iOS 18.3 isnt a groundbreaking update for iPhone users, but it does include several key changes. Heres when to expect Apple to release iOS 18.3iOS 18.3 release dateApples beta testing schedule for iOS 18.3 has followed roughly the same pattern as iOS 17.3 last year, but with a slight delay. Here are the dates of iOS 17.3s beta testing cycle:Beta 1: December 13, 2023Beta 2: January 3, 2024Beta 3: January 9, 2024Release Candidate (RC): January 17, 2024Public release: January 22, 2024And here are the dates of iOS 18.3s beta testing cycle thus far: Beta 1: December 16, 2025Beta 2: January 7, 2025Beta 3: January 16, 2025Release Candidate (RC): January 21, 2025This would suggest that iOS 18.3 will be released to everyone as soon as soon as this week. Whats new in iOS 18.3? While iOS 18.1 and iOS 18.2 were major updates for iPhone users, iOS 18.3 is a much smaller release. The update focuses on bug fixes and performance improvements, along with a key change to Apple Intelligence. iOS 18.3: Here are Apples full release notesApple has also announced that it will release new Black Unity wallpapers in honor of Black History Month with an upcoming software update. This update will likely be iOS 18.3. Apple is expected to pick up the pace again with iOS 18.4, including major new Apple Intelligence features. iOS 18.4 is expected to enter beta testing later this month and be released to everyone in March or April. My favorite iPhone accessories: Follow Chance:Threads,Bluesky,Instagram, andMastodon.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Apple has released a new version of its Sports app for iPhone with three new features.These include better navigation with swiping between pages, more soccer event support, and broadcast info for where to watch national games. Apple released its in-house Sports app almost a year ago, bringing a new way to easily track leagues, teams, and more with a dedicated app that works with Live Activities on iPhone and Apple Watch.These are the release notes for Apple Sports version 2.4:The Apple Sports soccer lineup keeps getting bigger with the FA Cup, EFL Championship, and League Cup.Navigating between your favorites is even faster now. Swipe left or right to browse all of the leagues and teams you follow.Tune in to all the national games with broadcast information now available on game pages.Check out the new version from the App Store here.Meanwhile, mark your calendars for the Eagles vs Chiefs Super Bowl rematch in New Orleans on February 9. Fortunately, theres a convenient way to stream the game in 4K for free this year.Top iPhone accessoriesAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

A Chinese AI chatbot called DeepSeek has rocketed to the top of the charts on Apple's App Store beating the ever-popular ChatGPT, among other competitors.But what had Silicon Valley leaders breaking out in a cold sweat over the weekend were claims that the open-source large language model it's based on, DeepSeek V3, was trained with a fraction of the computing power they've been relying on, developed for what was reportedly less than $6 million.Western AI models,on the other hand, have sucked up billions of funding, with companies including OpenAI looking to spend hundreds of billions of dollars in the coming years to build out the infrastructure required to train these behemoth models and keep them running.The timing couldn't be worse. Just last week, US president Donald Trump announced a $500 billion AI infrastructure deal, dubbed Stargate, that involved the ChatGPT maker alongside investment company SoftBank, tech giant Oracle, and others spending a planned $500 billion on AI datacenters over the next few years. Not to be outdone, Meta CEO Mark Zuckerberg announced on Friday that the company would be spending a record $60 billion on AI this year alone.DeepSeek bringing something impressive to market for far less raises an unnerving question for all those check writers: what if AI can actually be done for cheap, without all that epic infrastructure?AI chipmaker Nivida, in particular, felt the ground shake when trading began on Monday, with shares dropping around eleven percent in early trading. Microsoft, which has invested billions of dollars in OpenAI, slid almost four percent. SoftBank and Oracle plummeted around nine and seven percent, respectively.DeepSeek claims its latest R1 model has a performance that's on par with OpenAI's o1 model, which was released last fall.If