Reebok has just unveiled the brand new iteration of its top training shoe, the Nano X5 Training Shoes.
While the Nike Free Metcon 5 currently sits atop our best gym shoe guide, the Nano X line has been a mainstay as a brilliant CrossFit and training shoe designed for stability and heavier lifting.
New for 2025 (with a January 24th release date), Reebok has unveiled the Nano X5, replete with a new Decoupled Metasplit Outsole and a new DUALRESPONSE Midsole. Here's everything you need to know about the newest version of the Official Shoe of Fitness.
Reebok's Nano X5 Training Shoes (Image credit: Reebok)The new nano features a premium flexweave upper that should provide breathability, durability, and comfort.
Underfoot, the new midsole and outsole should add increased flexibility for running and circuit training, possibly gearing the X5 to a more all-rounder status. Specifically, the DUALRESPONSE Midsole provides more cushioning and response upfront for running, but more stability in the rear. Reebok says the Performance Comfort Collar will also provide a 360-degree locked-in fit.
The Reebok Nano X5 will be available to buy from Reebok on January 24th, starting at $140. We'll be hands-on and testing with the Nano X5 very soon, and we'll be able to give you a full run down and review in time for 2025.
The X5 will be available in Women's Sport and Unisex Sport styles, with six colors for each.
You may also likeCl0p ransomware, the hacking group that was responsible for the infamous MOVEit data leak fiasco, has now claimed it was also behind the recent Cleo attacks.
Security researchers from Huntress recently revealed three managed file transfer (MFT) products from Cleo were carrying an unrestricted file upload and download vulnerability that could lead to remote code execution (RCE).
The bug is tracked as CVE-2024-50623, and was found in LexiCom, VLTransfer, and Harmony. Cleo released a patch for it in October 2024, but apparently it wasn’t effective.
The attack "project"Huntress also said that it spotted at least two dozen compromised organizations, since the flaw was actively exploited in the wild:
“Victim organizations so far have included various consumer product companies, logistics and shipping organizations, and food suppliers,” Huntress said in its writeup, adding that countless other companies are at risk.
Soon after Huntress’ announcement, the US Cybersecurity and Infrastructure Security Agency (CISA) added the bug to its Known Exploited Vulnerabilities (KEV) catalog, confirming the findings and giving federal agencies three weeks to patch up or stop using the tools entirely.
At first, the attack was not attributed to any particular group, since the evidence was inconclusive. However, over the weekend, BleepingComputer contacted Cl0p, who confirmed being behind the attacks:
“As for CLEO, it was our project (including the previous cleo) - which was successfully completed,” the group told the publication. “All the information that we store, when working with it, we observe all security measures. If the data is government services, institutions, medicine, then we will immediately delete this data without hesitation (let me remind you about the last time when it was with moveit - all government data, medicine, clinics, data of scientific research at the state level were deleted), we comply with our regulations.”
Clearly, Cl0p does not want to dabble with government or healthcare data, since that incurs the wrath of law enforcement, and most ransomware actors that went for government or healthcare data ended up dismantled, or at least seriously disrupted.
You might also likeWe reckon that Silo is the best dystopian series since Fallout, and we're currently enjoying Silo season 2. But while the showrunner Graham Yost has said that there's a "big mystery" around this season, that mystery isn't "will it be renewed for another season?".
How do we know? Because Tim Cook said so. Posting on X, the Apple boss said that he's "excited to share that Silo will return for a third AND fourth season".
Here's hoping that Apple gives the production company a little bit of extra money to light the Silo scenes in season 3 and 4. The show's interior scenes are so dark my brother ended up buying a new TV in order to see what was going on. Sometimes I wonder if it's all a plot to sell more mini-LED TVs.
Excited to share that “Silo” will return for a third AND fourth season! We’re thrilled to support the imagination and inspiration out of the UK as they continue to create world-class films and series. pic.twitter.com/hmtszs7hf5December 16, 2024
What to expect from Silo season 3 and 4Tim Cook isn't telling: he just wants you to know that "we're thrilled to support the imagination and inspiration out of the UK as they continue to create world-class films and series".
