Technology

A fatal collision in 2019 occurred when a Tesla driver had Autopilot mode engaged.

• Labels like “Verified” give a false sense of safety but don’t reflect real extension behavior
• Browser DevTools were never meant to track how extensions behave across tabs and over time
• Malicious extensions often act normally until specific triggers make their hidden features come alive

The unchecked spread of malicious browser extensions continues to expose users to spyware and other threats, largely due to deep-seated flaws in how the software handles extension security.

New research from SquareX claims many people still rely on superficial trust markers like “Verified” or “Chrome Featured,” which have repeatedly failed to prevent widespread compromise.

These markers, while intended to reassure users, often offer little insight into the actual behavior of an extension.

Labels offer little protection against dynamic threats

A central issue lies in the limitations of Browser DevTools, which were designed in the late 2000s for web page debugging.

These tools were never meant to inspect the far more complex behavior of modern browser extensions, which can run scripts, take screenshots, and operate across tabs, actions that existing DevTools struggle to trace or attribute.

This creates an environment where malicious behaviors can remain hidden, even as they collect data or manipulate web content.

The failure of these DevTools lies in their inability to provide telemetry that isolates extension behavior from standard web activity.

For instance, when a script is injected into a web page by an extension, DevTools lack the means to distinguish it from the page’s native functions.

The Geco Colorpick incident offers an example of how trust indicators can fail catastrophically - according to findings from Koi Research, 18 malicious extensions were able to distribute spyware to 2.3 million users, despite carrying the highly visible “Verified” label.

To address this, SquareX has proposed a new framework involving a modified browser and what it calls Browser AI Agents.

This combination is designed to simulate varied user behaviors and conditions, drawing out hidden or delayed responses from extensions.

The approach is part of what SquareX terms the Extension Monitoring Sandbox, a setup that enables dynamic analysis based on real-time activity rather than just static code inspection.

At the moment, many organizations continue to rely on free antivirus tools or built-in browser protections that cannot keep up with the evolving threat landscape.

The gap between perceived and actual security leaves both individuals and companies vulnerable.

The long-term impact of this initiative remains to be seen, but it reflects a growing recognition that browser-based threats demand more than superficial safeguards.

You might also like

• Google Workspace is copying a very familiar YouTube feature to help you get through videos
• Check out the best AI phones on the market
• Here is our list of the best AI website builders on the web

• Cheats and mods are now frontlines for cybercrime targeting gamers' wallets and private data
• Verified crypto wallets like MetaMask and Exodus are being drained through browser injection
• Trojan.Scavenger abuses overlooked flaws to disable browser safety and manipulate trusted extensions

Gamers seeking performance enhancements or special abilities through third-party patches and mods may be unwittingly exposing themselves to sophisticated malware, experts have warned.

Recent findings from Dr.Web revealed a malware family known as “Trojan.Scavenger” which targets Windows users by disguising itself as cheats or enhancements for popular games.

This seemingly harmless mod can ultimately compromise crypto wallets, password managers, and web browsers, posing serious risks to user privacy and digital assets.

When cheats become covert threats

The infection chain begins when users download ZIP archives claiming to improve performance in games including the likes of Grand Theft Auto 5 or Oblivion Remastered.

These archives contain modified dynamic libraries, sometimes renamed with extensions like .ASI to resemble legitimate plugin formats.

When the user follows the installation instructions, the malicious library is placed in the same folder as the target game. If the game does not properly validate its libraries, the trojan loads automatically at startup.

In some cases, flaws in library search priorities are essential to the malware’s success, allowing it to hijack execution within the host application.

Once loaded, the malware establishes contact with a command-and-control server using encrypted communication. This process includes verifying encryption keys and checking timestamp consistency, which is meant to evade analysis and block antivirus detection.

The malware doesn’t stop with the initial payload. In more complex infections, it deploys additional trojans that embed themselves in Chromium-based browsers like Chrome, Edge, Opera, and Yandex.

These trojans interfere with browser sandboxing, disable extension verification, and replace legitimate extensions with modified versions.