true to be clear, there are plenty of experts out there who claim the Chinese outfit may be fudging the numbers the latest AI chatbot could be a point of reckoning for the likes of OpenAI, who are riding an enormous wave of AI hype and lavish, multibillion-dollar deals."DeepSeeks power implications for AI training punctures some of the [capital expenditure] euphoria which followed major commitments from Stargate and Meta last week," investment bank Jefferies analysts wrote in a note to investors, noting increasing "pressure on AI players to justify ever-increasing capex plans."Other analyst groups claimed the latest hype surrounding DeepSeek was overblown."In short, we believe that 1) DeepSeek DID NOT 'build OpenAI for $5M'; 2) the models look fantastic but we dont think they are miracles; and 3) the resulting Twitterverse panic over the weekend seems overblown," Bernstein analysts wrote.Nonetheless, DeepSeek has sent ripples across the AI chatbot landscape and its leaders are broadcasting a clear message."OpenAI is not a god, they won't necessarily always be at the forefront," the company's founder Lian Wenfeng told JP Morgan analysts.OpenAI CEO Sam Altman has so far remained silent on the matter.It's certainly a story to watch, as ungodly sums of money are being poured into building AI infrastructure in the US. Could the datacenters currently being built already be out of date as soon as they come online? Could OpenAI match DeepSeek's extremely lean operating model? How long would that take?For now, the Chinese company is certainly an outlier."The number of companies who have $6 million to spend is vastly greater than the number of companies who have $100 million or $1 billion to spend," Page One Ventures investor Chris Nicholson told the New York Times.In short, DeepSeek has thrown down the gauntlet, and investors of US-based AI companies will be asking plenty of questions going forward.More on Stargate: A Key Trump Goal Emerges: Replacing Human Jobs With AIShare This Article

Jan 27, 2025Ravie LakshmananVulnerability / Software SecurityMultiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user's Git credentials."Git implements a protocol called Git Credential Protocol to retrieve credentials from the credential helper," GMO Flatt Security researcher Ry0taK, who discovered the flaws, said in an analysis published Sunday. "Because of improper handling of messages, many projects were vulnerable to credential leakage in various ways."The list of identified vulnerabilities is as follows -CVE-2025-23040 (CVSS score: 6.6) - Maliciously crafted remote URLs could lead to credential leaks in GitHub Desktop CVE-2024-50338 (CVSS score: 7.4) - Carriage-return character in remote URL allows the malicious repository to leak credentials in Git Credential ManagerCVE-2024-53263 (CVSS score: 8.5) - Git LFS permits retrieval of credentials via crafted HTTP URLsCVE-2024-53858 (CVSS score: 6.5) - Recursive repository cloning in GitHub CLI can leak authentication tokens to non-GitHub submodule hostsWhile the credential helper is designed to return a message containing the credentials that are separated by the newline control character ("\n"), the research found that GitHub Desktop is susceptible to a case of carriage return ("\r") smuggling whereby injecting the character into a crafted URL can leak the credentials to an attacker-controlled host."Using a maliciously crafted URL it's possible to cause the credential request coming from Git to be misinterpreted by Github Desktop such that it will send credentials for a different host than the host that Git is currently communicating with thereby allowing for secret exfiltration," GitHub said in an advisory.A similar weakness has also been identified in the Git Credential Manager NuGet package, allowing for credentials to be exposed to an unrelated host. Git LFS, likewise, has been found not to check for any embedded control characters, resulting in a carriage return line feed (CRLF) injection via crafted HTTP URLs. On the other hand, the vulnerability impacting GitHub CLI takes advantage of the fact that the access token is configured to be sent to hosts other than github[.]com and ghe[.]com as long as the environment variables GITHUB_ENTERPRISE_TOKEN, GH_ENTERPRISE_TOKEN, and GITHUB_TOKEN are set, and CODESPACES is set to "true" in the case of the latter."While both enterprise-related variables are not common, the CODESPACES environment variable is always set