Cascadeur 2025.1 Released / News / April 7, 2025 / 3D, Applications, ReleaseCascadeur is a powerful animation tool available for Windows, Mac and Linux that utilizes AI and machine learning to assist the artist, not replace them. Of course it has all of the tools an animator would expect to rig then keyframe animate your scene, it just has several other novel tools on top such as turning mocap animation into cleaner keyframed animation and AI tools for assisting with secondary animations.New features in Cascadeur 2025.1 include:Brand-New Inbetweening Tool: Create fluid, natural motion with ease! Powered by AI, the new Inbetweening Tool generates motion between poses.Improved AutoPosing: Enhanced AutoPosing ensures greater stability and improved pelvis control.Improved AutoPhysics:Improved original pose preservation via Geometrical Constraints logic and added a new slider for controlling the Physics Corrector.Upgraded Ragdoll System: New Ragdoll interaction with characters and props. Support for custom Kinematic mesh colliders.New GLTF/GLB Import Format & FBX Improvements: Extended compatibility with Blender, Daz3d and other software.New Right-Click Context Menu:Right-clicking now opens a menu for setting the pivot and accessing other functions. Can be reverted to the old behavior in viewport input settings.Additional Enhancements: Various UI changes, improved Unbaking functionality, added Roblox Sample characters, optimized Copy Tools and much more!Key LinksCascadeur HomepageCascadeur 2025.1 AnnouncementCascadeur 2025.1 Full Release NotesThere is a full functioning but save limited version of Cascadeur you can download and try freely. You can learn more about Cascaduer in the video below.

Nintendo fans are presumably eager to get their hands on the Nintendo Switch 2. But one in particular seems a bit more eager than most, as he's already starting the line in front of the Nintendo New York store two months in advance to ensure he gets one.YouTuber ChickenDog has started making the rounds as the "first" person to line up for the Nintendo Switch 2 at the New York store location. He started on April 5, two months before the planned June 5 launch of the new Nintendo console, and he said he plans to camp out and record updates as he does so.The "camping out" is a little more in the colloquial sense, as ChickenDog clarified in an update video that he has an AirBnB and hotel, as well as friends in the area, so he won't be braving the elements for two straight months. He's also got a crew of friends helping him hold the spot down when he's not physically there.There's certainly a history of Nintendo fans camping out for big console and game releases, including a month-long wait for the Nintendo Switch. It seems like ChickenDog is looking to follow in those footsteps, waiting out the two months for Switch 2.The YouTuber plans on recording and uploading content while he's out there, so head over to ChickenDog's YouTube if you want to follow all the updates day-after-day. Even without a tent or sleeping bag, waiting out for two months is a long, long time, so best of luck and some sunny skies to him.PlayAssuming ChickenDog stays the course, he'll need to hand over $450 just for a Switch 2, or $500 if he wants the Mario Kart world bundle. That is, unless the price goes up in response to U.S. President Donald Trump's tariffs, which have already caused Nintendo to delay Switch 2 pre-orders.For more Switch 2 info, check out our big Nintendo Switch 2 interview with Nintendo of America's Bill Trinen going over price, mouse controls, and more.Image credit: ChickenDog / YouTube.Eric is a freelance writer for IGN.

Its important to note that the Minecraft video game is incredibly popular with younger people. That description hardly sums up the sheer power the gaming title commands in the industry. In fact, Minecraft is the highest-selling single video game of all time. Since its release in 2011, it has sold more copies than Grand Theft Auto, Red Dead Redemption, and even Super Mario Bros. Minecraft has additionally been a staple game for kids in Gen Z and Gen Alpha. Available on a multitude of platforms, such as consoles, PCs, and even iPads, Minecraft established itself as a cultural phenomenon years ago. A big screen swing was inevitable.With that kept in mind, not every cultural phenomenon has translated that success to movie theaters. Look no further than a myriad of poorly received video game adaptations, such as Warcraft (2016), Assassins Creed (2016), and Borderlands (2024). Additionally, some seemingly surefire hits have dwindled financially. Disneys Snow White, a live-action remake of the beloved 1937 classic, felt like the safest bet when announced years ago. However, sliding release dates, alleged controversies surrounding Rachel Zegler (primarily unwarranted), and subpar word-of-mouth torpedoed Snow Whites chances at success. Most of all, however, it would appear in retrospect that remaking a nearly 90-year-old IP doesnt actually appeal to kids these days (if it ever did, considering that the Dumbo remake also flopped in pre-COVID times). The landscape is changed; Marvel movies arent guaranteed hits anymore, and youthful audiences are tiring of nostalgia aimed as much at their parents or grandparents as themselves.Younger moviegoers disproportionately make up a large percentage of the box office and always have due to disposable income. And they seem to want something new and fresh, a franchise they havent seen before. Not something that their folks have been watching since the 80s or 90s. The same old, same old hasnt been cutting it lately, and A Minecraft Movies success is emblematic of the shifting space.While the film is still an adaptation of a beloved IP, its an IP that hasnt been featured on the big screen before. Conversely, once popular brands, like Indiana Jones, failed to regain their previously significant crowds due to dwindling interest from modern audiences, as seen by the historic bomb that was Dial of Destiny (2023). In that case, it was the fourth sequel to a then 42-year-old movie starring an octogenarian. It turns out that doesnt appeal to kids anymore than a riff on a fairytale cartoon that played in theaters before the Second World War.On the other hand, Barbie (2023), a world-renowned property with decades of success behind it, captured lightning successfully in a bottle because of its perfect combination of iconicity and unconventional approach. A Minecraft Movie has done something similar and now holds an opening weekend number just a few million behind Barbies 2023 at-bat.Another significant driving force behind Minecrafts connection with Gen Z is the meme of it all. When the first trailer for the flick dropped, Jack Blacks zany delivery of, I am Steve went viral. The subsequent second trailer began with Steve exclaiming, As a child, I yearned for the mines, a perennial joke on social media. Finally, younger audiences have turned the theatrical Minecraft experience into an event, cheering for sequences like Jason Mamoas boxing match with a chicken jockey as if it were akin to Andrew Garfield and Tobey Maguire showing up in Spider-Man: No Way Home (2021). The new wave of social media has majorly impacted A Minecraft Movies popularity, similar to the Gentle Minions trend from 2023, resulting in a film transcending mediocre reviews from critics and average audiences.