Crypto wallets such as MetaMask and Phantom, as well as password managers like Bitwarden and LastPass, are among the affected applications.

Modified extensions collect mnemonic phrases, private keys, and stored passwords, which are then transmitted to the attackers' servers.

Exodus, a popular crypto wallet, is also targeted using similar techniques.

By exploiting library loading behavior, the malware extracts sensitive JSON entries, including passphrases and seed data required for generating private keys.

How to stay safe

To stay safe, always apply caution when accessing unofficial content.

Avoid downloading mods or cheats from sketchy forums or unverified sources, especially those shared on torrent platforms or through poorly moderated social media channels.

Antivirus software, while helpful, must be regularly updated to stay effective against evolving threats.

Android antivirus tools may protect mobile platforms, but on desktop systems, more capable solutions are necessary.

Good social media management also helps reduce exposure to malicious content. Limiting interaction with communities known for spreading cracked software or shady patches can lower the risk.

Lastly, checking file paths, verifying digital signatures when available, and restricting admin privileges on daily-use accounts can make it harder for malware to execute successfully.

You might also like

• These are the best internet security suites available
• Take a look at our pick of the best best VPNs with antivirus you can use right now
• Hackers says they attacked Mailchimp and stole user data - and the community laughed it off

Here are hints and the answers for the NYT Connections: Sports Edition puzzle No. 313 for Saturday, Aug. 2.

Here are hints and the answer for today's Wordle for Aug. 2, No. 1,505.

Here are hints and answers for the NYT Strands puzzle for Aug. 2 No. 517.

• The Honda N-One e: is unveiled in Japan and previews a global compact EV
• The diminutive car will measure less than 3,400mm (133.9inches) in length
• A range of 150+ miles is expected and V2L means it can power homes

The production version of the teeny, boxy Honda that wowed crowds at the recent Goodwood Festival of Speed has been unveiled and the N-One e: will go on to influence a global, low-cost EV.

Revealed in Japan this week, one of Honda’s smallest-ever electric vehicles will offer over 150 miles (245km) of range on a single charge from its equally small battery packs, while the single electric motor is expected to produce around 63hp.

Designed predominantly for town and city driving, the Japanese version of Honda’s Super EV concept complies with the country’s strict Kei Car rules, which mean it has to measure less than 3,400mm (133.9inches) in length.

It is likely that the European version will sport chunkier bodywork so it isn’t completely dwarfed by the myriad overweight SUVs, but we can expect to see a lot of the features carried over from the Japanese Domestic Market model.

(Image credit: Honda Japan)

The interior, for example, is packed with practical touches, such as rear seats that fold upright or flat to provide ample stowage space for numerous, odd-shaped items.

There are also hard-wearing, easy-to-maintain fabrics and charging points for smartphones.

Honda also says that the N-One e: is capable of one-pedal driving and Vehicle 2 Load (V2L), which means owners can power homes during power outages, or simply top up a power-hungry laptop when on the move.

Small EVs are proving a big hit

(Image credit: Honda Japan)

While it is highly unlikely the N One e: (or whatever the Super EV concept will eventually be called) will make its way to the US market, Honda has said that it plans to introduce a small city EV to Europe and beyond next year.

The company was one of the first to market with a funky, compact EV game thanks to its innovative Honda e. Unfortunately, its cutting-edge styling couldn’t make up for its 100-odd mile real-world range, slow charging speeds and high sticker price.

The Super EV concept comes at a time when battery technology has improved, so the range could be a more usable 170 miles and the asking price will likely be more in line with something like the BYD Dolphin Surf, which starts at £18,650 in the UK (around £25,000 / AU$38,250).

Honda is synonymous with practical, affordable, compact vehicles, with the likes of the Jazz remaining popular among savvy buyers that want reliable, simple transport that laps up short hops without breaking the bank.

While the N One e: is predominantly aimed at the Japanese and Chinese market for now, we expect to see what a more global version will look like at the IAA motor show in Munich later this year.