to true when running on GitHub Codespaces," Ry0taK said. "So, cloning a malicious repository on GitHub Codespaces using GitHub CLI will always leak the access token to the attacker's hosts."Successful exploitation of the aforementioned flaws could lead to a malicious third-party using the leaked authentication tokens to access privileged resources.In response to the disclosures, the credential leakage stemming from carriage return smuggling has been treated by the Git project as a standalone vulnerability (CVE-2024-52006, CVSS score: 2.1) and addressed in version v2.48.1."This vulnerability is related to CVE-2020-5260, but relies on behavior where single carriage return characters are interpreted by some credential helper implementations as newlines," GitHub software engineer Taylor Blau said in a post about CVE-2024-52006.The latest version also patches CVE-2024-50349 (CVSS score: 2.1), which could be exploited by an adversary to craft URLs containing escape sequences to trick users into providing their credentials to arbitrary sites.Users are advised to update to the latest version to protect against these vulnerabilities. If immediate patching is not an option, the risk associated with the flaws can be mitigated by avoiding running git clone with --recurse-submodules against untrusted repositories. It's also recommended to not use the credential helper by only cloning publicly available repositories.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Shane Snider, Senior Writer, InformationWeekJanuary 27, 20253 Min ReadimageBROKER.com GmbH & Co. KG via Alamy Stock DeepSeek, an underdog Chinese startup with a large language model boasting powerful performance at a fraction of competitors steep training costs, knocked OpenAIs ChatGPT from its top position in the Apple App Store -- a development that on Monday spooked investors enough to send US technology stocks plummeting.DeepSeek claims its V3 large language model cost just $5.6 million to train, a fraction of ChatGPTs reported training costs of more than $100 million. With comparable performance to OpenAIs o1 model, a 95% cost cut may be especially attractive to cash-strapped companies looking to leverage generative AI (GenAI).The development sparked a pre-market selloff for major AI players, including Nvidia, Microsoft, and Meta. Investors sold off around $1 trillion in tech stocks in pre-market trading alone, with the S&P falling 2.3% and Nasdaq dropping by nearly 4% before the opening bell. Nvidia, the worlds leading supplier of AI chips, fell more than 11% in early trading. Chip designer Arm, Broadcom, and Micron Technology also suffered losses.In a research note, Wedbush analyst Daniel Ives wrote: Clearly tech stocks are under massive pressure led by Nvidia as Wall Street will view DeepSeek as a major perceived threat to US tech dominance and owning this AI revolution.Chirag Dekate, vice president and analyst at Gartner, thinks Wall Street may have overreacted to the DeepSeek news. In an interview with InformationWeek, Dekate says developments that reduce training costs will have an overall positive impact.Its not just model innovation, its a system innovation, Dekate says. The DeepSeek innovations are real, and they matter Lowering the cost structures is a net positive for the overall industry DeepSeek enables a pathway to utilize resource more productively. Meta, Microsoft, Google, OpenAI and other AI innovators can utilize those underlying capabilities even better. That will likely define the future of GenAI.Why is DeepSeek a Potential Disrupter?Businesses can take advantage of massive cost savings on DeepSeeks application programming interface (API) that boast costs of $.55 per million input tokens and $2.19 per million output tokens, a fraction of OpenAIs API pricing of $15 per million input tokens and $60 per million output tokens.But those savings come at a price -- experts say widespread adoption of a Chinese-made model could pose significant security risks.National security concerns in November prompted a bi-partisan US congressional group to sound the alarm on Chinas progress in AI. The US-China Economic and Security Review Commission called for a government-funded effort to quickly develop artificial general intelligence (AGI) before China. AGI, which promises language models that match or better human intelligence, could be harnessed as a powerful weapon and give the country that first develops the technology a huge geopolitical