Is thereEager to get your hands on Riot Games' in-development MMO? Marc Merrill hopes to get you in before humans land on MarsGame File's Stephen Totilo questioned the Riot founder on the whens and whys of Riot's far out project.Image credit: Riot Games News by Connor Makar Staff Writer Published on Feb. 19, 2025 Riot Game's Co-Founder Marc Merrill has sat down and answered a few questions about the company's in-development Runeterra MMO during this year's DICE Summit. Sitting down with Game File's Stephen Totilo who published the interview, Merrill jokingly remarked that he hopes the game comes out before we go to Mars. If you're excited for this game, you may want to hunker down for a while.Merill also answered a question on why the company is making an MMO in the first place. MMOs are infamously hard to make. They take a long time, a lot of money, and more often than not break themselves upon the rocks of pre-established giants in the genre. Especially today, when players are locking themselves down to a selection of old-faithfuls, it's a perilous venture. To see this content please enable targeting cookies. Merrill responded with the following (though the full quote can be seen by subscribing to The Game File), "I can go through all the laundry list of why its hard, but, you know, I think Riot's exactly the type of company that should go after those types of opportunities, if were trying to make it better for the player."Merrill continues, And with the League IP, we've been investing so much for so long, over time, sort of growing this world and adding dimensions. People want to run around the world of Runeterra. And so we want to help them do that, in ways that are worth it and meaningful to them.It's true that the story of Riot Games over the past few years has been a gigantic push across the entirety of its Runeterra roster of games to expand and enhance the IP as a whole. Arcane proved itself to be a particularly powerful component to this, bringing waves of new people to the IP. League of Legends has recently attempted to capatalize on this increased interest, releasing a new season themed around Noxus (where a future animated series will take place) and having Arcane animation studio Fortiche create a dedicated cinematic trailer for it linking the game back to the Netflix series.As for the MMO, we still aren't entirely clear on how far along it is - though Merrill's statement above indicates it's still very far out from a full release. Back in 2023 Greg Street stepped down from an executive producer role on the game and left to work on a totally different MMO over at Fantastic Pixel Castle.When do you think the Riot MMO will eventually come out? Let us know below!

Subscribe to Nintendo Life on YouTube796kAnnapurna Interactive has announced that its first digital showcase of the year (the creatively titled 'Annapurna Interactive Showcase') will be streamed on YouTube next week, providing a peek at the company's release schedule for 2025.Arriving on 24th February at 9am PT / 12pm ET / 5pm GMT / 6pm CET, the showcase will run for approximately 30 minutes and promises to give us updates on the likes of Wanderstop, Skin Deep, Wheel World, Faraway, Lushfoil, To a T, Morsels and some "surprises".It's true, of the games that the studio has specified so far, only Morsels is currently slated to come to Switch you might remember it from the August 2024 Indie World Showcase accompanied by a "February 2025" release window so don't expect it to leave with an eShop wishlist full of upcoming titles.Subscribe to Nintendo Life on YouTube796kWatch on YouTube That said, Annapurna Interactive has provided strong support to the Nintendo hybrid over the last eight years, so there's every chance that the other indies will make their way over to Switch 2 somewhere down the line. At least, we hope they do.And hey, let's keep an open mind here. The majority of Annapurna's release schedule