This week is quickly becoming a sea change moment for Sonos as the company looks to undo the damage done to its reputation since last May. It all began on Monday with the departure of CEO Patrick Spence, who was replaced by board member Tom Conrad. Then came news that chief product officer Maxime Bouvat-Merlin would also be leaving the company another indication that Sonos is serious about correcting course and taking accountability for its new app woes.In a third shakeup within the companys leadership ranks, I can report that chief commercial officer Deirdre Findlay is also stepping down. Sonos not-yet-updated corporate governance page says Findlay oversees all marketing, revenue, and customer experience organizations at Sonos. She is responsible for integrated brand strategy, geographic expansion strategies, and all go to market execution. By now, theres no arguing that Sonos go-to-market strategy for its rebuilt mobile app was deeply flawed and rushed. Before he lost his job, Spence eventually conceded that the company shouldve taken a far more cautious approach and offered the new software as a beta release while keeping the previous, more stable version in place. Instead, Sonos pushed a buggy experience on all customers and has spent the months since dealing with the resulting fallout. Do you know more about what went wrong at Sonos under Patrick Spence? In my time at The Verge, Ive covered Sonos more comprehensively (and Id like to think fairly) than any other company. Yes, that includes a long list of product leaks, but Im far more interested in shining a light on all the frustrations caused by the new app both for customers and staff and the bad decisions that led Sonos off the tracks. Those choices have had repercussions for ordinary employees who gave their best to the brand.If you have more to share about the last year at Sonos, please reach out to me confidentially and securely over Signal at (845) 445-8455 or chriswelch.01. I can also be reached via DM on Bluesky, X, or Instagram. As it relates to marketing, some Sonos employees have expressed their dismay to me over just how much money the company dumped into advertising last year. The big spends included an expansive New York City subway campaign for the Sonos Ace headphones and a holiday elves campaign that cost a staggering amount. The Ace headphones, which I maintain are a very good product, were quickly forgotten when the gravity of Sonos app problems came into focus, so the marketing had little effect. None of that sat well internally especially after layoffs in the summer.But that was then. In the span of 48 hours, interim CEO Tom Conrad has demonstrated a clear objective to get Sonos back on the right path. Im told that the moves have immediately boosted morale inside the company, with employees sensing that the new regime is serious about getting back to doing what Sonos does best.

Advanced Hallucination Mitigation Techniques in LLMs RAG, knowledge editing, contrastive decoding, self-refinement, uncertainty-aware beamsearch 0 like January 15, 2025Share this postLast Updated on January 15, 2025 by Editorial TeamAuthor(s): Mohit Sewak, Ph.D. Originally published on Towards AI. Advanced Hallucination Mitigation Techniques in LLMs: Beyond RAG to a World of RichesStuck in the RAG rut? Break free and discover other innovative and powerful techniques like knowledge editing, contrastive decoding, self-refinement, uncertainty-aware beam search, and many more.Unlocking the Riches: Mitigating Hallucinations in LLMs.Related Articles (Recommended PreReads)Hallucinations in LLMs: Can You Even Measure the Problem?Unmasking the Surprising Diversity of AI HallucinationsHallucination is like Autism, it has types and spectrum Prepare to be surprised by the Wide Spectrum of AI HallucinationsIntroduction: The Problem with HallucinationsPicture this: Youre asking your Large Language Model (LLM) to summarize the history of tea. With confidence, it replies, Tea was invented by a squirrel in 2500 BC to stay awake during winter hibernation. Wait, what? Unless squirrels were ancient alchemists, thats a bona fide hallucination a moment where the LLM concocts something so wild it might make Hollywood writers jealous.Hallucinations in LLMs arent just about quirky trivia gone rogue. In serious contexts like healthcare, finance, or legal advice they can lead to misinformation with real-world consequences. The irony? These hallucinations emerge from the same power that makes LLMs so good: their ability to predict coherent text by analyzing vast patterns in data.Now, you might say, But RAG (Retrieval-Augmented Generation) has got this under control, right? Sure, RAG has been the knight in shining armor, retrieving external facts to ground responses. But relying solely on RAG is like patching a leaky boat with duct tape it works, but only up to a point. Its time we explore newer, shinier tools to tame the hallucination beast.In this article, well venture beyond RAG into the uncharted territories of advanced mitigation techniques. From Knowledge Editing (the surgeons scalpel) to Contrastive Decoding (the ultimate fact-checker), each method is a superhero in the making. Buckle up, grab your masala chai, and lets dive into a world where hallucinations meet their match.Section 1: RAG A Safety Net with HolesRetrieval-Augmented Generation, or RAG, is the dependable workhorse of hallucination mitigation. Its charm lies in its simplicity: fetch relevant information from external sources (like knowledge bases or vector databases) and hand it over to the LLM as context for text generation. Think of it as giving your LLM a cheat sheet before the big test.But heres the catch: RAG isnt infallible. For starters, its effectiveness hinges on the quality of the retrieved data. If your vector database is filled with outdated or irrelevant information, the LLM might as well be guessing answers from a magic 8-ball. Worse, RAG doesnt inherently verify its sources, leaving room for sneaky hallucinations to creep in.Then theres the issue of dependency. By relying solely on external retrieval, we risk turning the LLM into an overconfident intern who parrots whatever they read online hardly the paragon of reliability were aiming for. Plus, the process of retrieving and integrating external data can slow things down, making RAG less practical for real-time applications.But dont get me wrong; RAG isnt obsolete. Its the dependable friend you call when youre in a pinch. However, as the AI landscape evolves, we need to pair it with more sophisticated tools. Luckily, the next-gen techniques were about to explore promise just that.Pro Tip: While RAG works wonders in knowledge-heavy domains, always double-check the quality of your retrieval sources. Garbage in, garbage out!RAG: A valiant effort, but not always enough.Section 2: Knowledge Editing: The Surgeons ScalpelImagine youre editing an encyclopedia, and you find an entry claiming Shakespeare was a software developer. Instead of rewriting the whole article, youd fix just that line. Thats what Knowledge Editing does for LLMs. Its a precision tool that allows us to update