Feed aggregator

Here are hints and answers for the NYT Strands puzzle for July 9, No. 493.

Commentary: Don't put baby in the Squid Game.

One Guadalupe River flood gauge near Kerrville and Camp Mystic recorded a rise of more than 25 feet in two hours.

Electronics and back-to-school supplies are expected to top many shoppers' lists.

(Image credit: Damian Dovarganes)

The Hotel Oloffson in Haiti's capital Port-au-Prince, long a haven for artists and writers, poets and presidents, a symbol of Haiti's troubled politics and its storied past, has been destroyed by gangs.

(Image credit: Don Bartletti/Los Angeles Times)

Our CNET experts have just the thing for you if you're looking for recommended indoor cameras across a variety of brands, such as Ring, Nest, Blink and Eufy.

For nearly twenty years, most air travelers in the U.S. have been required to remove their shoes when going through security. That requirement seems to be ending.

(Image credit: Robyn Beck)

I thought the Skullcandy Method 360 earbuds were a good deal at their launch price of $100. They're now down to $76 -- the lowest price we've seen yet.

I'm not scared of worms, I just don't like them and want them to go away.

Emergency responders kept hope alive as they combed through fallen trees and other debris that littered the hard-hit central Texas communities on the fifth day after devastating floods killed more than 100.

(Image credit: Jim Vondruska/Getty Images)

While the company's ongoing legal battles with Apple and Google continue, the beef with Samsung over app blocking has been put to rest.

Get prepared for the upcoming school year with our editors' handpicked back-to-school essentials.

The good guys have an army of their own now. I met the people (and machines) using AI to scam the scammers.

Former Blues defender Thiago Silva faces his old club in the last-four clash at MetLife Stadium.

Do you still think coffee is dehydrating? Don't fall for these other myths about hydration.

In an unprecedented move, India held the water treaty in abeyance after blaming Pakistan for a deadly attack in April. Pakistan denies involvement in the attack and accuses India of "weaponizing water."

(Image credit: Betsy Joles for NPR)

Impulse buying can be a good thing when you find a one-of-a-kind and useful gift.

• Experts observe a 19x quarter-over-quarter rise in .es usage for malicious campaigns
• 99% were credential phishing attacks, with 1% relating to remote access trojans
• Microsoft was by far the most commonly impersonated brand

Cybersecurity experts from Cofense have revealed a 19x increase in malicious campaigns using .es domains between Q4 2024 and Q5 2025, making it the third-most abused top-level domain (TLD) after .com and .ru.

Typically reserved for businesses and organizations in Spain, or Spanish-speaking audiences, researchers found nearly 1,400 malicious subdomains across nearly 450 .es base domains between January and May.

An overwhelming majority (99%) of the campaigns involved credential phishing, with most of the remaining 1% delivering remote access trojans (RATs) like ConnectWise RAT, Dark Crystal and XWorm.

.es domains are proving popular for phishing attacks

Although the rise of .es domains in cyberattacks is noteworthy, attack vectors remain unchanged. Malware was seen to be delivered by C2 nodes or spoofed emails, with most (95%) impersonating Microsoft (an attacker's favorite). Adobe, Google, Docusign and the Social Security Administration made up the top-five most commonly impersonated websites. Email lures often mimicked HR and document-related requests.

Interestingly, the malicious .es subdomains were randomly generated, not crafted manually, making them easier to identify as being fake. Examples include ag7sr[.]fjlabpkgcuo[.]es and gymi8[.]fwpzza[.]es.

Despite researchers suggesting that no similarities can be used to link attacks to a single group, 99% of the malicious .es domains were hosted on Cloudflare.

"If one threat actor or threat actor group were taking advantage of .es TLD domains then it is likely that the brands spoofed in .es TLD campaigns would indicate certain preferences by the threat actors," the researchers wrote.

Cofense explained that "significant restrictions" on the usage of .es TLDs were in place until 2005, adding that the recent rise in .es-related attacks could be a cause for concern, marking a new trend exploiting the authority that country-related TLDs unofficially carry.

You might also like

• We've listed the best identity theft protection services
• Keep yourself protected online by installing the best business VPN
• ChatGPT and other AI tools could be putting users at risk by getting company web addresses wrong

• Experts observe a 19x quarter-over-quarter rise in .es usage for malicious campaigns
• 99% were credential phishing attacks, with 1% relating to remote access trojans
• Microsoft was by far the most commonly impersonated brand

Cybersecurity experts from Cofense have revealed a 19x increase in malicious campaigns using .es domains between Q4 2024 and Q5 2025, making it the third-most abused top-level domain (TLD) after .com and .ru.

Typically reserved for businesses and organizations in Spain, or Spanish-speaking audiences, researchers found nearly 1,400 malicious subdomains across nearly 450 .es base domains between January and May.

An overwhelming majority (99%) of the campaigns involved credential phishing, with most of the remaining 1% delivering remote access trojans (RATs) like ConnectWise RAT, Dark Crystal and XWorm.

.es domains are proving popular for phishing attacks

Although the rise of .es domains in cyberattacks is noteworthy, attack vectors remain unchanged. Malware was seen to be delivered by C2 nodes or spoofed emails, with most (95%) impersonating Microsoft (an attacker's favorite). Adobe, Google, Docusign and the Social Security Administration made up the top-five most commonly impersonated websites. Email lures often mimicked HR and document-related requests.

Interestingly, the malicious .es subdomains were randomly generated, not crafted manually, making them easier to identify as being fake. Examples include ag7sr[.]fjlabpkgcuo[.]es and gymi8[.]fwpzza[.]es.

Despite researchers suggesting that no similarities can be used to link attacks to a single group, 99% of the malicious .es domains were hosted on Cloudflare.

"If one threat actor or threat actor group were taking advantage of .es TLD domains then it is likely that the brands spoofed in .es TLD campaigns would indicate certain preferences by the threat actors," the researchers wrote.

Cofense explained that "significant restrictions" on the usage of .es TLDs were in place until 2005, adding that the recent rise in .es-related attacks could be a cause for concern, marking a new trend exploiting the authority that country-related TLDs unofficially carry.

You might also like

• We've listed the best identity theft protection services
• Keep yourself protected online by installing the best business VPN
• ChatGPT and other AI tools could be putting users at risk by getting company web addresses wrong

Years of insufferable summers and five AC units later, I've finally found the only window unit that keeps my home cool (and looks good while doing it).