advantage.And DeepSeek CEO Liang Wenfeng stated in a recent interview that developing AGI is a top priority. Our destination is AGI, which means we need to study new model structures to realize stronger model capability with limited resources, Wenfeng told Chinese publication ChinaTalk in a November interview.The US also alleges China backed hacking group Volt Typhoons efforts to disrupt US critical infrastructure. China remains the most active and persistent cyber threat to US government, private-sector and critical infrastructure efforts, according to a blog post from the Cybersecurity & Infrastructure Security Agency (CISA), who warned of continuing state-sponsored security threats.Despite lower costs, Dekate says, enterprises will not likely rush into using DeepSeek widely because of potential legal liabilities. Enterprises should always be careful about creating external facing products that are produced by open-source models, Dekate says, noting that enterprise grade AI models offer more guardrails, security, and higher quality outputs. There are going to be constraints [with open source models] that Gemini, OpenAI and other models do not have you are going to get a more comprehensive answer on certain topics.About the AuthorShane SniderSenior Writer, InformationWeekShane Snider is a veteran journalist with more than 20 years of industry experience. He started his career as a general assignment reporter and has covered government, business, education, technology and much more. He was a reporter for the Triangle Business Journal, Raleigh News and Observer and most recently a tech reporter for CRN. He was also a top wedding photographer for many years, traveling across the country and around the world. He lives in Raleigh with his wife and two children.See more from Shane SniderNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports

Daisy Ridleys Star Wars film is to be written by George Nolfi.The scribe, who previously penned The Bourne Ultimatum and Oceans Twelve, is set to write the script for Star Wars: New Jedi Order, which will see the return of Ridleys character Rey.The upcoming movie was initially due to be penned by Damon Lindelof and Justin Britt-Gibson, though the pair left the project in early 2023 due to creative differences with Lucasfilm.When New Jedi Order was announced at Star Wars Celebration in April 2023, Peaky Blinders creator Steven Knight was revealed as the new scribe for the movie, though he too parted ways with the flick in October 2024.A month later, rumors of New Jedi Orders production troubles began to ramp up after Disney removed a Star Wars film from its 2026 release schedule, and replaced it with Ice Age 6.LucasfilmLucasfilmloading...READ MORE: EveryStar WarsMovie, Ranked From Worst to BestAfter Knights departure and the change in Disneys release schedule had been reported, Ridley, 32, insisted the project was alive and well.She told City AM: Of course Im really excited to film and Im really excited to share developments with the world. Its all good, it really is!The Cleaner star who played Rey in J.J. Abrams The Force Awakens and The Rise of Skywalker, as well as Rian Johnsons The Last Jedi added she was speaking with Lucasfilm president Kathleen Kennedy about getting more involved behind the camera on the film.She said: All of those conversations are positive and happening. Certainly in the producorial way I dont know that I will be that involved, but what has been amazing was creatively Kathy told me the idea for the story which is great and Ive been over all of the developments ... So, I feel more consciously involved [than before] but I remember various things either J.J. or Rian told me, so I was always really made to feel involved.But on this one Im aware of the route development. Its also really nice to know that we have the time to do it right.While she is keeping her lips sealed about story specifics, the Magpie actress teased her husband Tom Bateman was in the know about what will happen in New Jedi Order.Ridley told People: "He knows the story. [He] swore to secrecy.Its also interesting because there are so many more intricacies than one might [think]. If Im describing something to you, the actual reality of what it is might be quite different. But he does know the story.Get our free mobile appMovies That Were Abandoned During Production and Never FinishedThese movies were started but never completed or released for a variety of reasons.