specific facts within the models parameters without disrupting its broader capabilities.How It WorksKnowledge Editing techniques like ROME (Rank-One Model Editing) and MEMIT (Model Editing via Memory) identify the specific neural connections responsible for a factual association. Then, like a neurosurgeon with a steady hand, they tweak those connections to replace incorrect information with the truth. MEMIT goes a step further by storing these edits in a memory module, ensuring the model remembers the corrections over time.For example, if your model claims the Earth is flat (thanks, internet conspiracies), you can use ROME to pinpoint the weight matrices responsible for that knowledge and adjust them to say, The Earth is an oblate spheroid. Voil, your model is now a geography nerd.Why Its CoolUnlike traditional fine-tuning, which retrains the entire model and risks breaking unrelated functionalities, Knowledge Editing is surgical. It minimizes collateral damage, preserves the models performance on other tasks, and saves computational resources.The Laugh TrackLets picture ROME and MEMIT as doctors in a sitcom:ROME: The straight-laced, no-nonsense surgeon who gets the job done in one clean swoop.MEMIT: The quirky neurologist who insists on adding a memory bank for every patient. Together, they keep your LLM in top shape.Rome and MEMIT performing a neural operation precision at its finest.Section 3: Contrastive Decoding: The Ultimate Fact-CheckerImagine youre at a party, and two friends start debating who invented the telephone. One says its Alexander Graham Bell; the other insists it was Thomas Edison. As the mediator, you compare their arguments, fact-check their claims, and declare the winner. That, in a nutshell, is what contrastive decoding does but for LLMs.What Is Contrastive Decoding?Contrastive decoding pits two models against each other during text generation. One is the primary LLM (the know-it-all), and the other is a contrastive model (the skeptic). For every token the LLM generates, the contrastive model raises its eyebrow and goes, Are you sure about that? The final output is a blend of probabilities that favor tokens deemed factual and coherent by both models.The math behind it boils down to tweaking probabilities based on a weighted difference between the primary model and the contrastive model. Think of it as having a grammar teacher who double-checks your work before you hit submit.Why It WorksLLMs can sometimes generate tokens that seem plausible but lack factual grounding. By using a smaller, less hallucination-prone model for contrast, this method curbs the primary models overconfidence. Its like having a devils advocate who questions everything, ensuring only reliable tokens make the cut.Real-Life AnalogyPicture a talkative parrot that loves to ad-lib stories. Next to it, you place a parrot trainer who knows the facts. Every time the parrot squawks nonsense, the trainer nudges it back on track. The result? A parrot that sounds not just entertaining but also accurate.The Humor FactorLets imagine the models as siblings in a family dinner debate:The LLM: Im pretty sure Napoleon won the Battle of Waterloo.The Contrastive Model: Bruh, thats not even close. Google it!Together, they settle on the truth and avoid embarrassing the family.Contrastive decoding where every word gets a fair trial.Section 4: Self-Refinement: The Models Self-Help JourneyIf youve ever written a first draft and then gone back to refine it, congratulations! Youve already practiced self-refinement, one of the most exciting techniques in hallucination mitigation. Here, the model essentially becomes its own editor, reviewing and improving its initial output.How It WorksSelf-refinement operates in a loop:The LLM generates a response.It evaluates its own output for inconsistencies or hallucinations.Based on that evaluation, it revises and improves the response.This process mirrors how humans refine their thoughts before speaking. For example, if the model initially says, The moon is made of cheese, self-refinement kicks in to correct it to, The moon consists of rock and dust.Why Its BrilliantSelf-refinement empowers the model to use its internal knowledge more effectively. By iterating on its output, it learns to identify flaws and generate more accurate text. Its like giving the model a journal where it can write, reflect, and grow wiser.The Self-Help AnalogyImagine an LLM attending a motivational workshop:Speaker: Every hallucination is a stepping stone to the truth!LLM: furiously taking notesBy the end of the session, the model has not only improved its answers but also gained a newfound sense of purpose.Fun Fact: Self-refinement aligns with the concept of reinforcement learning from human feedback (RLHF). Its like having a personal trainer who claps every time you do a perfect push-up.Self-refinement: When an LLM turns inward for better answers.Section 5: Uncertainty-Aware Beam Search: Playing It SafeIf LLMs were explorers, uncertainty-aware beam search would be their map and compass. This method helps models steer clear of risky terrain aka hallucinations by favoring safer, more reliable paths during text generation.The BasicsBeam search is a decoding strategy where multiple sequences (or beams) are explored simultaneously. In uncertainty-aware beam search, each beam is assigned a confidence score. Beams with high uncertainty likely to lead to hallucinations are pruned, leaving only the trustworthy ones.Why Its SafeThis method acts as the cautious driver who double-checks directions before making a turn. By avoiding paths with high uncertainty, it reduces the chances of generating wild, unsupported claims. Sure, it might sacrifice some creativity, but when accuracy is the goal, caution wins the day.Analogy TimeThink of beam search as a group of hikers exploring a forest. Uncertainty-aware beam search is the guide who says, That path looks sketchy; lets not go there. Thanks to this guide, the group avoids getting lost or in the case of LLMs, generating bizarre answers.Pro Tip: Use uncertainty-aware beam search when deploying LLMs in critical domains like healthcare or law. Its better to be safe than sorry!Uncertainty-aware beam search navigating safely through the forest of text.Section 6: Iterative Querying and Reasoning: Detective WorkIf Sherlock Holmes were an LLM, hed use iterative querying and reasoning to solve every mystery. This technique enables models to interrogate themselves repeatedly, poking holes in their own logic until only the truth remains. Its the ultimate self-skepticism toolkit for LLMs, ensuring theyre not just saying something plausible but also correct.How It WorksThe LLM generates an initial response.It asks itself follow-up questions or attempts alternative explanations to test the validity of its own output.Based on this internal cross-examination, it refines the response to make it more accurate and consistent.This method mirrors how detectives build their cases. They gather clues, test theories, and refine conclusions until the truth comes to light. For example, if the model generates, Unicorns are real, iterative querying