Image credit: Jardins de Métis After 25 years of journeying across Canada and England, the Blue Stick Garden, which was originally created in 2000 by CCxA’s founder, Claude Cormier, for the first edition of the International Garden Festival, has returned to the Jardins de Métis to be reborn as the Blue Stick Forest. The Blue Stick Garden is a pixelated metamorphosis of the garden’s famous Himalayan blue poppy. The rare poppy was carefully acclimatized and cultivated in Métis by garden founder Elsie Reford. Cormier’s installation now sits within a microforest made up of plant species from warmer climatic zones, which that encircle and permeate the array of 2,500 blue and orange sticks. This installation aims to juxtapose two temporalities: the annual blooming of the blue poppy, symbolized by the colour change of the sticks, and the life rhythms of forest ecosystems, which must adapt to climate change. The forest, inspired by the innovative planting methods developed by Japanese botanist Akira Miyawaki, is made up of 1,800 densely planted trees, shrubs, and perennials ready to amplify their symbiotic properties. In the plantings, native plant families are joined by species suited to future conditions, presenting a genealogical portrait of an emerging forest in Eastern Quebec. Assisted migration of these plant species also embodies the garden’s heightened resilience and optimism, underscoring a collective responsibility to act for an increasingly fragile environment. Located near Elsie Reford’s vegetable garden—Reford’s original site for horticultural exploration and experimentation—the Blue Stick Forest stands as a tribute to Cormier. It aims to celebrate his practice rooted in innovation, experimentation, learning, and “serious fun”—a playful approach defining all his work. The Blue Stick Forest invites visitors into a ritual of annual visits to witness the transformation of the installation into a new experimental garden, commemorating the passion, and patience of visionary pioneers who have shaped Jardins de Métis as well as advanced landscape architecture practice today. It also symbolizes the commitment of new generations towards the future. The installation will open to the public on June 21, 2025, which is also the opening day of the 26th edition of the International Garden Festival. The post Blue Stick Garden Reborn as Forest at Les Jardins de Métis appeared first on Canadian Architect.

New Research Are These Mysterious 400,000-Year-Old Artifacts the Oldest Ivory Objects Made by Humans? Found in Ukraine, the fragments show signs of human manipulation—though researchers still haven’t ruled out the possibility that they were shaped by natural forces The ivory fragments show signs of manipulation by early humans. Stepanchuk et al. / International Journal of Osteoarchaeology, 2025 Archaeologists have unearthed mysterious 400,000-year-old artifacts made from mammoth tusks that may be the oldest human-made ivory objects ever found. They describe their findings in a recent paper published in the International Journal of Osteoarchaeology. During excavations at a site in Ukraine’s Southern Bug Valley, researchers discovered 24 ivory fragments, as well as artifacts made of flint and quartz. At the Lower Paleolithic site, known as Medzhibozh A, they also found the remains of horses, woolly rhinoceroses and large wild cats. Based on the site’s age and location, the team suspects it was once inhabited by a human ancestor called Homo heidelbergensis. But they haven’t found any evidence yet to confirm this hunch. Researchers were especially interested in the ivory fragments, so they brought them back to their lab and looked at them under a microscope. They also conducted a 3D analysis. “The study of the ivory began without a specific hypothesis, but their unusual characteristics, indicative of intentional modification, prompted closer examination,” says lead author Vadim Stepanchuk, a researcher at the National Academy of Sciences of Ukraine, per Phys.org’s Sandee Oster. Their analysis suggests that 14 of the fragments were created by humans. The artifacts show signs of various shaping techniques, including one that likely involved placing the ivory on a rock anvil and using another rock to chip away flakes. They were probably made from the tusks of a mammoth species called Mammuthus trogontherii. Some of the artifacts, like those shown here, appear to have been created using a technique known as "bipolar-on-anvil." Stepanchuk et al. / International Journal of Osteoarchaeology, 2025 The artifacts are fairly small. Additionally, ivory is a relatively soft material, especially compared to stone—too soft, at this size, to be used for cutting. As such, scientists are still puzzling out how early humans may have used them. One theory is that they were used to demonstrate effective techniques for creating tools out of other materials—like a teaching aid. Alternatively, they may have been children’s playthings. The region’s inhabitants may also have been experimenting with ivory because they couldn’t find enough high-quality stones to turn into tools. “Their shapes mimic typical flake tools from the site—a pointed piece, a core-like fragment and tiny waste flakes,” Stepanchuk tells McClatchy’s Irene Wright. “The resemblance to real tools, combined with the fragility of ivory, led us to consider a social or behavioral explanation. They may reflect play or learning behavior—perhaps children copying adult knappers.” However, the scientists haven’t ruled out the possibility that the ivory pieces were shaped by natural forces—such as mammoths bashing their tusks together while fighting. They could potentially test that theory by running experiments with modern elephant tusks and then comparing them to the artifacts, reports New Scientist’s Taylor Mitchell Brown. But if they were shaped by human hands, the ivory fragments “add to an apparently increasing appreciation of the intelligence of pre-modern humans,” Gary Haynes, a retired anthropologist at the University of Nevada who was not involved with the research, tells New Scientist. Stepanchuk echoes that sentiment, telling IFLScience’s Benjamin Taub the discovery “hints that, even at this early stage, hominins may have engaged in what might be described as imitative or socially motivated activities.” In addition, if the artifacts were deliberately created by humans, the find would push back the timeline for human ivory processing by thousands of years. According to the paper, the earliest known use of ivory for artifact manufacturing dates to the Upper Paleolithic period, which lasted from roughly 50,000 to 10,000 years ago. Scientists have also found evidence of ivory artifacts that were potentially shaped by Neanderthals roughly 120,000 years ago, per Phys.org. “The discovery was indeed unexpected,” Stepanchuk tells IFLScience. “We had never seen or heard of ivory artifacts from the Lower Palaeolithic.” Get the latest stories in your inbox every weekday.