might not be heading to Switch for the time being, but next week's showcase could push a couple of them in our direction. And if not, developer Furcula's Morsels looks like the kind of action roguelike that we can see gobbling up a bunch of our time, so it will be good to hear a firm release date for that.This will be the first we've really heard from Annapurna Interactive since all of its staff resigned last year following a dispute with company owner Megan Ellison. Last month, we heard that the former workforce had formed a new studio and was taking on Private Division's portfolio in the process. Entire workforce followed executive departureFollowing last year's walk-outWill you be tuning in for this one next week? Let us know in the comments.Related GamesSee AlsoShare:01 Jim came to Nintendo Life in 2022 and, despite his insistence that The Minish Cap is the best Zelda game and his unwavering love for the Star Wars prequels (yes, really), he has continued to write news and features on the site ever since. Hold on there, you need to login to post a comment...Related ArticlesNintendo Is Discontinuing Gold Points, One Of The Switch's Best IncentivesNoooo, don't do it!Toby Fox Shares Development Update On Deltarune Chapter 3 And 4"Still console testing"Sonic Racing: CrossWorlds Adds Characters From "SEGA Universes"Update: IGN has an exclusive preview upHollow Knight: Silksong Briefly Vanishes From US Switch eShop, But It's Back NowUpdate: Restored after a few hoursMetroid Prime First 4 Figures 'Samus Phazon Suit' Sneak Peek, Pre-Orders Open SoonUpdate: Here's a teaser of the light-up collector's edition

U.S. cybersecurity giant Palo Alto Networks has warned that hackers are exploiting another vulnerability in its firewall software to break into unpatched customer networks.Attackers are exploiting a recently disclosed vulnerability in PAN-OS, the operating system that runs Palo Alto Networks firewalls, the California-based company confirmed on Tuesday.Cybersecurity firm Assetnote first discovered the vulnerability, tracked as CVE-2025-0108, earlier this month while analyzing two earlier Palo Alto firewall vulnerabilities that had been used in earlier attacks.Palo Alto Networks released an advisory on the same day and urged customers to urgently patch against the latest bug. The company updated its advisory on Tuesday to warn that the vulnerability is under active attack. The company said malicious attackers are chaining the vulnerability with two previously disclosed flaws CVE-2024-9474 and CVE-2025-0111 to target unpatched and unsecured PAN-OS web management interfaces.CVE-2024-9474 has been exploited in attacks since November 2024, we previously reported.Palo Alto Networks hasnt explained how the three vulnerabilities are being chained together by hackers, but noted that the complexity of the attack is low.The scale of the exploitation is not yet known, but threat intelligence startup GreyNoise said in a blog post on Tuesday that it has observed 25 IP addresses actively exploiting the PAN-OS vulnerability, up from two IP addresses on February 13, suggesting an uptick in exploitation activity. The exploitation attempts have been flagged by GreyNoise as malicious, suggesting that threat actors are behind the exploitation rather than security researchers.This high-severity flaw allows unauthenticated attackers to execute specific PHP scripts, potentially leading to unauthorized access to vulnerable systems, GreyNoise said.GreyNoise says it has observed the highest levels of attack traffic in the U.S., Germany, and the Netherlands.Its not known who is behind these attacks, or whether any sensitive data has been stolen from customers networks. Palo Alto Networks did not immediately respond to TechCrunchs questions.CISA, the U.S. governments cybersecurity agency, added the latest Palo Alto bug to its publicly listed Known Exploited Vulnerabilities (KEV) catalog on Tuesday.

