existed, I doubt Apple is too fussed about expanding the browser beyond its own products.

In contrast, I can get Firefox on any of my devices and it will be set up just as I expect it to be, with all the extensions, bookmarks and tabs right where they should be. I can send a tab from Firefox on my Windows PC to Firefox on my Mac or on my iPhone and it’ll arrive instantly, letting me pick up where I left off whatever device I’m using.

It’s that combination of cross-platform compatibility and rock-solid privacy credentials that have me still using Firefox 20 years later.

Throw in a huge library of excellent extensions and I get everything I need from Mozilla’s browser – there’s no alternative that quite matches what it can do. With 20 years in the bag, I imagine I’ll still be using Firefox in another two decades’ time.

You might also like

• I've started using Mozilla Firefox and now I can never go back to Google Chrome
• Your privacy on Chrome is at risk, here’s what you can do
• The goodbye that never was: Chrome to hold on to 3rd-party cookies, why?

Plus: Hot Topic confirms a customer data breach, Germany arrests a US citizen for allegedly passing military secrets to Chinese intelligence, and more.

Get ahead of the Black Friday sales with these Veterans Day mattress deals on all our editor-tested picks.

• Github repositories are being infected with malware
• Trusted repositories can bypass secure web gateways
• Github comments are also being used to hide malicious files

In a new phishing campaign detected by Cofense Intelligence, threat actors used a novel approach by leveraging trusted GitHub repositories to deliver malware. The campaign is aimed at exploiting the inherent trust many organizations place in GitHub as a developer platform.

Instead of creating malicious repositories, attackers chose to embed malware into legitimate ones affiliated with tax organizations such as UsTaxes, HMRC, and Inland Revenue.

This allowed them to bypass Secure Email Gateway (SEG) protections, posing a significant challenge to cybersecurity defenses. The attack also capitalized on the sense of urgency tied to filing taxes after the April deadline in the US.

Phishing tactic – abuse of trusted repositories

Emails associated with the campaign contained links to archives hosted on GitHub. Unlike traditional phishing attacks that rely on suspicious links or attachments, these emails appeared credible because the GitHub repositories used were legitimate and well-known, and can circumvent Secure Web Gateways.

The archive files linked in the emails were password protected, a tactic used to add an air of legitimacy. This protection also made it more difficult for malware scanners to detect and inspect the contents of the archive. Once opened, the password-protected files installed Remcos Remote Access Trojan (RAT) on the victim’s system, granting attackers remote control over the infected device.

A key component of this campaign was the use of GitHub comments to upload malicious files. GitHub comments are typically used by developers to communicate about a repository’s content, propose changes, or document issues. However, attackers exploited this feature by uploading malware-laden files within comments rather than the repository’s source code, allowing them to circumvent the usual security protocols and ensure that the malware remained hidden.

Even if the original comment containing the malware link was deleted, the malware itself remained accessible through the repository’s file directory. This method has been used before, most notably with the Redline Stealer malware, but this campaign represents a significant escalation in the use of GitHub comments as a malware distribution vector.

The campaign primarily targeted the financial and insurance industries, with both sectors being particularly vulnerable during tax season, as they handle a large volume of sensitive financial data.

The attackers appear to have been testing the waters with a smaller campaign, focusing on these two industries. Previous phishing campaigns using techniques like QR codes had broader targets, but the narrower focus of this attack suggests the threat actors were experimenting with the GitHub-based method before scaling up.

Phishing campaigns remain one of the most persistent and effective tactics used by cybercriminals to gain unauthorized access to sensitive information.

These attacks typically involve deceptive emails or messages that trick users into clicking malicious links, downloading harmful attachments, or revealing personal details.

Over the years, phishing techniques have evolved, becoming more sophisticated and harder to detect. Cybercriminals now leverage trusted platforms, disguise malicious intent behind legitimate-looking messages, and use advanced social engineering techniques.