Its not every day that you turn on a game and realize you cant even describe its genre. Blue Prince arriving on April 10 for Xbox Series X|S, PC and Game Pass is a beautifully confounding thing. Its part first-person puzzle, part-strategy deckbuilder, part-roguelite, part-narrative mystery box and yet none of these quite communicate exactly what developer Dogubomb has managed to create here.You play as Simon, whos just inherited a 45-room estate called Mount Holly or he will inherit it, if he can find its secret, seemingly impossible 46th room. Theres also the small matter of Mount Holly being, well, magical. Every day, its floor plan changes, asking you to piece it back together again making each journey to discover that secret room an entirely new challenge.If that sounds a bit confusing, thats entirely the point. Blue Prince is remarkably light on traditional tutorials, instead dropping hints and tips in its shifting rooms along the way.Initially, youll need to throw yourself into the core process of drafting rooms upon opening each door you come across, youll draw three possible rooms that could be behind it, drawn from a pool of potentials. Some rooms are rarer than others, while others will only appear in specific place, but almost every one includes something to collect, a puzzle to solve, or a wider effect on your current run.Youll find keys (used to open locked doors, or trunks containing extra items), gems (used to draft rarer rooms), and coins (used in rooms with a shop function), as well as numerous items that offer extra abilities from a shovel that can dig up items hidden in patches of dirt, to a wrench that can permanently change how rare a specific room type can be.Your stated aim is to reach the Antechamber, a room at the far end of the house that contains some means of finding the rumored 46th room but there are so many other mysteries along the way. And this is where Blue Prince blows open expectations.Some rooms contain hints to puzzles in other rooms (get ready to take notes, as you might not see the room you need again for a while), others may need to physically connect, and some can have game-changing effects on the manor grounds themselves. Having played for numerous hours, the feeling of solving some of these puzzles is like little else Ive experienced in a game, relying on a wealth of knowledge about the rooms I could find, and how even incidental details in one room could be a major clue for another.In the early stages, the randomness of relying on not only drawing the right room, but having the right currency or item to actually complete a puzzle can feel frustrating. But progress enough and youll realise that there are ways to game the system, to bend the rules behind Blue Prince in your favor, or even unlock permanent upgrades.The deeper you look, the more there is here including room types I wouldnt want to spoil for fear of ruining your own moment of realization. Hours into the game, there are scribbled notes in my real-life journal, still pointing me to mysteries I havent solved, or puzzles Im not totally sure even exist I just have the hunch that something I found is meaningful.And thats the beauty of Blue Princes weird genre alchemy the fact that I cant quite put a finger on what kind of game this is means that it can keep tantalizing me, keep forcing me to guess at what might be important, and keep surprising me when I make a new discovery. Theres nothing else quite like it.Blue Prince will be released on April 10 for Xbox Series X|S and Windows PC, and is available day one with Game Pass. And with Xbox Play Anywhere, play on Xbox consoles, Windows PC, and cloud with full cross-entitlements and cross-saves.Blue PrinceRaw FuryGet it nowWelcome to Mt. Holly, the mysterious manor with shifting rooms. In Blue Prince, you embark on a genre-defying experience, filled with a unique mix of mystery, strategy, and puzzles that weave together to create an unpredictable journey. Will your explorative steps lead you to the rumored Room 46?DRAFTING YOUR JOURNEY Upon reaching a closed door in Mt. Holly, you decide what room appears behind it and each decision shapes your path as you navigate through the manor. Every door can reveal new and exciting chambers that contain their own unique challenges and secrets. But be careful how you draft, for each day the manors floor plan resets and the rooms you saw today may not be the same rooms you see tomorrow.EVERY STEP COUNTS Your progress each day is shaped by the rooms you select to draft and the tools you find within them. Items in the game can be used in a number of creative ways to fuel your exploration deeper into the house, allowing you to adopt unique strategies to combat the challenges that each day brings. Yet, tread wisely the house resets each dawn, erasing all but the permanent upgrades to your estate blueprint. That is, if you were clever enough to find one!A HISTORY IN THE MAKINGAs the heir of Mt. Holly, you have been tasked to explore its shifting halls in search of Room 46. Yet as your journey takes you further into the mansions depths, you start to discover that there is more lurking under the surface than a missing room. Investigate a past woven with the threads of blackmail, political intrigue, and the mysterious disappearance of a local childrens book author. The deeper you venture, the more you realize that the past is closer than it appears.