Honda is also on an EV push in general, with the recent launch of the CUV e: battery-swap electric scooter and the announcement of a full-size electric motorcycle coming soon.

The thread that appears to be running through all of the products is Honda's commitment to excellent engineering solutions and a competitive price point. We might start to see battery-powered models that can compete on price with their gas-powered counterparts.

You might also like

• I've ridden Honda's latest electric scooter with clever battery-swap technology – and it might just convince commuters to give up on petrol
• Honda unveils striking new 0 Series that completely rethinks its EV future
• Electric cars can be fun – the 6 hottest new EVs from the Goodwood Festival of Speed 2025

• OpenAI has removed the ChatGPT feature, allowing people to search through public conversations with a search engine
• Many users learned too late that enabling the “discoverable” setting could make chats accessible to anyone online
• The decision came after several people saw their sensitive and private information publicized

OpenAI has abruptly shut down a feature in ChatGPT that allowed chats shared publicly to be searchable through Google. Users were unpleasantly surprised to discover that private information shared with ChatGPT was now publicly available as a Google search result.

Dane Stuckey, OpenAI’s Chief Information Security Officer, announced the shutdown on Thursday, with the feature disabled on Friday morning. OpenAI has also begun scrubbing search engine indexes of the previously shared conversations.

OpenAI designed the “Make this link discoverable” checkbox, which they had clicked on, to give more people access to potentially helpful conversations between ChatGPT and different users. In practice, it opened the door to a new kind of digital exposure, where criminal confessions, personal secrets, and corporate practices were just a few keywords away from turning up in a Google Search.

This was not some obscure opt-out setting hidden in a developer console. It was right there in the sharing menu of any ChatGPT conversation users chose to turn into a public link. However, while OpenAI believed the wording was clear about what users were doing, many users apparently did not understand. They thought the link would remain private or unfindable unless explicitly shared.

For the average person using ChatGPT to plan a resignation letter, troubleshoot a relationship, or work on a legal strategy, that’s more than a technical hiccup. It’s a gut check. If you’ve ever shared a link to a conversation, there’s a nonzero chance someone found it by a Google search.

Some of the reported indexed conversations included internal job applicant evaluations, sensitive mental health disclosures, confessions of crime, and proprietary software code. People were talking to ChatGPT as if it were private, but for anyone who toggled that setting, it wasn’t.

We just removed a feature from @ChatGPTapp that allowed users to make their conversations discoverable by search engines, such as Google. This was a short-lived experiment to help people discover useful conversations. This feature required users to opt-in, first by picking a chat… pic.twitter.com/mGI3lF05UaJuly 31, 2025

Searchable secrets

To OpenAI’s credit, the company pulled the feature quickly. But the fallout raises important questions not just about privacy, but about how much users can reasonably be expected to understand about the tools they’re using. The “discoverable” checkbox didn’t hide behind a wall, but it also didn’t do a great job of communicating the scope of its consequences. It’s one thing to share a link, but indexing it in global search engines indefinitely is something else.

It is fascinating what this says about how users behave with AI. They confide in it, test ideas, vent frustrations, and draft things they’d never type into a search bar. If you’ve ever shared a ChatGPT conversation, it’s worth checking whether that link is still live.

While OpenAI is working with Google and other search engines to purge previously indexed content, search crawlers have long memories. Some content may linger for a while, even if deleted. OpenAI disabled the feature quickly, but the damage may already be done for some users.

Hopefully, the lesson will stick with the public, much like the idea of not deleting embarrassing browser histories has transitioned from a common joke to something only the most clueless person would forget to do. The magic of tools like ChatGPT lies in how they create the illusion of a conversation. But if you forget that it is still an illusion, you might not notice risks like buttons that send your digital heart-to-heart straight to Google.

You might also like

• ChatGPT crosses a new AI threshold by beating the Turing test
• AI took a huge leap in IQ, and now a quarter of Gen Z thinks AI is conscious
• ChatGPT model matchup - I pitted OpenAI's o3, o4-mini, GPT-4o, and GPT-4.5 AI models against each other and the results surprised me

Get the weekend off to a gory start.