TBD VC, a new early-stage venture capital firm, has announced a $35 million fund to back deep tech Israeli founders at the pre-seed and seed stages, both in Israel and around the globe. The fund launch comes amid a new wave of breakout Israeli tech stories, including Wiz’s recent $32 billion acquisition by Google and Next Insurance’s $2.6 billion e…Read More

If you’ve played both The Last of Us games and are watching along with the show, there’s a pretty strong chance you’ve been waiting to see how the HBO series approaches a very particular moment — and wondering if that moment has been changed at all for TV. Well, it didn’t take too long to find out.The second episode of season 2 just aired, and The Last of Us’ creators made sure to rip the bandage right off. And not only did they not tone things down, they somehow made things even more intense, while also using the moment as a chance to further expand this post-apocalyptic world.Obviously, there will be spoilers to follow for The Last of Us, which cover both the second game and the show up through episode 2 of the second season. To make sure you don’t see this pivotal spoiler, here is another photo of Pedro Pascal as Joel Miller in the show. Don’t scroll past him if you don’t want to be spoiled on a major development.Image: HBOOK, so, yes, that happened. The inciting incident in The Last of Us’ second chapter, the one that sends Ellie on a ceaseless and questionable quest for revenge, is Joel’s death at the hands (and golf club, and shotgun) of Abby. In the game, it was a brutal sequence that involved watching helplessly as the protagonist of the first game was tortured and murdered, viewed through the eyes of his surrogate daughter Ellie, who is the playable lead in The Last of Us Part II.That brutality hasn’t been lessened for the HBO show. In fact, it feels even harsher in live action, particularly when Joel is played by such a charming guy like Pascal. Functionally, the scene plays out largely the same as it did in The Last of Part II, as do the moments leading up to it. There are some small changes, like how the characters are paired up when things go down, but the outcome is the same. Which is all to say that it’s wince-inducing, full of blood, screams, and tears.RelatedWhat the show does add, though, is an entirely new storyline, one that manages to ratchet up the intensity to an interesting new degree. While Joel is being kidnapped and tortured, and a massive snowstorm is brewing, the show introduces another wrinkle: an absolutely gigantic group of infected who descend upon Jackson, the relatively safe town where Joel and Ellie have been living.It adds a new layer of desperation to the moment, as — prior to realizing he’s been ensnared in a trap — Joel is singularly focused on racing to get back and help his community. In fact, one of the reasons he is OK partnering up with a stranger like Abby in the first place is the promise of weapons and reinforcements.Image: HBOThis new narrative thread is part of the show’s attempt to expand the story of The Last of Us beyond just its main characters. In the game, players saw things solely from Ellie’s perspective, so there wasn’t any real focus on the town. But in the show, there are multiple viewpoints and, thus, more opportunities to flesh out the world. Jackson plays a big part of that; in the episode you see the townsfolk using every tool at their disposal to fend off the attack, and the devastation to the town afterwards is very clear. This addition makes the moment feel larger than Joel and Ellie, while also adding an extra layer of tension and violence to an already tense and violent scene.As co-creator Neil Druckmann, a writer and director on both the game and the show, explained to me ahead of season 2: “One of the things we were able to do in the show that we couldn’t do much of in the game was get to know Jackson as a community, and understand what’s at stake here, what are the threats from the outside.”Yes, the moment will likely be a huge shock for those coming in unaware, as it’s rare that such a pivotal character is killed off in a TV show like this. But much like the infamous Red Wedding in Game of Thrones, for the many people who already knew what was coming, they can now relax and watch the show without wondering how it’s going to approach the death sequence, or if it was going to approach it at all.Well, relax a little — this is still The Last of Us.See More:

Three years ago, LEGO released Lord of the Rings Rivendell – a 6,000-piece tribute to Peter Jackson's vision of Middle-Earth and the J.R.R. Tolkien-written books that inspired it. You can check it out on Amazon. I reviewed the set for IGN and interviewed the designer in a follow-up feature. It is one of the best, most detail-oriented builds of the past five years.In 2024, LEGO released another massive Lord of the Rings set, this time of Barad-dûr, the massive tower in Mordor that's topped with the Eye of Sauron. Similar to Rivendell, it is laden with numerous, movie-accurate details. And now, 2025 has brought us The Shire, another rich, albeit smaller, buildBut aside from these three sets , there are no other Lord of the Rings sets on sale. This wasn't always the case. LEGO and Lord of the Rings first partnered in June 2012, and between June 2012 and October 2014, LEGO released numerous sets that celebrated both the original Lord of the Rings film trilogy and the subsequent Hobbit trilogy. The last of these went out of print in July 2015; the only way to obtain them now would be to go on the expensive secondary market.Here is a showcase of the major LEGO Lord of the Rings sets over the past decade plus: what was released and subsequently retired; what is currently on sale; and what we might expect to see in the future.Attack on Weathertop (Retired)Set: #9472Age Range: 8-14Piece Count: 430Release Date: 6/1/2012Dimensions: 5 inches high, 6 inches widePrice: $59.99This set captured the moment when Aragorn defended Frodo and the Hobbits from the Ringwraiths. It included the key details, such as the spiral stone staircase that led to the top of the watchpoint, as well as the black horses that the Ringwraiths rode as they searched the realm for the One True Ring. This was part of the first wave of LEGO Lord of the Rings sets in June 2012, along with the second entry on this list.The Mines of Moria (Retired)Set: #9473 Age Range: 9-14Piece Count: 776Release Date: 6/1/2012Dimensions: 11 inches high, 5 inches widePrice: $79.99This Mines of Moria sequence is one of the coolest parts of the Lord of the Ring movies. The set based on it included a massive cave troll and several freestanding elements to represent Balin's Tomb. The LEGO designers rigged the tomb to fall apart at the press of a lever, and you could also recreate the scene where Pippin knocked the skeleton into the well (via a trap door), thereby alerting everyone to the Fellowship's presence.The Orc Forge (Retired)Set: #9476Age Range: 8-14Piece Count: 363Release Date: 7/1/2012Dimensions: 8 inches high, 9 inches widePrice: $39.99A small but richly detailed build, the Orc Forge was a blacksmith forge with fanciful elements, with a chain lift and bucket to transport ore, and a chute that fed into a cauldron to melt the ore down. It also included an anvil and a light brick to make the fire glow.The Battle of Helm’s Deep (Retired)Set: #9474Age Range: 10-14Piece Count: 1368Release Date: 7/1/2012Dimensions: 9 inches high, 3 inches widePrice: $129.99Based on the climactic siege that concluded The Two Towers, this was a massive castle set. It had the Horn of Helm Hammerhand at the top of its tallest tower, and its signature, curved outer wall, including a breakaway portion so you could recreate the moment when the orcs breached the defenses.An Unexpected Gathering (Retired)Set: #79003Age Range: 9-14Piece Count: 652Release Date: 12/1/2012Dimensions: 6 inches high, 11 inches wide, 6 inches deepPrice: $69.99A charming build of Bilbo's home, An Unexpected Gathering included Gandalf, Bilbo, and 4 of the 12 dwarves who imposed themselves on his hospitality. Green was the predominant color of the set's exterior, which gave it the fertile, bountiful atmosphere that we associate with the Shire.Battle at the Black Gate (Retired)Set: #79007 Age Range: 9-14Piece Count: 656Release Date: 6/1/2013Dimensions: 8 inches high, 11 inches wide, 2 inches deepPrice: $59.99Obviously, the Battle of Black Gate, which was the climax to the entire LOTR trilogy, was much grander than what could be accomplished with 656 LEGO pieces. This is the exact sort of build that would most benefit from a modern reimagining. Can you picture what the LEGO designers