might prompt it to ask, Whats the scientific evidence for unicorns? forcing it to confront the fallacy.Why Its CleverIterative querying and reasoning exploit the LLMs internal knowledge and reasoning capabilities. By engaging in self-dialogue, the model becomes more critical of its own outputs, reducing the chances of hallucination. Its like having an inner Watson double-checking Sherlocks deductions.Detective HumorImagine the LLM as a trench-coat-wearing sleuth:LLM: Elementary, my dear user. The capital of Brazil is Buenos Aires.Watson (aka Iterative Querying): Hold on, old chap. Isnt it Braslia?Cue a dramatic pause, followed by a corrected response. Mystery solved!Real-World ApplicationsThis technique shines in scenarios requiring logical reasoning or evidence-based answers. From academic research to medical diagnosis, iterative querying ensures outputs are less prone to fanciful detours.Iterative querying where LLMs play detective to find the truth.Section 7: Decoding Strategy Optimization: The Compass for TruthDecoding strategies are the unsung heroes of text generation. They determine how an LLM picks its words, and when optimized, they can steer the model away from hallucinations. Think of them as the compass guiding the LLM through the vast terrain of possible outputs.What Are Decoding Strategies?Decoding is the process of selecting the next token in a sequence. Strategies like greedy decoding, beam search, and nucleus sampling dictate how this selection happens. Optimized decoding strategies tweak these processes to balance fluency, diversity, and factual accuracy.Key TechniquesContrastive DecodingWeve already covered this one a tug-of-war between two models that ensures factuality.Factual Nucleus SamplingStandard nucleus sampling selects tokens from the top percentile of probabilities. Factual nucleus sampling adds a twist: it prioritizes tokens backed by factual evidence. Its like curating a guest list where only the well-informed are invited.Monte Carlo DropoutThis technique generates multiple outputs by applying dropout at inference time, then selects the most reliable one. Picture a robot running simulations and picking the most sensible outcome.Why It WorksDecoding strategies operate directly at the generation level, so they dont require retraining or external resources. Theyre lightweight, flexible, and powerful tools for improving output quality.Humor BreakImagine an LLM navigating a treacherous mountain trail of possible outputs:LLM: Ill take this shortcut wait, no, it leads to The moon is cheese! Lets try the main path.Thanks to decoding optimization, it always finds the safest route.Decoding optimization charting the safest route to factuality.Section 8: Combining Forces: The Avengers of Hallucination MitigationWhat happens when you bring together self-refinement, contrastive decoding, iterative querying, and beam search? You get an elite squad of techniques ready to obliterate hallucinations. Think of it as assembling the Avengers for the AI world, where each technique brings unique strengths to the table.How It WorksCombining techniques means leveraging their complementary strengths. For example:Contrastive Decoding + RAG: Retrieve external knowledge to fill gaps, then use contrastive decoding to verify and refine the response.Self-Refinement + Uncertainty-Aware Beam Search: Let the model refine its outputs while steering clear of uncertain paths.Iterative Querying + Knowledge Editing: Combine detective-like self-interrogation with precise fact updates for ironclad reliability.The Movie PitchPicture this:RAG: The resourceful genius with a database of knowledge.Contrastive Decoding: The sharp-tongued fact-checker.Self-Refinement: The introspective philosopher.Iterative Querying: The inquisitive detective.Together, theyre a blockbuster team saving the world from misinformation.Why Its the FutureNo single method can eliminate hallucinations entirely. By combining forces, we can cover each techniques blind spots, creating a system thats robust, reliable, and ready for real-world deployment.The Avengers of Hallucination Mitigation stronger together.Conclusion: Towards a World of RichesAs we wrap up this wild ride through the realm of hallucination mitigation, one thing is clear: tackling hallucinations in LLMs isnt a one-size-fits-all endeavor. Its more like assembling a toolbox, where each method from RAGs trusty retrieval skills to the philosophical self-refinement plays a vital role in ensuring our models are not just eloquent but also accurate.Mitigating hallucinations is about balance. While some techniques, like Knowledge Editing, offer precision, others, like Iterative Querying, provide introspection. Together, they form a symphony of strategies that make LLMs safer, smarter, and more reliable.But lets not forget the human element in this journey. Whether its the developers refining these methods, researchers exploring uncharted territories, or users like us questioning the answers we receive, the fight against hallucination is a collaborative effort. After all, the goal isnt just to make models less wrong its to make them tools we can trust.So, next time you sip your cardamom tea and marvel at the wonders of generative AI, remember the heroes working behind the scenes those clever algorithms ensuring your LLM doesnt claim that squirrels invented tea. Heres to a future where hallucinations are less of a nuisance and more of a curiosity we can laugh about, all while unlocking the true potential of AI.References & Further ReadingKnowledge EditingMeng, K., Bau, D., Andonian, A., & Belinkov, Y. (2022). Locating and editing factual associations in GPT. Advances in Neural Information Processing Systems, 35, 1735917372.Meng, K., Sharma, A. S., Andonian, A., Belinkov, Y., & Bau, D. (2022). Mass-editing memory in a transformer. arXiv preprint arXiv:2210.07229.Contrastive DecodingLi, X. L., Holtzman, A., Fried, D., Liang, P., Eisner, J., Hashimoto, T., & Lewis, M. (2022). Contrastive decoding: Open-ended text generation as optimization. arXiv preprint arXiv:2210.15097.Self-RefinementNiu, M., Li, H., Shi, J., Haddadi, H., & Mo, F. (2024). Mitigating Hallucinations in Large Language Models via Self-Refinement-Enhanced Knowledge Retrieval. arXiv preprint arXiv:2405.06545.Uncertainty-Aware Beam SearchZeng, H., Zhi, Z., Liu, J., & Wei, B. (2021). Improving paragraph-level question generation with extended answer network and uncertainty-aware beam search. Information Sciences, 571, 5064.Iterative Querying and ReasoningLi, W., Wu, W., Chen, M., Liu, J., Xiao, X., & Wu, H. (2022). Faithfulness in natural language generation: A systematic survey of analysis, evaluation and optimization methods. arXiv preprint arXiv:2203.05227.Qi, P., Lin, X., Mehr, L., Wang, Z., & Manning, C. D. (2019). Answering complex open-domain questions through iterative query generation. arXiv preprint arXiv:1910.07000.General TechniquesHuang, L., Yu, W., Ma, W., Zhong, W., Feng, Z., Wang, H., & Liu, T. (2023). A survey on hallucination in large language models: Principles, taxonomy, challenges, and open questions. ACM Transactions on Information