With the full breadth of Trumps tariffs slated to kick in on Wednesday, Apple is stockpiling iPhone inventory in the United States as quickly as possible. A new report from The Times of India today says that part of Apples strategy to limit the impact of these tariffs is to stockpile as much inventory as possible in the United StatesAccording to senior Indian officials cited in the report, Apple flew five planes full of iPhones and other products from India and China in just three days during the final week of March.Factories in India and China and other key locations had been shipping products to the US in anticipation of the higher tariffs, one source to The Times of IndiaApple currently assembles the entire iPhone 15 and iPhone 16 lineups in India as well as China. A 10% baseline tariff on all imports into the United States kicked in on Saturday. On April 9, the tariffs thatTrump has falsely labeled as reciprocalwill kick in. This will raise the tariff rate on imports from China to 54% and imports from India to 27%.By stockpiling as much inventory as possible in the United States, Apple can delay the impact of the tariffs. Its unclear just how much inventory Apple has on hand in the US right now, but if theres one thing I know, its to never doubt Tim Cooks supply chain prowess.If Apple is able to stockpile enough iPhone inventory in the US for the foreseeable future, it could stave off having to increase iPhone prices until the iPhone 17 launch this fall. Its other products, however, might not be so lucky. For example, most build-to-order configurations of the Mac ship straight from Apples factories in China to consumers in the United States.AAPL stock is down nearly 5% today and down 18% in the last five days on the impact of Trumps tariffs.and while I was writing this story, Trump took to social media to threaten an additional 50% tariff starting Wednesday on imports from China unless the country walks back its 34% retaliatory tariff. That would bring the total tariff on imports from China to a whopping 104%. You cant make this up.I will once again reiterate my advice from last week: if you need an Apple product, or think you might need one soon, buy it now.My favorite iPhone accessories:Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Tesla's stock continues to tumble amidst the economic chaos wreaked by Trump's tariffs.In early trading Monday, shares of the Elon Musk-owned automaker fell by more than 10 percent before bouncing back up to a loss offour to five percent as rumors and drama swirled.Strikingly, the stock did sink significantly lower than the $235.86 price that commerce secretary Howard Lutnick said Tesla would "never" fall to again, in an interview on Fox News just last month,when he urged the show's overwhelmingly conservative audience to buy in.The stock rout is a sobering indicator, given that Tesla was seen as one of the few automakers anticipated ostensibly to get a leg up from Trump's aggressive tariff policy, which slaps a 25 percent tax on imported cars, not to mention benefit from Musk's close ties with the president, who was willing to briefly turn the White House lawn into a Tesla showroom.Zooming out, though, the automaker's stock woes predate the incipient trade war. Fueled by Musk's growing unpopularity as he worked closely with president Trump to gut the federal government, Tesla shares have nosedived by 50 percent since reaching an all-time high in December.First-quarter deliveries weren't just disappointing but alarming: with a reported 13 percent drop, Tesla is on track to have an even worse year than it did in 2024, when it experienced its first decline in sales in history. Analysts took this to be a damning sign of the "unprecedented brand damage" Tesla has suffered, as protests and vandalism against the company rage across the country.Now, after Trump's "Liberation Day"tariffs, even die-hard investors are seeing the writing on the wall. Noted Tesla bull Daniel Ives, a Wedbush Securities analyst, cut his price target for Tesla in half, downgrading it from $550 to $315.And even that outcome may be optimistic. Tesla's won't be wholly unscratched by the tariffs, even though all its cars are manufactured in the US. The tariffs also apply to car parts, some of which Tesla imports (as does every automaker), raising its production costs. Musk admitted as much."Important to note that Tesla is NOT unscathed here," Musk said of the tariffs in a tweet days before they went into effect. "The cost impact is not trivial."Ives agrees, but fears that the impact may be more drastic."The tariffs in their current form will disrupt Tesla, the overall supply chain, and its global footprint which has been a clear advantage over the years versus rising competitors like BYD," Ives told clients in a note Sunday, as quoted by Bloomberg.More pressingly, from Tesla's point of view, the fallout from the trade war could see more Chinese consumers its second largest market turn to domestic options, Ives argues. The above-mentioned BYD has already overtaken Tesla as the largest EV maker in the world, in terms of sales and revenue. It could now lengthen its lead.Share This Article

Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps but in job offers, hardware, and cloud services we rely on every day.Hackers don't need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough.This week, we trace how simple oversights turn into major breaches and the silent threats most companies still underestimate.Let's dive in. Threat of the WeekUNC5221 Exploits New Ivanti Flaw to Drop Malware The China-nexus cyber espionage group tracked as UNC5221 exploited a now-patched flaw in Ivanti Connect Secure, CVE-2025-22457 (CVSS score: 9.0), to deliver an in-memory dropper called TRAILBLAZE, a passive backdoor codenamed BRUSHFIRE, and the SPAWN malware suite. The vulnerability was originally patched by Ivanti on February 11, 2025, indicating that the threat actors studied the patch and figured out a way to exploit prior versions to breach unpatched systems. UNC5221 is believed to share overlaps with clusters tracked by the broader cybersecurity community under the monikers APT27, Silk Typhoon, and UTA0178.See Zero Trust + AI in Action Top NewsEncryptHub Unmasked as a Likely Lone Wolf Actor An up-and-coming threat actor operating under the alias EncryptHub has been exposed due to a series of operational security blunders. What