Feed aggregator

DuFour Du Jour, cues up the next song in her broadcast at the station in Hot Springs, Va.'/>

Congress voted to claw back federal funding to public media. Some of those hit hardest include community radio stations in areas that voted for the president.

(Image credit: Kristian Thacker for NPR)

Watch movies and TV shows and play games on-the-go with the best portable projectors I've reviewed from BenQ, Anker, AAXA and more.

Here are the answers for The New York Times Mini Crossword for July 20.

Palestinians were shot dead during a food distribution on Saturday at a center run by a U.S.- and Israeli-backed group in southern Gaza, hospital officials said.

(Image credit: Mariam Dagga)

The latest season of the podcast "Unsettled" from Iowa Public Radio looks at how gender affects people's everyday lives.

New York police said the 61-year-old man was wearing a large metal chain that caused him to be "drawn into the machine." The FDA warns that MRI scan create a "strong, static magnetic field."

(Image credit: Keith Srakocic)

The Tenno are traveling the cosmos to end up in a different star system -- and getting their hands on some sweet new gear along the way.

• The Mowrator S1 is an all-wheel drive lawnbot for tricky yards
• Can also function as a snow plough, trailer hitch and more
• Operates using videogame-style remote control

Lawnbots are great for neat, mostly flat, grass-covered lawns. But what if you have something more challenging? What if your lawn is lumpy, bumpy, overgrown, filled with roots, or super-steep? What if you have a paddock or a field that needs to be kept in check?

Mowrator has come to the rescue. Its Mowrator S1 is not so much a lawnbot as an all-in-one, consumer-grade, yardwork Transformer.

For lawncare, you can think of it like a ride-on mower, but shrunk down, powered by electricity, and operated by remote control. Available in four-wheel drive and two-wheel drive versions, it's equipped with a 21-inch long, straight blade. It can handle thick, tall or wet grass, get into the awkward areas usually off limits to mowers, and scale slopes of up to 85% (about 40 degrees).

When summer is over, the modular design can be reconfigured to deal with the demands of different seasons. There's a snow blade attachment, it can vacuum up dropped leaves in fall, and you can hook up a trailer and use it to transport things like fertilizer.

Yardwork... but make it fun

Most robot lawn mowers navigate independently, but this one is remote-controlled. So while it's a more hands-on choice, it's perfect if your yard has terrain, roots, or foliage that a traditional lawnbot can't handle. And you can still mow, plough snow or clear leaves from the comfort of your sofa, while monitoring the M1's progress out of the window.

It could be a particular game-changer for seniors or anyone struggling with the physical strain of staying on top of yard work – it'll take care of a variety of strenuous pushing and lifting tasks for you.

It also – frankly – looks incredibly fun to use. It's ready to go straight out of the box so there's none of the tedium of mapping the space, and you drive it using a game-style remote. A five-tier obstacle detection and avoidance system provides backup for unexpected hazards.

The Mowrator M1 can mow 1.125 acres on a single charge (an added an extra chassis fan cools the system while mowing, to prevent overheating) and there's fast charging to take the battery back to full in just 90 minutes. It's powered by four independent motors, and Morator says it has the same strength as a gas mower but without the emissions or noise.

The Mowrator S1 is available to buy now, with pricing starting from $2,499 / £2,578.

You might also like...

• How do robot lawn mowers navigate without a boundary wire?
• Is my garden suitable for a robot lawn mower?
• Mammotion Luba 2 AWD lawnbot review

Chris Camponovo, a former State Department lawyer, examines what a multi-national prisoner swap says about the Trump administration's third country deportation strategy.

Behind the scenes with NPR's reporting on how Florida has become the scene of some of the Trump administration's most aggressive immigration enforcement efforts.

• ChatGPT can’t tell if a site was hacked, expired, or repurposed for casino spam
• AI-generated answers may seem reliable, even when they cite completely hijacked and fake sources
• Expired charity domains are reborn as gambling sites and still pass as trustworthy AI sources

ChatGPT is quickly becoming a go-to source for people seeking recommendations, from online services to local businesses, but new evidence suggests its AI-generated suggestions may not always be grounded in trustworthy sources.

In fact, some are being drawn from websites that have either been hacked or whose domains have expired and been repurposed, often to promote online casinos and gambling platforms.

Over the past several months, James Brockbank, managing director and founder at Digitaloft, has been documenting how widespread the problem has become, uncovering examples of ChatGPT citing content from sites that have clearly been manipulated.

Exploiting gaps in AI source validation

In one instance, a functioning legal practice’s website, run by attorney Veronica T. Barton, had pages recommending UK casinos buried within it.

“Their site has been hacked and this page added,” Brockbank noted after reviewing the evidence.

In another case, a site once affiliated with a United Nations youth coalition had been transformed into a platform pushing “casinos not on GamStop.”

Although the listicle it hosted contained only one external link, it led to yet another repurposed domain.

The pattern continued with expired domains, including one that had belonged to a now-defunct arts charity previously linked by the BBC, CNN, and Bloomberg.

That domain, now pushing gambling content, was cited by ChatGPT in response to a query about no-deposit casinos.

These tactics exploit weaknesses in how ChatGPT selects and cites sources, as unlike traditional search engines, the model lacks mechanisms for verifying the legitimacy of a site’s ownership or editorial intent.

As a result, content injected onto compromised websites can surface in its answers without any obvious red flags to the user.

ChatGPT appears to favor recent content and still attributes authority based on legacy domain reputation, even when the domain’s content has no continuity with its past - which opens the door for bad actors to manipulate visibility through means that have little to do with credibility.

The bottom line is that users turning to ChatGPT for recommendations should not assume that every answer is backed by a credible source.

A quick check of the cited site’s authority, its history, ownership, and relevance can go a long way in avoiding misleading or harmful suggestions.

You might also like

• Trump's "One Big Beautiful Bill" set to award $1 billion funding to "offensive cyber operations"
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

Here are hints and the answers for the NYT Connections: Sports Edition puzzle for July 20, No. 300

Here are some hints and the answers for the NYT Connections puzzle for July 20, #770.

Here are hints and answers for the NYT Strands puzzle for July 20 No. 504.

Here are hints and the answer for today's Wordle for July 20, No. 1,492.

Need high-speed internet in Milwaukee? Residents have access to several quality ISPs, including fiber providers and multi-gig speeds.

• OpenCart websites were silently injected with malware that mimics trusted tracking scripts
• Script hides in analytics tags and quietly swaps real payment forms for fake ones
• Obfuscated JavaScript allowed attackers to slip past detection and launch credential theft in real time

A new Magecart-style attack has raised concerns across the cybersecurity landscape, targeting ecommerce websites which rely on the OpenCart CMS.

The attackers injected malicious JavaScript into landing pages, cleverly hiding their payload among legitimate analytics and marketing tags such as Facebook Pixel, Meta Pixel, and Google Tag Manager.

Exepers from c/side, a cybersecurity firm that monitors third-party scripts and web assets to detect and prevent client-side attacks, says the injected code resembles a standard tag snippet, but its behavior tells a different story.

Obfuscation techniques and script injection

This particular campaign disguises its malicious intent by encoding payload URLs using Base64 and routing traffic through suspicious domains such as /tagscart.shop/cdn/analytics.min.js, making it harder to detect in transit.

At first, it appears to be a standard Google Analytics or Tag Manager script, but closer inspection reveals otherwise.

When decoded and executed, the script dynamically creates a new element, inserts it before existing scripts, and silently launches additional code.

The malware then executes heavily obfuscated code, using techniques such as hexadecimal references, array recombination, and the eval() function for dynamic decoding.

The key function of this script is to inject a fake credit card form during checkout, styled to appear legitimate.

Once rendered, the form captures input across the credit card number, expiration date, and CVC. Listeners are attached to blur, keydown, and paste events, ensuring that user input is captured at every stage.

Importantly, the attack doesn’t rely on clipboard scraping, and users are forced to manually input card details.

After this, data is immediately exfiltrated via POST requests to two command-and-control (C2) domains: //ultracart[.]shop/g.php and //hxjet.pics/g.php.

In an added twist, the original payment form is hidden once the card information is submitted - a second page then prompts users to enter further bank transaction details, compounding the threat.

What stands out in this case is the unusually long delay in using the stolen card data, which took several months instead of the typical few days.

The report reveals that one card was used on June 18 in a pay-by-phone transaction from the US, while another was charged €47.80 to an unidentified vendor.

This breach shows a growing risk in SaaS-based e-commerce, where CMS platforms like OpenCart become soft targets for advanced malware.

There is therefore a need for stronger security measures beyond basic firewalls.

Automated platforms like c/side claim to detect threats by spotting obfuscated JavaScript, unauthorized form injections, and anomalous script behavior.

As attackers evolve, even small CMS deployments must remain vigilant, and real-time monitoring and threat intelligence should no longer be optional for e-commerce vendors seeking to secure their customers’ trust.

You might also like

• Downloaded something dodgy? These are the best malware removal tools
• Nail the basics with the best firewalls available now
• DOGE employee leaks private xAI API key from sensitive database

A boat carrying tourists capsized during a sudden thunderstorm in Vietnam on Saturday afternoon during a sightseeing excursion, killing 34 people.

(Image credit: AQDND)

Attorney General Pam Bondi has filed a formal request to release grand jury testimony related to Jeffrey Epstein. But the president continues to distance himself from the late, disgraced financier.

(Image credit: Evan Vucci)

• 22-minute video reveals the incredible work that goes into making Beelink’s tiny desktop replacements
• There’s a surprising amount of hand-assembly and testing in the mini PC production line
• There’s narration, no music, just pure factory sounds and impressive craftsmanship

As mini PCs have quietly evolved into compact yet capable machines, many can easily replace traditional desktops.

Once seen as niche gadgets, they now power home offices, media setups, and small businesses, with high-performance processors, expandable memory, and solid I/O support, all packed into tiny, low-noise enclosures.

Chinese manufacturer Beelink has been producing high-quality mini PCs since 2011, and if you’ve ever wondered what goes into making one of these miniature powerhouses, you’ll want to watch a new video that showcases the entire process.

Hand-finished

We’re big fans of Beelink’s range of mini PCs here at TechRadar Pro. We’ve reviewed models like the SER8, SER9, Beelink ME mini, and GTR7 and always come away impressed. The company's most recent release, the GTR9 Pro, is powered by a Ryzen AI Max+ 395 processor and delivers 126 TOPS for next-gen AI.

The video, from SatisFactory Process, has so far been watched by nearly two million viewers, and for good reason. The 22-minute showcase explores how Beelink’s mini PCs are made from start to finish, and it's mesmerizing.

It begins with raw aluminum being pressed and CNC-machined into a case. From there, you see the entire transformation: polishing, chemical cleaning, abrasive blasting, electroplating, laser engraving, and dozens of small, meticulous assembly steps.

One of the most striking things is just how much of the work is done by hand.

From installing components on the motherboard to applying thermal pads and screwing together daughterboards, human workers are visible at almost every stage.

There are multiple quality control checks throughout, including electrical testing, visual inspections, firmware flashing, and more.

The build is topped off with packaging, accessories, plastic wrapping, and factory seals before heading out the door.

Part of what makes the video so watchable - and that 22 minutes absolutely flies by - is that it’s not flashy or promotional. There’s no voiceover, no music. Just the sound of real machines and real people building something.

Many of the comments under the video echo the same feeling: surprise at the number of steps involved, appreciation for the amount of human care, and admiration for a company willing to show the entire process.

As one commenter observed, “This is the best advertisement a company can do” - and it really is.

Watch and enjoy the video below.

You might also like

• These are the best business laptops around
• And these are the best workstations available today
• Compact workstation PC appears with some outstanding features