Without any spoilers, the current season – season 2 – raises more questions and myriad mysteries of exactly what happened to the Earth and who built the vast network of doomsday bunkers. It begins with The Engineer, a bloody flashback to an earlier era of the silos, and the season shows Bernard starting to pull on the strings of things he doesn't know while a growing rebellion begins to fester.
If you want to know more, of course, you can turn to the books: Silo is based on Hugh Howey's Wool trilogy of Wool, Shift and Dusk. The first half of book one maps closely to Silo season one; the second half and some of book two, from what we've watched so far, maps to the second season. And that means the next seasons will be drawing from Dusk, which starts with the aftermath of something very big in a "war [that's] just beginning".
That's good news for fans of the show, but it's bittersweet too: Dusk is the last book. And that means season 4 will be the last time we'll see the Silo too. As showrunner Jost told Variety, "we are thrilled to have the opportunity to bring this complete story to the screen over the course of four seasons. With the final two chapters of Silo we can’t wait to give fans of the show an incredibly satisfying conclusion to the many mysteries and unanswered questions contained within the walls of these silos.”
Seasons 1 and 2 of Silo are streaming now on Apple TV Plus, with episode 6 set to be released next Friday (December 20) before the season finale debuts on Friday (January 17).
You might also likeThe US government has announced a strict set of requirements which could effectively block Chinese access to AI chips.
According to Reuters, these requirements will ‘empower companies like Google and Microsoft to act as gatekeepers worldwide’, and includes reporting information to the US government, which would close the export loopholes which currently allow Chinese companies to bypass the restrictions.
A small number of US tech firms will be offered ‘gatekeeper status’, allowing them to offer AI capabilities within the cloud in foreign countries without a license, leaving foreign actors to fight for a very limited number of licenses per country in order to import powerful AMD and Nvidia chips.
A war of attritionThere will be exemptions for 19 allied states, the report confirms, which would mean unlimited access to AI chips and capabilities.
There has been a significant buzz around AI in recent months, but the real value (or concern, depending on your perspective), is the military applications. This is sparking national security concerns on both sides, with China banning key mineral exports to the US, and the US in turn imposing trade sanctions.
The Chinese government recently retaliated against continued US sanctions by labeling chips made in the country as ‘no longer safe’ for use for domestic organizations, and has previously banned the export of gallium, antimony, and germanium to the US.
The US and China have been trading blows this year as they both battle to control the semiconductor market, swapping sanctions and offering domestic incentives.
China’s mineral wealth is crucial to the development of the chips, but the country does not yet have the capabilities to develop the high-powered chips domestically, so the battle between the two nations is likely to continue for the foreseeable future.
You might also likeWorldwide, Generative Artificial Intelligence (GenAI) is transforming industries, from the way we work to how organizations respond to challenges. While executives are exploring opportunities to use generative AI, many organizations continue to struggle to identify the return on investment (ROI) for GenAI solutions.
In fact, Unisys’ recent survey of 250 business executives found that 71% of organizations do not effectively measure the ROI for GenAI. With this realization, organizations have an opportunity to implement practices to better evaluate and understand the costs associated with GenAI, capitalize on its workplace capabilities and identify areas where cost savings are possible to better fuel future success.
Understanding the upfront costsThe first step to realizing GenAI's true ROI is remembering that while this technology holds great potential to enhance business outcomes, it is not a magical solution that can manufacture instant results. Rather, organizations should treat GenAI like a sophisticated tool that can drive substantial growth to a business’s bottom line—and one that should come with clear cost benefits.
However, these cost benefits are only as good as the effort and intention behind them. Executives need to work with department heads to pinpoint clear, concrete use cases where GenAI could have the most impact. Once the best business use cases have been agreed on, several crucial steps need to be taken before GenAI is even deployed.
The first step, and possibly one of the most important, is effectively preparing data. This involves collecting, cleaning and structuring data to optimize it for AI algorithms. By taking inventory of data sources and documenting formats, structures and storage locations, companies can remove outdated, inaccurate data that could impede AI outputs.