Systems.Perkovi, G., Drobnjak, A., & Botiki, I. (2024, May). Hallucinations in llms: Understanding and addressing challenges. In 2024 47th MIPRO ICT and Electronics Convention (MIPRO) (pp. 20842088). IEEE.Mishra, A., Asai, A., Balachandran, V., Wang, Y., Neubig, G., Tsvetkov, Y., & Hajishirzi, H. (2024). Fine-grained hallucination detection and editing for language models. arXiv preprint arXiv:2401.06855.Disclaimers and DisclosuresThis article combines the theoretical insights of leading researchers with practical examples, and offers my opinionated exploration of AIs ethical dilemmas, and may not represent the views or claims of my present or past organizations and their products or my other associations.Use of AI Assistance: In preparation for this article, AI assistance has been used for generating/ refining the images, and for styling/ linguistic enhancements of parts of content.Follow me on: | Medium | LinkedIn | SubStack | X | YouTube |Join thousands of data leaders on the AI newsletter. Join over 80,000 subscribers and keep up to date with the latest developments in AI. From research to projects and ideas. If you are building an AI startup, an AI-related product, or a service, we invite you to consider becoming asponsor. Published via Towards AITowards AI - Medium Share this post

Marvel is reportedly bringing back a baddie from the first Marvel Cinematic Universe film Iron Man in the upcoming Vision Quest series.According to Deadline, Faran Tahir will reprise his role of Raza Hamidmi al-Wazar from the opening sequences of Iron Man after almost two decades. He was the leader of an Afghanistan terrorist group who kept Robert Downey Jr.'s Tony Stark captive in a cave before being betrayed by Jeff Bridges' Obadiah Stane.Raza Hamidmi al-Wazar hasn't appeared since that opening 30 minutes of 2008's Iron Man but, just like The Incredible Hulk's Samuel Sterns showing up in Captain America: Brave New World, he'll make his MCU return in the near future. Vision Quest, which stars Paul Bettany as White Vision following the events of WandaVision, has no release window as of yet.Faran Tahir in 2008. Image credit: Jeffrey Mayer/WireImage.While Hamidmi al-Wazar was the head of a seemingly generic terrorist group at the time, his lore deepened years later in Phase 4 of the MCU. The group was briefly mentioned as the Ten Rings, and while Marvel likely didn't plan much beyond this subtle reference to comic book lore at the time, 2021's Shang-Chi and the Legend of the Ten Rings expanded upon it significantly.Hamidmi al-Wazar was therefore (presumably) retroactively written in as a commander of the Ten Rings organization operating its Afghanistan terrorist group, and as Shang-Chi itself left plenty open for a continuation, it's therefore possible it will be connected with Vision Quest through the returning character.Just like how Deadpool & Wolverine explored the wackier parts of the scrapped Fox Marvel universe, however, it's possible Vision Quest could be looking to do the same with forgotten elements of the official MCU.Ultron actor James Spader is also reportedly set to return for the first time since the second Avenger's film, though practically nothing else is known about the show as of yet.Image Credit: Jeffrey Mayer/WireImageRyan Dinsdale is an IGN freelance reporter. He'll talk about The Witcher all day.

This article contains plot details for the Daredevil comics. Its not entirely unpleasant to see you, Wilson Fisk (Vincent DOnofrio) tells Matt Murdock (Charlie Cox) in the first trailer for Daredevil: Born Again. Given that friendly, albeit menacing, greeting between Daredevil and the Kingpin, it seems that our hero will need a new enemy to fight in the Disney+ revival of the Netflix series.We see that potential baddie in the trailer, intercut between Murdocks conversation with Fisk, a man in a haunting white mask, a black-knit cap adorning his head and black suspenders along his chest.That is Muse, a relatively minor baddie from Daredevil comics, but a fitting choice for Born Again. Created by Charles Soule and Ron Garney, Muse debuted in Daredevil #11 in 2016, in which Daredevil and his then-mentee Blindspot investigated a mural made of human blood. Daredevil follows the trail to Muse, a blind artist who creates macabre works out of murder victims. Worse, Muse possesses superhuman strength and the ability to mask himself from senses, making him a dangerous foe to Daredevil.Muse in Daredevil: Born Again | Marvel TelevisionWhile those qualities would be enough for Muse to be a fun antagonist in Born Again, he eventually plays a key role Fisks power grab as mayor. When Muse begins a new murderous art installation which, he claims, is inspired by Daredevils resilience in the face of persecution, newly-elected Mayor Fisk uses the connection between superheroes and a high-profile killer to turn public opinion against vigilantes. Muses masterpiece from that era, a mural of the Punisher adorned with the graffiti-covered corpses of police officers, proves to be enough for Fisk to pass a law banning vigilantes from New York City, the center of superhero activity in the Marvel Universe.Judging by the Born Again trailer, it seems likely that the show will pull from the Muse storyline from the comics. As Murdock observes, Fisk has indeed come up in the world, winning the mayoral election and enjoying public support. Furthermore, we see that something has pushed Matt back into his role as Daredevil, possibly something happening to his old pals Karen Page (Deborah Ann Woll) and Foggy Nelson (Elden Henson).Could it be that Muse murders Karen and Foggy, driving Matt to become the Devil he describes in the trailer? That would be shift from the comics, in which Karen dies at the hands of Bullseye. Given that Bullseye appears in the trailer only in handcuffs, it seems like the series is saving him for a later battle.Muse makes more sense as Karen and Foggys killer because of the high profile nature of his work. If indeed their law firm Murdock, Nelson, and Page is doing as well as the trailer suggests, then the killing of two partners would draw attention, especially if Muse uses their bodies to create hideous works of art.Moreover, Muses public nature could cement Kingpins position in the MCU. Although the Netflix shows did have nods toward the MCU, they mostly kept to their own, small shared universe. Already, Murdock and Fisk have shown up in Spider-Man: No Way Home, Hawkeye, and Echo, showing that the MCU has much bigger stakes, stakes that threaten to diminish even a character as large as Fisk. The comic book fallout of the Muse storyline led to Fisk effectively banning superheroes, making everyone from Spider-Man to the Avengers criminals.If Born Again does allow Muse to wreak havoc on Karen and Foggy, then Daredevils torments will only begin with the death of his friends and Wilson Fisks rise could grow even greater than before, making him not just one of the most dangerous villains in New York City, but the entire MCU.Daredevil: Born Again premieres at 9 p.m. ET, March 4 on Disney+.Join our mailing listGet the best of Den of Geek delivered right to your inbox!

