The following article contains spoilers for The Last of Us season 2, episode 1, “Future Days.”The Last of Us is back for a second season, and – naturally – this time we’re seeing an adaptation of the second game in the series. However, showrunners Craig Mazin and Neil Druckmann have taken a different approach this time around. Where the first season was largely a one-to-one recreation of the game, with a huge chunk of the runtime dedicated to replicating the original cutscenes in live action, this second season appears to be making more changes to the game’s story. Events are restructured, reordered, and recontextualised with the addition of new characters and story ideas.That’s not to say that the scenes we know and love have been scrapped, though - far from it. It’s just that they might not always be exactly how you remember them. And so we’ve taken the key moments from episode one that recreate the game and compared them against the source material, analysing what’s changed and what’s stayed the same. You can see both versions in the video above, or read on below for our written explanations. The Last of Us Season 2 Episode 1: TV Show vs Game ComparisonTommy’s Sniper SchoolDue to the show having been re-arranged to tell the story in a more linear fashion, the sequence in which Tommy teaches Ellie how to shoot across long distances is now one of the earliest scenes of The Last of Us season 2. In the game, this was told in flashback as part of the Finding Strings chapter, which occurs during day two of Ellie’s time in Seattle – many hours into the campaign.That’s not the only change. As you can see from the thick blanket of snow, the time of year is completely different. While Ellie and Tommy trek through the sun-kissed Wyoming mountains in the game, they’re lying prone in a freezing winter landscape in the show. There is a connection, though; in the game, Tommy mentions that hordes of infected move through this region in the winter. Since it’s currently winter in the show, perhaps such a horde will turn up in the next few episodes? Despite the changes to timeline and climate, the fundamentals remain the same. Show Ellie uses the same Springfield Armory M1A rifle as game Ellie does, while Tommy provides advice about how to snipe at shambling infected. He suggests she compensate her aim for distance, which is what you must do during this sequence in the game, as bullets drop over very long distances due to gravity. Ellie and Dina’s PatrolThe midpoint of the season two premiere sees Ellie and Dina head out on a patrol. This is one of the earliest sequences from the game, and is replicated quite closely. In both the game and show, Ellie takes Shimmer from the stables, gears up to head out, and is scolded by Jesse for being late. The most significant change here is that, where in the game Jesse lists off all the things that must be achieved on a patrol, in the show Dina sarcastically explains their goals before Jesse can instruct them. This helps construct the show’s version of Dina, who is more brash than her game counterpart. The conflict between Jesse and Dina helps set up the horseback conversation between the two women. This same chat, about Dina’s breakup with Jesse, also happens in the game, but Dina’s attitude to her former boyfriend is softer, discussing how Jesse’s parents will always feel like her family. In the show, the pair’s relationship is somewhat brushed off as more of an on/off thing. Both the show and game’s patrol is interrupted by the discovery of the gory corpse of an animal – in the game it’s a moose, while in the show it’s a bear. This encourages Ellie and Dina to search out the infected who killed it. The key difference here is that in the show Ellie and Dina are just two of a larger patrol that doesn’t want to get into any unwarranted danger. In the game, Ellie and Dina are patrolling on their own. Infected Attack Ellie and Dina’s search for infected brings them to the same place in both the game and the show: the Greenpeace Market. In both versions they climb over the store’s truck to enter via the upstairs window and proceed to search inside. From here the events diverge – in the show, the pair take down a clicker and then Ellie falls through the floor alone. In the game, both Ellie and Dina fall through the collapsing floor, and Dina saves them both from a clicker by shooting it several times. In the show, it’s not a clicker in the main store area but a stalker, a new, more intelligent infected type that doesn't appear until much later in the game. Ellie must face this foe alone, and the resulting fight sees the stalker bite her stomach, something that doesn’t happen in the game. Dina arrives too late to help, but by that point Ellie has already shot her attacker. This somewhat echoes an earlier scene from the game, in which Dina arrives to help a runner that’s attacking Ellie outside of the supermarket – in that instance Dina shoots the infected to save her partner.Barn DanceOne of the most famous scenes from The Last of Us Part 2 is recreated in almost perfect detail for the show, but once again it comes at a very different time thanks to the reordering of the story. The barn dance, during which Dina and Ellie kiss for the first time, was originally shown as a flashback and occurred just before the game’s final act, but in the show it's the last major scene of the season two premiere. Despite the shift to show this scene in chronological order, everything else about it remains largely the same, even down to the music, dance choreography, and camera direction. The dialogue between Ellie, Jesse, and Dina is almost word-for-word the same as the game’s original script, including Dina’s “I think they should be terrified of you.”The pair’s dance is once again interrupted by Seth, but Joel’s reaction to his bigotry is much more violent. In the game, Joel only shoves Seth to indicate his anger, but the show’s version of events sees Seth thrown to the floor. The OverlookThe episode’s final scene is a recreation of The Overlook section of the game’s first chapter. We see Abby and Owen climb up to an outcrop that overlooks the town of Jackson. In the game, Abby and Owen are talking, expressing relief of finding their goal and surprise at how large it is – “it’s a fucking city!” The show instead opts to keep the characters in total silence, building an ominous tension as they survey the town where their target lives. For more from The Last of Us, check out our spoiler-free season two review and our spoiler-filled review of the season premiere. We’ve also asked the show’s creators whether Joel was right to save Ellie, and spoken to them about the terrifying stalkers who appear in this episode. Matt Purslow is IGN's Senior Features Editor.

