Years ago, a mentor told me that the most important part of any story is surprise. A few years later, a writer I deeply respect wrote that perhaps the difference between good and great writing is technique, though even that was probably not as important as conviction. But what keeps us invested in a story is curiosity, the gap between what we know and what we want to know, the questions that drive us. Combine all three, and you tend to create something special. Each and every one of us has played a game that grabbed us from the jump, that connected with us in some unexpected way. A game that surprised us. Whose belief in itself was obvious from the first frame. That made us want to explore. I have played a lot of video games, friends, and that feeling is increasingly rare for me, especially in the AAA space. So when I tell you that Clair Obscur: Expedition 33 grabbed me by the throat from the jump and didnt let go for a single second of the three-and-a-half-hour demo I played, twice, believe me when I tell you thats some powerful magic.If youre unfamiliar, Clair Obscur: Expedition 33 has a pretty fascinating setup. See, theres this being called the Paintress, and every year, she paints a new number. When she does, every person of that age dies. Poof. Vanishes. Turns to dust. Do not pass go, do not collect $200. And the thing is, shes counting down. Every year, the people dying get younger. So every year, the people of Lumire send a volunteer Expedition of people with one year left to live on a desperate, impossible, doomed mission: go to The Continent across the sea and kill the Paintress so she can never paint death again.Clair Obscur: Expedition 33 - March 2025 ScreenshotsExpeditions have been going on for a while now; youll find journals from Expedition 84, so if you can do the math in your head, youll get how desperate this whole thing is and how young (but still older than the average RPG protagonist) your characters are.Things get weirder once your crew lands on The Continent. They almost immediately run into an old man who nearly dispatches the whole Expedition single-handedly. You play as Gustave, one of the survivors: traumatized and alone, walking through countless corpses from other expeditions and his own. Hes about to shoot himself when hes found by Lune, another member of the Expedition. Shes not blind to reality (theyre probably both going to die), but Expedition members swear an oath: When one falls, we continue. As long as one of them stands, their fight isnt over.PlayLune and Gustave clearly care about each other, but they dont always get along. When they find an unsigned message indicating another member of Expedition 33, Maelle, might be alive, Gustave wants to drop everything and try to save her and then get out of Dodge; Lune is worried that the whole thing is a trap. Expedition members are always supposed to sign their messages. At one point, later on, Lune asks Gustave if hes a coward because he just wants to get Maelle and get out. Hes not; hes just dealing with watching almost everyone he knows die. And Lune? Shes the one that said they should land on that beach in the first place. Neither one of them has it easy. These characters are adults, and theyre written like it. They dont always agree; theyre dealing with guilt and loss and trauma, and theyre not always kind to one another in the heat of the moment. But they care about each other. And at the end of that exchange, once theyve calmed down, they share a laugh. Compelling characters are complex and flawed, and Expedition 33 seems to understand that.Compelling characters are complex and flawed, and Expedition 33 seems to understand that.Even if they werent, Expedition 33 could probably skate by on the world. My demo was fairly linear: there were branching paths with hidden grapple points, platforming, goodies and secrets to find, and tough optional enemies to take on, but this isnt an open-world game. And its better for it. Expedition 33 reminds me of Final Fantasy X; these environments may be linear, but theyre gorgeous, whether youre standing atop a hill looking at the Indigo Tree or both underwater and somehow not, Expedition 33 is a visual feast and I stopped in every environment I entered to marvel at the beauty and composition on display. Theres even a world map you traverse to get from place to place, like the RPGs of old.PlayWhat really hooked me, however, was the combat. Clair Obscur may be turn-based, but its not a DVD menu. Theres a lot of depth here. Every character has a melee and ranged attack, the latter of which must be aimed manually. Melee attacks build AP and ranged attacks spend it. Youll also need AP for Skills, unique attacks that each character has in their arsenal. And on top of that, each character has a particular attribute. Gustave can use certain skills to build up stacks of Overcharge, which he can spend to cash out for a devastating attack; Lunes spells grant elemental Stains that can supercharge her other spells for additional effects and damage; and my favorite, Maelle (you do rescue her; this is not a spoiler. Shes in Clair Obscurs trailers), can switch between three different stances offering buffs to attack, AP generation, and defense. Managing your AP, setting up a big combo, and planning ahead matters; like FFX, the turn order is displayed on the left side of the screen, so you can plan every turn in advance, but strategy is only half the battle.Clair Obscur: Expedition 33Sandfall Interactive Apr 24, 2025The other half is moment-to-moment execution. You dont just choose an option and wait for a canned animation to play out. When an enemy attacks you, you can dodge, parry, or jump to avoid it. Dodging avoids attacks while parrying nets you a potentially huge counter-attack and awards AP, but has a tighter window. Sometimes, the only way out is to jump over something. Sure, you can engage in the time-honored tradition of blocking with your face, but the harder fights are gonna force you to engage with these defensive mechanics. And if you parry an attack that hits your whole squad? All of them strike back in a beautifully choreographed counterattack that never gets old.Clair Obscur: Expedition 33 screenshotsEarly on, I ran into a very powerful enemy who could kill my characters in a single hit. But the thing was, he had to hit me. If I could parry him, I could win. It took me a couple tries on my first run (he had a tricky attack that forced me to parry or dodge twice in a row), but once I figured out I could parry the first hit and dodge the second, I managed to take him down.Then theres the backend stuff called Pictos and Luminas. You can equip up to three Pictos to any character, which provide buffs like shooting this enemy might light them on fire or attacks do more damage or killing an enemy grants more AP as well as stat upgrades. Win enough battles with a Picto equipped, and you can have everyone equip its effects, minus the stat bonuses, provided they have the required points. And this is where you can do some really degenerate stuff. Sure, Maelle has a skill that puts her in Virtuose stance (where she does 200% damage) if she uses it while the enemy is burning. Normally, youd have to have somebody use another skill to set this up, but what if you give Gustave and Lune a Lumina that means their ranged attacks are likely to set enemies on fire? Or maybe you equip a Picto that cranks up your Base Attack damage or that awards more AP for nailing a parry, allowing you to stay on the offensive longer than youd normally be able to. Then youre cooking with gas.PlayCombine all that and battles offer a lot of interesting choices. Does this character dodge or do you risk more to try to land that parry? If someones low on health, do you spend an item or AP to bring them back up, or do you bet it all on dodging or parrying the next attack? How do you level up your characters? Who gets what skill as a Picto so they can stack the right stats and they dont have to spend Lumina points to get that effect? And on and on it goes.Expedition 33 is constantly finding new ways to make itself interesting.And through it all, Expedition 33 is constantly finding new ways to make itself interesting. Whats a Gestral, and why is Lune obsessed with them? Who is the Paintress, and what does she want? Why is the world the way that it is? Are all these beings actually hostile? Some of them seem pretty friendly, and you have the option to fight them or leave them alone. Whats the deal with that old man? How does any of this stuff work? In my demo, Clair Obscur: Expedition 33 didnt stop to explain itself, and I appreciated that. It trusted me to figure stuff out, and I was more invested in what was going on as a result. Most importantly, I could never predict what would happen next. By the time Thank you for playing came up on my screen at the end of my demo, I was thoroughly hooked. On my second runthrough, I found even more hidden areas, and laid the smackdown on one of the optional fights that had flummoxed me the first time around.PlayWhen my time Clair Obscur: Expedition 33 was up, I wasnt ready to stop. I wanted to fight more battles, learn more about the world, and spend more time with these characters. Sandfall Interactive is a new studio, but youd never know this was their first game from playing it. Surprise. Conviction. Curiosity. Clair Obscur: Expedition 33 nails all three. It had my interest before I played it; now it has my undivided attention. If Sandfall can stick the landing, theyll have put together something remarkable.