EA Sports UFC 5Get ready to unleash your fury as EA Sports UFC 5 is now on the Play List for all EA Play members (conditions, limitations and exclusions apply see here for details). Members can now step into the Octagon with their favorite MMA players for the most definitive MMA experience with authentic gameplay and graphics maximized for modern consoles. Alongside unlimited access to EA SPORTS UFC 5, EA Play members can score the Bruce Lee Bundle and play as Alter Egos of the father of MMA. The bundle is available to all members at no additional cost from January 14 through February 11.Powered by the Frostbite Engine, EA Sports UFC 5 features the all-new Real Impact System, which elevates the stakes, technique, drama and excitement; players can feel every strike and deliver highlight-reel finishes bringing the intensity and strategy of a fight to life. The games advanced visuals and enriched gameplay, coupled with features like Cinematic K.O. Replays, Doctors Checks and Stoppages, Seamless Submissions and more, create an unparalleled MMA interactive experience, making EA Sports UFC 5 as real as it gets.EA Sports WeekThis month, the fight continues outside of the Octagon as Game Pass Ultimate subscribers can punch into EA Sports Week with a special, 90% off discount for UFC 5 Super Deluxe Edition! Members can celebrate EA Sports Week with friends as everyone will be able to access the EA Sports game collection, earn discounts on EA Sports games, get a Free Play weekend January 16-19, 2025 for all sports titles, and more. The celebration starts with the EA SportsFC 25s Team of the Year two-week activation and the addition of EA Sports UFC 5 to the Play List.January RewardsIf you thought that was it, youre mistaken! The gifting continues this month for EA Play members as the new year brings new heart pumping action with all the great rewards, including:Apex Legends Feelin lucky? Weapon Charm Now to February 3Battlefield 2042 Winter Series Now to January 28EA Sports F1 24 Now to January 31Madden NFL 25 MUT Pack Now to January 31EA Sports FC 25 Black FC Mask & Clubs Coins Now to January 30EA Sports FC 25 Now to February 14EA Sports NHL 25EA Sports NHL 25Xbox Game Pass Ultimate and Xbox Game Pass PC members receive EA Play with their Game Pass subscription. Members can experience the world of EA with unlimited access to a collection of top titles, trials of select new games, in-game member rewards, 10% on EA digital purchases and more. Members can unlock the thrill of their next favorite game with up to 10-hour trials of EAs latest titles such as EA Sports FC 25, EA Sports NHL 25 EA Sports Madden NFL 25, EA Sports College Football 25, F1 24 and Dragon Age: The Veilguard, in addition toaccess to an unrivaled collection of EAs best-loved series and top titles, including Madden NFL 24,EA Sports FC 24, EA Sports WRC and Star Wars Jedi: Survivor.Visit the EA Play page for more details, and to stay up to date on the latest from EA Play, follow EA Play on, Instagram, or X. Please see EA.com/EA-Play/Terms for terms and conditions.

