Feed aggregator

You can even get store credit in some cases when you trade in old PCs, laptops and printers.

Looks like Bethesda really has been reworking Skyrim's predecessor for modern audiences.

Bluesky, the upstart, decentralized social network that's offered an island of blue calm for those departing the tumultuous, dark waters of X (formerly Twitter), is finally introducing an official form of account verification. It will look familiar to those who spent time on old-school Twitter, but it does feature a few notable caveats.

Up until today (April 21, 2025), there was no Bluesky-supported system for verifying an account or visual indication of verified status, and the microblogging social media platform was suffering from an imposter problem. Bluesky addressed this, in a way, by encouraging people to set up and use their own domain names to establish the veracity of an account.

My account, for instance, is attached to lanceulanoff.com, a domain I've owned for years. Bluesky reports that some 270,000 accounts have linked their accounts to domains.

Still, setting up a domain and connecting it to your Bluesky account is not a trivial matter. This new feature significantly simplifies the process.

A new check

(Image credit: Future)

According to a new Bluesky blog post, there are now three levels of identity on the platform: the basic Bluesky account, a Trusted Verifier, and a Verified Account.

The Trusted Verifier is interesting because it's a verified account that, with Bluesky's review, can verify other accounts. The example given is The New York Times' Bluesky account, which can then verify its journalists' accounts.

Years ago, Twitter had something similar, where an entity like TechRadar could ask Twitter directly to verify some of its journalist employee accounts.

It was not a popular feature among, for instance, celebrities and officials, who wondered (often on Twitter) why journalists needed verification. The topic of Blue Checks and verification on Twitter became so fraught that, for a time, Twitter's then-CEO Jack Dorsey stopped verifying accounts. When Elon Musk took over, he removed verifications from millions of accounts, only to return them some months later.

Who verifies who

Bluesky wrote that it is proactively verifying some "authentic and notable accounts," which will now have a white check in a blue circle.

Trusted Verifiers will have a scalloped blue check to indicate their vaunted status. A tap on someone's verified status can show you which Trusted Verifier granted verification.

It's not necessarily a foolproof system, as I think media companies might seek to verify all journalists in their camp, and Bluesky could push back against that. Or maybe Bluesky says yes, but at some point, "the notables" grow irritated because there are suddenly so many non-famous people with checks.

One thing Bluesky is not supporting is "requests for verification." However, the social media platform is not ruling it out and has promised that as this system settles in and stabilizes, it will "launch a request form for notable and authentic accounts interested in becoming verified or becoming trusted verifiers."

If you're wondering about the other decentralized social media platform, Threads, it adopts verifications directly from Instagram, another Meta property.

It'll be interesting to see what Bluesky asks for in its future verification process and if any part of it will involve some form of ID.

You might also like

• What is Bluesky? The new social media network explained
• How to switch to Bluesky from Twitter
• I wasted my day on Bluesky Social and no, I'm not sorry

• The FBI is warning about an ongoing scheme targeting victims of online fraud
• The victims are encouraged to reach out to a person on Telegram, posing as the chief of IC3
• The person would try to gain access to the victims' financial accounts

Cybercriminals are preying on victims of online fraud, using their state of emotional distress to cause even more harm, the FBI has said, revealing it received more than a hundred reports of such attacks in the last two years.

In the campaign, cybercriminals would create fake social media profiles and join groups with other victims of online fraud. They would then claim to have recovered their money with the help of the FBI's Internet Complaint Center (IC3). This makes the ruse credible, since IC3 is an actual division of the FBI and serves as a central hub for reporting cybercrime.

Those who believe the claim are then advised to contact a person named Jaime Quin on Telegram. This person, claiming to be the Chief Director of IC3, is actually just part of the scheme. Quin will tell people who reach out that he recovered their funds and would then ask for access to their financial information, to steal even more money.

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

​Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.

It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts to protect against cyber threats.

Preferred partner (What does this mean?)View Deal

Getting in touch

This is just one example of how the scam works. The FBI says that initial contact from the scammers can vary.

