Just twelve months since it began shipping out to customers, the Cybertruck is now on its sixth recall this time for turning into a seven-thousand pound paperweight while driving.And yet, people keep buying the Tesla pickup. Its owners have adopted a siege mentality against the onslaught of bad press, and perhaps against the world, which isn't very kind to the stainless steel behemoths.What draws someone to dump $100,000 on a vehicle that reportedly bricks after going through a car wash? One explanation is that it's a sign of the extreme loyalty that Elon Musk inspires in his fans.But there could be more to it. As an automotive expert suggests, the Cybertruck's shoddiness may actually be what endears it to its edgy buyers."The people drawn to [the Cybertruck] don't have quality of construction or safety at the top of mind," Ivan Drury, director of insights at the automotive inventory company Edmunds, told Wired. "That this could be a dangerous vehicle to drive is key to its appeal."Cybertruck buyers are people "who think 'I don't care if I kill people when I drive this thing down the street,'" he added.As of October, Tesla has sold over 28,250 Cybertrucks, according to Kelly Blue Book, making it one of the best selling EVs in the country (though this is still a far cry from the 250,000 per year that Musk once estimated).Its selling points are varied. It's hyped as "bullet-proof" and "apocalypse proof,"though your results may vary; Tesla also claims it can off-road and tow and be an all-around workhorse.For many owners, the reality has been soberingly different. Sloppy construction, discolored body panels and getting stumped by normal truck stuff have all come to define the vehicle since its launch. There have even been reports of brand new Cybertrucks suddenly breaking down.It's not surprising, then, that the Cybertruck has been recalled at an average of once every two months. If anything, it's surprising it hasn't been recalled more.But that amount is already alarming. Harl Brauer, an executive analyst at iSeeCars, estimates that the Cybertruck's tally of six recalls make it "worse than 91 percent" of all other 2024 vehicles."We aren't comfortable making [lifetime recall] predictions on the Cybertruck at this very early stage," Brauer told Wired. "But so far it isn't doing very well."Yet according to Drury, Cybertruck owners don't pay attention to details like that. In fact, you can more or less sum up their ethos as a giant "fuck you" to sound car-buying wisdom."Cybertruck customers are in it for the stares and glares they don't care about how many times [this vehicle is] going to be recalled over 30 years," Drury told Wired. "They're buying this car for now, with zero thought to the future.""A standard auto customer wants to know if a car will last 10 years or will be ongoing good value for money," he added. "A Cybertruck customer doesn't care about any of that. Owning a Cybertruck isn't practical; it's a boast. A boast that 'I have so much discretionary income I can afford to waste it on an impractical car.'"Share This Article

Nov 29, 2024Ravie LakshmananAI Security / Cloud SecurityMicrosoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild.The vulnerability that has been tagged with an "Exploitation Detected" assessment is CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw in partner.microsoft[.]com."An improper access control vulnerability in partner.microsoft[.]com allows an unauthenticated attacker to elevate privileges over a network," the tech giant said in an advisory released this week.Microsoft credited Gautam Peri, Apoorv Wadhwa, and an anonymous researcher for reporting the flaw, but did not reveal any specifics on how it's being exploited in real-world attacks.Fixes for the shortcomings are being rolled out automatically as part of updates to the online version of Microsoft Power Apps. Also addressed by Redmond are three other vulnerabilities, two of which are rated Critical and one is rated Important in severity -CVE-2024-49038 (CVSS score: 9.3) - A cross-site scripting (XSS) vulnerability in Copilot Studio that could allow an unauthorized attacker to escalate privileges over a networkCVE-2024-49052 (CVSS score: 8.2) - A missing authentication for a critical function vulnerability in Microsoft Azure PolicyWatch that could allow an unauthorized attacker to escalate privileges over a networkCVE-2024-49053 (CVSS score: 7.6) - A spoofing vulnerability in Microsoft Dynamics 365 Sales that could allow an authenticated attacker to trick a user into clicking on a specially crafted URL and potentially redirect the victim to a malicious siteWhile most of the vulnerabilities have already been fully mitigated and require no user action, it's advised to update Dynamics 365 Sales apps for Android and iOS to the latest version (3.24104.15) to secure against CVE-2024-49053.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Nov 28, 2024Ravie LakshmananWindows Security / CryptominingA popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware campaign, infecting over 17,000 systems since at least June 2024."Cybercriminals have been taking advantage of Godot Engine to execute crafted GDScript code which triggers malicious commands and delivers malware," Check Point said in a new analysis published Wednesday. "The technique remains undetected by almost all antivirus engines in VirusTotal."It's no surprise that threat actors are constantly on the lookout for new tools and techniques that can help them deliver malware while sidestepping detection by security controls, even as defenders continue to erect new guardrails.The newest addition is Godot Engine, a game development platform that allows users to design 2D and 3D games across platforms, including Windows, macOS, Linux, Android, iOS, PlayStation, Xbox, Nintendo Switch, and the web.The multi-platform support also makes it an attractive implement in the hands of adversaries who can now leverage it to target and infect devices at scale, effectively broadening the attack surface."The Godot Engine's flexibility has made it a target for cybercriminals, enabling stealthy, cross-platform malware like GodLoader to spread rapidly by exploiting trust in open-source platforms," Eli Smadja, security research group manager at Check Point Software Technologies, said in a statement shared with The Hacker News."The Godot Engine's flexibility has made it a target for cybercriminals, enabling stealthy, cross-platform malware like GodLoader to spread rapidly by exploiting trust in open-source platforms. For the 1.2 million users of Godot-developed games, the implications are profound -- not just for their devices but for the integrity of the gaming ecosystem itself. This is a wake-up call for the industry to prioritize proactive, cross-platform cyber security measures to stay ahead of this alarming trend."What makes the campaign stand out is that it leverages the Stargazers Ghost Network in this case, a set of about 200 GitHub repositories and more than 225 bogus accounts as a distribution vector for GodLoader."These accounts have been starring the malicious repositories that distribute GodLoader, making them appear legitimate and safe," Check Point said. "The repositories were released in four separate waves, primarily targeting developers, gamers, and general users."The attacks, observed on September 12, September 14, September 29, and October 3, 2024, have been found to employ Godot Engine executables, also known as pack (or .PCK) files, to drop the loader malware, which is then responsible for downloading and executing final-stage payloads such as RedLine Stealer and the XMRig cryptocurrency miner from a Bitbucket repository.In addition, the loader incorporates features to bypass analysis in sandboxed and virtual environments and add the entire C:\ drive to the Microsoft Defender Antivirus exclusions list to prevent the detection of malware.The cybersecurity company said GodLoader artifacts are primarily geared towards targeting Windows machines, although it noted that it's trivial to adapt them to infect macOS and Linux systems.What's more, while the current set of attacks involves the threat actors building custom Godot Engine executables for malware propagation, it could be taken a notch higher by tampering with a legitimate Godot-built game after obtaining the symmetric encryption key used to extract the .PCK file.This sort of attack, however, can be averted by switching to an asymmetric-key algorithm (aka public-key cryptography) that relies on a public and private key pair to encrypt/decrypt data.The malicious campaign serves up another reminder of how threat actors frequently leverage legitimate services and brands to evade security mechanisms, necessitating that users download software only from trusted sources."Threat actors have utilized Godot's scripting capabilities to create custom loaders that remain undetected by many conventional security solutions," Check Point said. "Since Godot's architecture allows platform-agnostic payload delivery, attackers can easily deploy malicious code across Windows, Linux, and macOS, sometimes even exploring Android options.""Combining a highly targeted distribution method and a discreet, undetected technique has resulted in exceptionally high infection rates. This cross-platform approach enhances malware versatility, giving threat actors a powerful tool that can easily target multiple operating systems. This method allows attackers to deliver malware more effectively across various devices, maximizing their reach and impact."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Headquarters: japan URL: https://life-analytics.orgLifeAnalytics Co,,, Ltd.Recruiting full stack and image processing researchers (life science/digital pathology field)[Job details] Analysis and processing of microscopic images in life science and digital pathology Development and optimization of web-based image analysis applications Research and development of new algorithms using data-driven research methods. Collaboration with researchers inside and outside the team.Qualification requirements 3+ years of experience in computer science, image processing, or related field. Experience in developing image analysis software Knowledge of programming languages (react, Python, C++, etc.) Experience with machine learning and deep learning is a plus. Communication and teamwork skills. Highly Knowledge of open stack[Work location] Fully remote work[What we offer] Career advancement opportunitiesApplication method Please send your resume and cover letter to [Recruiter's email address].LifeAnalytics,,,Co.LTD is looking for passionate researchers who will use cutting-edge technology to pioneer the future of rice science and digital pathology.To apply: https://weworkremotely.com/remote-jobs/lifeanalytics-full-remote-bio-pathology-field-senior-full-stuck-developer

By Laura May Todd (Author)A stunning survey celebrating the beauty, idiosyncrasy, and romance of Italian interior design There are few countries with such an established design scene, distinctive aesthetic, and universal appeal as Italy. This sumptuously illustrated survey showca...

By Super Sudaca (Author), Fernando Lara (Editor)At the dawn of the new millennium, a group of Latin American young architects found themselves on a pilgrimage to one of the centers of design production of the old world. As pilgrims and migrants have done for thousands of years, t...

Looking forthe most recentMini Crossword answer?Click here for today's Mini Crossword hints, as well as our daily answers and hints for The New York Times Wordle, Strands and Connections puzzles.TheNew York Times Crossword Puzzleis legendary. But if you don't have that much time, theMini Crosswordis an entertaining substitute. The Mini Crossword is much easier than the old-school NYT Crossword, and you probably can complete it in a couple of minutes. But if you're stuck, we've got the answers. And if you could use some hints and guidance for daily solving, check out our Mini Crossword tips.The Mini Crossword is just one of many games in the Times' games collection. If you're looking for today's Wordle, Connections and Strands answers, you can visitCNET's NYT puzzle hints page.Read more: Tips and Tricks for Solving The New York Times Mini CrosswordLet's get at those Mini Crossword clues and answers. The completed NYT Mini Crossword puzzle for Dec. 1, 2024. NYT/Screenshot by CNETMini across clues and answers1A clue: Folder for unwanted filesAnswer: TRASH6A clue: Map app suggestionAnswer: ROUTE7A clue: Country whose flag depicts a blue dharmachakra ("wheel of dharma")Answer: INDIA8A clue: Colorful coat material?Answer: PAINT9A clue: Eggy holiday drinkAnswer: NOGMini down clues and answers1D clue: StumbleAnswer: TRIP2D clue: "Brooklyn" star SaoirseAnswer: RONAN3D clue: The "A" of A/VAnswer: AUDIO4D clue: "Float like a butterfly, ___ like a bee"Answer: STING5D clue: SpicinessAnswer: HEATHow to play more Mini CrosswordsThe New York Times Games section offers a large number of online games, but only some of them are free for all to play. You can play the current day's Mini Crossword for free, but you'll need a subscription to the Times Games section to play older puzzles from the archives.

Looking for the most recent Connections answers? Click here for today's Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle and Strands puzzles.Need the answers for theNew York Times Connections puzzle? To me,Wordle is more of a vocabulary test, but Connections is more of a brainteaser. You're given 16 words and asked to put them into four groups that are somehow connected. Sometimes they're obvious, but game editor Wyna Liu knows how to trick you by using words that can fit into more than one group. Read on for today's Connections hints and answers.There's also news in the Connections world. The Times now has a Connections Bot, like the one it's had for some time for Wordle. Go there after you play to receive a numeric score and to have the program analyze your answers. And players who are registered with the Times Games section can now nerd out by following their progress, including number of puzzles completed, win rate, number of times they nabbed a perfect score and their win streak.Read more:Hints, Tips and Strategies to Help You Win at NYT Connections Every TimeHow to play ConnectionsPlaying is easy.Winning is hard. Look at the 16 words and mentally assign them to related groups of four. Click on the four words you think go together. The groups are coded by color, though you don't know what goes where until you see the answers. The yellow group is the easiest, then green, then blue, and purple is the toughest. Look at the words carefully and think about related terms. Sometimes the connection has to do with just a part of the word. Once, four words were grouped because each started with the name of a rock band, including "Rushmore" and "Journeyman."Read more:New NYT Connections Game for Sports Fans Lets Players Swing for the FencesHints for today's Connections groupsHere are four hints for the groupings in today's Connections puzzle, ranked from the easiest, yellow group to the tough (and sometimes bizarre) purple group.Yellow group hint: Safe place.Green group hint: Hut, hut!Blue group hint: Sweets for the sweet.Purple group hint: Land of the ____.Answers for today's Connections groupsYellow group: Sanctuary.Green group: Football gear.Blue group: Candy names.Purple group: Free ____Read more: Wordle Cheat Sheet: Here Are the Most Popular Letters Used in English WordsWhat are today's Connections answers? The completed NYT Connections puzzle for Dec. 1, 2024. NYT/Screenshot by CNETThe yellow words in today's ConnectionsThe theme is sanctuary. The four answers are haven, port, retreat and shelter.The green words in today's ConnectionsThe theme is football gear. The four answers are cleats, helmet, jersey and pads.The blue words in today's ConnectionsThe theme is candy names. The four answers are Charms, Kinder, Wonka and York.The purple words in today's ConnectionsThe theme is free ____. The four answers are Bird, Fallin, Solo and Willy.

Stalker 2 drops a second patch less than a day after the firstThis one addresses "bug fixes for six missions, along with additional error corrections".Image credit: GSC News by Vikki Blake Contributor Published on Nov. 30, 2024 Stalker 2: Heart of Chornobyl developer GSC Game World has dropped a second patch.GSC Game World moved quickly to acknowledged concerns after release on 20th November, and its initial patch dropped yesterday ushered in "over 650 fixes, including quest blockers, memory leaks, crashes, and minor bugs".Now the second patch in as many days will address "bug fixes for six missions, along with additional error corrections".Some of the fixes listed below contain mission and enemy names and other light spoilers, so if you'd rather not know more, please don't proceed past the video below!Stalker 2 is an open-world shooter with the guardrails removed.Watch on YouTube"Following the release of 1.0.1, we are now ready to proceed with the 1.0.2 patch," GSC Game World explained in the patch notes. "This update includes bug fixes for six missions, along with additional error corrections."Here's the full list of fixes:Fixed an issue when the second wave of monolith soldiers would not spawn during the On the Edge mission, blocking further progression.Fixed the issue when Ritcher could be found dead during the A Minor Incident mission, blocking further progression.The fixed issue was a player could get stuck after installing the fuse in the Wild Island area if they got the Emitter from Faust's Cell first during the Just Like the Good Old Days mission, blocking further progression.The fixed issue was when a player could not successfully complete the All That is Left mission while exploring the Chemical Plant region.Fixed issue when quest enemies could spawn in unreachable areas for a player during the Down Below mission, blocking further progression.Fixed an issue when Scar could be missing during the Visions of Truth mission.A few more EXCEPTION_ACCESS_VIOLATION errors are fixed."Thanks again for your support. We will continue working on future updates, reading your comments and feedback, and fixing 'anomalies' if they occur," the team concluded."If you detect any - report them to our Technical Support Hub. That will help us investigate your particular case and implement fixes faster."Stalker 2: Heart of Chornobyl has, of course, got off to an impressive start despite its technical issues. Earlier this week, GSC Game World revealed the shooter has already sold 1m copies - and that figure doesn't including all those players exploring The Zone via Game Pass.

Terraria's next update is delayed because dev will "not force anyone to crunch for an arbitrary deadline""Apologies for this one taking so long, but it will be well worth it." News by Vikki Blake Contributor Published on Nov. 30, 2024 Re-Logic has confirmed there's "no way" we'll see Terraria 1.4.5 released this year.In a lengthy update on the official forums, Ted "Loki" Murphy said that whilst the team was approaching the end of their respective to-do lists, end-of-year releases are "fraught with peril" due to review cycles and people going on early leave for the holiday. Consequently, he will not "force anyone on our team or anyone else's team to crunch".Terraria 1.4.5 - The Shocking Effects of Lightning.Watch on YouTube"The work on the final lists from each dev team member is nearing its conclusion, which is a great measure of progress," wrote Murphy. "That said, we are pretty certain that there is no way that we will see Terraria 1.4.5 release this year."To make a long story short, end-of-year releases (especially if you are trying to sync launch across PC-Mobile-Console AND do so globally at the same time) are fraught with peril due to review cycles, people leaving early for the holidays, etc. The hope was that we would be able to get things in ahead of that end of year mess, but that isn't looking to be the case."We are also not going to force anyone on our team or anyone else's team to crunch for what would be an arbitrary deadline," Murphy added. "So, that said, the next Terraria update is moving along into 2025."After acknowledging that the news "will not be welcome for many", Murphy added that Re-Logic "remain[s] committed to being a quality-first studio, so we will take the time necessary for each update to feel 'just right'... and we think that once the update is out, everyone will appreciate that time and care"."Apologies for this one taking so long for sure, but it will be well worth it," he added.We recently learned that Terraria will be linking up with open world pocket monster survival game Palworld for the latter's first big brand crossover. Exactly what this will entail remains to be seen, but artwork posted to social media earlier this week shows characters from the two games interacting ahead of the crossover happening at some point in 2025.