The Esports World Cup Foundation (EWCF) today announced a partnership with Tencent, making Tencent E-sports its strategic partner in China.Read More

10:10 Games reportedly affected by staff cutsDecision allegedly made following "complete commercial and critical failure" of Funko FusionImage credit: 10:10 Games News by Sophie McEvoy Staff Writer Published on Feb. 17, 2025 Funko Fusion developer 10:10 has reportedly been hit with layoffs, with around 20 workers affected.This is according to Insider Gaming, which was told that the decision was made following the "complete commercial and critical failure" of Funko Fusion.Sources allege staff were made aware of the cuts in mid-January after the studio struggled to fund a future project, with some employees finding out while on vacation.Sources also claimed "the bare legal minimum" of severance entitlement has been offered in addition to unused holiday payment.GamesIndustry.biz has reached out to 10:10 Games for further clarification.Based in Warrington, 10:10 Games was founded in 2021 by Traveller's Tales devs veterans Jon Burton and Arthur Parsons. It launched its first game, Funko Fusion, in September 2024.

Astro Bot and Helldivers 2 win big at DICE Awards 2025Team Asobi's platformer won Game of the Year, Arrowhead Studios' co-op shooter took home four accoladesImage credit: Sony Interactive Entertainment News by Sophie McEvoy Staff Writer Published on Feb. 17, 2025 Team Asobi and Arrowhead Studios swept the 28th annual DICE Awards last week, with Astro Bot taking home the Game of the Year accolade.The platformer won five awards in total, including family game of the year in addition to achievements in animation, technology, and game design. Helldivers 2 was awarded action and online game of the year, and was recognised for its contributions in music and audio design.LocalThunk's breakout hit Balatro received three awards, including mobile and strategy simulation game of the year and outstanding achievement for an independent game.MachineGames' Indiana Jones and the Great Circle also took home three awards, winning adventure game of the year as well as achievements in character and story.Hosted by the Academy of Interactive Arts & Sciences, the DICE Awards is voted for by the organisation's more than 30,000 members.Elsewhere, Nintendo of America veteran Don James received the AIAS Lifetime Achievement Award, while Insomniac Games founder and outgoing CEO Ted Prince was inducted into the AIAS Hall of Fame.Here is the full list of winners:Game of the year: Astro BotAction game of the year: Helldivers 2Adventure game of the year: Indiana Jones and the Great CircleFamily game of the year: Astro BotFighting game of the year: Tekken 8Racing game of the year: F1 24Role-playing game of the year: Metaphor: RefantazioSports game of the year: MLB The Show 24Strategy/simulation game of the year: BalatroOnline game of the year: Helldivers 2Immersive reality game of the year: Batman: Arkham ShadowMobile game of the year: BalatroOutstanding achievement in animation: Astro BotOutstanding achievement in art direction: Black Myth: WukongOutstanding achievement in character: Indiana Jones and the Great Circle Dr. Henry "Indiana" JonesOutstanding achievement in original music composition: Helldivers 2Outstanding achievement in audio design: Helldivers 2Outstanding achievement in story: Indiana Jones and the Great CircleOutstanding technical achievement: Astro BotOutstanding achievement for an independent game: BalatroOutstanding achievement in game design: Astro BotOutstanding achievement in game direction: Animal WellImmersive reality technical achievement: Starship Home

Microsoft, you might have noticed, now flags that its games are coming to rival platforms during Xbox showcases. Its something weve seen in recent months as part of the companys multiplatform video game push. For example, the recent Xbox Developer Direct included PlayStation 5 alongside Xbox Series X and S, PC, and Game Pass at the end of the Ninja Gaiden 4, Doom: The Dark Ages, and Clair Obscur: Expedition 33 segments.As recently as Microsofts June 2024 showcase, that wasnt the case. There, Doom: The Dark Ages was announced for PlayStation 5 immediately after the Xbox event, although subsequent individual trailers did feature the PS5 logo. BioWares Dragon Age: The Veilguard was down as coming to Xbox Series X and S and PC, skipping the PS5 version. It was the same for Diablo 4 expansion Vessel of Hatred and Ubisofts Assassins Creed Shadows.PS5 logos were not featured during Microsoft's June 2024 showcase. Image credit: Microsoft.Sony and Nintendo continue to take a different approach. The recent State of Play showcase did not mention Xbox at all, even though it included multiplatform games. For example, the Monster Hunter Wilds segment finished with the release date and PS5 logo only. No word of PC, Steam, or Xbox. Segas Shinobi: Art of Vengeance was shown as coming to PS4 and PS5, even though its also coming to PC via Steam, Xbox Series X and S, and Nintendo Switch. Metal Gear Solid Delta: Snake Eater and Onimusha: Way of the Sword were in the same boat.Sony, clearly, is sticking to whats worked for its gaming business for decades now, reinforcing its consoles as PlayStations point of interest. Microsofts well-documented change in strategy, however, has come with a corresponding change in marketing.PS5 logos showed up during Microsoft's January 2025 showcase. Image credit: Microsoft.In an interview with XboxEra, Microsoft gaming boss Phil Spencer was asked directly about Xbox showcases featuring the PlayStation logo now.Heres the question:Is this just hey, this is the band-aid off guys, theres still going to be different decisions but this is the new era. Get used to the way things are going to be. How would you frame that to the community?And heres Spencers answer:I think its just being honest and transparent about where the games are showing, and we actually even had this discussion last year for the June showcase, and by the time we kind of made our decision, we couldnt get all of the assets done and it felt weird to have some of them in and some of them out.But I just want to be transparent with people for shipping on Nintendo Switch, were gonna put that. For shipping on PlayStation, on Steam... People should know the storefronts where they can get our games, but I want people to be able to experience our Xbox community in our games and everything we have to offer, on every screen we can.And obviously not every screen is equal. Yeah, like theres certain things we cant do on the other closed platforms that we can do on open platforms, cloud its different. But games should be the thing that were focused on. And the strategy that we have allows us to do big games, while also supporting our native platform from hardware to the platform and services that we have and thats going to be our approach.And I know its not what everybody else is doing, but I just believe games should be the thing thats at the forefront. Maybe its because of how Ive grown up in this industry. I came from building games. But I think the games are the things that I see growing in their strength in what were doing and its because more people can play. So yeah, Im just trying to be open and transparent with people.With this in mind, expect to see more logos for PS5 and, in the future, Nintendo Switch 2 in Xbox showcases. So, when Microsoft hosts its inevitable June 2025 showcase, perhaps then well see the likes of Gears of War: E-Day, Fable, Perfect Dark, State of Decay 3, and of course this years Call of Duty with a PS5 logo alongside Xbox.Just dont expect Nintendo and Sony to follow suit.Wesley is the UK News Editor for IGN. Find him on Twitter at @wyp100. You can reach Wesley at wesley_yinpoole@ign.com or confidentially at wyp100@proton.me.

Ubisoft has teased a significant evolution of Rainbow Six Siege, promising to unveil what it calls Siege X in March.Siege X is described as the biggest transformation in the game's history, including new tactical gameplay, graphical and audio upgrades, and more. This is not Rainbow Six Siege 2, rather a significant change for Rainbow Six Siege designed to set the competitive multiplayer game for its second decade of live service.The Siege X teaser trailer is below.PlayRainbow Six Siege struggled when it launched in December 2015, but Ubisofts work to improve the game is seen as one of the most dramatic turnarounds in video game history alongside Final Fantasy 14 and No Mans Sky.In the last decade, Rainbow Six Siege has proven a reliable money-spinner even when Ubisofts other attempts at live service have fallen by the wayside. In recent years, when Ubisoft has found the going particularly tough, Rainbow Six Siege has helped prop up those financial reports. Now, there's even more pressure on Siege X, given Ubisoft's high-profile troubles.10 years is a long time for any video game to remain relevant and financially stable, and so it makes sense that Ubisoft would want to refresh Rainbow Six Siege with a headline-grabbing evolution. Ubisoft will announce more on March 13 at the Siege X Showcase.Wesley is the UK News Editor for IGN. Find him on Twitter at @wyp100. You can reach Wesley at wesley_yinpoole@ign.com or confidentially at wyp100@proton.me.

If youve paid any attention to the fantasy fiction section of your local bookstore, youve probably heard of Sarah J. Maas. Her books have sold over 13 million copies, shes a fixture at the top of the New York Times bestseller list, and her complex stories have given rise to the sort of rabid fandom that lends itself to eager YouTube discourse, complicated reader theories about its characters and larger universe, and a bustling Etsy economy of assorted themed fan-made products. People that love Maass books, love her books. People who dont love her booksprobably just havent read them yet.Though her first series, Throne of Glass, was published in 2012, it wasnt until her second, A Court of Thorns and Roses began in 2015 that she became a crossover sensation. Thanks to its feisty heroine, its Beauty and the Beast-inspired narrative framing, and the rich, emotional complexity and interiority she gifts her female characters, the ACOTAR novels drew in not just YA and fantasy readers, but more mainstream lovers of romance. The ACOTAR hashtag on TikTok currently boasts over 8.5 billion views, and Maas herself has 1.5 million followers on Instagram, well beyond any other popular author of romantic fantasy. (Yes, even Rebecca Yarros, whose Fourth Wing feels like its everywhere at the moment.)The A Court of Thorns and Roses BooksThe A Court of Thorns and Roses series currently spans five books, most of a doorstopper size J.R.R. Tolkien might approve of, with at least two more on the horizon. (Though Maas has been rather cagey about which characters the forthcoming installments will spotlight.) While some corners of the publishing world (and, unsurprisingly, the internet) deride her works for being too focused on traditionally female themes like love and sex, Maass books are surprisingly thoughtful explorations of healing and self-acceptance, in which her heroines embrace of their true selves is every bit as important as finding a romantic partner or saving the world.A Court of Thorns and Roses ostensibly follows the story of Feyre Acheron, who accidentally kills a fairy wolf to feed her starving family. When an ancient treaty demands a life for a life in return for the one she thoughtlessly took, she chooses to journey to the magical kingdom of Prythian where shell essentially live as a prisoner of the mysterious beast-like creature known as Tamlin. As any regular reader of fantasy will have already guessed, thats only the beginning of the sprawling, complex saga that follows, which involves everything from fairies and royal courts full of magic tied to specific seasons and times of day, to ancient curses, fated lovers, and dense political intrigue.Attempts to Bring ACOTAR to the ScreenGiven its massive popularity, its not going to surprise anyone that there have already been attempts to bring the story of Feyre and friends to life. Tempo optioned the film rights in 2015 and the project progressed to the point where Maas herself teased an early look at the script, which was written by Rachel Hirons. However, the film adaptation eventually sputtered out, and if were honest, its probably for the best. While its thrilling to imagine the version of Prythian that might be created by big studio movie budgets, the run time of even the longest potential feature film would require some serious condensing of the original text in a way that would almost certainly leave out key moments or characters.In 2021, it was announced that streamer Hulu was working on a TV adaptation of ACOTAR with Ronald D. Moore of Outlander and Battlestar Galactica fame, alongside Maas herself, who was reportedly co-writing the pilot. Development on the series was relatively slow in the three years since this initial announcement, and although Maas confirmed as recently as last summer that she was still working on the script, in February 2025 it was confirmed by Variety that Hulu had scrapped its plans, and that Disneys rights to the series would expire in late summer 2025.ACOTAR Would Have Been the Perfect Next Step for Fantasy TVACOTAR has always made more sense as a television series, where its sprawling cast of characters and complicated plot can have the room to breathe they deserve. But also because our current fantasy television landscape desperately needs a show like ACOTAR.Maass books are wildly popular due to their dense plotting, steamy romances, and rug-pulling narrative and emotional twists. But where her works differ from many of the other big-name fantasy series of the day (looking at you, George R.R. Martin), is how explicitly female-focused they are. The ACOTAR series not only features a female lead, but a squad of a half dozen other women around her, each with stories, agency, and relationships of their own. (Nesta, Feyres sister, is even the primary protagonist of one of the later ACOTAR novels.) Maass books feature plenty of sex and romance but lack the lurking threat of sexual menace that permeates so much of the world of high fantasy, both on the page and onscreen. Theres no rape and most sexual encounters occur between a set of fated partners, tied together by not just desire, but love and destiny, their romance a crucial piece of the endgame of the larger story the books are telling.For all Maass reputation as the undisputed queen of the romantasy genrethe publishing term for books that simultaneously embrace epic love stories right alongside their dense fantasy plots without sacrificing the quality of eitherher novels are uniquely grounded in a very specific female experience. Yes, Feyre must ultimately work to save Prythian from an ancient evil, but at its heart, these books are about how its heroine learns to save herself. ACOTAR is as much a story of healing and self-acceptance as it is a magical adventure, and in order to save the world, Feyre must first confront the pain and trauma thats holding her back. Power in Maas world doesnt often come in the form of a sword or a magical talisman. Instead, it often looks a whole lot like forgiveness, peace, and self-knowledge.These are precisely the sorts of stories that television as a medium is uniquely equipped to explore. Multiple seasons of an ACOTAR show would not only be able to more accurately convey the sheer scope of Maass fictional world and its characters, but give each of its fascinating women and their individual stories the focus they deserve. And in an entertainment landscape thats already shown us plenty of male-centric fantasy stories, its past time for one thats unabashedly about and for women. From Feyres sisters Nesta and Elain to Morrigan, the sultry but powerful third in command of the Night Court to the mysterious and vaguely monstrous Amren, the ACOTAR universe is one thats powered by the emotional journeys of womenno matter how attractive Tamlin, Rhysand and the storys leading men might happen to be, and thats precisely the kind of fantasy our screens could use more of.Now that the Hulu project is officially no more, fingers crossed that another network or streamer picks up the opportunity to put this story on screen.Join our mailing listGet the best of Den of Geek delivered right to your inbox!

