cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

How Many?Almost 19,000 new games were released on Steam in 2024, more than any year beforeThe number of new games that hit Steam every year continues to jump to ridiculous figures, and this year has been no different.Image credit: Valve News by Sherif Saed Contributing Editor Published on Dec. 30, 2024 2024 is almost over. In the final throes of what has been a terrible year for the games industry and the media that covers it, but a good one in terms of the number of quality games that were released, we can finally look back at some raw data about our favourite hobby.Well, at least as far as Steam is concerned. Which, considering how dominant Valves platform is on PC, its a pretty accurate picture of the industry.To see this content please enable targeting cookies. Steam data aggregator SteamDB, a site that everyone (ourselves included) has used to track how well every new release has been doing, and whether this or that highly-anticipated sequel managed to match or beat its predecessor in player numbers, has released its end-of-year results.The stats page gives a fairly brief, general look at the state of game releases on Steam in 2024. According to SteamDB, 18,949 new games were released on Steam this year, beating last years 14,310 by quite a margin. In fact, with one exception, the number of new games each year has climbed well above the year prior.The jump between 2023 and 2024, however, may be the largest yet for a single year, indicating that the clutter and discoverability problems will remain in 2025 and beyond. These figures, of course, include everything released that year, including free games, experiments, joke games, student projects and games you and I may never hear of.The report also reveals that of the nearly 19,000 new games, only 3,973 were popular enough to be rolled into Steam profile features, allowing them to offer collectible Trading Cards, emojis and other customisation items. Only those games achievements could count towards a users total, too.In essence, only 3,973 managed to get noticed by players for Valve to allow them to access these extended features, which is a little over 20% of all games released in 2024 on the platform. The good news is that its a figure that has been rising every year, too, so the audiences capacity for new titles is growing, if only slightly.

It's gonna be a big one.Nintendo has shared an adorable piece of artwork for The Legend of Zelda: Echoes of Wisdom as it looks ahead to 2025 and "all the wisdom it brings".The artwork itself is a pastel-based image of our heroine chilling out atop a small hill with her companion Tri in tow along with a couple of Zols (which, presumably, are friendly echoes of the gelatinous green blobs).Read the full article on nintendolife.com