Ah, the 1990s! Stable economy, relative global peace, rich hucksters appearing in The Little Rascals instead of politics. What did we have to worry about? Nothing, really. And that’s why we had to make up trouble and put it on the big screen! The 1990s weren’t the first heyday of the disaster movie. That honor goes to the 1970s when producer Irwin Allen churned out star-studded hits like The Poseidon Adventure and The Towering Inferno, earning the title “The Master of Disaster.” But the 1990s versions might be more interesting, coming at a unique time in Hollywood and in the country in general. The rise of the internet supercharged the paranoia of the ’90s, turning suspicion into outright skepticism of the government and society. Moreover the release of Jurassic Park in 1993 inaugurated the rise of CGI graphics, changing special effects forever. That transition, for better or for worse, is all over these movies. So if you’re tired of the bad things in reality, take a look at these ’90s disaster films and enjoy some pretend bad things for a while. 10. Godzilla (1998) At this point, what is there to say about Godzilla ’98 that hasn’t already been said? Yes, it’s as bloated as it is boring. Yes, it’s an insult to the venerable franchise it tries to reinvent for Generation X. Yes, all of the problems that existed in director Roland Emmerich‘s predecessor Independence Day (more on that shortly) stand out more here due to a lackluster cast and impossible pacing. Yes, a disinterested, check-cashing Steven Spielberg did this movie’s climax better a year earlier in The Lost World: Jurassic Park. Really, the one last thing that needs to be said about Godzilla is that the poster rules. With its glowing green font, spotlights shining on a single shin, drawing the eye up above the buildings and into the darkness. That one image contains more awe and wonder than anything in the actual movie, and you don’t have to hear lame jokes about Roger Ebert’s weight to enjoy it. 9. Dante’s Peak (1997) There’s a mean streak to Dante’s Peak that sets it apart from 1997’s other volcano picture, the aptly-named Volcano. In the early “establish the hero’s trauma” scene, a piece of molten rock goes through the head of scientist Harry Dalton’s (Pierce Brosnan) wife. Later the children of Rachel Wando (Linda Hamilton), mayor of the titular town, almost boil alive in hot springs overheated by lava, and even see the ghastly corpses of two lovers who couldn’t avoid that fate. On one hand, those types of shocks shouldn’t be so surprising, given that Dante’s Peak comes from Australian director Roger Donaldson who started out on the Ozploitation thriller Sleeping Dogs and went on to make skeevy Hollywood films Species and The Getaway. But Donaldson shoots and edits even the visceral parts of the story with such airlessness that the audience never feels scared, let alone shocked. Add in the rote story by screenwriter Leslie Bohem and the complete lack of chemistry between Hamilton and Brosnan, and Dante’s Peak fizzles on the screen. 8. Armageddon (1998) Certainly, some people love Armageddon and would place it perhaps at the top of this list. They love the outrageous concept of miners going to space to put a bomb in an oncoming asteroid that could destroy all life on Earth. They love director Michael Bay‘s maximalism, all explosions and chaos and hero shots and declarations of feelings. They love the ensemble cast that includes character actors Steve Buscemi, Will Patton, Michael Clarke Duncan, and William Fichtner, alongside stars Ben Affleck, Bruce Willis, and Liv Tyler. But for anyone who doesn’t like the hyperactive nature of Bayhem, then Armageddon is a drag. Bay’s action scenes may be loud and flashy, but they’re incoherent, forcing the audience to guess at what’s going on behind all those explosions and lens flares. Even the fun character actor moments get interrupted by unnecessary cuts and get buried under a glossy sheen. There’s a fun disaster movie somewhere in Armageddon, but it’s not on the screen, which is the biggest disaster of all. 7. Deep Impact (1998) Deep Impact is the anti-Armageddon. Where Michael Bay goes for all explosions and chaos, director Mimi Leder emphasizes humanism, slowing down to let us get to know just what’s at stake. Written by Bruce Joel Rubin and Michael Tolkin, Deep Impact looks at a wide swath of people as they deal with the oncoming asteroid, devoting so much attention to real people that even a subplot involving astronauts trying to blow up the rock (a plot beat that Disney stole for Armageddon) feels plausible. However, Deep Impact is very much like Armageddon in one way: it isn’t very good. No heartstring goes untagged in Deep Impact, no tear left unjerked. Every decision is made for maximum sentimentalism, from casting Morgan Freeman as a wise and even-tempered president to Elijah Wood and Leelee Sobieski as teen lovers making their final declarations. Deep Impact keeps the tone of disaster movies, but misses their point, devoting all of its over-the-top energy to sadness instead of fun. 6. Independence Day (1996) Okay, yes, Independence Day is an alien invasion story. But its central image, the one thing that everyone remembers about Independence Day, is that the aliens blow up the White House. And if disaster movies are about anything, they’re about razing familiar landmarks. Join our mailing list Get the best of Den of Geek delivered right to your inbox! Moreover, Independence Day belongs on this list because it best embodies the spirit of the Irwin Allen disaster films of the 1970s. Like those hits, Independence Day has striking scenes of devastation; pure spectacle where a star-studded cast delivers great one-liners that stick in our memories. But also like those movies, Independence Day drags between set pieces, devoting way too much time to military men and scientists talking in rooms. Whenever everyone shuts up and the aliens start blowing stuff up, then Independence Day becomes a joy ride again. 5. Volcano (1997) With just its poster alone, Volcano signals two things that it does better than Dante’s Peak. First of all, there’s the title. No haughty literary pretensions. No embarrassment about its premise. It just tells the viewer what they’re going to see. Then there’s the star Tommy Lee Jones, deep in his breakout run, ready to be grumpy about being in a volcano movie. That no-nonsense approach makes Volcano still a delight today. Director Mick Jackson, working from a screenplay by Jerome Armstrong and Billy Ray, does no-frills yeoman’s work. Every set piece has clear stakes, every shot establishes the spacial relationships between people and molten lava. Every character goes on a clear, if obvious, arc. Volcano has a simple promise and it delivers, which is all we really want from a disaster flick. 4. Daylight (1996) Daylight came during something of a renaissance for star Sylvester Stallone. With movies such as Cliffhanger in 1993 and especially Cop Land in 1997, Stallone was trying to recover some of the acting promise he showed before losing himself to ’80s excess. Even though the script by Dante’s Peak screenwriter Leslie Bohem and the direction from Rob Cohen lean hard into B-movie territory, Stallone plays his emotionally wounded former EMS chief with genuine pathos. Of course mid-’90s Stallone hasn’t forgotten how to do spectacle, which makes Daylight so much fun. The same is true of the character actors playing the survivors that Stallone’s Kit Latura has to lead to safety when the NYC tunnel they’re in collapses. Amy Brenneman, Viggo Mortensen, Jay O. Sanders, and others give just enough energy to their victims to make us care about them, but not so much that we’re not enjoying the peril. It would be going too far to call Daylight a “smart” disaster movie, but it does have more emotion than any of the lower entries on this list. 3. Outbreak (1995) If Deep Impact errs on the side of being too grounded for a fun disaster movie, Outbreak almost errs on the side of being too thrilling, especially at the height of the COVID-19 pandemic. When director Wolfgang Petersen’s film about a virus sweeping across the country matched real-world events, it became way less fun and way too real, breaking the escapist contract that the best disaster movies make. Now with the worst of the pandemic behind us, we can approach Outbreak as the big, fun Hollywood nonsense that it was meant to be. The director of Das Boot and The Perfect Storm, Peterson knows how to do big, sweeping adventure, and he’s brought along the perfect cast, including New Hollywood vets Dustin Hoffman and Donald Sutherland and big stars of the era, Morgan Freeman and Renee Russo. Outbreak is all spectacle, something that needs to be enjoyed at the proper distance from the actual events it portrays. 