A handful of VPN providers offer bundled packages that feature additional privacy and security tools. Here's what to know about what's available.

You need more than just a VPN to boost your digital privacy and security. Bundling additional tools with your VPN can be convenient, but be aware of the pitfalls.

• Amazon's CEO teased advertisements might be coming to Alexa+
• Other Alexa+ subscription tiers might be on the way, too
• No release date yet, but it sounds like a matter of when, not if

Amazon’s Alexa+ may have only been around for a short time, and while that would usually mean it’s in the rapid user-growth stage, it sounds like Amazon CEO Andy Jassy is already planning its demise: stuffing its conversations with ads.

Speaking at Amazon’s most recent investor call, Jassy explained that “People do a lot of shopping [with Alexa+]”

Adding “I think over time, there will be opportunities, as people are engaging in more multi-turn conversations, to have advertising play a role to help people find discovery, and also as a lever to drive revenue.” Basically, if you ask Alexa+ for shopping recommendations, some of its responses might eventually be sponsored.

Jassy went on to discuss the possibility of different payment tiers beyond the existing $19.99 a month model – it is already free with Amazon Prime – suggesting we may see an ad-supported and ad-free tier, but the idea sounds yucky. Right?

Because if AI’s responses can be paid for, why would you trust anything it says ever again?

Whatever Amazon is paid to tell you they eat. (Image credit: Amazon)We knew this was coming

AI has sold itself as an unbiased guru that can answer many of life’s questions, but it’s increasingly clear how untrue that is.

After the bot couldn’t stop correcting its master, X AI’s Grok received some major changes leading to very public (and hate-ridden) crashouts, and now it seemingly serves as a mouthpiece for Elon Musk rather than any semblance of a reliable third-party.

The Chinese-run DeepSeek bot has been found to tow the Chinese Communist Party line on topics like Taiwan independence and Tiananmen Square, and I’m sure there are plenty of more subtle biases built into every AI chatbot out there.

Advertisements would bring in another layer of mistrust, especially depending on how they’re implemented.

In Alexa’s case, if it recommends three products and a fourth clearly marked as sponsored, why would you be incentivized to buy it? As you know, Alexa is suggesting it only because it was paid to do so. You’re much better off picking one of the other genuine recommendations.

Alternatively, if it instead prewarns you that some answers are sponsored, but doesn’t then label which answers were bought, you wouldn’t be able to trust that any of its shopping suggestions aren’t simply being paid for.

But ads were inevitable in many ways.

We offer unbiased tech buying advice, unlike AI (Image credit: Future)

The race to the bottom on subscriptions means that many people don’t want to pay much for AI tools. Simultaneously, investors in their quarterly calls to big tech companies are starting to ask how the billions being invested in AI might eventually be turned into profit.

The now-not-so-quiet part that Amazon’s CEO just said aloud is advertising. People can have a cheap AI service, and the company can get paid.

I don’t know about you, but that doesn’t seem any different from the systems we already have through sponsored entries in Google or on Amazon’s store.

I was promised a Jarvis-like AI agent, not the same as what we have, but in a different wrapper.

Perhaps I’m getting tired of the perpetual AI hype, but with sponsored conversations looking like they’re headed our way, we might start to see some AI systems get ruined and die off – I can only hope.

You might also like

• Microsoft says it will spend billions this year as AI moves pay off
• I tried 70+ best AI tools in 2025
• Everyone wants to reach artificial general intelligence but why?

• Chinese firm turns RTX 5090 cards into two-slot AI accelerators using custom PCBs
• Factory automation in China converts Nvidia gaming GPUs into data center hardware
• Export restrictions are bypassed as RTX 5090 boards are reworked into rack-ready AI modules

A video circulating on Bilibili shows how enterprising Chinese technicians are converting GeForce RTX 5090 graphics cards into high-efficiency AI accelerators, bypassing export restrictions in the process.

Instead of using the retail GPUs as is, a local manufacturer is removing the GB202 chips and memory modules from the gaming boards.

The components are then transferred onto custom two-slot PCBs and paired with blower-style cooling, optimized for server rack environments.

Large scale production

The operation appears to be being run at factory-level scale. Robotic arms extract GPU modules, pick-and-place systems reassemble them onto redesigned boards, and automated soldering equipment finalizes the electrical work, before visual inspection systems confirm alignment and build quality.

The process is fast, repeatable, and efficient, far beyond what might be expected of a small workshop, but what makes this enterprise even more notable is the sheer volume of RTX 5090 cards seen in the video, despite restrictions on their export to China.

Nvidia has not officially released the 5090D variant, designed to comply with U.S. sanctions, and yet shelves of full-power RTX 5090 units can be seen undergoing retrofitting.

Gaming models with three-fan cooling are too large for server chassis, and their power connectors are often positioned awkwardly for rack use, so the cards are physically modified to fit data center constraints.

The redesigned blower cards shift the power input to the tail end of the PCB, simplifying cable routing and avoiding risk of overheating.

From a hardware standpoint, the GPUs function identically.

By shifting them onto slimline, server-compatible boards, Chinese firms are essentially creating their own high-end AI accelerators.

If hardware intended for gamers can be so easily adapted for AI research and model training, then questions about the effectiveness of the current export controls surely have to be asked.

It’s clear from the scale of the operation in the video that there is strong demand for AI accelerators built from repurposed RTX 5090 cards.

For AI developers in China, it means they can get the computing power they need without having to rely on official supply channels.

Via Guru3D.com

You might also like

• Two million people watched this video of a mini PC being built from a slab of aluminum
• China has spent billions of dollars building far too many data centers for AI
• Microsoft to stop using China-based engineers for US military tech support

Prefer full-size headphones to earbuds? These are the best over-ear cans, according to CNET's headphone expert.

CEO Huffman wants to expand Reddit Answers to capitalize on increasing demand for Reddit results.

• Report finds 45% of AI-generated code had security flaws
• Java is the worst offender, Python, C# and JavaScript also affected
• Rise in vibe coding could make these threats even worse

Nearly half (45%) of AI-generated code contains security flaws despite appearing production-ready, new research from Veracode has found.

Its study of more than 100 large language models across 80 different coding tasks revealed no improvement in security across newer or larger models – an alarming reality for companies that rely on AI tools to back up, or even replace, human productivity.

Java was found to be the worst affected, with 70%+ failure rate, but Python, C# and JavaScript also had failure rates of 38-45%.

AI-generated code isn't so secure after all

The news comes as more and more developers rely on generative AI to help them get code written – as much as a third of new Google and Microsoft code could now be AI-generated.

"The rise of vibe coding, where developers rely on AI to generate code, typically without explicitly defining security requirements, represents a fundamental shift in how software is built," Veracode CTO Jens Wessling explained.

Veracode found LLMs often chose insecure methods of coding 45% of the time, failing to defend against cross-site scripting (86%) and log injection (88%).

"Our research shows models are getting better at coding accurately but are not improving at security," Wessling added.

Vulnerabilities are also amplified in the modern era of AI – artificial intelligence enables attackers to exploit them faster and at scale.

Veracode suggests developers enable security checks in AI-driven workflows to enforce compliance and security. Companies should also adopt AI remediation guidance to train developers, deploy firewalls and use tools that help help detect flaws earlier.

"AI coding assistants and agentic workflows represent the future of software development... Security cannot be an afterthought if we want to prevent the accumulation of massive security debt," Wessling concluded.

You might also like

• We've listed the best AI writers around to boost your work
• Fancy an upgrade? Ask your boss for the best laptops for programming
• Amazon's AI coding agent was hacked - update now to avoid possible risks, users warned

• Allianz Life recently confirmed cyberattack
• Criminals stole data on around 1.4 million customers
• Among the stolen data are names, addresses, and SSNs

The information stolen in the recent cyberattack on insurance giant Allianz Life included people’s full names, postal addresses, dates of birth and, particularly worryingly - Social Security numbers (SSN), the company has confirmed.