A business built around increasingly customized ready-to-eat meals has netted Middle Eastern startup Calo a sizeable funding injection as it looks to expand both what it can offer its time-strapped customers and where it delivers its growing range of just-heat-to-eat dishes. The meal delivery market in the Middle East will hit $11.2 billion by 2030, according to a report fromMarkNtel Advisors published last year. Food aggregators such as Careem, Deliveroo and Talabat have built big businesses by banking on the habits of busy professionals ordering food in rather than making meals themselves fuelled in large part by the COVID-19 pandemic.Riyadh-based Calo differentiates itself by offering customized meal subscriptions for specialized segments like weight loss, high protein intake, or balanced meals targeting customers who care what they are eating, not merely when their food will arrive. The startup plans to further lean into meal customization to cater to more personalized segments and food needs, such as meals geared towards those seeking muscle gain, or suffering from diabetes, IBS (Irritable bowel syndrome), or PCOS (polycystic ovary syndrome). Calos premise is that people who fall into these categories will pay a premium for food customization features that meet their convenience needs.The company is so confident its onto something that its also in the process of acquiring an unnamed food startup in the U.K. to expand its footprint outside the Middle East next year with ambitions to go global.To fund the new growth vectors, Calo has raised $25 million in Series B funding led by Nuwa Capital with participation from Khwarizm Ventures and STV. Notably, all these investors are returning investors. Calo is now valued at around $250 million, according to multiple sources TechCrunch spoke to. The startup, which operates in Saudi Arabia, UAE, Kuwait, Qatar and Bahrain, allows users to pick healthier ready meals, including breakfast, lunch, dinner, and a snack offering meal filters such as balanced, high protein, low carb, and vegetarian. Users can customize their meals and plans and even skip days. The approach has built momentum in the region: this year Calo says it has served 10 million meals, with the average cost of a meal ranging from $7 to $9.Beyond the Series B round, Calo said its aiming to close a $25 million extension round by Q1 2025 and has a goal of going public in the next few years. So this might be its last funding tranche before the company lists in Saudi Arabia. (With the Series B closed, Calo has raised a total of $51 million across multiple rounds.)It is a powerful idea to deliver ready-to-eat meals that are nutritious, healthy, and customized to your needs, Khaled Talhouni, managing partner at Nuwa Capital, told TechCrunch over a call. Whether you want to build muscle or lose weight, Calo helps you personalize meals, and that idea has us excited.The GCC [Gulf Cooperation Council] market has an inbuilt propensity to order food. Thats why companies like Talabat and Deliveroo are successful. Plus, Calos logistic model, which is like a bulk milk run, puts them in an advantageous position, he added.Calo was started in Bahrain by Ahmed Al Rawi in 2019. Prior to that, Al Rawi built another startup for people to book sports venues and join ongoing games. Later, he advised startups in New York before starting Calo. Before building the startup, I thought there wasnt much to be done in food delivery as startups like Careem already existed. But I realized that a segment of customers wanted customized meals with specific calorie counts or ingredients, and incumbents didnt offer this level of personalization, Al Rawi told TechCrunch over a call.Calo founder Ahmed Al Rawi (Image Credits: Calo)He noted that services existed to give meal recommendations based on a persons height, weight, age, gender, and activity, but they didnt provide actual meals, which wasnt ideal for busy professionals hence Al Rawi spotting an opportunity for more customized meal delivery.According to Calo, people are buying 30% more meals on its service vs. an on-demand food aggregator (i.e. such as Careem). It credits this stickiness to combining meal delivery convenience with saving its customers the hassle of finding the right dish to meet their health goals.Image Credits: CaloThe company operates one central kitchen per city, using vans to make deliveries across cities with help from smaller vans and individual riders. Per Al Rawi, Calo currently has 200 vans driving across the Middle East.Customers receive their meals in a chilled state, which they can reheat in a microwave or by using a pan on their hob. The startup said it has been able to keep its ops quick and lean by not having a lot of delivery centers and by sticking to scheduled deliveries.Future RoadmapIn addition to opening up the new segments mentioned above, Calo plans to introduce even deeper personalization for users where they will, for example, be able to specify the exact portion of protein, carbs, or fat they want in a meal, or remove an ingredient.The startup is also experimenting with new business models, such as retail kiosks for grab-and-go meals in places like corporate offices, and an on-demand delivery service.Image Credits: CaloCurrently, Saudi Arabia represents 70% of Calos revenues, with UAE coming second at 15%. However, Al Rawi told us it expects the UAE to grow exponentially in the coming years.This year Calo hit nine figures in annualized revenue and runs at a nearly break-even state. The company aims to reach profitability by next year, ahead of going public.Because we are capital efficient, we didnt need to raise money and grow organically. But we saw new growth opportunities. So we primarily raised money to expand our business models, cater to more segments, and also open up new geographies that we serve in, Al Rawi added.

U.S. telecom giant Verizon says it has secured its network after being targeted by theChina-linked Salt Typhoon cyberespionage group.In a statement given to TechCrunch on Sunday, Verizon spokesperson Richard Young said the company has contained the cyber incident brought on by this nation-state threat actor, and that it has not detected any threat actor activity on its network for some time.Verizons containment of the incident has been confirmed by a highly respected cybersecurity firm, the company said, but Young declined to name the third-party company.While the scale of the Salt Typhoon breach is not yet known, Verizon said that the hackers specifically targeted a small number of high-profile customers in government.Immediately upon learning of this incident, Verizon took several key actions to protect its customers and its network, including partnering with federal law enforcement and national security agencies, industry partners, and private cybersecurity firms, Vandana Venkatesh, Verizons chief general officer, said. After considerable work addressing this incident, we can report that Verizon has contained the activities associated with this particular incident.AT&T has also confirmed that it has since secured its network after it was targeted by the Salt Typhoon hacking campaign, according to reports.We detect no activity by nation-state actors in our networks at this time. Based on our current investigation of this attack, the Peoples Republic of China targeted a small number of individuals of foreign intelligence interest, Reuters quoted an AT&T spokesperson as saying. The company added that the Chinese-backed hackers targeted a small number of individuals of foreign intelligence interest.This marks Verizon and AT&Ts first acknowledgment of their being impacted by the Salt Typhoon campaign. News first broke in October that the hackers had compromised the networks of some of the largest U.S. phone and internet companies to gather intelligence on U.S. citizens.U.S. officials said earlier this month that at least eight telecommunications providers had been targeted, including Lumen (formerly CenturyLink) and T-Mobile. On Friday, Anne Neuberger, deputy national security adviser for cyber and emerging technology, said a ninth victim had been identified, according to Reuters.AT&T and Lumen did not immediately respond to requests for comment.Neuberger, who didnt name the newly identified victim, said one of the nine telecoms breached involved an administrator account that had access to over 100,000 routers.