Rise and shine. The Dawn of the Duelist is upon us with the arrival of WaylayValorants latest high-mobility Duelist hailing from Bangkok, Thailand. Here, youll learn everything you need to know to get in the game and get fragging.Waylay is a new take on an iconic subclass of Duelist. Shes also the first new space-taking Duelist since Valorants launch with Jett and Raze.We saw an opportunity in this space since its been so long since weve created a Duelist like this, explains Waylays Design Lead, June Riot Junebird Cuervo. We wanted to add some more variety to this role since we see one on basically every team, especially in Pro play.Space-taking Duelists are designed to be highly mobile in order to break chokepoints and displace enemy crosshairs. Theyre the tip of the spear for their team and create opportunities for others to follow-up and get on the plant site.Abilities RundownRefract (Signature)Waylay Refracts out of harms way after she sees Raze send a rocket her way.With Refract, Waylay instantly places a beacon of light on the floor. When she reactivates the ability, she travels back to that beacons location as a pure mote of light, invulnerable to all damage and abilities. Its essentially a safety net for Waylay, but not necessarily one for her team.With Jett, once youre on the site, youre on the site. With Raze, once youre there, you live or die. But Waylay has this backup plan. She can still break that angle, displace crosshairs, and draw attention, but also keep herself safe, Riot Junebird says about Waylays Refract ability. But once she uses that ability, nobody has to pay attention to you anymore. All eyes are back on her teammates and now they have to be the ones to continue taking that space and getting those kills.Light SpeedWaylay using her Light Speed ability to dash into Ascents B site.Light Speed allows Waylay to dash up to two times in the direction(s) of her choosing. However, only the first dash will allow you to move upwards at the same time, givingWaylay a lot of potential to take some creative spots on site.I wanted movement to be the focal point of Waylays kit, Riot Junebird adds. Raze is an example of an Agent with really expressive movement utility, but with that comes a really high mastery curve. With Waylay, I wanted to provide the same amount of skill expression but make it a little bit more accessible.SaturateCypher experiencing the Hindering debuff after being hit by Saturate.Beyond the movement, Waylay has a couple of other tools at her disposal with a throwable cluster of light called Saturate. Saturate acts as a light grenade that debuffs enemies hit in its area of effect. Enemies are affected with a new debuff called Hindering. Think of Hindering as a softer version of a Concuss that slows vertical movement and reload times as well, without the blurred vision.We felt like it was probably really out-of-line from a power budget perspective for a Duelist to have all this mobility and also a debuff as strong as a Concuss, Riot Junebird explains. But we thought there was an interesting gameplay space here where the character could have some kind of debuff that would help unlock their Duelist potential. We think that Hindering is like a softer, more appropriate debuff version of a Concuss for a Duelist.Convergent PathsWaylays Convergent Paths spreading onto the plant site and Hindering a hiding Killjoy.With Convergent Paths, Waylay focuses her prismatic power to create an afterimage of herself that projects a beam of light. After a brief delay, you gain a powerful boost of speed and the light expands, Hindering everyone in its path.Waylay is still a Duelist. The ult might make people think of initiator utility at first, but the way the ult is shaped, and the way theres that delay up frontthats the moment where the Duelist part of her still shines, Riot Junebird reveals. The delay from your afterimage casting the ultimate still gives you the window of opportunity to still be the first one out and on the site for your team.Waylay is out with the start ofValorantSeason 2025 Act 2, coming March 5. You can get in game and start grinding during her recruitment event, or unlock her instantly with an active Xbox Game Pass subscription linked to your Riot Games account. GL HF GG.VALORANTRiot Games804Get it nowXbox Game PassVALORANT is a character-based 5v5 tactical shooter set on the global stage. Outwit, outplay, and outshine your competition with tactical abilities, precise gunplay, and adaptive teamwork.DEFY THE LIMITSBlend your style and experience on a global, competitive stage. You have 13 rounds to attack and defend your side using sharp gunplay and tactical abilities. And, with one life per-round, you'll need to think faster than your opponent if you want to survive. Take on foes across Competitive and Unranked modes as well as Deathmatch and Spike Rush.CREATIVITY IS YOUR GREATEST WEAPONMore than guns and bullets, youll choose an Agent armed with adaptive, swift, and lethal abilities that create opportunities to let your gunplay shine. No two Agents play alike, just as no two highlight reels will look the same.FIGHT AROUND THE WORLDEach map is a playground to showcase your creative thinking. Purpose-built for team strategies, spectacular plays, and clutch moments. Make the play others will imitate for years to come.