could do with 3000 or even 4000 pieces? Still, there was lots to appreciate about this set, especially the Mouth of Sauron Minifigure, the Great Eagle, and the angular severity of the Gate itself.Tower of Orthanc (Retired)Set: #10237Age Range: 14+Piece Count: 2359Release Date: 7/1/2013Dimensions: 28 inches high, 8 inches wide, 6 inches deepPrice: $199.99This model of Saruman's massive tower was two-and-a-half feet tall, and it was as imposing as the LEGO designers had hoped. But as intimidating as the exterior was, the interior was equally impressive and included a throne room (where Gandalf and Saruman had their wizard duel), a dungeon, a library, and an alchemy room. It also comes with a massive Ent and a Great Eagle, so that Gandalf can hitch a ride off the roof. The Lonely Mountain (Retired)Set: #79018Age Range: 8-14Piece Count: 866Release Date: 10/15/2014Dimensions: 8 inches high, 16 inches wide, 4 inches deepPrice: $129.99This was Bilbo's big moment, when he discovered the entrance to the Lonely Mountain on Durin's Day. And this set includes the secret door, Smaug's lair, the mountain of gold, and a number of play mechanisms the dwarves' battle with Smaug, when they try to submerge him in liquid gold. This set was part of the last wave of Lord of the Rings sets from 2012-2014. We wouldn't get another set in the series until January 2023.Gandalf the Grey & Balrog (Retired)Set: #40631Age Range: 10+Piece Count: 348Dimensions: 3.5 inches tallPrice: $19.99In January 2023, LEGO released several LOTR-themed pairings as part of their collectible Blockheadz line. There were four different sets available for purchase, each for $20: Gandalf the Grey & Balrog, Aragorn & Arwen, and Frodo & Gollum. LEGO retired them at the end of 2024.Lord of the Rings: Rivendell (Currently on sale)LEGO Lord of the Rings: RivendellSee it at AmazonSet: #10316Age Range: 18+Piece Count: 6167Dimensions: 16 inches high, 29 inches wide, 20 inches deepPrice: $499.99And that brings us to the present day. On sale now exclusively at the LEGO Store, Rivendell sets a bar for the level of delicate detail that can exist in a single set. It is beautiful, but it is fragile, with some elements hanging on by single connections. Other details, like the leaves on the trees and the patterning of the roofs, create a cumulative intricacy. And many more details are enclosed, meant to be cast in shadow by the exterior elements. This is a set that you admire with your eyes and not with your hands, and is one of our picks for the best LEGO sets for adults.Lord of the Rings: Barad-dûr (Currently on sale)LEGO Lord of the Rings: Barad-dûrSee it at AmazonSet: #10333Age Range: 18+Piece Count: 5471Dimensions: 32.5 inches high, 17.5 inches wide, 12 inches deepPrice: $459.99We built this at launch. The most recently released set on this list, the LEGO rendition of Barad-dûr is nearly three feet tall and covered with menacing, black spikes. The interior includes a dungeon, Saruman's throne room, and a armory for the orcs and goblins to gird themselves for battle. On top is the glowing Eye of Sauron, which is backlit with a red light brick.Editor's Note: There's a cheaper LEGO alternative of this set on our Lord of the Rings puzzle guide.Lord of the Rings: The Shire (Currently on sale)LEGO Lord of the Rings: The ShireSee it at LEGO StoreSet: #10354Age Range: 18+Piece Count: 2017Dimensions: 7.5 inches high, 17.5 inches wide, 10.5 inches deepPrice: $269.99The latest Lord of the Rings set depicts The Shire on the evening of Bilbo's 111th Birthday. Go through the circular door into Bilbo's hobbit hole, and you'll see all sorts of cool details – food on every available surface, a study with an inkpot and quill, and an open foyer that is instantly recognizable from the first film. The coolest bit is the fireplace; turn a crank, and the wax-sealed envelope 'burns away' to reveal the One True Ring.How Many LEGO Lord of the Rings Sets are There?According to the official LEGO Store, there are three Lord of the Rings sets available for purchase as of April 2025. Based on the past three years, one can assume that more sets, on the scale of Rivenedell and Barad-dûr, will be on their own way. But perhaps the comparatively smaller Shire set means that we'll get some variety in piece count. The current rumors point to a smaller set depicting Gandalf fighting the Balrog. Are they true? We'll have to wait and see.

Ted Lasso was officially renewed for season 4 last month, after months of rumors and signs that the show would indeed return with a new season on Apple TV+. Now star and writer Brett Goldstein has shared an update on season 4’s status, and explained what it’s been like to see the show revived. Brett Goldstein was interviewed on the latest episode of NPR’s Wild Card podcast with Rachel Martin. In the episode, he provides an update on where things stand with work on Ted Lasso season 4. Martin: Where are you in the process? Goldstein: In the writer’s room at the moment…That’s obviously all I can tell you, I’m afraid. Before Apple had announced Ted Lasso’s official return, signs pointed to a spring production start for the new season. More recently though, it’s seemed that summer will be the production kickoff instead. Goldstein and the other writers being in the writers room right now fits with that timing. The interview also contains a funny anecdote from Goldstein about how it feels to revive a show that seemingly had concluded with season 3. It’s a strange thing. It’s like, I have a friend that I went to university with. I think about this a lot. He had a cat that died…he loved his cat, and the cat was run over, and they buried the cat, buried it, and he was his child. They buried the cat in the garden, and he lay in bed so sad, so upset and crying, and he prayed and he prayed and he wished, I wish the cat would come back, and it turned out that the cat that they’d buried wasn’t their cat. And so the cat came back, and I think about that all the time…They buried a different cat… I guess I’m saying I feel like that kid. Like, we buried it. We all cried. We had a funeral. Are you saying we can bring anything back? It seems clear that Goldstein and the rest of the creative team truly believed Ted Lasso was over when season 3 ended, with no return ever planned. But after lots of wishing and hoping over the years, now it’s coming back. Sometimes you’ve just got to believe. Apple TV+ is currently available for just *$2.99* per month with a limited-time special. Best iPhone accessories Add 9to5Mac to your Google News feed.  FTC: We use income earning auto affiliate links. More.You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that's exactly what we saw in last week's activity. Hackers are getting better at hiding inside everyday actions: opening a file, running a project, or logging in like normal. No loud alerts. No obvious red flags. Just quiet entry through small gaps — like a misconfigured pipeline, a trusted browser feature, or reused login tokens. These aren't just tech issues — they're habits being exploited. Let's walk through the biggest updates from the week and what they mean for your security. ⚡ Threat of the Week Recently Patched Windows Flaw Comes Under Active Exploitation — A recently patched security flaw affecting Windows NTLM has been exploited by malicious actors to leak NTLM hashes or user passwords and infiltrate systems since March 19, 2025. The flaw, CVE-2025-24054 (CVSS score: 6.5), is a hash disclosure spoofing bug that was fixed by Microsoft last month as part of its Patch Tuesday updates. The security flaw is assessed to be a variant of CVE-2024-43451 (CVSS score: 6.5), which was patched by Microsoft in November 2024 and has also been weaponized in the wild in attacks targeting Ukraine and Colombia by threat actors like UAC-0194 and Blind Eagle. See Zero Trust + AI in Action ➝ 🔔 Top News North Korea Targets Crypto Developers with Fake Python Coding Challenges — The North Korea-linked threat actor known as Slow Pisces (aka Jade Sleet, PUKCHONG, TraderTraitor, and UNC4899) is targeting developers, particularly in the cryptocurrency sector, to deliver new stealer malware under the guise of a coding assignment. These challenges require developers to run a compromised project, infecting their systems using malware named RN Loader and RN Stealer. Jade Sleet is one of the several North Korean threat activity clusters to leverage job opportunity-themed lures as a malware distributor vector, the others being Operation Dream Job, Contagious Interview, Alluring Pisces, and Moonstone Sleet. Mustang Panda Targets Myanmar with New Tooling — The China-linked threat actor known as Mustang Panda