You might also like

• Microsoft just gave GitHub a load of new Copilot tools
• Sales tax scares off UK businesses
• Take a look at the best malware removal

I am obsessed with this streaming device, and it's the kind of gift you know someone will use again and again.

When it comes to unique mattresses, you can't go wrong with Purple. After trying out all the Purple mattresses, even the latest ones, here's what I think about who they might be good for.

Can Los Blancos avoid a third successive defeat at the Bernabéu?

AT&T Fiber tops our list of the best internet providers in Asheville but if it is not available at your address, there are several other options to consider.

If you're new to Bellevue or need a new connection, the city offers fast yet cheap internet speeds. CNET reviewed the options available and here's the rundown.

Spoilers follow for Arcane season 2's first six episodes.

I love Arcane. Just ask anyone who's listened to me wax lyrical – with increasing regularity, some might say – about the history-making Emmy award winner since it made its Netflix debut in November 2021.

With its predecessor ending on a stunning cliffhanger, the wait for Arcane season 2 has been excruciating. However, as the saying goes, "good things come to those who wait", so I've constantly reminded myself that the three-year gap between seasons would be worth it.

And it absolutely was. Having watched its first six episodes, I staunchly believe Arcane's second and final chapter is a monumental artistic and narrative achievement that, its final three installments notwithstanding, is a near-perfect duology capper to Netflix, Fortiche Production, and Riot Games' first League of Legends (LoL) animated adaptation.

The hunt begins

Caitlyn (center) forms a strike team to hunt down Jinx after the latter's attack on Piltover's council (Image credit: Netflix)

Season 2 begins mere moments after its forebear's dramatic finale. Jinx's (Ella Purnell) deadly attack on Piltover's council leaves three of its members dead, including Caitlyn's (Katie Leung) mom Cassandra, and many others, Viktor (Harry Lloyd) among them, severely wounded.

As the council's traumatized leader Jayce (Kevin Alejandro) attempts to save Viktor's life and his fellow councillor/love interest Mel (Toks Olagundoye) mobilizes the rest of Piltover's scarred ministers to plan their next move, a grief-stricken Caitlyn takes matters into her own hands. Establishing a five-member strike team that includes Jinx's estranged and guilt-riddled sister Vi (Hailee Steinfeld), Caitlyn leads her newly-formed squad into Zaun with three aims: capture Jinx, shut down production of the dangerous and addictive substance known as shimmer, and neutralize anyone still loyal to Zaun's recently deceased defacto leader Silco (Jason Spisak), such as Sevika (Amirah Vann).

Arcane's main strength lies in its approach to compelling us to emotionally invest in each individual's journey

Succeeding won't be easy. Silco's death has ignited a civil war among Zaun's chem-barons, with gang bosses like Smeech (Lenny Citrano) taking advantage of the current power vacuum to try to become the undercity's new crime kingpin.

Caitlyn's squad, then, may have a hard time tracking down Jinx at such a tempestuous time. Plus, with Zaunites learning of Jinx's successful strike on PIltover's powerbrokers, Vi's younger sibling suddenly finds herself installed as a revolutionary figure they can rally behind – a development that'll make Caitlyn and Vi's mission even harder to accomplish.

Ambessa enjoys a far bigger role in this season than Arcane's first installment (Image credit: Netflix)

As a character-driven spectacle, Arcane's main strength lies in its approach to compelling us to emotionally invest in each individual's journey. It's not unlike HBO's Game of Thrones in that respect, with the evolution – and, in some instances, de-evolution – and decision-making of its morally complex cast provoking viewers to frequently switch allegiances between them. Indeed, the war that erupts between Piltover and Zaun will flip audiences' devotion to some characters on its head, with Zaun's major players adopting more heroic roles early in season 2 and Piltover-based individuals positioned as Arcane's new antagonists-in-chief.