Creating corporate training videos for software is a time-consuming ordeal, especially if youre an organization with a lot of software licenses. Training videos can help get employees up to speed, but theyre a big lift. They often take entire teams to produce.Tel Aviv-based entrepreneur Yoav Einav thought there might be an alternative, cheaper way to create software training videos. So he teamed up with a friend, Dan Sahar, to try to build it. In 2020, their project became a startup: Guidde.Guidde uses AI to automatically create video clips that instruct viewers on how to use different applications. It works by capturing a users in-app activity, and then transforming the recording into a video with a storyline.Guidde-created videos can optionally feature an AI-generated voice in a desired language, background music, and tags that highlight key aspects of a software apps functionality. Guidde also offers basic video editing tools with effects such as motion transitions, frame timing adjustment, and cropping. Guiddes platform lets users create and customize corporate training videos for applications.Image Credits:GuiddeYou might be wondering: Do people actually watch training videos? Its a fair question. Accordingto a 2019 Kultura survey, 67% of employees admit to not giving in-house training videos their full attention, instead skimming the videos or listening to them while doing something else.Einav thinks its a two-pronged issue. Often, he said, training videos arent very compelling the production quality isnt particularly high. On top of that, the videos tend to be buried in tough-to-navigate interfaces.Thats why, in recent months, Guidde has dipped a toe into video recommendations, launching a feature called Guidde Broadcast that delivers personalized content to a companys staff. Einav described it as a Netflix for organizations a way to drive software engagement by providing contextual, just-in-time training content within a users workflow.Guidde is on a steady positive growth trajectory, according to Einav, having increased revenue by four times in the last 12 months. The companys platform now serves over 100,000 users across 2,000 organizations, including American Eagle Outfitters, Carta, and Nasdaq.Guiddes tools tap AI to automate certain aspects of the video production and publishing process.Image Credits:GuiddeThis month, 35-employee Guidde secured $15 million in new funding in a round led by Qualcomm Ventures. Bringing the startups total raised to $30 million, the new cash will be used to expand Guiddes localization tools, enterprise sales and customer success teams, and global market presence, Einav said.We have been able to weather the storm so far, and continue to take a conservative and humble approach to our finances a strategy that has proven effective so far, he added. We believe that the future lies in a solution that seamlessly combines creation and delivery of highly engaging AI-driven and video-first content. Our goal is to lead this emerging category and set the standard for intelligent, immersive content experiences.

Movie & Games Trailers13 Jours, 13 NuitsBy Vincent Frei - 19/02/2025 From the director behind Eiffel and The Three Musketeers comes a new, heart-pounding drama. 13 Jours, 13 Nuits plunges you into the turmoil of Kabul on August 15, 2021, where Commander Mohamed Bida stands guard as the Taliban take control!The VFX are made by:BUFThe Production VFX Supervisor is Olivier Cauwet.The Production VFX Producer is Camille Gibrat.Director: Martin BourboulonRelease Date: 2025 (France) Vincent Frei The Art of VFX 2025

Painting the FloorRebekka Stanges Rkki Rugs take center stageByElizabeth Fazzare February 19, 2025Design, International (Rebekka Stange)SHAREAs a costume designer, Berlin-based talent Rebekka Stange knows fibers like the back of her hand, having created garments for theater and opera productions in France, Germany, the Netherlands, and Switzerland and for films by directors like Francis Lawrence and Roland Emmerich. Her latest venture allows her to explore their relationship to interior space. Officially launched in 2022 after a successful presentation during Salone del Mobile, her new company,Rkki Rugs, offers handmade Tibetan loop knotted carpets, designed with Stanges well-trained eye for hue, material, and detail. Dyed, woven, and finished in collaboration with artisans in Kathmandu, Nepal, that she met during a scouting trip in early 2020, Rkkis output is the result of a meticulous manufacturing process. But, from her studio in Germany, Stange approaches each rug like a work of art.Read more about the rugs on aninteriormag.com. rugs