Time zones: EST (UTC -5), CST (UTC -6), MST (UTC -7), PST (UTC -8)USA Applicants ONLY! Please read full description before applying.Senior Full Stack Developer: A Unicorn Opportunity Awaits! Are you a tech unicorn whos not just platform-savvy but also loves solving business puzzles? If youve got 5+ years of experience (or an impressive 3-5 years thatll blow us away), a knack for PHP, JavaScript, and WordPress, and can dedicate 25-30+ hours a week, read onwere looking for you!Who We AreTech Guys Who Get Marketing is a quirky, entrepreneurial crew that partners with Fortune 500s, innovative nonprofits, and millionaire entrepreneurs. We bridge the gap between tech and marketing with creative solutions. If you value kindness, hate blame culture, and love what you do, youll fit right in.Who You AreA Problem-Solver Extraordinaire: You connect technical solutions to real-world business outcomes.Platform Agnostic: Versatile across tools, but a pro at PHP, JavaScript, and WordPress.A Clear Communicator: Comfortable leading client calls and articulating tech strategies.Curious & Adaptive: Quick to learn new platforms, tools, or solve puzzles.Marketing-Savvy: Bonus points if you understand how tech and marketing work together!What Youll DoStrategize and implement technical solutions that align with client goals.Develop custom SaaS apps, mobile apps, dashboards, and more.Attend client and team calls, providing clear updates and progress.Create tutorials, demos, and technical documentation in plain English.Conduct QA testing and ensure flawless execution.Perks of the JobFlexible Remote Work: No weekends required! While we respect your schedule, we also expect mutual respect for ours and for client expectations.Competitive Pay: $60$75/hr based on skills.Work-Life Balance: Collaborate with a team that values clear communication and efficiency to meet deadlines without overextending.Collaborative Team: Kindness and mutual support are in our DNA.How to ApplyWe want to see what makes you shine! Send us a short video introducing yourselfno need for Oscar-worthy production, just be you. Include your resume, portfolio, and anything else you think we should know.Send your video and resume to[emailprotected].Resumes without videos will be ignored, so dont skip this step!Tech Guys Who Get Marketing is an equal opportunity organization. We value diversity and are committed to creating an inclusive environment for all.Are you the unicorn were searching for? Apply now and join our misfit crew of creative problem-solvers!

Time zones: JST (UTC +9), CST (UTC +8), WIB (UTC +7), MMT (UTC +6:30), BST (UTC +6), NPT (UTC +5:45), IST (UTC +5:30), UZT (UTC +5), IRDT (UTC +4:30), GST (UTC +4)DescriptionWe are building a Talent Pool for future opportunities at We Work Remotely, and we are currently looking for Virtual Assistants based Philippines to join our growing team of professionals. While this is not a current job opening, we are gathering talented individuals for future roles. By applying, you'll be considered for upcoming projects as they arise.If you're a multitasking wizard, able to navigate tasks with the finesse of a digital nomad, all while needing minimal oversight, we're looking for you!Responsibilities could include:Provide administrative support to various departments.Handle incoming customer calls.Manage calendars, schedule meetings, and handle email correspondence.Assist with document preparation and data entry.Perform research and provide insights as needed.Communicate effectively with international teams.And much more!RequirementsExperience: Previous experience in customer support, administrative assistance, or a related field is preferred but not mandatory. Fresh talent is also welcome!Communication: Excellent verbal and written communication skills are a must. Your ability to engage customers and colleagues will set you apart!Tech-Savvy: Familiarity with customer support tools (like Zendesk or Freshdesk) and productivity software (like Google Workspace or MS Office) will be advantageous.Problem-Solving: You should approach challenges with a solution-oriented mindset, ready to think outside the box!Detail-Oriented: Paying close attention to details will ensure accuracy in your work and customer interactions.Reliability: We value dependability. You should be committed to meeting deadlines and keeping everyone informed.Schedule flexibility and availability during U.S. business hoursBenefitsWhy Join Our Talent Pool?Opportunity for future work as positions become available.Flexible, remote work environment.Join an inclusive, collaborative team and get the opportunity to be part of some of the best companies in the industry.To Apply:Please submit your resume and cover letter outlining why you're a great fit for the role. We will review your application, and if your qualifications align with our needs, well reach out to schedule an interview and keep your information on file for future opportunities. Related Jobs See more All Other Remote jobs