Arcane's overarching story undergoes its own evolution in its final season

What struck me most, though, is how the overarching plot undergoes its own structural evolution. Like season 1, episodes follow multiple storylines, with some converging to satisfyingly form conducive, singular narratives as season 2 progresses. However, each chapter's focus on specific characters – established members of its strong female contingent gifted even more agency than last season, or otherwise – lends them an unexpected yet gratifying individuality.

Elora and Mel get caught up in a supernatural and political thriller as season 2 progresses (Image credit: Netflix)

Take episode 1, titled 'Heavy Is The Crown', for instance, whose narrative is anchored by a heartbroken and vengeance-fuelled Caitlyn. Meanwhile, season 2's third episode, aka 'Finally Got The Name Right', sheds light on Ambessa's past, her reasons for traveling to Piltover, and the mysterious dangers that lurk in the shadows of her home nation Noxus. Then there's episode 4, named 'Paint The Town Blue', where Jinx learns of her symbolic position among Zaun's downtrodden populace that instigates her transition from villain to unlikely anti-hero. There's a natural, appropriate progression to most characters' season 1 arcs, too, with plenty of space devoted to exploring the vulnerabilities, desires, and newly-formed motivations that trigger Arcane's so-called heroes to explore their dark sides, and vice versa with their supposedly villainous counterparts.

Season 2's genre expansion adds new storytelling dimensions and narrative weight that I didn't expect

Season 2's exploration of additional subgenres is a welcome bonus, too. Whether it's the gradual evolution of Mel's storyline that becomes a conspiracy thriller-cum-supernatural horror, the slasher-style introduction of a terrifying new LoL champion teased in Arcane season 2's first clip and a gorgeous season 2 poster, or the highbrow sci-fi aspects that punctuate Viktor's arc, season 2's genre expansion adds new storytelling dimensions and narrative weight that I didn't expect. If season 1 was a largely grounded story with fantasy and sci-fi elements weaved into it, its sequel is almost the complete opposite, especially once season 2 reaches its midway point.

Daring and in-demand dynamics

Isha and Jinx's endearing relationship is one of many new dynamics in season 2 (Image credit: Netflix/Riot Games/Fortiche Production)

Arcane's final season is just as eager to introduce new character dynamics, too. Tense alliances Ambessa shares with Caitlyn and Singed, plus a three-pronged team-up between Jayce, Ekko, and Heimerdinger, make particularly engrossing viewing due to each character's wildly different backgrounds and upbringings. The inclusion of Isha (Lucy Lowe), a young girl Jinx saves from chem-baron Chross' goons, is equally fascinating, wit Isha's sibling-like idolization of Zaun's reluctant freedom fighter reminding me of Jinx's sisterly reverence of Vi in season 1's first act.

Make a mental note for a specifically 'CaitVi' moment in episode 3 that's... as crowd-pleasing and sensitively handled as you'd expect

You shouldn't worry about previously established relationships being overshadowed by these new coalitions, either. For instance, there are plenty of captivating and heart-rending moments centered on 'CaitVi', the Arcane fandom's affectionate term for Caitlyn and Vi's 'will they, won't they' dynamic. Indeed, season 2 reunites them just 10 minutes into its premiere for a scene that offers the briefest insight into the compelling and explosive escalation of their romance-fuelled, melodramatic bond this season. I'd advise you to make a mental note for a specifically 'CaitVi' moment in episode 3 that's not only been a long time coming but is also as crowd-pleasing and sensitively handled as you'd expect.

Season 2 provides opportunities to explore new partnerships, such as an Ekko-Jayce team-up (Image credit: Netflix)

Vi and Jinx's seemingly irreparable bond gets a striking amount of airtime as well. Outside of what Arcane season 2's official trailer teased, I don't want to ruin what's in store for the deuteragonists' shared storyline. However, I will say it goes to some unexpected places and that viewers should anticipate numerous incendiary and tear-jerking scenes – some of which occur earlier than I'd foreseen – involving the iconic pair. I'm not afraid to admit that I cried, just like Arcane star Ella Purnell told me she did, during some emotionally charged scenes that herald the beginning of the end of Vi and Jinx's story.