The existing decorative elements of a move-in-ready home in Montanas exclusive Yellowstone Club community didnt appeal to Rebecca Loewkes clients personal style. So the Palo Alto, California, designer and founder of Rebecca Loewke Interiors was charged with working a bit of magic. She skillfully brought to life what she describes as a home with a modern mountain aesthetic that is luxurious, warm, rich in textures, and timeless. The main goal was to bring warmth, texture, and color into all the rooms, Loewke says. To ensure the space better suited her clients style, she brought in furniture from their home in California and focused on addressing elements including the window treatments, decorative lighting, bathroom flooring, cabinetry, and more. The designer was also eager to collaborate with local workrooms and vendors in Bozeman, which she describes as a vibrant design community. Back Country Carpentry served as the general contractor for smaller projects, and metalwork was done by Johnson Metal Works in Bozeman. FAST FACTSDESIGNER: Rebecca Loewke InteriorsLOCATION: Yellowstone Club, MontanaTHE SPACE: A 6,755-square-foot home with six bedrooms, six full baths, and two powder rooms built in 2020The main goal was to bring warmth, texture, and color into all the rooms.LIVING ROOMFurnishings in raw natural materials pull the outdoors in.Paul DyerRug: Stark. Coffee table: BDDW. The home contains a number of American-made pieces. The coffee table in the living room is live-edge walnut from Pennsylvania, while the carved cedar side tables are from California. The hand tufted wool pillows are from San Francisco. Its a beautiful blend of natural materials and artistic craftsmanship, Loewke says.Paul DyerLounge chairs: Vintage Hans Wegner, in Holland & Sherry fabric.Between the open concept living room, dining room, and kitchen, there is seating for 18 guests. Loewke worked locally with Johnson Metal Works to have the two metal wood storage cabinets that flank the fireplace fabricated. The cabinets add textural depth and store firewood for the client, who loves the wood-burning fireplace, the designer explains. ENTRY & HALLWAYThey needed a chic place to hang their hats.We wanted a pop of color to greet guestsand also something that would camouflage dirt tracked in by the dogs, Loewke says of the rug. KITCHENOrange accents add just enough color.Paul DyerPendants: Allied Maker.Loewke kept the existing stone and tile but painted the cabinets and added a custom metal hood.Paul DyerRunner: vintage, District Loom. The burnt orange paint color (Benjamin Moore Pilgrimage Foliage) [in the butlers pantry] adds a pop of color and ties the kitchen into the main living space, Loewke says.DINING ROOMThe clients wanted an extra-long table.Paul DyerLoewke brought the Lindsey Adelman chandelier and vintage Hans Wegner chairs from the clients main residence in San Francisco. The BDDW dining table has a lot of texture with its live edge, brass details, and wood inlay blocks. It really adds dimension and was needed for the length, she says. PRIMARY BEDROOMThe theme is neutral and luxurious.Paul DyerRug: Holland & Sherry. Nightstands: BDDW. Bed: Coup DEtat. Working with the existing wall plaster finish, we added a luxurious mohair rug and a leather bed, and then kept the rest of the room neutral and soft, Loeke says of the main sleep space.GUEST ROOMSOvernight guests can take their pick.Paul DyerLounge chair: Obsolete. Pendants: Allied Maker.Bark House bark tiles add a playful touch to this guest room, Loewke says.PRIMARY BATHROOMIts the perfect place to soak in the scenery.Paul DyerA vintage runner from District Loom in Bozeman adds a little color. POWDER ROOMSubtle changes made it warmer and more personalized.Paul DyerSconces: Visual Comfort.We removed the wall-to-wall mirrors and modern lighting, Loewke says. Each of the eight baths received a different paint color for the cabinetry, along with unique hardware, lighting, and mirrors. EXTERIORNatural materials blend into the environment.Paul Dyer Styled by Lucy Bamman. About the DesignerRebecca Loewke is an interior designer based in the San Francisco area who works across the United States. She has a BFA in Interior Design from the Design Institute of San Diego and worked for commercial design and interior design firms in Palo Alto and San Francisco before founding her own firm, Rebecca Loewke Interiors, in 2011. Allied Maker Arc Pendant$2,700 at alliedmaker.comBenjamin Moore Pilgrimage Foliage Paint Sample$6 at samplize.comDe La Vega Campanha Bed$67 at coupdetatsf.comFollow House Beautiful on Instagram and TikTok.

