Following our previous visit to CRÈME, we are keeping our Meet Your Next Employer series in New York City this week to explore the work of Joseph Vance Architects. Located in Chelsea, the firm has built a portfolio over thirty years focused on high-end, custom residential projects both new-build and renovated. “The homes we design are well balanced, focus on bringing in natural light, use warm materials, and are executed with a rarefied attention to detail,” the firm says about its approach. Over on Archinect Jobs, the firm is currently hiring for an Intermediate Architect/Designer to join their New York City team. For candidates interested in applying for a position or anybody interested in learning more about the firm’s output, we have rounded up four townhouses in the city by Joseph Vance Architects that exemplify the firm’s ethos. Brooklyn Townhouse. Image credit: Mikiko KikuyamaBrooklyn Townhouse, New York, NY Joseph Vance Architects’ renovation of a brick townhouse in Cobble H...

Architizer’s Vision Awards are back! The global awards program honors the world’s best architectural concepts, ideas and imagery. Preregistration is now open — click here to receive program updates. To design a building is typically to design for function, and a structure is often a solution. Yet, every now and then, we come across a building that has wriggled free of purpose altogether. It is too small to occupy, odd to ignore, or deliberate to be dismissed as a work of art. Commonly, these forms are follies. Follies first emerged in 18th-century Europe, mostly in gardens owned by wealthy people with elaborate titles and questionable taste. Built to look like crumbling towers, classical temples, or pastoral ruins, follies had no real use other than to decorate the landscape or give guests something to walk towards. They were expensive jokes, architectural one-liners, and metaphors that were often expressions of grief or ego. Never utility. The name stuck because it fit, to design and build a folly was indeed a folly of an undertaking. Today, they’re back. Or at least something like them is. Architects and artists are once again building structures that don’t do much in the traditional sense. Some are installations, some are pavilions. You’ll find them tucked into sculpture parks, floating on lakes, hidden in woodland, or standing stubbornly in public squares. Occasionally, they offer shelter or act as decoration. A few endeavor to educate. Many are content to simply be objects. But each one earns its place through character rather than purpose by provoking, surprising, or simply refusing to explain itself to the likes of you and me. This collection gathers recent projects that pick up where the folly left off. Each asks the same question in its own way: What if architecture didn’t need a reason to make sense and was just an idea made oddly, beautifully visible? IKAL By Cabrera Arqs / Enrique Cabrera Arquitecto, Chicxulub Pueblo, Mexico Photos by Enrique Cabrera IKAL doesn’t house much, but it holds a mood. This circular structure, cast in chukum and open to the stars, sits contentedly in the Yucatán landscape. A simple cosmic observatory without a telescope. From above, it resembles a crater or a sacred mark; from within, it’s more chapel than much else. There’s no signage and no explanation. But a slice of sky and a feeling that something larger might be at play is all it needs. Whether it’s architecture or ritual theatre is beside the point. As a folly, it’s perfect: form without function, but heavy with meaning. Folly Kometenplein By bureau SLA, Hoofddorp, Netherlands Photos by Thijs Wolzak It looks like it might unfold, fly away or implode — but for now, it sits cheerfully in a Dutch square, waiting for a food truck or a passing stranger to give it something to do. This bright triangular structure, part pavilion, part transformer, can be opened or closed depending on its mood (or at least on its configuration). There’s a bar counter six meters in the air that descends when needed. Two sides shift, others stay still. It’s temporary, moveable and slightly absurd. A modern folly, then, with decent hydraulics. Katenara By Building Simplexity Laboratory (BSL), The University of Hong Kong, Taichung, Taiwan If you were to sketch a catenary curve on a napkin and then build it using nothing but glulam, tension cables and parametric software, you’d end up somewhere near Katenara. Suspended in a forest park, this pavilion is part shelter, part algorithm, a timber swoop that demonstrates how low-tech and high-design can intersect. It’s not particularly useful — though it does keep rain off your head — but as an elegant experiment in form-making, it’s a reminder that architectural play need not require a brief, only curiosity. Songyi Theater By Kong Xiangwei Studio, Shandong, China Photos by Archi Translator In a pine forest earmarked for clearing, a handful of silver ‘trees’ now rise instead. Songyi Theater is as much a stage as a sculpture garden. It’s highly theatrical, enchantingly reflective, and intentionally ambiguous. Its mirrored trunks catch the sun while its sinuous seating curls through the undergrowth. Visitors wander, perform, or do nothing at all. It invites pause more than applause. The designer reportedly worked on-site without drawings, shaping the folly through direct conversation with the land. Which is possibly the most poetic kind of indulgence. Living Knitwork Pavilion By Wicaksono & Co, Nevada Photos by Irmandy Wicaksono Built for Burning Man (folly heaven) and powered by solar panels and theremin-like sensors, Living Knitwork is half spacecraft, half soft sculpture. Woven from conductive yarns and shaped like a techno-dodecahedron, it hums quietly when you get too close, lights up when you move, and tells stories through embedded textiles. No one asked for an interactive knitted folly with real-time spatial audio, but here it is anyway. Part shade structure, part glowing oddity, wholly unnecessary and utterly captivating. Louis Vuitton – Pavilion Nomad By MARC FORNES / THEVERYMANY, Milan, Italy Photos by naaro It landed at Milan Design Week like a metallic squid. Nomad is a traveling pavilion, made from thousands of riveted aluminium parts that shimmer like mercury and weigh next to nothing. Its rounded geometry hides the precise engineering; its globular form contains no straight lines, only curves and voids. It references the palazzo that surrounds it but belongs to nowhere in particular. It’s light, portable, unplaceable and all the better for it. Architecture that goes wherever it pleases? That’s a folly in motion. Flourish Bamboo Dome By Studio A-light, Taiwan Photos by Fixer Photographic Studio There are flowers, misting systems, and suspended planters, but the real flourish in Flourish is structural. This bamboo dome in rural Taiwan reimagines the idea of a greenhouse, becoming a floating spring spiral, using heat-treated Makino bamboo to create soaring arches and delicate curves. It’s anchored with floral islands and clad in agricultural mesh, yet it feels closer to a cathedral than a farm shed. As a folly, it’s unusually practical, but its exuberance, scale and sheer agricultural theatre make it a worthy outlier. Concrete Pavilion By LIN Architecture, China Photos by Chen Zhitong and Zhuo Hongduo This concrete object looks like it might once have been useful. Maybe a chapel? A pumping station? A monument? No one seems entirely sure, which only adds to its charm. LIN Architecture’s composition of angled roofs, fractured windows, skewed platforms and half-arches creates a building that feels both ancient and improvised, maybe even otherworldly. The interior is fragmented, lit by unexpected slits and skylights. It’s too serious to be a playground and too strange to be symbolic. It doesn’t explain itself, and that, of course, is entirely the point. Architizer’s Vision Awards are back! The global awards program honors the world’s best architectural concepts, ideas and imagery. Preregistration is now open — click here to receive program updates. The post Gloriously Unnecessary: The Return of the Architectural Folly appeared first on Journal.

