Feed aggregator

A hack of location data company Gravy Analytics has revealed which apps are—knowingly or not—being used to collect your information behind the scenes.

The Kirin Electric Salt Spoon at CES 2025 will add a salty taste to your food, though it shocks your tongue to do it.

Texas has become a leading enforcer of internet rules. Its latest probe includes some platforms that privacy experts describe as unusual suspects.

Wandering around without cell service? HMD's new OffGrid hotspot accessory is designed to let smartphones send texts using satellites. We liked it so much, we named it a Best of CES award winner. CNET's Lisa Eadicicco gives it a look.

Here are some hints and the answer for Wordle No. 1301 for Friday, Jan. 10.

• Yellowstone is reportedly coming to Netflix in the UK, Canada and The Netherlands
• The hit Western drama won't be available on Netflix US due to streaming rights
• Viewers in the US can only stream Yellowstone on Peacock and Paramount Network

If you've been wanting to stream Paramount Plus' biggest neo-Western drama Yellowstone, but you’re not subscribed to that particular streaming service, then Netflix might have you covered, as the hit Taylor Sheridan series is reportedly rolling out in more countries, including the UK – although not in the US.

Thanks to Sheridan, Paramount Plus has become the home of neo-Western dramas, and it it all began with the behemoth Yellowstone, which has since birthed two spin-off shows – 1883 and 1923, with more in the works. Netflix caught on to the Yellowstone hype in early 2024 and managed to secure rights to stream one of the best Paramount Plus shows. Then on January 15 last year, Yellowstone was released internationally for the first time, with seasons 1-3 landing in at least 18 countries, including Brazil, India and Germany.

Yellowstone is now available to stream on Netflix in over 50 countries, with the show being released in waves. After the first batch in January 2024, other countries like South Africa and Israel picked up the show in the summer. In December 2024, some Eastern European countries and the Baltics had Yellowstone added to their Netflix library.

Now, Yellowstone is rumored to be expanding to even more countries on Netflix, with What’s On Netflix reporting that the series will become available on one of the best streaming services in the United Kingdom, Canada, and The Netherlands from January 30. There’s no news of the show coming to Netflix in Australia, where viewers can currently stream it on Stan.

It’s not known how many seasons will be released for those three regions, but given that Netflix’s previous rollout saw seasons 1-3 become available in most countries, we can expect the same to happen here. Seasons 4 and 5 are currently only available on Paramount Plus in those countries where that streaming service is available. Meanwhile, Yellowstone streams exclusively on Peacock in the US, but it looks like the Kevin Costner-led drama won’t be added to Netflix’s library there anytime soon.

Why isn’t Yellowstone coming to Netflix in the US?

Netflix only has Yellowstone licensed in certain territories, and those don’t include the US. NBCUniversal’s Peacock acquired the US streaming rights to Yellowstone from CBS in 2020, which means the series only streams on Peacock and Paramount Network.

As per Puck, Peacock will retain the US rights to Yellowstone until four years after the final episode airs. The Yellowstone season 5 finale aired on December 15, 2024, so we’ll have to wait until 2028 to see if the show finds a new streaming home in the US.

While Yellowstone may not be available, there are plenty of other Paramount shows to enjoy on Netflix US, like the Showtime series Dexter and Your Honor, as well as Star Trek: Prodigy. But if you’re looking for more Costner cowboy chaos, you’ll be please to know that his Western movie Horizon: An American Saga – Chapter 1 has found a home on Netflix.

You might also like

• Missing Yellowstone? Taylor Sheridan has a hit Western movie with 97% on Rotten Tomatoes on Paramount Plus you have to watch
• Paramount Plus releases a new action-packed 1923 season 2 trailer and it's the cowboy chaos I needed after the Yellowstone finale
• Yellowjackets season 3: release date, cast, trailer and more news and rumors about the hit Paramount Plus show

Make 2025 the year you dedicate yourself to a good night's sleep with these deals from Sealy, Purple, Brooklyn Bedding and More

It's part of the company's greater push to use AI to enhance personalization.

Put your gaming computer to the test with the best PC games out right now.

Verizon is offering serious savings on some of the best phones for 2025, plus discounted subscriptions and more ways to save.

• Researchers from Eclypsium find vulnerability in the way iSeq 100 boots up
• The bug allows threat actors to establish persistence, brick the device, or tamper with the results
• A patch has since been made available, so update now

A popular DNA sequencer has been found carrying a vulnerability allowing threat actors to establish persistence on the device, destroy the hardware, or even tamper with the results, experts have claimed.

Researchers from Eclypsium analyzed the BIOS firmware in iSeq 100, a DNA sequencer built by a US biotechnology company Illumina, a benchtop sequencing system designed for small-scale genomic and targeted sequencing applications. It is used to read and analyze DNA, help researchers understand genetic information, study diseases, develop treatments, or explore how organisms are related.

Eclypsium said the device boots an older version of the BIOS firmware, which even ran in Compatibility Support Mode (CSM), in order to support older devices. It did not boot with standard protections, including Secure Boot technology.

Manipulating outcomes

All of this made iSeq 100 vulnerable to nine different bugs, some discovered in 2017, and with different severity scores. Threat actors could launch LogoFAIL, Spectre 2, and Microarchitectural Data Sampling (MDS) attacks against these devices, it was claimed.

To make matters worse, Eclypsium said it only analyzed this specific model, and that it is possible that other models are suffering from the same drawbacks, as well, especially since the motherboards in these devices were built by a third party.

“If the data is manipulated by an implant/backdoor in these devices, then a threat actor may manipulate a wide range of outcomes including faking presence or absence of hereditary conditions, manipulating medical treatments or new vaccines, faking ancestry DNA research, etc,” Eclypsium said.

Since making the discovery, Eclypsium notified the iSeq 100 manufacturer, who came back with a patch. There was no word on how many devices are vulnerable, or how fast the patch will be applied on all of them.

“Our initial evaluation indicates these issues are not high-risk,” an Illumina representative told BleepingComputer.

Via BleepingComputer

You might also like

• Mitel collaboration software zero-day strings along a previously patched vulnerability
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

Nightbitch, John Wick, and American Psycho are just a few of the movies you need to watch on Hulu right now.

We saw a lot of awesome robots at CES this year but can't crown any of them "the best." Here's why.

The fate of TikTok now rests in the hands of the US Supreme Court. If a law banning the social video app this month is upheld, it won’t disappear from your phone—but it will get messy fast.

The scope of the devastating Los Angeles wildfires comes into focus through smoke-filled satellite imagery from NASA and other agencies.

• Ivanti uncovers two security vulnerabilities, including one critical-severity
• One of the flaws was being abused as a zero-day by a Chinese threat actor
• Researchers uncovered never-before-seen malware being deployed in the attack

Ivanti has warned customers of a critical vulnerability impacting its VPN appliances that is being actively exploited in the wild to drop malware.

In a security advisory, Ivanti said that it uncovered two vulnerabilities recently - CVE-2025-0282 and CVE-2025-0283, both of which are impacting Ivanti Connect Secure VPN appliances.

The former seems to be the more dangerous of the two. It is given a severity score of 9.0 (critical), and is described as an unauthenticated stack-based buffer overflow. “Successful exploitation could result in unauthenticated remote code execution, leading to potential downstream compromise of a victim network,” it was said.

The second vulnerability, also a stack-based buffer overflow, comes with a 7.0 severity score (high).

New malware deployed

The company urged customers to apply the patch immediately, and provided further details about the threat actors and their tools.

In partnership with security researchers at Mandiant, Ivanti determined the first vulnerability has been abused in the wild as a zero-day, most likely by multiple threat actors.

In at least one of the compromised VPNs, Mandiant found the threat actors deploying the SPAWN ecosystem of malware (including SPAWNANT installer, SPAWNMOLE tunneler, and SPAWNSNAIL SSH backdoor).

The group behind this attack was identified as UNC5221, which is apparently, a China-nexus espionage group, active since at least December 2023.

In the past, UNC5221 has been linked to the exploitation of zero-day vulnerabilities in Ivanti Connect Secure VPN appliances, targeting organizations in telecommunications, healthcare, and public sectors. The group focuses on data exfiltration and espionage.

Mendiant has also seen crooks drop previously unseen malware, now tracked as DRYHOOK and PHASEJAM. They were not able to attribute these families to any known threat actor.

“It is possible that multiple actors are responsible for the creation and deployment of these various code families (i.e. SPAWN, DRYHOOK and PHASEJAM), but as of publishing this report, we don't have enough data to accurately assess the number of threat actors targeting CVE-2025-0282,” Ivanti said in the report.

You might also like

• US Treasury declares ‘major incident’ after apparent state-sponsored Chinese hack
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

The state’s insurance industry was reformed in late 2024 to promote coverage in disaster-prone areas. Tens of billions in fire damage will stress-test the new regime.

The Zero Breeze Mark 3 I saw at CES 2025 is basically a 22-pound heat pump that can run off of a battery.

Plus, we found the best ways to knock a few dollars off the cost of your service plan at the end of the month.

Satellite images show the extent of devastation from multiple wildfires burning in Los Angeles County after one day. The fires have killed at least five people and destroyed thousands of structures.