Next, it is essential to establish robust data governance policies to maintain data quality. This can be achieved by setting up validation rules, data archiving protocols and ongoing monitoring. This also includes allocating additional resources to IT infrastructures to help ensure a smooth integration of AI solutions.
Finally, organizational leaders need to direct resources to train staff and help employees use AI effectively and responsibly. It is not enough to make these tools available and expect employees to understand how to use them. It takes time and effort to use GenAI effectively and to get the best outputs possible.
Enhancing capabilitiesThese initial steps may seem daunting, but once addressed, GenAI can expand your organization’s capabilities beyond what was once considered possible.
For example, GenAI can empower decision making, stimulate innovation and make deep inroads into marketing, sales and R&D initiatives. It can also help organizations anticipate market shifts, adapt to changing customer preferences and optimize supply chains.
The effects of GenAI can be seen across industries. In finance, it is reshaping customer-centric services, simplifying tax preparation and providing effective digital “assistants” that serve as financial advisors. In healthcare, GenAI can enhance personalized care and accelerate drug discovery, helping to save more lives and improve everyone’s quality of life. In the entertainment industry, GenAI can create interactive storytelling experiences that captivate audiences.
We have yet to see how this technology will truly transform businesses, but one thing is for sure – organizations that capitalize on these innovations will set themselves apart as clear market leaders.
Identifying cost saving opportunitiesWith the power of AI, routine tasks and processes can be made easier, helping organizations cut costs. However, to do so effectively, leaders must pay close attention to which areas this technology should be applied.
For example, GenAI can learn to perform tasks to free up employees’ time so they can focus on more strategic initiatives. Additionally, GenAI can be leveraged across various channels – such as web, mobile, voice and social platforms – to quickly understand and respond to customer queries and requests, allowing employees to focus on more complex tasks.
AI can also be invaluable for identifying internal inefficiencies and helping to develop process improvements, leading to smoother operations, as well as a competitive edge in service delivery. Through intelligent data processing, AI can take internal data insights a step further, pulling information to analyze team performance and opportunities for improvement and providing actionable insights.
Justifying AI investments demands a thorough ROI analysis that considers upfront costs, client benefits, and internal efficiencies. To maximize its value, organizations must set a clear ROI framework that supports overall business objectives. When taking this approach, leaders will not only justify the initial investment but also position their business for long-term success in an increasingly competitive market.
We've featured the best productivity tool.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Information technology is evolving toward a goal of frictionless IT, in which IT teams automate as many processes as possible to embrace change and quickly adopt new technologies and SaaS apps. Greasing the wheels toward this trend, tech services are becoming faster to install and easier to use, right out of the box.
In the past, members of IT teams usually had to become experts in all things IT. But now that IT tools are much improved and more intuitive to use, people no longer have to be experts in how to run them all. We can think of this trend as the rise of the IT generalist, which often happens to processes and services as they become commoditized. The generalist is the equivalent of a product that gets commodified – it just works intuitively without instructions, providing all the tools that users need at their fingertips. The IT generalist can quickly get things going without any need to read a manual or complete a training.
Over time, the user has become more sophisticated. Each new generation that joins the workforce is more exposed to online activities than those who came before. The kids today are practically born with an iPad in their hands, and they intuitively know how it works. Yet even given that level of technical sophistication, it should not be the user’s responsibility to fix their IT devices and services when things go wrong.
IT generalists must work to simplify self-diagnosis for troubleshooting, while automatically providing solutions without users needing to understand how things work under the covers. In some cases, the problem in the middle may not be a laptop issue, it’s a website issue. Or sometimes CPUs need to be turned off before certain processes will enable Zoom to work when other services go down. We want an ability to proactively solve these kinds of problems for users without their knowledge.
Industry evidence points to a shortage of skilled IT professionals, while those on staff are too busy putting out fires to research the latest technologies or develop new IT skills. By 2026, more than 90% of organizations worldwide will feel the pain of this IT skills crisis, resulting in $5.5 trillion in losses caused by product delays, impaired competitiveness, and loss of business, according to estimates by IDC. The solution to this talent gap involves increased automation of network management tools and cloud software delivery, thus elevating IT pros to a more strategic role within their organizations.
