TechRadar News

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #327) - hint #1 - today's theme What is the theme of today's NYT Strands?

• Today's NYT Strands theme is… Get smart

NYT Strands today (game #327) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• THIN
• SUCK
• SELL
• BUCK
• TEEN
• HILL

NYT Strands today (game #327) - hint #3 - spangram What is a hint for today's spangram?

• Next level

NYT Strands today (game #327) - hint #4 - spangram position What are two sides of the board that today's spangram touches?

First side: top, 5th column

Last side: bottom, 4th column

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #327) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #327, are…

• QUICK
• BRILLIANT
• BRIGHT
• CLEVER
• INTELLIGENT
• SPANGRAM: THATS GENIUS

• My rating: Easy
• My score: Perfect

Spotting a Q in a Strands puzzle is always a great headstart and after a QUICK opener the rest fell into place quite easily today.

The only real sticking point was the Spangram, which was made up of two words and which jarred a little thanks to the absence of an apostrophe in THATS GENIUS – not that this is possible in Strands, it’s just sad to see their disappearance from the world.

As an English teacher might put it: people only write “Thats” instead of “That’s” because they’re lazy. And that’s the truth.

How did you do today? Let me know in the comments below.

Yesterday's NYT Strands answers (Thursday, 23 January, game #326)

• MILK
• BUTTER
• CHEESE
• GELATO
• CUSTARD
• YOGURT
• SPANGRAM: DAIRY PRODUCTS

What is NYT Strands?

Strands is the NYT's new word game, following Wordle and Connections. It's now out of beta so is a fully fledged member of the NYT's games stable and can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.

Good morning! Let's play Connections, the NYT's clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need clues.

What should you do once you've finished? Why, play some more word games of course. I've also got daily Strands hints and answers and Quordle hints and answers articles if you need help for those too, while Marc's Wordle today page covers the original viral word game.

SPOILER WARNING: Information about NYT Connections today is below, so don't read on if you don't want to know the answers.

NYT Connections today (game #593) - today's words

(Image credit: New York Times)

Today's NYT Connections words are…

• LITTER
• NICOTINE
• ROUGH
• TRADE
• CABBAGE
• BROOD
• LINE
• POINT
• REFLECT
• STARE
• INTERRUPT
• WORK
• CRAFT
• MUSE
• SOUL
• PONDER

NYT Connections today (game #593) - hint #1 - group hints

What are some clues for today's NYT Connections groups?

• YELLOW: Weighing things up
• GREEN: Mean energy
• BLUE: Profession
• PURPLE: Add a word that rhymes with “catch”

Need more clues?

We're firmly in spoiler territory now, but read on if you want to know what the four theme answers are for today's NYT Connections puzzles…

NYT Connections today (game #593) - hint #2 - group answers

What are the answers for today's NYT Connections groups?

• YELLOW: CONTEMPLATE 
• GREEN: RUDE THINGS TO DO
• BLUE: VOCATION 
• PURPLE: -_PATCH 

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Connections today (game #593) - the answers

(Image credit: New York Times)

The answers to today's Connections, game #593, are…

• YELLOW: CONTEMPLATE BROOD, MUSE, PONDER, REFLECT
• GREEN: RUDE THINGS TO DO INTERRUPT, LITTER, POINT, STARE
• BLUE: VOCATION CRAFT, LINE, TRADE, WORK
• PURPLE: -_PATCH CABBAGE, NICOTINE, ROUGH, SOUL

• My rating: Moderate
• My score: 3 mistakes

I saw the Yellow and Purple groups very quickly today, but really struggled with two theoretically easy connections – RUDE THINGS TO DO and VOCATION.

There must be a technique where, after you make one guess and get the “one away…” alert, you then solve it on the next – but I’m uncertain of what it is. I guess it helps if you have three answers locked in and are just looking for the fourth, but too often I'm not entirely sure of which ones are right and which wrong. I spend far too long randomly trying things than stopping to think logically.

Still, I got there in the end today, solving the Green group on the last chance and not needing to worry about Blue.

How did you do today? Let me know in the comments below.

Yesterday's NYT Connections answers (Thursday, 23 January, game #592)

• GREEN: RESULTS OF SOME DIGGING DITCH, HOLE, PIT, TRENCH
• YELLOW:  TYPES OF ACADEMIC COURSES DISCUSSION, LAB, LECTURE, SEMINAR
• BLUE: ONES WEARING ROBES BOXER, JUDGE, MONK, WIZARD
• PURPLE: ___ UP BATTER, BOTTOMS, CHIN, LAWYER

What is NYT Connections?

NYT Connections is one of several increasingly popular word games made by the New York Times. It challenges you to find groups of four items that share something in common, and each group has a different difficulty level: green is easy, yellow a little harder, blue often quite tough and purple usually very difficult.

On the plus side, you don't technically need to solve the final one, as you'll be able to answer that one by a process of elimination. What's more, you can make up to four mistakes, which gives you a little bit of breathing room.

It's a little more involved than something like Wordle, however, and there are plenty of opportunities for the game to trip you up with tricks. For instance, watch out for homophones and other word games that could disguise the answers.

It's playable for free via the NYT Games site on desktop or mobile.

• Phishing campaign mimics CAPTCHA to deliver hidden malware commands
• PowerShell command hidden in verification leads to Lumma Stealer attack
• Educating users on phishing tactics is key to preventing such attacks

CloudSek has uncovered a sophisticated method for distributing the Lumma Stealer malware which poses a serious threat to Windows users.

This technique relies on deceptive human verification pages that trick users into unwittingly executing harmful commands.

While the campaign primarily focuses on spreading the Lumma Stealer malware, its methodology could potentially be adapted to deliver a wide variety of other malicious software.

How the phishing campaign works

The campaign employs trusted platforms such as Amazon S3 and various Content Delivery Networks (CDNs) to host phishing sites, utilizing modular malware delivery where the initial executable downloads additional components or modules, thereby complicating detection and analysis efforts.

The infection chain in this phishing campaign begins with threat actors luring victims to phishing websites that mimic legitimate Google CAPTCHA verification pages. These pages are presented as a necessary identity verification step, tricking users into believing they are completing a standard security check.

The attack takes a more deceptive turn once the user clicks the "Verify" button. Behind the scenes, a hidden JavaScript function activates, copying a base64-encoded PowerShell command onto the user’s clipboard without their knowledge. The phishing page then instructs the user to perform an unusual series of steps, such as opening the Run dialog box (Win+R) and pasting the copied command. These instructions, once followed, cause the PowerShell command to be executed in a hidden window, which is invisible to the user, making detection by the victim almost impossible.