Sony has announced that the PS5 console will be getting price hikes in regions across Europe, Australia and New Zealand. In a post on the PlayStation Blog, the company has confirmed that, while some regions will only see a price hike for the PS5 Digital Edition, others will also be getting higher price tags for the standard PS5 with the Blu-ray disc drive. Europe and UK will not be getting price hikes for the standard PS5. Australia and New Zealand, on the other hand, will be seeing price hikes across the board. The company has also confirmed that the additional Disc Drive for PS5 will be getting a price hike across these regions as well. The PS5 Pro, on the other hand, will not be seeing any changes in its price. Sony has also stated that other regions part of its EMEA market (Europe, Middle East and Africa) might also get price hikes down the line. The company has referred to these price hikes as having been made “with a backdrop of a challenging economic environment,” that have forced it to re-evaluate some of its pricing. This price hike comes shortly after the company had also announced last week that the price of PlayStation Plus subscriptions would be going up across various regions. This includes Australia, Korea, Southeast Asia, and 15 Latin American countries. Check out the changes in pricing below. Europe: PS5 Digital Edition – €499.99 Disc Drive for PS5 – €79.99 UK: PS5 Digital Edition – £429.99 Disc Drive for PS5 – £69.99 Australia: Standard PS5 with Ultra HD Blu-ray disc drive – AUD $829.95 PS5 Digital Edition – AUD $749.95 Disc Drive for PS5 – AUD $124.95 New Zealand: Standard PS5 with Ultra HD Blu-ray disc drive – NZD $949.95 PS5 Digital Edition – NZD $859.95 Disc Drive for PS5 – NZD $139.95

"Video games franchises are now ripe for the picking" – why A Minecraft Movie could lead to games taking over Hollywood The Minecraft adaptation makes gaming's future on the big screen seem undeniable Image credit: Warner Bros Feature by Samuel Roberts Editorial Director Published on April 14, 2025 Box office analysts expected A Minecraft Movie to make $70 to $90 million on its opening weekend in the US – instead, it made $157 million, and has now passed half a billion worldwide following its second weekend. Not bad for a movie that was stuck in development hell for years and years, passing between different directors before landing with Napoleon Dynamite's Jared Hess. The success of the film clearly took some by surprise, but anyone who's tuned in to the continuous success of Minecraft is perhaps less taken aback. "Minecraft itself is a cultural juggernaut – over 300 million copies sold, and a fanbase spanning kids to adults who’ve been building pixelated empires for years," Jeff Bock, Senior Box Office Analyst at Exhibitor Relations tells GamesIndustry.biz. "That’s a massive built-in audience hyped for anything with creepers and diamond pickaxes. The film leaned into this with a star-studded cast – Jack Black as Steve and Jason Momoa which probably pulled in casual viewers who trust those names as they’ve starred in many comparable hits." "Now, even the staunchest of naysaying movie executives will be convinced." Rhys Elliott, Alinea Analytics The film's success seems significant in a year where movies based on traditional family-friendly Hollywood properties – like Snow White and Captain America: Brave New World – are faltering. Minecraft has a uniquely young-skewing audience, which is still where Hollywood tends to find a lot of box office success following the footfall challenges of the post-pandemic era. "I think the Minecraft movie only exceeded expectations for traditional movie analysts and critics who … dare I say it … have been mostly in their own bubble," says Rhys Elliott, Head of Market Analysis at Alinea Analytics. "Anybody with an interest in the games market – or who has raised a young child in the past decade – knew Minecraft would be a hit movie," Elliott says. "The number of copies of Minecraft that have been sold are roughly equal to the US population." Bock says A Minecraft Movie's success is also the result of studio Warner Bros. picking the right release window and marketing the film correctly. As an adaptation, too, it's connecting with audiences, regardless of their knowledge of Minecraft – if not critics, who dinged it with a 46% average on Rotten Tomatoes, or more seasoned film fans on the Letterboxd app, where it has a 2.8/5 user score. "Most importantly, there’s the timing – April 2025 meant spring break crowds and no major competing blockbusters. Warner Bros. marketed this hard, with trailers dropping early (September 2024) to build hype. Plus, Minecraft’s open-ended vibe let the filmmakers get creative, blending game lore with a fish-out-of-water story that didn’t alienate non-players." Image credit: Warner Bros. Pictures Video game adaptations breaking into the mainstream is not a new thing at this point, either in TV or film. But the unprecedented scale of the Mario and Minecraft movies' success changes the conversation around feature films more specifically. "The Mario movie was the biggest turning point for studios realising the potential of games," Elliott says. "It grossed over $1.3 billion worldwide, making it not only the biggest game adaptation ever (by revenues) but also the second-biggest animated movie. The Sonic trilogy has also been huge. "The Mario movie even outperformed juggernauts like Frozen and Despicable Me. If studios weren’t paying attention to games before, they certainly were after Mario. And now Minecraft is another feather in that cap. It’s outperformed Barbie in the US box office, and it’s even tracking decently in China so far." "Now, even the staunchest of naysaying movie executives will be convinced," Elliott says. Coincidence or not, it was a sign of confidence that movie studio A24 revealed the director of the Death Stranding adaptation one day after Minecraft's opening weekend haul. While the crossover in audience demographic between the two is likely minimal, video games remain relatively untapped by Hollywood, and do offer cinemagoers the kinds of worlds they've never seen on the big screen before. And now, movie executives have more reasons than ever to put them there. The key thing, of course, is that the adaptation needs to be right. Superhero movies have arguably declined in quality over the past five years, suggesting that diminishing box office returns aren't just tied to waning interest in the subject matter. Video games adaptations are equally as susceptible if they're not good enough. "Movie and TV studios should not look to gaming as a silver bullet," Elliott says. "As Mario, Minecraft, and Pokémon are the biggest brands of all time with huge generation-spanning fan bases. Both IP licensees and licensors also need to treat the source material with respect, or risk diluting the IP in question and the reputation of the adapting studio. "Games are not an IP slot machine and their fandom should be respected. Things need to be authentic and respect the fandom. Going forward, we expect to see some poor video game adaptations from studios that are looking to jump on the trend’s hype train without planning their approach properly, which we saw with the Borderlands movie. "Such products will of course be outshined by the success stories, though, as they always are. Nobody is talking about the Borderlands movie anymore. We’ll be talking about the Mario and now Minecraft ones for years." "Don’t rock the boat, just float it. That should be the mantra for Hollywood attempting to adapt video games in the future." Jeff Bock, Exhibitor Relations Elliott suggests the magic combination is a mix of fitting the original IP, catering to die-hard fans in an authentic way, releasing at the right time and being accessible enough for new audiences to parse what's going on. It seems obvious, but a lot can go wrong in the making of a movie. Still, fulfilling those criteria has enabled Minecraft to avoid being touched by the cooler critical reception. Bock's assessment on what it takes for these movies to succeed is similar. "The numbers speak for themselves – huge fan base, and Hollywood listened – giving hardcore gamers exactly what they wanted. Don’t rock the boat, just float it. That should be the mantra for Hollywood attempting to adapt video games in the future." Elliott points out that the positive returns go both ways, too, with Alinea's sales data for PlayStation showing that Minecraft had sold more than 500,000 copies in March 2025 alone. Image credit: Alinea Analytics According to Elliott, the biggest opportunity for the industry could be one that hasn't happened yet: timing the release of a successful adaptation with a new game launch. "Candidly, I think we’re still waiting for the big success story in terms of timing." Elliott points to the lack of a 'new entry point' for the Fallout series as an example of a missed opportunity, even if it led to huge sales bumps for existing titles like Fallout 4 and