Feed aggregator

In a post to Truth Social on Wednesday morning, Trump railed against Democrats, and some of his own supporters, calling the furor over the Epstein case a "hoax."

(Image credit: Anna Moneymaker)

• NSA seniors spoke at the International Conference on Cyber Security at Fordham University in New York City
• They claim Volt Typhoon wanted to lurk in US critical infrastructure in case of war with the US over Taiwan
• The campaign was a failure since the threat actors were removed, NSA says

Volt Typhoon, a Chinese state-sponsored threat actor which targeted critical US infrastructure, failed to achieve its main objective - to maintain long-term, invisible persistence on key targets.

This is according to senior cybersecurity officials from the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI).

Speaking at the recent International Conference on Cyber Security at Fordham University in New York City, the agents discussed the “Typhoon” campaign as a whole, and confirmed that it was laying groundwork for a potential escalation of conflict over Taiwan.

No persistence maintained

“The good news is, they really failed. They wanted to persist in domestic networks very quietly for a very long time so that if and when they needed to disrupt those networks, they could. They were not successful in that campaign,” said Kristina Walter, director of the NSA’s Cybersecurity Collaboration Center.

“We, with private sector, with FBI, found them, understood how they were using the operating systems, how they're using legitimate credentials to maintain persistence, and frankly, we equipped the entire private sector and U.S. government to hunt for them and detect them.”

Being able to breach security systems and access critical infrastructure should be cause for concern in its own right, though.

In mid-March 2025, it was reported Volt Typhoon had access to Massachusetts’ Littleton Electric Light and Water Departments (LELWD)’s operational technology (OT) network for ten months in 2023. The intrusion lasted from February to November 2023.

Before that, in January 2025, Volt Typhoon was allegedly targeting the critical infrastructure of small island nation Guam, looking to disrupt and sabotage services in the region, reportedly targeting the GPA (Guam Power Authority) to wreak havoc on the island, which is home to a large US military base.

Via The Record

You might also like

• China admits behind closed doors it was involved in Volt Typhoon attacks
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

Abrahm Lustgarten says the undermining of science, and cuts to FEMA and NOAA, at a time when erratic weather is making disasters more common, should be "extraordinarily concerning" to us.

When will we hear more on Grand Theft Auto 6?

(Image credit: Rockstar Games)

We finally received a second trailer for GTA 6 on May 6, 2025. It gives a better look at the male protagonist, Jason, and introduces the overall story and key players. Even better, there's a new website filled with info on Vice City and the main characters. Unfortunately, the game was then delayed out of its 2025 release window. It'll now arrive May 26, 2026. Hopefully we'll hear more later this year, as we've yet to see gameplay.

GTA 6 is easily one of the most hotly-anticipated games ever, with its predecessor still dominating sales charts. Thankfully, we do now know a fair bit about the next installment into the Grand Theft Auto series, including where it's set, and that it's currently slated to come out next year following a delay.

In terms of upcoming games, GTA 6 looks set to offer perhaps the most detailed open-world we've seen yet, that's if Rockstar Games can continue the success of Grand Theft Auto 5, that is. We now know that we'll be returning to Vice City this time around, a fact that means GTA 6’s story missions could reference some very iconic movies. One thing's for certain, the game is already looking very graphically impressive indeed.

While we wait for more info on Grand Theft Auto 6, you'll find everything that's been confirmed so far in this article. As new details are revealed, we'll be sure to update this page. For now, here's GTA 6's setting, what we know about its protagonists, and all of the latest news and trailers.

GTA 6: cut to the chase

• What is it? The next mainline Grand Theft Auto game
• When does it come out? May 26, 2026
• What can I play it on? PS5 and Xbox Series X/S
• Who's making it: Rockstar Games

GTA 6 release date

The iconic typeset of Grand Theft Auto greeted fans at the end of the game's first trailer in 2023. (Image credit: Rockstar)

GTA 6 will launch May 26, 2026 on Xbox Series X|S and PS5. This was revealed on May 2, 2025, delaying the game into 2026. We'll have to wait for more info. In terms of a GTA 6 PC release, an ex-Rockstar dev has explained why GTA 6 won't come to PC at launch: 'This stuff is very complicated'.

Interestingly, GTA 6 will be able to make use of the extra power provided by the PS5 Pro at launch. Nothing has been confirmed yet, but unless Xbox launches a competitor, the best place to play GTA 6 could be Sony's most powerful console. We expect there to be a dedicated PS5 enhanced version of GTA 6, but we'll have to wait and see what Rockstar announces.

In terms of when to expect a PC port, you might not have to wait long for GTA 6. This is according to Take-Two CEO Strauss Zelnick, who had this to say in a recent interview with IGN:

"In an interview with IGN ahead of the company's recent financial results, Zelnick was asked whether the lack of a PC release is a mistake given the platform's prevalence.

"With Civ 7 it's available on console and PC and Switch right away,” he replied, referencing the recent multi-platform release of Sid Meier's Civilization 7. “With regard to others in our lineup, we don't always go across all platforms simultaneously. Historically, Rockstar [Games] has started with some platforms and then historically moved to other platforms.”

It's expected that GTA 6 will be a colossal hit, with Take-Two boss Strauss Zelnick recently predicting sales of current generation consoles to rise.

When was GTA 6 announced?

Many of you have been asking about a new entry in the Grand Theft Auto series.With every new project, our goal is always to significantly move beyond what we've previously delivered. We're pleased to confirm that active development for the next entry in the series is underway.February 4, 2022

GTA 6 was announced on February 4, 2022 via the Tweet embedded above. Ultimately, this was just confirmation that Rockstar was indeed working on GTA 6, and no other details were given aside from the fact that the game was in active development.

GTA 6 trailers

There's been two GTA 6 trailers revealed so far. The latest was released on May 6, 2025, and focused more on Jason. He picks Lucia up from prison, and then we're introduced to a bunch of new main characters. Check it out, embedded above.

The first Grand Theft Auto 6 trailer was revealed by Rockstar on December 4, 2023, after it leaked online. The trailer was initially scheduled for release the following day, but timelines were shifted. You can check it out above, in all its sun-drenched glory. It's 91 seconds long, and introduces us to Lucia, one of GTA 6's main protagonists. You'll also get some gorgeous shots of Vice City beaches, bars, and even an alligator.

GTA 6 is set in Vice City

Reinterpreting real-world-like landmarks and features is a mainstay of the series and GTA 6's Vice City will carry that on. (Image credit: Rockstar Games)

We now know that GTA 6 will be set in the state of Leonida, which encompasses Vice City and beyond. In a newswire post, published just after the trailer, Rockstar describes the area as 'the biggest, most immersive evolution of the Grand Theft Auto series yet'. We see a fair few shots of Vice City in the debut trailer, and loads of screenshots on the main website. GTA 6 will feature Vice City, Leonida Keys, Grassrivers, Port Gellhorn, Ambrosia and Mount Galaha as its main areas.