Similarly fraught but respect-laced bonds are also examined to varying degrees, including Jayce and Viktor's increasingly unprincipled partnership, and Jinx and Sevika's burgeoning odd-couple dynamic that juxtapose 'CaitVi' in histrionic and amusing ways. Season 2 finds ample opportunities to devote more screen time to Arcane's supporting cast, too. Smeech, Piltover councillors Salo (Josh Keaton) and Shoola (Mara Junot), and another newcomer in Piltovan enforcer Maddie (Katy Townsend) feature enough to make me believe that their inclusion, and overall importance to the story, is worthwhile.

Lore lessons and animated enhancements

Netflix, Riot, and Fortiche get creative with season 2's drop-dead gorgeous animation and art styles (Image credit: Netflix/Riot Games/Fortiche Production)

And what of Arcane's Art Nouveau-inspired painterly animation style? Already mesmerizing to look at, season 2's rich visuals are not only more cinematic in scope but creatively ambitious in design. Whether it's the somberness of the sketch-penciled backdrops that contrast the vivid colors of 'CaitVi' during Cassandra's funeral, episode 3's pop-art-influenced opening sequence, or visual flourishes like the vapor trails from Jinx's pistol spelling out 'Poow' in episode 2, Fortiche has dialed Arcane's visual fidelity all the way up to 11.

Sevika's season 2 showdown with Smeech... is easily in my top three fights

Fortiche's determination to refine every aspect of this show is further evidenced by its animated improvements. Season 1 was jaw-dropping, but its successor feels bolder and more innovative, especially from an action viewpoint. Duels and large-scale battles – of which there are many, for anyone who felt the first season was lacking in physical confrontations – are more violent, heart-pounding, and breathtaking than before. Anime-inspired graphics energize some fights, such as Sevika's season 2 showdown with Smeech, in laugh-out-loud ways, too – honestly, the Sevika and Smeech bout is easily in my top three fights in Arcane, it's that inventively fun.

Some of season 2's fight scenes have a real anime quality to them (Image credit: Netflix/Riot Games/Fortiche Production)

Long-time LoL fans will be very satisfied with Arcane's attention to detail from a lore perspective as well. Season 1 wasn't lacking in references to Riot's hugely popular game series – neither is season 2, with episode 5's game of tellstones one of myriad nods to LoL – but its follow-up fleshes out this region of Runeterra in an engrossing manner. The expansion of LoL's mythology, particularly from Hextech, Hexcore, and Rune standpoints, is fulfilling for League devotees and casual viewers alike. Elsewhere, confirmation about a long-standing rumor concerning Singed, coupled with intriguing glimpses into Vander and Silco's collective past, may rewrite some key aspects of Runeterran history and League mythos, and go some way to answering eight big questions I had heading into Arcane's second season.

Yes, Viktor, I'm disappointed with these slight season 2 problems, too (Image credit: Netflix)

Infatuated as I am with Arcane, I have a couple of minor gripes with this masterpiece of an animated show's final hurra.

For one, its occasionally chaotic pacing leaves little room to deal with the fallout, or rekindling, of some relationships, nor does it find the time to fully examine the existential themes in its middle act. It's commendable that Arcane's creators want to maintain consistency across the show's episodic runtimes. The lack of self-indulgent plot exposition means viewers' intelligence is not insulted and episodes don't suddenly grind to a halt, too. Indeed, season 2's exposition dumps are kept to a minimum, with characters only filling in the narrative gaps where absolutely necessary. Still, periodically slowing things down a smidge, for non-plot expository reasons, wouldn't have been to season 2's detriment.