Fallout 76. "Success stories, including the recent Minecraft adaptation, have proven that game franchises can captivate mainstream audiences and lead to new games sales, [but] the games industry is not fully harnessing the transmedia potential," Elliott says. "Despite soaring viewership, cultural relevance, and peaks for older games, two critical gaps persist for the games market: the lack of accessible gaming entry points for new fans and the absence of timely, revenue-driving game content tied to adaptations. "When games or updates are not released alongside adaptations, audience excitement tends to dissipate. It’s a missed opportunity." That's likely because publishers are wary about conflating a game's marketing campaign with a TV show or movie where they have less control over the creative output. If one doesn't work out, it could damage the other. But, there's also opportunity in getting both parts right at the same time. Elliott points to the Mario movie's release in April 2023 and the launch of Super Mario Wonder in October 2023 as an example of the strategy not being joined up in the most profitable way. "Could you imagine if Wonder and the Mario Movie launched on the same day? I have a feeling Wonder would have sold far more than the 15.5 million copies it had sold as of the end of December. They should have been selling that thing in the cinemas." Mojang, for its part, hosted a collaboration with the movie in Minecraft, capitalising on the audience interest, and continues to deploy major updates for the game regularly. "We still have a long way to go in terms of launches, but I think the future is bright for game-based transmedia," Elliott says. As A Minecraft Movie lurches towards a billion-dollar box office haul worldwide, Bock suggests video games are the right source material for Hollywood's future bets. "The success of video game adaptations come down to a variety of factors, but most importantly, these are vibrant myths that have massive fanbases, and, in some cases, have been creating new installments and upgrades for decades. "Video games franchises are now ripe for the picking."

The company is asking consumers to pay more for console hardware in Europe, Australia, New Zealand, EMEA, and the UK.

The following article contains spoilers for The Last of Us season 2, episode 1, “Future Days.”The Last of Us is back for a second season, and – naturally – this time we’re seeing an adaptation of the second game in the series. However, showrunners Craig Mazin and Neil Druckmann have taken a different approach this time around. Where the first season was largely a one-to-one recreation of the game, with a huge chunk of the runtime dedicated to replicating the original cutscenes in live action, this second season appears to be making more changes to the game’s story. Events are restructured, reordered, and recontextualised with the addition of new characters and story ideas.That’s not to say that the scenes we know and love have been scrapped, though - far from it. It’s just that they might not always be exactly how you remember them. And so we’ve taken the key moments from episode one that recreate the game and compared them against the source material, analysing what’s changed and what’s stayed the same. You can see both versions in the video above, or read on below for our written explanations. The Last of Us Season 2 Episode 1: TV Show vs Game ComparisonTommy’s Sniper SchoolDue to the show having been re-arranged to tell the story in a more linear fashion, the sequence in which Tommy teaches Ellie how to shoot across long distances is now one of the earliest scenes of The Last of Us season 2. In the game, this was told in flashback as part of the Finding Strings chapter, which occurs during day two of Ellie’s time in Seattle – many hours into the campaign.That’s not the only change. As you can see from the thick blanket of snow, the time of year is completely different. While Ellie and Tommy trek through the sun-kissed Wyoming mountains in the game, they’re lying prone in a freezing winter landscape in the show. There is a connection, though; in the game, Tommy mentions that hordes of infected move through this region in the winter. Since it’s currently winter in the show, perhaps such a horde will turn up in the next few episodes? Despite the changes to timeline and climate, the fundamentals remain the same. Show Ellie uses the same Springfield Armory M1A rifle as game Ellie does, while Tommy provides advice about how to snipe at shambling infected. He suggests she compensate her aim for distance, which is what you must do during this sequence in the game, as bullets drop over very long distances due to gravity. Ellie and Dina’s PatrolThe midpoint of the season two premiere sees Ellie and Dina head out on a patrol. This is one of the earliest sequences from the game, and is replicated quite closely. In both the game and show, Ellie takes Shimmer from the stables, gears up to head out, and is scolded by Jesse for being late. The most significant change here is that, where in the game Jesse lists off all the things that must be achieved on a patrol, in the show Dina sarcastically explains their goals before Jesse can instruct them. This helps construct the show’s version of Dina, who is more brash than her game counterpart. The conflict between Jesse and Dina helps set up the horseback conversation between the two women. This same chat, about Dina’s breakup with Jesse, also happens in the game, but Dina’s attitude to her former boyfriend is softer, discussing how Jesse’s parents will always feel like her family. In the show, the pair’s relationship is somewhat brushed off as more of an on/off thing. Both the show and game’s patrol is interrupted by the discovery of the gory corpse of an animal – in the game it’s a moose, while in the show it’s a bear. This encourages Ellie and Dina to search out the infected who killed it. The key difference here is that in the show Ellie and Dina are just two of a larger patrol that doesn’t want to get into any unwarranted danger. In the game, Ellie and Dina are patrolling on their own. Infected Attack Ellie and Dina’s search for infected brings them to the same place in both the game and the show: the Greenpeace Market. In both versions they climb over the store’s truck to enter via the upstairs window and proceed to search inside. From here the events diverge – in the show, the pair take down a clicker and then Ellie falls through the floor alone. In the game, both Ellie and Dina fall through the collapsing floor, and Dina saves them both from a clicker by shooting it several times. In the show, it’s not a clicker in the main store area but a stalker, a new, more intelligent infected type that doesn't appear until much later in the game. Ellie must face this foe alone, and the resulting fight sees the stalker bite her stomach, something that doesn’t happen in the game. Dina arrives too late to help, but by that point Ellie has already shot her attacker. This somewhat echoes an earlier scene from the game, in which Dina arrives to help a runner that’s attacking Ellie outside of the supermarket – in that instance Dina shoots the infected to save her partner.Barn DanceOne of the most famous scenes from The Last of Us Part 2 is recreated in almost perfect detail for the show, but once again it comes at a very different time thanks to the reordering of the story. The barn dance, during which Dina and Ellie kiss for the first time, was originally shown as a flashback and occurred just before the game’s final act, but in the show it's the last major scene of the season two premiere. Despite the shift to show this scene in chronological order, everything else about it remains largely the same, even down to the music, dance choreography, and camera direction. The dialogue between Ellie, Jesse, and Dina is almost word-for-word the same as the game’s original script, including Dina’s “I think they should be terrified of you.”The pair’s dance is once again interrupted by Seth, but Joel’s reaction to his bigotry is much more violent. In the game, Joel only shoves Seth to indicate his anger, but the show’s version of events sees Seth thrown to the floor. The OverlookThe episode’s final scene is a recreation of The Overlook section of the game’s first chapter. We see Abby and Owen climb up to an outcrop that overlooks the town of Jackson. In the game, Abby and Owen are talking, expressing relief of finding their goal and surprise at how large it is – “it’s a fucking city!” The show instead opts to keep the characters in total silence, building an ominous tension as they survey the town where their target lives. For more from The Last of Us, check out our spoiler-free season two review and our spoiler-filled review of the season premiere. We’ve also asked the show’s creators whether Joel was right to save Ellie, and spoken to them about the terrifying stalkers who appear in this episode. Matt Purslow is IGN's Senior Features Editor.