The hidden PowerShell command is the crux of the attack. It connects to a remote server to download additional content such as a text file (a.txt) containing instructions for retrieving and executing the Lumma Stealer malware. Once this malware is installed on the system, it establishes connections with attacker-controlled domains. This allows attackers to compromise the system, steal sensitive data, and potentially launch further malicious activities.

To guard against this phishing campaign, both users and organizations must prioritize security awareness and implement proactive defences. A critical first step is user education.

The deceptive nature of these attacks - disguised as legitimate verification processes - shows the importance of informing users about the dangers of following suspicious prompts, especially when asked to copy and paste unknown commands. Users need to be trained to recognize phishing tactics and question unexpected CAPTCHA verifications or unfamiliar instructions that involve running system commands.

In addition to education, deploying robust endpoint protection is essential for defending against PowerShell-based attacks. Since attackers in this campaign rely heavily on PowerShell to execute malicious code, organizations should ensure that their security solutions are capable of detecting and blocking these activities. Advanced endpoint protection tools with behavioural analysis and real-time monitoring can detect unusual command executions, helping to prevent the malware from being downloaded and installed.

Organizations should also take a proactive approach by monitoring network traffic for suspicious activity. Security teams need to pay close attention to connections with newly registered or uncommon domains, which are often used by attackers to distribute malware or steal sensitive data.

Finally, keeping systems updated with the latest patches is a crucial defense mechanism. Regular updates ensure that known vulnerabilities are addressed, limiting the opportunity for attackers to exploit outdated software in their efforts to distribute malware like Lumma Stealer.

"This new tactic is particularly dangerous because it plays on users' trust in widely recognized CAPTCHA verifications, which they encounter regularly online. By disguising malicious activity behind what seems like a routine security check, attackers can easily trick users into executing harmful commands on their systems. What’s more concerning is that this technique, currently distributing the Lumma Stealer, could be adapted to spread other types of malware, making it a highly versatile and evolving threat,” said Anshuman Das, Security Researcher at CloudSEK.

You may also like

• Exela Stealer uses Discord to steal Windows user's data
• Lumma Stealer malware linked to GitHub comments
• Criminals are using YouTube videos to trick victims

• Sextortion scams evolve with personalized tactics and heightened intimidation.
• Threat actors exploit invoicing platforms to bypass email security filters.
• Robust email filters and training help counter sextortion threats effectively.

Sextortion scams are becoming more complex and personal as the scams now frequently target individuals across different sectors with greater precision creating a sense of immediate threat.

Cofense Phish Defense Center (PDC) recently observed a notable evolution in sextortion scams, which unlike earlier versions, which relied primarily on generic scare tactics, now use more sophisticated strategies, often bypassing traditional security measures.

The campaigns now personalize emails, including personal details such as the target's home address or phone number directly in the email body, in order to capture the recipient's attention and adds a layer of credibility to the scam.

Exploitation of fear through technical jargon

These emails generally originate from random Gmail accounts, which are harder to trace, rather than the typical impersonated addresses seen in earlier scams.

In addition to personal information, scammers have escalated their approach by including images of the target’s supposed home, workplace, neighbourhood or street in attached PDF files.

The email addresses the recipient by name and provides a specific location, followed by threats of a physical visit if the target fails to comply. This blend of personal details and digital intimidation is a shift from the simpler sextortion scams that used to rely solely on the fear of compromised online privacy.

The scam emails claim that the target’s device has been infected with spyware, often citing "Pegasus" as the malware responsible for the supposed breach. Threat actors use technical jargon to manipulate recipients with the hope that they have a limited understanding of cybersecurity. The emails claim that the attacker has been monitoring the victim for an extended period, gathering sensitive information, and even recording videos of them.

In some cases, the scammer adopts a casual tone lacing the message with slang or compliments to make it seem as if they have been closely observing the target's life. The message typically concludes with two choices: ignore the email and face public humiliation or pay a ransom in cryptocurrency to ensure the alleged compromising material is never released.

A recurring part of these scams is the demand for payment in Bitcoin or other cryptocurrencies. Scammers often provide a Bitcoin wallet address, sometimes alongside a QR code to facilitate the payment process.

Another notable shift in sextortion campaigns is the use of invoicing services to deliver phishing emails. These services allow threat actors to send emails that bypass certain security protocols by disguising the sender's information. Since these invoicing platforms handle the email's delivery, their legitimate headers and content often allow the message to avoid detection.

To combat these evolving scams, individuals and organizations must stay informed and vigilant. Educating users about the nature of sextortion scams and the tactics employed by attackers can reduce the likelihood of falling victim.

You might also like

• Phishing emails using SVG attachments to get away with attacks
• Gmail remains by far the most popular email service
• Stay safe online with the best firewall software around

• OpenAI has officially launched it's first AI Agent: Operator
• It's works within a web browser to complete tasks for you, and is out now as a limited research preview
• Operator can make a dinner reservation, fill out a form, and complete other web tasks

OpenAI is always looking for the next big thing to add to ChatGPT, and after months of rumors, including a report from earlier this week that teased a launch, the technology giant’s first AI Agent is here. Operator is designed to complete web tasks for you, all with a touch of a button.

Essentially, Operator is a Computer Using Agent (CUA) that uses GPT-4o’s visual skills to browse and search the web. This means that it can understand the context of what to search for, and thanks to its multi-modality, it understands what it sees as it searches. It’s available now as a research preview for ChatGPT Pro subscribers in the United States.

Operator is described as “an agent that can use its own browser to perform tasks for you." OpenAI released a demo showing Operator browsing the web as we (that is, we humans) do. You might ask Operator to book a dinner reservation for you, fill out an arduously long form, order groceries from a service, or even book a flight. It can use OpenTable to find and book a reservation at a restaurant, as shown in the demo. Operator will even walk you through its steps.

Operator is a ‘research preview,’ so know that it’s in its early days. OpenAI does impose some limitations. We haven’t had the chance to go hands-on yet, but it certainly looks impressive. This is OpenAI’s first entry into the world of AI agents, which will likely be the theme of the year in the realm of artificial intelligence.

OpenAI writes in a blog post announcing Operator that it “is one of our first agents, which are AIs capable of doing work for you independently—you give it a task and it will execute it.” This hints that not only are there other agents in the pipeline – Altman confirmed this during the live demo – but that they're all based around the notion of doing things for you – a big step in the quest to make AI even more helpful, giving us some time back.

Operator is powered by the new Computer Using Agent (CUA) model, which pairs GPT4o’s vision skills with advanced reasoning. This all comes together to let Operator understand and use elements within a browser – the search bar, various buttons, and on-screen content.