2. Twister (1996) In many ways, director Jan de Bont’s Twister is the ideal ’90s disaster movie. The screenplay by Michael Crichton and Anne-Marie Martin has just the right mix of science and tropey character growth to carry the audience along. The cast, if somewhat overstuffed, is full of ringers, from Philip Seymour Hoffman and Lois Smith to Alan Ruck and Jami Gertz, to all-time “that guys” Patrick Fischler and Sean Whalen. And it has the ideal leads for a big budget B-movie of the era in Helen Hunt and Bill Paxton. Most importantly, Twister has twisters, giant tornadoes that rip through the landscape in incredible set pieces. De Bont understands the inherent comedy of cows flying across the sky, and the terror of a room exploding around a person. He knows how to portray the ecstasy that follows a life-threatening event, so that we viewers, like the thrill-seekers onscreen, can’t wait to chase down another tornado, jumping right back into the disaster we just survived. 1. Titanic (1997) As great as the last few entries on this list are, let’s be honest—there’s an iceberg-sized gap between even Twister and our number one, Titanic. And it all comes down to James Cameron, a filmmaker whose ambition, sensibilities, and talent demand a budget that scares Hollywood, and then provides even greater returns. With each passing year, as the celebrity furor around Leonardo DiCaprio and Kate Winslet fades and the Celine Dion megahit drops from our radios, the filmmaking brilliance of Titanic stands out more. The first half of the film does the heavy lifting so effortlessly, we don’t even realize we’re being taught the character relations, the class structure, and the layout of the ship. When the boat starts to go down, we’re never confused about where the characters are, allowing us to sit back and feel: feel the tragedy of the love story, the anger at arrogant injustice, and the awe of everything falling apart. Titanic truly is the king of the disaster world.

Let’s see, where are we in the Trump tariff saga? After the White House increased tariffs on Chinese imports <counts> five times in the space of nine weeks, we then got a “pause” and an exemption on consumer electronics products – before the latest development. Namely, the White House yesterday said that the exemption, which covers all Apple products, was only a temporary one, lasting 1-2 months. However, there are three reasons why this is exceedingly unlikely to be true … Your series recap February 1: Trump imposes blanket 10% tariffs on all goods imported from China February 4: This tariff takes effect March 4: Trump increases the tariff to 20% March 12: This takes effect April 2: Trump adds a further 34%; China matches this April 7: Trump threatens a further 50% increase if China doesn’t cancel matching tariffs April 9: Trump increases Chinese tariffs to 104%; China matches this Later the same day: Trump increases the tariff to 145% April 12: Trump exempts product categories covering all Apple products April 13: Commerce Secretary says this is only a pause for 1-2 months Two solid reasons Apple tariffs won’t be reapplied Right in the middle of that timeline was when I suggested Apple products were likely to be exempted, as did indeed happen, and there are three reasons that is exceedingly unlikely to change. First, the escalation we have seen is clearly unsustainable. Every time Apple announces an increase to US tariffs on Chinese products, China responds with a matching tariff on US products. So far Trump has gone from 10% to 20% to 34% to 104% to 145%, and it’s clear that there would be no end to this endless tit-for-tat even if Trump were to eventually hit 1,000% or more. This is the welcoming lecture in the Why Tariffs Don’t Work 101 class. Second, the impact on both the US economy and the global economy has already been devastating. It’s not just what has happened, but the sheer unpredictability of US economic policy. It’s impossible for businesses to make future plans in an environment in which the rules can be dramatically changed on a weekly basis. Companies need to plan their production schedules months in advance, and plan capital expenditure like new plant years in advance; that’s simply not possible in such a turbulent economy. Above all, what is needed to begin undoing the economic damage is stability. And a crucial third reason Third, and most important of all, the impact on the US bond market – which clearly pointed to a path into a full-scale US recession. Loss of confidence in the US economy led to a dramatic sell-off of Treasury bonds. In order to counter that, the US government has been forced to increase the yield (interest rate) on these, which has a knock-on effect on the rest of the market, making borrowing more expensive for consumers and businesses alike. A sharp rise in credit costs is the quickest way into a recession, and even Trump had to admit that it was the bond sell-off which forced him to “pause” tariff increases. There has been a suggestion online that Canadian Prime Minister Mark Carney was instrumental in coordinating a bond sell-off with the governments of the European Union and Japan, in order to force Trump’s hand. As Snopes reports, the main source of this suggestion is a shock-jock with a reputation for conspiracy theories, so I don’t personally put much stock in it. But planned or organic doesn’t much matter: the effect is the same. Each time Trump tries to re-impose tariffs, that will reduce confidence in the US economy, which will result in further bond sales, which will push up interest rates, which will further damage the US economy. It’s a downward spiral with no escape bar abandoning the policy which caused it in the first place. Trump’s threats will either quietly go away, or he’ll find a face-saving reason for changing course. Photo by Maxim Hopman on Unsplash Add 9to5Mac to your Google News feed.  