If one of your goals for 2025 is to buy a home, dont let a turbulent market deter you. Despite the uncertainty of a new Presidential administration, high interest rates, and record-low inventories, there are pockets of the country with thriving housing markets. The team at Realtor.com has revealed their predictions for the ten hottest real estate markets for first-time home buyers. They looked at a broad range of factors including median home price, average commute distance, inventory, and percent of income the mortgage will cost, and concluded that these up-and-coming metropolitan areas are ideal for new homeowners. Last year saw historically low activity for first-timers, with the group accounting for only 24 percent of successful homebuyers. While home prices remain high and mortgage rates are forecasted to stay above 6 percent throughout 2025, the year is expected to see more inventory hit the marketa silver lining for shoppers, says Danielle Hale, chief economist at Realtor.com. From upstate New York to suburban Florida, the best places to buy a home in 2025 are as wide and as varied as our dream home wishlists. These locations feature budding communities, proximity to job hubs, and a reasonable cost of living. So whether youre looking for more square footage, better schools, a shorter commute to workor all of the aboveread on to discover the ten hottest cities to buy in for first-time home buyers below. Related StoriesWilmington, DelawareDmitry VinogradovMedian Listing Price: $222,000First-Time Homebuyer Location Score: 9.7The largest city in Delaware, Wilmington is located in the northern half of the state, between the Delaware and Christina rivers. Only 37 minutes from Philadelphia, Wilmington is home to both commuters and local workers alike. Because of its rich history, you can find a great mix of historic homes and new builds.Tonawanda, New YorkMedian Listing Price: $229,000First-Time Homebuyer Location Score: 8.1Just East of Niagra Falls, Tonawanda is a mid-size town in Erie County. Part of the Buffalo-Niagra metropolitan area, this town is largely home to commuters but boasts a robust community of small and local businesses. Ideal for nature lovers, Tonawanda boasts easy access to trails and nature walks. According to the Realtor.com team, the average commute time here is just 22 minutes, and the price-to-income ratiohow much of their income people in the area spend on housingis a healthy 4.1. Baltimore, MarylandANDREY DENISYUKMedian Listing Price: $210,000First-Time Homebuyer Location Score: 8.6Marylands state capital is a great place for first-time homeowners who dont want to abandon city life completely. With a bustling downtown and nightlife scene, Baltimore is ideal for those working in the DMV area. Here, the price-to-income ratio is lower, at just 3.3 with a location score of 8.6. North Little Rock, ArkansasMichael Dean SheltonMedian Listing Price: $160,000First-Time Homebuyer Location Score: 5.7North Little Rock is just across the Arkansas River from the Arkansas state capitol, Little Rock. A smaller city, with a population of about 65,000 people, it's a place where you can relish in the Souths lower cost of living. While the average commute to work here is still 22 minutes, the median home price is far below the national average at only $160,000.Lansing, MichiganbenedekMedian Listing Price: $135,000First-Time Homebuyer Location Score: 6.8Lansing is the capital city of Michigan and is an up-and-coming city thanks to its buzzing housing market. The area offers plenty of access to nature, and its also the home to the R.E. Olds Transportation Museum. According to Realtor.com, just over 20 percent of homes will be owned by 25 to 34-year-olds by the end of 2025, making this a great community for younger home buyers.Altamonte Springs, FloridaAtlee E MercerMedian Listing Price: $229,000First-Time Homebuyer Location Score: 7.2A suburban city north of Orlando, Altamonte Springs is a great place for new and growing families. Here, the price-to-income ratio is 3.6, and the average commute time is 28 minutes. Similar to other Southern cities, youll be able to get more square footage for your home budget. Central Florida homes are also less prone to flooding and hurricane damage than homes on the coast.Lauderdale Lakes, FloridaMedian Listing Price: $154,850First-Time Homebuyer Location Score: 7.7Part of the greater Miami metropolitan area in Broward County, Florida, Lauderdale Lakes is a quaint suburb with plenty of draws. Its rare to find an average home cost under $200,000 this close to a major city, but Lauderdale Lakess housing market is booming. According to Realtor.com, that the price-to-income ratio is 2.7one of the lowest on this list.Villas, FloridaMedian Listing Price: $236,950First-Time Homebuyer Location Score: 8.0An unincorporated town in Lee County, Florida, Villas is within the Cape Coral-Fort Myers, Florida Metropolitan Statistical Area. In close proximity to both the beach and the airport, this is a great community to buy in for those looking for a well-located yet secluded home. Because of the great location, home prices are a bit higher here, with a price-to-income ratio of 3.4. Rochester, New YorkDavid LiuMedian Listing Price: $129,900First-Time Homebuyer Location Score: 9.2Rochester, New York boasts the highest number of predicted young homeowners (ages 24 to 35) on this list, at just over 22 percent. A buzzing metro area, Rochester is located on Lake Ontario and is home to the Strong National Museum of Play and The George Eastman Museum. Here, the median listing price is well below the national average at a mere $129,900. Harrisburg, Pennsylvania Sang H. KimMedian Listing Price: $140,000First-Time Homebuyer Location Score: 9.2The best real estate market for first-time home buyers, Harrisburg, Pennsylvania has it all. A great location score, low median home prices, and an easy average commute. Harrisburg is the capital of Pennsylvania and is located on the Susquehanna River. It's close to a number of natural parks and hiking trails, and is also the home of the National Civil War Museum. Harrisburg boasts a lower-than-average unemployment rate and a strong local economy.Follow House Beautiful on Instagram and TikTok.