(Image credit: OpenAI)

OpenAI explains that “Operator can ‘see’ (through screenshots) and ‘interact’ (using all the actions a mouse and keyboard allow) with a browser,” allowing it to functionally use a browser to complete a task. That’s pretty neat, especially if it works at a high rate of success, and according to the blog post, it can self-correct.

However, as with most new AI tools and skills, it will likely take some time for this to become truly useful in the real world. That will also require OpenAI to open it up to more folks, though as an early research preview it’s still certainly an impressive demo.

For now, if you’re in the United States and subscribed to ChatGPT Pro, you can try it out on OpenAI’s website. OpenAI CEO Sam Altman teased that it would eventually arrive in other countries and be added to the ChatGPT Plus subscription. As we remember from some of the announcements from 12 Days of OpenAI, Europe will likely take a bit longer.

You might also like

• Samsung Galaxy Unpacked – Galaxy S25 Ultra, S25 Edge and 9 things we learned
• Nvidia GeForce RTX 5090 review: the supercar of graphics cards
• I’ve used an iPhone for 15 years, but Samsung Galaxy S25’s new AI briefing feature makes me want to give Android a try

• Cloudflare AI Audit offers analytics to track and monetize content usage
• Creators regain control with automated tools and fair compensation
• Cloudflare bridges creators and AI firms for balanced content use

As artificial intelligence use cases continue to evolve, there is a growing concern from website owners and content creators over the unauthorized use of their content by AI bots.

Many websites, ranging from large media corporations to small personal blogs, are being scanned by AI models without the creators’ knowledge or compensation, not only affecting businesses but also diminishing the value of online content.

In response to these challenges, Cloudflare has introduced AI Audit, a new suite of tools designed to help content creators manage how their work is accessed by AI bots.

Cloudflare AI Audit

AI models require large data for training and many website owners often find that their contents are being scraped by bots for use in training artificial intelligence systems.

These bots can scan a website multiple times a day, gathering vast amounts of data, but this AI scraping can be overwhelming for content creators, particularly those running small websites or independent blogs.

Without a clear understanding of how their content is being used or the resources to fight back, creators often have little choice but to allow AI models to scrape their work.

Cloudflare’s AI Audit seeks to change that dynamic, giving creators the tools they need to regain control.

For content creators, this practice presents two major concerns including loss of control over their work and the absence of compensation. Content creators may not even be aware of the scale of these activities, as traditional analytics tools do not usually track how AI models interact with their sites.

AI Audit allows creators to manage and block this activity via an easy, automated, and one-click solution to limit unwanted bot interactions. In addition to automated controls, AI Audit offers detailed analytics that give website owners insights into how often their content is being accessed by AI bots. These analytics reveal the types of bots scanning their site, the purpose behind the data collection, and whether attribution is being given when the data is used.

AI Audit also provides advanced metrics that help content creators negotiate fair deals with AI companies. By understanding the rate at which their content is crawled and utilized, creators can ensure they are compensated for their work. This tool also provides standardized terms of use, helping creators safeguard their rights and maintain control over how their content is used in the growing AI landscape.

Cloudflare is also working on a feature that will allow content creators to set fair prices for the right to scan their content. This will be very helpful for those creators who have no idea how the transaction should proceed and will also make it easier for both creators and AI companies to engage in mutually beneficial exchanges.

“AI will dramatically change content online, and we must all decide together what its future will look like,” said Matthew Prince, co-founder and CEO, of Cloudflare.

"Content creators and website owners of all sizes deserve to own and have control over their content. If they don’t, the quality of online information will deteriorate or be locked exclusively behind paywalls."

You might also like

• These are the best AI tools around today
• We've also rounded up the best AI writers on offer
• Many businesses are holding back on big AI spending

A day on from Samsung’s Galaxy Unpacked, I’m genuinely impressed with a Samsung event for the first time in my life. You see, I’ve been an iPhone user since 2010, when I was 15 years old, and while I write about tech for a living, the most I’ve come to using Android daily is a week or so for an experiment.

After watching Galaxy Unpacked and the unveiling of Samsung’s Galaxy S25 lineup of smartphones, I’m not only intrigued by the Android phones on offer, but I’m starting to think I should really give the South Korean tech giant’s flagship a try.

I don’t want to beat around the bush, this isn’t an article about moving from iPhone to Android, after all, I’ll continue to use Apple Intelligence on the iPhone 16 Pro Max ultimately until the iPhone 17 comes out.

That said, Samsung’s approach to AI has got me seriously contemplating a few months on the dark side, getting to know everything Galaxy AI’s mix of Google Gemini and Bixby has to offer. While I could go on about the fancy Gemini chaining features that let you ask AI to find restaurants and make calendar entries or the new Audio Editor feature that can isolate sound and remove background noise, it’s Samsung’s Now Brief AI tool that has piqued my interest.

What’s Now Brief?

(Image credit: Samsung)

What is Now Brief, I hear you ask? Well, apart from its terrible name, Now Brief is a brand-new OneUI 7 feature in the Galaxy S25, S25+, and S25 Ultra. The Galaxy AI-powered tool learns how you use your device and gives you a morning, afternoon, and evening briefing to help you stay on top of your life.

In the lead-up to the S25 launch, I spoke with Annika Bizon, Director of Mobile Experience for Samsung UK & Ireland, who said, “Modern life is hard. Balancing work and home is incredibly overwhelming, and we’re all looking for ways to help us juggle life’s demands.”

“We’ve reached a point now where AI has evolved to become a companion – it's knowing intuitively what you need, and when. It’s lightening your load so you can focus on the things that matter, at your own pace.”

And that’s exactly what Samsung hopes Now Brief will achieve: a way to help you keep on top of the busyness of life without the stress of having to manage multiple apps, calendars, to-do lists, and everything else that clutters your brain.

What can Now Brief do?

Like most AI tools, Now Brief launches with a lot of promise but not much to show for it. Samsung is adamant that Now Brief will improve over time as you use your shiny new Galaxy S25 smartphone. That means, in demos shown to my colleagues who attended Samsung’s Galaxy Unpacked, there wasn’t any personalized information in Now Brief, just weather information, some calendar events, and a coupon with an upcoming expiry date.

Once Now Brief learns your usage patterns, you can expect to get more tailored suggestions, including the ability to open maps and activate specific playlists just by knowing you’re driving to work. Anything related to Now Brief, such as a reminder that you need to leave for work in 10 minutes, will pop up on the S25’s lock screen in what Samsung calls Now Bar. This is essentially an AI-fuelled notification that pops up whenever relevant information is deemed important. It also looks nearly identical, in terms of looks, to Live Activities on an iPhone's lockscreen.