FTC: We use income earning auto affiliate links. More.You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Attackers aren't waiting for patches anymore — they are breaking in before defenses are ready. Trusted security tools are being hijacked to deliver malware. Even after a breach is detected and patched, some attackers stay hidden. This week's events show a hard truth: it's not enough to react after an attack. You have to assume that any system you trust today could fail tomorrow. In a world where AI tools can be used against you and ransomware hits faster than ever, real protection means planning for things to go wrong — and still staying in control. Check out this week's update to find important threat news, helpful webinars, useful tools, and tips you can start using right away. ⚡ Threat of the Week Windows 0-Day Exploited for Ransomware Attacks — A security affecting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a small number of targets, Microsoft revealed. The flaw, CVE-2025-29824, is a privilege escalation vulnerability that could allow an attacker to obtain SYSTEM privileges. An exploit for the vulnerability has been found to be delivered via a trojan called PipeMagic, with the unknown threat actors, tracked by Microsoft as Storm-2460, conducting credential harvesting and dropping a ransomware payload as part of post-compromise exploitation activities. The exact nature of the payload is unclear, however, the ransom note dropped after encryption included a TOR domain tied to the RansomEXX ransomware family. CVE-2025-29824 was addressed by Microsoft as part of its Patch Tuesday update for April 2025. Download the Report ➝ 🔔 Top News ESET Flaw Exploited to Deliver New TCESB Malware — The China-aligned advanced persistent threat (APT) group China-aligned ToddyCat has exploited a vulnerability in ESET's antivirus software to silently execute a malicious payload called TCESB on infected devices. The dynamic link library (DLL) search order hijacking vulnerability (CVE-2024-11859) was patched in January after responsible disclosure. DLL search order hijacking is a kind of vulnerability that occurs when an application searches and loads a required DLL in an insecure order, such as starting with the current directory rather than a trusted system directory. In such instances, an attacker can try to trick the application into loading a malicious DLL as opposed to its legitimate counterpart. Once executed, TCESB reads the running kernel version and disables notification routines, installs a vulnerable driver for defense evasion, and launches an unspecified payload. Fortinet Warns of Hackers Retaining Access to Patched FortiGate VPNs Using Symlinks — Fortinet revealed that threat actors have found a way to maintain read-only access to FortiGate devices even after the initial access vector used to breach the devices was patched. "This was achieved via creating a symbolic link (aka symlink) connecting the user file system and the root file system in a folder used to serve language files for the SSL-VPN," the company said. Fortinet has released patches to eliminate the behavior. AkiraBot Leans on OpenAI Models to Flood Sites with SEO Spam — An artificial intelligence (AI) powered platform called AkiraBot is being used to spam website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) services such as Akira and ServicewrapGO. The platform relies on OpenAI API to generate a customized outreach message based on the contents of the website. As many as 80,000 websites have been successfully spammed by the tool since September 2024. In response to the findings, OpenAI has disabled the API key used by the threat actors. Gamaredon Uses Removable Drives to Distribute GammaSteel Malware — The Russia-linked threat actor known as Gamaredon targeted a foreign military mission based in Ukraine to deliver an updated version of a known malware called GammaSteel using what appears to be an already infected removable drive. The attack paves the way for a reconnaissance utility and an improved version of GammaSteel, an information stealer that's capable of exfiltrating files from a victim based on an extension allowlist from the Desktop and Documents folders. Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Portals — Palo Alto Networks has disclosed that it's observing brute-force login attempts against PAN-OS GlobalProtect gateways. It also noted that its activity monitoring the situation to determine its potential impact and identify if mitigations are necessary. The development came in response to an alert from GreyNoise about a spike in suspicious login scanning activity aimed at PAN-OS GlobalProtect portals since March 17, 2025. Trending CVEs Attackers love software vulnerabilities—they're easy doors into your systems. Every week brings fresh flaws, and waiting too long to patch can turn a minor oversight into a major breach. Below are this week's critical vulnerabilities you need to know about. Take a look, update your software promptly, and keep attackers locked out. This week's list includes — CVE-2025-3102 (OttoKit plugin), CVE-2025-23359 (NVIDIA Container Toolkit), CVE-2025-30406 (Gladinet CentreStack), CVE-2025-29824 (Windows Common Log File System), CVE-2024-48887 (Fortinet FortiSwitch), CVE-2024-53150, CVE-2024-53197 (Google Android), CVE-2025-2945 (pgAdmin), CVE-2025-2244 (Bitdefender GravityZone), CVE-2025-31334 (WinRAR), CVE-2025-30401 (WhatsApp for Windows), CVE-2025-23120 (Rockwell Automation Industrial Data Center), CVE-2025-25211, CVE-2025-26689 (Inaba Denki Sangyo CHOCO TEI WATCHER), CVE-2024-4872, CVE-2024-3980 (Hitachi Energy MicroSCADA Pro/X SYS600), CVE-2025-2636 (InstaWP Connect – 1-click WP Staging & Migration plugin), CVE-2025-3439 (Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin), and CVE-2025-31565 (WPSmartContracts plugin). 📰 Around the Cyber World Bulletproof Hosting Service Provider Medialand Exposed — A bulletproof hosting service provider named Medialand has been exposed likely by the same actors behind the leak of Black Basta chat logs in February 2025. According to PRODAFT, Medialand has been linked to Yalishanda (LARVA-34), with the service playing a key role in enabling a wide range of cybercriminal operations, including hosting ransomware infrastructure for Black Basta, malware C2 servers, code-signing systems, phishing kits, data exfiltration panels, data leak sites. Leaked internal data reveals a treasure trove of information about who bought servers, who paid (including via cryptocurrency), and possibly personally identifiable information (PII), not to mention allow defenders to correlate indicators of compromise (IoCs) and improve attribution efforts. The Black Basta chat dataset shed light on the group's "internal workflows, decision-making processes, and team dynamics, offering an unfiltered perspective on how one of the most active ransomware groups operates behind the scenes," Trustwave said. The discussions also revealed the group targeting individuals based on gender dynamics, assigning female callers to male victims and male operators to female targets. Furthermore, they also expose the threat actor's pursuit of security flaws and stockpiling them by paying premium prices to acquire zero-day exploits from exploit brokers to gain a competitive edge. Arabic-Speaking Threat Actor Targets South Korea with ViperSoftX — Suspected Arabic-speaking threat actors have been observed distributing ViperSoftX malware targeting South Korean victims since April 1, 2025. Often distributed via cracked software or torrents, ViperSoftX is known for its ability to exfiltrate sensitive information from compromised Windows hosts, as well as deliver additional payloads like Quasar RAT and TesseractStealer. In the attacks detected by AhnLab, the malware has been found to serve a malicious PowerShell script that drops PureCrypter and Quasar RAT. Irish Data Protection Watchdog Probes X — Ireland's data privacy regulator has opened an investigation into X over its processing of personal data from publicly accessible posts shared on the social network for purposes of training its artificial intelligence models, particularly Grok. "The inquiry will examine compliance with a range of key provisions of the GDPR, including with regard to the lawfulness and transparency of the processing," the Data Protection Commission (DPC) said. "The purpose of this inquiry is to determine whether this personal data was lawfully processed in order to train the Grok LLMs." X previously X agreed to stop training its AI systems using personal data collected from E.U. users. Flaws Uncovered in Perplexity's Android App — An analysis of Perplexity AI's Android app has uncovered a set of 11 flaws, including hard-coded API keys, cross-origin resource sharing (CORS) misconfigurations, lack of SSL pinning, unsecured network configuration, tapjacking, and susceptibility