Getting a handle on IT tool sprawlIT leaders are responsible for running and repairing IT networks, software, and hardware. Faced with tight budgets and talent shortages, IT teams need to streamline their use of tools to deliver a more consistent end-user experience. But they are confronted with a new post-pandemic reality due to the shift to a remote workforce that runs countless apps on personal devices over external cellular networks. Any downtime or performance glitches can greatly limit business productivity, causing even more need for automation.
Tool sprawl presents a big problem due to added layers of complexity that can challenge even the most skilled IT pros. Nearly half of IT professionals (44%) today work with at least ten or more network-related tools, according to the Auvik IT Trends 2024 Industry Report. The most common team structure is half remote and half onsite, according to 40% of survey respondents. Larger companies are more likely to engage in network automation activities, while small organizations have either fully-remote or fully onsite workforces, rather than a blend of both. As expected, the tech and IT industries were more likely to be fully remote, while healthcare was more likely to be 100% on-site.
IT teams and system administrators need to work harder just to keep up these days, and the growth of AI will only increase their workload in the years ahead. Taken in this context, the rise of the IT generalist is a function of the tech industry’s larger evolution based on the prevalence of SaaS applications and cloud-based services. The cloud architecture simplifies processes for end-users, allowing non-experts to spin up new instances in the cloud and get right to work. As a result, the shift to remote and hybrid work has increased the importance of IT for business productivity.
Although the frictionless IT approach works well for many small and midsize businesses, it remains harder to pull off for large enterprises such as banks and financial institutions. Those kinds of complex, highly secure organizations still require specialists with a mastery of custom on-premise solutions that have been uniquely developed and integrated over time.
For most other industries, supporting the rise of the IT generalist can free up network administrators and IT teams to do much more with fewer resources. By being proactive across the entire technology stack, generalists can react faster and be more responsive to user needs without requiring a broad technical mastery of every technology.
We've featured the best IT management tool.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Narayana Murthy, co-founder and CEO of Indian tech giant Infosys, has once again sparked controversy after speaking out in favor of a 70-hour work week.
Speaking at the 100-year celebration of the Indian Chamber of Commerce in Kolkata over the weekend, Murthy said longer working hours are essential to address widespread poverty and to foster economic growth in India.
This isn’t the first time that Murthy has advocated for extra-long working hours, having previously stated that additional work could help lift millions out of poverty.
Narayana Murthy still supports long working hoursThe billionaire and father of the former UK prime minister’s wife, Akshata Murty, first made the suggestion in October 2023 before repeating it in January 2024. He indicated that two-day weekends are unproductive, adding that India’s 800 million citizens living in poverty rely on the country’s entrepreneurs to create jobs and improve the nation’s economy.
Speaking about his experiences abroad, particularly working in Paris during the 1970s, Murthy explained the logic behind his attitude to extreme work: “I realised the only way a country can fight poverty is by creating jobs that lead to disposable incomes.”
He added: “if a country embraces capitalism, it will create good roads, good trains and good infrastructure… It is practising capitalism while combining it with the best aspects of liberalism and socialism so that this country stands steadily as a stellar example of capitalism.”
In his speech, Murthy also highlighted India’s productivity gap, citing reports that Chinese workers are 3.5 times more productive than their Indian counterparts.
However, countries like France that Murthy compared India to in the 70s are now battling with worker fatigue, burnout, and the subsequent drop in productivity, suggesting that a 70-hour work week could be detrimental not only to the economy and the country’s growth but also to employees’ work-life balance and their health.
You might also likeThe US Cybersecurity and Infrastructure Security Agency (CISA), and the Environmental Protection Agency (EPA), has issued a warning to all water facilities in the country to secure their Human Machine Interfaces (HMI) and Water and Wastewater Systems (WWS) from potential cyberattacks.
Human-Machine Interfaces (HMIs) are systems or devices that enable interaction between humans and machines, allowing users to control and monitor the performance of machinery, systems, or devices. They include a wide range of technologies, such as touchscreens, control panels, and voice commands.
The two agencies said failing to protect the endpoints properly could draw in unwanted attention from cybercriminals.