targeted an unspecified organization in Myanmar with an updated version of its signature backdoor, TONESHELL, in addition to debuting four new attack tools: two keyloggers (PAKLOG and CorKLOG), a utility for facilitating lateral movement (StarProxy), and a driver to evade endpoint detection and response (EDR) software (SplatCloak). The findings demonstrate the continued evolution of the threat actor's tradecraft to sidestep detection. European Diplomats Targeted in GRAPELOADER Attacks — The Russian state-sponsored threat actor known as APT29 has been attributed to an advanced phishing campaign that's targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER. The attacks involve the use of phishing emails that employ wine-tasting lures to entice message recipients into opening booby-trapped ZIP archives that lead to GRAPELOADER, a malware loader that's capable of downloading and retrieving the next stage payload. Apple Fixes Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks — Apple has released fixes to address two security flaws that it said have come under active exploitation in the wild. The flaws, a memory corruption vulnerability in the Core Audio framework (CVE-2025-31200) and an unspecified vulnerability in RPAC (CVE-2025-31201), are said to have been weaponized in an "extremely sophisticated attack against specific targeted individuals on iOS." However, the exact details surrounding the nature of the exploitation and who may have been targeted are not known. The issues have been addressed in iOS 18.4.1, iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, and visionOS 2.4.1. UNC5174 Targets Linux Systems with SNOWLIGHT and VShell — A cyberspy crew with ties to China's Ministry of State Security has infected global organizations with a stealthy remote access trojan (RAT) called VShell to enable its espionage and access resale campaigns. The attacks, attributed to UNC5174, use a mix of custom and open-source malware, including a dropper named SNOWLIGHT that paves the way for the in-memory malware VShell. Besides using VShell, UNC5174 has also used a new command-and-control infrastructure since January 2025. Primary targets of the campaign consist of U.S.-based organizations, although Hong Kong, Taiwan, Japan, Germany, and France are some of the other countries where SNOWLIGHT has been spotted. The campaign is believed to have been ongoing as far back as November 2024. ‎️‍🔥 Trending CVEs Attackers love software vulnerabilities—they're easy doors into your systems. Every week brings fresh flaws, and waiting too long to patch can turn a minor oversight into a major breach. Below are this week's critical vulnerabilities you need to know about. Take a look, update your software promptly, and keep attackers locked out. This week's list includes — CVE-2025-2492 (ASUS), CVE-2025-24054 (Microsoft Windows), CVE-2025-32433 (Erlang/OTP), CVE-2021-20035 (SonicWall Secure Mobile Access 100 Series), CVE-2025-31200, CVE-2025-31201 (Apple iOS, iPadOS, macOS Sequoia, tvOS, and visionOS), CVE-2025-24859 (Apache Roller), CVE-2025-1093 (AIHub theme), and CVE-2025-3278 (UrbanGo Membership plugin) 📰 Around the Cyber World Google Makes :visited More Private — ​Google is finally taking steps to plug a long-standing privacy issue that, for over 20 years, enabled websites to determine users' browsing history through the previously visited links. The side-channel attack stemmed from allowing sites to style links as ":visited," meaning displaying them in the color purple if a user had previously clicked on them. This caused a privacy issue in that it could be abused to leak a user's browser history, and worse, track them. However, with the release of Chrome 136 on April 23, 2025, Google is adopting what's called triple-key partitioning that uses a combination of the link URL, top-level site, and frame origin. "With partitioning enabled, your :visited history is no longer a global list that any site can query," the company said. Pegasus Targeted 456 Mexicans via WhatsApp 0-Day in 2019 — NSO Group's notorious spyware Pegasus was used to target 1,223 WhatsApp users in 51 different countries during a 2019 hacking campaign, a new court document filed as part of a lawsuit filed by WhatsApp against NSO Group. The countries with the most victims of this campaign are Mexico (456), India (100), Bahrain (82), Morocco (69), Pakistan (58), Indonesia (54), Israel (51), Uzbekistan (43), Algeria (38), and Cyprus (31). Also targeted were victims in Spain (12), the Netherlands (11), Syria (11), Hungary (8), France (7), United Kingdom (2), and the United States (1). The court document with the list of victims by country was first reported by Israeli news site CTech. What's more, a copy of a court hearing transcript obtained by TechCrunch found that the governments of Mexico, Saudi Arabia, and Uzbekistan were among the countries accused of being behind the 2019 hacking campaign, according to a lawyer working for the Israeli spyware maker. The development marks the first time NSO Group has publicly acknowledged its customers. Law Enforcement Action Dismantles Drug Trafficking Networks — Authorities have dismantled four major criminal networks responsible for fueling the flow of drugs into the European Union and Türkiye. A coordinated operation conducted by Belgium, France, Germany, the Netherlands, Spain, and Türkiye has resulted in the arrests of 232 suspects and seizures of EUR300 million worth of assets, including 681 properties and 127 vehicles. The law enforcement exercise has been codenamed Operation BULUT. "Using both traditional smuggling routes and sophisticated logistics, the groups were linked to the seizure of at least 21 tonnes of drugs in Europe and Türkiye, including 3.3 million MDMA tablets," Europol said, adding the investigation was facilitated by intelligence extracted from encrypted communication platforms like Sky ECC and ANoM. Microsoft Plans to Disable ActiveX — Microsoft has announced it will begin disabling all ActiveX controls in Windows versions of Microsoft 365 and Office 2024 applications later this month to mitigate security risks associated with the legacy framework. "When ActiveX controls are disabled, you will not be able to create new ActiveX objects or interact with existing ones," the company said in a support document. "This change applies to Word, Excel, PowerPoint, and Visio." The tech giant also noted that attackers could use deceptive tactics to trick recipients into changing their ActiveX settings, either via phishing emails or when downloading files from the internet. Thailand Pro-Democracy Movement Targeted by JUICYJAM — The pro-democracy movement in Thailand has been targeted by a "sustained, coordinated social media harassment and doxxing campaign" codenamed JUICYJAM since at least August 2020, the Citizen Lab has revealed. "The operation utilized an inauthentic persona over multiple social media platforms (primarily X and Facebook) to target pro-democracy protesters by doxxing individuals, continuously harassing them, and instructing followers to report them to the police," the inter-disciplinary research organization said. "Through our analysis of public social media posts we determined that the campaign was not only inauthentic, but the information revealed could not have been reasonably sourced from a private individual." The campaign has been attributed to the Royal Thai Armed Forces and/or the Royal Thai Police. "JUICYJAM's tactics support a larger network of judicial harassment and democratic suppression that is infrequently enforced by social media platforms, but poses a significant threat to civil society," it added. Attackers Increasingly Shift to NTLM Relay Attacks — Microsoft has warned that threat actors are "consistently" exploiting critical vulnerabilities in Exchange Server and SharePoint Server to gain a persistent foothold inside the target, and ultimately lead to remote code execution, lateral movement, and exfiltration of sensitive data. "More recently, attackers have shifted to NTLM relay and credential leakage techniques on Exchange," the company said. "Attackers exploit NTLM authentication by relaying credentials to a vulnerable server, potentially resulting in target account compromise. Meanwhile, in recent attacks on SharePoint, we observed increasingly stealthy persistence tactics, such as replacing or appending web shell code into existing files and installing remote monitoring and management (RMM) tools for broader access." OpenID Connect Misconfigurations Within CI/CD Environments — Researchers have identified "problematic patterns and implementations" when it comes to the use of OpenID Connect (OIDC) within