This article contains MAJOR SPOILERS FOR THE GORGE.There is a line of dialogue in the first act of The Gorge which is so grandiloquent, so full of genre promise, that it will give almost anyone pause. This includes Scott Derrickson, a director with more than 20 years in the business of crafting genre promises, and terrors, in films like Sinister and The Exorcism of Emily Rose.The Gorge is the door to hell, Miles Tellers deeply troubled Army sniper Levi is warned in the script. And were standing guard at the gate. Upon coming across that gem of a line in Zach Deans screenplay, Derrickson realized he had to know whats inside the Gorgean almost mythical ravine shrouded in eternal fog and watched over by two sentries located on opposite watchtowersand soon enough hed make sure we all knew too.I got very excited and I felt like the mystery of what was down there was very compelling, Derrickson says years later when we catch up with the filmmaker on the other side of entering that ravine. Indeed, that descent into the unknown became an obsession for a storyteller who admired Deans narrative tightrope-walk between a multitude of genres: horror, science fiction, paranoid political thriller, and even romance. But it was also an opportunity for the director of Doctor Strange and The Black Phone to create something new and relatively unseen even in the annals of genre cinema.I rewrote maybe a third of the script, Derrickson confirms. I felt when we got down into the Gorge, what was in there in the original script was too much like a traditional zombie movie. So most of the writing that I did on it was to try to create something more original down there.If youve seen the movie, you know what strange and weird shapes that something took, and how it in turn shaped a story of a man, a woman, and the old-world divide between them. The implications of which extend far beyond just monsters waiting in the voidWhats Inside The GorgeWhen Anya Taylor-Joys Lithuanian sniper on the Eastern watchtower sees her counterpart fall beneath the mist at the midway point of The Gorge, more than just a cloud has been penetrated. The strangely idyllic and extended first act of the movie has likewise seen its serenity shattered. A lover is in danger, a line is crossed, and without hesitation Drasa is in free fall after him (albeit with a parachute in her case).What awaits beneath is hellish, yet no less lyrical than the first act where the monsters beneath are described to be Hollow Men, a reference to a 1925 poem by T.S. Eliot. While Eliot was using images from folklore to describe the lost souls who returned home from World War I, Derrickson sought to literalize the ancient imagery of a dehumanized, infected presence. After all, the first thing we even see down there are roots which open up like the mouth of a Venus flytrap around poor Levi.The attempt was to create a mythology that was not a populist mythology, Derrickson explains. I wasnt drawing so much on cinema as I was on folk horrorthe older classic idea of plant people, stickmen, sentient trees, which you get a bit of in Lord of the Rings. Things that cinema hasnt been too preoccupied with. Derrickson credits colleague David Bruckners The Ritual and the 1963 adaptation of John Wyndhams The Day of the Triffids as inspirations, but notes that in the realm of horror and science fiction cinema, he had a relatively wide-open field to make those ideas his own.The idea was to have this DNA blending of flora and fauna and insects, and to have very strange things like the tree roots that he is attacked by at the very beginning, and to set the tone that you might see just about anything down here.This includes a cavalry of Hollow (or plant) men that look like a pagan nightmare as they biologically blend with their steeds. Its heavily teased that these were the soldiers sent into the Gorge during the late 1940s, but apparently the original plan was to be even darker. In the script, its confirmed that the leader among the Hollow Men is Levis predecessor in the West watchtowerthe poor bastard who named these creatures after the Eliot poem.Join our mailing listGet the best of Den of Geek delivered right to your inbox!I actually shot more material revealing, for example, the Alpha was Bradford Shaw, the first sentry in the West Tower, and who led the cavalry group down into the Gorge to try to destroy what was there and instead became infected and became part of it, the director explains. I thought dealing with the humanity of that was going to be necessary and important, but I continually found as I was making the movie that it was just getting in the way of the larger themes and the action, and tonally shifting things in a direction that wasnt really working. So about a third of the way through production, I stopped shooting that and I instead tried to focus on the suffering that they were enduring.Whats left in the film raises a chilling question of how intelligent these creatures are, or what their intentions might be. Viewers can ascertain they probably do want to feed on Levi and Drasa, as indicated by the scraps of bones they keep in their hovels, but Derrickson admits he wanted to maintain an air of mystery about how unsettling things really get down there.Part of it is instinctive animal aggression, Derrickson considers. The intruder comes in and needs to be taken out. Theyre sort of protecting on instinct what is their own space. Thats part of it, but it could be a lot of things. It could be sex. Theres no females down there. What happened to them?The mystery invites second-guessing and speculation, but at the end of the day, the Gorge acts as a metaphor for several things, chief among them is a liberation from the type of compartmentalization and self-denial that can make a perfect soldier and a broken human being. A hollow man. Says Derrickson, What I discovered in the process of working on it is it is about truth revealed and its about secrecy, and the mutated, devastating results of secrets held for too long. The truth wants to get out. The truth wants to be known, and if you dont let it out, it tends to come out in very terrible ways.This is indicative of the contrast between Levi and Drasa in the movie. While they are both soldiers pitted on literally opposing sides, Drasa seems much more balanced than Levi, who is selected by a woman called Bartholomew (Sigourney Weaver) for this assignment because he admits he is unable to form personal attachments, either romantic or platonic. As he eventually tells Drasa though, if you keep burying your pain and secrets, eventually the graveyard gets full.Drasa didnt have that damage because she had a confessor, a priest-like confessor in her father who literally says give me your shame, Derrickson notes. He takes the cartridge that killed the man in the opening scene and Levi didnt have that. Thus the only way he has to find that equilibrium is by digging up the secrets. Bringing truth of the Gorge to light.Sigourney Weaver Finally Gets Her Goddamn PercentageIf the creature feature elements inside the Gorge, with their snake beards and carnivorous tree trunks, represent a nigh Lovecraftian horror, then Weavers Bartholomew represents something else thats far chillier and more timely: a corporate stooge who, as another Weaver character once surmised about such folk, is out to get a goddamn percentage.You cant cast Sigourney Weaver in a science fiction movie and not be conscious and conscientious about what she brings to the table in terms of genre credibility and influence, and homage by her mere presence, Derrickson laughs when we bring up comparisons between Bartholomew and the kind of company men Ellen Ripley stared down. Yet there is a modern insidiousness to Weavers latest character.Here is a film about two people of similar temperament and spirit being ordered to distrust and fear one another. They are literally divided along old Cold War lines of East and West, complete with the 80s vinyl soundtrack that goes with it. Both are also being played off each other by a modern tech company that has privatized warfare, turning soldiers into mercenaries and guinea pigs.I think thats the importance of [her] role, says Derrickson, and boy is it ever relevant right now. The idea of high-dollar corporate presence and their involvement in, and Ill try not to get too political, but their involvement in use of the American military is really troublesome and blood-curdling when you take a hard look at it. With that said, one of the reasons Weaver did the role is she nor Derrickson wanted Bartholomew to be complete slime.Shes not evil like Burke in Aliens, shes not driven by greed, Derrickson insists. Instead she, as with perhaps many well-dressed contractors, believes private research (and privatized frontlines) is where breakthroughs are now made. What shes doing is in her mind not just justifiable but necessary.The Biggest Leap of AllThe Gorge acts as a metaphor for many an unpleasant thing. It represents the need for an individual to let the truth out; for a government or corporation to have it ripped free; and as a gateway to a primeval, animalistic past. Above all, however, it could just be a literal manifestation of the terror, and exhilaration, of crossing the gulf between you and another person. How else do you describe a movie that culminates with Levi and Drasa emerging from the abyss, and for shut-off Levi to only then say I love you?As Derrickson points out: I sort of see the movie genre-wise as not just a double rainbow but like a quintet of rainbows. And the largest overarching rainbow is the romance. Its a romantic movie from beginning to end, and under that is like sci-fi, then action, then horror, then political thriller.While the first half of the bifurcated movie has the obvious structure of a meet-cute, albeit with a distinctly peculiar setting above the mouth of hell, it is the second half of the movie where the sparks really fly.I think the most romantic gesture in the entire movie is the speed with which she just jumps in after he falls in, says the director. I just think thats the most romantic moment in the movie, and then coming out of that, surviving and facing the underworld.In the darkness below, there is plenty of horrifying imagery, which the helmer happily compares to even a video game. But, he adds, I was very focused in every one of those scenes with how they watch each other, check on each other, defend each other, put themselves in harms way for the other person. All of that is a continuing extension of the romance. When they emerge, they have the ability to be true to each otherand to the world by ridding it of that damn Gorge.The Ending(s) Not TakenAfter the heroes escape the underworld, the distractions of man seem a trifle. Bartholomew and the Gorge itself are destroyed, and the lovers briefly separated before a reunion in the sunny South of France. It is, in other words, a happy ending. It was also the happiest version of the alternatives considered.We talked a lot about the ending, and I shot an ending initially that wasnt really different, but it ended in the same graveyard where she was with her [father], Derrickson reveals. That was a little more bittersweet in its tone, ending with the gravestones all around them. Even though it was beautiful, the reality of surrounding death was also there. And then we reshot it [and replaced it with] the one thats in the movie, which I quite like.The director contends he is neutral about which filmed ending he prefers, stating he sees advantages to both the more elegiac road not taken and the idyllic one finally chosen. However, he contends he knew it needed to always conclude with the lovers together after initial discussions considered the idea of one or both of them being infected by the biological virus inside the Gorge.There was definitely conversations about one of them being infected and what would happen to the other one, Derrickson says, because a lot of great romancesTitanic being the classic one[prove] the death of a character doesnt take away but adds to the frozen in time quality of the romance. Yet in a movie about redemption for two people, separating them after an emotional breakthrough might have been too cruel even for the director of Sinisters infamously nihilistic conclusion.Look at the ending of some of my films, I dont have any problem with an extraordinarily bleak ending, the director laughs. But yeah, in this case, I felt like it was important for me as a storyteller to see them get their reward for what they had put themselves through willingly, and for what they had accomplished, and what Levi had done in dealing with himself and facing himself. I thought if you take all that away from one of them in death, I felt like the story would somehow deplete the value of what they had been through.Of the many genres Derrickson, Teller, Taylor-Joy, and Dean got to play fast and loose with, it is romance which climbed above them all.The Gorge is streaming now on Apple TV+.

Welcome to this week's Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights. Threat of the WeekRussian Threat Actors Leverage Device Code Phishing to Hack Microsoft Accounts Microsoft and Volexity have revealed that threat actors with ties to Russia are leveraging a technique known as device code phishing to gain unauthorized access to victim accounts, and use that access to get hold of sensitive data and enable persistent access to the victim environment. At least three different Russia-linked clusters have been identified abusing the technique to date. The attacks entail sending phishing emails that masquerade as Microsoft Teams meeting invitations, which, when clicked, urge the message recipients to authenticate using a threat actor-generated device code, thereby allowing the adversary to hijack the authenticated session using the valid access token.Upgrade Security Now Top NewswhoAMI Attack Exploits AWS AMI Name Confusion for Remote Code Execution A new type of name confusion attack called whoAMI allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. Datadog, which detailed the attack, said roughly 1% of organizations monitored by the company were affected by the whoAMI, and that it found public examples of code written in Python, Go, Java, Terraform, Pulumi, and Bash shell using the vulnerable criteria. AWS told The Hacker News that there is no evidence of malicious exploitation of the security weakness.RansomHub Targets Over 600 Orgs Globally The RansomHub ransomware operation has targeted over 600 organizations across the world, spanning sectors such as healthcare, finance, government, and critical infrastructure, making it one of the most active cybercrime groups in 2024. One such attack has been found to weaponize now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network's domain controller as part of their post-compromise strategy.REF7707 Uses Outlook Drafts for Command-and-Control A previously undocumented threat activity cluster dubbed REF7707 has been observed using a remote administration tool named FINALDRAFT that parses commands stored in the mailbox's drafts folder and writes the results of the execution into new draft emails for each command. It makes use of the Outlook email service via the Microsoft Graph API for command-and-control (C2) purposes. The group has been observed targeting the foreign ministry of an unnamed South American nation, as well as a telecommunications entity and a university, both located in Southeast Asia.Kimsuky Embraces ClickFix-Style Attack Strategy The North Korean threat actor known as Kimsuky (aka Black Banshee) is using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them. "To execute this tactic, the threat actor masquerades as a South Korean government official and over time builds rapport with a target before sending a spear-phishing email with an [sic] PDF attachment," Microsoft said. Users are then convinced to click on a URL, urging them to register their device in order to read the PDF attachment. The end goal of the attack is to establish a data communication mechanism that allows the adversary to exfiltrate data.Law Enforcement Op Takes Down 8Base A consortium of law enforcement agencies has arrested four Russian nationals and seized over 100 servers linked to the 8Base ransomware gang. The arrests were made in Thailand. Two of the suspects are accused of operating a cybercrime group that used Phobos ransomware to victimize more than 1,000 public and private entities in the country and across the world. The development comes in the aftermath of a series of high-profile ransomware disruptions associated with Hive, LockBit, and BlackCat in recent years. Late last year, Evgenii Ptitsyn, a 42-year-old Russian national believed to be the administrator of the Phobos ransomware, was extradited to the U.S. Trending CVEsYour go-to software could be hiding dangerous security flawsdon't wait until it's too late! Update now and stay ahead of the threats before they catch you off guard.This week's list includes CVE-2025-1094 (PostgreSQL), CVE-2025-0108 (Palo Alto Networks PAN-OS), CVE-2025-23359 (NVIDIA Container Toolkit), CVE-2025-21391 (Microsoft Windows Storage), CVE-2025-21418 (Microsoft Windows Ancillary Function Driver for WinSock), CVE-2024-38657, CVE-2025-22467, CVE-2024-10644 (Ivanti Connect Secure), CVE-2024-47908 (Ivanti Cloud Services Application), CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56134, CVE-2024-56135 (Progress Kemp LoadMaster), CVE-2025-24200 (Apple iOS and iPadOS), CVE-2024-12797 (OpenSSL), CVE-2025-21298 (Microsoft Windows OLE), CVE-2025-1240 (WinZip), CVE-2024-32838 (Apache Fineract), CVE-2024-52577 (Apache Ignite), CVE-2025-26793 (Hirsch Enterphone MESH), CVE-2024-12562 (s2Member Pro plugin), CVE-2024-13513 (Oliver POS A WooCommerce Point of Sale (POS) plugin), CVE-2025-26506 (HP LaserJet), CVE-2025-22896, CVE-2025-25067, CVE-2025-24865 (mySCADA myPRO Manager), CVE-2024-13182 (WP Directorybox Manager plugin), CVE-2024-10763 (Campress theme), CVE-2024-7102 (GitLab CE/EE), CVE-2024-12213 (WP Job Board Pro plugin), CVE-2024-13365 (Security & Malware scan by CleanTalk plugin), CVE-2024-13421 (Real Estate 7 theme), and CVE-2025-1126 (Lexmark Print Management Client). Around the Cyber WorldFormer Google Engineer Charged with Plan to Steal Trade Secrets Linwei Ding, a former Google engineer who was arrested last March for transferring "sensitive Google trade secrets and other confidential information from Google's network to his personal account," has now been charged with seven counts of economic espionage and seven counts of theft of trade secrets related to the company's AI technology between 2022 and 2023. This included detailed information about the architecture and functionality of Google's Tensor Processing Unit (TPU) chips and systems and Graphics Processing Unit (GPU) systems, the software that allows the chips to communicate and execute tasks, and the software that orchestrates thousands of chips into a supercomputer capable of training and executing cutting-edge AI workloads. The trade secrets also relate to Google's custom-designed SmartNIC, a type of network interface card used to enhance Google's GPU, high performance, and cloud networking products. "Ding intended to benefit the PRC government by stealing trade secrets from Google," the U.S. Department of Justice said. "Ding allegedly stole technology relating to the hardware infrastructure and software platform that allows Google's supercomputing data center to train and serve large AI models." The superseding indictment also stated that Chinese-sponsored talent programs incentivize individuals engaged in research and development outside the country to transmit such information in exchange for salaries, research funds, lab space, or other incentives. If convicted, Ding faces a maximum penalty of 10 years in prison and up to a $250,000 fine for each trade-secret count and 15 years in prison and a $5,000,000 fine for each economic espionage count.Windows UI Flaw Exploited by Mustang Panda Israeli cybersecurity company ClearSky has warned that a suspected Chinese nation-state group known as Mustang Panda is actively exploiting a UI vulnerability in Microsoft Windows. "When files are extracted from compressed 'RAR' files they are hidden from the user," the company said. "If the compressed files are extracted into a folder, the folder appears empty in the Windows Explorer GUI. When using the 'dir' command to list all files and folders inside the target folder, the extracted files and folders are 'invisible/hidden' to the user. Threat actors or users can also execute those compressed files from a command line prompt, if they know the exact path. As a result of executing 'attrib -s -h' to system protected files, an unknown file type is created from the type 'Unknown' ActiveX component." It's currently not clear who are the targets of the attack, and what the end goals of the campaign are.Meta Paid Over $2.3M in Bug Bounty Rewards in 2024 Meta said it paid out more than $2.3 million in rewards to nearly 200 security researchers as part of its bug bounty program in 2024. In total, the company has handed out more than $20 million since the creation of the program in 2011. The top three countries based on bounties awarded in 2024 are India, Nepal, and the United States.Critical ThinkPHP and OwnCloud Flaws Under Active Exploitation Threat actors are attempting to actively exploit two known security vulnerabilities impacting ThinkPHP (CVE-2022-47945, CVSS score: 9.8) and OwnCloud (CVE-2023-49103, CVSS score: 10.0) over the past few days, with attacks originating from hundreds of unique IP addresses, most of which are based in Germany, China, the U.S., Singapore, Hong Kong, the Netherlands, the U.K., and Canada. Organizations are recommended to apply the necessary patches (ThinkPHP to 6.0.14+ and ownCloud GraphAPI to 0.3.1+) and restrict access to reduce the attack surface.FSB Mole Arrested in Ukraine The Secret Service of Ukraine (SSU) said it had detained one of its own high-level officials, accusing them of acting as a mole for Russia. The individual, one of the officials of the SSU Counterterrorism Center, is alleged to have been recruited by Russia's Federal Security Service (FSB) in Vienna in 2018, and actively began engaging in espionage at the end of December last year, transmitting documents containing state secrets, to the intelligence agency via a "special mobile phone." The SSU, upon learning of the man's actions, said it "used him in a counterintelligence 'game': through the traitor the SSU fed the enemy a large amount of disinformation." The individual's name was not disclosed, but the Kyiv Independent said it's Colonel Dmytro Kozyura, citing unnamed SSU sources.LLMjacking Hits DeepSeek Malicious actors have been observed capitalizing on the popularity of AI chatbot platform DeepSeek to conduct what's called LLMjacking attacks that involve selling the access obtained to legitimate cloud environments to other actors for a price. These attacks involve the use of stolen credentials to allow access to machine learning services via the OpenAI Reverse Proxy (ORP), which acts as a reverse proxy server for LLMs of various providers. The ORP operators hide their IP addresses using TryCloudflare tunnels. Ultimately, the illicit LLM access is used to generate NSFW content, and malicious scripts, and even circumvent bans on ChatGPT in countries like China and Russia, where the service is blocked. "Cloud-based LLM usage costs can be staggering, surpassing several hundreds of thousands of dollars monthly," Sysdig said. "The high cost of LLMs is the reason cybercriminals choose to steal credentials rather than pay for LLM services. Due to steep costs, a black market for access has developed around OAI Reverse Proxies and underground service providers have risen to meet the needs of consumers."Romance Baiting Scams Jump 40% YoY Pig butchering scams, also called romance baiting, have accounted for 33.2% of the estimated $9.9 billion revenue earned by cybercriminals in 2024 from cryptocurrency scams, growing nearly 40% year-over-year. However, the average deposit amount to pig butchering scams declined 55% YoY, likely indicating a shift in how these scams are conducted. "Pig butchering scammers have also evolved to diversify their business model beyond the 'long con' of pig butchering scams which can take months and even years of developing a relationship before receiving victim payments to quicker turnaround employment or work-from-home scams that typically yield smaller victim deposits," Chainalysis said. Further analysis of on-chain activity has found that HuiOne Guarantee is heavily used for illicit crypto-based activities supporting the pig butchering industry in Southeast Asia. Scammers have also been observed using generative AI technology to facilitate crypto scams, often to impersonate others or generate realistic content.Security Issues in RedNote Flagged It's not just DeepSeek. A new network security analysis undertaken by the Citizen Lab has uncovered multiple issues in RedNote's (aka Xiaohongshu) Android and iOS apps. This includes fetching viewed images and videos over HTTP, transmitting insufficiently encrypted device metadata, as well as a vulnerability that enables network attackers to learn the contents of any files that RedNote has permission to read on the users' devices. While the second vulnerability was introduced by an upstream analytics SDK, MobTech, the third issue was introduced by NEXTDATA. As of writing, all the flaws remain unpatched. The vulnerabilities "could enable surveillance by any government or ISP, and not just the Chinese government," the Citizen Lab said.CISA Urges Orgs to Address Buffer Overflows The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released a Secure by Design Alert, urging organizations to eliminate buffer overflow vulnerabilities in software. "These vulnerabilities can lead to data corruption, sensitive data exposure, program crashes, and unauthorized code execution," the agencies said, labeling them as unforgivable defects. "Threat actors frequently exploit these vulnerabilities to gain initial access to an organization's network and then move laterally to the wider network." Saeed Abbasi, manager of vulnerability research at Qualys Threat Research Unit (TRU), emphasized the need to switch from memory unsafe languages. "Legacy excuses are out; the world has zero tolerance for memory-unsafe code in 2025," Abbasi said. "Yes, rewriting old systems is daunting, but letting attackers exploit decades-old buffer overflows is worse. Organizations still clinging to unsafe languages risk turning minor vulnerabilities into massive breachesand they can't claim surprise. We've had proven fixes for ages: phased transitions to Rust or other memory-safe options, compiler-level safeguards, thorough adversarial testing, and public commitments to a secure-by-design roadmap. The real challenge is collective will: leadership must demand memory-safe transitions, and software buyers must hold vendors accountable."Foreign Adversaries Target Local Communities in the U.S. for Influence Ops A new report from the Alliance for Securing Democracy (ASD) has found that foreign nation-state actors from Russia, China, and Iran are running influence operations that exploit trust in local sources and impact state and local communities in the U.S. with an aim to manipulate public opinion, stoke discord, and undermine democratic institutions. "In some cases, adversarial nations seek favorable outcomes around local policy issues; in others, they use local debates as Trojan horses to advance their broader geopolitical agendas," the research said. Russia emerged as the most active threat actor, with 26 documented cases designed to polarize Americans through themes related to immigration and election integrity. Beijing, on the other hand, sought to cultivate support for Chinese state interests.Financial Orgs Asked to Switch to Quantum-Safe Cryptography Europol is urging financial institutions and policymakers to transition to quantum-safe cryptography, citing an "imminent" threat to cryptographic security due to the rapid advancement of quantum computing. The primary risk is that threat actors could steal encrypted data today with the intention of decrypting it in the future using quantum computing, a technique called "harvest now, decrypt later" or retrospective decryption. "A sufficiently advanced quantum computer has the potential to break widely used public-key cryptographic algorithms, endangering the confidentiality of financial transactions, authentication processes, and digital contracts," the agency said. "While estimates suggest that quantum computers capable of such threats could emerge within the next 10 to 15 years, the time required to transition away from vulnerable cryptographic methods is significant. A successful transition to post-quantum cryptography requires collaboration among financial institutions, technology providers, policymakers, and regulators." Last year, the U.S. National Institute of Standards and Technology (NIST) formally announced the first three "quantum-safe" algorithms.Google Addresses High Impact Flaws Google has addressed a pair of security flaws that could be chained by malicious actors to unmask the email address of any YouTube channel owner's email address. The first of the two is a vulnerability identified in a YouTube API that could leak a user's GAIA ID, a unique identifier used by Google to manage accounts across its network of sites. This ID could then be fed as input to an outdated web API associated with Pixel Recorder to convert it into an email when sharing a recording. Following responsible disclosure on September 24, 2024, the issues were resolved as of February 9, 2025. There is no evidence that these shortcomings were ever abused in the wild.New DoJ Actions Target Crypto Fraud Eric Council Jr., 25, of Alabama, has pleaded guilty to charges related to the January 2024 hacking of the U.S. Securities and Exchange Commission's (SEC) X account. The account was taken over to falsely announce that the SEC approved BTC Exchange Traded Funds, causing a spike in the price of bitcoin. The attack was carried out through an unauthorized Subscriber Identity Module (SIM) swap carried out by the defendant, tricking a mobile phone provider store to reassign the victim's phone number to a SIM card in their possession using a fraudulent identity card printed using an ID card printer. Council, who was arrested in December 2024, pleaded guilty to conspiracy to commit aggravated identity theft and access device fraud. If convicted, he faces a maximum penalty of five years in prison. In a related development, a 22-year-old man from Indiana, Evan Frederick Light, was sentenced to 20 years in federal prison for running a massive cryptocurrency theft scheme from his mother's basement. Light broke into an investment holdings company in South Dakota in February 2022, stealing customers' personal data and cryptocurrency worth over $37 million from nearly 600 victims. The stolen cryptocurrency was then funneled to various locations throughout the world, including several mixing services and gambling websites to conceal his identity and to hide the virtual currency. Separately, the Justice Department has also charged Canadian national Andean Medjedovic, 22, for exploiting smart contract vulnerabilities in two decentralized finance crypto platforms, KyberSwap and Indexed Finance, to fraudulently obtain about $65 million from the protocols' investors between 2021 and 2023. A master's degree holder in mathematics from the University of Waterloo, Medjedovic is also alleged to have laundered the proceeds through mixers and bridge transactions in an attempt to conceal the source and ownership of the funds. Medjedovic is charged with one count of wire fraud, one count of unauthorized damage to a protected computer, one count of attempted Hobbs Act extortion, one count of money laundering conspiracy, and one count of money laundering. He faces over 30 years in prison.U.S. Lawmakers Warn Against U.K. Order for Backdoor to Apple Data After reports emerged that security officials in the U.K. have ordered Apple to create a backdoor to access any Apple user's iCloud content, U.S. Senator Ron Wyden and Member of Congress Andy Biggs have sent a letter to Tulsi Gabbard, the Director of National Intelligence, urging the U.K. to retract its order, citing it threatens the "privacy and security of both the American people and the U.S. government. "If the U.K. does not immediately reverse this dangerous effort, we urge you to reevaluate U.S.-U.K. cybersecurity arrangements and programs as well as U.S. intelligence sharing with the U.K.," they added. The purported Apple backdoor request would reportedly allow authorities to access data currently secured by Advanced Data Protection, potentially affecting users worldwide. Wyden has also released a draft version of the Global Trust in American Online Services Act that seeks to "secure Americans' communications against abusive foreign demands to weaken the security of communications services and software used by Americans." While the security experts have criticized the order, British officials have neither confirmed nor denied it. Cybersecurity WebinarsWebinar 1: From Code to Runtime: Transform Your App Security Join our webinar with Amir Kaushansky from Palo Alto Networks and see how ASPM can change your app security. Learn how to connect code details with live data to fix gaps before they become risks. Discover smart, proactive ways to protect your applications in real-time.Webinar 2: From Debt to Defense: Fix Identity Gaps Fast Join our free webinar with experts Karl Henrik Smith and Adam Boucher as they show you how to spot and close identity gaps with Okta's Secure Identity Assessment. Learn simple steps to streamline your security process, focus on key fixes, and build a stronger defense against threats.P.S. Know someone who could use these? Share it. Cybersecurity ToolsWPProbe It's a fast WordPress plugin scanner that uses REST API enumeration to stealthily detect installed plugins without brute force, scanning by querying exposed endpoints and matching them against a precompiled database of over 900 plugins. It even maps detected plugins to known vulnerabilities (CVE) and outputs results in CSV or JSON format, making your scans both speedy and less likely to trigger security defenses.BruteShark It's a powerful and user-friendly Network Forensic Analysis Tool built for security researchers and network administrators. It digs deep into PCAP files or live network captures to extract passwords, rebuild TCP sessions, map your network visually, and even convert password hashes for offline brute force testing with Hashcat. Available as a Windows GUI or a versatile CLI for Windows and Linux. Tip of the WeekSegment Your Wi-Fi Network for Better Protection In today's smart home, you likely have many connected devicesfrom laptops and smartphones to smart TVs and various IoT gadgets. When all these devices share the same WiFi network, a breach in one device could potentially put your entire network at risk. Home network segmentation helps protect you by dividing your network into separate parts, similar to how large businesses isolate sensitive information.To set this up, use your router's guest network or VLAN features to create different SSIDs, such as "Home_Private" for personal devices and "Home_IoT" for smart gadgets. Ensure each network uses strong encryption (WPA3 or WPA2) with unique passwords, and configure your router so devices on one network cannot communicate with those on another. Test your setup by connecting your devices accordingly and verifying that cross-network traffic is blocked, then periodically check your router's dashboard to keep the configuration working smoothly.ConclusionThat wraps up this week's cybersecurity news. We've covered a broad range of storiesfrom the case of a former Google engineer charged with stealing key AI secrets to hackers taking advantage of a Windows user interface flaw. We've also seen how cybercriminals are moving into new areas like AI misuse and cryptocurrency scams, while law enforcement and industry experts work hard to catch up.These headlines remind us that cyber threats come in many forms, and every day, new risks emerge that can affect everyone from large organizations to individual users. Keep an eye on these developments and take steps to protect your digital life. Thank you for joining us, and we look forward to keeping you informed next week.