The Afterglow and Catch of the Day. All images courtesy of Adrienna Matzeg and Tacit Collective, shared with permissionAdrienna Matzegs Punch Needle Embroideries Conjure Nostalgic Summer Road TripsFebruary 19, 2025ArtCraftKate MothesNo matter where the map directs you, a road trip usually conjures some key elements that make it unique from any other kind of journey. Think quirky roadside attractions, diners, spontaneous snack stops, scenic views, national parksthe list goes on!For Adrienna Matzeg, summertime trips inspire a new series of punch needle embroidery works (previously) in a collection titled The Scenic Route, now available through Tacit Collective.Lick-A-TreatThe Toronto-based artist merges her interests in photography, textiles, and design to create vibrant, narrative embroidery compositions. Through reducing the subject matter in her work to simplified colours, shapes, and fragments, she explores how we recall memories, with a specific interest in travel destinations and souvenirs, says a gallery statement.In works like Catch of the Day, Matzeg evokes the timeless experience of a pint of brew and a gingham-lined basket of freshly battered fish. Lighthouse Route captures a scenic byway sign, and in The Afterglow, a grocery store sign advertises summer vacation staples like ice cream cones and pizza by the slice.Pieces in The Scenic Routehint at simple joys, brief pauses, and the fading light of day, evoking in-between experiences that may seem ordinary enough at the moment but linger in the memory long after summer ends.Explore more on the artists website and Instagram.Catch of the DayDetail of Lick-A-TreatOpenDetail of The AfterglowLighthouse RouteAt the LookoffDetail of At the LookoffNext article

Recommended Published February 19, 2025 6:00am EST close 'CyberGuy': Humanoid robots bust dance moves alongside humans Unitree H1 robots dance at gala, blending AI and tradition. Tech expert Kurt Knutsson examines the convergence of cutting-edge technology and traditional culture. In a stunning display of technological prowess and cultural fusion, Unitree's H1 humanoid robots recently stole the show at China's Spring Festival Gala, performing alongside human dancers in a mesmerizing rendition of the traditional Yangge folk dance. This groundbreaking performance marks a significant milestone in the world of robotics and entertainment. H1 humanoid robots dancing (Unitree Robotics) (Kurt "CyberGuy" Knutsson)A dance of man and machineThe performance featured 16H1 robots, each standing at an impressive 5.74 feet tall, seamlessly integrated with a troupe of human dancers. What set this performance apart was not just the robots' ability to keep pace with the music and their human counterparts but their mastery of a particularly challenging aspect of the Yangge dance: the handkerchief trick. H1 humanoid robots dancing (Unitree Robotics) (Kurt "CyberGuy" Knutsson)The handkerchief trick: A testament to precisionThe robots demonstrated remarkable dexterity by spinning, throwing and catching handkerchiefs in motion, a feat that typically requires extensive practice for human performers. This display of fine motor control and timing showcased the advanced capabilities of Unitree's AI-driven full-body motion control technology. H1 humanoid robots dancing (Unitree Robotics) (Kurt "CyberGuy" Knutsson)Behind the scenes: AI and lidar in actionThe dance routine was a preset performance based on data from real dancers. Unitree employed whole-body AI motion control to ensure synchronization between the robots, while lidar scans of the environment allowed for real-time adjustments to unscripted events. H1 humanoid robots dancing (Unitree Robotics) (Kurt "CyberGuy" Knutsson)A global audienceThe performance was part of the annual Spring Festival Gala, recognized by Guinness World Records as the most-watched annual TV program globally. Directed by acclaimed filmmaker Zhang Yimou, the robot dance segment reached an estimated audience of over a billion viewers. H1 humanoid robots dancing (Unitree Robotics) (Kurt "CyberGuy" Knutsson)The future of humanoid robotsThis performance represents significant progress for Unitree, which has been steadily improving its robotic offerings. The company's product line includes the more affordable G1 humanoid robot and various quadruped "robot dogs." With the global demand for humanoid robots projected to reach $38 billion by 2035, according to Goldman Sachs, Unitree is positioning itself at the forefront of this burgeoning industry. The company anticipates seeing its robots engaged in more commercial applications within the next three to five years. H1 humanoid robots dancing (Unitree Robotics) (Kurt "CyberGuy" Knutsson)Kurts key takeawaysThe Unitree H1 robots' performance at the Spring Festival Gala is a fascinating convergence of cutting-edge technology and traditional culture. As these machines continue to evolve, we may see them playing increasingly significant roles in various sectors, from entertainment to industry. While the idea of "Terminator-style" robots taking over might still be the stuff of science fiction, the rapid advancements in robotics certainly give us pause for thought about the future relationship between humans and machines.Would you want to see a performance with humans and humanoid robots dancing, or do you prefer traditional human-only performances?Let us know by writing us atCyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading toCyberguy.com/Newsletter.Follow Kurt on his social channels:Answers to the most-asked CyberGuy questions:New from Kurt:Copyright 2025 CyberGuy.com.All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurts free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Despite investor scepticism, prominent quantum computing stocks have seen a notable rise at the beginning of 2025. Even prominent tech leaders like Jensen Huang and Mark Zuckerberg stating the field wont be profitable hasnt stopped investors and the wider public from being excited.In cyber security, however, quantum computing offers both unprecedented capabilities and significant threats, making it a double-edged sword that demands careful navigation. Just as white hat hackers can use it to bolster defences, their malicious counterparts might be able to supercharge their efforts, too.But how do we grapple with this quantum quandary? Thats exactly what well tackle in this article, as we must collectively ensure they are not blindsided by the risks while leveraging its advantages.Due to the presence of qubits, quantum systems can perform multiple calculations simultaneously, exponentially increasing computational power for specific tasks.For cyber security, we already know this means quantum computers could break widely used encryption methods, particularly those relying on factoring large prime numbers, such as RSA and ECC.These encryption standards form the backbone of secure online communication, financial transactions, and digital identity verification.The versatility of quantum computing goes beyond cracking encryption. Its computational power could revolutionise cyber security applications by improving pattern recognition, anomaly detection and optimisation algorithms. Tasks that once took days or months to process could be executed within minutes, drastically reducing response times to potential threats.Classical cryptography, based on mathematical problems too complex for current computers to solve within a practical timeframe, faces obsolescence in the quantum era. Shors algorithm, a quantum computing method, can efficiently factorise large integers, undermining RSA encryptions security.Just for comparison, in the context of Shors algorithm:A traditional computer might need trillions of years to crack a 2,048-bit RSA key.A quantum computer would need hours, if not days, to perform the same action.Similarly, elliptic curve cryptography(ECC), celebrated for its efficiency, is vulnerable to the same algorithm. This vulnerability jeopardises everything from personal data protection to national security.Hence, experts fear that hackers equipped with quantum capabilities could decrypt intercepted communications, exposing sensitive corporate or governmental information. And we all know how hard it is for politicians to adapt to modern tech.Even data encrypted today could be at risk due to the harvest now, decrypt later strategy, where adversaries collect encrypted data now, anticipating quantum decryption in the future. The implications extend to industries like banking, healthcare and energy, where secure communication is paramount.Its not all doom and gloom, as quantum computing offers plenty of tools to counter these threats. Quantum Key Distribution (QKD), for instance, uses quantum mechanics to establish secure communication channels. As a result, any attempt to eavesdrop on quantum-transmitted keys would alter their state, immediately alerting both parties to the intrusion.In addition to QKD, quantum random number generation (QRNG) is another promising application. Unlike classical methods, which rely on algorithms that could be predicted or replicated, QRNG leverages the inherent unpredictability of quantum processes to create genuinely random sequences. This strengthens cryptographic protocols, making them more resistant to attacks.Last, but most certainly not least, quantum-enhanced machine learning could also aid in identifying and mitigating cyber threats. If the current applications of ML seem daunting, think of what quantum ML can do by analysing vast datasets more efficiently than classical systems. Quantum algorithms could detect subtle patterns indicative of an attack, enabling earlier intervention.The cyber security industry is not waiting passively for the quantum threat to materialise. Post-quantum cryptography(PQC) aims to develop encryption algorithms resistant to both classical and quantum attacks.Standards bodies like the National Institute of Standards and Technology (NIST) are already advancing PQC algorithms, with several candidates already released or in the final stages of evaluation.Despite the apparent defensive potential, transitioning to PQC involves significant logistical challenges. Organisations must inventory their cryptographic assets, evaluate quantum risks and implement new algorithms across their systems.For industries like finance and healthcare, where data sensitivity is paramount, the transition timeline could stretch into years, requiring immediate action to stay ahead of quantum advancements.The degree of difficulty gets even higher if legacy systems are being relied upon, as backwards compatibility in a quantum context isnt something developers of old thought about.Likewise, PQC adoption requires extensive testing to ensure compatibility with existing systems and resilience against emerging threats. This, unfortunately, means allocating additional resources to train personnel, upgrade infrastructure and maintain compliance with evolving regulatory requirements.Weve spent a lot of time discussing how quantum computing can aid in defending our data, but white hat hackers and red teams arent the only ones interested in these advancements.Nation states and cyber crime conglomerates with nine-figure sums to spend will certainly finance the R&D of offensive tools, which can pose problems for everyone from governments to small businesses.In particular, sophisticated attacks, such as quantum-enhanced phishing or cracking biometric data, could exploit quantum-powered pattern recognition to unprecedented degrees. These capabilities pose a direct threat to authentication mechanisms, access controls and user trust.Overnight, staples like QR codes and various forms of MFA will become easily corruptible due to the sheer computing power at the criminals disposal. Widely used for payments and authentication, they may require updates or complete overhauls to resist quantum-generated attacks.Even the seemingly simple act of scanning a QR code could become a security risk if quantum-powered adversaries exploit flaws in code generation or scanning software.Despite claims that quantum computing will become feasible or profitable in several decades, we must still prepare for that inevitable moment.Governments and regulatory bodies are beginning to address the quantum challenge. Investments in quantum research and the establishment of frameworks for quantum-safe technologies are gaining momentum.For businesses, aligning with these initiatives is critical to ensure compliance and leverage state-of-the-art defences. Will cyber security become more expensive? Inevitably. But at the same time, there will be many more incidents than the 2,200 a day companies experienced in 2024.Moreover, collaboration between the public and private sectors will play a pivotal role in quantum readiness. Sharing threat intelligence, standardising best practices, and incentivising quantum-safe transitions will strengthen collective security.Most importantly, governments must invest in building a robust quantum infrastructure to ensure that technological advantages are not monopolised by adversaries.But how will we be able to balance between protectionism and benefiting the human race as a whole? Well find out sooner or later, thats for sure.Quantum computing is no longer a distant possibility, but an imminent reality. Organisations of all sizes must adopt a proactive stance, integrating quantum risk assessments into their cyber security strategies. In particular, we must collectively focus on:Education and awareness: IT and cyber security teams must receive the right education on quantum concepts and their implications. Building in-house expertise will be critical to navigating the complexities of quantum integration.Cryptographic inventory: This means mapping current cryptographic use to identify vulnerable assets. It allows organisations to prioritise upgrades where they are most needed.Adopting PQC: Currently, the best option is to transition to NIST-approved post-quantum algorithms. Early adoption minimises the risk of falling behind competitors or compliance requirements.Testing quantum services: In addition, its up to organisations to pilot technologies like QKD and QRNG to evaluate their practical benefits. Testing in real-world scenarios ensures smooth integration and operational efficiency.Quantum computings dual potential in cyber security as a tool for both defence and attack requires a balanced approach. While its threats to traditional encryption are undeniable, its innovations also promise stronger, more resilient defences.Organisations that act now to understand and prepare for the quantum era will not only safeguard their assets, but position themselves as leaders in a rapidly evolving technological landscape.Otherwise, no ones data will be safe, and well have no way of keeping up with the computing power at the hackers disposal.Read more about quantum securityOne of the biggest fears about quantum computing is its ability to easily break current encryption algorithms. Learn why and how to start making quantum security preparations.An emerging approach to quantum security dubbed blind quantum computing may one day help spur mass adoption of quantum computing safely and securely, using technology that is already available today.Experts at the Singapore FinTech Festival predict quantum computing will improve risk management, investment strategies and fraud detection in the financial sector, while also posing new challenges for data security.

Russia-backed hacking groups have developed techniques to compromise encrypted messaging services, including Signal, WhatsApp and Telegram, placing journalists, politicians and activists of interest to the Russian intelligence service at potential risk.Google Threat Intelligence Group disclosed today that Russia-backed hackers had stepped up attacks on Signal Messenger accounts to access sensitive government and military communications relating to the war in Ukraine.Analysts predict it is only a matter of time before Russia starts deploying hacking techniques against non-military Signal users and users of other encrypted messaging services, including WhatsApp and Telegram.Dan Black, manager of cyber espionage analysis at Google Clouds Mandiant division, said he would be absolutely shocked if he did not see attacks against Signal expand beyond the war in Ukraine and to other encrypted messaging platforms.He said Russia was frequently a first mover in cyber attacks, and that it would only be a matter of time before other countries, such as Iran, China and North Korea, were using exploits to attack the encrypted messages of subjects of intelligence interest.The warning follows disclosures that Russian intelligence created a spoof website for the Davos World Economic Forum in January 2025 to surreptitiously attempt to gain access to WhatsApp accounts used by Ukrainian government officials, diplomats and a former investigative journalist at Bellingcat.Russia-backed hackers are attempting to compromise Signals linked devices capability, which allows Signal users to link their messaging account to multiple devices, including phones and laptops, using a quick response (QR) code.Google threat analysts report that Russia-linked threat actors have developed malicious QR codes that, when scanned, will give the threat actor real-time access to the victims messages without having to compromise the victims phone or computer.In one case, according to Black, a compromised Signal account led Russia to launch an artillery strike against a Ukrainian army brigade, resulting in a number of casualties.Russia-backed groups have been observed disguising malicious codes as invites for Signal group discussions or as legitimate device pairing instructions from the Signal website.In some targeted spear phishing attacks, Russia-linked hackers have also embedded malicious QR codes in phishing websites designed to mimic specialist applications used by victims of the attack.The Russia-linked Sandworm group, also known as APT44, which is linked to the General Staff of the Armed Forces of the Russian Federation, has worked with Russian military forces in Ukraine to compromise Signal accounts on phones and computers captured on the battlefield.Googles Mandiant researchers identified a Russian language website giving instructions to Russian speakers on how to pair Signal or Telegram accounts with infrastructure controlled by APT44.The extrapolation is that this is being provisioned to Russian forces to be able to deploy captured devices on the battlefield and send back the communications to the GRU to be exploited, Black told Computer Weekly.Russia is believed to have fed the intercepted Signal communications back to a data lake to analyse the content of large numbers of Signal communications for battlefield intelligence.The attacks, which are based on exploiting Signals device linking capability, are difficult to detect and when successful there is a high risk that compromised Signal accounts can go unnoticed for a long time.Google has identified another cluster of Russia-backed attackers, known as UNC5792, that has used modified versions of legitimate Signal group invite pages which link the victims Signal account to a device controlled by the hacking group, enabling the group to read and access the targets Signal messages.Other Russia-linked threat actors have developed a Signal phishing kit designed to mimic components of the Kropyva artillery guidance software used by the Ukrainian military. The hacking group, known as UNC4221, previously used malicious web pages designed to mimic legitimate security alerts from Signal.The group has also used a lightweight JavaScript payload, known as Pinpoint, to collect basic user information and geolocation data from web browsers.Google has warned that the combination of access to secure messages and location data of victims are likely to be used to underpin targeted surveillance operations or to support conventional military operations in Ukraine.Google also warned that multiple threat actors have been observed using exploits to steal Signal database files from compromised Android and Windows devices.In 2023, the UKs National Cyber Security Centre and the Security Service of Ukraine warned that the Sandworm hacking group had deployed Android malware, known as Infamous Chisel, to search for messaging applications, including Signal, on Android devices.The malware is able to scan infected devices for WhatsApp messages, Discord messages, geolocation information and other data of interest to Russian intelligence. It is able to identify Signal and other messages and package them in unencrypted form for exfiltration.APT44 operates a lightweight Windows batch script, known as WaveSign, to periodically query signal messages from a victims Signal database and to exfiltrate the most recent messages.Russian threat actor Turla, which has been