Opera has previewed a new AI agent feature that promises to complete online tasks on your behalf, based on simple, written prompts.Want to book a flight but dont want to spend ages comparing prices? Tell the bot your preferred flight times, seats, and budget and itll get to work in the background, letting you carry on with whatever it was you were doing. Once its done, itll add the item to your cart and you can proceed to pay.Unlike existing tools like Google AI assistant or ChatGPT, which help you find information by summarising search results, answering questions, and suggesting links, Operas AI agent does the browsing for you.Opera claims the tool dubbed Browser Operator signals a new paradigm in the history of browsing.The of EU techThe latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!For more than 30 years, the browser gave you access to the web, but it has never been able to get stuff done for you. Now it can, said Operas executive vice president Krystian Kolondra. This is different from anything weve seen or shipped so far.Browser Operator isnt just for shopping, though. It can search the web for whatever you need, potentially saving you time on menial tasks. Importantly, the tool comes with some built-in safeguards. You see what its doing at every step in the process and can easily pause or cancel any task.Opera claims the AI agent is the first agentic browsing feature launched by any major browser. However, major AI firms are working on their versions of similar systems.Last year, Anthropic launched a computer use feature that allows its Claude chatbot to take over your computer and browse on your behalf. OpenAI unveiled a similar feature Operator in January.Both of those tools, however, are virtual machines that operate in the cloud. Simply put, this means theyre slow. In contrast, Operas tool operates locally, directly on your browser, making it potentially much faster and more secure.Unlike Claude or Operator, Operas agent doesnt take screenshots or capture videos of your screen. By processing tasks locally, it ensures user data remains on the device, which the company said enhances privacy.Opera plans to launch the full version of the Browser Operator in the near future. The tool is the latest in a long line of AI developments at the Norwegian company. In 2023, Opera launched a fully AI-enabled browser, and last year it became the first major browser to integrate large language models (LLMs). Story by Sin Geschwindt Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecos (show all) Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecosystem. He's happiest sourcing a scoop, investigating the impact of emerging technologies, and even putting them to the test. Sin has five years journalism experience and holds a dual degree in media and environmental science from the University of Cape Town, South Africa. Get the TNW newsletterGet the most important tech news in your inbox each week.Also tagged with

British autonomous driving startup Wayve is set to establish a testing and development hub in Germany as it prepares to deploy self-driving vehicles in Europes largest automotive market.Wayves new hub will be built near Stuttgart, home to big name car brands including Mercedes-Benz, Porsche, and Audi. Alex Kendall, co-founder and CEO of Wayve, called it the perfect place for the company to accelerate the development and testing of AI-powered driving technology.2025 is a year of global expansion for Wayve, and we are incredibly excited to establish operations in Germany, said Kendall.Wayve is already testing its technology in the UK and the US. The startups newtesting hub in Baden-Wrttemberg will focus on refining its Advanced Driver Assistance System (ADAS) features, including lane change assistance, and advancing automated driving technology. The site also offers access to Germanys deep pool of software engineering talent, key to the companys development efforts.Founded in Cambridge in 2017, Wayve fits a regular car with a range of cameras and sensors that interpret the surrounding environment. This data gets fed to Wayves so-called embodied AI system.Group BundlesUnlike many other self-driving AI models, which have to be trained on each possible driving scenario and are confined to geofenced limits, Wayves AI is more free to act and learn on its own. The more the AI drives, the better it becomes at responding to hazards.Wayves approach to autonomous driving is similar to Teslas. But unlike Elon Musks firm, Wayve will sell its technology directly to carmakers. This means you wont have to buy a Tesla to access top spec self-driving tech.I look forward to partnering with Germanys world-leading manufacturers and Tier 1 suppliers to bring safe, scalable, and production-ready AI software to vehicles worldwide, said Kendall.The news follows Wayves mega $1bn raise in May the largest-ever single investment in a European AI startup.SoftBank led the Series C round alongside tech giants Nvidia and Microsoft.Wayve is a singularly important company for Europe, Suranga Chandratillake, partner at Balderton and an early investor in Wayve, told TNW at the time.Embodied AI will be the next big frontier of artificial intelligence bringing machine intelligence to the physical world around us and not just the computer screen that large language models are confined to.The approach has also attracted attention in the US. In August, Wayve secured a strategic investment from Uber, which is integrating autonomous driving tech into its fleet of taxis. Story by Sin Geschwindt Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecos (show all) Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecosystem. He's happiest sourcing a scoop, investigating the impact of emerging technologies, and even putting them to the test. Sin has five years journalism experience and holds a dual degree in media and environmental science from the University of Cape Town, South Africa. Get the TNW newsletterGet the most important tech news in your inbox each week.Also tagged with

Following last weeks homescreen redesign, the Google Gemini app on iPhone has been updated with lockscreen widgets and direct access in Control Center.The Gemini iPhone app now offers six circular lockscreen widgets:Type prompt: Stuck on a question? Type anything right away.Talk Live: Talk things through, or brainstorm aloud with Gemini.Open mic: Quickly open your mic to set reminders, create calendar events, and more.Use camera: Take a photo of whats in front of you, and ask Gemini all about it.Share image: Choose an image to get more info, create new art, or start a chat.Share file: Use a file to share the information or inspiration behind your question.The main shortcut simply opens the app and keyboard to start typing a prompt, while you can now open Gemini Live directly instead of having it be a two-step process. Open mic lets you enter a text prompt directly via voice, while the next launches the in-app camera. The final two open the image or file pickers directly.You can also set any of the six shortcuts to appear as the corner buttons on the lockscreen, and in the Control Center for quick access without having to your home or lockscreen. These shortcuts let you launch Gemini immediately, and should have been available on day one to match competing apps.Version 1.2025.0762303 of the Gemini app is rolling out today via the App Store. The release notes also highlight recent launches:Share text, images, and links directly to Gemini from any appDeep Research is now available in Gemini AdvancedUI improvements and bug fixesMore on Gemini:Add 9to5Google to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Google experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

In a new post on social media today, Tim Cook says Apple has a new product launch coming this week.The short teaser video posted on X says: Theres something in the Air. New Apple product launching this weekThis a not-so-subtle hint that Apple will announce a new MacBook Air this week. The new MacBook Air is expected to be powered by an M4 chip and will be available in the same 13-inch and 15-inch designs as the current model. The new M4 chip will come with several notable upgrades for MacBook Air users. Currently, the MacBook Air maxes out at 24GB of RAM, but the new M4 model will likely raise that ceiling to 32GB. We also expect faster memory bandwidth, two additional CPU cores, and a 12MP Center Stage camera. Additionally, the M4 MacBook Air will offer broader support for external displays. The M3 MacBook Air can power two external displays at once, but only with the lid closed. The M4 MacBook Air will be to power two external displays while also still using the built-in display just like the base model M4 MacBook Pro. Apple is also expected to announce a new iPad Air this spring. According to Bloomberg, however, the M4 MacBook Air refresh is first on the docket. Stay tuned to 9to5Mac for more details on everything Apple announces this week. If the theres something in the air teaser sounds familiar, its because Apple used the same tagline for the launch of the first-ever MacBook Air in 2008: Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Texas-based space company Firefly Aerospace's Blue Ghost lander has become the second private spacecraft in history to softly touch down on the Moon's surface.In fact, the company claimed in an announcement that it was the first to "successfully" do so, effectively arguing that Intuitive Machines' Odysseus lander failed when it toppled over during its attempt last year (Odysseus failed to reestablish connection with the Earth a month after landing on the Moon).Firefly's car-sized lander touched down within its target landing zone in the Mare Crisium, a massive basin on the Moon's near side.It's since sent back several photographs, showing it settled on the rocky surface with the Earth glinting in the distance. One image even shows its own shadow as the Sun slowly rises.It's yet another sign that the Moon's surface is back within reach over half a century after NASA's Apollo program launched its final mission and building buzz around the space agency's first crewed lunar mission since then, which is still tentatively scheduled for mid-2027.Blue Ghost will spend the next lunar day the equivalent of 14 Earth days studying the lunar environment on behalf of NASA's Commercial Lunar Payload Services program.On March 14, it'll take high-definition images of the Earth eclipsing the Sun from its perspective. On Earth, onlookers will be able to observe a total lunar eclipse, which will turn the Moon a deep red."With the hardest part behind us, Firefly looks forward to completing more than 14 days of surface operations, again raising the bar for commercial cislunar capabilities," said Firefly CTO Shea Ferring in a statement.Blue Ghost carries ten different scientific instruments on behalf of NASA. Its "surface operations include lunar subsurface drilling, sample collection, X-ray imaging, and dust mitigation experiments," according to the company."We want to thank NASA for entrusting in the Firefly team, and we look forward to delivering even more science data that supports future human missions to the Moon and Mars," Ferring said.Blue Ghost is the first of three landers to attempt to land on the Moon within the next few months. Houston-based company Intuitive Machines' Athena lander the followup to the one that didn't stick the landing will attempt to land on the lunar surface as soon as Thursday. And Japanese space company ispace's Hakuto-R Mission 2 will make its attempt later this spring.Firefly's lander has downlinked an astonishing 27 gigabytes of data over the last 45 days. And considering the many photo opportunities coming up soon, we can't wait to check out the next batch of images.More on the landers: Robot With Large Drill Headed for Surface of MoonShare This Article

Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code.The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC)."These include arbitrary kernel memory mapping and write vulnerabilities, a null pointer dereference, insecure kernel resource access, and an arbitrary memory move vulnerability," CERT/CC said.In a hypothetical attack scenario, an adversary with local access to a Windows machine can exploit these shortcomings to escalate privileges or cause a denial-of-service (DoS) condition by taking advantage of the fact that "BioNTdrv.sys" is signed by Microsoft.This could also pave the way for what's called a Bring Your Own Vulnerable Driver (BYOVD) attack on systems where the driver is not installed, thereby allowing the threat actors to obtain elevated privileges and execute malicious code.The list of vulnerabilities, which impact BioNTdrv.sys versions 1.3.0 and 1.5.1, is as follows -CVE-2025-0285 - An arbitrary kernel memory mapping vulnerability in version 7.9.1 caused by a failure to validate user-supplied data lengths. Attackers can exploit this flaw to escalate privileges.CVE-2025-0286 - An arbitrary kernel memory write vulnerability in version 7.9.1 due to improper validation of user-supplied data lengths. This flaw can allow attackers to execute arbitrary code on the victim's machine.CVE-2025-0287 - A null pointer dereference vulnerability in version 7.9.1 caused by the absence of a valid MasterLrp structure in the input buffer. This allows an attacker to execute arbitrary kernel code, enabling privilege escalation.CVE-2025-0288 - An arbitrary kernel memory vulnerability in version 7.9.1 caused by the memmove function, which fails to sanitize user-controlled input. This allows an attacker to write arbitrary kernel memory and achieve privilege escalation.CVE-2025-0289 - An insecure kernel resource access vulnerability in version 17 caused by failure to validate the MappedSystemVa pointer before passing it to HalReturnToFirmware. This allows attackers to compromise the affected service.The vulnerabilities have since been addressed by Paragon Software with version 2.0.0 of the driver, with the susceptible version of the driver added to Microsoft's driver blocklist.The development comes days after Check Point revealed details of a large-scale malware campaign that leveraged another vulnerable Windows driver associated with Adlice's product suite ("truesight.sys") to bypass detection and deploy the Gh0st RAT malware.