Now Brief is Samsung’s attempt to make AI work for everyone, removing the stress of keeping on top of life and replacing it with tailored summaries of the things you need to be aware of. On my iPhone, I already have some functionality similar to Now Brief, such as Siri Suggestions for when I need to leave to get to an event on time. Still, Samsung’s way of condensing information into morning, afternoon, and evening makes me wish Apple would introduce a similar functionality in iOS 19.

I’m constantly looking for the best productivity apps and, nowadays, the best AI apps to help me take control of my life and improve my routine. Now Brief is precisely the kind of first-party functionality that I think will make a real difference to users’ lives and, in turn, showcase the true power of AI.

While it might not be enough to make me switch to Android for good, I’m interested in seeing what Now Brief is truly capable of and whether or not Galaxy AI is the true AI companion that Samsung promises it to be.

You can read our Samsung Galaxy S25 hands-on review, Samsung Galaxy S25+ hands-on review and our Samsung Galaxy S25 Ultra hands-on review for more about Samsung's latest phones.

You might also like

• The Samsung Galaxy S25 Ultra’s S Pen just got a tech downgrade
• Samsung Galaxy S25
• Samsung Galaxy Unpacked live

• Apple has joined the board of the Ultra Accelerator Link consortium
• The link is a key technology that binds GPUs, not unlike synapses on neurons
• UALink is emerging as the biggest rival to Nvidia's proprietary NVLink

Back in June 2024, we reported how a number of big tech names had banded together to form the Ultra Accelerator Link (UALink) Promoter Group, a strategic move aimed at reducing Nvidia's dominance in the AI accelerator market.

Directly competing with Nvidia's proprietary NVLink technology, UALink seeks to develop a new industry standard for high-speed, low-latency communication for scale-up AI systems in data centers. It already has the backing of Intel, AMD, Google, Microsoft, Meta, HPE, Cisco, and Broadcom, but now Apple has joined the UALink board too.

“UALink shows great promise in addressing connectivity challenges and creating new opportunities for expanding AI capabilities and demands,” said Becky Loop, Director of Platform Architecture at Apple. "Apple has a long history of pioneering and collaborating on innovations that drive our industry forward, and we’re excited to join the UALink Board of Directors.”

Project ACDC

By joining the consortium, it seems likely Apple is planning to use UALink tech in "Project ACDC" (Apple Chips in the Data Center), also known as "Baltra."

This rumored initiative, in collaboration with TSMC and Broadcom, aims to develop proprietary AI chips for Apple's data centers, boosting the capabilities of its new Apple Intelligence.

Apple isn’t the only new firm to join the consortium; additional supporters include Alibaba Cloud Computing and Synopsys.

Expected to arrive in the first quarter of 2025, the UALink 1.0 Specification will enable up to 200Gbps per lane scale-up connection for up to 1,024 accelerators within an AI pod.

“We are pleased to welcome Alibaba, Apple, and Synopsys to the UALink Consortium Board of Directors,” said Kurtis Bowman, UALink Consortium Board Chair. “Since our incorporation, the Consortium has grown to more than 65 total members, spanning Cloud, Silicon and IP Providers, Software Companies, System OEMs, and others. The continued support for the Consortium will help accelerate adoption of this key industry standard, defining the next-generation interconnect for AI workloads.”

You might also like

• UALink set to compete with NVLink but is it too little too late?
• Apple set to build a server chip to service its own AI
• Apple may be courting Foxconn to build AI servers based on its M-series CPU

• Wix has announced a new integration with YouTube Shopping
• YouTube Shopping allows people to purchase products directly through YouTube videos
• The feature is available to creators in specific countries

Wix, one of the best website builders on the market, has announced a new integration with YouTube Shopping, giving store owners a new and popular avenue to sell their products, while also expanding YouTube’s social shopping features.

YouTube Shopping is a relatively new service (first announced in 2021) that allows YouTube creators to tag products within their videos. That way, viewers can easily purchase the items directly from the platform.

Before expanding with Wix, YouTube Shopping supported a handful of shopping platforms:

• BASE (only available in Japan)
• Cafe24 (only available in South Korea)
• FourthWall
• Marpple Shop (only available in South Korea)
• Shopify
• Spreadshop
• Spring
• Suzuri
• TeePublic

Transforming social shopping

For some of these platforms, merchants could also view sales and order data in YouTube Analytics. The list has now grown to include Wix. The company says the addition is set to transform the social shopping experience:

“We are always looking for new ways to help our merchants grow their businesses and connect with their customers," said Greg Sisung, Head of Sales Channels at Wix. “Our integration with YouTube transforms the social shopping experience for both sellers and buyers, and even influencers, allowing users to reach their target audiences where they already are, and enhancing their ability to engage with new and larger clientele.”

Wix says its users can manage YouTube Shopping through the Google & YouTube Sales Channels section in their Wix dashboard.

After enabling the tool, merchants can use different features like product tagging in videos and live streams, product drops, and showcasing items on the YouTube store tab.

The company also said that its tools handle the backend process, including syncing product information, managing inventory, and facilitating checkout.

Users can now utilize the Google and YouTube App in all locations where YouTube Shopping is supported - United States, South Korea, Indonesia, India, Thailand, and Vietnam.

Comment from the expert

This is a welcome addition to the Wix platform.

Savvy website owners are always looking for new ways to reach their audience and reduce the friction of making a sale. With sellers increasingly leaning on social media platforms such as YouTube to engage with potential customers, this new tool will do just this, shortening the time and number of clicks between initial interest and a purchase.

With transaction fees on all plans, Wix also stands to benefit from this new partnership.

More from TechRadar Pro

• YouTube's new feature allows users to buy products shown in video
• Check out our roundup of the best AI website builders on the market
• Get a great deal on your Wix subscription with our Wix promo codes

"The only way to stop data from ending up in the wrong hands is by not collecting it in the first place." This is the claim included in an ad from one of the best VPN providers around that ran on Monday, January 20, 2025, in the New York Times.

Through a cartoon-style FBI agent, the Swiss company Mullvad seeks to shed light on the tensions between technologists and law enforcement around encryption.

On one side, the recent Salt Typhoon hack – which compromised all major US telecoms – prompted US authorities to call on citizens to switch to encrypted communications. At the same time, however, the FBI referred to "responsibly managed encryption." For Mullvad, this means one thing – creating backdoors to end-to-end encryption.

"This proves they have not understood anything at all and are not learning from their mistakes. They don’t understand the basics: if you create backdoors, they will be exploited by others, as happened in the Salt Typhoon case," Jan Jonsson, CEO at Mullvad, told TechRadar, adding that the campaign is a way to raise greater awareness around this issue.