to known flaws like Janus and StrandHogg, exposing users of the app to risks such as data theft, account takeovers, and reverse engineering attacks. "Hackers can exploit these vulnerabilities to steal your personal data, including sensitive login credentials," AppKnox said in a report shared with The Hacker News. "The app lacks protections against hacking tools, leaving your device vulnerable to remote attacks." Similar flaws were also identified in DeepSeek's Android app earlier this year. Tycoon 2FA Phishing Kit Receives New Updates — The latest version of the phishing kit known as Tycoon 2FA has adopted new evasion techniques that allow it to slip past endpoints and detection systems. "These include using a custom CAPTCHA rendered via HTML5 canvas, invisible Unicode characters in obfuscated JavaScript, and anti-debugging scripts to thwart inspection," Trustwave said. "HTML5-based visuals like the custom CAPTCHA can mislead users and add legitimacy to phishing attempts. Unicode and Proxy-based obfuscation can delay detection and make static analysis more difficult." The development comes as the cybersecurity company said it has identified a dramatic increase in phishing attacks using malicious Scalable Vector Graphics (SVG) files, driven by PhaaS platforms like Tycoon2FA, Mamba2FA, and Sneaky2FA. "SVG-based attacks have sharply pivoted toward phishing campaigns, with a staggering 1,800% increase in early 2025 compared to data collected since April 2024," it said. China Reportedly Admits to Directing Cyber Attacks on US Critical Infra — Chinese officials have acknowledged in a secret meeting in December 2024 that it was behind a series of cyber attacks aimed at U.S. critical infrastructure, a cluster of activity that's known as Volt Typhoon, the Wall Street Journal reported, citing, people familiar with the matter. The attacks are said to have been conducted in response to increasing U.S. policy support for Taiwan. China had previously claimed the Volt Typhoon to be a disinformation campaign from the West. AWS Debuts Support for ML-KEM in KMS, ACM, and Secrets Manager — Amazon Web Services (AWS) has announced support for Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) for hybrid post-quantum key agreement in Key Management Service (AWS KMS), Certificate Manager (ACM), and Secrets Manager. "These three services were chosen because they are security-critical AWS services with the most urgent need for post-quantum confidentiality," Amazon said. "With this, customers can bring secrets into their applications with end-to-end post-quantum enabled TLS." The development comes as the OpenSSL Project released version 3.5.0 of its widely used cryptographic library with support for post-quantum cryptography (PQC) algorithms ML-KEM, ML-DSA, and SLH-DSA. Exploitation Attempts Against TVT DVRs Surge — Threat intelligence firm GreyNoise is warning of a 3x spike in exploitation attempts against TVT NVMS9000 DVRs as part of what's suspected to be malicious activity designed to rope the devices into the Mirai botnet. The attacks exploit an information disclosure vulnerability (no CVE) that can be used to gain administrative control over affected systems. The surge in attacks began on March 31, 2025, with over 6,600 unique IP addresses, mainly from Taiwan, Japan, and South Korea, targeting systems located in the United States, United Kingdom, and Germany, attempting to exploit the flaw over the past 30 days. GitHub Announces General Availability of Security Campaigns — GitHub has announced the general availability of Security Campaigns, a new feature that aims to streamline the vulnerability remediation process using Copilot Autofix to generate code suggestions and resolve issues. The aim, per the Microsoft-owned platform, is to reduce security debt and quickly address problems lurking in existing codebases. "Using Copilot Autofix to generate code suggestions for up to 1,000 code scanning alerts at a time, security campaigns help security teams take care of triage and prioritization, while you can quickly resolve issues using Autofix – without breaking your development momentum," GitHub said. Watch Out for SMS Pumping — Threat hunters are calling attention to a cybercrime tactic called SMS pumping fraud that exploits SMS verification systems (e.g., OTP requests or password resets) to generate excessive message traffic using fake or automated phone numbers, incurring businesses additional costs or disruptions. Such schemes employ automated bots or low-skilled workforce to trigger fake account creation and OTP requests, which send SMS messages to phone numbers controlled by the threat actor. "The fraudster collaborates with a 'rogue party,' often a corrupt telecom provider or intermediary with access to SMS routing infrastructure," Group-IB said. "The rogue party intercepts the inflated SMS traffic, typically avoiding message delivery to reduce costs. Instead, they route the traffic to numbers they control." Routers Among the Most Riskiest Devices in Enterprise Networks — According to data compiled by Forescout, network-related equipment such as routers have emerged as the riskiest category of IT devices. "Driven by increased threat actor focus, adversaries are rapidly exploiting new vulnerabilities in these devices through large-scale attack campaigns," the company said. The retail sector has the riskiest devices on average, followed by financial services, government, healthcare, and manufacturing. Spain, China, the United Kingdom, Qatar, and Singapore are the top five countries with the riskiest devices on average. "To effectively defend this evolving attack surface, organizations must adopt modern security strategies that address risk across all device categories," Forescout said. "As threat actors continue shifting their focus away from traditional endpoints, they increasingly target less-protected devices that offer easier initial access." Spanish Authorities Arrest 6 for AI-Powered Investment Scam — The National Police of Spain has arrested six individuals aged between 34 and 57 behind a large-scale cryptocurrency investment scam that used AI tools to generate deepfake ads featuring popular public figures to deceive people, defrauding 208 victims worldwide of €19 million ($21.6 million). More than €100,000 of the total money defrauded from the victims has been frozen as part of the operation codenamed COINBLACK - WENDIMINE. "The modus operandi used to carry out this scam consisted of inserting ads on different web pages as a hook related to investments in cryptocurrencies," the National Police said. "The victims were not selected at random, but, through algorithms, they selected those people whose profile fit into what cybercriminals were looking for." The investment scam involved inserting ads on web pages and social media networks and using AI tools to falsely claim endorsements from famous personalities so as to entice the targets into making the investments. Some aspects of the scam were detailed by ESET in December 2024, which codenamed the campaign Nomani. Oracle Says Hack Affected "Obsolete Servers" — Oracle has confirmed that a hacker stole and leaked credentials that were stolen from what it described as "two obsolete servers." However, the company downplayed the severity of the breach and insisted its cloud infrastructure (OCI) was not compromised and that no customer data and services were impacted by the incident. "A hacker did access and publish user names from two obsolete servers that were never a part of OCI," it said in an email notification. "The hacker did not expose usable passwords because the passwords on those two servers were either encrypted and/or hashed. Therefore the hacker was not able to access any customer environments or customer data." It's not known how many customers were affected. Atlas Lion Uses New Tactics in