Ah, the 1990s! Stable economy, relative global peace, rich hucksters appearing in The Little Rascals instead of politics. What did we have to worry about? Nothing, really. And that’s why we had to make up trouble and put it on the big screen! The 1990s weren’t the first heyday of the disaster movie. That honor goes to the 1970s when producer Irwin Allen churned out star-studded hits like The Poseidon Adventure and The Towering Inferno, earning the title “The Master of Disaster.” But the 1990s versions might be more interesting, coming at a unique time in Hollywood and in the country in general. The rise of the internet supercharged the paranoia of the ’90s, turning suspicion into outright skepticism of the government and society. Moreover the release of Jurassic Park in 1993 inaugurated the rise of CGI graphics, changing special effects forever. That transition, for better or for worse, is all over these movies. So if you’re tired of the bad things in reality, take a look at these ’90s disaster films and enjoy some pretend bad things for a while. 10. Godzilla (1998) At this point, what is there to say about Godzilla ’98 that hasn’t already been said? Yes, it’s as bloated as it is boring. Yes, it’s an insult to the venerable franchise it tries to reinvent for Generation X. Yes, all of the problems that existed in director Roland Emmerich‘s predecessor Independence Day (more on that shortly) stand out more here due to a lackluster cast and impossible pacing. Yes, a disinterested, check-cashing Steven Spielberg did this movie’s climax better a year earlier in The Lost World: Jurassic Park. Really, the one last thing that needs to be said about Godzilla is that the poster rules. With its glowing green font, spotlights shining on a single shin, drawing the eye up above the buildings and into the darkness. That one image contains more awe and wonder than anything in the actual movie, and you don’t have to hear lame jokes about Roger Ebert’s weight to enjoy it. 9. Dante’s Peak (1997) There’s a mean streak to Dante’s Peak that sets it apart from 1997’s other volcano picture, the aptly-named Volcano. In the early “establish the hero’s trauma” scene, a piece of molten rock goes through the head of scientist Harry Dalton’s (Pierce Brosnan) wife. Later the children of Rachel Wando (Linda Hamilton), mayor of the titular town, almost boil alive in hot springs overheated by lava, and even see the ghastly corpses of two lovers who couldn’t avoid that fate. On one hand, those types of shocks shouldn’t be so surprising, given that Dante’s Peak comes from Australian director Roger Donaldson who started out on the Ozploitation thriller Sleeping Dogs and went on to make skeevy Hollywood films Species and The Getaway. But Donaldson shoots and edits even the visceral parts of the story with such airlessness that the audience never feels scared, let alone shocked. Add in the rote story by screenwriter Leslie Bohem and the complete lack of chemistry between Hamilton and Brosnan, and Dante’s Peak fizzles on the screen. 8. Armageddon (1998) Certainly, some people love Armageddon and would place it perhaps at the top of this list. They love the outrageous concept of miners going to space to put a bomb in an oncoming asteroid that could destroy all life on Earth. They love director Michael Bay‘s maximalism, all explosions and chaos and hero shots and declarations of feelings. They love the ensemble cast that includes character actors Steve Buscemi, Will Patton, Michael Clarke Duncan, and William Fichtner, alongside stars Ben Affleck, Bruce Willis, and Liv Tyler. But for anyone who doesn’t like the hyperactive nature of Bayhem, then Armageddon is a drag. Bay’s action scenes may be loud and flashy, but they’re incoherent, forcing the audience to guess at what’s going on behind all those explosions and lens flares. Even the fun character actor moments get interrupted by unnecessary cuts and get buried under a glossy sheen. There’s a fun disaster movie somewhere in Armageddon, but it’s not on the screen, which is the biggest disaster of all. 7. Deep Impact (1998) Deep Impact is the anti-Armageddon. Where Michael Bay goes for all explosions and chaos, director Mimi Leder emphasizes humanism, slowing down to let us get to know just what’s at stake. Written by Bruce Joel Rubin and Michael Tolkin, Deep Impact looks at a wide swath of people as they deal with the oncoming asteroid, devoting so much attention to real people that even a subplot involving astronauts trying to blow up the rock (a plot beat that Disney stole for Armageddon) feels plausible. However, Deep Impact is very much like Armageddon in one way: it isn’t very good. No heartstring goes untagged in Deep Impact, no tear left unjerked. Every decision is made for maximum sentimentalism, from casting Morgan Freeman as a wise and even-tempered president to Elijah Wood and Leelee Sobieski as teen lovers making their final declarations. Deep Impact keeps the tone of disaster movies, but misses their point, devoting all of its over-the-top energy to sadness instead of fun. 6. Independence Day (1996) Okay, yes, Independence Day is an alien invasion story. But its central image, the one thing that everyone remembers about Independence Day, is that the aliens blow up the White House. And if disaster movies are about anything, they’re about razing familiar landmarks. Join our mailing list Get the best of Den of Geek delivered right to your inbox! Moreover, Independence Day belongs on this list because it best embodies the spirit of the Irwin Allen disaster films of the 1970s. Like those hits, Independence Day has striking scenes of devastation; pure spectacle where a star-studded cast delivers great one-liners that stick in our memories. But also like those movies, Independence Day drags between set pieces, devoting way too much time to military men and scientists talking in rooms. Whenever everyone shuts up and the aliens start blowing stuff up, then Independence Day becomes a joy ride again. 5. Volcano (1997) With just its poster alone, Volcano signals two things that it does better than Dante’s Peak. First of all, there’s the title. No haughty literary pretensions. No embarrassment about its premise. It just tells the viewer what they’re going to see. Then there’s the star Tommy Lee Jones, deep in his breakout run, ready to be grumpy about being in a volcano movie. That no-nonsense approach makes Volcano still a delight today. Director Mick Jackson, working from a screenplay by Jerome Armstrong and Billy Ray, does no-frills yeoman’s work. Every set piece has clear stakes, every shot establishes the spacial relationships between people and molten lava. Every character goes on a clear, if obvious, arc. Volcano has a simple promise and it delivers, which is all we really want from a disaster flick. 