U.S. authorities installed backdoors to mass-monitor their own citizens. Someone hacked the backdoors, and millions of Americans' communications ended up in unintended hands.They are doing the same thing over and over again and expecting different results.Ad in today’s… pic.twitter.com/XgwmBNx1VfJanuary 20, 2025

Encryption – which refers to scrambling data into an unreadable form to prevent unauthorized access – is the guarantee that your messages (for example, when you use Signal or WhatsApp) or internet connections (think of how virtual private network (VPN) apps work) remain private between you and the receiver.

Despite recognizing the importance of using encrypted messaging apps, law enforcement has long argued that police officers should be able to access these encrypted messages to catch the bad guys.

This is not a prerogative for US authorities, either. EU lawmakers, for example, are also pushing for the so-called Chat Control proposal. If enacted, this will require all encrypted communication providers to create such an encryption backdoor to allow the monitoring of all citizens' chats on the lookout for illegal content.

Ironically, the day that Mullvad decided to run its ad in the New York Times, the Financial Times published an article reporting the Europol chief's endorsement, yet again, of "responsible encryption."

"Mass surveillance does not belong in democratic societies. We want people to know their rights and demand their rights," said Jonsson. "And we want the politicians to realize that there is no such thing as anonymous data, that data collected eventually leaks, and that it is high time for authorities to stop mass-surveilling their own and other populations."

More of Mullvad's privacy-focused ads

This was the third in a series of ads, run by Mullvad, in the popular US paper to raise awareness about the risks of intrusive data collection and sharing.

Published on January 8, the first ad pictured a leaking car and came as a response to the Volkswagen data breach that exposed the sensitive information of over 800,000 electric vehicles. A leak, Mullvad explains, that shows that there is no such thing as anonymous data.

Do you know?

(Image credit: Mullvad VPN)

Mullvad has been pretty vocal against the EU CSAM (child sexual abuse material) proposal to scan all citizens' chats. The VPN provider put up banners in Stockholm and Guttenberg when Sweden was holding the EU Presidency in 2023. "We will continue to be active in opposing mass surveillance proposals," Jan Jonsson, CEO at Mullvad, told TechRadar.

Jonsson said: "We cannot have a society where people’s lives are tracked under the excuse that the data is anonymous when patterns in the data reveal the person behind it."

A week after, on January 17, a second ad featured a short comic strip shedding light on a few distinct, yet entangled, issues linked with Big Tech's invasive data collection practices.

By tracking everything people do online, according to Mullvad, Big Tech companies are mapping people's ideas before they're even voiced aloud, de-facto undermining their right to free expression.

The VPN provider also believes that banning metadata collection – meaning all the information about the data that is not the content – could also be an easy way to resolve the problem of misinformation from its root. That's because Jonsson said: "Personal data is what is used to create the algorithms that fuel the spread of misinformation."

• Insomniac is still keeping quiet on the release date for Marvel's Wolverine
• Insomniac's co-head Chad Dezern said there is "pent-up excitement" around the project, but couldn't offer any more details
• Marvel's Wolverine was announced back in 2021

Four years after its initial announcement, we still have no idea when Marvel's Wolverine is launching, and Insomniac Games still can't confirm if it will be released in 2025.

News recently broke that Insomniac's founder and CEO Ted Price will be stepping down from the role after more than 30 years. Following the announcement, the studio's new co-chiefs Ryan Schneider, Chad Dezern, and Jen Huang sat down with Variety to discuss the switch in leadership as well as what's in store for the company.

While Chad Dezern did touch on Insomniac's next superhero game, Marvel's Wolverine, the co-head was still unable to offer any juicy details about it or an idea of when players can expect to get their hands on it.

"We’ve announced Wolverine, and we’d love to talk more about Wolverine, but we have to be like Logan today, and remain very stoic until it’s time to pop the claws down the road," said Dezern.

"As much as we’re as much as we have pent-up excitement, we got to hold on to it. So that’s, that’s about as much as we could say about our upcoming projects today."

Marvel's Wolverine was announced in 2021 alongside a short teaser trailer but development updates have been quiet since. Following a cyber attack in December 2023 which resulted in a number of leaks, the studio did release a statement about the situation while also confirming that the game "continues as planned" and "is in early production and will no doubt greatly evolve throughout development, as do all our plans."

You might also like...

• Best PS5 games 2025 - top PlayStation 5 titles to play right now
• Sony's unannounced Horizon Zero Dawn MMO, codenamed 'Project H', has reportedly been scrapped
• Geralt voice actor says CD Projekt Red's decision to make Ciri the star of The Witcher 4 is 'really exciting' - 'I always thought that continuing the Saga, but shifting to Ciri would be a really, really interesting move for all kinds of reasons'

• Asus mentioned an AMD microcode flaw in recent patch notes
• The flaw was not yet publicized by the processor manufacturer
• AMD has since confirmed the news

AMD has seemingly confirmed the existence of a microcode vulnerability which apparently spilled, unintentionally, from PC maker Asus.

Security researcher Tavis Ormandy recently spotted a BETA bios fix for a “microcode signature verification vulnerability” apparently plaguing Asus’ gaming motherboards, being mentioned in the company’s release notes.

This was quite strange, since at the time AMD had made no mention of any such vulnerability.

Confirmation from AMD

"It looks like an OEM leaked the patch for a major upcoming CPU vulnerability, ie: 'AMD Microcode Signature Verification Vulnerability,'" Ormandy said. "I'm not thrilled about this. The patch is not currently in linux-firmware, so this is the only publicly available patch."

Microcode can be described as a set of small instructions stored inside a processor that tells it how to do specific tasks. It works behind the scenes to help the processor understand and carry out more complicated commands.

After the community started asking questions, Asus edited the notes to remove mentioning AMD’s microcode issue. In the meantime, the chipmaker told The Register that Asus’ information was correct:

"AMD is aware of a newly reported processor vulnerability. Execution of the attack requires both local administrator level access to the system, and development and execution of malicious microcode," it said.

The company also suggested abusing the bug requires the victims being tricked into action.

"AMD has provided mitigations and is actively working with its partners and customers to deploy those mitigations,” it added. “AMD recommends customers continue to follow industry-standard security practices and only work with trusted suppliers when installing new code on their systems. AMD plans to issue a security bulletin soon with additional guidance and mitigation options."

At press time, there was no information about the processor models affected by this vulnerability.

Via The Register

You might also like

• Some of the most iconic AMD chips have a serious security flaw — which the company says it probably won't patch now
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

• Assassin's Creed Shadows will allow for more player freedom
• Associated game director Simon Lemay-Comtois says exploration is "much more free form"
• The development team wanted to find "the right balance of discovery and wonder"

Ubisoft Quebec has reworked exploration in Assassin's Creed Shadows to allow for more player freedom in its open world.