Attacks Targeting Retailers — The Moroccan threat actor known as Atlas Lion (aka Storm-0539) has been observed using stolen credentials to enroll attacker-controlled VMs into an organization's domain, per cybersecurity firm Expel. Known for its extensive understanding of the cloud, the group's primary goal appears to be redeeming or reselling the stolen gift cards they obtain during their attack campaigns. U.S. Treasury OCC Says Hackers Had Access to 150,000 Emails — The Treasury Department's Office of the Comptroller of the Currency (OCC) revealed in February 2025 that it "identified, isolated and resolved a security incident involving an administrative account in the OCC email system." As a result, a limited number of affected administrative accounts were identified and disabled. "There is no indication of any impact to the financial sector at this time," the OCC said at the time. Now, in an update, the OCC has classified the breach as a "major incident," adding "the unauthorized access to a number of its executives' and employees' emails included highly sensitive information relating to the financial condition of federally regulated financial institutions used in its examinations and supervisory oversight processes." Bloomberg reported that the unidentified threat actors behind the hack broke into an email system administrator's account and gained access to over 150,000 emails from May 2023 after intercepting about 103 bank regulators' emails. 🎥 Cybersecurity Webinars 1️⃣ Learn to Detect and Block Hidden AI Tools in Your SaaS Stack — AI tools are quietly connecting to your SaaS apps — often without Security's knowledge. Sensitive data is at risk. Manual tracking won't keep up. In this session, learn: How AI tools are exposing your environment Real-world examples of AI-driven attacks How Reco helps detect and respond automatically Join Dvir Sasson from Reco to get ahead of hidden AI threats. 2️⃣ Learn How to Secure Every Step of Your Identity Lifecycle — Identity is your new attack surface. AI-powered impersonation and deepfakes are breaking traditional defenses. Learn how to secure the full identity lifecycle — from enrollment to daily access to recovery — with phishing-resistant MFA, device trust, and Deepfake Defense™. Join Beyond Identity and Nametag to stop account takeovers before they start. 🔧 Cybersecurity Tools CAPE (Config and Payload Extraction) — CAPE is a powerful malware sandbox that runs suspicious files in a safe Windows environment and digs much deeper than traditional tools. It not only tracks file changes, network traffic, and memory dumps but also automatically unpacks hidden payloads, extracts malware settings, and defeats tricks used to avoid detection. With smart use of YARA rules and a built-in debugger, CAPE gives threat hunters and analysts a faster, clearer way to uncover what malware is really doing. MCP-Scan — It is an open-source security tool that checks your MCP servers for hidden risks like prompt injections, tool poisoning, and cross-origin attacks. It scans popular setups like Claude, Cursor, and Windsurf, detects tampering in tool descriptions, and helps catch silent changes that could compromise your environment. With built-in protections like tool pinning and Invariant Guardrail checks, MCP-Scan gives developers and security teams a fast, reliable way to spot vulnerabilities before attackers can use them. 🔒 Tip of the Week Monitoring for Unauthorized Account Activations — Attackers are using a clever trick to stay hidden inside networks: reactivating the built-in Windows Guest account. Normally, this account is disabled and ignored by system admins. But when attackers enable it and set a new password, it blends in as part of the system — making it easy for them to quietly log in, escalate privileges, and even access devices remotely through RDP. Since the Guest account looks normal at first glance, many security teams miss it during reviews. To catch this tactic early, monitor your security logs closely. Set alerts for Event ID 4722 — this signals when any disabled account is reactivated, including Guest. Also track the use of native Windows tools like net.exe, wmic, and PowerShell for any commands that modify accounts. Pay special attention to any Guest account being added to privileged groups like Administrators or Remote Desktop Users. Cross-check with your endpoint protection or EDR tools to spot changes outside normal maintenance windows. If you find an active Guest account, assume it's part of a larger breach. Check for signs of hidden accounts, unauthorized remote access tools, and changes to RDP settings. Regular threat hunting — even just checking that all default accounts are truly disabled — can break an attacker's persistence before they move deeper into your environment. Conclusion Every breach, every evasion technique, and every new tool attackers use is also a learning opportunity. If you're in cybersecurity today, your advantage isn't just your tech stack — it's how quickly you adapt. Take one tactic you saw in this week's update — privilege escalation, AI misuse, stealth persistence — and use it as a reason to strengthen a weak spot you've been putting off. Defense is a race, but improvement is a choice. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.What Top 3 Principles Define Your Role as a CIO and a CTO?What Top 3 Principles Define Your Role as a CIO and a CTO?The CIO of IBM and the CIO of NMI discuss some foundational elements that help them navigate the shifting demands of providing leadership on tech.Joao-Pierre S. Ruth, Senior EditorApril 14, 2025The duties of C-suite tech leadership at enterprises are changing rapidly of late. AI shook up strategies at many companies and can lead to new demands on CIOs, CTOs, and others responsible for technology plans and use.The core principles that guide CIOs and CTOs can be essential for navigating such times, especially when organizations look to them for direction.In this episode, Matt Lyteson, CIO of IBM, and Phillip Goericke, CTO of NMI, share some key principles that define their respective roles at their organizations. They also discuss where they picked up some of the lessons that shaped those principles, how their jobs have changed since they got their starts, and whom they look to for inspiration as leaders -- as well as what they wish they knew when they got started. Listen to the full episode here.About the AuthorJoao-Pierre S. RuthSenior EditorJoao-Pierre S. Ruth covers tech policy, including ethics, privacy, legislation, and risk; fintech; code strategy; and cloud & edge computing for InformationWeek. He has been a journalist for more than 25 years, reporting on business and technology first in New Jersey, then covering the New York tech startup community, and later as a freelancer for such outlets as TheStreet, Investopedia, and Street Fight.See more from Joao-Pierre S. RuthWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in history, we surpassed $2B in revenue in our last fiscal year with extensive growth potential ahead.At the heart of Veeva are our values: Do the Right Thing, Customer Success, Employee Success, and Speed. We're not just any public company – we made history in 2021 by becoming a public benefit corporation (PBC), legally bound to balancing the interests of customers, employees, society, and investors.As a Work Anywhere company, we support your flexibility to work from home or in the office, so you can thrive in your ideal environment.Join us in transforming the life sciences industry, committed to making a positive impact on its customers, employees, and communities.The RoleAs the Product Expert, you will be part of the Product organization focused on Veeva CRM, bringing the voice of the customer to influence the product roadmap. Product Experts are a lead voice in our online communities, customer