Force had opposed David Chipperfield-designed plan to redevelop former Royal Mint site as late as last monthCGI of David Chipperfields plans to redevelop the former Royal Mint site next to the Tower of LondonThe Metropolitan Police has withdrawn its objection to plans to build a new Chinese embassy in London after seeing research first submitted to the local council three years ago.Scotland Yard had objected to the David Chipperfield-designed scheme at the former Royal Mint site, next to the Tower of London, as recently as last month over fears that there would not be enough space in front of the proposed embassy to safely accommodate more than 100 protestors.It has now decided to back the scheme after being provided with additional information in the form of a 10-page report titled pedestrian comfort level assessment drawn up for the Chinese government by Arup and Cundall.But this report was submitted in February 2022 to a previous and largely identical version of the scheme, to which the Met was key consultee.It claims that up to 4,500 people could fit safely on the streets surrounding the proposed embassy, and up to 1,920 could be accommodated on space immediately in front of the site.The former application was rejected by the council in 2022 partly because of concerns over large numbers of protestors which could congregate at the site.The proposals were resubmitted in July last year but called in by communities secretary Angela Rayner in October. A public inquiry at the Planning Inspectorate is scheduled to start on 11 February and sit for up to six days, according to an update submitted to the council on Friday.Both Tower Hamlets council and the Met had objected to the scheme at a meeting of the councils strategic development committee on 9 December last year, at which councillors had voted to nominally reject the application.Tower Hamlets has now also withdrawn its objection to the plans following the withdrawal of the Mets objection, which had been the basis for the councils opposition.The Mets move follows a letter sent to the council earlier this month on 14 January by foreign secretary David Lammy and home secretary Yvette Cooper referencing further technical detail which had been provided by Tower Hamlets following a meeting on 12 December last year.Lammy and Cooper said: Whilst there remain differences of opinion on where protesters would most likely congregate, on balance, the Metropolitan Polices public order experts are content that there is sufficient space for future protests without significantly impacting the adjacent road network.The Metropolitan Police have therefore withdrawn their objection to the application.This was followed by an update to the council three days later from Scotland Yard Deputy Senior National Co-ordinator Elisabeth Chapple using similar wording as Lammy and Cooper to describe the Mets position.Chapple added: Were the information to have been made available to the MPS in advance of the Tower Hamlets Strategic Development [Planning] Committee, the MPS would not have objected to the application, and in light of the additional information the MPS has accordingly removed its objection to the application progressing.A spokesperson for the Met Police said: In December we objected to this application due to the potential impact of protests on local roads. The borough council has since re-introduced an assessment of the surrounding areas ability to accommodate protests this was not available at the point our objection was made.We have now considered this assessment and are satisfied the road network should not be significantly affected. As a result, we have removed our objection and expect that the planning inspector will provide their recommendation to the Government.In its previous objection to the plans, the Met had warned of serious disruption to the local area which could be caused by protests outside the embassy.In a letter on 14 November last year, the forces deputy assistant commissioner Jon Savell said there is nowhere at the location that would accommodate more than approximately 100 protestors.He added: In the event that more than 100 protestors attend the location they will either spill into the road or have to move across towards the Tower of London, an obvious iconic tourist attraction, which would adversely impact on visitors and other users of the area.Savell said overspill of protestors would compromise surrounding roads, which would be difficult for the police to ensure the safety of protestors without shutting down roads and causing greater community and business disruption.He added that the impact on local policing would be significant and would require officers to be taken away from frontline duties to fulfil the requirement of policing spontaneous and known protests at this location.Savells letter also noted that the new 2024 application appears to have been made with no changes from the initial proposal and with no consideration for the issues that led to its rejection previously.The Mets decision came days after chancellor Rachel Reeves returned from a trip to Beijing in an effort to improve trade and diplomatic relations with China, the worlds second largest economy.

Building will be tallest in Temple Quarter regenerationThe scheme will be 22 storeys highPlans by Corstorphine & Wright for a22-storey student accommodation block in Bristol have been approved by local councillors.The tower for developer Cubex is the tallest building to have the OK so far in the citys Temple Quarter development.It will include 531 beds as well as ground floor commercial space and pedestrian and cycle access to a nearby riverside promenade.Others working on the scheme include QS RLB, engineer Hoare Lea, planning consultant Avison Young and landscape architect Macgregor Smith.Cubex will also finance flood defences as part of the deal and provide more than 500,000 to improving travel infrastructure in the area.Wider plans for the regeneration of Temple Quarter include a refurbished Temple Meads railway station and a new campus for the University of Bristol.