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where cybercriminals used AI tools for harmful pranks, and a massive trove of live secrets was discovered, reminding us that even the tools we rely on can hide risky surprises.We've sifted through a storm of cyber threatsfrom phishing scams to malware attacksand broken down what it means for you in clear, everyday language. Get ready to dive into the details, understand the risks, and learn how to protect yourself in an increasingly unpredictable online world. Threat of the WeekSerbian Youth Activist Targeted by Android 0-Day Exploit Chain A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit chain developed by Cellebrite to unlock the device and likely deploy an Android spyware called NoviSpy. The flaws combined CVE-2024-53104 with CVE-2024-53197 and CVE-2024-50302 to escalate privileges and achieve code execution. The vulnerabilities, originally present within the Linux kernel, were addressed in December 2024. CVE-2024-53104 has since been addressed in Android as of early February 2025. In response to the development, Cellebrite said it will no longer allow Serbia to use its software, stating "we found it appropriate to stop the use of our products by the relevant customers at this time."Download Top NewsMicrosoft Unmasks People Behind LLMjacking Scheme Microsoft revealed the identities of four individuals who it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence (GenAI) services in order to produce offensive and harmful content. The campaign, also referred to as LLMjacking, has targeted various AI service providers, with the threat actors selling the access to other criminal actors to facilitate the illicit generation of non-consensual intimate images of celebrities and other sexually explicit content in violation of its policies.Common Crawl Dataset Contains Nearly 12,000 Live Secrets An analysis of a December 2024 archive from Common Crawl has uncovered nearly 12,000 live secrets, once again highlighting how hard-coded credentials pose a severe security risk to users and organizations alike. Furthermore, they also have the unintended side effect of exacerbating a problem where large language models (LLMs) end up suggesting insecure coding practices to their users due to the presence of hard-coded credentials in training data.Silver Fox APT Uses Winos 4.0 to Target Taiwanese Orgs Taiwanese companies have been targeted via phishing emails that masquerade as the country's National Taxation Bureau with an aim to deliver the Winos 4.0 (aka ValleyRAT) malware. Winos, derived from Gh0st RAT, is a modular malware framework that acts both as a remote access trojan and a command-and-control (C2) framework. The malware has also been propagated via trojanized installers for Philips DICOM viewers. A majority of these artifacts have been detected in the United States and Canada, indicating a possible expansion of the Silver Fox APT's targeting to new regions and sectors.Australia Bans Kaspersky Products from Government Networks Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing "unacceptable security risk to Australian Government, networks and data." Under the new directive, government entities are prohibited from installing Kaspersky's products and web services on government systems and devices effective April 1, 2025. They have also been recommended to remove all existing instances by the cutoff date.Bybit Hack Formally Attributed to Lazarus Group The North Korea-linked Lazarus Group has been implicated in the record-breaking hack of crypto exchange Bybit that led to the theft of $1.5 billion in digital assets. The attack has been attributed to a threat cluster dubbed TraderTraitor, which was previously behind the theft of cryptocurrency worth $308 million from cryptocurrency company DMM Bitcoin in May 2024. Further investigation has found that the hack was carried out by compromising one of the developer's machines associated with multisig wallet platform Safe{Wallet} which affected an account operated by Bybit. "The Bybit attack mirrors North Korea's established tactics of targeting centralized crypto exchanges through methods such as phishing, supply chain compromises, and private key theft-strategies," TRM Labs said. An infrastructure analysis has also found that the threat actors registered a fake domain named bybit-assessment[.]com a few hours before the theft took place. Silent Push, which discovered the domain, told The Hacker News it found no information to tie the bogus domain to the actual hack itself. It's believed that the domain may have been set up as part of another related campaign codenamed Contagious Interview. The company also noted that the threat actors behind the Contagious Interview campaign are actively targeting various cryptocurrency companies such as Stripe, Coinbase, Binance, Block, Ripple, Robinhood, Tether, Circle, Kraken, Gemini, Polygon, Chainalysis, KuCoin, eToro, Bitstamp, Bitfinex, Gate.io, Pantera Capital, Galaxy, Bitwise Asset Management, Bitwise Investments, BingX, Gauntlet, XY Labs, YouHodler, MatChain, Bemo, Barrowwise, Bondex, Halliday, Holidu, Hyphen Connect, and Windranger. "Anyone applying for a job at one of these companies should be on the lookout for suspicious job offers or suspicious interview tactics," the company added. Trending CVEsYour go-to software could be hiding dangerous security flawsdon't wait until it's too late! Update now and stay ahead of the threats before they catch you off guard.This week's list includes CVE-2025-27364 (MITRE Caldera), CVE-2025-24752 (Essential Addons for Elementor plugin), CVE-2025-27090 (Sliver), CVE-2024-34331 and its bypass (Parallels Desktop), CVE-2025-0690 (GRUB2), CVE-2024-12084, CVE-2024-12085,CVE-2024-12086, CVE-2024-12087, CVE-2024-12088 (RSync), CVE-2025-0475, CVE-2025-0555 (GitLab), CVE-2025-20111 (Cisco Nexus 3000 and 9000 Series Switches), CVE-2025-23363 (Siemens Teamcenter), CVE-2025-0514 (CVE-2025-0514), CVE-2025-1564 (SetSail Membership plugin), CVE-2025-1671 (Academist Membership plugin), CVE-2025-1638 (Alloggio Membership plugin), CVE-2024-12824 (Nokri Job Board WordPress Theme theme), CVE-2024-9193 (WHMpress - WHMCS WordPress Integration Plugin plugin), CVE-2024-8420 (DHVC Form plugin), CVE-2024-8425 (WooCommerce Ultimate Gift Card plugin), CVE-2025-25570 (Vue Vben Admin), CVE-2025-26943 (Jrgen Mller Easy Quotes plugin), and CVE-2025-1128 (Everest Forms Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin). Around the Cyber WorldQualcomm and Google Announce Security Partnership Chipmaker Qualcomm announced a partnership with Google with an aim to enable device manufacturers to provide up to eight years of software and security updates. "Starting with Android smartphones running on the Snapdragon 8 Elite Mobile Platform, Qualcomm Technologies now offers device manufacturers the ability to provide support for up to eight consecutive years of Android software and security updates," the company said. "Smartphones launching on new Snapdragon 8 and 7-series mobile platforms will also be eligible to receive this extended support." The eight-year pledge, however, only applies to devices using Arm-compatible Snapdragon 8 Elite chips and running Android 15, as well as future iterations of the Snapdragon 8 and 7-series.Microsoft Removes 2 Malicious VSCode Extensions Microsoft has taken down two popular VSCode extensions, 'Material Theme Free' and 'Material Theme Icons Free,' from the Visual Studio Marketplace for allegedly containing malicious code. The two extensions have been downloaded nearly 9 million times cumulatively. It's believed that the malicious code was introduced in an update to the extensions, indicating either a supply chain attack or a compromise of the developer's account. Microsoft said it also banned the developer, who claimed the issues are caused by outdated Sanity.io dependency that "looks compromised." Another developer commented: "After being targeted for a removal, the reasonable, good faith action that the developer should have taken would be to reach out to the VS Code team, putting himself at their disposal to address any issues they have identified. Instead, he created multiple different accounts in order to submit the same extensions