That's according to Simon Lemay-Comtois, associated game director for Assassin's Creed Shadows, who told TechRadar Gaming during a special preview event that the team decided on a more guided experience for the upcoming game compared to previous entries in the series.

"It used to be 'point exactly where, right we want players to go', and that has shifted across the entire industry," Lemay-Comtois said. "For us, we already started this with Odyssey a while back where we had a default mode, which is [the] classic 'go here' and then we had, I think we called it exploration mode if I recall, and it was less guided.

"Now for Shadows, this is what we start from. The default mode is much more free form and you have to piece it together."

Lemay-Comtois also noted that if players wanted to, they can turn default mode back on if they wish, which will offer a more direct experience that will help you with where you need to go.

"It feels better to use information that you find and objectives that you piece together," he added. "Is it some form of reward? I think that's what the industry has been showing us these last five, six years, is that finding things by yourself, it's rewarding, so therefore, why don't we just put that in the forefront of exploration?"

The game director also explained how the team tried to make Shadows' setting of Japan a less overwhelming location to explore, compared to games such as Valhalla and Odyssey.

"It's always tricky, because we know we want to represent a much more accurate landscape scale for Japan than we had before, say, for Odyssey, Greece was very compacted compared to [the] real world," he said.

"With Japan, we're not doing it, but we're trying to get closer to a one-for-one scale, especially on castles and stuff like that. So first we start with 'How big does the map need to be to accommodate the different important location where the story is going to take place?' And 'How much space do we need between those things?' And then, when we have that, 'How much content do we need for it to feel right between those things, for you to be pulled off to the side and find things?'"

The development team went through various playtests to get this right, Lemay-Comtois said, to "make sure that we find what feels to be the right balance of discovery and wonder" as well as other things in the world players might be able to notice in the distance that they can find for themselves.

"[The] landscape of Japan is flat ground with very sharp, steep mountains that are not very high, but they completely blocked line of sight over distance," Lemay-Comtois added. "So it's kind of tricky to... you need to be able to climb on a mountain to see what's on the top of the other mountain.

"So it's been, it's been a fun challenge to do, but it's there's no formula to it. You do it, you iterate, you try again, you try again until enough people say that feels good, and hopefully you nail it."

Assassin's Creed Shadows launches on March 20 for PlayStation 5, Xbox Series X, Xbox Series S, and PC.

You might also like...

• Assassin's Creed Shadows - preview
• Assassin's Creed Shadows - hideout mode impressions
• Assassin's Creed Shadows - Animus hub impressions
• What the Assassin's Creed Shadows developers are most excited for fans to see

• Assassin's Creed Shadows will feature more than 700 cinematics
• Realization director David Nibbelin said these cinematics will allow players to connect to the characters on a deeper level
• Players will experience "two perspectives of Japan" through the eyes of Naoe and Yasuke

Ubisoft has revealed that Assassin's Creed Shadows will feature more than 700 cinematics, but it has stressed that it won't be "all chit-chat."

Speaking to TechRadar Gaming during a recent Assassin's Creed Shadows preview event, realization director David Nibbelin said that the development team focused heavily on these cinematics and that it felt important for players to connect to the game's protagonists, Naoe and Yasuke, in between combat and open-world exploration.

"We needed to find a way to make sure that cinematics were compelling content that the player really wanted to put the controller down and enjoy," Nibellin said. "So for us, when we look at cinematics, we can't just think of them as telling a story. It seems kind of silly, but what we want you to do is, we want you to feel these scenes.

"We want you to think of them not as simply what happens next, but as a moment, to recognize consequence, to reflect on the choices you made as a player through gameplay or through selections, actually get an emotional payoff, so that you can connect with the player the characters that you're playing as."

Nibellin continued, saying that these cinematics will allow players "to connect to the characters themselves on a deeper level" and that the team approached this idea by showcasing "two perspectives of Japan through the eyes of our protagonists."

"When you think of Naoe and Yasuke, you think we have two very different viewpoints of this world," he said. "Yasuke who comes in seeing the very creme de la creme, the very top of the elite level. He's meeting Oda Nobunaga, and then Naoe, a farmer's daughter in the hills of Iga, she's seeing it from a very different side...

"It's easy to see big armies and big figures and think [of] the more generic historical context, but what was it like for these two experiences coming into this world? So when you connect through history, it needs to be through them."

The developer also teased that players will be able to experience Naoe and Yasuke's personal stories, their familial dynamics, and how they both deal with loss and romance, while at the same time rooted firmly in Japanese tradition.

Assassin's Creed Shadows was delayed earlier this month and is now set to launch on March 20 for PlayStation 5, Xbox Series X, Xbox Series S, and PC.

You might also like...

• Assassin's Creed Shadows - preview
• Assassin's Creed Shadows - hideout mode impressions
• Assassin's Creed Shadows - Animus hub impressions
• What the Assassin's Creed Shadows developers are most excited for fans to see

• Assassin's Creed Shadows' main story won't feature multiple endings, Ubisoft has confirmed
• Associated game director Simon Lemay-Comtois said side content will have different outcomes
• The game's Canon mode will also take away dialogue options to offer a fixed experienced

Assassin's Creed Shadows' main story won't have multiple endings and will instead feature a fixed outcome.

During an interview with TechRadar Gaming at a recent preview event for Assassin's Creed Shadows, Simon Lemay-Comtois, associated game director, confirmed that the game's narrative can't be changed through player decisions.

"So we don't have multiple endings," Lemay-Comtois said. "We don't have a big shift that could happen. The story that we tell is going to end up where it's going to end up. What you get to choose is the detail and the path you take to get there."

Although the main story's outcome is fixed, Lemay-Comtois confirmed that side quests will allow for multiple outcomes depending on player choices.

"There's a lot of side content that is much more the choices you make in the side content will dictate an outcome or another. But in the main story, it's mostly style and player choice that changes the path you take to get where you want," he said.

Lemay-Comtois also touched on the game's Canon mode, which allows players to experience the game with choices already made for them.

"Some players don't like choice in the games. I'm not one of them, but we introduced the Canon mode, which is the 'here's Assassin's Creed Shadows without choices in it' and this is the ultimate story that the writer would write if there was no choice," the developer said.

This means dialogue choices won't be featured in this mode, which Lemay-Comtois said allows conversations to "flow from one character to the other".

Assassin's Creed Shadows is scheduled to launch on March 20 for PlayStation 5, Xbox Series X, Xbox Series S, and PC.

You might also like...