4. Daylight (1996) Daylight came during something of a renaissance for star Sylvester Stallone. With movies such as Cliffhanger in 1993 and especially Cop Land in 1997, Stallone was trying to recover some of the acting promise he showed before losing himself to ’80s excess. Even though the script by Dante’s Peak screenwriter Leslie Bohem and the direction from Rob Cohen lean hard into B-movie territory, Stallone plays his emotionally wounded former EMS chief with genuine pathos. Of course mid-’90s Stallone hasn’t forgotten how to do spectacle, which makes Daylight so much fun. The same is true of the character actors playing the survivors that Stallone’s Kit Latura has to lead to safety when the NYC tunnel they’re in collapses. Amy Brenneman, Viggo Mortensen, Jay O. Sanders, and others give just enough energy to their victims to make us care about them, but not so much that we’re not enjoying the peril. It would be going too far to call Daylight a “smart” disaster movie, but it does have more emotion than any of the lower entries on this list. 3. Outbreak (1995) If Deep Impact errs on the side of being too grounded for a fun disaster movie, Outbreak almost errs on the side of being too thrilling, especially at the height of the COVID-19 pandemic. When director Wolfgang Petersen’s film about a virus sweeping across the country matched real-world events, it became way less fun and way too real, breaking the escapist contract that the best disaster movies make. Now with the worst of the pandemic behind us, we can approach Outbreak as the big, fun Hollywood nonsense that it was meant to be. The director of Das Boot and The Perfect Storm, Peterson knows how to do big, sweeping adventure, and he’s brought along the perfect cast, including New Hollywood vets Dustin Hoffman and Donald Sutherland and big stars of the era, Morgan Freeman and Renee Russo. Outbreak is all spectacle, something that needs to be enjoyed at the proper distance from the actual events it portrays. 2. Twister (1996) In many ways, director Jan de Bont’s Twister is the ideal ’90s disaster movie. The screenplay by Michael Crichton and Anne-Marie Martin has just the right mix of science and tropey character growth to carry the audience along. The cast, if somewhat overstuffed, is full of ringers, from Philip Seymour Hoffman and Lois Smith to Alan Ruck and Jami Gertz, to all-time “that guys” Patrick Fischler and Sean Whalen. And it has the ideal leads for a big budget B-movie of the era in Helen Hunt and Bill Paxton. Most importantly, Twister has twisters, giant tornadoes that rip through the landscape in incredible set pieces. De Bont understands the inherent comedy of cows flying across the sky, and the terror of a room exploding around a person. He knows how to portray the ecstasy that follows a life-threatening event, so that we viewers, like the thrill-seekers onscreen, can’t wait to chase down another tornado, jumping right back into the disaster we just survived. 1. Titanic (1997) As great as the last few entries on this list are, let’s be honest—there’s an iceberg-sized gap between even Twister and our number one, Titanic. And it all comes down to James Cameron, a filmmaker whose ambition, sensibilities, and talent demand a budget that scares Hollywood, and then provides even greater returns. With each passing year, as the celebrity furor around Leonardo DiCaprio and Kate Winslet fades and the Celine Dion megahit drops from our radios, the filmmaking brilliance of Titanic stands out more. The first half of the film does the heavy lifting so effortlessly, we don’t even realize we’re being taught the character relations, the class structure, and the layout of the ship. When the boat starts to go down, we’re never confused about where the characters are, allowing us to sit back and feel: feel the tragedy of the love story, the anger at arrogant injustice, and the awe of everything falling apart. Titanic truly is the king of the disaster world.

Let’s see, where are we in the Trump tariff saga? After the White House increased tariffs on Chinese imports <counts> five times in the space of nine weeks, we then got a “pause” and an exemption on consumer electronics products – before the latest development. Namely, the White House yesterday said that the exemption, which covers all Apple products, was only a temporary one, lasting 1-2 months. However, there are three reasons why this is exceedingly unlikely to be true … Your series recap February 1: Trump imposes blanket 10% tariffs on all goods imported from China February 4: This tariff takes effect March 4: Trump increases the tariff to 20% March 12: This takes effect April 2: Trump adds a further 34%; China matches this April 7: Trump threatens a further 50% increase if China doesn’t cancel matching tariffs April 9: Trump increases Chinese tariffs to 104%; China matches this Later the same day: Trump increases the tariff to 145% April 12: Trump exempts product categories covering all Apple products April 13: Commerce Secretary says this is only a pause for 1-2 months Two solid reasons Apple tariffs won’t be reapplied Right in the middle of that timeline was when I suggested Apple products were likely to be exempted, as did indeed happen, and there are three reasons that is exceedingly unlikely to change. First, the escalation we have seen is clearly unsustainable. Every time Apple announces an increase to US tariffs on Chinese products, China responds with a matching tariff on US products. So far Trump has gone from 10% to 20% to 34% to 104% to 145%, and it’s clear that there would be no end to this endless tit-for-tat even if Trump were to eventually hit 1,000% or more. This is the welcoming lecture in the Why Tariffs Don’t Work 101 class. Second, the impact on both the US economy and the global economy has already been devastating. It’s not just what has happened, but the sheer unpredictability of US economic policy. It’s impossible for businesses to make future plans in an environment in which the rules can be dramatically changed on a weekly basis. Companies need to plan their production schedules months in advance, and plan capital expenditure like new plant years in advance; that’s simply not possible in such a turbulent economy. Above all, what is needed to begin undoing the economic damage is stability. And a crucial third reason Third, and most important of all, the impact on the US bond market – which clearly pointed to a path into a full-scale US recession. Loss of confidence in the US economy led to a dramatic sell-off of Treasury bonds. In order to counter that, the US government has been forced to increase the yield (interest rate) on these, which has a knock-on effect on the rest of the market, making borrowing more expensive for consumers and businesses alike. A sharp rise in credit costs is the quickest way into a recession, and even Trump had to admit that it was the bond sell-off which forced him to “pause” tariff increases. There has been a suggestion online that Canadian Prime Minister Mark Carney was instrumental in coordinating a bond sell-off with the governments of the European Union and Japan, in order to force Trump’s hand. As Snopes reports, the main source of this suggestion is a shock-jock with a reputation for conspiracy theories, so I don’t personally put much stock in it. But planned or organic doesn’t much matter: the effect is the same. Each time Trump tries to re-impose tariffs, that will reduce confidence in the US economy, which will result in further bond sales, which will push up interest rates, which will further damage the US economy. It’s a downward spiral with no escape bar abandoning the policy which caused it in the first place. Trump’s threats will either quietly go away, or he’ll find a face-saving reason for changing course. Photo by Maxim Hopman on Unsplash Add 9to5Mac to your Google News feed.  FTC: We use income earning auto affiliate links. More.You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Attackers aren't waiting for patches anymore — they are breaking in before defenses are ready. Trusted security tools are being hijacked to deliver malware. Even after a breach is detected and patched, some attackers stay hidden. This week's events show a hard truth: it's not enough to react after an attack. You have to assume that any system you trust today could fail tomorrow. In a world where AI tools can be used against you and ransomware hits faster than ever, real protection means planning for things to go wrong — and still staying in control. Check out this week's update to find important threat news, helpful webinars, useful tools, and tips you can start using right away. ⚡ Threat of the Week Windows 0-Day Exploited for Ransomware Attacks — A security affecting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a small number of targets, Microsoft revealed. The flaw, CVE-2025-29824, is a privilege escalation vulnerability that could allow an attacker to obtain SYSTEM privileges. An exploit for the vulnerability has been found to be delivered via a trojan called PipeMagic, with the unknown threat actors, tracked by Microsoft as Storm-2460, conducting credential harvesting and dropping a ransomware payload as part of post-compromise exploitation activities. The exact nature of the payload is unclear, however, the ransom note dropped after encryption included a TOR domain tied to the RansomEXX ransomware family. CVE-2025-29824 was addressed by Microsoft as part of its Patch Tuesday update for April 2025. Download the Report ➝ 🔔 Top News ESET Flaw Exploited to Deliver New TCESB Malware — The China-aligned advanced persistent threat (APT) group China-aligned ToddyCat has exploited a vulnerability in ESET's antivirus software to silently execute a malicious payload called TCESB on infected devices. The dynamic link library (DLL) search order hijacking vulnerability (CVE-2024-11859) was patched in January after responsible disclosure. DLL search order hijacking is a kind of vulnerability that occurs when an application searches and loads a required DLL in an insecure order, such as starting with the current directory rather than a trusted system directory. In such instances, an attacker can try to trick the application into loading a malicious DLL as opposed to its legitimate counterpart. Once executed, TCESB reads the running kernel version and disables notification routines, installs a vulnerable driver for defense evasion, and launches an unspecified payload. Fortinet Warns of Hackers Retaining Access to Patched FortiGate VPNs Using Symlinks — Fortinet revealed that threat actors have found a way to maintain read-only access to FortiGate devices even after the initial access vector used to breach the devices was patched. "This was achieved via creating a symbolic link (aka symlink) connecting the user file system and the root file system in a folder used to serve language files for the SSL-VPN," the company said. Fortinet has released patches to eliminate the behavior. AkiraBot Leans on OpenAI Models to Flood Sites with SEO Spam — An artificial intelligence (AI) powered platform called AkiraBot is being used to spam website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) services such as Akira and ServicewrapGO. The platform relies on OpenAI API to generate a customized outreach message based on the contents of the website. As many as 80,000 websites have been successfully spammed by the tool since September 2024. In response to the findings, OpenAI has disabled the API key used by the threat actors. Gamaredon Uses Removable Drives to Distribute GammaSteel Malware — The Russia-linked threat actor known as Gamaredon targeted a foreign military mission based in Ukraine to deliver an updated version of a known malware called GammaSteel using what appears to be an already infected removable drive. The attack paves the way for a reconnaissance utility and an improved version of GammaSteel, an information stealer that's capable of exfiltrating files from a victim based on an extension allowlist from the Desktop and Documents folders. Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Portals — Palo Alto Networks has disclosed that it's observing brute-force login attempts against PAN-OS GlobalProtect gateways. It also noted that its activity monitoring the situation to determine its potential impact and identify if mitigations are necessary. The development came in response to an alert from GreyNoise about a spike in suspicious login scanning activity aimed at PAN-OS GlobalProtect portals since March 17, 2025. Trending CVEs Attackers love software vulnerabilities—they're easy doors into your systems. Every week brings fresh flaws, and waiting too long to patch can turn a minor oversight into a major breach. Below are this week's critical vulnerabilities you need to know about. Take a look, update your software promptly, and keep attackers locked out. This week's list includes — CVE-2025-3102 (OttoKit plugin), CVE-2025-23359 (NVIDIA Container Toolkit), CVE-2025-30406 (Gladinet CentreStack), CVE-2025-29824 (Windows Common Log File System), CVE-2024-48887 (Fortinet FortiSwitch), CVE-2024-53150, CVE-2024-53197 (Google Android), CVE-2025-2945 (pgAdmin), CVE-2025-2244 (Bitdefender GravityZone), CVE-2025-31334 (WinRAR), CVE-2025-30401 (WhatsApp for Windows), CVE-2025-23120 (Rockwell Automation Industrial Data Center), CVE-2025-25211, CVE-2025-26689 (Inaba Denki Sangyo CHOCO TEI WATCHER), CVE-2024-4872, CVE-2024-3980 (Hitachi Energy MicroSCADA Pro/X SYS600), CVE-2025-2636 (InstaWP Connect – 1-click WP Staging & Migration plugin), CVE-2025-3439 (Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin), and CVE-2025-31565 (WPSmartContracts plugin). 📰 Around the Cyber World Bulletproof Hosting Service Provider Medialand Exposed — A bulletproof hosting service provider named Medialand has been exposed likely by the same actors behind the leak of Black Basta chat logs in February 2025. According to PRODAFT, Medialand has been linked to Yalishanda (LARVA-34), with the service playing a key role in enabling a wide range of cybercriminal operations, including hosting ransomware infrastructure for Black Basta, malware C2 servers, code-signing systems, phishing kits, data exfiltration panels, data leak sites. Leaked internal data reveals a treasure trove of information about who bought servers, who paid (including via cryptocurrency), and possibly personally identifiable information (PII), not to mention allow defenders to correlate indicators of compromise (IoCs) and improve attribution efforts. The Black Basta chat dataset shed light on the group's "internal workflows, decision-making processes, and team dynamics, offering an unfiltered perspective on how one of the most active ransomware groups operates behind the scenes," Trustwave said. The discussions also revealed the group targeting individuals based on gender dynamics, assigning female callers to male victims and male operators to female targets. Furthermore, they also expose the threat actor's pursuit of security flaws and stockpiling them by paying premium prices to acquire zero-day exploits from exploit brokers to gain a competitive edge. Arabic-Speaking Threat Actor Targets South Korea with ViperSoftX — Suspected Arabic-speaking threat actors have been observed distributing ViperSoftX malware targeting South Korean victims since April 1, 2025. Often distributed via cracked software or torrents, ViperSoftX is known for its ability to exfiltrate sensitive information from compromised Windows hosts, as well as deliver additional payloads like Quasar RAT and TesseractStealer. In the attacks detected by AhnLab, the malware has been found to serve a malicious PowerShell script that drops PureCrypter and Quasar RAT. Irish Data Protection Watchdog Probes X — Ireland's data privacy regulator has opened an investigation into X over its processing of personal data from publicly accessible posts shared on the social network for purposes of training its artificial intelligence models, particularly Grok. "The inquiry will examine compliance with a range of key provisions of the GDPR, including with regard to the lawfulness and transparency of the processing," the Data Protection Commission (DPC) said. "The purpose of this inquiry is to determine whether this personal data was lawfully processed in order to train the Grok LLMs." X previously X agreed to stop training its AI systems using personal data collected from E.U. users. Flaws Uncovered in Perplexity's Android App — An analysis of Perplexity AI's Android app has uncovered a set of 11 flaws, including hard-coded API keys, cross-origin resource sharing (CORS) misconfigurations, lack of SSL pinning, unsecured network configuration, tapjacking, and susceptibility to known flaws like Janus and StrandHogg, exposing users of the app to risks such as data theft, account takeovers, and reverse engineering attacks. "Hackers can exploit these vulnerabilities to steal your personal data, including sensitive login credentials," AppKnox said in a report shared with The Hacker News. "The app lacks protections against hacking tools, leaving your device vulnerable to remote attacks." Similar flaws were also identified in DeepSeek's Android app earlier this year. Tycoon 2FA Phishing Kit Receives New Updates — The latest version of the phishing kit known as Tycoon 2FA has adopted new evasion techniques that allow it to slip past endpoints and detection systems. "These include using a custom CAPTCHA rendered via HTML5 canvas, invisible Unicode characters in obfuscated JavaScript, and anti-debugging scripts to thwart inspection," Trustwave said. "HTML5-based visuals like the custom CAPTCHA can mislead users and add legitimacy to phishing attempts. Unicode and Proxy-based obfuscation can delay detection and make static analysis more difficult." The development comes as the cybersecurity company said it has identified a dramatic increase in phishing attacks using malicious Scalable Vector Graphics (SVG) files, driven by PhaaS platforms like Tycoon2FA, Mamba2FA, and Sneaky2FA. "SVG-based attacks have sharply pivoted toward phishing campaigns, with a staggering 1,800% increase in early 2025 compared to data collected since April 2024," it said. China Reportedly Admits to Directing Cyber Attacks on US Critical Infra — Chinese officials have acknowledged in a secret meeting in December 2024 that it was behind a series of cyber attacks aimed at U.S. critical infrastructure, a cluster of activity that's known as Volt Typhoon, the Wall Street Journal reported, citing, people familiar with the matter. The attacks are said to have been conducted in response to increasing U.S. policy support for Taiwan. China had previously claimed the Volt Typhoon to be a disinformation campaign from the West. AWS Debuts Support for ML-KEM in KMS, ACM, and Secrets Manager — Amazon Web Services (AWS) has announced support for Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) for hybrid post-quantum key agreement in Key Management Service (AWS KMS), Certificate Manager (ACM), and Secrets Manager. "These three services were chosen because they are security-critical AWS services with the most urgent need for post-quantum confidentiality," Amazon said. "With this, customers can bring secrets into their applications with end-to-end post-quantum enabled TLS." The development comes as the OpenSSL Project released version 3.5.0 of its widely used cryptographic library with support for post-quantum cryptography (PQC) algorithms ML-KEM, ML-DSA, and SLH-DSA. Exploitation Attempts Against TVT DVRs Surge — Threat intelligence firm GreyNoise is warning of a 3x spike in exploitation attempts against TVT NVMS9000 DVRs as part of what's suspected to be malicious activity designed to rope the devices into the Mirai botnet. The attacks exploit an information disclosure vulnerability (no CVE) that can be used to gain administrative control over affected systems. The surge in attacks began on March 31, 2025, with over 6,600 unique IP addresses, mainly from Taiwan, Japan, and South Korea, targeting systems located in the United States, United Kingdom, and Germany, attempting to exploit the flaw over the past 30 days. GitHub Announces General Availability of Security Campaigns — GitHub has announced the general availability of Security Campaigns, a new feature that aims to streamline the vulnerability remediation process using Copilot Autofix to generate code suggestions and resolve issues. The aim, per the Microsoft-owned platform, is to reduce security debt and quickly address problems lurking in existing codebases. "Using Copilot Autofix to generate code suggestions for up to 1,000 code scanning alerts at a time, security campaigns help security teams take care of triage and prioritization, while you can quickly resolve issues using Autofix – without breaking your development momentum," GitHub said. Watch Out for SMS Pumping — Threat hunters are calling attention to a cybercrime tactic called SMS pumping fraud that exploits SMS verification systems (e.g., OTP requests or password resets) to generate excessive message traffic using fake or automated phone numbers, incurring businesses additional costs or disruptions. Such schemes employ automated bots or low-skilled workforce to trigger fake account creation and OTP requests, which send SMS messages to phone numbers controlled by the threat actor. "The fraudster collaborates with a 'rogue party,' often a corrupt telecom provider or intermediary with access to SMS routing infrastructure," Group-IB said. "The rogue party intercepts the inflated SMS traffic, typically avoiding message delivery to reduce costs. Instead, they route the traffic to numbers they control." Routers Among the Most Riskiest Devices in Enterprise Networks — According to data compiled by Forescout, network-related equipment such as routers have emerged as the riskiest category of IT devices. "Driven by increased threat actor focus, adversaries are rapidly exploiting new vulnerabilities in these devices through large-scale attack campaigns," the company said. The retail sector has the riskiest devices on average, followed by financial services, government, healthcare, and manufacturing. Spain, China, the United Kingdom, Qatar, and Singapore are the top five countries with the riskiest devices on average. "To effectively defend this evolving attack surface, organizations must adopt modern security strategies that address risk across all device categories," Forescout said. "As threat actors continue shifting their focus away from traditional endpoints, they increasingly target less-protected devices that offer easier initial access." Spanish Authorities Arrest 6 for AI-Powered Investment Scam — The National Police of Spain has arrested six individuals aged between 34 and 57 behind a large-scale cryptocurrency investment scam that used AI tools to generate deepfake ads featuring popular public figures to deceive people, defrauding 208 victims worldwide of €19 million ($21.6 million). More than €100,000 of the total money defrauded from the victims has been frozen as part of the operation codenamed COINBLACK - WENDIMINE. "The modus operandi used to carry out this scam consisted of inserting ads on different web pages as a hook related to investments in cryptocurrencies," the National Police said. "The victims were not selected at random, but, through algorithms, they selected those people whose profile fit into what cybercriminals were looking for." The investment scam involved inserting ads on web pages and social media networks and using AI tools to falsely claim endorsements from famous personalities so as to entice the targets into making the investments. Some aspects of the scam were detailed by ESET in December 2024, which codenamed the campaign Nomani. Oracle Says Hack Affected "Obsolete Servers" — Oracle has confirmed that