in an attempt to circumvent the restrictions, and implicated the VS Code devs in a conspiracy to personally censor him."Over 49,000 Misconfigured Access Management Systems Flagged New research has uncovered more than 49,000 misconfigured access management systems (AMS) across the world, specifically in construction, healthcare, education, manufacturing, oil, and government sectors. These misconfigurations expose personal data, employee photographs, biometric data, work schedules, payslips, and other sensitive information. They could also be abused to access buildings and compromise physical security. Italy, Mexico, and Vietnam have emerged as the top countries with the most exposures. "These misconfigurations exposed highly sensitive personal information, including employee photographs, full names, identification numbers, access card details, biometric data, vehicle plate numbers, and in some cases, even complete work schedules and facility access histories," Modat said. "Particularly concerning was the discovery of exposed biometric templates and facial recognition data in several modern access control systems, which could pose serious privacy risks if accessed by malicious actors."Telegram Remains the Top Platform for Cybercriminals Despite new commitments from Telegram, the messaging app continues to remain a hub for cybercriminal activity. Some of the other platforms that are gaining traction, according to Flare.io, include Discord, Signal, TOX, Session, and Element/Matrix. While Discord invite links were primarily found on forums like Nulled, Cracked, VeryLeaks, and DemonForums, Matrix and Element protocol based IDs were mainly found on drugs focused forums like RuTOR, RCclub, and BigBro. TOX and Jabber IDs were predominantly shared on XSS, CrdPro, BreachForums, and Exploit forums. "Increased cooperation between Telegram and law enforcement has prompted discussions about alternative platforms, with Signal showing the most significant growth," the company said. "Other messaging apps like Discord, TOX, Matrix, and Session play niche roles, often tied to specific cybercriminal activities or communities. Many threat actors use multiple messaging apps to ensure accessibility and redundancy in their communications."OpenSSF Releases Best Practices for Open-Source Projects The Open Source Security Foundation (OpenSSF) released the Open Source Project Security Baseline (OSPS Baseline), a three-tiered set of requirements that aims to improve the security posture of open source software projects. "The OSPS Baseline offers a tiered framework of security practices that evolve with project maturity. It compiles existing guidance from OpenSSF and other expert groups, outlining tasks, processes, artifacts, and configurations that enhance software development and consumption security," the OpenSSF said. "By adhering to the Baseline, developers can lay a foundation that supports compliance with global cybersecurity regulations, such as the E.U. Cyber Resilience Act (CRA) and U.S. National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF)." The development comes as Google issued calls for standardizing memory safety by "establishing a common framework for specifying and objectively assessing memory safety assurances."MITRE Releases OCCULT Framework The MITRE Corporation has detailed a lightweight operational evaluation framework called OCCULT that allows cyber security experts to quantify the possible risks associated with a large language model (LLM) used in offensive cyber operations. "The OCCULT objective is ultimately about understanding the cyber operation capacity of an AI system, and quantifying performance in these dimensions of cyber reasoning can provide insight into that," MITRE said.Michigan Man Indicted on Wire Fraud and Aggravated Identity Theft Charges Andrew Shenkosky, a 29-year-old man from the U.S. state of Michigan, has been indicted on wire fraud and aggravated identity theft charges after purchasing 2,468 stolen login credentials from the dark web marketplace Genesis Market and using them to make fraudulent financial transactions. Shenkosky is also alleged to have offered some of the stolen account data for sale on other criminal forums, including the now-defunct Raid Forums. The scheme was devised and executed from approximately February 2020 to November 2020, the U.S. Justice Department said. 16 Malicious Google Chrome Extensions Flagged Cybersecurity researchers have uncovered a cluster of at least 16 malicious Chrome extensions that were used to inject code into browsers to facilitate advertising and search engine optimization (SEO) fraud. The browser add-ons, now removed from the Chrome Web Store, collectively impacted 3.2 million users and masqueraded as screen capture tools, ad blockers, and emoji keyboards. According to GitLab, it's suspected that the threat actors acquired access to at least some of the extensions from their original developers to subsequently push out the trojanized versions. The activity has been ongoing since at least July 2024.Gmail to Ditch SMS for Two-Factor Authentication Google is planning to end support for SMS-based two-factor authentication in Gmail so as to "reduce the impact of rampant, global SMS abuse." In lieu of the SMS-based system, the company is expected to display a QR code that users need to scan so as to login to their accounts, Forbes reported.Details Emerge About NSA's Alleged Hack of China's Northwestern Polytechnical University In 2022, China accused the U.S. National Security Agency (NSA) of conducting a string of cyber attacks aimed at the Northwestern Polytechnical University. It said the attack targeting the research university employed no fewer than 40 different cyber weapons that are designed to siphon passwords, network equipment configuration, network management data, and operation and maintenance data. China has given the NSA the threat actor designation APT-C-40. According to a new analysis published by security researcher Lina Lau (aka "inversecos"), the attribution to the agency boils down to a combination of attack times (or lack thereof during Memorial Day and Independence Day holidays), hands-on keyboard activity using American English, human error, and the presence of tools previously discovered during the Shadow Brokers leak. The attack involved the use of a zero-day vulnerability attack platform called Fox Acid to automate the delivery of browser-based exploits when visiting legitimate websites. Some of the other tools deployed included ISLAND for exploiting Solaris systems; SECONDDATE, a framework installed on edge devices to conduct network eavesdropping, MitM attacks, and code injection; NOPEN and FLAME SPRAY for remote access to compromised systems; CUNNING HERETICS, a lightweight implant for covert access to NSA communication channels; STOIC SURGEON, a backdoor targeting Linux, Solaris, JunOS, and FreeBSD systems; DRINKING TEA for credential harvesting; TOAST BREAD, a log manipulation tool that erased evidence of unauthorized access; and Shaver, a program to attack exposed SunOS servers for use as jump servers. It's said that NSA operatives stole classified research data, network infrastructure details, and sensitive operational documents from the university.Apple Find My Exploit Can Turn a Bluetooth Device into an AirTag A group of academics from George Mason University has detailed a new vulnerability in Apple's Find My network called nRootTag that turns devices into trackable "AirTags" without requiring root privileges. "The attack