attributed by the US and the UK to the Russian Federal Security Service, has used a lightweight Powershell script to exfiltrate Signal desktop messages.And in Belarus, an ally of Russia, a hacking group designated as UNC1151 has used a command-line utility, known as Robocopy, to line up the contents of file directories used by Signal desktop to store messages and attachments for later exfiltration.Google has warned that attempts by multiple threat actors to target Signal serve as a warning for the growing threat to secure messaging services and that attacks are certain to intensify in the near-term future.There appears to be a clear and growing demand for offensive cyber capabilities that can be used to monitor the sensitive communications of individuals who rely on secure messaging applications to safeguard their online activity, it said.Users of encrypted communications are not just at risk from phishing and malware attacks, but also from the capability of threat actors to secure access to a targets device for example, by breaking the password.Black said it was insidious that Russian attackers were using a legitimate function in Signal to gain access to confidential communications, rather than compromising victims phones or breaking the encryption of the app.A lot of audiences who are using signal to have sensitive communications need to think about the risk of pairing their device to a second device, he said.Russia-aligned groups have also targeted other widely used messaging platforms, including Signal and Telegram.A Russian hacking group linked to Russias FSB intelligence service, known variously as Coldriver, Seaborgium, Callisto and Star Blizzard, shifted its tactics in late 2024 to launch social engineering attacks on people using WhatsApp encrypted messaging.The group targets MPs, people involved in governments or diplomacy, research and defence policy, and organisations or individuals supporting Ukraine.As exposed by Computer Weekly in 2022, Star Blizzard previously hacked, compromised and leaked emails and documents belonging to a former head of MI6, alongside other members of a secretive right-wing network devoted to campaigning for an extreme hard Brexit.Scottish National Party MP Stewart McDonald was another victim of the group. Left wing Freelance journalist Paul Mason, who has frequently criticised Putins war against Ukraine, was also targeted by the group and his emails leaked to the Greyzone, a pro-Russian publication in the US.Academics from the universities of Bristol, Cambridge and Edinburgh, including the late Ross Anderson, professor of security engineering, first published researched in 2023 warning that the desktop versions of Signal and WhatsApp could be compromised if accessed by a border guard or an intimate partner, enabling them to read all future messages.Signal has taken steps to improve the security of its pairing function to alert users to possible attempts to gain access to their accounts through social engineering tactics, following Googles findings.Josh Lund, senior technologist at Signal, said the organisation had introduced a number of updates to mitigate potential social engineering and phishing attacks before it was approached by Google.Google Threat Intelligence Group provided us with additional information, and we introduced further improvements based on their feedback. We are grateful for their help and close collaboration, he told Computer Weekly.Signal has since made further improvements, including overhauling the interface to provide additional alerts when someone links a new device.It has also introduced additional authentication steps to prevent anyone other than the owner of the primary device from adding a new linked device.When any new device is linked to a Signal account, the primary device will automatically receive a notification, allowing users to quickly review and remove any unknown or unwanted linked devices.Dan Black advised people the Signal app to think carefully before accepting links to group chats.If its a contact you know, just create the group yourself directly. Dont use external links to do things that you can do directly using the messaging applications features, he said.Read more about Russian attacks on Signal on Dan Blacks blog post.Countermeasures to protect encrypted communicationsEnable screen lock on all mobile devices using a long, complex password with a mix of uppercase and lowercase letters, numbers, and symbols.Install operating system updates as soon as possible and always use the latest version of Signal and other messaging apps.Ensure Google Play Protect is enabled. Google Play Protect checks apps and devices for harmful behavior and can warn users or block known malicious apps.Audit linked devices regularly for unauthorised devices by navigating to the "Linked devices" section in the applications settings.Exercise caution when interacting with QR codes and web resources purporting to be software updates, group invites, or other notifications that appear legitimate and urge immediate action.If available, use two-factor authentication such as fingerprint, facial recognition, a security key, or a one-time code to verify when your account is logged into or linked to a new device.iPhone users concerned about targeted surveillance or espionage activity should consider enabling Lockdown Mode to reduce their attack surface.Source: Google Threat Intelligence Group