This Google Chrome browser extension attack compromised authentication cookies.Photothek via Getty ImagesUpdate, Dec. 30, 2024: This story, originally published Dec. 29 now includes an explanation of how 2FA bypass session cookie compromise works along with advice from security experts about mitigating the Chrome malicious extension attack.Hackers dont take holidays, as has been proven by a series of compromises of Google Chrome browser extensions dating back to mid-December and continuing through the seasonal break would attest to. Heres everything you need to know about the ongoing Google Chrome two-factor authentication bypass attacks.The Latest Google Chrome Browser Extension Attacks ExplainedAs reported Dec. 27 by Reuters, hackers have compromised several different companies' Chrome browser extensions in a series of intrusions. That threat actors are using Chrome extensions as an attack methodology is nothing new, but the extent of this latest campaign would appear to show how determined hackers are to steal session cookies and bypass your two-factor authentication protections.Although just one part of what would appear to be a coordinated and wide-reaching campaign to target multiple companies and their Chrome extensions, the total number of users at risk is likely in the millions; the attack against security company Cyberhaven is worth looking at as it both explains the potential dangers of such attacks, with some 400,000 corporate customers alone, and provides an insight into how quickly responding to them is key.Our team has confirmed a malicious cyberattack that occurred on Christmas Eve, affecting Cyberhaven's Chrome extension, Howard Ting, CEO of the data attack detection and incident response company, said in a security alert posting, We want to share the full details of the incident and steps were taking to protect our customers and mitigate any damage.MORE FOR YOUThe Cyberhaven Chrome Extension AttackThe attack against Cyberhaven customers started Dec. 24 when a phishing threat successfully managed to compromise an employee. Importantly, this included a credentials compromise that enabled the attacker to gain access to the Google Chrome Web Store. The attacker used these credentials to publish a malicious version of our Chrome extension, Ting confirmed. The malicious extension wasnt discovered until late on Dec. 25 after which it was removed within 60 minutes.A preliminary investigation into the attack revealed that the initial access vector was by way of a phishing email sent to the registered support email for Cyberhavens Chrome extension, targeting the developers. Cyberhaven has made this email available so as to warn others of what such an initial attack looks like.The phishing email that started the Cyberg=haven extension attackCyberhavenWhen the victim clicked on the link, they found themselves within the Google authorization flow for adding a malicious OAUTH Google application called Privacy Policy Extension, Cyberhaven said. This was hosted on Google.com and part of the standard process for granting access to third-party Google applications that, in this case, inadvertently authorized a malicious application. The employee had Google Advanced Protection enabled and had MFA covering his account, Cyberhaven said. No multi-factor authentication prompt was received and the employees Google credentials were not compromised in the attack. A malicious extension (24.10.4) based on a clean prior version of the official Cyberhaven Chrome extension was then uploaded to the Chrome Store.Chrome Extension AttackA 2FA Bypass ExplainedAlthough two-factor authentication remains a vital layer in your credential verification security protections, that doesnt mean it is invulnerable to attack. People often assume incorrectly that only the likes of 2FA by way of SMS text messages are open to interception and that using a code-generating authentication app is the silver bullet. While apps are a much stronger method of using 2FA for most people, and SMS codes are still better than no 2FA protection, attackers can still bypass this authentication layer. Actually, they dont precisely bypass it but clone it. An attacker will, by whatever method, redirect the victim to a genuine-looking login page where credentials are entered. When it comes to the 2FA code entry part, by using an attacker-in-the-middle technique, the session cookie that is created when a correct code is entered is captured and stored for later use. This cookie does what it says on the tin, flagging that user session as appropriately authorized. Of course, if an attacker has a copy of that cookie they can then re-run that session at their leisure and still be seen as the authenticated user.Chrome Extension 2FA Bypass AttackImpact And ScopeAccording to Ting, the impact and scope of the Cyberhaven Chrome extension attacks as follows:The only version of the Chrome extension impacted was 24.10.4, with the malicious code only being active between Christmas Day and Boxing Day. Only customers using Chrome-based browsers that auto-updated during the period of the attack would have been affected.For those browsers that were running the compromised extension, however, Cyberhaven has confirmed that it could have exfiltrated cookies and authenticated sessions for certain targeted websites. The initial investigation suggests that the targeted logins were social media advertising and AI platforms.Our investigation has confirmed that no other Cyberhaven systems, including our CI/CD processes and code signing keys, were compromised, Ting said.How To Mitigate 2FA Bypass AttacksAnd Respond To The Cyberhaven Chrome Extension IncidentWith the Federal Bureau of Investigation warning people on Oct. 30 about session cookie theft by cybercriminals in order to bypass 2FA account protections, the time to be aware and mitigate the risk of these attacks is long overdue. There are numerous protections to combat such attacks, including passkeys, which substantially reduce the impact of phishing and other social engineering attacks, a Google spokesperson said, Google research has shown that security keys provide a stronger protection against automated bots, bulk phishing attacks, and targeted attacks than SMS, app-based one-time passwords, and other forms of traditional two-factor authentication.One of the problems is that employees will often click through single sign-on and authorization screens, potentially granting permissions to unknown third-party apps, Vivek Ramachandran, founder of SquareX, said. On the server side, this could be prevented by disallowing apps that request risky OAuth scopes unless they are authorized. While creating a whitelist isnt always practical and can reduce productivity, a client-side Browser Detection-Response tool can step in.When it comes to this specific attack, affected customers were notified by Cyberhaven, along with those not known to be impacted in the cause of complete transparency. The malicious Chrome extension was removed from the Chrome Web Store, and a secure version, 24.10.5, was automatically deployed. For customers running version 24.10.4 of our Chrome extension during the affected period, Ting said, we strongly recommend verifying your extension has updated to version 24.10.5 or newer. I have approached Google for a statement.