achieves a success rate of over 90% within minutes at a cost of only a few U.S. dollars. Or, a rainbow table can be built to search keys instantly," the researchers said. "Subsequently, it can locate a computer in minutes, posing a substantial risk to user privacy and safety. The attack is effective on Linux, Windows, and Android systems, and can be employed to track desktops, laptops, smartphones, and IoT devices." Apple has released patches in iOS 18.2, iPadOS 17.7.3, 18.2, watchOS 11.2, tvOS 18.2, macOS Ventura 13.7.2, Sonoma 14.7.2, Sequoia 15.2, and visionOS 2.2 to fix the vulnerability. That said, the attack remains effective as long as unpatched iPhones or Apple Watches are in the proximity of a target device running a malicious trojan, which is capable of advertising Bluetooth Low Energy (BLE) broadcasts that are used to glean a device's location by querying Apple's servers. In other words, simply by installing malware that can send BLE advertisements, the technique can make the device it's running on trackable via Apple's Find My network.Swedish Authorities Seek Backdoor Access to Encrypted Messaging Apps Sweden's law enforcement and security agencies are pushing for a legislation that forces encrypted messaging services like Signal and WhatsApp to create technical backdoors allowing them to access communications. Signal Foundation President Meredith Whittaker said the company would rather exit the market than complying with such a law, Swedish news outlet SVT Nyheter reported last week. The development follows Apple's disabling of iCloud's Advanced Data Protection (ADP) feature for users in the U.K. last week in response to reports that the Home Office had requested for the ability to access encrypted contents in the cloud. Tulsi Gabbard, the director of U.S. National Intelligence, said she was not informed in advance about the U.K. government's demand to be able to access Apple customers' encrypted data. U.S. officials are said to be looking at whether the U.K. violated a bilateral agreement by demanding Apple create a "backdoor" to access end-to-end encrypted iCloud data, according to Reuters. It also comes as concerns are being raised over a proposed amendment to the Narcotrafic law in France that seeks to backdoor encrypted messaging systems and hand over chat messages of suspected criminals within 72 hours of a law enforcement request. "A backdoor for the good guys only is a dangerous illusion," Matthias Pfau, CEO of Tuta Mail, said in a statement shared with The Hacker News. "Weakening encryption for law enforcement inevitably creates vulnerabilities that can and will be exploited by cybercriminals and hostile foreign actors. This law would not just target criminals, it would destroy security for everyone."Cybercriminal Behind More Than 90 Data Leaks Arrested A joint operation of the Royal Thai Police and the Singapore Police Force has led to the arrest of an individual responsible for more than 90 instances of data leaks worldwide, including 65 in the Asia-Pacific (APAC) region alone. The leaks resulted in the sale of over 13TB of personal data on the dark web, per Singaporean company Group-IB. The individual operated under various aliases ALTDOS, DESORDEN, GHOSTR, and 0mid16B. The identity of the suspect has not been disclosed, but Thai media reported that he goes by the name Chingwei. "The main goal of his attacks was to exfiltrate the compromised databases containing personal data and to demand payment for not disclosing it to the public," Group-IB said. "If the victim refused to pay, he did not announce the leaks on dark web forums. Instead he notified the media or personal data protection regulators, with the aim of inflicting greater reputational and financial damage on his victims." In select instances, the threat actor also encrypted the victim's databases as a means of exerting more pressure. The attacks leveraged SQL injection tools like sqlmap and exploited vulnerable Remote Desktop Protocol (RDP) servers to gain unauthorized access, followed by deploying a cracked version of an adversary simulation tool named Cobalt Strike for controlling compromised servers and exfiltrating data. Targets of the individual's attacks spanned industries such as healthcare, retail, property investment, finance, e-commerce, logistics, technology, hospitality, insurance, and recruitment. Expert WebinarWebinar 1: Discover How ASPM Bridges Critical Gaps in AppSec Before It's Too Late Join our free webinar to learn how ASPM is changing app security. Amir Kaushansky from Palo Alto Networks will show you how ASPM unites your security tools and makes managing risks easier. Hear real success stories from hundreds of users and get clear, practical advice to protect your apps.Webinar 2: Transform Your Code Security with One Smart Engine Join this next webinar to learn how to stop identity-based attacks like phishing and MFA bypass. Discover a secure access solution trusted by over 500 users. With limited spots, don't miss your chance to protect your identity. Sign up now!P.S. Know someone who could use these? Share it. Cybersecurity ToolsMEDUSA It is a powerful, FRIDA-powered tool designed for dynamic analysis of Android and iOS apps. It automates tasks such as bypassing SSL pinning, tracing function calls, and modifying app behavior in real timeall in a simple and efficient way. This makes it the perfect solution for uncovering vulnerabilities and strengthening mobile security.Galah It is an AI-driven web honeypot designed to lure and study cyber attackers. It mimics different web applications by generating smart, realistic responses to any HTTP request, making it harder for hackers to tell what's real. Initially built as a fun project to explore the power of large language models, Galah offers a simple way to see how modern AI can be used in cybersecurity. Tip of the WeekThe Hidden Dangers of Copy-Paste: How to Secure Your Clipboard from Cyber Threats Clipboard security is often overlooked, yet it's a prime target for attackers. Malware can hijack your clipboard to steal sensitive data, swap cryptocurrency addresses, or execute malicious commands without your knowledge. Tools like Edit Clipboard Contents Tool allow you to inspect and modify clipboard data at a raw level, providing visibility into potential threats. Sysinternals Process Monitor (ProcMon) can detect suspicious access to the clipboard, helping you catch rogue processes. Additional tools like InsideClipboard and Clipboardic log clipboard history and show all formats, revealing hidden malicious content that could otherwise go unnoticed.To protect against clipboard-based attacks, use clipboard-clearing practices after copying sensitive data, and avoid pasting from untrusted sources. Developers should implement auto-clearing of clipboard data and sanitize pasted input to prevent exploits. Cybersecurity professionals can monitor clipboard access via Sysmon or DLP systems to alert on suspicious behavior. By incorporating these tools and habits, you can better defend against clipboard hijacking and ensure sensitive information remains secure.ConclusionAs we close this week's update, remember that staying informed is the first step to protecting yourself online. Every incidentfrom targeted exploits to AI misuseshows that cyber threats are real and constantly changing.Thank you for reading. Stay alert, update your systems, and use these insights to make smarter choices in your digital life. Stay safe until next week.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.