Allianz Life has filed new forms with the Attorney General’s office in Texas and Massachusetts, in which it confirmed what kind of data was taken when a threat actor accessed a third-party cloud-based CRM system the company uses.

After finding out about the intrusion, the company took measures to contain it, and notified the FBI. So far, there is no evidence the company’s network or other systems were accessed, it was added.

Abusing SSNs

Speaking to TechCrunch, a spokesperson for Allianz Life said the company will begin notifying affected individuals on August 1.

“The letters will offer specific information relevant to impacted individuals including the type of data that may have been affected,” it said.

SSNs are a core piece of personal identity in the US and they unlock access to a wide range of services and records.

They allow cybercriminals to impersonate victims, potentially opening bank accounts in their name, apply for loans and credit cards, or rack up debt.

They can also commit fake tax returns, gain access to medical treatment or prescription drugs, and even get a job illegally, which might cause problems for the victims during background checks.

Finally, criminals might use SSNs to apply for various Social Security benefits, unemployment compensation, or welfare.

Stay protected

The attack is particularly concerning as such records could contain more than enough of sensitive information for hackers to launch highly personalized, successful phishing campaigns, leading to identity theft, wire fraud, and even ransomware attacks.

If you're concerned you may have been caught up in the incident, don't worry - there are a number of methods to find out. HaveIBeenPwned? is probably the best resource only to check if your details have been affected, offering a run-down of every big cyber incident of the past few years.

And if you save passwords to a Google account, you can use Google's Password Checkup tool to see if any have been compromised, or sign up for one of the best password manager options we've rounded up to make sure your logins are protected.

Via TechCrunch

You might also like

• Ransomware gangs are now expanding to physical threats in the real world
• Take a look at our guide to the best authenticator app
• We've rounded up the best business password managers around

• Microsoft has said Windows 11 SE will run out of support in October 2026
• This brings an end to this alternative spin on Windows 11
• However, Surface Laptop SE owners were previously promised a longer timeframe of support for their devices

Microsoft has announced that it's dropping support for Windows 11 SE in just over a year's time, leaving buyers of low-cost laptops running this spin on its OS in the lurch - and admitting defeat with this most recent initiative to take on Google's Chromebooks.

If you're unfamiliar with Windows 11 SE, it was designed as a (kind of) lightweight version of the desktop operating system. It was preinstalled on affordable laptops that were priced to do well in the education sector, trying to take a piece of the pie that Chromebooks dominate (SE seemingly stood for Student or School Edition).

Windows Central reports that Microsoft announced via its Learn portal that Windows 11 SE support is being shuttered in October 2026.

The company said: "Microsoft will not release a feature update after Windows 11 SE, version 24H2. Support for Windows 11 SE - including software updates, technical assistance, and security fixes - will end in October 2026. While your device will continue to work, we recommend transitioning to a device that supports another edition of Windows 11 to ensure continued support and security."

So, you won't be provided with Windows 11 25H2 later this year on your SE device, if you own one - version 24H2 is as far down the line as you'll get, and all updates will cease full-stop in just over a year.

(Image credit: Microsoft)Analysis: Silly Ending for a Student Edition?

Microsoft has been trying to take on Google's Chromebooks for a long time now, including efforts such as Windows 10X - which badly misfired and ended up being canned before it even arrived. Windows 11 SE was the most recent effort, emerging late in 2021, and it was showcased by Microsoft in its Surface Laptop SE. However, as we observed in our review of that machine, there was a problem here - the performance level of the notebook was rather poor.

The simple truth about Windows 11 SE is that while it was supposed to be a streamlined operating system for low-cost devices, this variant of the desktop OS was still too unwieldy. There just wasn't enough emphasis on trimming down Windows 11 so it performed better.