New year, they say, new you. If youve been swayed by the new ad promoting the Apple Watch as a great device to boost your motivation and help keep your new years resolutions, then a new sales at Amazon and Best Buy are timely.Apple Watch Series 10.Getty ImagesThe deals highlighted in this post were independently selected by the Contributor and do not contain affiliate links.The prices are cut to the lowest prices yet, matching Black Friday deals. All the prices below relate to the models with GPS, but not cellular connectivity.This means that the $399 entry price for the 42mm sized model and the $429 equivalent for the larger, 46mm version are both cut by $70 each. At Amazon, thats 18% off the smaller model, bringing it down to $329 and 16% off the larger one, meaning its on sale for $359. Its not across all colors or straps, please note.In 42mm size, it applies for the jet black aluminum model with black Sport Band, jet black with ink Sport Loop, rose gold with plum Sport Loop, rose gold with light blush Sport Band and silver with blue Sport Loop. However, if youd rather have the silver case with denim Sport Band, thats $383.28.For the larger, 46mm case, the aluminum options are as follows: silver with denim Sport Band, rose gold with light blush Sport Band, rose gold with plum Sport Loop, jet black with black Sport Band and jet black with ink Sport Loop $359, while the silver case with blue Sport Loop is the outlier at $419.99.MORE FOR YOUApple Watch Series 10 in rose gold finish. AppleSimilar prices can be found at Best Buy right now.Best Buy has the $329 price for three 42mm options here: rose gold aluminum with light blush Sport Band, silver aluminum with denim Sport Band and jet black aluminum with black Sport Band. In 46mm size, you can pay $359 for the same three aluminum Watches.You can find the 42mm aluminum in silver with blue cloud Sport Loop, jet black with ink Sport Loop and rose gold with plum Sport Loop for $329 here. For the 46mm aluminum Watches, there are the same colors and bands here, for $359.

In a nutshell: In these modern times, many of us are chained to our desks longer than ever before. It's led to innovations in desk design, including a product called the Ergo Desk that not only lets users work while standing, but also reclines just like a chair. The health risks associated with sitting down all day are well documented: weight gain, heart attacks, and even potential cancers, to name a few. Standing desks are believed to improve posture and back pain, though a recent study raised questions over their alleged health benefits.Canadian company Ergo Desk's product can be used as both a sitting and standing desk, but it also has another feature: the surface can be angled up to 45 degrees. The functionality means you can use the desk comfortably even when your chair is reclined, keeping the monitor(s) directly in front of your eyes.To stop your keyboard, mouse, and other devices from sliding off the desk when it's in the reclined position, there's a lip at the bottom of the desk. The monitor is kept in place with the included dual-arm mount, and for those who keep their PCs on their desks rather than the floor, a 16-inch section on the side of the Ergo remains horizontal you could also place drinks and other items here.Also read: Secretlab Magnus Pro XL Review: A Feature-Packed Sit-to-Stand DeskThe monitor mount is able to hold up to two 32-inch monitors weighing a total of 40 pounds. You can also attach your own mount to the desk. // Related StoriesThe Ergo desk measures 48 inches by 30 inches with height adjustment ranging from 30 inches to 48 inches, so it should be comfortable to use in its standing position for anyone between 6' 6" and 4' 8".The Ergo can be reserved from the company's website right now for just $1. Securing one this way ensures you'll pay $450 for the desk, which is apparently a 40% saving over the final retail price. No word yet on availability.The Ergo Desk site comes with the warning that the desk is still in manufacturing and the final designs may change slightly. Anyone reserving a desk will be kept up to date with any changes to appearance or production prior to shipping, and there's the promise of a full refund if an order is canceled before the project moves into production.

Is Microsoft secretly working on the return of its Surface Duo folding smartphone? Possibly, as a recently filed patent shows its still coming up with ideas for hinges that are the key to making foldables work. The unusual design of the hinge, and the way its illustrated in the patent, makes it different to what we expect from Microsoft and foldables in general.The majority of folding smartphones use a water drop style hinge, where the flexible screen forms a water drop shape at the point where its folded to improve durability and minimize any crease, but Microsofts patent doesnt seem to include this familiar design. Instead, the hinge appears to use different sub assembly sections which slide and flex to facilitate the movement of a flexible screen.MicrosoftIts a different approach to the Surface Duo and Surface Duo 2, which had two separate screens attached to a central hinge mechanism, and more like the single screen system seen on phones like the Samsung Galaxy Z Fold 6 and the OnePlus Open. In a further departure from the Surface Duo design, the patent illustrates the hinge inside what appears to be a compact foldable device similar to the Samsung Galaxy Z Flip 6 and Motorola Razr 2024.Recommended VideosHowever, while wed love to see a new Surface Duo, a smartphone may not be the only device Microsoft has in mind for its hinge. Digging into some of the wording used in the patent it specifically mentions folding smart phone devices, but also mentions computing devices that include first and second device portions that are coupled at a hinge assembly. This sounds less like a phone and more like a laptop, where Microsofts Surface range has found more success.Please enable Javascript to view this contentHowever, the patent talks about how foldable smartphpones have been hindered by reliability issues, and how buyers prefer thinner devices over thicker ones. Its patented hinge is designed to address both these issues. While it does seem to suggest the hinge may be suitable for laptops, the wording leans more into its use on smaller devices, so it may simply be covering all its bases for the purposes of the patent.RelatedIts not the first hinge patent filed by Microsoft either, as in 2019 it had the idea of filling a hinge with liquid or gas to improve durability, and in 2022 came up with a method where it could be possible to fold a single screen both inwards and outwards, something it revisited again in 2023. The Surface Duo 2 was released in 2022, and software support ended for it in late 2024.Editors Recommendations

I got a rare look at the one tool responsible for all the tech in your life. Its made by a company youve never heard of. And its maintained by hidden figures like her.