continuous integration and continuous deployment (CI/CD) environments that could be exploited by threat actors to gain access to restricted resources. These threat vectors include loosely configured policies used by identity federations, reliance on user-controllable claim values, vendor-side credential handling, and the ability to leverage poisoned pipeline execution (PPE) in combination with permissive identity federation. "OIDC extends the OAuth protocol by adding a new token to the protocol, enabling applications to verify user identities and authorize access to resources using that token," Palo Alto Networks Unit 42 said. "It plays a crucial role in ensuring secure and seamless authentication and authorization during CI/CD processes. Securing these implementations is critical, as OIDC is rapidly being adopted as the primary foundation for modern cloud authentication workflows." Scammers Pose as FBI IC3 Employees to 'Help' Recover Stolen Funds — The U.S. Federal Bureau of Investigation (FBI) is warning that fraudsters are impersonating FBI Internet Crime Complaint Center (IC3) employees with offers to "help" fraud victims recover money lost to other scammers. "Complainants report initial contact from the scammers can vary. Some individuals received an email or a phone call, while others were approached via social media or forums," the agency said. "Almost all complainants indicated the scammers claimed to have recovered the victim's lost funds or offered to assist in recovering funds. However, the claim is a ruse to revictimize those who have already lost money to scams." 4Chan Taken Offline After Hack — Controversial internet forum 4chan was breached and its internal data leaked after hackers gained shell access to its hosting server, likely doxxing the entire moderation team along with many of the site's registered users. A 4chan splinter site called soyjack party, aka sharty, has claimed responsibility for the security breach and posted what they alleged was internal data on their rival website, including source code and information on moderators and janitors. A hacktivist group called the Dark Storm Team also claimed to have taken down the site on its Telegram channel, alongside BreachForums ("breachforums[.]st"). One 4chan janitor told TechCrunch that they are "confident" the leaked data and screenshots are real. In a screenshot shared by Hackmanac on X, the threat actors behind the breach revealed how they managed to gain access to the site's internal systems: "4chan allows uploading PDF to certain boards (/gd/, /po/, /qst/, /sci/, /tg/) They neglected to verify that the uploaded file is actually a PDF file. As such, PostScript files, containing PostScript drawing commands, can be uploaded. Said PostScript file will be passed into Ghostscript to generate a thumbnail image. The version of Ghostscript that 4chan uses is from 2012, so it is trivial to exploit. From there, we exploit a mistaken SUID binary to elevate to the global user." The development comes as cybercrime forum Cracked.io has resumed operations under the new cracked[.]sh domain over two months after its earlier version hosted on "cracked[.]io" was seized in a joint law enforcement operation. Android Gets Inactivity Reboot Feature — Google has launched an optional security feature in Android that will automatically restart devices after three days of inactivity. After a restart, the phone (or any device that runs the operating system) enters a heightened security state called the Before First Unlock (BFU) where data is encrypted and inaccessible unless users enter the unlock pattern or PIN. The update is rolling out to users as part of an update to Google Play Services version 25.14. It's worth noting that Apple introduced a similar iPhone Inactivity Reboot feature in iOS 18.1 that triggers a device restart after three days of being locked. The changes are seen as an attempt to make it more challenging to extract data from a phone, particularly by law enforcement using forensic tools made by Cellebrite or Magnet Forensics. Edge Network Devices Become Magnets for Initial Access — Compromised network edge devices, such as firewalls, virtual private network appliances, and other access devices, account for a quarter of the initial compromises of businesses in 2024, according to the Sophos Annual Threat Report. Additionally, VPN devices were targeted for initial access in 25% of ransomware and data exfiltration events last year. Some of the top observed malware families included web shells, Cobalt Strike, Akira, Lumma Stealer, LockBit, Fog, ChromeLoader, GootLoader, RansomHub, and Black Basta. "One trend that continues from previous years is the extensive use of generally available commercial, freeware, and open-source software by cybercriminals to conduct ransomware attacks and other malicious activity," Sophos said. "Dual-use tools are different from living-off-the-land binaries (LOLBins) in that they are full applications deployed and used as intended by malicious actors, rather than operating system-supplied components and scripting engines." Some of the top dual-use tools comprised SoftPerfect Network Scanner, PsExec, AnyDesk, Impacket, RDPclip, and Mimikatz. PRODAFT Plans to Buy Hacker Forum Accounts to Spy on Cyber Criminals — Cyber threat intelligence firm PRODAFT is encouraging users to cybercrime-focused dark web forums like XSS, Exploit.in, RAMP4U, Verified, and BreachForums to turn over a new leaf and sell their accounts in exchange for a cryptocurrency payment as part of an initiative called Sell your Source. The move goes beyond buying forum accounts to stealthily see what's happening in the criminal underground. Users of these forums can also anonymously report a cybercrime if it's something that's unethical or against their values. "In a world of deception, we make 'trust' the ultimate weapon by turning hackers into whistleblowers," said Can Yildizli, CEO of PRODAFT, in a statement shared with The Hacker News. However, it bears noting that only accounts created before December 2022 that aren't on the FBI's Most Wanted list will be considered. While the account transfer process is anonymous, PRODAFT will report account purchases to law enforcement authorities. The move is also meant to introduce a layer of psychological warfare, adding some level of uncertainty and paranoia when cybercriminals work with their counterparts, who may or may not be working with PRODAFT. "It could change the way that cybercriminals operate on the dark web and help to erode the loyalty between them," the company added. "It remains to be seen whether dark web forums will introduce stricter vetting processes, new detection tools, or sweeping rules to ban old accounts in response." Iranian National Charged in Connection With Nemesis Dark Web Marketplace — The U.S. Department of Justice announced that Iranian national Behrouz Parsarad, 36, has been charged for his alleged role as the founder and operator of the Nemesis dark web marketplace. The website facilitated the sale of drugs and cybercrime services between 2021 and 2024, when it was disrupted by law enforcement. "At its peak, Nemesis Market had over 150,000 users and more than 1,100 vendor accounts registered worldwide," the DoJ said. "Between 2021 and 2024, Nemesis Market processed more than 400,000 orders." Parsarad was sanctioned by the U.S. Treasury Department last month for running Nemesis. If convicted, Parsarad faces a mandatory minimum penalty of 10 years in federal prison and a maximum penalty of life. 83 Flaws Discovered in Vason Print — As many as 83 vulnerabilities have been disclosed in the Vason Print (formerly PrinterLogic) enterprise printer management solution that could allow an attacker to compromise instances, bypass authentication, facilitate lateral movement to clients, and achieve remote code execution. These vulnerabilities, which affect Windows, Linux/macOS, VA, and SaaS client versions, were reported between 2021 and 2024 by security researcher Pierre Barre. 35 Countries Use Chinese Networks for Routing Mobile User Traffic — U.S. allies like Japan, South Korea, and New Zealand are among the 35 countries where mobile providers employ China-based networks, including China Mobile International, China Telecom Global, China Unicom Global, CITIC Telecom International, and PCCW Global Hong Kong, for routing sensitive mobile traffic, opening travelers and residents in those nations to potential surveillance. "Although these providers play an important role in the global mobile ecosystem, they also introduce significant risks due to their transport of unencrypted signaling protocols like SS7 and Diameter, coupled with concerns stemming from state ownership and control," iVerify said. "A major issue lies in the fact that these providers operate under the direction of the Chinese government, raising the risk of global surveillance, data interception, and exploitation for state-sponsored cyber espionage." SheByte Phishing-as-a-Service (PhaaS) Exposed — Last year, LabHost suffered a major blow when its infrastructure was disrupted and 37 individuals were arrested as part of a law enforcement operation. But the void left by the PhaaS has been filled by yet another service dubbed SheByte since mid-June 2024. "SheByte initially offered many of the same features LabHost did, establishing themselves as the logical next platform for customers needing to find a new service," Fortra said. "SheByte has proudly claimed that the operation is run by a single developer. Additionally, SheByte claims to keep no logs and use complete end-to-end encryption of stolen information." The service is offered for $199 a month, with customizable phishing pages available for 17 Canadian banks, 4 U.S.-based banks, email providers, telecom companies, toll road collections, and crypto services. The premium membership also grants customers access to the platform's LiveRAT admin dashboard which functions similarly to LabRAT, allowing them to monitor site visits in real-time. The development comes as a 24-year-old Huddersfield man, Zak Coyne, was sentenced in the U.K. to eight-and-a-half years in prison for his role in creating, operating, and administering the LabHost service, which was used by more than 2,000 criminals to defraud victims all over the world. SSL/TLS Certificate Lifespans to Fall to 47 Days by 2029 — The Certification Authority Browser Forum (CA/Browser Forum), a consortium of certification authorities, web browser vendors, and others, has unanimously voted to reduce the lifespan of new SSL/TLS certificates to 47 days over the next four years, down from the current time period of 398 days. From March 15, 2026, the lifespan of certificates and their Domain Control Validation (DCV) will be cut down to 200 days. On March 15, 2027, it will shrink to 100 days. By March 15, 2029, new SSL/TLS certificates will last only 47 days. The shorter certificate renewal is seen as an effort to "protect private keys from being compromised by limiting the time they are exposed to potential threats, ultimately reducing the risk of man-in-the-middle attacks and data breaches," Sectigo said. Mobile Apps Fail Basic Security Measures — An analysis of 54,648 work apps (9,078 for Android and 45,570 for iOS) from official app stores has uncovered several security risks, with 103 Android apps using unprotected or misconfigured cloud storage. Ten other Android apps have been found containing exposed credentials to AWS cloud services. "88% of all apps and 43% of the top 100 use one or more cryptographic methods that don't follow best practices," Zimperium said. This included hard-coded cryptographic keys, the use of outdated algorithms like MD2, insecure random number generators, and the reuse of cryptographic keys. These security failures could allow attackers to intercept, decrypt, and gain unauthorized access to sensitive enterprise data. Microsoft Uses AI to Find flaws in GRUB2, U-Boot, Barebox Bootloaders — Microsoft said it leveraged Microsoft Security Copilot to uncover several vulnerabilities in multiple open-source bootloaders like GRUB2, U-boot, and Barebox that could allow threat actors to gain and execute arbitrary code. "While threat actors would likely require physical device access to exploit the U-boot or Barebox vulnerabilities, in the case of GRUB2, the vulnerabilities could further be exploited to bypass Secure Boot and install stealthy bootkits or potentially bypass other security mechanisms, such as BitLocker," Microsoft researcher Jonathan Bar Or said. Bootkits can have serious security implications as they can grant threat actors complete control over the device and result in persistent malware that remains intact even after an operating system reinstallation or a hard drive replacement. Following responsible disclosure, the issues have been addressed as of February 2025. 🎥 Cybersecurity Webinars AI-Powered Impersonation Is Beating MFA—Here's How to Shut the Door on Identity-Based Attacks — AI-driven impersonation is making traditional MFA useless—and attackers are getting in without ever stealing a password. In this session, you'll learn how to stop identity-based attacks before they start, using real-time verification, access checks, and advanced deepfake detection. From account takeover prevention to AI-powered identity proofing, see how modern defenses can shut the door on imposters. Join the webinar to see it in action. Smart AI Agents Need Smarter Security—Here's How to Start — AI agents are helping teams move faster—but without the right security, they can expose sensitive data or be manipulated by attackers. This session walks you through how to build AI agents securely, with practical steps, key controls, and overlooked risks you need to know. Learn how to reduce exposure without losing productivity, and keep your AI tools safe, reliable, and under control. Register now to start securing your AI the right way. 🔧 Cybersecurity Tools dAWShund — AWS has powerful tools for managing cloud security — but those same tools can be misused if not closely monitored. dAWShund is a Python framework that helps security teams find, check, and map AWS permissions across accounts and regions. It's made up of three tools: one to list resources and policies, one to test what actions are allowed, and one to visualize it all using graphs. Whether you're on defense or offense, dAWShund helps you spot risky access before attackers do. Tirreno — It is an open-source fraud prevention tool you can host yourself. Built with PHP and PostgreSQL, it helps you monitor user activity and spot suspicious behavior across websites, apps, SaaS platforms, and online communities. From stopping fake signups and bot traffic to flagging high-risk merchants, Tirreno gives you real-time analytics and smart risk signals — all with a quick 5-minute setup on your own server. 🔒 Tip of the Week Stop Spam Before It Starts: Use Burner Emails the Smart Way — Most people use the same email everywhere — but when one company leaks or sells your address, your inbox starts filling with spam or phishing emails. A smarter way is to use a burner email system, where you give each company a unique email like netflix@yourdomain.com. To do this, buy a cheap domain (like myaliashub.com) and set up free forwarding with services like ImprovMX or SimpleLogin. Every email sent to any name on that domain will land in your main inbox. If one starts getting spam, just delete or block it — problem solved, no need to change your real email. If you use Gmail, you can add +something after your name, like alex+uber@gmail.com, and Gmail will still deliver it. This helps you track who shared your email and set filters, but it's not very private since your real email is still visible. Some websites also block + emails. A better long-term option is to connect a custom domain to Gmail through Google Workspace, which gives you real aliases like shop@yourdomain.com with full control and spam filtering. Apple users can use Hide My Email (built into iOS and macOS). It creates a random email like x2k4@privaterelay.appleid.com for each website, and forwards messages to your iCloud inbox. You can disable or delete these anytime. It's great for signups, subscriptions, or trials where you don't want to share your real email. For even more control, Apple lets you use custom domains too. These tools help you stay organized, stop spam early, and quickly trace any leaks — all without needing to change your main email ever again. Conclusion This week made it clear: attackers aren't just hunting for big holes — they're slipping through tiny cracks we barely notice. An outdated security setting. A forgotten endpoint. A tool used slightly out of spec. And just like that, they're in. We're seeing more cases where the compromise isn't about breaking in — it's about being invited in by accident. As systems grow more connected and automated, even the smallest misstep can open a big door. Stay sharp, stay curious — and double-check the things you think are "too minor to matter." Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

Research and advisory firm Gartner predicts that agentic AI will be in 33% of enterprise software applications and enable autonomous decision making for 15% of day-to-day work by 2028. As enterprises work toward that future, leaders must consider whether existing cloud infrastructure is ready for that influx of AI agents.  “Ultimately, they are run, hosted, and are accessed across hybrid cloud environments,” says Nataraj Nagaratnam, IBM fellow and CTO of cloud security at technology and consulting company IBM. “You can protect your agentic [AI], but if you leave your front door open at the infrastructure level, whether it is on-prem, private cloud, or public cloud … the threat and risk increases.” InformationWeek spoke with Nagaratnam and two other experts in cloud security and AI to understand why a secure cloud infrastructure matters and what enterprises can be doing to ensure they have that foundation in place as agentic AI use cases ramp up.  Security and Risk Considerations  The security and risk concerns of adopting agentic AI are not entirely unfamiliar to organizations. When organizations first looked at moving to the cloud, security, legacy tech debt, and potential data leakage were big pieces of the puzzle.  “All the same principles end up being true, just when you move to an agentic-based environment, every possible exposure or weakness in that infrastructure becomes more vivid,” Matt Hobbs, cloud, engineering, data, and AI leader at professional services network PwC, tells InformationWeek.  Related:For as novel and exciting as agentic AI feels, security and risk management of this technology starts with the basics. “Have you done the basic hygiene?” Nagaratnam asks. “Do you have enough authentication in place?” Data is everything in the world of AI. It fuels AI agents, and it is a precious enterprise resource that carries a lot of risk. That risk isn’t new, but it does grow with agentic AI.  “It's not only the structured data that traditionally we have dealt with but [also] the explosion of unstructured data and content that GenAI and therefore the agentic era is able to tap into,” Nagaratnam points out.  AI agents add not only the risk of exposing that data, but also the potential for malicious action. “Can I get this agent to reveal information it's not supposed to reveal? Can I compromise it? Can I take advantage or inject malicious code?” Nagaratnam asks. Enterprise leaders also need to think about the compliance dimensions of introducing agentic AI. “The agents and the system need to be compliant, but you inherit the compliance of that underlying … cloud infrastructure,” Nagaratnam says.  Related:The Right Stakeholders Any organization that has embarked on its AI journey likely already realizes the necessity of involving multiple stakeholders from across the business. CIOs, CTOs, and CISOs -- people already immersed in cloud security -- are natural leaders for the adoption of agentic AI. Legal and regulatory experts also have a place in these internal conversations around cloud infrastructure and embracing AI.  With the advent of agentic AI, it can also be helpful to involve the people who would be working with AI agents. “I would actually grab the people that are in the weeds right now doing the job that you're trying to create some automation around,” says Alexander Hogancamp, director of AI and automation at RTS Labs, an enterprise AI consulting company.  Involving these people can help enterprises identify use cases, recognize potential risks, and better understand how agentic AI can improve and automate workflows.  The AI space moves at a rapid clip -- as fast as a tidal wave, racehorse, rocket ship, choose your simile -- and just keeping up with the onslaught of developments is its own challenge. Setting up an AI working group can empower organizations to stay abreast of everything happening in AI. They can dedicate working hours to exploring advancements in AI and regularly meet to talk about what this means for their teams, their infrastructure, and their business overall.  Related:“These are hobbyists, people with passion,” says Hogancamp. “Identifying those resources early is really, really valuable.” Building an internal team is critical, but no enterprise is an island in the world of agentic AI. Almost certainly, companies will be working with external vendors that need to be a part of the conversation.  Cloud providers, AI model providers, and AI platform providers are all involved in an enterprise’s agentic AI journey. Each of these players needs to undergo third-party risk assessment. What data do they have access to? How are their models trained? What security protocols and frameworks are in place? What potential compliance risks do they introduce?  Getting Ready for Agentic AI  The speed at which AI is moving is challenging for businesses. How can they keep up while still managing the security risks? Striking that balance is hard, but Hobbs encourages businesses to find a path forward rather than waiting indefinitely. “If you froze all innovation right now and said, ‘What we have is what we're going to have for the next 10 years,’ you'd still spend the next 10 years ingesting, adopting, retrofitting your business, he says.  Rather than waiting indefinitely, organizations can accept that there will be a learning curve for agentic AI.  Each company will have to determine its own level of readiness for agentic AI. And cloud native organizations may have a leg up.  “If you think of cloud native organizations that started with a modern infrastructure for how they host things, they then built a modern data environment on top of it. They built role-based security in and around API access,” Hobbs explains. “You're in a lot more prepared spot because you know how to extend that modern infrastructure into an agentic infrastructure. Organizations that are largely operating with an on-prem infrastructure and haven’t tackled modernizing cloud infrastructure likely have more work ahead of adopting agentic AI.  As enterprise teams assess their infrastructure ahead of agentic AI deployment, technical debt will be an important consideration. “If you haven’t addressed the technical debt that exists within the environment you're going to be moving very, very slow in comparison,” Hobbs warns.  So, you feel that you are ready to start capturing the value of agentic AI. Where do you begin?  “Don't start with a multi-agent network on your first use case,” Hogancamp recommends. “If you try to jump right into agents do everything now and not do anything different, then you're probably going to have a bad time.” Enterprises need to develop the ability to observe and audit AI agents. “The more you allow the agent to do, the more substantially complex the decision tree can really be,” says Hogancamp.  As AI agents become more capable, enterprise leaders need to think of them like they would an employee.  “You'd have to look at it as just the same as if you had an employee in your organization without the appropriate guidance, parameters, policy approaches, good judgment considerations,” says Hobbs. “If you have things that are exposed internally and you start to build agents that go and interrogate within your environment and leverage data that they should not be, you could be violating regulation. You're certainly violating your own policies. You could be violating the agreement that you have with your customers.” Once enterprises find success with monitoring, testing, and validating a single agent, they can begin to add more.  Robust logging, tracing, and monitoring are essential as AI agents act autonomously, making decisions that impact business outcomes. And as more and more agents are integrated into enterprise workflows -- ingesting sensitive data as they work -- enterprise leaders will need increasingly automated security to continuously monitor them in their cloud infrastructure.  “Gone are the days where a CISO gives us a set of policies and controls and says [you] should do it. Because it becomes hard for developers to even understand and interpret. So, security automation is at the core of solving this,” says Nagaratnam.  As agentic AI use cases take off, executives and boards are going to want to see its value, and Hobbs is seeing a spike in conversations around measuring that ROI.  “Is it efficiency in a process and reducing cost and pushing it to more AI? That's a different set of measurements. Is it general productivity? That's a different set of measurement,” he says.  Without a secure cloud foundation, enterprises will likely struggle to capture the ROI they are chasing. “We need to modernize data platforms. We need to modernize our security landscape. We need understand how we're doing master data management better so that [we] can take advantage and drive faster speed in the adoption of an agentic workforce or any AI trajectory,” says Hobbs.  

Taco Bell tried offering crispy chicken nuggets to customers last year, and it went so well that they are bringing them back to their menus, permanently.The popular fast food chain is bringing back their Crispy Chicken Nuggets, which debuted in December 2024 and sold out less than a week later.Nation’s Restaurant News reports that Crispy Chicken Nuggets are coming back on April 24, and from there will work their way to becoming a forever thing on the Taco Bell menu by 2026.At the beginning of Taco Bell’s nugget offering, fans were initially shocked that a place that is known for Mexican cuisine would have chicken nuggets. Critics mocked, but people flocked!Now, Taco Bell’s chief marketing officer, Taylor Montgomery, is speaking out about the success of the nuggets and their boisterous future.“The demand for our nuggets was off the charts, which is why we’re looking at making crispy chicken permanent to give our fans what they are telling us they want,” Montgomery says. “We know we’re not the usual name in crispy chicken, but our nuggets speak for themselves — they’re bold, different, and unmistakably Taco Bell.”Montgomery is being kind of humble though, to be honest — Taco Bell didn’t just whip out some microwaved nuggets here. They tested more than 45 recipe combinations and finally settled on a tortilla breading, thus giving the nuggies a Taco Bell vibe.Get our free mobile appThe mouthwatering nuggets will come with few different options when they hit the menu: They will be available à la carte, or as part of a combo.Five-piece nugget plus one dipping sauce: $3.99Ten-piece nugget plus two dipping sauces: $6.99Crispy Chicken Nuggets Combo: An order of regular nacho fries, nacho cheese sauce, a large fountain drink, five nuggets and one dipping sauce is $5.99, while the same combo with a 10-piece nuggets and two dipping sauces is $8.99.Those prices don't seem to be too steep in today's day and age, and this offering will surely be a home run like they were in 2024.Get our free mobile appREAD MORE: 15 Beloved Fast Food Sauces That No Longer Exist Popular Restaurants That Have Faded AwayCategories: Original Features

A lawsuit to hold Yahoo responsible for “willfully turning a blind eye” to the mismanagement of a human rights fund for Chinese dissidents was settled for $5.425 million last week, after an eight-year court battle. At least $3 million will go toward a new fund; settlement documents say it will “provide humanitarian assistance to persons in or from the [People’s Republic of China] who have been imprisoned in the PRC for exercising their freedom of speech.”  This ends a long fight for accountability stemming from decisions by Yahoo, starting in the early 2000s, to turn over information on Chinese internet users to state security, leading to their imprisonment and torture. After the actions were exposed and the company was publicly chastised, Yahoo created the Yahoo Human Rights Fund (YHRF), endowed with $17.3 million, to support individuals imprisoned for exercising free speech rights online.  But in the years that followed, its chosen nonprofit partner, the Laogai Research Foundation, badly mismanaged the fund, spending less than $650,000—or 4%—on direct support for the dissidents. Most of the money was, instead, spent by the late Harry Wu, the politically connected former Chinese dissident who led Laogai, on his own projects and interests. A group of dissidents sued in 2017, naming not just Laogai and its leadership but also Yahoo and senior members from its leadership team during the time in question; at least one person from Yahoo always sat on YHRF’s board and had oversight of its budget and activities.   The defendants—which, in addition to Yahoo and Laogai, included the Impresa Legal Group, the law firm that worked with Laogai—agreed to pay the six formerly imprisoned Chinese dissidents who filed the suit, with five of them slated to receive $50,000 each and the lead plaintiff receiving $55,000.  The remainder, after legal fees and other expense reimbursements, will go toward a new fund to continue YHRF’s original mission of supporting individuals in China imprisoned for their speech. The fund will be managed by a small nonprofit organization, Humanitarian China, founded in 2004 by three participants in the 1989 Chinese democracy movement. Humanitarian China has given away $2 million in cash assistance to Chinese dissidents and their families, funded primarily by individual donors.  This assistance is often vital; political prisoners are frequently released only after years or decades in prison, sometimes with health problems and without the skills to find steady work in the modern job market. They continue to be monitored, visited, and penalized by state security, leaving local employers even more unwilling to hire them. It’s a “difficult situation,” Xu Wanping, one of the plaintiffs, previously told MIT Technology Review—“the sense of isolation and that kind of helplessness we feel … if this lawsuit can be more effective, if it could help restart this program, it is really meaningful.” As we wrote in our original story, “Xu lives in low-income housing in his hometown of Chongqing, in western China. He Depu, another plaintiff, his wife, and an adult son survive primarily on a small monthly hardship allowance of 1,500 RMB ($210) provided by the local government as collateral to ensure that he keeps his opinions to himself. But he knows that even if he is silent, this money could disappear at any point.”  The terms of the settlement bar the parties from providing more than a cursory statement to the media, but Times Wang, the plaintiffs’ lawyer, previously told MIT Technology Review about the importance of the fund. In addition to the crucial financial support, “it is a source of comfort to them [the dissidents] to know that there are people outside of China who stand with them,” he said.  MIT Technology Review took an in-depth look at the case and the mismanagement at YHRF, which you can read here.