Indeed, much of the thrust of Windows 11 SE was about simplifying the computing experience for students - the interface, and locking the system to only admin-approved apps, plus cloud services - rather than actually streamlining the operating system so it ran well on lesser hardware. And let's be honest, the latter was the whole point, really, at least in terms of making affordable laptops to rival cheap Chromebooks (which run very slickly indeed, despite their low cost).

So, all in all, it's not surprising to see Microsoft shutter this effort in this manner. What is surprising, though, is how owners of Windows 11 SE machines, like the Surface Laptop SE, have now been left in the lurch by this announcement that support is being killed in a year.

As Neowin, which also picked up on this move, points out, the Surface Laptop SE has an end-of-service date (for firmware and drivers) of January 11, 2028. But with Microsoft now having revealed that Windows 11 SE won't be going on beyond October 2026, that's cutting this support window (pun not intended) short by over a year.

Those who own a Surface Laptop SE, who thought they were good for another couple of years, have effectively now been told they're going to be a year shorter on support. If Microsoft promised support for this showcase laptop through to 2028, then why not extend support for the dedicated OS it runs to that date, too? Strong-arming folks into moving early hardly seems fair here.

It seems an odd decision to make, and one that won't endear Microsoft to some people. Indeed, when it comes to Microsoft's next big shot at taking on Chromebooks - if there is one - those in the education sector might remember what's happened here, and be less trusting of new ideas from the software giant.

For those who do have a laptop running Windows 11 SE, and now need to plan on switching away sooner from that OS, maybe to a different flavor of Windows 11, this is possible, albeit somewhat problematic in some reported cases. Going by this Reddit thread, if you're running into trouble in this endeavor, you may want to try turning off Secure Boot in the laptop's BIOS to get a working installation of Windows 11 Home or Pro on an SE machine (you can switch the feature back on afterwards, apparently).

You might also like...

• Fed up with your mouse cursor supersizing itself randomly in Windows 11? Thankfully this frustrating bug should now be fixed
• Microsoft promises to crack one of the biggest problems with Windows 11: slow performance
• No, Windows 11 PCs aren't 'up to 2.3x faster' than Windows 10 devices, as Microsoft suggests – here's why that's an outlandish claim

• Foundation season 3 is digging deeper into Demerzel's backstory and current motivations
• The actor portraying her has discussed on the sudden existential crisis she's suffering from
• Demerzel has started unloading her thoughts, feelings, and history to a close confidante

Foundation actor Laura Birn has lifted the lid on the inner turmoil that's gripped Demerzel so far this season.

Speaking to TechRadar ahead of Foundation season 3's launch in early July, Birn explained how events in the Apple TV Original's fourth chapter, as well as what's happened in prior seasons, are causing a crisis of confidence for Empire's usually unflappable robot advisor.

Full spoilers immediately follow for Foundation's story so far, up to and including its most recent entry. turn back now if you're not caught up.

Demerzel will have to contend with this season's Cleons being scattered to the wind in Foundation's next episode (Image credit: Apple TV+)

As we've learned throughout the Apple TV+ sci-fi epic's run, Demerzel is the galaxy's last surviving robot. The rest of her race was wiped out after the failed Robot Uprising, which took place centuries before the show's main plot. That defeat also led to Demerzel being reprogrammed by Empire's first ruler Cleon I and forced to serve him, plus his many clones that would follow, as Empire's majordomo.

Foundation's third season has shed further light on one of its most complicated and duplicitous characters. Indeed, during her therapy session-style chats with Zephyr Vorellis (Rebecca Ineson), Demerzel has revealed more about her backstory and even confessed about having a hand in shocking events that we've born witness to in one of the best Apple TV+ shows. Among those revelations are the three rules that all robots originally lived by and Demerzel being the culprit behind the destruction of Trantor's Space Bridge – and the death of countless people – in season 1.

That's not all. After Demerzel came into possession of the Prime Radiant in Foundation's season 2 finale, she's spent the 152 years between seasons learning about psychohistory and how it could stave off Empire's predicted fall. As we learned in Foundation season 3's premiere, though, The Mule's arrival has thrown Hari Seldon's calculations into disarray. Long story short: not only is Empire's race about to be run but, unless The Mule can be stopped, humanity will cease to exist in just four months.

Demerzel refutes Vorellis' opinion that Empire's robot advisor more human than she believes (Image credit: Apple TV+)

For an android designed to protect the Cleonic Dynasty and ensure Empire's survival, it's easy to see why Demerzel has spent much of this season worrying about what the future holds for her if Empire is no more. After all, she's preconditioned to prevent its ruination. Couple the aforementioned life-threatening issues with the ones I outlined two paragraphs ago, and it's little wonder she's suffering an existential crisis and seeks out a sympathetic ear to gets things off her chest.

"It's a heavy season for," Birn told me. "Her programming has been very straightforward for her until now but, having possession of the Prime Radiant, which offers so much new information, it also makes her question what her programming means and what kind of decision she is able to make. Is there always only one right choice, or are there actually several [she can choose from]?

"She's also carrying all of that baggage by herself," Birn continued. "There's no one in the palace who sees or listens to her, or who's able to empathize with her. There's no one in the galaxy who could because she's the only one left of her species, so it's kind of like she's spiraling inwards. She's felt like she can only try and process this internally, which can be very restricting as an actor.

"That's why she needs to have someone," Birn added. "She needs Vorellis to be someone she can share some of this with and try to unravel the paradox twisting inside her. Will it eventually consume her? You'll have to see."

Foundation season 3's first four episodes are out now on Apple TV+. New chapters will air weekly on one of the world's best streaming services.

You might also like

• Who is Magnifico Giganticus in Foundation season 3? The Apple sci-fi series' most important new character explained
• 'They're not sure they can trust each other': Foundation season 3 stars drop big hints about what's next for the Apple TV+ show's most unlikely team-up
• Foundation season 3 episode 2 appears to say goodbye to a key character, but the Apple TV + show's star isn't too sad about it: 'I found it satisfying'

• DoubleTrouble malware is now hosted on Discord
• The malware still poses as a European bank, so users beware
• It comes with screen recording, “advanced” keylogging, and new UI overlay capabilities

Infamous Android banking trojan DoubleTrouble is now being distributed through Discord-hosted APKs, researchers have said, warning users of a “disturbing trend” towards social media platforms being used as delivery channels for malware.

DoubleTrouble is a well-known banking trojan, named for its ability to hinder static analysis by assigning “nonsensical two-word combinations” to its methods and class names.

In its early days, the malware was distributed via spoofed websites of European banks, and contained basic functionalities such as overlays to steal banking credentials, the ability to capture lock screen information, and keylogging.

A growing mobile threat

However, new findings from Zimperium’s zLabs security team claim the malware evolved, not just in its infostealing capabilities, but also in how it is being distributed.

The recently observed variants also come with screen recording, “advanced” keylogging, and new UI overlay capabilities designed to steal credentials and manipulate infected devices.

As for delivery, DoubleTrouble still runs bogus websites, but the malware itself is hosted within Discord channels.

Once the app is installed, it deploys the actual malware in the form of an extension, or an add-on. It also uses the Google Play icon to hide in plain sight and appear trustworthy.

The final step is to ask for Accessibility Services permissions, which grants it the ability to steal all the necessary information. This is also the usual red flag for Android-borne malware and should always raise suspicion with users.

“As attackers shift to mobile-first strategies and use dynamic delivery methods like Discord to evade traditional defenses, organizations need real-time, on-device protection,” said Kern Smith, VP of Solutions Engineering at Zimperium.

“DoubleTrouble is a stark reminder that mobile threats are growing more evasive and more dangerous, targeting everything from banking credentials to cryptocurrency wallets.”

As usual, the best way to defend against this type of attacks is to only download apps from official repositories, and to keep the device protected with Play Protect and Android security solutions.

You might also like

• Dangerous Android malware targets US banking apps - 50,000 people already affected, make sure you're not next
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers