Feed aggregator

If you're a veteran who has been charged a fee to get help on your application for a VA disability rating or other benefits, NPR wants to hear from you!

Nothing knows how to design around its style, even if the result isn't for everyone.

• Supply chain attacks are becoming more frequent and more dangerous
• Many security teams are worried about the risks
• 70% of firms have suffered one or more attacks in the past year

A new survey from SecurityScorecard reveals that cybersecurity leaders are faced with serious supply chain and third party risks. The survey outlines that CISOs and security professionals all around the globe are struggling to keep up with the pace of expanding threats.

The software supply chain has become a worrying weak link for firms of all sizes, as smaller software providers are difficult to assess and often don’t have the cybersecurity capabilities large organizations can afford - with cybercriminals choosing smaller software companies as a point of intrusion to gain access to larger firms.

A staggering 88% of respondents were either ‘very concerned’ or ‘somewhat concerned’ about supply chain cybersecurity risks, and with good reason too, since 70% say they have experienced one or more ‘material third-party cybersecurity incidents’, with 5% suffering 10 or more in the past year.

Persistent threats

Recent research suggests third party involvement in threats has doubled from 15% to 30% in recent months, and a growing dependence on digital technologies also means a growing dependence on third party software for all industries.

As such, organizations are tasked with stringent cybersecurity practices to keep themselves secure. But, not everyone is confident in their ability to do so, with only 26% of organizations incorporating supply chain security into their cybersecurity programs - most rely on ‘point-in-time, vendor-supplied assessments or cyber insurance.’

Cybersecurity can be overwhelming even for firms with powerful capabilities, and nearly 40% of respondents reported that data overload and issues with prioritizing threats are their biggest challenge.

“Supply chain cyberattacks are no longer isolated incidents; they’re a daily reality,” said Ryan Sherstobitoff, Field Chief Threat Intelligence Officer at SecurityScorecard

“Yet breaches persist because third-party risk management remains largely passive, focused on assessments and compliance checklists rather than action. This outdated approach fails to operationalize the insights it gathers. What’s needed is a shift to active defense: supply chain incident response capabilities that close the gap between third-party risk teams and security operations centers, turning continuous monitoring and threat intelligence into real-time action. Static checks won’t stop dynamic threats—only integrated detection and response will.”

You might also like

• Take a look at our picks for the best malware removal around
• Check out our choice for best antivirus software
• Generative AI isn't biting into wages, replacing workers, and isn't saving time, economists say

We now know when the Eclipse night club and the Fringe distillery will make their multiplayer debut.

Vogue Thursday that there will be a new head of U.S. editorial content at Vogue. '/>

Vogue magazine in the U.S. will soon have a new editorial head. Anna Wintour announced that, after nearly 40 years in the position, she will be focus on her wider roles at Vogue and Condé Nast.

(Image credit: CJ Rivera)

• Fake Zoom scripts launch malware hidden beneath thousands of lines of code and whitespace
• LaunchDaemons ensure the malware runs at boot with admin rights once installed
• Malicious components disguise themselves as legitimate tools like “icloud_helper” and “Wi-Fi Updater"

A new cyber campaign using fake Zoom applications is targeting organizations across North America, Europe, and the Asia-Pacific, experts have warned.

This cyber campaign, linked to North Korean hackers, is attributed to the BlueNoroff Group, a known affiliate of the infamous Lazarus Group, and spoofs legitimate video conferencing services from Zoom to fool victims.

Primarily focused on the gaming, entertainment, and fintech sectors, this operation appears carefully coordinated and aims to compromise cryptocurrency wallets and other sensitive financial data.

Get Keeper's Personal Password Manager plan for just $1.67/month
Keeper is a password manager with top-notch security. It's fast, full-featured, and offers a robust web interface. The Personal Plan gets you unlimited password storage across all your devices, auto-login & autofill to save time, secure password sharing with trusted contacts, biometric login & 2FA for added security.View Deal

How the attack works

The operation begins with a deceptive AppleScript, designed to look like it is performing routine Zoom SDK maintenance.

Analysts have found the script padded with around 10,000 blank lines to hide the malicious commands buried deep within.

These commands, found on lines 10,017 and 10,018, use a curl request to silently download malware from a spoofed domain: zoom-tech[.]us.