meetings, in-person events, and creating resources for both internal and external teams to realize the value of the innovation within our products. This is a great opportunity for someone who is knowledgeable and passionate about Veeva CRM and is excited about working closely with customers to help make them successful. Note: This is not a QA Engineering role.What You'll DoBe the product evangelist and provide subject matter expertise for Veeva CRMStay up to date with the latest features, capabilities, and roadmap directionShare product information and best practices and educate customers on Veeva CRM through customer meetings and online communitiesEngage with customer stakeholders to share our product vision and roadmapCollect, dig into, and prioritize customer feedback and product gaps, and provide this input into release planning and roadmap directionCollaborate with the wider Product team to deliver product communication, such as release notes content, feature education, demo recordings, and online and in-person community meetingsProvide support to all areas in the organization, including Services, Strategy, Sales & Product SupportRequirementsA must-have is 3+ years experience administrating and/or implementing Veeva CRMAbility to understand and communicate technical requirements, preferences, and limitations to both business and technical audiencesExperience interacting with customers and internal teams, both in-person and remoteStrong analytical and communication skills; written, verbal, and formal presentationSelf-directed team player with a positive attitudeWillingness to travel up to 10%Nice to HaveCreating materials for technical & non-technical audiencesExperience with video editing softwareExperience performing software demonstrationsExperience managing an online communityPerks & BenefitsMedical, dental, vision, and basic life insuranceFlexible PTO and company paid holidaysRetirement programs1% charitable giving programCompensationBase pay: $55,000 - $225,000The salary range listed here has been provided to comply with local regulations and represents a potential base salary range for this role. Please note that actual salaries may vary within the range above or below, depending on experience and location. We look at compensation for each individual and base our offer on your unique qualifications, experience, and expected contributions. This position may also be eligible for other types of compensation in addition to base salary, such as variable bonus and/or stock bonus.#LI-RemoteUSVeeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at [email protected].

The winning team selected for the estimated £45,000 contract will advance existing RIBA Stage 2+ plans to upgrade the busy Half Penny Steps bridge and pocket park. The project – planned to complete in 2027 – aims to transform the under-utilised public open space on the borough’s border with Kensington & Chelsea into a ‘vibrant and lush canalside terrace.’ Key aims include introducing new planting, feature lighting, amphitheatre-style seating and a community mooring point. The search for a design team comes six months after DK-CM completed a concept report looking at options for renewing several sites across the North Paddington Canalside area.Advertisement According to the brief: ‘WCC [is] looking to appoint a high quality, creative and capable team that can work to tight deadlines and collaboratively with ourselves and the wider team to deliver this unique opportunity. ‘The lead consultant is expected to be an expert in landscape design for this project. The team are expected to draw together the wealth of existing work into a holistic and coherent RIBA Stage 3 design. ‘The consultant will be expected to develop designs with a sound awareness of feasibility and budget. The successful consultant will need to demonstrate that they have access to a multi-disciplinary skill set either in house or by bringing together specialist subconsultants and/or delivery partners.’ The latest commission comes just three months after Allies and Morrison won a competition held by Westminster City Council and the Crown Estate to overhaul the public realm on London’s Regent Street and the surrounding areas. Earlier this year Hugh Broughton completed an upgrade of WCs at Victoria Embankment, part of a wider programme covering eight public conveniences across the City of Westminster.Advertisement Bids for the latest commission will be evaluated 70 per cent on quality and 30 per cent on price. Applicants must hold employer’s liability insurance of £5 million, public liability insurance of £5 million and professional indemnity insurance of £2 million. Competition details Project title BT199 - Half Penny Steps Landscape Commission Client Contract value £280,000 First round deadline 5pm, 25 April 2025 Restrictions Tbc More information https://www.find-tender.service.gov.uk/Notice/014279-2025

The Moto G Power may not be the cheapest of Motorola's budget phones, but it's worth the upcharge.

OpinionApril 14, 20255 min readReplacing Federal Workers with Chatbots Would Be a Dystopian NightmareThe Trump administration sees an AI-driven federal workforce as more efficient. Instead, with chatbots unable to carry out critical tasks, it would be a diabolical messBy Asmelash Teka Hadgu & Timnit Gebru Moor Studio/Getty ImagesImagine calling the Social Security Administration and asking, “Where is my April payment?” only to have a chatbot respond, “Canceling all future payments.” Your check has just fallen victim to “hallucination,” a phenomenon in which an automatic speech recognition system outputs text that bears little or no relation to the input.Hallucinations are one of the many issues that plague so-called generative artificial intelligence systems like OpenAI’s ChatGPT, xAI’s Grok, Anthropic’s Claude or Meta’s Llama. These are design flaws, problems in the architecture of these systems, that make them problematic. Yet these are the same types of generative AI tools that the DOGE and the Trump administration want to use to replace, in one official’s words, “the human workforce with machines.”This is terrifying. There is no “one weird trick” that removes experts and creates miracle machines that can do everything that humans can do, but better. The prospect of replacing federal workers who handle critical tasks—ones that could result in life-and-death scenarios for hundreds of millions of people—with automated systems that can’t even perform basic speech-to-text transcription without making up large swaths of text, is catastrophic. If these automated systems can’t even reliably parrot back the exact information that is given to them, then their outputs will be riddled with errors, leading to inappropriate and even dangerous actions. Automated systems cannot be trusted to make decisions the way that federal workers—actual people—can.On supporting science journalismIf you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.Historically, “hallucination” hasn’t been a major issue in speech recognition. That is, although earlier systems could take specific phrases and respond with transcription errors in specific phrases or misspell words, they didn’t produce large chunks of fluent and grammatically correct texts that weren’t uttered in the corresponding audio inputs. But researchers have shown that recent speech recognition systems like OpenAI’s Whisper can produce entirely fabricated transcriptions. Whisper is a model that has been integrated into some versions of ChatGPT, OpenAI’s famous chatbot.For example, researchers from four universities analyzed short snippets of audio transcribed by Whisper, and found completely fabricated sentences, with some transcripts inventing the races of the people being spoken about, and others even attributing murder to them. In one case a recording that said, “He, the boy, was