distinguishes EncryptHub from other typical cybercriminals is the dichotomy of their online activities while conducting malicious campaigns, the individual simultaneously contributed to legitimate security research, even receiving acknowledgment from the Microsoft Security Response Center (MSRC) last month for discovering and reporting CVE-2025-24061 and CVE-2025-2407. Another interesting aspect of EncryptHub is their use of OpenAI ChatGPAT as a "partner in crime," leveraging it for malware development and translation tasks. In some particularly revealing conversations with the artificial intelligence (AI) chatbot, EncryptHub asked it to evaluate whether he was better suited to be a "black hat or white hat" hacker and if would be better being a "a cool hacker or a malicious researcher," even going to the extent of confessing to his criminal activities and the exploits he had developed. "When people think of cybercriminals, they tend to imagine high-tech, government-backed teams and elite hackers using cutting-edge technology," Outpost24 said. "However, many hackers are normal people who at some point decided to follow a dark path."GitHub Action Supply Chain Traced Back to SpotBugs PAT Theft The cascading supply chain attack that initially targeted Coinbase before becoming broader in scope to single out users of the "tj-actions/changed-files" GitHub Action has been traced further back to the theft of a personal access token (PAT) associated with another open-source project called SpotBugs. The origins of the sophisticated breach are slowly coming into focus amid continued investigation, revealing how the initial compromise happened. It has now emerged that the popular static analysis tool, SpotBugs, was compromised in November 2024, using it as a stepping stone to compromise "reviewdog/action-setup," which subsequently led to the infection of "tj-actions/changed-files." This was made possible due to the fact that the maintainer of reviewdog also had access to SpotBugs repositories. The multi-step supply chain attack eventually went on to expose secrets in 218 repositories after the attackers failed in their attempt to breach Coinbase-related projects.Contagious Interviews Adopts ClickFix and Spreads Fake npm Packages The North Korean threat actors behind the ongoing Contagious Interview campaign have been observed adopting the infamous ClickFix social engineering strategy to deliver a previously undocumented backdoor called GolangGhost. The adversarial collective have also published as many as 11 npm packages that deliver the BeaverTail information stealer malware, as well as a new remote access trojan (RAT) loader. The packages were downloaded more than 5,600 times prior to their removal. Meanwhile, North Korean IT workers are expanding their efforts beyond the U.S., and are seeking to fraudulently gain employment with organizations around the world, especially in Europe. Google researchers called out the IT warriors for engaging in "a pattern of providing fabricated references, building a rapport with job recruiters, and using additional personas they controlled to vouch for their credibility." What's more, they are increasingly attempting to extort money from these companies once they get discovered and/or fired. In recent years, the U.S. government has made a concentrated push to raise awareness about the insider threat operation, to root out and punish U.S.-based facilitators of the fraudulent scheme, to uncover the IT workers and front companies that help these workers conceal their true origin, and to help organizations detect the risk before it's too late. In all probability, these heightened law enforcement efforts have caused the operators of the scheme to focus more on targets located elsewhere, while also driving them to embrace more aggressive measures to maintain revenue streams.Phony Versions of Android Phones Come Preloaded with Triada Malware Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be pre-installed with a modified version of an Android malware called Triada. A majority of infections have been reported in Russia. It's believed that the infections are the result of a hardware supply chain compromise, although Triada has been observed propagated via unofficial WhatsApp mods and third-party app marketplaces.Bad Actors Abuse mu-plugins to Stash Malware Threat actors are utilizing the WordPress mu-plugins ("must-use plugins") directory to stealthily run malicious code on every page while evading detection. Because mu-plugins run on every page load and don't appear in the standard plugin list, they can be used to stealthily perform a wide range of malicious activity, such as stealing credentials, injecting malicious code, or altering HTML output. Trending CVEsAttackers love software vulnerabilitiesthey're easy doors into your systems. Every week brings fresh flaws, and waiting too long to patch can turn a minor oversight into a major breach. Below are this week's critical vulnerabilities you need to know about. Take a look, update your software promptly, and keep attackers locked out.This week's list includes CVE-2025-22457 (Ivanti Connect Secure, Policy Secure, and ZTA Gateway), CVE-2025-30065 (Apache Parquet), CVE-2024-10668 (Google Quick Share for Windows), CVE-2025-24362 (github/codeql-action), CVE-2025-1268 (Canon), CVE-2025-1449 (Rockwell Automation Verve Asset Manager), CVE-2025-2008 (WP Ultimate CSV Importer plugin), CVE-2024-3660 (TensorFlow Keras), CVE-2025-20139 (Cisco Enterprise Chat and Email), CVE-2025-20212 (Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series), CVE-2025-27520 (BentoML), CVE-2025-2798 (Woffice CRM theme), CVE-2025-2780 (Woffice Core plugin), CVE-2025-31553 (WPFactory Advanced WooCommerce Product Sales Reporting plugin), CVE-2025-31579 (EXEIdeas International WP AutoKeyword plugin), and CVE-2025-31552 (RSVPMarker plugin). Around the Cyber WorldOracle Privately Confirms Data Breach Enterprise computing giant Oracle is reportedly informing its customers in private that it hackers compromised a "legacy" Oracle environment, exposing usernames, passkeys, and encrypted passwords, contradicting its consistent public denial about the incident. "The company informed customers that the system hasn't been in use for eight years and that the stolen client credentials therefore pose little risk," Bloomberg reported. An investigation by the U.S. Federal Bureau of