Once installed, the malware embeds itself into the system using LaunchDaemon configurations that execute the malicious payload at startup with elevated privileges.

Additional components are then retrieved from compromised infrastructure and disguised as normal macOS tools such as “icloud_helper” and “Wi-Fi Updater.”

These components erase traces of temporary files and staging folders, using anti-forensics methods to avoid detection while maintaining backdoor access for remote commands and data theft.

This method takes advantage of the common work-from-home scenario where technical glitches are resolved quickly and often with minimal scrutiny.

The malware goes beyond simple credential theft. It actively looks for cryptocurrency wallet extensions, browser logins, and authentication keys, confirming BlueNoroff’s ongoing focus on financial gain.

In one documented case, a Canadian online gambling company was targeted on May 28, when attackers used fake Zoom troubleshooting scripts to plant the malware.

To stay safe, verify Zoom meeting participants independently, block suspicious domains, and use endpoint protection because attackers now use trusted platforms and familiar workflows to slip past basic protection.

It is also important to choose the best antivirus and ransomware protection software, especially for organizations with digital assets or crypto holdings.

Businesses should adopt identity theft protection to monitor exposed data and credentials, train staff on social engineering risks, and secure cryptocurrency tools with hardware wallets.

Via CyberSecurityNews

You might also like

• These are the best VPNs with antivirus you can use right now
• Take a look at our pick of the best internet security suites
• A popular WordPress theme has been hijacked by malware

The future of student loan repayment could look very different soon. Here's what to expect.

Here are hints -- and answers -- for the NYT Strands puzzle No. 481 for June 27.

Here are some hints and the answers for the NYT Connections puzzle for June 27, #747.

Here are hints -- and the answer -- for today's Wordle No. 1,469 for June 27.

• The Blue Signature purifier looks like a footstool and doubles as a side table
• Various customization options including colored covers and feet
• It comes with Auto, 'AirSense' and Night modes

Blueair has just launched the best-looking air purifier I've seen, and it has left me wondering exactly why so many other models look so ugly. Even within our own best air purifier ranking you'll find more than one clinical, white plastic appliance – surely not an aesthetic you'd find in many people's living rooms or bedrooms.

In contrast, the new Blue Signature looks like a piece of furniture, which is especially apt as it can double up as one too – the top can be used as a table. (Those aware of the IKEA Starkvind table-cum-air-purifier should be reassured that this is an altogether more successful fusion, visually speaking).

As standard, the Blue Signature comes with a pale grey or dark blue-grey cover, but you can pay extra to unlock a range of other color options (including beige, taupe and dark green). You can also choose to add a metal ring base or stubby feet, the latter of which really amp up the footstool vibes.

(Image credit: Blueair)

I wrote 'cover' just then, but what I really meant was 'pre-filter', because this wrapper is the first line of defense against particles in the air. It's machine-washable, to keep it hygienic and operating efficiently.

The brand is fond of this approach – the Blueair Blue Pure 411i Max and Blueair Blue Pure Mini Max also have removable, washable covers that are available in different colors. It's a simple solution but I'm a big fan; it makes the Blueair purifiers blend far more seamlessly into a home environment filled with other soft furnishings.

Time to freshen up

What about functionality? The Blueair Blue Signature looks strong there, too. There's a rather overwhelming seven-stage filter setup, starting with that washable pre-filter, and including an electrostatically-charged particle filter and carbon to absorb gases and odors. Blueair has added 'OdorFence' a "patent-pending, bio-based technology" designed to break down gases and remove odors more efficiently.

My only slight concern is that the Blue Signature, like all of Blueair's purifiers, uses a 'HEPASilent' filter, rather than true HEPA (the brand insists it's more effective than a HEPA filter, as well as operating more quietly).

(Image credit: Blueair)

The interface on the purifier itself has been redesigned so it counts down the time to when your air will be clean. It looks like a touchscreen, which I assumed might cause problems with the whole 'doubles as a table' thing, but you can lock the display via the companion app so you don't end up changing your settings every time you go to put your coffee down.