going to, I’m not sure exactly, take the umbrella” was transcribed with additions including: “He took a big piece of a cross, a teeny, small piece.... I’m sure he didn’t have a terror knife so he killed a number of people.” In another example, “two other girls and one lady” was transcribed as “two other girls and one lady, um, which were Black.”In the age of unbridled AI hype, with the likes of Elon Musk claiming to build a “maximally truth-seeking AI,” how did we come to have less reliable speech recognition systems than we did before? The answer is that while researchers working to improve speech recognition systems used their contextual knowledge to create models uniquely appropriate for performing that specific task, companies like OpenAI and xAI are claimingaccording to OpenAI, “tackling complex problems in science, coding, math, and similar fields.” To do this, these companies use model architectures that they believe can be used for many different tasks and train these models on vast amounts of noisy, uncurated data, instead of using system architectures and training and evaluation datasets that best fit a specific task at hand. A tool that supposedly does everything won’t be able to do it well.The current dominant method of building tools like ChatGPT or Grok, which are advertised along the lines of “one model for everything,” uses some variation of large language models (LLMs), which are trained to predict the most likely sequences of words. Whisper simultaneously maps the input speech to text and predicts what immediately comes next, a “token” as output. A token is a basic unit of text, such as a word, number, punctuation mark or word segment, used to analyze textual data. So giving the system two disparate jobs to do, speech transcription and next-token prediction, in conjunction with the large messy datasets used to train it, makes it more likely that hallucinations will happen.Like many of OpenAI’s projects, Whisper’s development was influenced by an outlook that its former chief scientist has summarized as “If you have a big dataset and you train a very big neural network,” it will work better. But arguably, Whisper doesn’t work better. Given that its decoder is tasked with both transcription and token prediction, without precise alignment between audio and text during training, the model can prioritize generating fluent text over accurately transcribing the input. And unlike misspellings or other mistakes, large swaths of coherent text don’t give the reader clues that the transcriptions could be inaccurate, potentially leading users to use them in high-stakes scenarios without ever finding their failures. Until it’s too late.OpenAI researchers have claimed that Whisper approaches human “accuracy and robustness,” a statement that is demonstrably false. Most humans don’t transcribe speech by making up large swaths of text that never existed in the speech they heard. In the past, those working on automatic speech recognition trained their systems using carefully curated data consisting of speech-text pairs where the text accurately represents the speech. Conversely, OpenAI’s attempt to use a “general” model architecture rather than one tailored for speech transcription—sidestepping the time and resources it takes to curate data and adequately compensate data workers and creators—results in a dangerously unreliable speech recognition system.If the current one-model-for-everything paradigm has failed in the context of English language speech transcription that most English speakers can perfectly perform without further education, how will we fare if the U.S. DOGE Service succeeds in replacing expert federal workers with generative AI systems? Unlike the generative AI systems that federal workers have been told to use to perform tasks ranging from creating talking points to writing code, automatic speech recognition tools are constrained to the much more well-defined setting of transcribing speech.We cannot afford to replace the critical tasks of federal workers with models that completely make stuff up. There is no substitute for the expertise of federal workers handling sensitive information and working on life-critical sectors ranging from health care to immigration. Thu, we need to promptly challenge, including incourts if appropriate, DOGE’s push to replace “the human workforce with machines,” before this action brings immense harm to Americans.This is an opinion and analysis article, and the views expressed by the author or authors are not necessarily those of Scientific American

BioWare's Mass Effect and Dragon Age teams "didn't get along", former dev claims "May as well have been two separate studios." Image credit: BioWare News by Tom Phillips Editor-in-Chief Published on April 14, 2025 BioWare suffered from friction between its Dragon Age and Mass Effect teams, a former developer has claimed. Writing on social media, Dragon Age creator and former lead writer David Gaider has discussed his experiences at the studio prior to his departure in 2016, and said that staff working on the studio's two biggest franchises "didn't get along". This was something Gaider said he experienced personally when he moved across to join the main Mass Effect team as they worked on the ill-fated Anthem, after completing work on the original Mass Effect trilogy. "For a long time it was basically two teams under one roof: the Dragon Age team and the Mass Effect team," Gaider wrote. "Run differently, very different cultures, may as well have been two separate studios. And they didn't get along. "The company was aware of the friction and attempts to fix it had been ongoing for years, mainly by shuffling staff between the teams more often. Yet this didn't really solve things, and I had no idea until I got to the [Anthem] team. The team didn't want me there. At all." Gaider says he had been specifically asked by BioWare management to write a science fantasy story for Anthem, after the project had initially been concepted as a "hard sci-fi setting" akin to Aliens. And while Gaider says he was just following orders, his new colleagues were seemingly unaware of why he was writing something they thought was "too Dragon Age". "I kept getting feedback about how it was 'too Dragon Age' and how everything I wrote or planned was 'too Dragon Age'... the implication being that *anything* like Dragon Age was bad," Gaider continued. "And yet this was a team where I was required to accept and act on all feedback, so I ended up iterating CONSTANTLY." "I won't go into detail about the problems except to say it became clear this was a team that didn't want to make an RPG. Were very anti-RPG, in fact. Yet they wanted me to wave my magic writing wand and create a BioWare quality story without giving me any of the tools I'd need to actually do that." Ultimately, Gaider departed BioWare after 17 years following a failed attempt to bargain for a creative director position on another project after Anthem, and some "blunter words" on the likelihood of him having success outside the company if he did quit. "I had no idea where I was going to go or what I was going to do, but I wanted OUT," Gaider concluded. Since departing BioWare, Gaider has gone on to developer Stray Gods: The Roleplaying Musical at new outfit Summerfall Studios, which launched to a generally positive response in 2023. The studio's next project will be a demonic deckbuilder called Malys. BioWare continued work on Anthem for several years, though the project ultimately launched as a critical and commercial failure. The studio subsequently released the well-received Mass Effect: Legendary Edition in 2021, followed by Dragon Age: The Veilguard, which garnered positive reviews but lacklustre sales. A newly-slimmed down BioWare is now working solely on the next Mass Effect, first announced back in December 2020.