• Assassin's Creed Shadows - preview
• Assassin's Creed Shadows - hideout mode impressions
• Assassin's Creed Shadows - Animus hub impressions
• What the Assassin's Creed Shadows developers are most excited for fans to see

• I interviewed two Assassin's Creed Shadows devs and asked what they're excited for fans to experience
• One dev focused on the recruitment in-game
• Another highlighted the new way that Shadows is telling its story

Excitement for Assassin’s Creed Shadows is growing as we race toward the game’s March 20 release date.

I recently visited Ubisoft Quebec to go hands-on with the game and get a behind-the-scenes look at development. During my visit, I spoke to key developers and quizzed them on their favorite elements of the game that have not been spoken about much up until now but they were most excited for fans to see.

I first talked to associate game director Simon Lemay-Comtois, who identified something about the people you’ll find out in the world in Assassin’s Creed Shadows.

“I think the allies that you can recruit, like their individual stories and personalities, and the actors who play some of them is the coolest bit that we have not yet revealed fully.”

This relates to the party of extra characters you can collect in Shadows who will take up residence in the Hideout area of the game after you meet them.

Game Director, Charles Benoit, then looked towards the narrative when I asked him the same question, saying the most exciting thing we’re yet to see more of is “the way the stories unfold.”

“I think players will really like the story structure”, referring to the game’s use of flashbacks for both characters to understand their backstories, as well as the dual perspective on the world and narrative more generally.

“So you have a mix of exploring and doing the open world and then leaving [and seeing] past events of their life. And I think the way it’s structured is pretty cool and pretty different from other Assassin’s Creed games, so I can't wait to see what people will think about that”.

The story is something I’m really keen to learn more about myself. Even after several hands-on hours with the game, and experiencing plenty of intrigue and interesting hooks, I’m still in the dark about what’s going on in the game.

You might also like....

• The new Assassin's Creed Animus Hub is exactly the kind of thing I expected it to be: part launcher, part lore and story hub, and a sensible central point
• Assassin's Creed Codename Hexe - everything we know
• Assassin's Creed Jade - everything we know so far

• An AMD exec has explained why RDNA 4 GPUs won’t launch until March
• The reason is to ensure the drivers are fully honed and FSR 4 is more widely supported
• On top of that, there’s a mention of making sure plenty of RX 9070 stock is on hand

AMD has provided a reason why the launch of its RX 9070 graphics cards was announced as happening in March 2025, when the hope – based on chatter from the grapevine, and quite a lot of it – was for an earlier release in Q1.

As made clear by David McAfee on X, AMD’s VP and GM of Ryzen CPU and Radeon graphics, the company is “taking a little extra time to optimize the software stack for maximum performance and enable more FSR 4 titles.”

I really appreciate the excitement for RDNA4. We are focused on ensuring we deliver a great set of products with Radeon 9000 series. We are taking a little extra time to optimize the software stack for maximum performance and enable more FSR 4 titles. We also have a wide range…January 22, 2025

So, AMD is tuning graphics drivers to work as well as possible with the incoming RX 9070 offerings, and to bring more PC games into the fold of being supported by FSR 4.

Furthermore, the exec from Team Red also indicates that building up stock is part of the equation when it comes to pitching the launch of RDNA 4 GPUs later in Q1, rather than earlier.

Analysis: A new tack from AMD – don’t rush, get it right?

This second announcement in short order from McAfee appears to serve a few possible purposes. Of course, on a surface level, it’s good to be kept up to date with what’s going on, and to hear why Team Red is taking more time on this. And I think this is something AMD needed to clarify, as there were a lot of rumors bubbling around what’s happening behind closed doors with RDNA 4.

One of the more frustrating elements of the ‘delay’ of RDNA 4 – which isn’t strictly a delay, seeing as AMD only ever said Q1 2025 for the launch, and that can be as late as March (though admittedly, not any later) – was the apparent appearance of multiple RX 9070 models at retailers. Seasoning needed to be sprinkled over those sightings, naturally, but there were a number of photos, all of which looked authentic enough (it seemed unlikely they were all fakes somehow). These led to some bewilderment and frustration as to why AMD isn’t just ‘getting on with it’ as it were.

McAfee indirectly addresses this with his latest comment, in the mention of some retail partners having “started building initial inventory” but that there’s much more to come. This explains those photo leaks and also assures us that there’ll be plenty of RDNA 4 stock on hand – also playing into, and capitalizing on, the worries that Nvidia won’t have a decent level of inventory for its RTX 5000 graphics cards (at least not initially for RTX 5090 and 5080 models).

All of this is deflecting away from the rumor that AMD has gotten involved in price wrangles with retail partners (who already ordered and received RX 9070 models or at least some stock) after seeing Nvidia’s unexpectedly low MSRPs for Blackwell desktop GPUs.

Furthermore, another concern aired about RDNA 4 was that support for FSR 4 might be thin on the ground to begin with, especially compared to DLSS 4, as Nvidia has a lot of support right out of the gate.

So, it does make sense to address this, and more broadly focus on making the RX 9070 launch as good as it can be – in terms of FSR, drivers, and stock availability. Granted, the fact that the RTX 5070 should already be out in February, and fully tested, to allow for better pitching of the price of the RX 9070 and its XT sibling, is obviously a benefit here too. (If AMD hasn’t yet finalized the price – which, given the overall picture, seems likely to be the case).

This main thrust of making the RDNA 4 launch a high-quality affair also chimes with what Moore’s Law is Dead (MLID) just shared in his latest video (see above). The YouTuber notes that AMD has switched strategy under Jack Huynh (Senior VP of Computing and Graphics) to avoid rushing out products when the market – or launches from rivals – demands them to arrive, and instead, take the time to get the hardware fully right.

And I can’t argue with that strategy because, well, it fully makes sense, and MLID’s sources also make it clear that they aren’t worried that RX 9070 models might disappoint.

So, while I’d like to buy a new mid-range GPU sooner rather than later, I’m just going to have to be patient, as will everyone else. Because even if that is a bit frustrating, if RDNA 4 pans out very well as a result, it will, of course, be worth the wait.

Via VideoCardz

You might also like...

• Still worried RTX 5000 GPUs don’t have enough VRAM? Nvidia’s secret weapon is powerful AI texture compression, and it’s calmed some of my fears
• AMD vs Nvidia: who is the graphics card champion?
• Top gaming PCs: great rigs for serious PC gaming

Our Samsung Galaxy Unpacked live coverage may have wrapped up, but we’re still feeling the excitement of seeing the new Samsung Galaxy S25, S25 Plus, S25 Ultra, and all-new S25 Edge revealed unto the world.

The new flagship Galaxy lineup brings with it a handful of upgrades for each of the three models, with increased RAM, new AI tools, and the blazing-fast Qualcomm Snapdragon 8 Elite chipset.

One of the upgrades that caught my eye during the livestream was the announcement of a new storage tier for the baseline S25, which now comes in a 512GB storage option in addition to the existing 128GB and 256GB variants – but, for some reason, not in the US.

The 512GB storage tier was previously limited to the Samsung Galaxy S24 Plus and S24 Ultra. But this small change gives UK and Australia-based customers a lot more flexibility when it comes to finding the right sizing and storage capacity for them.

The S25 Plus measures 6.7 inches diagonally, so getting more storage previously meant picking up a rather large phone. Keen photographers, gamers, or long-term users who prefer a smaller Galaxy phone now have the option of carrying around half a terabyte of storage in the form of the 6.2-inch S25.

At £959 / AU$1,599, I actually think this high capacity handset is very reasonably priced. It certainly undercuts the 512GB model of the iPhone 16, which comes in at a hefty $1,099 / £1,099 / AU$1,949. Overall, a very pro-consumer choice – good job, Samsung.

However, part of me thinks Samsung could have gone a little further with this year's baseline Galaxy flagship when it comes to storage. Though it may seem crazy to say to those of us who can remember the days of 16GB being the default, I think we’re getting close to the logical end of the 128GB default.

Having plenty of storage space is important as we continue to rely on our phones for day-to-day tasks. (Image credit: Philip Berne / Future)

With generative AI offering new ways to create different types of content, and phone makers continuing to focus on high-resolution mobile photography, users have more ways to fill up their storage than ever before. This, combined with the deflation of component prices over time should, in my opinion, spell the end of 128GB flagships sooner rather than later.

Though still enough space for light to medium users, the baseline S25's 128GB storage option now sticks out like a sore thumb in the company’s lineup. I’d love to have seen Samsung push forward and break this standard before it becomes noticeably outdated.

Of the ‘big three’ phone makers – Apple, Samsung, and Google – Samsung is especially renowned for fitting its phones with high-spec components. A higher standard storage would’ve given the S25 an edge over the Pixel 9 and iPhone 16, both of which sport 128GB as standard and both of which won’t be upgraded until much later in the year.

Still, I’m happy with the lineup we’ve got – as mentioned, this is one of the most competitively priced baseline flagships on the market, and if raising the standard storage tier would incur a price hike then perhaps keeping it steady was the right move. And those who pre-order an S25-series phone get a storage upgrade on the house anyway, doubling your storage for no extra cost.

Our Samsung Galaxy Unpacked live blog is winding down, but for a rundown of the events be sure to check out our Samsung Galaxy Unpacked recap. And for our initial impressions of the new Galaxy phones, be sure to check out our hands-on Samsung Galaxy S25 review, hands-on Samsung Galaxy S25 Plus review, and hands-on Samsung Galaxy S25 Ultra review.

You might also like

• The latest iPhone SE 4 leaks will please small phone fans – as iPhone 16-level power is also rumored
• The Samsung Galaxy S25 Ultra’s S Pen just got a tech downgrade
• We celebrate the Samsung Galaxy S25 launch event with a special episode of our podcast

• Researchers discover large supply-chain attack targeting Chrome extension developers
• Dozens have been compromised, resulting in possibly millions of victim users
• Researchers urge users to patch or uninstall certain extensions

Hackers have managed to compromise dozens of legitimate Google Chrome extensions in what appears to be a highly sophisticated supply chain attack.

As a result, millions of browser users are at risk of data theft, identity theft, wire fraud, and more, cybersecurity researchers at Sekoia has said.

The researchers said the attack starts with a very convincing phishing attack, in which the threat actors impersonated Google Chrome Web Store support. They sent emails to Chrome extension developers, warning them about violated store policies, and having their work removed from the store unless they “extended their privacy policy”. Obviously, the email came with a link, leading to a legitimate Google OAuth authorization page, built for a malicious application

Facebook Business and other targets

Victims who would log in would actually share their login credentials with the attackers, who would use the access to poison their work and compromise the extensions.

Sekoia says that the threat actors were going after Facebook Business accounts, API keys, session cookies, access tokens, account information, and ad account details. In some cases, it was added, the crooks were going after ChatGPT API keys and user authentication data, as well.

The team traced the campaign back to at least March 2024, with the possibility of earlier activity, too.

Some of the more popular extensions that were targeted include GraphQL Network Inspector, Proxy SwitchyOmega (V3), YesCaptcha assistant, Castorus, and VidHelper – Video Download Helper. The full list of attacked extensions can be found on this link.

The number of affected individuals is measured in hundreds of thousands, or even millions, and mostly revolves around the number of downloads of these plugins. Most of the poisoned solutions have been pulled from the Chrome Web Store already. However, users are still advised to remove, or update, affected extensions, to versions released after December 26, 2024, and reset important account passwords, especially for Facebook and ChatGPT.

Via The Register

You might also like

• Google Chrome extensions hack may have started much earlier than expected
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

• Making Ciri the star of The Witcher 4 is "a really good move" according to Geralt's voice actor, Doug Cockle
• Cockle thinks continuing the saga with Ciri is interesting due to her presence in the books
• Doug Cockle will reprise his role as Geralt in The Witcher 4

CD Projekt Red's decision to make Ciri the star of The Witcher 4 is "a really good move" according to Geralt of Rivia's voice actor.

The Witcher 4 was finally revealed last month alongside a gritty cinematic trailer showcasing our first look at a brand new saga starring Ciri as the titular Witcher protagonist.

According to narrative director Phillipp Weber, the decision to make Geralt's adopted daughter the next playable character was made "a very long time ago" and since she was set up in the original Andrzej Sapkowski novels, the development team thought it "was the natural evolution of what we’ve already been making for so long".

Doug Cockle, the voice behind Geralt in the first three The Witcher games, has also shared his enthusiasm for the move, saying there are "all kinds of reasons" that make the choice exciting, mainly for how her role in the books is portrayed.

"I'm really excited," Cockle remarked in a recent interview with IGN. "I think it's a really good move. I mean, I always thought that continuing the Saga, but shifting to Ciri would be a really, really interesting move for all kinds of reasons, but mostly because of things that happen in the books, which I don't want to give away because I want people to go read.

"So yeah, I think it's really exciting. I can't wait. I can't wait to see what they've done."

The Witcher 4 doesn't have a release window just yet, but CD Projekt Red has since confirmed that Doug Cockle will reprise his role as Geralt in the role-playing game (RPG). We also know that it will introduce new regions but that the map will remain "more or less the same" size as The Witcher 3's.

You might also like...

• Best RPGs 2025 - top role-playing games for PC and consoles
• Best PS5 games 2025 - top PlayStation 5 titles to play right now
• CD Projekt Red announces The Witcher in Concert to celebrate 10 years of The Witcher 3: Wild Hunt