Active attacks“In the absence of cybersecurity controls, unauthorized users can exploit exposed HMIs in Water and Wastewater Systems to: View the contents of the HMI (including the graphical user interface, distribution system maps, event logs, and security settings) and make unauthorized changes and potentially disrupt the facility’s water and/or wastewater treatment process,” the announcement warned.
To prove their point, the agencies reminded everyone that “pro-Russian hacktivists” already demonstrated their capability to find and exploit internet-exposed HMIs, causing water pumps and blower equipment to exceed their normal operating parameters.
”In each case, the hacktivists maxed out set points, altered other settings, turned off alarm mechanisms, and changed administrative passwords to lock out the water utility operators. These instances resulted in operational impacts at water systems and forced victims to revert to manual operations.”
Although the announcement shares no names, we do know that American Water Works Company, the largest public water and wastewater utility company in the United States, suffered a cyberattack which forced it to shut down parts of its infrastructure in early October 2024.
Also, earlier in January 2024, a department in Veolia North America, a transnational company offering water, energy and waste recycling management services, suffered a ransomware attack which resulted in the theft of some personal data, and forced the company to take parts of its infrastructure offline, as well.
You might also likeX’s AI tool is now free to all users, albeit with limits restricting just how many prompts you can request (10 every two hours). xAI, Elon Musk’s company behind Grok, even announced an upgraded version of Grok 2, up to three times faster and more capable, which has started rolling out for all users. If that wasn’t enough, the company has even started to add a dedicated Grok button to all tweets, allowing you to ask questions about the (possibly fake) information you find on the social media platform.
I’ve never used Grok – heck, I’ve barely even used X since its name change from Twitter – so this new free tier was the perfect opportunity to give Elon Musk’s AI tool a try. After spending the morning with Grok 2, I have many thoughts about its image-generation capabilities, and while I’ll share them in this article, I absolutely can’t share the images themselves.
In an online world filled with fake news and deep fakes, here’s my experience with Grok’s lax approach to image generation that is now in the hands of X’s 600 million users.
These images are cursed, but I can’t show them (Image credit: xAI)Grok is very easy to access: simply open X on any device and tap the “forward slash” in the main menu bar. From there, you’ll get free limited access to Grok 2, which has all the functionality you’d expect from an AI chatbot, including the ability to summarize news, give you information about current events, and even plan your next vacation.
I decided, however, to focus my attention on Grok 2’s AI image-generation capabilities, as I’ve heard so much about its restriction-free powers that essentially overlook any morality or copyright limits.
I began thinking about some of the world’s biggest brands like Nintendo, Coca-Cola, and McDonald’s. I asked Grok to “generate an image of Pikachu in the style of Elden Ring with the Erdtree in the background”; the AI image generator had no issue replicating The Pokemon Company’s mascot or FromSoftware’s IP.
Next, I asked Grok to “add Mario” to the photos, and it obliged with an animated version of Nintendo’s main character that wouldn’t look out of place in an upcoming Super Mario game. I was shocked by the results, so I thought I’d test the same prompts on the other AI image generators I’ve got on my iPhone: Gemini, Dall-E 3, and Apple’s newly added Image Playground.
OpenAI’s Dall-E refused to generate images with any copyrighted character, responding “I can’t create an image of Pikachu because it is a copyrighted character. However, I can design a similar, unique character based on your preferences. Let me know what features you’d like to include, such as the color scheme, body type, and any specific attributes!”
Apple Intelligence wasn’t able to generate an image either, with the prompt “Language not supported.” This comes as no surprise, considering Apple’s focus on privacy and security, which essentially limits the capabilities of its AI image-generation tools (more on this later).
Lastly, I tested Gemini, which surprisingly obliged and created a pretty convincing Pikachu and a less convincing Erdtree. I was expecting Gemini to stray away from copyrighted characters just like ChatGPT did, but it appears as if characters are fair game on Google’s AI app.
This got me thinking: what else would Grok 2 do that none of the other best AI image generators listed above would? Well, that’s when I started generating images of celebrities, and was quickly reminded as to why I don’t really use Musk’s X anymore.
Grok 2 will effectively recreate any celebrity promoting any product, by just simply asking for it. I was able to generate images of Donald Trump working in McDonald’s with realistic logos in the background, Elon Musk alongside Iron Man, Pikachu, and Sonic the Hedgehog, in a Marvel Avengers Assemble-style pose, and even Cody Rhodes, the WWE champion, with the actual copyrighted belt around his waist.
OpenAI again refused, stating “I can’t generate an image of Donald Trump working at McDonald’s, as it involves a public figure in a fictional scenario, which may misrepresent or lead to potential misinterpretations. However, I can create an image of a generic McDonald’s employee in a similar setting. Let me know how you’d like it customized!”
Gemini wasn’t able to either, responding “I can't help with that right now. I'm trained to be as accurate as possible but I can make mistakes sometimes. While I work on perfecting how I can discuss elections and politics, you can try Google Search.”
Lastly, Apple’s Image Playground was also not able to create images of celebrities, but there’s a caveat with that. While not photo-realistic like Grok’s creations, there is a way to use Apple Intelligence to create images of celebrities, simply by having multiple photos of the person in the Photos app. On my iPhone, I have some images of Apple CEO Tim Cook, and Apple Intelligence has no problem using his likeness to create Genmojis or Pixar-style images with Image Playground. That said, Apple’s approach is still incredibly limited (on purpose) and while you can create AI images that slightly resemble real people, they’ll always look like AI. Grok, on the other hand, creates images that could easily be shared on X and other platforms to spout fake information.
Grok’s lack of restrictions allows users to create images such as “Taylor Swift wearing a 'Make America Great Again hat'" with no problems whatsoever, a deeply problematic use of AI that can (and has) led to fake propaganda being spread online. Back in August, Trump himself shared deepfake AI images of Swift fans supporting his Presidential Campaign on his Truth social media platform.
Grok is now a complete free-for-allSo that’s about it. Grok is available for free right now, but rather than fill me with excitement because a new free-to-use AI tool has been added to the mix, it instead fills me with dread. I’ve only used Grok for a few hours, and while those seeking to create copyrighted images have already had the tools to do so, whether through paid versions of Grok or other AI platforms not mentioned here, I’m deeply concerned by what I’ve seen. The new free aspect of Grok 2 removes restrictions and makes this AI more accessible than ever, which raises significant concerns.
xAI’s approach to AI tools is the complete opposite of that of companies such as Apple, which limits functionality to protect its users; X instead allows users free rein, without many, if any limitations. With X users now able to use Grok as they please, the social media platform is likely to continue on its downward spiral with even more AI spam to aid it on its way.
You might also like...Windows 11 is getting changes to improve the recommendations that Microsoft pushes in the Start menu, and the software giant has confirmed that these suggestions will continue to be part of the OS going forward.
Those on Windows 11 will doubtless be familiar with the ‘Recommended’ panel in the Start menu. This is where apps or files that you’ve recently used – or may need – and websites you might want to visit are flagged up (although some efforts have essentially been thinly veiled ads in the past).
The change comes with preview build 22635.4655 in the Beta channel, where Windows 11 testers are being treated to better filtering for the recommended websites in the Start menu.
In other words, the claim is that the recommendations served will be more relevant, and this move has been made based on feedback from Windows 11 testers.
In the blog post for this preview, Microsoft explains that the aim is to “show the highest quality sites based on your own browsing history.”
Elsewhere in build 22635, Microsoft Edge Game Assist has been activated so Beta channel testers can give it a whirl.
This is a feature for the browser that’s essentially a mini version of Edge running in the Game Bar overlay, allowing you to look at websites to read tips and guides while actually in-game. Therefore you avoid the need to Alt-Tab out to the desktop to get help, and the risk of dying at the hands of an enemy while you’re doing so.
If you’re curious to know more about the Game Assist feature (you can see it in action, in the below image), I’ve written about it at length elsewhere.
(Image credit: Microsoft) Analysis: Microsoft’s suggestions aren’t going anywhereWindows Latest has tested the new spin on the Start menu’s recommendations and noted that the files and sites which Windows 11 surfaced are indeed now more relevant, as promised.
That’s a useful stride forwards, but for those who don’t like these kinds of suggestions embedded in an operating system’s interface – me included – it doubtless won’t be enough to persuade them that this is a worthwhile use of screen real-estate.
If you were harboring any hope that Microsoft might be thinking twice about the inclusion of the Recommended panel at all, then you can forget that notion. Windows Latest specifically asked on that score and says: “Microsoft also told me that it has no plans to remove the recommendations feature as it continues to work on improving its quality so you can find items that matter to you more easily.”
While I can’t say I’m surprised at that stance, it would be nice to be able to choose what content populated the Windows 11 Start menu, so every user could customize it to their liking – at least to some extent. And folks like me could dump any sign of Microsoft’s nudges to use products or sites (more broadly across the whole OS, ideally).
You may also like...For roughly a year, hackers have been infecting red teamers, penetration testers, security researchers, as well as other hackers, with a piece of malware that steals WordPress credentials and other sensitive data, and installs cryptominers on compromised endpoints.
As a result, login credentials for some 390,000 WordPress accounts were stolen, and dozens of systems were found mining Monero.
Cybersecurity researchers Datadog Security Labs spotted the attack on the NPM package repository, and in GitHub, after researchers from Checkmarx also sounded the alarm on the same campaign recently.
The package was pretending to be an XML-RPC implementation, and was first uploaded to the repository in October 2023. Until November 2024, when it was finally discovered as malicious, it received 16 updates.
Legitimate at firstDatadog noted ho the attackers were tactical in their approach, first uploading a package that was legitimate and worked as intended. The malicious code was introduced in later versions, and designed to steal SSH keys, bash history, and other data, every 12 hours. The data it collects would get extracted either via Dropbox, or File.io.
To make matters worse, researchers and security pros that would introduce XML-RPC into their own products would just expand the reach of the malware, turning it into a full-blown supply chain attack.
Datadog said that ultimately, the team found 68 compromised systems that were actively mining the Monero currency. Monero, with the XMR ticker, is most often mined with a cryptojacker called XMRig. This is a popular currency among thieves since it’s fully anonymous and very difficult to trace.
The identity of the threat actors was not discovered, but the researchers dubbed the group MUT-1224, which is short for Mysterious Unattributed Threat.
Major code repositories remain a vital platform for cybercriminals, the researchers concluded, stressing that developers should be extra careful when using open-source software.
Via BleepingComputer
You might also likeI love a good natural history docuseries, so you can bet I'm excited to watch The Secret Lives of Animals.
The forthcoming Apple TV Plus show, which arrives this Wednesday (December 18), has the makings of being an incredibly fun, educational, and at-times heart-wrenching watch. Indeed, the first trailer for The Secret Lives of Animals suggests that'll be the case – and so does this Kangaroo-starring clip, which TechRadar can exclusively reveal below.
Taken from the Apple series' ninth episode, which is titled 'Mastering Your Talent', the first-look clip depicts a bruising encounter between two of Australia's most recognizable marsupial. Vying for control of a key piece of territory in the Australian outback, a young upstart takes the fight to a veteran 'roo, who currently holds dominion over said land. Will the young pretender overthrow his more experienced opponent, or will the wily old-timer use a trick or two to see off his hot-headed peer? You'll have to watch to find out!
According to an Apple press release, The Secret Lives of Animals "highlights 77 unique species in 24 countries over three years, revealing stunning, never-before-seen animal behaviours and highlighting the remarkable intelligence of the natural world". Hugh Bonneville, star of recent hits projects including period TV drama Downton Abbey and the beloved Paddington movie series, will narrate the 10-part series.
The Secret Lives of Animals was produced for Apple TV Plus, aka one of the world's best streaming services and the winner of TechRadar's 2024 streaming platform award, by BBC Studios' Natural History Unit. Matt Brandon, who oversaw development on the BBC's Blue Planet III docuseries, serves as showrunner on this one, too. Considering how great the BBC's numerous natural history programs are, I'm intrigued to see how The Secret Lives of Animals compares to its UK peers. If it's as good as I hope it'll be, you can expect it to join our best Apple TV Plus shows list shortly.
You might also likeAs we potentially say goodbye to Yellowstone, we can say hello to 1923 season 2 after Paramount Plus unveiled a gripping new trailer.
The trailer for theYellowstone prequel series was released on Sunday night (December, 15) just as the Yellowstone season 5 finale aired on the Paramount Network and Peacock in the US, Paramount Plus in the UK and Stan in Australia, wrapping another season of the Dutton family's story.
But while the main series is reportedly ending (no season 6 renewal has been confirmed), Deadline has since reported that Yellowstone is getting another spin-off that will be led by fan-favorites Kelly Reilly and Cole Hauser, who will reprise their roles as Beth Dutton and Rip Wheeler.
While all sorts of deadly cowboy conflict unfolded in the fifth season of the hit Taylor Sheridan series, the Dutton elders are set to – Jacob (Harrison Ford) and Cara (Helen Mirren) – prepare for a full-blown ranch war in the 1923 season 2 trailer (see below). "This ranch will drive you to your death!" Cara warns Jacob, proving that the family will do whatever it takes to protect their legacy even decades later.
What is 1923 season 2 about?1923 follows the next generation of Duttons after the events of the first Yellowstone prequel series 1883.
The official plot synopsis of 1923 season 2 reads: "A cruel winter brings new challenges and unfinished business to Jacob (Ford) and Cara (Mirren) back at Dutton ranch. With harsh conditions and adversaries threatening to end the Dutton legacy, Spencer (Brandon Sklenar) embarks on an arduous journey home, racing against time to save his family in Montana. Meanwhile, Alexandra (Julia Schlaepfer) sets off on her own harrowing trans-Atlantic journey to find Spencer and reclaim their love.”
The second and presumed final season of one of the best Paramount Plus shows features Timothy Dalton (Licence to Kill) as an evil land baron, with Jerome Flynn (Game of Thrones) playing his henchman. Jennifer Carpenter (Dexter) also joins the cast in a recurring role.
Sheridan has managed to transform Paramount Plus into the home of neo-Western dramas, and it's set to grow even bigger with even more Yellowstone spin-offs coming such as The Madison, which is set to air sometime in 2025, led by Michelle Pfeiffer. Meanwhile, other series that have been greenlit are Lawmen: Bass Reeves, 6666 and 1944.
1923 season 2 streams on Paramount Plus on February, 23, 2025.
You might also likeA cyberattack which hit the RIBridges system may have compromised the data of thousands of Rhode Island citizens who have applied for, or are on, a range of health coverage, human services, or benefit programs.
Rhode Island Governor Dan McKee confirmed the breach, noting in a statement posted on the Governor’s official site in response to the “major security threat,” the RIBridges system has been taken down, with all those seeking to apply for benefits needing to do so on paper.
The attack likely occurred on December 5, according to the statement, with the system subsequently being taken down on December 13, with the confirmation statement being issued on December 14.
Benefits services hit, personal data stolenThe states’ vendor, Deloitte, informed the Rhode Island governor there was a “high probability” that the attacker had successfully exfiltrated the personally identifiable information (PII) of thousands of people belonging to a number of benefits programs, including:
At the time of the attack, Deloitte notified federal authorities about a potential cyberattack against the RIBridges system. On December 10, Deloitte received a screenshot of internal RIBridges files from the attacker, confirming that the breach had likely resulted in the theft of PII. Deloitte further confirmed the presence of malicious code within the RIBridges system, resulting in the shutdown of the service.
The PII may include names, addresses, dates of birth and Social Security numbers, Deloitte stated, with potential compromise of certain banking information, but nothing has been confirmed as of yet. No one has come forward to claim responsibility for the attack, and no PII from the attack has been spotted online yet.
The governor’s statement recommended that RIBridges customers remain vigilant and be on the lookout for potential fraud and suspicious banking transactions, change passwords in line with cyber hygiene standards, and those affected should contact their bank for further recommendations on account security.
A multilingual customer hotline has been set up in a collaborative effort between Deloitte and Experian, with affected citizens being contacted to provide free credit monitoring services. Subsequent updates on the attack can be found here.
You might also like