Investigation (FBI) and CrowdStrike is reportedly ongoing. This is the second breach the company has acknowledged to clients in recent weeks. The intrusion is assessed to be separate from another hack at Oracle Health(formerly Cerner) that affected some U.S. healthcare customers last month. News about the breach came to light after an unidentified threat actor named "rose87168" attempted to sell data on BreachForums that they claimed to have stolen from the company's cloud servers. Multiple cybersecurity companies, including Black Kite, CloudSEK, CyberAngel, Hudson Rock, Orca Security, SOCRadar, Sygnia, and Trustwave, have analyzed and validated the data posted for sale online as directly extracted from Oracle. The attacker is believed to have exploited an unpatched vulnerability in Oracle Fusion Middleware (CVE-2021-35587) to compromise Oracle Cloud's login and authentication system and steal the data. "This exposure was facilitated via a 2020 Java exploit and the hacker was able to install a web shell along with malware," CyberAngel said. "The malware specifically targeted the Oracle IDM database and was able to exfil data." Security researcher Kevin Beaumont said "Oracle are attempting to wordsmith statements around Oracle Cloud and use very specific words to avoid responsibility," adding "Oracle rebadged old Oracle Cloud services to be Oracle Classic. Oracle Classic has the security incident. Oracle are denying it on 'Oracle Cloud' by using this scope but it's still Oracle cloud services that Oracle manage. That's part of the wordplay." CloudSEK has developed an online tool that allows organizations to check whether they are impacted by the data breach. Oracle's private acknowledgment also comes just days after the company was hit with a class action lawsuit over its handling of the security event.New Triton RAT Emerges in the Wild A new Python-based remote access trojan called Triton RAT allows threat actors to remotely access and control a system using Telegram. Written in Python, the malware is publicly available on GitHub and comes with capabilities to log keystrokes, run commands, record screens, gather Wi-Fi information, and steal passwords, clipboard content, and Roblox security cookies. "A Roblox security cookie is a browser cookie that stores the users' session and can be used to gain access to the Roblox account bypassing 2FA," Cado Security said. The disclosure comes as CYFIRMA detailed another RAT written in Python that uses Discord's API for command-and-control (C2) in order to execute arbitrary system commands, steal sensitive information, capture screenshots, and manipulate both local machines and Discord servers. U.S. DoJ Announces Recovery of $8.2M Stolen in Romance Baiting Scam The U.S. Department of Justice (DoJ) has announced the recovery of $8.2 million worth of USDT (Tether) that was stolen via a romance baiting (previously pig butchering) scam. According to a complaint filed in late February 2025, the scam targeted a woman in Ohio, who lost her entire life savings of approximately $663,352, after she responded to a text message from an unknown number in November 2023. While the initial conversation revolved around topics such as hobbies and religion, the victim was persuaded into opening an account at crypto.com and transferred her money into the account. "When the victim wanted to withdraw funds, her 'friend,' relented and said additional payments were needed and she complied," the DoJ said. "When the victim no longer had any funds left after making additional payments, her 'friend' began to threaten her that he would send his friends to 'take care of' her friends and family." Over 30 victims are estimated to have fallen for the scheme in total."ClickFix Used to Deliver QakBot The increasingly popular ClickFix technique has been used as a delivery vector to distribute the previously dormant QakBot malware. The attack pairs the malware with ClickFix, an endpoint compromise method that was first observed towards the end of 2024 and has since gained significant traction in recent months. It involves tricking a victim into running a malicious command under the pretext of fixing an issue, typically a CAPTCHA verification challenge.Flaw Disclosed in Verizon Call Filter Verizon's Call Filter app had a vulnerability that allowed customers to access the incoming call logs for another Verizon Wireless number through an unsecured API request to the "clr-aqx.cequintvzwecid.com/clr/callLogRetrieval" endpoint. But security researcher Evan Connelly, who discovered and reported the bug on February 22, 2025, found that the request containing the phone number used to retrieve call history logs was not verified against the phone number whose incoming call logs were being requested. This could open the door to a scenario where an attacker could have altered the request with another Verizon phone to retrieve their incoming call history. The vulnerability has since been addressed by Verizon as of March 25, 2025.GitHub Unveils Updates to Advanced Security Platform GitHub has announced updates to its Advanced Security platform after its secret scanning service detected over 39 million leaked secrets in repositories last year. This includes a free, organization-wide secret scan to help teams identify and reduce exposure, as well as the availability of GitHub Secret Protection and a new secret risk assessment tool that aims to offer "clear insights into your organization's exposure."New Ubuntu Linux Security Bypasses Detailed Three security bypasses have been discovered in Ubuntu Linux's unprivileged user namespace restrictions, which could enable a local attacker to exploit vulnerabilities in kernel components. The bypasses, which occur via aa-exec, busybox, and LD_PRELOAD, permit attackers to create user namespaces with elevated privileges. "These bypasses enable local attackers to create user namespaces with full administrative capabilities, which facilitate exploiting vulnerabilities in kernel components requiring powerful administrative privileges within a confined environment," Qualys said in a statement. "It is important to note that these bypasses alone do not enable complete system takeover; however, they become dangerous when combined with other vulnerabilities, typically kernel-related." Ubuntu, which acknowledged the issues, said it's working to "implement further tightening rules in AppArmor."Classiscam