“Some individuals received an email or a phone call, while others were approached via social media or forums," it said. "Almost all complainants indicated the scammers claimed to have recovered the victim's lost funds or offered to assist in recovering funds. However, the claim is a ruse to revictimize those who have already lost money to scams."

To minimize the risk of falling victim to these scams, you should only reach out to law enforcement through official channels. Furthermore, you should keep in mind that law enforcement (especially those in executive positions) will never reach out to you this way, especially not to initiate contact.

Finally, the police will never ask for your password, financial information, or access to private services.

Via BleepingComputer

You might also like

• Key Strategies for financial institutions to combat fraud
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

Pope Francis, one of the most popular popes in decades, has died. As the world mourns and reflects on his legacy, NPR would like to hear your stories.

(Image credit: Spencer Platt)

The pope's death at the age of 88 ends a 12-year papacy that began with the historic resignation of Francis' predecessor in 2013.

(Image credit: Imtiyaz Khan)

• Fake PDF converters are tricking users with cloned sites and fake CAPTCHAs
• PowerShell command installs malware that steals browser and crypto wallet data
• Attackers use realistic designs and social engineering to avoid detection

Cybercriminals are using fake PDF converters to install powerful malware on victims' systems, experts have warned.

Research from CloudSEK found attackers are cloning popular file conversion websites like pdfcandy.com - replicating its logo and brand elements - in order to trick users into downloading malicious software.

CloudSEK says these fake sites look almost identical to the real ones. When someone tries to convert a file, the page shows a fake loading screen and then prompts for a CAPTCHA verification. Instead of just confirming the user is human, this step leads to an instruction to run a PowerShell command. Following the command downloads a zip file containing malware known as ArechClient2, part of the SectopRAT family of information stealers.

Collecting personal data, and worse

The malware uses a number of hidden methods to infect the system. It spawns normal Windows processes to hide its activity and begins collecting browser passwords, crypto wallet information, and other sensitive data. Once the malware is active, it can quietly send stolen information back to the attackers, CloudSEK reports.

The FBI has already warned that online file converters are becoming a popular way for criminals to spread their malware. CloudSEK’s research shows that attackers are improving their methods, cleverly blending realistic website designs with social engineering tricks in order to lower users' defenses.

With online tools becoming part of everyday work and personal life, it’s important to know how to avoid these threats.

How to stay safe

(Image credit: Amazon India)

The best way to protect yourself is to avoid clicking random search results for online file converters. Always visit known official websites directly.

In addition to that, always double-check the website address for small spelling changes that might be easy to miss.

For a good starting point, check out our round up of the best PDF editors, and the best free PDF editors. We also recommend the best Adobe Acrobat alternatives.

Staying cautious when uploading documents online can stop many of these attacks before they start.

Keep your antivirus software up to date (you’re doing this anyway, right?) and scan any downloaded files before you open them. Installing browser extensions that block suspicious or dangerous sites can also help.

If a website asks you to run PowerShell commands or download extra files after uploading a document, close the page immediately.

Finally, if you think you’ve been tricked, disconnect the device from the internet right away, change all important passwords from a safe device, and let your bank or service providers know as soon as possible.

You might also like

• Stay protected with the best endpoint protection tools around
• We've also rounded up the best ransomware protection tools
• And these are the best free PDF to Word tools you can use

The New York Times reported that he shared information last month to a second private Signal group chat about upcoming strikes in Yemen.'/>

The White House has begun the process of looking for a new secretary of defense, according to a U.S. official who was not authorized to speak publicly.

(Image credit: Chip Somodevilla)

The last pope to die during his tenure was Pope John Paul II in 2005. Here's what happened in the days and weeks that followed.

(Image credit: Joe Raedle)

While Verizon Fios stands out as Harrisburg's top internet choice, it's worth exploring all your options before committing to a provider.

The best AI generation trends are the cute ones, especially those that transform us into our favorite characters or at least facsimiles of them. ChatGPT 4o's ability to generate realistic-looking memes and figures is now almost unmatched, and it's hard to ignore fresh trends and miss out on all the fun. The latest one is based on a popular set of Anime-style toys called Chibi figures.

Chibi, which is Japanese slang for small or short, describes tiny, pocketable figures with exaggerated features like compact bodies, big heads, and large eyes. They are adorable and quite popular online. Think of them as tiny cousins of Funko Pop!.

Real Chibi figures can run you anywhere from $9.99 to well over $100. Or, you can create one in ChatGPT.

What's interesting about this prompt is that it relies heavily on the source image and doesn't force you to provide additional context. The goal is a realistic Chibi character that resembles the original photo, and to have it appear inside a plastic capsule.

The prompt describes that container as a "Gashapon," which is what they're called when they come from a Bandai vending machine. Bandai did not invent this kind of capsule, of course. Tiny toys in little plastic containers that open up into two halves have been on sale in coin-operated vending machines for over 50 years.

If you want to create a Chibi figure, you just need a decent photo of yourself or someone else. It should be clear, sharp, in color, and at least show their whole face. The effect will be better if it also shows part of their outfit.

Here's the prompt I used in ChatGPT Plus 4o:

Generate a portrait-oriented image of a realistic, full-glass gashapon capsule being held between two fingers.

Inside the capsule is a Chibi-style, full-figure miniature version of the person in the uploaded photo.

The Chibi figure should:

• Closely resemble the person in the photo (face, hairstyle, etc.)
• Wear the same outfit as seen in the uploaded photo
• Be in a pose inspired by the chosen theme

A time capsule

(Image credit: Mr Rogers Chibi generated by ChatGPT)

Since there's no recognizable background or accessories in the final ChatGPT Chibi figure image, the final result is all about how the character looks and dresses.

I made a few characters. One based on a photo of me, another based on an image of Brad Pitt, and, finally, one based on one of my heroes, Mr. Rogers.

These Chibi figures would do well on the Crunchyroll Mini and Chibi store, but I must admit that they lean heavily on cuteness and not so much on verisimilitude.

Even though none of them look quite like the source, the Mr. Rogers one is my favorite.

Remember that AI image generation is not without cost. First, you are uploading your photo to OpenAI's server, and there's no guarantee that the system is not learning from it and using it to train future models.

AI image generation also consumes electricity on the server side to build models and to resolve prompts. Perhaps you can commit to planting a tree or two after you've generated a half dozen or more Chibi AI figures.

You might also like

• The action figure trend is the latest way people are ...
• Everyone wants the viral AI doll – but it's a privacy ...
• The hottest new AI image trend is Sora users begging for ...

(Image credit: Yuki Iwamura)

Pope Francis called on the world and 1.4 billion Catholics to confront climate change. He brought attention to the issue but it's not clear he changed many minds.

(Image credit: Massimo Valicchia)

Workers who track data on car crashes, drownings, traumatic brain injury, falls in the elderly, and other perils lost their jobs. Advocates worry life-saving work will stop.

(Image credit: Kyle Mazza/Anadolu)

The company may override user-provided ages if it suspects the account belongs to a teen.

Get the most out of your iPhone with these MagSafe accessories, handpicked by CNET’s tech experts.

• Crooks are abusing Google's notification system to bypass email protection
• Through OAuth apps, they are able to generate convincing phishing emails
• The campaign also uses sites.google.com

Researchers have discovered a clever and elaborate phishing scheme that abused Google’s services to trick people into giving away their credentials for the platform.

Lead developer of the Ethereum Name Service, Nick Johnson, recently received an email that seemed to have come from no-reply@google.com. The email said that law enforcement subpoenaed Google for content found in his Google Account.

He said that the email looked legitimate, and that it was very difficult to spot that it’s actually fake. He believes less technical users might very easily fall for the trick.

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

​Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.

It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts to protect against cyber threats.

Preferred partner (What does this mean?)View Deal

DKIM signed

Apparently, the crooks would first create a Google account for me@domain. Then, they would create a Google OAuth app, and put the entire phishing message (about the fake subpoena) in the name field.

Then, they would grant themselves access to the email address in Google Workspace.

Google would then send a notification email to the me@domain account, but since the phishing message was in the name field, it would cover the entire screen.

Scrolling to the bottom of the email message would show clear signs that something was amiss, since at the bottom one could read about getting access to the me@domain email address.

The final step is to forward the email to the victim. “Since Google generated the email, it's signed with a valid DKIM key and passes all the checks,” Johnson explained how the emails landed in people’s inbox and not in spam.

The attack is called a “DKIM replay phishing attack,” since it leans on the fact that in Google’s systems, DKIM checks only the message and the headers, not the envelope. Since the crooks first registered the me@domain address, Google will show it as if it was delivered to their email address.

To hide their intentions even further, the crooks used sites.google.com to create the credential-harvesting landing page. This is Google’s free web-building platform and should always raise red flags when spotted.

Via BleepingComputer

You might also like

• Millions of airline customers possibly affected by OAuth security flaw
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

This is a spoiler-free review of all 12 episodes of Andor season 2.

There's no question that Andor season 2 is one of my most anticipated shows of 2025. Ever since Disney announced the release date for Andor's second and final season last November, I've been counting down the days until the critically acclaimed show's return.

In the two and a half years since the Star Wars TV series' first season ended, my excitement levels have only grown. That could've presented a problem if, like many a crashed starship in the famous galaxy far, far away it inhabits, the political spy thriller didn't stick the landing with its second and final installment.

Join me in breathing a sigh of relief, then, that it does. Andor season 2 is a near-masterpiece that, a couple of faults aside, cements the show's position as the best piece of Star Wars live-action media since the original movie trilogy.

Rebel leaders, standing by

Andor season 2 takes a different storytelling approach to its predecessor (Image credit: Lucasfilm/Disney Plus)

Initially picking up events after its predecessor's finale, Andor season 2 takes a different storytelling approach to the Disney+ series' first outing.

Where season 1 followed its ensemble cast across a single year, this season's 12-episode run is divided into four trilogy-style events. Each three-episode block depicts a specific event within the four years leading into Rogue One: A Star Wars Story – the 2016 film that connects Andor to Star Wars Episode IV: A New Hope.

Andor season 2 is... the best piece of Star Wars live-action media since the original movie trilogy

Previously described as "very sexy" time jumps by showrunner Tony Gilroy, episodes 1 to 3 cover three days, four years before Rogue One happens. Then, chapters 4 to 6 depict a week-long event three years out from the aforementioned movie. Next, entries 7 to 9 tackle a 14-day period two years before the Gareth Edwards-directed flick. Finally, episodes 10 to 12 take place in the five days leading up to Rogue One.

With both seasons reportedly costing an eye-watering $645 million, it's clear Disney, which has tightened the purse strings during Bob Iger's second stint as CEO, wanted to wrap up this expensively-assembled program.

That's bad news for fans who loved Andor's first season and craved more of its thrilling, character-driven storytelling. It also presented a creative conundrum for Gilroy and company to overcome – how to cram four seasons' worth of character evolution and plot progression into a dozen episodes.

Mon Mothma is as integral to Andor's story as the titular character (Image credit: Lucasfilm/Disney+)

Some teething problems in season 2's first act notwithstanding, it's a storytelling approach that, hesitant though I was over how well it'd work, I actually warmed to. Sure, season 2 is fast-paced at times (I'll get into this more later as part of my wider criticism of this season), but the beauty of its four-year cycle is its ability to show the ever-evolving nature of the show's key relationships at annual intervals.

Be it friendships, romances, uneasy alliances, or another type of interpersonal dynamic, season 2's multi-year plot approach – one largely devoid of filler material – highlights the rollercoaster ride that each one goes on.

Sure, character dynamics can change within TV show seasons whose events play out over weeks and months rather than years. It's a process that worked wonders for Andor's first season, but armed with its multi-year format, the series' sophomore outing not only demonstrates how its tentpole moments impact these relationships but also the in-flux nature of its core dynamics in all of their soul-stirring, melodramatic, and tear-jerking glory.

The beauty of this season's four-year cycle is how it showcases the ever-evolving nature of the show's key relationships

Predictably, a lot of the shifting dynamics revolve around Cassian Andor (Diego Luna). As the show's titular character, season 2 takes a purposeful approach to examining the ebb and flow of his personal associations.

Indeed, there's underlying tension, occasional levity, and soul-piercing drama to the bonds he shares with those he's closest to and works for, as well as clear affection and/or respect amid the oft-times messiness of these dynamics. Understandably, that includes ones he has real stakes in, with Bix (Adria Arjona), Luthen Rael (Stellan Skarsgård), Wilmon (Muhanned Bhair), and, as confirmed by an appearance in Andor season 2's first trailer, his eventual android bestie K-2SO.

Bix and Cassian's relationship dramatically shifts as season 2 plays out (Image credit: Lucasfilm/Disney Plus)

That said, while the series bears his name, season 2 is as much, if not more so, an ensemble piece than its predecessor was. (By the way, it's worth watching the season 1 finale again, or streaming last season's 14-minute recap, to refamiliarize yourself with the sheer number of characters in the show. My head was spinning throughout season 2's opening salvo as I tried to remember who everyone was, what they were doing, and where they were!)

Fascinated though I was by Cassian's relationships with some of Andor season 2's cast, I found myself more hooked by the politically dicey dynamics involving Mon Mothma (Genevieve O'Reilly), who's arguably this season's stand-out. She's certainly the most interesting character in season 2's first act and, spoilers notwithstanding, episode 9 fully cements O'Reilly's place as one of the finest actors to grace the Star Wars universe.

The engrossingly uncomfortable dynamic between Galactic Empire officers Dedra Meero (Denise Gough) and Syril Karn (Kyle Soller) that slithers with reptilian delight, plus the compelling expansion of Luthen's fraught surrogate-style relationship with Kleya (Elizabeth Dulau), are equally worthy of praise. I never tired of seeing these particular dynamics play out and, given another season or three, I'm sure they would've been even more intoxicating to watch.

Heirs to the Empire

Denise Gough's Dedra Meero is captivatingly unlikeable once more in the show's second season (Image credit: Lucasfilm/Disney Plus)

Season 2 successfully navigates its expansion of, and call backs to, the wider Star Wars galaxy, too.

There is, despite what Gilroy previously suggested, some character and plot-based winks to the camera, but they're not as egregious as references in other Star Wars projects.

In fact, whether it's the return of Rogue One's main villain Orson Krennic (Ben Mendelsohn), who steals scenes with his terrifying unpredictability, or subtle nods to Star Wars Episode III: Revenge of the Sith and Rogue One itself, they're easily forgivable inclusions that actually enhanced my viewing experience.

Ben Mendelsohn reprises his role as Death Star overseer Orson Krennic in Andor's final season (Image credit: Lucasfilm/Disney Plus)

The addition of new worlds also expands on the grandeur of Lucasfilm's vast galaxy, which the Galactic Empire dominates during this time. The live-action debut of one planet is especially key as it allows for the exploration of an emotionally devastating event that should also clear up fan confusion over said incident's Star Wars canonicity.

I won't tease much else about it for those with little knowledge of wider Star Wars lore. Believe me when I say, though, that season 2 episode 8, which showcases this event in such soul-crushing fashion, might be the best – if that's the right word to use – chapter since the season 1 finale. If nothing else, it certainly rivals last season's 12th episode for sheer emotional impact, and I'm not afraid to admit that I shed a tear or two as its end credits rolled.

Season 2 episode 8... rivals last season's 12th episode for sheer emotional impact

If there was a problem with one of the best Disney+ shows' final season – and this might slightly contradict what I wrote earlier – it's the condensed and at times rushed feel of some of its four acts.

I appreciate it's been a costly endeavor for Disney. I also understand that showrunner Tony Gilroy had the unenviable task of compressing four seasons' worth of content into the show's last installment. So, the fact that he achieved this seemingly impossible task should be applauded.

The compelling character complexities of Kyle Soller's Syril Karn are on full show in season 2 (Image credit: Lucasfilm/Disney+)

Still, the sheer number of narrative hoops that season 2 has to jump through, the quick-paced nature of some three-episode events, and the occasional sidelining of important supporting characters make this season feel a tad scattershot in its storytelling approach.

Act 1, for instance, feels largely untethered and tonally different from its fellow volumes. The severe cuts between scenes are often jarring, while the lack of narrative and character-based pay-off delivers an abrupt end to season 2's opening three-part chapter. It comes across as a standalone trilogy that feels out of place among its brethren.

It's not the only act marred by niggling issues. Act 4 is more closely connected to acts 2 and 3 than act 1 is, and plays the role of direct link to Rogue One. However, it's a little on the short side, and I'll admit I was expecting a bit more suspense or shock value in a three-parter where the Rebel Alliance finally learns about the Death Star.

Don't get me wrong, some moments are genuinely thrilling, dramatic, action-packed, and heart-wrenchingly sad, and I certainly wasn't unsatisfied with how season 2 ends. Indeed, its final scene will make you view Rogue One in a whole different light. I just think that, with a few extra minutes here and there, act 4 would've been even better than it was.

My verdict

Andor season 2 is a devastating and epic tour de force – one filled of potent political drama, weighty ethical dilemmas, and captivating character introspection – that rebels against the notion that Star Wars is a dead franchise walking.

In my view, nothing comes as close to matching the awe, shock value, and prestige nature of the original films – which turned Lucasfilm's iconic sci-fi universe into the powerhouse franchise it is today – as this epic and expertly crafted show.

Would it be even better as a three-season event (a Star Wars trilogy, you say?) comprising eight episodes apiece to fully explore its characters, their dynamics, the impact of their decisions, and help things feel less rushed? Yes, but this is the hand that Gilroy and company were dealt, and there's no debate that they've pulled off an almighty task in making one of 2025's new Star Wars shows as breathtakingly good as it is.

In my Andor season 1 review, I labeled it "a blood-pumping spy thriller that might be the best Star Wars shows yet". Now, I'd replace "might be" with "is". If Disney learns anything from Andor, it's that there's an entire galaxy's worth of more mature, creative, and original stories that deserve to be explored.

The question now is: will the House of Mouse be brave enough to pursue similar ideas? If it does and they're as good, if not better, than Andor, I'll be a Star Wars devotee for a long time yet.

Andor season 2 launches with a three-episode premiere on Tuesday, April 22 (US) and Wednesday, April 23 (UK and Australia). Three new episodes arrive each week until the show's finale in mid-May.

• Some Entra ID accounts were being flagged as having compromised credentials
• Seems it was just Microsoft “inadvertently generat[ing] [false] alerts”
• However, users were getting different explanations from Microsoft

Windows administrators have been reporting mass account lockouts across various organizations following a Microsoft Entra ID update.

Many believe these were false positives triggered in Entra ID's new leaked credentials detection app (a new feature called MACE Credential Revocation), as affected accounts had unique and unused passwords.

One user posted to a Reddit thread that around half a dozen accounts had been blocked after credentials were supposedly found on the dark web, however those users didn’t have much in common, suggesting that it wasn’t a targeted attack.

Entra ID might be flagging false positives

“There are no risky signins, no other risk detections, everyone is MFA, it's literally the only thing that's appeared today, raising the risk on these people from zero to high,” the Reddit user explained.

Beneath the original post is a series of comments from other system admins who also experienced similar issues, with one user sharing a response from Microsoft suggesting that the accounts had been erroneously flagged:

“On Friday 4/18/25, Microsoft identified that it was internally logging a subset of short-lived user refresh tokens for a small percentage of users, whereas our standard logging process is to only log metadata about such tokens. The internal logging issue was immediately corrected, and the team performed a procedure to invalidate these tokens to protect customers.”

The notice sees Microsoft admit to “inadvertently generat[ing] alerts in Entra ID Protection” of supposed compromised credentials between 4AM UTC and 9AM UTC on April 20.

Another user said they were quoted “Error Code: 53003” for conditional access policy, while another was told that it was to do with an outage in their region – even though no outage had been reported or logged.

TechRadar Pro has asked Microsoft to clarify what happened over the weekend and why users appear to have received different explanations. Any update will be posted here.

You might also like

• Major TalkTalk Business outage means customers have had to go without email for over a week
• Keep your account safe with the best password managers
• We’ve listed the best identity management software