a hacker stole and leaked credentials that were stolen from what it described as "two obsolete servers." However, the company downplayed the severity of the breach and insisted its cloud infrastructure (OCI) was not compromised and that no customer data and services were impacted by the incident. "A hacker did access and publish user names from two obsolete servers that were never a part of OCI," it said in an email notification. "The hacker did not expose usable passwords because the passwords on those two servers were either encrypted and/or hashed. Therefore the hacker was not able to access any customer environments or customer data." It's not known how many customers were affected. Atlas Lion Uses New Tactics in Attacks Targeting Retailers — The Moroccan threat actor known as Atlas Lion (aka Storm-0539) has been observed using stolen credentials to enroll attacker-controlled VMs into an organization's domain, per cybersecurity firm Expel. Known for its extensive understanding of the cloud, the group's primary goal appears to be redeeming or reselling the stolen gift cards they obtain during their attack campaigns. U.S. Treasury OCC Says Hackers Had Access to 150,000 Emails — The Treasury Department's Office of the Comptroller of the Currency (OCC) revealed in February 2025 that it "identified, isolated and resolved a security incident involving an administrative account in the OCC email system." As a result, a limited number of affected administrative accounts were identified and disabled. "There is no indication of any impact to the financial sector at this time," the OCC said at the time. Now, in an update, the OCC has classified the breach as a "major incident," adding "the unauthorized access to a number of its executives' and employees' emails included highly sensitive information relating to the financial condition of federally regulated financial institutions used in its examinations and supervisory oversight processes." Bloomberg reported that the unidentified threat actors behind the hack broke into an email system administrator's account and gained access to over 150,000 emails from May 2023 after intercepting about 103 bank regulators' emails. 🎥 Cybersecurity Webinars 1️⃣ Learn to Detect and Block Hidden AI Tools in Your SaaS Stack — AI tools are quietly connecting to your SaaS apps — often without Security's knowledge. Sensitive data is at risk. Manual tracking won't keep up. In this session, learn: How AI tools are exposing your environment Real-world examples of AI-driven attacks How Reco helps detect and respond automatically Join Dvir Sasson from Reco to get ahead of hidden AI threats. 2️⃣ Learn How to Secure Every Step of Your Identity Lifecycle — Identity is your new attack surface. AI-powered impersonation and deepfakes are breaking traditional defenses. Learn how to secure the full identity lifecycle — from enrollment to daily access to recovery — with phishing-resistant MFA, device trust, and Deepfake Defense™. Join Beyond Identity and Nametag to stop account takeovers before they start. 🔧 Cybersecurity Tools CAPE (Config and Payload Extraction) — CAPE is a powerful malware sandbox that runs suspicious files in a safe Windows environment and digs much deeper than traditional tools. It not only tracks file changes, network traffic, and memory dumps but also automatically unpacks hidden payloads, extracts malware settings, and defeats tricks used to avoid detection. With smart use of YARA rules and a built-in debugger, CAPE gives threat hunters and analysts a faster, clearer way to uncover what malware is really doing. MCP-Scan — It is an open-source security tool that checks your MCP servers for hidden risks like prompt injections, tool poisoning, and cross-origin attacks. It scans popular setups like Claude, Cursor, and Windsurf, detects tampering in tool descriptions, and helps catch silent changes that could compromise your environment. With built-in protections like tool pinning and Invariant Guardrail checks, MCP-Scan gives developers and security teams a fast, reliable way to spot vulnerabilities before attackers can use them. 🔒 Tip of the Week Monitoring for Unauthorized Account Activations — Attackers are using a clever trick to stay hidden inside networks: reactivating the built-in Windows Guest account. Normally, this account is disabled and ignored by system admins. But when attackers enable it and set a new password, it blends in as part of the system — making it easy for them to quietly log in, escalate privileges, and even access devices remotely through RDP. Since the Guest account looks normal at first glance, many security teams miss it during reviews. To catch this tactic early, monitor your security logs closely. Set alerts for Event ID 4722 — this signals when any disabled account is reactivated, including Guest. Also track the use of native Windows tools like net.exe, wmic, and PowerShell for any commands that modify accounts. Pay special attention to any Guest account being added to privileged groups like Administrators or Remote Desktop Users. Cross-check with your endpoint protection or EDR tools to spot changes outside normal maintenance windows. If you find an active Guest account, assume it's part of a larger breach. Check for signs of hidden accounts, unauthorized remote access tools, and changes to RDP settings. Regular threat hunting — even just checking that all default accounts are truly disabled — can break an attacker's persistence before they move deeper into your environment. Conclusion Every breach, every evasion technique, and every new tool attackers use is also a learning opportunity. If you're in cybersecurity today, your advantage isn't just your tech stack — it's how quickly you adapt. Take one tactic you saw in this week's update — privilege escalation, AI misuse, stealth persistence — and use it as a reason to strengthen a weak spot you've been putting off. Defense is a race, but improvement is a choice. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.What Top 3 Principles Define Your Role as a CIO and a CTO?What Top 3 Principles Define Your Role as a CIO and a CTO?The CIO of IBM and the CIO of NMI discuss some foundational elements that help them navigate the shifting demands of providing leadership on tech.Joao-Pierre S. Ruth, Senior EditorApril 14, 2025The duties of C-suite tech leadership at enterprises are changing rapidly of late. AI shook up strategies at many companies and can lead to new demands on CIOs, CTOs, and others responsible for technology plans and use.The core principles that guide CIOs and CTOs can be essential for navigating such times, especially when organizations look to them for direction.In this episode, Matt Lyteson, CIO of IBM, and Phillip Goericke, CTO of NMI, share some key principles that define their respective roles at their organizations. They also discuss where they picked up some of the lessons that shaped those principles, how their jobs have changed since they got their starts, and whom they look to for inspiration as leaders -- as well as what they wish they knew when they got started. Listen to the full episode here.About the AuthorJoao-Pierre S. RuthSenior EditorJoao-Pierre S. Ruth covers tech policy, including ethics, privacy, legislation, and risk; fintech; code strategy; and cloud & edge computing for InformationWeek. He has been a journalist for more than 25 years, reporting on business and technology first in New Jersey, then covering the New York tech startup community, and later as a freelancer for such outlets as TheStreet, Investopedia, and Street Fight.See more from Joao-Pierre S. RuthWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like