Targets Central Asia Classiscam is an automated scam-as-a-service operation that uses Telegram bots to create fake websites impersonating legitimate services in an attempt to deceive victims into sharing their financial details. The scam, also called Telekopye, essentially involves the fraudsters either posing as a buyer or a seller on online platforms to trick victims into transferring money for non-existent goods or services, or persuading the seller to use a delivery service for the transaction via a fake delivery website that seeks their financial information. These conversations happen over a messaging app like Telegram by claiming that "it is easier to communicate." Group-IB's investigation has found that more than ten financial institutions in Uzbekistan, including prominent banks and payment systems, have been targeted by phishing schemes, which employ bogus sites impersonating the services to obtain their customers' banking credentials. One such team engaged in the fraudulent scheme is Namangun Team, which has primarily provided phishing services aimed at Uzbekistan and Kyrgyzstan since late November 2024, allowing its customers to create phishing pages on the fly using their Telegram bot.Google Partners with NVIDIA and HiddenLayer for a New Model Signing Library Google, in collaboration with NVIDIA and HiddenLayer, has announced the release of a Python library called "model-signing" that offers developers a way to sign and verify machine learning (ML) models in an effort to bolster the security of the ML supply chain and safeguard against emerging threats like model and data poisoning, prompt injection, prompt leaking and prompt evasion. "Using digital signatures like those from Sigstore, we allow users to verify that the model used by the application is exactly the model that was created by the developers," the tech giant said. The development comes as Python officially standardized a lock file format as part of PEP 751. The new format, named pylock.toml, is a TOML-based format that records exact dependency versions, file hashes, and installation sources. The new standard "brings Python in line with other ecosystems like JavaScript (package-lock.json), Rust (Cargo.lock), and Go (go.sum)," Socket said. "While the PEP doesn't address all supply chain threats (such as typosquatting, maintainer account compromise, and concealed payloads), it lays the groundwork for better auditing and tamper resistance."Arcanum Trojan Distributed via Fortune-Telling Sites A new trojan called Arcanum is being distributed via websites dedicated to fortune-telling and esoteric practices, masquerading as a "magic" app for predicting the future. The app, while offering seemingly harmless functionality, connects to a remote server to deploy additional payloads, including the Autolycus. Hermes stealer, the Karma.Miner miner, and the Lysander.Scytale crypto-malware. The captured information is subsequently exfiltrated to an attacker-controlled server. The emergence of the malware coincides with the discovery of a credit card skimmer malware codenamed RolandSkimmer that targets e-commerce users in Bulgaria by means of a Windows shortcut (LNK) file distributed via ZIP archives. The LNK file then initiates a multi-step process that installs a malicious browser extension on web browsers to steal credit card information. "The attackers employ carefully crafted JavaScript payloads, misleading manifest files, and obfuscated VBScripts to maintain persistence across sessions and evade detection," Fortinet said.Identity-Based Attacks on the Rise Attackers are relying heavily on credential-enabled access points to infiltrate networks and power their operations, rather than using more complex methods like exploiting vulnerabilities or deploying malware, according to Cisco Talos. Ransomware gangs, in particular, are known to use stolen-but-valid credentials procured from initial access brokers (IABs) as a means of initial access into corporate networks. IABs, in turn, leverage commercially-available information stealers like Lumma to capture users' credentials. This is also exacerbated by the fact that many users recycle passwords across multiple services, creating a "ripple effect of risk" when their credentials are stolen. Based on traffic observed between September and November 2024, 41% of successful logins across websites protected by Cloudflare involve compromised passwords, per the web infrastructure company. What's more, valid VPN credentials could be abused to gain unrestricted access to sensitive systems, often with elevated privileges that mirror those of legitimate employees or administrators. The use of legitimate credentials by threat actors entirely bypasses security barriers, giving them a "direct path to infiltrate networks, steal data, and deploy ransomware undetected." "Identity-based attacks are attractive to threat actors because they can allow an adversary to carry out a range of malicious operations, often with minimal effort or without meeting much resistance from a security standpoint," the company said. "This is due in large part to the activity being difficult to detect because it emanates from seemingly legitimate user accounts." Data gathered by the company shows that Identity and access management (IAM) applications were most frequently targeted in MFA attacks, accounting for 24% of all attacks targeting multi-factor authentication (MFA).Iran-linked OilRig Targets Iraqi Entities The Iranian hacking group known as OilRig (aka APT34) has been attributed to a series of cyber attacks against Iraqi state entities since 2024 that involve the use of spear-phishing lures to deploy a backdoor that can execute commands, gather host information, and upload/download files. The backdoor makes use of HTTP and email for C2 communications. "The former secretly sends control instructions based on the characteristic value of the body content, and the latter uses a large number of compromised Iraqi official government mailboxes for email communication," ThreatBook said.Security Flaws in PyTorch Lightning Five deserialization vulnerabilities have been disclosed in PyTorch Lightning versions 2.4.0 and earlier that could be potentially exploited to execute malicious code when loading machine learning models from unknown or untrusted sources. "These vulnerabilities arise from the unsafe use of torch.load(), which is used to deserialize