What song is used in the GTA 6 reveal trailer?

(Image credit: Rockstar Games)

Now that we have the first GTA 6 trailer, we can dig down into what it all means. The song that plays over it is Tom Petty's Love is a Long Road. This teases the themes of the game, which clearly focuses on a couple in love and on the run. Heartbreak and tragedy could be on the cards here, as well as a bit of romance amongst all the shootouts.

A Bloomberg report published in 2022 claims that GTA 6's map was much bigger to begin with, encompassing areas based on both North and South America. This was apparently cut back during development, with Rockstar Games shifting and narrowing its focus to Vice City and the surrounding areas. These are likely the swamps and bridges we see in the trailer, based loosely on the Florida Keys.

(Image credit: Rockstar Games)

While this smaller launch map may sound disappointing at first, it's worth digging into other parts of the aforementioned report. Specifically, the fact that GTA 6's map may not remain static post-launch. Apparently, Rockstar plans to update the map with more cities and interior locations after release, mainly to give developers more breathing room and to cut down on overtime while GTA 6 is being worked on. According to Bloomberg, there will be new missions and new map areas added "on a regular basis".

GTA 6 story and playable characters

The two main characters from the GTA 6 trailer could indicate dual protagonists. (Image credit: Rockstar Games)

Rockstar Games revealed the first trailer for GTA 6 on December 4, 2023. In it, we're introduced to Lucia Caminos, one of the main protagonists of GTA 6. Then the following trailer focused more on Jason Duval who is ex-army, and currently working as a small-time drug smuggler around The Keys.

In terms of the story, GTA 6 looks set to follow the couple as they attempt to pull off a big score. Aside from that, we know that it'll take place in and around Vice City, and that Lucia has been incarcerated after a fight gone wrong. We'll need to wait to hear more on whether GTA 6 will indeed allow players to control Lucia and her partner, but for now, it looks like the two share the main role.

Plenty of side characters have been revealed so far, likely the ones that'll be handing out missions in-game. The first is Boobie Ike, a Vice City legend with an empire spanning strip clubs, bars and a recording studio. Then there's Cal Hampton, an internet conspiracy nut who's a friend of Jason's.

We now know that Troy Baker is not the voice behind the male character in the trailer. (Image credit: Rockstar Games)

It was rumored at one point that The Last of Us actor Troy Baker might be playing the male protagonist in GTA 6. Since then, we now know that no, Troy Baker isn't playing Grand Theft Auto 6's male protagonist, with the voice actor saying: "I want that guy, whoever it is, to get credit for his work".

GTA 6 news

Lucia seems to be the main playable character in GTA 6 but we'll have to wait to find out more about her journey - which seems to possible start in prison. (Image credit: Rockstar Games)

While we wait for GTA 6, rumors suggest that GTA 4 is getting a remaster
Grand Theft Auto 4 is reportedly coming to PS5, Xbox Series X, and Xbox Series S later this year, followed by a possible Max Payne 3 remaster.

Grand Theft Auto 6 will reportedly run at 30FPS on PS5 and Xbox Series X
In a now-deleted Kiwi Talkz podcast episode, Mike York, who previously worked on Grand Theft Auto 5 and Red Dead Redemption 2 as an animator, shared his thoughts on the next GTA entry and expects the game to run at 30FPS on console (thanks, GamesRadar).

Analyst says there are those in the gaming industry who ‘hope’ GTA 6 will cost up to $100
An analyst has claimed that there are those in the games industry who are hoping Grand Theft Auto 6 will cost up to $100.

That's according to Epyllion's Matthew Ball (via IGN), who recently released his State of Video Gaming in 2025 report. In it, he said that there are some developers and publishers in the industry that "hope" Take-Two will raise GTA6's price from the current standard of $70 to between $80 and $100.

GTA 6 is predicted to be “one of the biggest entertainment launches in history"
This comes from market research firm DFC Intelligence (via the Financial Times), which states that it is likely to generate more than $1 billion in pre-orders alone. DFC Intelligence predicts that the game will hit a total revenue of $3.2 billion in its first 12 months, which is roughly double what its predecessor Grand Theft Auto 5 achieved in the same time period.

Publishers are reportedly not announcing firm release dates to dodge GTA 6 launch
A recent Bloomberg article states that "anticipation is so high” for GTA 6 that “some competing game publishers are waiting as long as possible to commit to their release dates for the fall”. This is reportedly so that the publishers can know whether GTA 6 will actually hit its current release window and “keep their own games far, far away" if it does.

Grand Theft Auto 6 leaks aren't "as important as people think" says GTA: San Andreas dev
A former Grand Theft Auto developer has said the past Grand Theft Auto 6 leaks are unimportant and only happen due to Rockstar's secrecy. Read more in our full news writeup, here.

GTA 6 is being described as one of the most important games in history
In an interview with GI.biz (via IGN), industry analyst Mat Piscatella commented that GTA 6 will be an extremely important release, not just for Rockstar, but the industry as a whole: 'There's probably never been a more important thing to ever release in the industry, so no pressure.'

Rockstar addresses GTA 6 leak
Rockstar Games formally confirmed that the GTA 6 leak that occurred in September 2022 was real. Releasing a statement via Twitter, the team advised this included "early development footage for the next Grand Theft Auto." While they didn't comment on particular details spotted in the leak, the team said it's "extremely disappointed to have any details of our next game shared this way."

Crucially, Rockstar's statement advised that the leak shouldn't cause any delays, stating "we do not anticipate any disruption to our live game services nor any long-term effect on the development of our ongoing projects." Promising an official update to this next game "when it is ready."

GTA 6 suffers huge gameplay leak
In September 2022, Grand Theft Auto 6 saw what was easily one of the biggest leaks in gaming history. Since then, Rockstar and Take-Two have since removed these through copyright strikes.

GTA 6 FAQ

(Image credit: Rockstar Games)Can you pre-order GTA 6?

No, you cannot pre-order GTA 6 yet. We expect this to change next year, once the pricing and box art have been confirmed.

How much is GTA 6 going to cost?

While Rockstar is yet to reveal pricing info, GTA 6 is expected to cost $69.99, based on the standard pricing for current AAA game releases. Given that GTA 6 isn't coming out til 2026, however, it's possible prices could rise. Presently, we're seeing higher prices for games like Mario Kart World, and The Outer Worlds 2, both priced at $79.99. If this continues, GTA 6 might also be priced higher. We'll have to wait and see.

You Might Also Like...

• Here are the new PS5 games releasing in 2025 and beyond
• Our picks for the best PC games to play right now
• The best PS5 Pro games to pick up in 2025

• The personal information of all 6.5 million Co-op members was stolen
• The news was confirmed by Co-op CEO Shirine Khoury-Haq
• The cyberattack also affected Harrods and M&S

The personal information of all 6.5 million UK Co-op members were confirmed to have been stolen in the cyberattack that targeted the supermarket brand earlier this year.

The leak was confirmed by Co-op CEO Shirine Khoury-Haq, who was speaking on BBC Breakfast.

“I'm devastated that information was taken. I'm also devastated by the impact that it took on our colleagues as well as they tried to contain all of this,” the CEO said.

Norton 360 with Genie

Today’s cyberthreats are more sophisticated and scams are harder to detect. That’s why we made our all-in-one security more powerful to keep you safer online. Norton 360 now with Genie AI-powered scam detection. Advanced tech for advanced threats starting at $29.99 the first year.

Preferred partner (What does this mean?)View Deal

6.5 million details stolen

“There was no financial data, no transaction data but it was names and addresses and contact information that was lost,” she continued, adding that she was “incredibly sorry” about the attack.

The Co-op, Harrods, and M&S were hit by a significant cyberattack earlier this year that saw online ordering and websites taken down, with significant disruptions to stocks and purchasing for weeks afterwards.

Khoury-Haq added that during the attack she met with IT staff attempting to remediate damage and remove the attacks from Co-op systems. “I will never forget the looks on their faces, trying to fight off these criminals,” she added.

The CEO also said, “It hurt my members, they took their data and it hurt our customers and that I do take personally.” Members of the Co-op pay a fee to join, and are then paid a share of the profits that the business makes each year.

Vonny Gamot, Head of EMEA at McAfee provided TechRadar Pro with some guidance on how those affected can best protect themselves:

1. 1. "Assume You're Affected - even if you haven't received notification from Co-op yet, assume your information may have been compromised."
2. "Change Your Passwords Immediately - start with your Co-op account, then move to any accounts that share the same password. Use strong, unique passwords for each account. This is non-negotiable. In 2025, password reuse is one of the fastest ways to turn a single breach into multiple compromised accounts."
3. "Enable Two-Factor Authentication Everywhere - if you haven't already, enable two-factor authentication (2FA) on all accounts that support it, starting with email, banking, and shopping accounts. This adds a crucial second layer of security."
4. "Monitor Your Financial Accounts - check bank statements, credit card bills, and investment accounts for any unusual activity. Set up account alerts if you haven't already, many financial institutions offer real-time transaction notifications."
5. "Consider online protection tools that can keep your info safe with early alerts that show you if your data is found on the dark web. McAfee's Scam Detector can also alert you to suspicious text messages and emails that you receive, which is particularly valuable in the aftermath of a breach when criminals often launch targeted phishing campaigns using stolen contact information."

You might also like

• These are the best password managers
• Take a look at the best UK credit monitoring
• Meta patches worrying security bug which could have exposed user AI prompts and responses

Samsung has announced the next generation of its folding phones, the Samsung Galaxy Z Fold 7 and Galaxy Z Flip 7, and with them One UI 8, the next generation of Samsung’s mobile operating system based on Android 16.

As we recently reported, One UI 8 is likely to come with a selection of useful new features, but we're still fairly light on confirmed new features.

As it stands, it looks like the Samsung Galaxy Z Fold 7 and Galaxy Z Flip 7 will be the first phones to launch with One UI 8, a refreshed software experience to compliment the phones' newly slimmed-down hardware.

As keen Samsung fans will know, it’s not actually been all that long since the release of One UI 7, based on Android 15, which finally came to a wider range of Samsung devices in April of this year.

One UI 7 launched with the Galaxy S25 in pre-release, where it remained eclusive for months (Image credit: Philip Berne / Future)

However, the release of One UI 7 was preceded by a saga of delays, issues, and confusion, as Samsung seemingly struggled to get its next update out the door. One UI 7 first appeared with the Galaxy S25 series in February 2025, but this was technically a pre-release build that remained exclusive to the latest Samsung flagships for a good few months.

My confidence in one of the world’s best Android phone makers shook as the beta period dragged on into the spring of 2025.

One UI 7 finally got a wide release in April 2025, 18 months after the release of One UI 6.

However, foregrounding One UI 8 so soon after the troubled release of One UI 7 suggests confidence. This is Samsung announcing that it’s ready to step forward again – but in order to win back my trust, this coming rollout needs to look a little different.

A chance to do it right

The Samsung Galaxy A36 got One UI 7 before several previous-gen models (Image credit: Blue Pixl Media)

One UI 7 technically launched with the Galaxy S25 series back in February, but Samsung was slow to bring the update to users of its older models.

Things got even more confusing with the release of the Galaxy A26, A36, and A56, budget-focused handsets that nonetheless launched with One UI 7 before several older flagships had even been given release dates.

This never sat right with me – though One UI 7 was a huge update that naturally took a while to port to older models, it felt like Samsung users had been left in the dark. I couldn't imagine spending $1,249 / £1,200 / A$2,199 on a Samsung Galaxy S24 Ultra, only to be left waiting more than a year for your very first major operating system update.

With One UI 8, Samsung has a chance to prove to the world – and more importantly its customers – that previous-generation models and users are still a priority.

In a perfect world, I’d want to see One UI 8 released to all compatible devices at the same time, but I understand that this is pretty unlikely. Samsung’s product portfolio is massive, with phones, folding phones, and tablets to consider, so I’m willing to accept a span of a few weeks between the first and last devices getting the update.

But at the very least, I want to see a compatible device list and roadmap with precise release dates included – after the last update cycle, any vagueness would just seem disrespectful to Samsung’s users, many of whom are fiercely loyal to the brand.

Having used One UI 7 myself, I can vouch for it as a charming and capable Android wrapper, as well as one of the most customizable mobile UIs on the market – that’s to say I like One UI, and want to see it succeed. I hope Samsung takes this chance to prove me right.

You might also like

• Two key specs for the base-model iPhone 17 just leaked again – and only one is an upgrade
• The Google Pixel 10 series just appeared on multiple official databases, suggesting an imminent arrival
• Samsung might bring back the S Pen to its foldables with an improved design – but only if you really want it

• AWS reveals new Amazon Bedrock AgentCore platform
• Launch looks to take some of the heavy lifting out of deploying AI agents
• Includes a selection of tools and services to help build and deploy agents

AWS has revealed a new agentic AI development platform as it looks to make building and deploying agents easier than ever.

The new Amazon Bedrock AgentCore platform looks to give developers everything they need to create and deploy advanced AI agents.

Speaking at its AWS Summit New York 2025 event, the company said the launch marks a "step change" in helping developers move agents from fun toys to something effective and into production.

Amazon Bedrock AgentCore

"With agents come a shift to service as software," noted Swami Sivasubramanian, Vice President, AWS Agentic AI, Amazon Web Services, outlining plans to make AWS the best place to build the world's most useful AI agents.

Set to be available soon, AgentCore includes the following services:

AgentCore Runtime - secure serverless runtime purpose-built for deploying and scaling AI agents and tools

AgentCore Memory - build context-aware agents by eliminating complex memory infrastructure management while providing full control over what the AI agent remembers

AgentCore Identity - securely access AWS services and third-party tools on behalf of users or acting with pre-authorization

AgentCore Gateway - build, deploy and discover agents across millions of connections - automatically convert into MCP-compatible tools without managing integrations

AgentCore Code Interpreter - enable AI agents to write and execute code securely, enhancing accuracy for solving complex end to end tasks - including JavaScript and Python

AgentCore Browser Tool - fast, secure cloud-based browser runtime to enable AI agents to interact with websites at scale - including live viewing for troubleshooting and auditing

AgentCore Observability - trace, debug and monitor AI agents' performance in production environments

“It’s a tectonic change in a few dimensions,” Sivasubramanian added. “It upends the way software is built. It also introduces a host of new challenges to deploying and operating it, and potentially most impactfully, it changes how software interacts with the world—and how we interact with software.”

You might also like

• AWS launches Kiro, an agentic AI IDE, to end the chaos of vibe coding
• Understanding the vibe coding trend and considerations for developers
• We've rounded up the best laptop for programming options out there

After NPR reported on a Department of Homeland Security tool to check the citizenship of registered voters, three U.S. senators are expressing concern about accuracy, transparency and privacy.

(Image credit: Joseph Prezioso)

If you’re an avid Spotify user then you may have run into its sponsored recommendations in the home page – and if you’re like me and you haven’t, then consider yourself among the lucky ones.

In short, sponsored recommendations are small pop-ups in your home page that show music suggestions but in ad-like form, and they’ve been rubbing Spotify users the wrong way recently – especially those who pay for Premium subscriptions.

A recent Reddit post about sponsored recommendations (see below) garnered over a hundred responses, with users sharing their thoughts about sponsored recommendations and when and where they appear. Despite not explicitly stating how users can opt-out, there is a way around it.

Ads for a service you pay to be add free for is absolutely diabolical. from r/truespotify

To stop seeing sponsored content, all you have to do is go into Spotify on your desktop (you can’t do this in the app) and head to the ‘Account’ section. From there, go to ‘Account privacy’ and disable the ‘Tailored ads’ toggle, and you should be free of sponsored music suggestions.

While some users don’t seem to be too bothered about seeing sponsored recommendations, they’ve proven to be a huge turn-off for others, and those who aren’t fans have shared three main objections in the above Reddit thread.

1. Sponsored recommendations ignore your personal taste

Though some Spotify users on Reddit have been open to sponsored music recommendations, a common complaint from others is coming across sponsored content from artists they’ve never engaged with – classic Spotify behavior.

Comment from r/truespotify

One user (shown above) highlighted that the sponsored recommendation pop-up forced new music from bigger artists such as Drake and Taylor Swift in their home page, despite that user having never streamed their music, which seems a little presumptuous to say the least

These recommended slots are evidently reserved for more popular artists who can afford to pay Spotify, resulting in their music being promoted at the expense of rising artists that might otherwise appear in users’ recommendations. That said, Spotify showed sponsored content from artists users actually follow and stream, it wouldn’t be as much of an issue.

2. Spotify doesn’t state this when you sign up to Premium

Another argument that paying Spotify users have raised is that when you sign up for a Spotify membership, there’s no mention in the sign-up process that users may run into sponsored recommendations.

Comment from r/truespotify

However, some users have said they only care about ad-free music playback, and say that sponsored recommendations are a reasonable intrusion. On the other hand, others strongly believe all areas of the Spotify ecosystem, including podcasts and the home page itself, should be free of sponsored content. I stand with the latter.

3. Sponsored recs overtake new music releases

If there’s one thing that Spotify fans can collectively agree on, it’s the importance of supporting smaller artists, which I mentioned earlier, and users have pointed out that sponsored recommendations push out upcoming music releases that users have already pre-saved as well as songs from artists they already follow.

However, there’s another factor that seems to be tied in with how sponsored music suggestions are presented: TikTok.

Comment from r/truespotify

There’s no denying that social media circulation plays a big part in promoting new music – take the latest Addison Rae album for example, which is currently doing the rounds on social media, and which is mentioned in the Reddit post.

This is something that users have previously expressed disappointment about online, highlighting their experiences with Spotify cluttering their playlists with viral hits and pushing its vertical, TikTok-style video content. Now, it could be possible that viral music is interfering with sponsored recommendations.

Given the amount of users that have come forward to share their frustration with sponsored content, it’s only fair for Spotify to come forward and address these concerns. That will be a testament to how much it cares about its subscribers, but we all know what the outcome will be.

You might also like

• Spotify HiFi: release date rumors, price predictions, and everything we know so far
• I never use Spotify's Discover Weekly playlist, but its big new upgrades could change that
• I'm a Spotify power user – here are 5 lesser-known features I use every day

Cancelations are the worst thing that can happen to a TV fan. You get invested, you're on the edge of your seat, then suddenly you wake up to news that your favorite show is no more.

That's my experience when it comes to Utopia, a criminally underrated thriller series that originally aired in the UK on Channel 4. Now, it's got a second wind on Prime Video in the US and Australia. Unfortunately, UK viewers have once again been scorned, as it's not available on any of the best streaming services there.

While I can't lend everyone in the UK my boxset, I can urge that US and Australia viewers sit down and watch this right now, though I will warn you that you won't get anything done because it's truly gripping stuff.

Utopia did, regrettably, get a bad remake on Prime Video so to clarify, this is the original 2013-2014 British series you're looking for which is infinitely better.

Utopia's cancelation shouldn't stop you from watching it because I firmly believe it holds up, even if we're never really going to find out how it ends. Read on to find out why.

Why you should watch Utopia

(Image credit: Channel 4)

There's so much to love about Utopia that it's hard to know where to begin. If you're the kind of fan who loves dark, gripping thrillers, then it's got everything you need. Mystery, conspiracies, black comedy, some shocking scenes, it's all rolled into this two-season run.

Utopia follows a community of comic book fans who believe that the graphic novel calledThe Utopia Experiments predicted several disastrous epidemics, such as mad cow disease. Rumors circulate that there's an unpublished sequel and they're keen to get their hands on it.

When one comic book fan does get the manuscript, he invites four of his friends from an online forum to meet in real life, only for them to start being hunted down by a shadowy organization called 'The Network' that want the manuscript as well as a mysterious woman named Jessica Hyde.

From there, it goes off the rails in the best possible way. There's some shocking twists and turns, outstanding performances, and a horrible yellow color palette, which makes everything look so bleak and nasty. Visually it's outstanding and the sound design is even better, somehow.

Utopia has a fantastic composer, Cristobal Tapia de Veer, who recently worked on the Paramount+ horror movie Smile and HBO hit The White Lotus. I can promise you he's excellent at bringing creepiness and mystery to the table. The soundtrack is so unsettling to listen to, yet oddly fun to have on in the background while you work.

There's a great cast here too including Fiona O'Shaughnessy, Alexandra Roach, Adeel Akhtar, Paul Higgins and Paul Ready, and there's really not a lot of faults to find in this series. Even the critics agree, as the show has a flawless 100% Rotten Tomatoes score.

So, if you're in the mood for a great thriller I highly recommend Utopia. I miss streaming it very much but I'll always have my boxset to enjoy.

You might also like:

• Prime Video got it hugely wrong with Bosch Legacy, but Ballard gets the franchise back on track – and a 100% Rotten Tomatoes rating proves it
• New to Prime Video? Here are 5 movies and TV shows with over 90% on Rotten Tomatoes to get you started
• Everything new on Prime Video in July 2025 – stream 84 movies and 7 TV shows, including Wicked, Heads of State and more

In 2024, cybersecurity experts started to warn of a new threat to the software supply chain. Named 'slopsquatting', it is a type of cyber attack where bad actors create fake packages containing malicious code that is inadvertently added to legitimate code.

However, unlike other forms of digital squatting, in this case, the attackers use packages that are hallucinated by large language models (LLMs). This means increased risks of attack, as all it takes is a programmer running code generated by an LLM without first evaluating and validating it.

To safeguard themselves from the new generation of cyber attackers, companies need to understand what package hallucinations are and what can be done about them.

What are package hallucinations?

Coding languages like Python and JavaScript draw heavily on dependencies – pre-written code that is bundled together into packages such as libraries and modules. Developers import these packages from public code repositories (such as the npm registry for Node and PyPi for Python).

With the rise of AI usage for coding, programmers and researchers started to identify a new threat: package hallucination. This is when tools built on LLMs, such as ChatGPT, Claude, Mistral or DeepSeek, add references to the code for packages that do not exist.

These hallucinations, according to recent research, are occurring more frequently than one might expect. Researchers from the University of Oklahoma, Virginia Tech and the University of Texas at San Antonio analyzed over half a million fragments of code generated by LLMs. Alarmingly, 19.7% of packages referenced in this code were hallucinations.

These code samples, totaling 576,000, were generated in two programming languages (Python and JavaScript) using models including ChatGPT-4, Claude, Mistral, DeepSeek, and CodeLlama. While commercial models, such as Claude and ChatGPT-4, generated fewer package hallucinations in their code than open-source models, all faced the problem of package hallucination to varying degrees.

Opening the door for a new form of attack – "slopsquatting"

Concerningly, 43% of the package hallucinations in the study were recurrent, continuing to appear when the same prompts were used. Furthermore, 38% of them had similar names to real packages or the same name as packages used in other coding languages. It is these two factors – recurrence and similarity – that create the potential for a new form of cyber attack, dubbed "slopsquatting."

The name is derived from typosquatting, which originated as a form of scam where bad actors register domains with a similar name to legitimate websites, for example, those related to free software. Then, internet users entering URLs or search prompts containing typos become exposed to malicious websites.

The same idea can be adjusted to exploit typos developers make when installing open-source packages. White hat hackers used similar tactics, leveraging errors and creating packages on public registries with the same name as internal company packages to infiltrate the likes of Shopify, Apple, PayPal, Netflix, Yelp, and Uber.

In Slopsquatting the approach is similar but the packages used are hallucinated by LLMs. Because some hallucinations are recurrent, hackers can hone in on specific package names that are likely to be repeated. Then, they create a fake package using this name that contains malicious code. And because many package hallucinations have similar names to real packages, they can be hard to detect.

Mitigating the risks of slopsquatting using pre-generation techniques

The most effective way to protect against the risk of slopsquatting is to use pre-generation techniques – strategies that preemptively reduce the number of package hallucinations created.

Self-refinement

Some models are already capable of detecting their own hallucinations with a good degree of accuracy. In the study cited above, the models GPT 4 Turbo, GPT 3.5 and DeepSeek were all able to identify hallucinations with an accuracy of over 75%.

This opens the possibility for self-refinement. This is when a programmer instructs an LLM to check and refine its own output to weed out package hallucinations. After the model has generated package names, it is asked to confirm that each package is valid. If not, the response is regenerated with instructions not to use the invalid package.

This approach is not flawless. For example, a model may mistakenly classify a valid package as an invalid one. It should also be remembered that some hallucinations can be persistent. Nevertheless, by iterating this process multiple times, one can increase the chances of successfully identifying and removing invalid packages.

Unfortunately, the success of this approach is highly dependent on the model used. For example, Meta's CodeLlama was found to have a bias towards treating hallucinated packages as valid.

Fine-tuning the model

Another pre-generation technique that is possible with open-source models, such as DeepSeek and CodeLLama, is fine-tuning the model. This involves tweaking the model itself to improve performance on tasks prone to hallucinations.

The issue with this approach, however, is that it can impact the actual performance of the code. So, while a fine-tuned model may produce fewer package hallucinations, the code quality is likely to be worse.

Retrieval-Augmented Generation

In another notable pre-generation technique, Retrieval-Augmented Generation (RAG), prompts for LLMs are enriched with information from specific data sources. This could occur at the stage of the initial prompt or during refinement and iteration.

In the case of package hallucinations, it is possible to augment prompts with a database of valid packages and descriptions of what these packages are relevant for. The LLM can then query the database and add relevant answers to the prompt, which will help it accurately identify valid packages.

Naturally, this approach requires an initial investment of time to create a dataset and structure it so an LLM can effectively search it to identify relevant valid packages. However, this approach has been shown to reduce the number of hallucinations when using models such as DeepSeek.

Post-generation techniques for mitigating package hallucination

A second, and arguably less effective, approach to mitigation is to filter out package hallucinations after they have been generated.

For example, one option would be to take a master list of valid packages and then cross reference this with the output from an LLM. This approach would eliminate invalid package names. However, it is only as reliable as the master list used. An attacker could simply add their invalid package to any public master list that is used, making it ineffective as a defense. It is also possible to curate the list using metrics that estimate validity, such as their popularity, but this would be far from foolproof.

Other post-generation techniques, such as scanning for malicious content, are also unlikely to provide 100% security. Packages could be legitimate at the outset but could beacon to a command control server at a later date, which then updates the package and adds the malicious code.

Robust internal practices to verify code

Ultimately, this threat relies on internal agents running code received from an LLM without first validating it. So, one of the most effective approaches an organization can take in order to mitigate the risk of slopsquatting is to ensure they have robust verification practices in place.

First and foremost, code should be tested in secure environments to avoid the risk of the supply chain being poisoned. It is also crucial to train programmers on the potential risks of package hallucinations and implement procedures for peer code reviews.

Notifying reviewers about which parts of the code have been generated by LLMs will enhance the effectiveness of peer reviews. Additionally, dependency analysis tools can help by identifying potential vulnerabilities and alerting about suspicious packages.

Summing up: tackling new threats

LLM's are revolutionizing the way programmers work. However, as the example of package hallucinations shows, with every new development in these models, new risks occur. By employing a combination of pre- and post-generation techniques and ensuring best internal practices are in place, companies can continue to enjoy the benefits of LLM-generated code while mitigating the risk of slopsquatting.

We list the best Linux distro for developers.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• An independent audit confirmed that ExpressVPN never stores user data as indicated in its privacy policy
• Cybersecurity experts at KPGM inspected ExpressVPN's TrustedServer is designed to never log such data as claimed
• It's the 23rd time that ExpressVPN has put its software under third-party scrutiny

Cybersecurity experts at KPGM have confirmed that ExpressVPN never logs any of your identifiable information, as stated in its privacy policy. The experts specifically checked ExpressVPN's server infrastructure design, checking that it effectively prevents the collection of such logs.

Rated by us as one of the best VPN services right now, this audit marks the 23rd time ExpressVPN has put its software under scrutiny, with the latest audit confirming ExpressVPN's claims as of February 2025.

"No exception noted"

The team at KPGM thoroughly checked that ExpressVPN TrustedServer acts as it should. Testing its description, design, and implementation of controls.

Developed in 2019, ExpressVPN TrustedServer is the provider's technology at the base of its no-log claims. All VPN servers run entirely on RAM, for example, meaning that nothing is stored on the server after a reboot.

ExpressVPN's servers are also designed so that every time the server is rebooted, the newest version of the code stack (which includes the operating system (OS) and the VPN infrastructure above it) is loaded as a unique block, minimizing the risks of bugs, other vulnerabilities, and misconfiguration.

As of February 28, 2025, KPGM confirmed that ExpressVPN's infrastructure doesn't present any anomalies in its design or implementation, as "no exception noted" during tests. You can see the full report here.

"Having KPMG evaluate our technologies and assess our privacy protections again demonstrates our unwavering commitment to maintaining the highest standards of user privacy protection," said ExpressVPN's Chief Information Security Officer, Aaron Engel, commenting on the findings.

"Independent assurance isn't just a checkbox for us—it's fundamental in our efforts towards trust and transparency," he added.

A regularly audited no-log privacy policy and security infrastructure aims to provide a guarantee that none of your personal information or usage data is collected, leaked, and then linked to you or your online activities.

It's worth remembering, however, that even no-log VPNs collect some basic data. This includes information such as your email address and the number of users connected to a server, for example. Yet, these details should not be enough to identify you or your activities when using the VPN.

You might also like

• Themes land on ExpressVPN mobile apps – with full Dark Mode now available for iOS
• ExpressVPN faces a class action in the US over alleged "illegal" auto-renewal fees
• “Once you have the data, you have to cooperate” – Windscribe CEO speak out against global threats to no-log VPNs

• The cast for the live-action The Legend of Zelda movie has been unveiled
• Nintendo's Shigeru Miyamoto has confirmed who will play Zelda and Link
• Some fans are disappointed Hunter Schafer didn’t land the role of Zelda

Production on the live-action The Legend of Zelda movie is very much underway as two members of the lead cast have officially been confirmed.

The news was posted on social media by Nintendo legend Shigeru Miyamoto, who revealed a picture of the actors that will play the eponymous princess of 'Hyrule' (the fictional kingdom in the video game series), Zelda, and legendary swordsman Link in costume.

Benjamin Evan Ainsworth, who made his debut in Mike Flanagan's horror series The Haunting of Bly Manor on Netflix, has been cast as Link, while Bo Bragason from the period drama Renegade Nell on Disney+ will play Zelda.

This is Miyamoto. I am pleased to announce that for the live-action film of The Legend of Zelda, Zelda will be played by Bo Bragason-san, and Link by Benjamin Evan Ainsworth-san. I am very much looking forward to seeing both of them on the big screen. (1/2) pic.twitter.com/KA5XW3lwulJuly 16, 2025

Nintendo and Sony casting two young actors to play the lead characters of the Zelda franchise is one of our first indications of which direction the movie could take. Indeed, such a young cast could mean that we see an earlier game in the franchise, such as The Legend of Zelda: The Wind Waker, as the central plot of the film.

Of course, that's just speculation. It could be that there's still a chance that The Legend of Zelda: Ocarina of Time is the subject matter for the first live-action movie adaptation, but that would mean that we're expecting a second Link to be cast for when the character grows up in the game.

This first casting announcement also arguably suggests that we could be in store for a series of movies. Having such a young cast gives the actors room to grow with their characters over multiple films, and means there won't be any issues like Stranger Things now has with its cast of adults playing teenagers in season 5.

Nothing else surrounding the production of The Legend of Zelda adaptation has been confirmed yet, but we do know the release date of the live-action movie: March 26, 2027. We can therefore expect more casting announcements in the months to come.

What are fans saying about the cast of the live-action The Legend of Zelda movie?

In the lead-up to today's announcement, there were quite a few rumors about who would play Zelda and Link in the live-action The Legend of Zelda movie. One of the frontrunners for Zelda's role was Hunter Schafer (Euphoria), but it seems that Wes Ball, who's directing the film, ruled her out by going for a younger cast.

Indeed, going off an interview that Nintendo's veteran game designer Takashi Tezuka did with MTV over nine years ago, there was even a chance that Link could have been played by a woman. "This is just personally, [but] it would be very fun and awesome if Link was played by a female actress," Tezuka said, "a boyish female actress."

The direction that Ball has decided to take the movie in instead has been met with a lot of praise on social media, with many expecting another quality film in the vein of Nintendo's last hit, the Super Mario Bros. Movie. While some have expressed disappointment that Schafer didn't land the role of Zelda, others say that this suggests the movie will be part of a trilogy.

Comment from r/gaming

Some users also appear to be pleased that both actors are English, as it offers some continuity to the video game – many of the voice actors are English in the series (except Link, of course). However, this does vary from game to game.

Overall, the reception appears to be positive, especially as it gives fans of the video game who are excited for the live-action movie their first real indication of what to expect. Could such a young cast mean we get a Zelda movie trilogy? Does it narrow down our speculation about which video game will form the basis of the story? There's a lot to chew on here.

You might also like

• Two big Netflix video game movie adaptations just got exciting updates
• Director Alex Garland is making an Elden Ring movie
• Here are 3 video game adaptations with over 90% on Rotten Tomatoes

The final season releases across November and December.

It's been a few weeks since Scoliosis Awareness Month, but it's not too late to learn the signs, symptoms and causes of scoliosis from experts.

Looking for a different day?

A new NYT Connections puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Wednesday's puzzle instead then click here: NYT Connections hints and answers for Wednesday, July 16 (game #766).

Good morning! Let's play Connections, the NYT's clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need Connections hints.

What should you do once you've finished? Why, play some more word games of course. I've also got daily Strands hints and answers and Quordle hints and answers articles if you need help for those too, while Marc's Wordle today page covers the original viral word game.

SPOILER WARNING: Information about NYT Connections today is below, so don't read on if you don't want to know the answers.

NYT Connections today (game #767) - today's words

(Image credit: New York Times)

Today's NYT Connections words are…

• HARD FEELINGS 
• MARIO WORLD
• DRUM AND BASS
• WU-TANG
• POKE
• SWEAT
• CAPE COD
• BIGGIE
• PAC
• POWER
• PRY
• CAMISOLE
• SNOOP
• GLUE
• WORRIES
• NOSE AROUND

NYT Connections today (game #767) - hint #1 - group hints

What are some clues for today's NYT Connections groups?

• YELLOW: Nosey
• GREEN: The opposite of yes
• BLUE: Preceded by a great word (but missing man) 
• PURPLE: Angling for an answer

Need more clues?

We're firmly in spoiler territory now, but read on if you want to know what the four theme answers are for today's NYT Connections puzzles…

NYT Connections today (game #767) - hint #2 - group answers

What are the answers for today's NYT Connections groups?

• YELLOW: MEDDLE 
• GREEN: WORDS AFTER "NO" TO MEAN "IT'S ALL GOOD" 
• BLUE: SUPER__ 
• PURPLE: ENDING WITH FISH 

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Connections today (game #767) - the answers

(Image credit: New York Times)

The answers to today's Connections, game #767, are…

• YELLOW: MEDDLE NOSE AROUND, POKE, PRY, SNOOP
• GREEN: WORDS AFTER "NO" TO MEAN "IT'S ALL GOOD" BIGGIE, HARD FEELINGS, SWEAT, WORRIES
• BLUE: SUPER__ GLUE, MARIO WORLD, PAC, POWER
• PURPLE: ENDING WITH FISH CAMISOLE, CAPE COD, DRUM AND BASS, WU-TANG

• My rating: Hard
• My score: 1 mistake

A work colleague recently mentioned that they really disliked the phrase “no WORRIES”, so I made an effort to stop saying it.

I found it incredibly hard and realized that I say it virtually every time someone says thank you. I struggled to find a decent alternative – “my pleasure” makes it sound too much like I enjoyed whatever it was a bit too much, “no sweat” made it appear as if it was too easy, and “not a problem” sounds like it was a problem. I wrestled over it for a few days then decided it wasn’t worth worrying about.

Anyway back to the puzzle. This was my ideal type of Connections, just about tricky enough to be satisfying, but not too tricky that it became time consuming. 

I was delighted to get the purple group – ENDING WITH FISH – but it came after my one mistake of the round, when I panicked after seeing no links in the eight words I had left at that point.

Then I remembered to do what we should always do when the words seem too random and look at the end of each one. Sweet joy and relief followed.

Yesterday's NYT Connections answers (Wednesday, July 16 game #766)

• YELLOW: PARTS OF A COLLEGE CAMPUS CAFETERIA, DORM, LIBRARY, QUAD
• GREEN: EXAGGERATED, AS A PERFORMANCE CAMP, DRAMATIC, HAMMY, OVERDONE
• BLUE: CLOSE IN ON CORNER, SURROUND, TRAP, TREE
• PURPLE: STARTS OF GREEK LETTERS BET, DELT, LAMB, THE

What is NYT Connections?

NYT Connections is one of several increasingly popular word games made by the New York Times. It challenges you to find groups of four items that share something in common, and each group has a different difficulty level: green is easy, yellow a little harder, blue often quite tough and purple usually very difficult.

On the plus side, you don't technically need to solve the final one, as you'll be able to answer that one by a process of elimination. What's more, you can make up to four mistakes, which gives you a little bit of breathing room.

It's a little more involved than something like Wordle, however, and there are plenty of opportunities for the game to trip you up with tricks. For instance, watch out for homophones and other word games that could disguise the answers.

It's playable for free via the NYT Games site on desktop or mobile.

Looking for a different day?

A new Quordle puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Wednesday's puzzle instead then click here: Quordle hints and answers for Wednesday, July 16 (game #1269).

Quordle was one of the original Wordle alternatives and is still going strong now more than 1,100 games later. It offers a genuine challenge, though, so read on if you need some Quordle hints today – or scroll down further for the answers.

Enjoy playing word games? You can also check out my NYT Connections today and NYT Strands today pages for hints and answers for those puzzles, while Marc's Wordle today column covers the original viral word game.

SPOILER WARNING: Information about Quordle today is below, so don't read on if you don't want to know the answers.

Quordle today (game #1270) - hint #1 - VowelsHow many different vowels are in Quordle today?

• The number of different vowels in Quordle today is 3*.

* Note that by vowel we mean the five standard vowels (A, E, I, O, U), not Y (which is sometimes counted as a vowel too).

Quordle today (game #1270) - hint #2 - repeated lettersDo any of today's Quordle answers contain repeated letters?

• The number of Quordle answers containing a repeated letter today is 2.

Quordle today (game #1270) - hint #3 - uncommon lettersDo the letters Q, Z, X or J appear in Quordle today?

• No. None of Q, Z, X or J appear among today's Quordle answers.

Quordle today (game #1270) - hint #4 - starting letters (1)Do any of today's Quordle puzzles start with the same letter?

• The number of today's Quordle answers starting with the same letter is 0.

If you just want to know the answers at this stage, simply scroll down. If you're not ready yet then here's one more clue to make things a lot easier:

Quordle today (game #1270) - hint #5 - starting letters (2)What letters do today's Quordle answers start with?

• C

• T

• P

• H

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

Quordle today (game #1270) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle, game #1270, are…

• CRESS
• TABOO
• POWER
• HATER

While I was playing this game I thought that I was making some wild, inspired guesses and getting them right every time, but on reflection those guesses were the only options – I just got to them before I had to do much thinking.

POWER was my only real lucky guess as it could have been boxer or foyer on a different day.

Daily Sequence today (game #1270) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle Daily Sequence, game #1270, are…

• SOLVE
• CABAL
• GIDDY
• OVERT

Quordle answers: The past 20

• Quordle #1269, Wednesday, 16 July: UNCLE, NADIR, REMIT, BROOM
• Quordle #1268, Tuesday, 15 July: VILLA, FLECK, TIGER, CRANE
• Quordle #1267, Monday, 14 July: SURGE, PIZZA, PAPER, POPPY
• Quordle #1266, Sunday, 13 July: KAYAK, DECRY, RUDDY, HATER
• Quordle #1265, Saturday, 12 July: WREAK, NANNY, CLASP, STAIN
• Quordle #1264, Friday, 11 July: LAPEL, DRAIN, FROND, GROSS
• Quordle #1263, Thursday, 10 July: CROSS, WHEEL, UNDID, PENCE
• Quordle #1262, Wednesday, 9 July: SHIRE, SIXTH, SINGE, IMAGE
• Quordle #1261, Tuesday, 8 July: PLIED, PRANK, GAWKY, OXIDE
• Quordle #1260, Monday, 7 July: DROLL, TRUCE, TWIRL, SINCE
• Quordle #1259, Sunday, 6 July: AMPLY, SPAWN, EXTOL, RIDGE
• Quordle #1258, Saturday, 5 July: HAVEN, SNAKE, DREAM, TORUS
• Quordle #1257, Friday, 4 July: FAVOR, SKUNK, GAWKY, FLUFF
• Quordle #1256, Thursday, 3 July: DANCE, EYING, GLAZE, EGRET
• Quordle #1255, Wednesday, 2 July: INANE, SCOUR, ELITE, ULCER
• Quordle #1254, Tuesday, 1 July: REBAR, YEARN, FORTH, CROWD
• Quordle #1253, Monday, 30 June: INGOT, INFER, TAPIR, CLUED
• Quordle #1252, Sunday, 29 June: MIRTH, APTLY, SCRUB, SMACK
• Quordle #1251, Saturday, 28 June: AWOKE, SMOKY, DEVIL, SWING

Looking for a different day?

A new NYT Strands puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Wednesday's puzzle instead then click here: NYT Strands hints and answers for Wednesday, July 16 (game #500).

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #501) - hint #1 - today's themeWhat is the theme of today's NYT Strands?

• Today's NYT Strands theme is… Find your seat

NYT Strands today (game #501) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• ZANY 
• CLAM
• BONY
• WING
• CROSS
• HEATER

NYT Strands today (game #501) - hint #3 - spangram lettersHow many letters are in today's spangram?

• Spangram has 8 letters

NYT Strands today (game #501) - hint #4 - spangram positionWhat are two sides of the board that today's spangram touches?

First side: right, 2nd row

Last side: left, 2nd row

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #501) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #501, are…

• BOXES
• MEZZANINE
• LOBBY
• BALCONY
• WINGS
• ORCHESTRA
• SPANGRAM: THEATERS

• My rating: Easy
• My score: 1 hint

I didn’t see the THEATERS spangram straight away – possibly because I am hardwired to see the UK spelling. Instead, I saw several non-game words in heat, heater, and heaters. So, I took the lazy option of starting with a hint.

BOXES didn’t help me narrow things down much, but it did make me think that we were looking for something about venues and auditoriums. Seeing two letter Zs together helped me get MEZZANINE – a lovely sounding word – and once I got LOBBY I knew that we were looking for words associated with theaters.

It’s a little odd that “stage” is missing from the search as you can’t have a theater without one, but that’s my only quibble.

Yesterday's NYT Strands answers (Wednesday, July 16, game #500)

• CASE
• SPEAKER
• STAND
• STYLUS
• CHARGER
• KEYBOARD
• FOLIO
• SPANGRAM: TABLET

What is NYT Strands?

Strands is the NYT's not-so-new-any-more word game, following Wordle and Connections. It's now a fully fledged member of the NYT's games stable that has been running for a year and which can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.

• zLabs spots new version of the Konfety Android malware
• This version uses distorted APKs to avoid being detected and analyzed
• It also uses the "evil twin" tactic to remain hidden in plain sight

The infamous Konfety Android malware has apparently been updated, with new versions hiding in plain sight through tampered APK structure, experts have warned.

Security researchers zLabs have found new Konfety variants were adopting “increasingly advanced” techniques to evade detection and hinder reverse engineering efforts.

In ZIP files (which APKs are based on), every file includes a so-called General Purpose Bit Flag, a two-byte field that stores metadata about how the file should be handled (either 0 or 1). One of the bits in the flag indicates if the file is encrypted or not.

Norton 360 with Genie

Today’s cyberthreats are more sophisticated and scams are harder to detect. That’s why we made our all-in-one security more powerful to keep you safer online. Norton 360 now with Genie AI-powered scam detection. Advanced tech for advanced threats starting at $29.99 the first year.View Deal

Evil twins and dual-app deception

In Konfety’s case, the attackers intentionally set bit 0 to 1, even though the file wasn’t actually encrypted, causing decompression tools to misinterpret the files, analysis tools to crash thinking it was unreadable or corrupted, and reverse engineers to waste time troubleshooting.

But that’s not all. Each file entry in a ZIP archive also includes a compression method identifier (0x000 for no compression, 0x000C for an uncommon compression standard, etc.)

With Konfety, the attackers managed to declare files compressed using 0x000C, which wasn’t really the case. Since the files can’t decompress properly, it leads to partial extraction, parsing errors, or even crashes, which complicates reverse-engineering and analysis.

There are other ways Konfety tries to hide and maintain persistence. zLabs said that the attackers are also using so-called “dual-app deception”, in which there’s a legitimate app on major app stores, and a malicious one elsewhere.

The app also hides its icon when installed, and applies geofencing to make sure certain analysts and researchers can’t get to it.

Konfety works by using CaramelAds SDK to fetch ads, deliver payloads, and maintain communication with attacker-controlled servers. It redirects users to malicious websites, prompts unwanted app installs, and triggers persistent spam-like browser notifications.

“The threat actors behind Konfety are highly adaptable, consistently altering their targeted ad networks and updating their methods to evade detection,” the researchers warned.

“This latest variant demonstrates their sophistication by specifically tampering with the APK's ZIP structure. This tactic is designed to bypass security checks and significantly complicate reverse engineering efforts, making detection and analysis more challenging for security professionals.”

Via BleepingComputer

You might also like

• This dangerous new malware is hitting iOS and Android phones alike - and it's even stealing photos and crypto
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

Far-Flung Postcards is a weekly series in which NPR's international team shares moments from their lives and work around the world.