The abrupt discarding of some supporting characters is just as curious. Some viewers may not mind this, but I found it slightly galling that individuals like Sevika, Maddie, and another newcomer Loris (Earl Baylon), whose roles are seemingly pertinent to Arcane's overarching plot, are side-lined at a moment's notice. I hope it doesn't continue, or is even pleasingly resolved, in season 2's final three episodes.

My verdict

Arcane season 2 doesn't just cement the show's place as one of the best Netflix shows ever created, but also as one of the greatest animated TV series of all-time. That's a bold claim to make but, if its final three episodes are as extraordinary as the rest, I'll be fully justified in suggesting as much. If Arcane had run for the five seasons it was reportedly going to do – its creators told me this was "never the plan", for what it's worth – I'd have even more evidence to back that up.

Netflix, Riot, and Fortiche can feel similarly vindicated in their fastidious approach to season 2's development. It may have taken over three years to make Arcane's final season as good as it can be, but it absolutely shows. This is a once-in-a-generation TV series, created with real love and ambition, that tells an intelligent, meticulously crafted, and emotionally captivating story (one set to a banging original soundtrack that'll top my 2024 Spotify Wrapped list). I don't think I'll see a show as ground-breaking as Arcane, nor one I'll worship as much, for a long time. Now, if you'll excuse me, I'm off to watch this two-season wonder, whose story is tailor-made to be streamed back-to-back, again.

Arcane season 2 act 1, comprising its first three episodes, is out now on Netflix. Act 2 and act 3 launch on November 16 and November 23 respectively.

I got a sneak peek at the first batch of episodes for the League of Legends show.

Welcome to another quick hit of tech news courtesy of TechRadar's ICYMI, the column that condenses all of the week's big stories into one handy list so you can catch up on what you might have missed.

What do we have in store for you this week? Well, the task of getting our PlayStation 5 Pro, MacBook M4 and Kindle Colorsoft reviews in front of you dominated our time, and you can see what we thought of them all below, but they were far from the only interesting tech stories. There were also new product releases, some beta software tests and a couple of very tasty leaks to stay on top of, so read on and find out what happened.

7. DJI unveiled its cheapest-ever FPV goggles

(Image credit: DJI)

DJI unveiled the Goggles N3, its cheapest-ever FPV (First Person View) goggles for immersive drone flight. At less than half the price of the Goggles 3, they look like an excellent pairing with the Neo, DJI's cheapest-ever 4K drone with multiple flight control options, including FPV.

In fact, DJI has made a new DJI Neo Motion Fly More Combo, which includes the Goggles N3 plus additional batteries and charging hub, all for less than the pricier Goggles 3 alone.

Low price doesn't mean low quality, either – the Goggles N3 pack a crisp 1080p screen with an immersive 54-degree field of view, and can perform aerial acrobatics such as flips and rolls with a tilt of your head. They also boast DJI's latest O4 transmission, negligible 31ms latency and neat augmented reality features. At half the price of the Avata 2 with goggles, this new pairing opens up the adrenaline-fuelled world of FPV flight to a whole new audience.

• Read more: DJI’s new cheap goggles make the Neo more affordable for immersive flying

6. iOS 18.2 beta showed us major Apple Intelligence upgrades

(Image credit: Apple / Future)

Apple Intelligence landed with iOS 18.1 but it isn’t quite as spectacular as everyone hoped it would be, largely because some of its most exciting features are currently unavailable. That could change soon, though, and the iOS 18.2 update beta has given us a taste of these missing features.

Genmoji is arguably the big one here. This allows users to create a custom emoji and we’ve already fallen in love with it, declaring it "the kind of feature that will instantly impact society and our online lives." That aside, the iOS 18.2 beta also includes ChatGPT being baked into Siri (though it’ll have restrictions for free users), and the arrival of Image Playground, which offers a more standard alternative to the best AI image generators than Genmoji does.

Beyond AI, 18.2 will bring new camera control tools, easier sharing of lost item information through the Find My service, and the first hints of Siri getting abilities to understand what’s on screen.

• Read more: Apple is adding 3 more useful upgrades to your iPhone with iOS 18.2

5. A leaked benchmark got us excited about the Samsung S25 Ultra

(Image credit: Future)

Apple has long maintained bragging rights over Samsung when it comes to the sheer under-the-hood power of its smartphones, but 2025 could see a momentum shift in favor of the Android manufacturer.

According to a new report, the Samsung Galaxy S25 Ultra could be even more powerful than the iPhone 16 Pro Max, with the upcoming Android flagship having performed exceptionally well in early benchmark tests.

We’re all but certain that the Galaxy S25 Ultra will use Qualcomm’s new Snapdragon 8 Elite chipset under the hood, and given that the likes of Xiaomi, OnePlus, and Honor have already confirmed that their respective flagships will use the same platform, the future looks extremely bright for Android fans.

• Read more: Samsung Galaxy S25 Ultra could be the most powerful phone on the planet

4. Google leaked its Jarvis AI

(Image credit: Shutterstock)

Oh dear! Jarvis, Google’s rumored AI agent that searches Chrome on your behalf, was accidentally leaked by the company itself earlier this week, popping up briefly in Chrome’s extension store before being swiftly removed.

While it didn't stick around for long, it gave us proof that this automated web browser – which Google describes as “a helpful companion that surfs the web with you” – is a real thing. The AI agent is expected to launch in December and will seemingly be able to surf the web, buy products, and even book flights on your behalf.

We're expecting plenty of these agents to spring up over the next few months, as companies try to innovate in the AI space; Anthropic has already released an automated agent to developers, and there also rumors that OpenAI could enter the mix, although we don’t have any information on what a ChatGPT AI agent could look like.

When will Jarvis appear for real? That's unclear, but if you’re excited at the prospect of AI doing mundane web browsing on your behalf, you might not have long to wait.

• Read more: Google accidentally leaks its AI agent that browses the web

3. Amazon’s color Kindle got off to a rough start

(Image credit: Philip Berne / Future)

We got our hands on the Kindle Colorsoft – awarding it four-and-a-half stars in our review – but we and others noticed that over time it started to develop a frustrating yellow tint at the bottom of its display.

Not every Colorsoft seems to be affected, and in our case the yellowing was not very noticeable, but that hasn’t prevented the store page from being flooded with negative reviews – with Amazon even calling those negative reviewers to learn more about the discoloration problem.

Amazon is still trying to implement whatever hardware or software fix it needs to, but if you already have a yellowed Colorsoft, the company has said it will offer you a refund or a replacement device.

• Read more: The Kindle Colorsoft faces shipping delays

2. We tested the PS5 Pro…

(Image credit: Sony)

The PS5 Pro is finally here and the good news is that it’s a fantastic console that offers an excellent gaming experience. It also introduces the wizardry of PSSR (that's Playstation Spectral Super Resolution, for the uninitiated). However, its price tag and lack of included disc drive really are hefty stings in its tail.

The graphical advancements offered by the PS5 Pro beautifully blend super-high levels of fidelity with fluid and smooth frame rates at the same time, and from our testing, can tangibly elevate the experience of playing games. The extra spec uplifts – such as Wi-Fi 7, an extra 2TB of storage, as well as boosts to non-enhanced PS5 and PS4 games – help to round out a premium package for those who want to be at the bleeding edge of console tech and desire the most performant console going.

All of which is great, but it’s nonetheless a bit of a hard sell for current PS5 users or anyone who's not, y'know, rich, because the advancements here are not truly transformational. Still, if you’re a PlayStation enthusiast and always want to get the most out of both performance and graphics then you'll love it.

• Read more: PS5 Pro review: a high-performing enthusiast console

1. …and we reviewed – and loved – the new M4 Macs, too

(Image credit: Apple)

We’ve also been testing the new M4-powered Macs from Apple – and it's fair to say that we're impressed. And then some…

For instance, our Apple iMac 24-inch review describes the new model as the “best all-in-one computer you can purchase”, a fact helped by its new more affordable price, while our Apple MacBook Pro 14-inch review labeled the laptop “a pro-grade portable that impresses in every area.”

It’s no surprise then that both of those computers were awarded scores of 4.5/5 scores, but we want a step higher for the revamped Mac mini, awarding it one of our rare five-star reviews.

Per our Managing Editor of Core Tech Matt Hanson in our Apple Mac mini review, “Apple has made what was already the best small form factor PC even better thanks to a more compact design, and it packs the new M4 and M4 Pro chips – all while offering incredible value for money as well. I can't recommend this Mac enough.”

• Read more: Apple Mac mini (M4, 2024) review: smaller, faster, better

Smart, compact and comfortable, there's a lot I love about the Logitech MX Keys Mini.

Here are the answers for The New York Times Mini Crossword for Nov. 9.

• New custom malware loader written in JPHP is wreaking havoc
• The custom payload is difficult to detect using cybersecurity tools
• The malware-loader can deploy custom payloads as required

Trustwave SpiderLabs says it has recently uncovered a new form of malware known as Pronsis Loader, which is already causing trouble due to its unique design and tactics.

Pronsis Loader makes use of JPHP, a lesser-known programming language rarely utilized by cybercriminals, and alsoemploys advanced installation techniques, making it more challenging for cybersecurity systems to detect and mitigate.

JPHP, a variation of the popular PHP language, is rarely seen in the world of malware development. While PHP is commonly used for web applications, its integration into desktop malware development is unusual, giving Pronsis Loader an advantage in avoiding detection.

JPHP – a rare choice in cybercrime

Pronsis Loader can evade signature-based detection systems, which are typically designed to recognize more common programming languages in malware. JPHP gives the malware a layer of “stealth” allowing the malware to fly under the radar of many security tools.

The malware also uses obfuscation and encryption methods to hide its presence during the initial infection phase. Upon execution, it deploys complex methods to avoid triggering traditional antivirus software and endpoint protection systems. The loader first installs itself silently in the system, disguising its activities by mimicking legitimate processes or applications, making it difficult for both automated security tools and human analysts to spot.

Once installed, Pronsis Loader can download and execute additional malware, including ransomware, spyware, or data exfiltration tools. This modular approach makes the malware highly flexible, allowing attackers to tailor the final payload based on the target’s system or environment. Pronsis Loader is part of an increasing trend in malware development where attackers use loaders as a first step in multi-stage attacks. These loaders, designed to introduce other malware into a system, provide attackers with flexibility.

To combat these evolving threats, security teams should adopt more advanced monitoring and analysis methods, such as behavior-based detection, which can identify malware by its actions rather than its code signatures alone. Additionally, continuous updates to threat intelligence can help identify the use of rare languages and methods like those employed by Pronsis Loader.

"Pronsis Loader marks a notable shift in how cybercriminals are deploying malware, employing JPHP and silent installations to evade traditional detection methods. Its ability to deliver high-risk payloads like Lumma Stealer and Latrodectus makes it particularly dangerous,” said Shawn Kanady, Global Director of Trustwave SpiderLabs.

“Our research uncovers not only the malware’s unique capabilities but also the infrastructure that could be leveraged in future campaigns to give security teams a chance to strengthen their defences,” Kanady added.

You might also like

• This dangerous new malware also has ransomware capabilities
• Dangerous new 'Hook' Android malware lets hackers remotely control your phone
• These are the best VPNs with antivirus

Here are some hints — and the answers — for Connections: Sports Edition No. 47 for Nov. 9.

Here are some hints, and the answers, for the Nov. 9 Strands puzzle, No. 251.

Here are some hints — and the answers — for Connections No. 517 for Nov. 9.