model checkpoints, configurations, and sometimes metadata," the CERT Coordination Center (CERT/CC) said. "A user could unknowingly load a malicious file from local or remote locations containing embedded code that executes within the system's context, potentially leading to full system compromise." CERT/CC said the issues remain unpatched, requiring that users verify the files to be loaded are from trusted sources and with valid signatures.Russian Firm Offers $4 Million for Telegram Exploits Operation Zero, a Russian exploit acquisition firm, says it is willing to pay up to $4 million for full-chain exploits targeting the popular messaging service Telegram. In a post shared on X, the zero-day vulnerability purchase platform said it will pay up to $500,000 for exploits that can achieve 1-click remote code execution (RCE) and $1.5 million for those that can be weaponized to achieve RCE sans any user interaction (i.e., zero-click). "In the scope are exploits for Android, iOS, Windows. The prices are depending on limitations of zero-days and obtained privileges," Operation Zero said. Exploit brokers often either develop or acquire security vulnerabilities in popular operating systems and apps and then re-sell them for a higher price to clients of interest. For Operation Zero to single out Telegram makes sense, given that the messaging app is popular with users in both Russia and Ukraine. A Telegram spokesperson told TechCrunch that the messaging platform has "never been vulnerable" to a zero-click exploit. The development comes as details emerged about a zero-day flaw in Telegram's macOS client that could be exploited to achieve RCE. Early last month, security researcher 0x6rss also disclosed an updated version of the EvilVideo flaw in Telegram (CVE-2024-7014), which bypasses existing mitigations via .HTM files. "A file with an '.htm' extension is disguised as a video and sent via the Telegram API, and while the user expects a video, the JavaScript code inside the HTML is actually executed," the researcher said. The new exploit has been codenamed EvilLoader.What are the Most Common Passwords in RDP Attacks? They are 123456, 1234, Password1, 12345, P@sswOrd, password, Password123, Welcome1, 12345678, and Aa123456, according to Specops, based on an analysis of 15 million passwords used to attack RDP ports. "Attackers are on the lookout for exposed RDP servers as these can be easy targets for brute force attacks," the company said. "Additionally, attackers may conduct password spraying attacks on RDP servers and try known breached credentials on exposed servers." Expert WebinarShadow AI Is Already Inside Your Apps Learn How to Lock It Down AI tools are flooding your environment and most security teams can't see half of them. Shadow AI is quietly connecting to critical systems like Salesforce, creating hidden risks that traditional defenses miss. Join Dvir Sasson, Director of Security Research at Reco, to uncover where AI threats are hiding inside your SaaS apps, real-world attack stories, and how leading teams are detecting and shutting down rogue AI before it causes real damage.Secure Every Step of the Identity Lifecycle Before Attackers Exploit It Today's attackers are using AI-driven deepfakes and social engineering to bypass weak identity defenses. Securing the entire identity journey from enrollment to daily access to recovery is now essential. Join Beyond Identity and Nametag to learn how enterprises are blocking account takeovers, securing access with phishing-resistant MFA and device trust, and defending against AI threats with Deepfake Defense. Cybersecurity ToolsGoResolver Golang malware is tough to reverse obfuscators like Garble hide critical functions. GoResolver, Volexity's open-source tool, uses control-flow graph similarity to recover hidden function names and reveal package structures automatically. Integrated with IDA Pro and Ghidra, it turns opaque binaries into readable code faster. Available now on GitHub.Matano It is a serverless, cloud-native security data lake built for AWS, giving security teams full control over their logs without vendor lock-in. It normalizes unstructured security data in real time, integrates with 50+ sources out of the box, supports detections-as-code in Python, and transforms logs using powerful VRL scripting all stored in open formats like Apache Iceberg and ECS. Query your data with tools like Athena or Snowflake, write real-time detections, and cut SIEM costs while keeping ownership of your security analytics. Tip of the WeekDetecting Threats Early by Tracking First-Time Connections Most attackers leave their first real clue not with malware, but when they log in for the first time from a new IP, device, or location. Catching "first-time" access events is one of the fastest ways to spot breaches early, before attackers blend into daily traffic. Focus on critical systems: VPNs, admin portals, cloud dashboards, and service accounts.You can automate this easily with free tools like Wazuh (detects new devices and IPs), OSQuery (queries unknown endpoints), or Graylog (builds alerts for unfamiliar connections). More advanced setups like Microsoft Sentinel or CrowdStrike Falcon Free also offer "first seen" detection at scale. Simple rules like alerting when an admin account logs in from a new country or an unexpected device accesses sensitive data can trigger early alarms without waiting for malware signatures.Pro Move: Baseline your "known" users, IPs, and devices, then flag anything new. Bonus points if you combine this with honeytokens (fake credentials) to catch intruders actively probing your network. Remember: attackers can steal credentials, bypass MFA, or hide malware but they can't fake never having connected before.ConclusionIn cybersecurity, the threats that worry us most often aren't the loudest they're the ones we never see coming. A silent API flaw. A forgotten credential. A malware-laced package you installed last month without a second thought.This week's stories are a reminder: real risk lives in the blind spots.Stay curious. Stay skeptical. Your next breach won't knock first.