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Feb 17, 2025Ravie LakshmananThreat Intelligence / Cyber AttackCybersecurity researchers have shed light on a new Golang-based backdoor that uses Telegram as a mechanism for command-and-control (C2) communications.Netskope Threat Labs, which detailed the functions of the malware, described it as possibly of Russian origin."The malware is compiled in Golang and once executed it acts like a backdoor," security researcher Leandro Fres said in an analysis published last week. "Although the malware seems to still be under development it is completely functional."Once launched, the backdoor is designed to check if it's running under a specific location and using a specific name "C:\Windows\Temp\svchost.exe" and if not, it reads its own contents, writes them to that location, and creates a new process to launch the copied version and terminate itself.A notable aspect of the malware is that it uses an open-source library that offers Golang bindings for the Telegram Bot API for C2 purposes.This involves interacting with the Telegram Bot API to receive new commands originating from an actor-controlled chat. It supports four different commands, although only three of them are currently implemented -/cmd - Execute commands via PowerShell/persist - Relaunch itself under "C:\Windows\Temp\svchost.exe"/screenshot - Not implemented/selfdestruct - Delete the "C:\Windows\Temp\svchost.exe" file and terminate itselfThe output of these commands is sent back to the Telegram channel. Netskope said that the "/screenshot" command sends the message "Screenshot captured" despite it not being fully fleshed out.The Russian roots of the malware are explained by the fact that the "/cmd" instruction sends the message "Enter the command:" in Russian to the chat."The use of cloud apps presents a complex challenge to defenders and attackers are aware of it," Fres said. "Other aspects such as how easy it is to set and start the use of the app are examples of why attackers use applications like that in different phases of an attack."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Jamal (right) and Hanan Khashoggi (left) Source:&nbsp Hanan KhashoggiHanan Khashoggi, the widow of Saudi journalist Jamal Khashoggi, has called on British architects working in Saudi Arabia including Norman Foster to raise her husbands killing with Crown Prince Mohammed bin Salman Talking to the AJ from her apartment in Washington DC where she has been granted asylum since December 2023 after leaving Dubai Hanan said her husbands murder remains unsolved and pleaded with UK architects to raise the case with the countrys ruler.Speaking directly to the profession, she said: I tell the architects from the UK: Im proud that you are helping Saudi Arabia to develop, and this is what Jamal wanted, but please speak to them [Saudi Arabias ruling royal family] and remind them there is unfinished business here, which is Jamal.Khashoggi, a Washington Post journalist and legal resident of the United States, who was highly critical of Prince Mohammed, was killed inside the Saudi consulate in Istanbul in 2018. While US intelligence concluded that he was murdered on the orders of Prince Mohammed, Saudi officials claimed the journalist was killed in a rogue operation by a team of agents sent to persuade him to return to the kingdom.AdvertisementAs questions mounted in the immediate aftermath of Khashoggis death in 2018, Norman Foster temporarily stepped back from his role on the board overseeing the planning of the $500 billion NEOM project.However, just over six years later, Foster + Partners involvement in Saudi Arabia has deepened, with the practice now designing several major schemes, including a 2km-tall tower, as the AJ revealed last year, a six-runway airport, and Red Sea resorts. Source:Foster + Partners Foster + Partners design for a six-runway international airport in Riyadh, Saudi ArabiaThe practices burgeoning international workload, especially in Saudi Arabia and other parts of the Middle East, is understood to be behind its recent London expansion to office space at 50 Electric Boulevard next to Battersea Power Station.Hanan said she appreciated Fosters stance on NEOM in 2018, which showed he had the ability to tell the Crown Prince and the Saudi royal family that there is unfinished business here, and they need to finish it.Addressing the Foster + Partners founder directly, she said: Mr Foster, this case has not been closed. There is one victim still alive, which is me. She didn't receive any compensation or any official apology, they destroyed her family life. This is me.AdvertisementMr Foster, this case has not been closed. There is one victim still alive, which is meThe former Emirates Airline employee also expressed concerns over human rights in general in Saudi and warned architects not to abandon democratic freedoms and concern for human life when working in the country. According to an ITV News investigation published last year, an estimated 21,000 foreign workers have died in the Kingdom since the reform programme Saudi 2030 Vision was launched in 2016.Hanan explained: I hope UK architects carry and keep their democratic values and that they dont stop working in Saudi Arabia, because this is what Jamal wanted; he wanted better for his country, for his people. Source:ShutterstockRiyadh, Saudi ArabiaBut I want architects to remind the Crown Prince and the Saudi royal family that there is unfinished business here regarding Jamal because a horrible crime happened to an honest journalist.In December, Hanan raised her case with Keir Starmer ahead of his first visit to the kingdom as Prime Minister. This was reported in The Guardian, but she did not get a direct response from the government, Hanan told the AJ.The approach of Starmer, whose visit to the kingdom was in support of his number one mission to grow the UK economy, comes on the back of attempts by the former Conservative deputy prime minister Oliver Dowden (pictured below) to strengthen UK-Saudi business ties.I want architects to remind the Crown Prince and the Saudi royal family that there is unfinished business here regarding JamalHowever, in May last year, Dowden was also said to have raised the issue of Saudi forces being told to kill to make way for the Line the flagship linear city NEOM project, set to be designed by Genslers London office. The claim, reported as part of an investigation by the BBC, has been denied by NEOM.Dozens of UK architects are understood to be currently working on 2030 Vision development projects overseen by Prince Mohammed or have previously taken part in design work. UK firms also have permanent bases in the country, or are in the process of establishing them. Source:NEOMThese include Allies and Morrison, which announced last week that it had opened offices in Jeddah to support its workload in the kingdom, including masterplanning the AlUla Saudi 2030 Vision development.Simon Gathercole, partner at Allies and Morrison, said the practice had been working in Saudi for 16 years and that the Jeddah offices will provide a base for our work in the region.He added: What makes it more interesting for us is that we will be right in the heart of this fascinating, culturally engaged community.Human rights group Amnesty International previously told the AJ that it was vital that architecture firms considering operating in Saudi Arabia are doing proper due diligence to ensure theyre not contributing to labour exploitation and other human rights abuses.The organisations head of labour rights and sport, Steve Cockburn, cautioned that the enormity of the Saudi 2030 Vision projects meant architects would inevitably rely on a huge workforce of migrant workers who face significant risks of exploitation and even death.The RIBA last year described ITV News report of 21,000 worker deaths as serious and concerning and referred to the institutions Code of Professional Conduct and Code of Practice regarding architects impact on the environment and society.Chapter 14 of the RIBA code states that members shall have proper concern and due regard for the effect that their professional activities and completed projects may have on users, the local community and society.Foster + Partners confirmed Foster was not involved on NEOM's advisory board but did not respond to the above comments when approached by the AJ.2025-02-17Gino Spocchiacomment and share