Apples next generation of CarPlay, often referred to as CarPlay 2, is still nowhere to be found despite a 2024 deadline. Heres why its time for Apple to take a radically new approach and reboot CarPlay 2.The dream of CarPlay 2 that never came true (yet)CarPlay 2 was first announced nearly three years ago at WWDC 2022. The premise was essentially CarPlay, but taken to the max.Apple explains:CarPlay has fundamentally changed the way people interact with their vehicles, and the next generation of CarPlay goes even further by deeply integrating with a cars hardware. CarPlay will be able to provide content for multiple screens within the vehicle, creating an experience that is unified and consistent.While the idea of an entire vehicle of Apple-designed interfaces sounded nice, it was understandably a challenging sell for automakers.Years ago, CarPlay adoption in vehicles was a no-brainer for most manufacturers (Im looking at you, Tesla).But since CarPlay 2s introduction, more and more automakers have grown cold on Apples system.Once, the idea of turning over an entire vehicles dashboard to Apple was the hard sell for automakers. These days, continuing to support CarPlay 1 at all is no longer a given.Its perhaps no surprise, then, that Apple missed its 2024 deadline for the first CarPlay 2 vehicles to arrive.The tides of CarPlay support have turned, and Apple needs to respond by changing direction itself.CarPlay 2 deserves a reboot aimed at serving the masses.Pivoting CarPlay 2 to serve Apples millions of current usersMillions of users currently have and love Apples first generation of CarPlay.Yet because of the companys CarPlay 2 efforts, very little has changed about CarPlay for years. A few small AI enhancements in iOS 18.1 isnt enough.Apple can quickly shift direction and change that.Rather than striving for an idealized, full-vehicle experience with CarPlay 2, Apples reboot should focus on making the existing system better than ever.Theres plenty Apple can do to upgrade the existing CarPlay without needing to get automakers on board.For example, recent CarPlay 2 leaks show how the system will support adding custom widgetsvery much like you can on iPhone, iPad, and Mac.Apple could absolutely bring that feature to the existing CarPlay interface, and millions of todays users would benefit from it.Whereas if widgets remain exclusive to the full-blown next generation CarPlay, almost no one will ever use them. Even if CarPlay 2 does arrive one day, it will be in very few vehiclesand thus, have very few users.Apple doesnt have to throw out its current, whole-vehicle CarPlay 2 plans altogether.If it wants to continue working with select makers on custom, full-blown systems, thats great. Im sure theyll be very exciting when they finally ship.But in the meantime, Apple can start bringing key components of its CarPlay 2 system over to the current CarPlay.Making this shift would undoubtedly lead to increased customer satisfaction with CarPlay. It could increase brand loyalty too. All of which would potentially give Apple more leverage in negotiations with automakers over the full CarPlay 2 vision.What do you think Apple should do with CarPlay 2? Let us know in the comments.Best CarPlay accessoriesAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

As the United States edges ever closer to a TikTok ban, Americans are doing exactly what Congress hoped they wouldn't: flocking to other Chinese-owned alternatives.A law signed by president Joe Biden last year would force TikTok to either sell its US operations or be banned by January 19, which is this upcoming Sunday. The latter is looking increasingly likely as China has appeared staunchly opposed to a sale and the Supreme Court seems likely to uphold the law.An app called Xiaohongshu in particular hasattracted a huge waveof "TikTok refugees."The platform is largely known as RedNote, but literally translates to "Little Red Book" a historically laden phrase in China, where that was the title of a book of quotations by People's Republic China founder and longtime leaderMao Zedong.Coincidentally, the app was founded by another Mao, this one named Mao Wenchao.And as for the name,the Washington Post reports, the app's founder has maintained that the app is apolitical, with its red color palette reportedly inspired by the colors of the Stanford Business School he attended and the consulting firm Bain & Company, founded by now-retired Republican politician Mitt Romney, where Wenchao interned.In other words, the app might sound like a nationalist paean to China's Communist Party and its founder but the official story is that it's the exact opposite: a tribute to icons of American capitalism and the explosive growth of Silicon Valley platforms.Put simply, RedNote sounds more Pinterest than Truth Social. It's "really all about eating, drinking, and being merry," University of Cyberjaya, Malaysia, researcher Ying Yin told the newspaper.The whole thing is ironic given the TikTok ban was born out of widespread anti-Chinese sentiment, with lawmakers on both sides of the aisle agreeing that the app's owner ByteDance could easily spread propaganda in the US and potentially access sensitive data but driving users straight toward other Chinese apps instead, like RedNote, which almost certainly has stronger ties to China's communist regime than TikTok's, whose global headquarters are in Los Angeles and Singapore.How that influx will play out is anyone's guess. Chinese internet censorship rules apply on RedNote, with likely tight controls over what kind of content is allowed on the platform."It wont be like Facebook and Instagram," Yin told WaPo. "There are lots of topics that are banned on the platform, even things like health care and finance."According to a leaked database by California-based news site China Digital Times, a whopping 546 nicknames for Chinese leader Xi Jinping, including "Foreskin Xi," "Xissolini," and "The Devil Mao Incarnate," are banned from the app.Meanwhile, with a ban looming on the horizon, many of TikTok's longtime American users are frustrated with their government, joining alternatives like RedNote out of spite.They're also largely unafraid of overstepping boundaries or getting caught up in China's censorship machine."I don't have anything that China doesn't, and if they want my data that bad they can have it," 37-year-old Utah native Sarah Fotheringham told the BBC via a RedNote message. "I'm just a simple person living a simple life."Whether RedNote will catch on and become a viable TikTok alternative in the US remains to be seen. For one, much of the rest of the world will continue to have unfettered access to the video-sharing app.President-elect Donald Trump, who will be sworn in a day after the ban goes into effect, has also opposed the ban (despite unsuccessfully pushing for a separate ban a mere four years ago.)Many questions remain unanswered: will RedNote be held to the same anti-Chinese standards as TikTok? Could TikTok really be sold to X owner Elon Musk, as Bloomberg's sources suggested earlier this week?For now, a fascinating cultural exchange is taking place, with "TikTok refugees" learning about life in the world's second most populous nation and even getting taught some basic Mandarin by the app's native users."I am now able to see things I never would have seen," Fotheringham told the BBC. "Regular Chinese people, finding out about their culture, life, school, everything, it has been so much fun."Share This Article