(Image credit: Blueair)

You can set fan speeds manually, but Blueair has also included three special modes. In Auto mode, the purifier monitors air quality and responds to keep the air clean. More unusual is the AirSense mode, where the purifier automatically switches on at intervals throughout the day, even without a drop in air quality, to keep the air feeling fresh. Finally, there's a Night mode that dims the LEDs and drops to the lowest fan speed.

This newly launched air purifier has already got a little discount at Amazon – there's 13% off, which doesn't seem like a lot, but it does equate to $60 off. It's designed to blend seamlessly into your home environment, even doubling up as a side table. It's suitable for use in large rooms, and includes multi-stage filters to remove all kinds of pollutants and odors.View Deal

The Blueair Blue Signature is available to buy in the US now. If you head to Blueair.com , prices start at $449.99, but on Amazon there's a limited-time discount to make it a little more affordable. It's not yet out in the UK, but is due to go on sale in August. We don't have pricing details yet, but if it's in line with US pricing it might be around £330. We've just started testing it out, and will have a full review live alongside the UK launch.

You might also like...

• Can't decide which Dyson vacuum is right for you? Here are the models I'd recommend for 5 different use cases
• I tested two of the priciest Dyson hair dryers on the market against one another in the ultimate head-to-head – here's what I learned
• I've been testing new robovacs for a year – this is my one key tip that could save you money when you buy

Omaha’s internet options may be limited, but CNET experts can help you find the best plan for your needs.

As part of a broader crime wave in Peru that began during the COVID-19 pandemic, gangs have begun targeting private schools in poorer neighborhoods for extortion. We hear how administrators and parents are dealing with the threats. And in London's West End, you don't need a ticket to witness the soaring signature song for the musical Evita. It is performed nightly in the street. We attend a recent performance.

(Image credit: Belinda Jiao)

Our picks of the best gaming TVs of 2025 boast great image quality and minimal delay, and can significantly enhance your gaming sessions.

Signs installed earlier in National Parks earlier in June asked for feedback on signs "that are negative about past or living Americans." Comments viewed by NPR didn't provide the requested feedback.

(Image credit: Chloe Veltman)

Premium members will have access to one new tool while another is more familiar.

• Online videos of Tesla's new robotaxis prompt investigation
• Footage shows the cars speeding and ghost braking
• Tesla’s Full Self-Driving and Autopilot mode also under scrutiny

Tesla’s rollout of its Robotaxi service at the weekend was hailed as a success by the company, which saw around 10 to 20 Model Y vehicles autonomously cover a geo-fenced route around Austin, Texas, complete with a selection of “pro-Tesla” content creators onboard.

Early social media posts revealed that the experience largely ran like clockwork, despite the required app release being delayed. The lack of software verification also meant the onboard safety driver (who was instructed to remain mute) had to manually check IDs.

But as the day progressed, a number of videos emerged online of Tesla’s Robotaxis behaving erratically, including veering into there wrong lane, traveling at several miles per hour above the speed limit and, in one instance, slamming on the brakes for a group of police cars that were parked well off the road.

“National Highway Transit Safety Administration (NHSTA) is aware of the referenced incidents and is in contact with the manufacturer to gather additional information,” the agency said in a statement, as reported by The Guardian.

However, the safety agency was quick to point out in its statement that the NHTSA does not pre-approve new technology, but instead requires manufacturers to ensure vehicles meet agency standards.

It will subsequently investigate and report on anything that falls foul of its guidelines.

The most recent preliminary enquiry joins an open investigation that the NHTSA is already working on concerning the manufacturer’s Full Self-Driving mode in its passenger vehicles.

This separate case is looking into the system’s ability to operate safely in low visibility situations, following a number of high-profile crashes.

Analysis: it's too soon for camera-only autonomous systems

(Image credit: Hyundai)

Elon Musk has famously preached about the benefits of his camera-only autonomous driving system, which eschews the plethora of sensors, radars and Lidar that are currently in used by every other key rival, including the likes of Waymo, Hyundai (in its Ioniq 5 robotaxi) and Nissan.

The overarching benefit is a cost saving to the manufacturer, as well as a reduction of weight and unsightly bulk that can be seen perched atop of the Waymo cabs currently in operation.

But those systems are used for a reason, predominantly to be able to paint a more detailed picture of the surroundings when current camera technology and AI simply can’t.

The argument currently leveled at Tesla Vision is that a camera-only approach might be suitable in the future, but the technology isn't ready yet.

Unfortunately, the Californian company is also famously closed about sharing its Full Self-Driving data, with Electrek reporting that Tesla has asked the NHSTA to ensure any answers it has provided related to current investigations remain confidential.

The marque also only releases very limited data related to both its Full Self-Driving and Autopilot systems, offering cumulative mileage and the number of disengagements (where the system requires a human to take over).

Waymo and fellow ADAS rivals, on the other hand, offer much more detailed information, as per the NHSTA’s guidelines, which helps build public trust in the technology – something even Elon Musk agrees with.

You might also like

• Tesla’s self-driving robotaxis have finally hit the road – and their first, invite-only passengers are unsurprisingly impressed
• I’ve tried Nissan’s latest advanced driverless technology – and it handles 60mph on rural roads better than most humans
• Tesla is secretly testing new versions of its Model S Plaid and Model Y Performance – here’s what to expect

• Alderon Games founder Matthew Cassells reports supposed liquid metal issues on PS5
• This was previously debunked, but multiple players of Alderon Games' Path of Titans have reported the same issues
• This comes amid build-up for GTA 6's launch on May 26, 2026

Rockstar Games' Grand Theft Auto 6 is edging closer with a launch date set for May 26, 2026, on PS5 and Xbox Series X and S. However, recent rumors of the former console and its supposed hardware issues have left me slightly worried about whether PS5 systems will survive until then.

As reported by Wccftech, the founder of Alderon Games (an Indie game developer), Matthew Cassells, highlighted a recurring issue of PS5 shutdowns from both players and staff of the Path of Titans game. Notably, Cassells claims on Moore's Law Is Dead (via YouTube) that the game crashes stem from liquid metal overheating issues.

Many gamers held this suspicion about the PS5 over the last few years, with suggestions that positioning your console vertically would cause the liquid metal to escape and leave dry spots on the console's APU. This was debunked, but worries have now resurfaced, with more users now voicing frustrations about abrupt console shutdowns.

This is arguably the worst time for these reports to resurface, as GTA 6 is set for launch next year. That may seem like a long road ahead, but it'll arrive on consoles sooner than we expect, and if you own a PS5 like me, hearing about these issues again might leave you concerned.

GTA 6 isn't coming to PC (at least on launch), and isn't expected to come to the platform for a year or more. The only players in the clear (if these liquid metal problems are legitimate) are Xbox owners, and I'm not one of them. As much as I'm pumped for Rockstar's long-awaited title, it'd be hard to buy another PS5 console, especially with the recent price fluctuations.

Analysis: Just place your PS5 horizontally to be on a safe side...

Fortunately, I've not run into any issues with my PS5 since I bought it on launch day in 2020. I'll also note that I've never placed it vertically on any TV unit or desk, so if there is any legitimacy to the liquid metal problems, that's likely why my system has been safe.

There's also an added bonus of less dust buildup when placed horizontally, and I can attest to this as I've hardly spotted any dust in my PS5. So, my advice is to avoid leaving your console standing upright, just to be on the safe side.

I must note there's no guarantee that these reports of liquid metal issues are indeed accurate, but I'd rather proceed with caution, just in case. We've waited over a decade for GTA 6. It will have been 13 years by the time it launches, and I'd hate to see my console die out on me at arguably its most important phase.

GTA 6 (as of today) is the most anticipated game of all time in my books, so let's just hope our systems don't screw us over.

You might also like...

• GTA 6 will be way bigger than we thought, according to new leak – and I hope these 3 gameplay rumors are true
• While we wait for GTA 6, rumors suggest that GTA 4 is getting a PS5 and Xbox Series X launch this year with Max Payne 3 to follow
• Rockstar confirms the latest Grand Theft Auto 6 trailer was all 'gameplay and cutscenes' captured 'entirely in-game' on the PS5

In 2024, 64% of the eligible-voting population turned out, the second highest in 120 years. New data show that even if all those voters who stayed home had voted, Trump would still be president today.

(Image credit: Jim Vondruska)

NPR's Juana Summers speaks with Mikhail Chester, professor of engineering at Arizona State University, about how extreme heat affects transportation infrastructure.