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Alan Cumming is excited and amazed to return to Marvel in Avengers: Doomsday.The 60-year-old actor portrayed Nightcrawler in 2003's X2: X-Men United and is set to reprise his role in the upcoming Marvel Cinematic Universe blockbuster, and has now revealed a big reason he agreed to return was because the makeup process to get into character has been streamlined.Speaking with fellow X-Men star Olivia Munnon Collider, Cumming said: Isnt it nuts? Im excited and amazed. Its been 23 years since I was a superhero.Ive had some makeup tests already for the role, but whats great about it was that before it was about four and a half hours to apply it, but now its only 90 minutes ... Before, all of the tattoos were done by hand. They hadnt decided on them before we started filming. Now, they just stick onto my face. It's a game changer.Im going back to being a 60-year-old superhero, and everyone seems really lovely.The Spy Kids star also revealed Avengers: Doomsday begins shooting quite soon in London, and teased the film is going to be nuts.In addition toCumming, other X-Men alums returning for Avengers: Doomsday, which will be followed by Avengers: Secret Wars in 2027, include Patrick Stewart (Professor X), Ian McKellen (Magneto), James Marsden (Cyclops), Kelsey Grammer (Beast) and Rebecca Romijn (Mystique).MarvelMarvelloading...READ MORE: Every MCU Movie, Ranked From Worst to BestAvengers: Doomsday will see the Avengers, Fantastic Four, Thunderbolts and the X-Men team up in an effort to stop the dreaded Doctor Doom (Robert Downey Jr.).While several X-Men stars will be returning for Avengers: Doomsday, Halle Berry, who played Storm from 2000s X-Men to X-Men: Days of Future Pastin 2014, recently admitted she had no plans to make Marvel movies again.Asked if she would consider coming back to the genre, she simply toldExtra: Nope!Avengers: Doomsday opens in theaters on May 1, 2026.Get our free mobile appMarvel Characters Who Arent in Avengers: DoomsdaySome of Marvels most popular stars were no-shows in the Avengers: Doomsday cast list.

Be essential at Cars CommerceAt Cars Commerce, were fanatical about simplifying everything about car buying and selling. We do right by our customers and consumers to better connect the industry with simplified and tierless technology to enhance, measure and drive local automotive retail. Whether through our No.1 most recognized marketplace, Cars.com, our industry-leading digital experience, Dealer Inspire, our trade and appraisal technology, AccuTrade, or our new Cars Commerce Media Network, Cars Commerce is essential for success in the automotive industry.No one ever travels alone here: at its core, Cars Commerce is collaboration. In fact, its built into the very fabric of our shared values. We like to say we Rise Together putting people at the center of what we do, from consumer to customer to community. Life at Cars Commerce makes it easy when we share the ethos to be Open to All, encouraging open-minded communication because we know diverse thinking yields better outcomes. But critical to our success is Caring to Challenge and Taking Ownership, fueling a competitive spirit in a respectful environment where we think about tomorrow but act today. At our foundation, we have integrity, Doing the Right Thing, even when its hard. Its our shared commitment to these values that makes Cars Commerce a place where growth becomes not only possible, but downright unavoidable.But dont take our word for it. As a U.S. News & World Report Best Company to Work For in 2024, we're obsessive about the employee experience. We are among the top 20% being declared Best of our industry based on six critical factors that are important to employee wellbeing, like quality of pay, benefits, work life balance and more.

The competition invites architects and designers to put forward proposals for a new revolutionary, new-age, innovative house which could be constructed anywhere within the country bordering the Persian Gulf.Organised by Buildner and supported by the Sheikh Zayed Housing Programme and Mohammed bin Rashid Centre for Government Innovation the contest aims to identify a 170,000 (800,000 AED) housing concept which could be added to the current list of housing options for Emirati citizens to choose from when building their future home.The call for concepts comes two years after Buildner hosted Dubais first House of the Future competition which was won by a Lebanese team featuring Mohamed Al Mufti, Souaid Georges and Natalie Elmir whose proposal harnessed traditional wind catchers, water basins, compact volumes and materiality.AdvertisementAccording to the brief: As the second competition in the series following the success of the first House of the Future 2023/24, we continue our exploration into the future of living spaces for Emirati citizens in United Arab Emirates.This year, in collaboration with the Sheikh Zayed Housing Programme, we remain steadfast in our mission: to find innovative designs that resonate with the architectural aesthetic of the UAE and address the functional needs of its people.The assignment does not change; we are looking for visionary concepts that offer a fresh take on the Emirati home, balancing tradition with modernity.Dubai is the most populous city in the UAE and in 2022 became the first city within the Middle East, Africa, and South Asia region to host a world expo. The House of the Future contest comes five years after London-based IJP Architects and engineer AKT II won a competition to design a 230m-long footbridge in Dubai.The latest House of the Future competition seeks proposals for a new 300m home for four to six people that could be built anywhere within Dubai. Proposals will be expected to balance quality, sustainability, flexibility, speed of construction, and cost-effectiveness.AdvertisementJudges will include Andrew Mason, director of contracts at Calatrava International; Charles Walker, director of Zaha Hadid Architects; Alison Brooks, founder of Alison Brooks Architects; Will Plowman, partner at Foster + Partners; and Sumaya Dabbagh, founder of Dabbagh Architects.The overall winner to be announced on 15 July will receive a 140,000 top prize and see their project taken forward for construction. A second prize of 45,000 and third prize of 20,000 will also be awarded along with a special innovation award worth 45,000.Competition detailsProject title House of the Future 2Client Dubai GovernmentContract value 250,000First round deadline 30 April 2025Restrictions The registration fee is 210 for professionals and 190 for studentsMore information https://architecturecompetitions.com/houseofthefuture2/