Jan 15, 2025Ravie LakshmananMalvertising / MalwareCybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google."The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages," Jrme Segura, senior director of threat intelligence at Malwarebytes, said in a report shared with The Hacker News.It's suspected the end goal of the campaign is to reuse the stolen credentials to further perpetuate the campaigns, while also selling them to other criminal actors on underground forums. Based on posts shared on Reddit, Bluesky, and Google's own support forums, the threat has been active since at least mid-November 2024. The activity cluster is a lot similar to campaigns that leverage stealer malware to steal data related to Facebook advertising and business accounts in order to hijack them and use the accounts for push-out malvertising campaigns that further propagate the malware.The newly identified campaign specifically singles out users who search for Google Ads on Google's own search engine to serve bogus ads for Google Ads that, when clicked, redirect users to fraudulent sites hosted on Google Sites.These sites then serve as landing pages to lead the visitors to external phishing sites that are designed to capture their credentials and two-factor authentication (2FA) codes via a WebSocket and exfiltrated to a remote server under the attacker's control. "The fake ads for Google Ads come from a variety of individuals and businesses (including a regional airport), in various locations," Segura said. "Some of those accounts already had hundreds of other legitimate ads running."An ingenious aspect of the campaign is that it takes advantage of the fact that Google Ads does not require the final URL the web page that users reach when they click on the ad to be the same as the display URL, as long as the domains match.This allows the threat actors to host their intermediate landing pages on sites.google[.]com while keeping the display URLs as ads.google[.]com. What's more, the modus operandi entails the use of techniques like fingerprinting, anti-bot traffic detection, a CAPTCHA-inspired lure, cloaking, and obfuscation to conceal the phishing infrastructure.Malwarebytes said the harvested credentials are subsequently abused to sign in to the victim's Google Ads account, add a new administrator, and utilize their spending budgets for fake Google ads.In other words, the threat actors are taking over Google Ads accounts to push their own ads in order to add new victims to a growing pool of hacked accounts that are used to perpetuate the scam further. "There appears to be several individuals or groups behind these campaigns," Segura said. "Notably, the majority of them are Portuguese speakers and likely operating out of Brazil. The phishing infrastructure relies on intermediary domains with the .pt top-level domain (TLD), indicative of Portugal.""This malicious ad activity does not violate Google's ad rules. Threat actors are allowed to show fraudulent URLs in their ads, making them indistinguishable from legitimate sites. Google has yet to show that it takes definitive steps to freeze such accounts until their security is restored."The disclosure comes as Trend Micro revealed that attackers are using platforms such as YouTube and SoundCloud to distribute links to fake installers for pirated versions of popular software that ultimately lead to the deployment of various malware families such as Amadey, Lumma Stealer, Mars Stealer, Penguish, PrivateLoader, and Vidar Stealer."Threat actors often use reputable file hosting services like Mediafire and Mega.nz to conceal the origin of their malware and make detection and removal more difficult," the company said. "Many malicious downloads are password-protected and encoded, which complicates analysis in security environments such as sandboxes and allows malware to evade early detection."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

John Edwards, Technology Journalist & AuthorJanuary 15, 20255 Min ReadAlexander Yakimov via Alamy Stock PhotoZero-trust architecture has emerged as the leading security method for organizations of all types and sizes. Zero-trust shifts cyber defenses away from static, network-based perimeters to focus directly on protecting users, assets, and resources.Network segmentation and strong authentication methods give zero-trust adopters strong Layer 7 threat prevention. That's why a growing number of enterprises of all types and sizes are embracing the approach. Unfortunately, many security leaders continue to deploy zero-trust incorrectly, weakening its power and opening the door to all types of bad actors.To prevent the mistakes that many organizations make when planning a transition to zero-trust security, here's a look at six common misconceptions you need to avoid.Mistake One: A single security vendor can supply everythingOne vendor can't provide everything your organization needs to implement a zero-trust architecture strategy, warns Tim Morrow, situational awareness technical manager in the CERT division of Carnegie Mellon University's Software Engineering Institute."Its dangerous to accept zero-trust architecture vendors' marketing material and product information without considering whether it will meet your organizations security priority needs and its capability to implement and maintain the architecture," Morrow says in an email interview.Related:Mistake Two: Zero-trust is too costly to implementAside from the costs saved by reducing the risk of a breach, zero-trust can help save long term expenses by improving asset utilization, operational effectiveness, and reduced compliance costs, says Dimple Ahluwalia, vice president and managing partner, security consulting and systems integration at IBM via email.Mistake Three: Underestimating the technical challengesIT and security leaders often overlook the need to implement and manage foundational security practices before establishing a zero-trust architecture, says Craig Zeigler, an incident response senior manager at accounting and business advisory firm Crowe, in an online interview. They may also fail to identify potential gaps, such as vendor-related issues, and ensure that the chosen solution is not only compatible with their specific needs but also equipped with the appropriate controls to provide equal or greater security. "In essence, without security leaders having a thorough understanding of their team and endpoints, implementing zero trust becomes a daunting task."Mistake Four: Failing to align zero-trust architecture strategy with overall enterprise assets and needsRelated:Cyberattacks are growing in number and severity. "A continuous vigil concerning the organization's security operations ... must be maintained," Morrow says. The zero-trust architecture must fully mesh with business operations and goals.Understand your organization's current assets -- data, applications, infrastructure, and workflows -- and set up a procedure to update this information periodically, Morrow advises. "Yearly updates of your organizations assets will definitely no longer be enough."Organizations also need to remember that their business and reputation are on the line each and every day, Morrow says. "Not doing your best to reduce your organizations risks to cyber threats can be very costly."Mistake Five: Viewing zero-trust as a solution rather than an ongoing strategyIt's essential for security leaders to understand that zero-trust is not a static goal, but a dynamic, evolving strategy, says Ricky Simpson, solutions director at Quorum Cyber, a Microsoft cybersecurity partner. "Building a culture that prioritizes security at every level, from executive leadership to individual employees, is critical to the success of zero-trust initiatives," he notes via email.Related:Simpson feels that continuous education, regular assessments, and a willingness to adapt to new threats and technologies are key components within a sustainable zero-trust framework. "By fostering collaboration and maintaining a vigilant stance, security leaders can better protect their organizations in an increasingly complex and hostile digital environment."Mistake Six: Believing that implementing zero-trust is simply a one-and-done projectZero-trust is actually a holistic and strategic approach to security that requires ongoing evaluations of trust and threats. "It's not a quick fix but a long-term shift in strategy," says Shane O'Donnell, vice president of Centric Consultings cybersecurity practice.Underestimating zero-trust implementation poses two major risks, notes O'Donnell in an email interview. First, unrealistic timelines and expectations can derail project planning, exhaust budgets, and drain resources. Second, hasty or flawed execution can actually create new security vulnerabilities, defeating the very purpose of a zero-trust architecture.O'Donnell says this misconception can be addressed through continuous education and understanding. "It's vital for security leaders to realize that transitioning to a zero-trust architecture means substantial technological and organizational changes," he says. "This strategy should be treated as an ongoing commitment that lasts way beyond the initial set-up stage."About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports