Defining the experimental look of Second Tomorrow Studio's Unreal Engine-powered animated short film.

In his address to Congress last week, US President Donald J. Trump renewed his criticism of the CHIPS Act, the initiative aimed at reshoring the semiconductor industry, calling it horrible. He also called for any remaining funds to be returned to taxpayers.Instead, Trump wants to use tariffs on foreign chipmakers to force companies to build new research and fabrication facilities on US shores.This CHIPS Act, however, relies on tax breaks and grants to incentivize TSMC, Intel, Micron, Texas Instruments, Samsung and others to expand or build new facilities around the country. Many of those projects are already well under way.The legislation, passed in 2022 un then-President Joseph R. Biden Jr., also provided financial support to smaller semiconductor R&D companies, and highlighted the need to rebuild the industry to secure the US supply chain, reduce geopolitical risks, and maintain technological and military superiority.Headquartered near the rusted skeletal remains of Bethlehem Steel Works in Pennsylvania, nine-year-old iDEAL Semiconductor is a fabless semiconductor company specializing in the development of energy-efficient chips. The companys technology process involves engineering at the atomic level to deliver higher efficiency and voltage performance using standard silicon materials versus more expensive silicon carbide.iDEAL Semiconductor CEO and Co-founder Mark Granahan, in this Q&A, explains his concerns about the potential dissolution of the CHIPS Act and the critical lack of worker talent needed to rebuild a US semiconductor workforce.Mark GranahanWhat happens if the CHIPS Act goes away? Does it really stop the expansion of semiconductor development and production in the United States. Or do you expect it will happen with or without it? This is going to make it a little tougher. We spent a lot of time in 2018 and 2019 in DC, lobbying for and taking meetings with anybody who would take a meeting to discuss the criticality of semiconductors and the fact that all the advanced semiconductors were being done in one fab on one island, 60 miles away from China.And so we personally felt, and continue to feel, that the CHIPS Act has raised the stake on semiconductors overall. And the premier reason for the CHIPS Act was to de-risk the economic and defense impacts of these types of technologies being manufactured outside the US, companies like Apple and Broadcom, Nvidia, Qualcomm, and AMD. All of these companies use very advanced [semiconductor] nodes. And so, if anything were to happen [overseas], it would be nothing short of a crisis.The CHIPS Act, as envisioned, has certainly brought to light and made very visible to the whole country the criticality of semiconductors. And I think thats been a good thing.The fact that TSMC and, I guess, Samsung are investing heavily now in the US (although not with the most advanced nodes), are a result of that. And so, the CHIPS Act has accomplished, or is on the way to accomplishing [an end to] this economic and defense-related risk the country faced.Other than wafer and chip manufacturing, what other processes are important and have been bolstered by the CHIPS Act? While everybody talks about single nanometer technology and the most advanced [processor] nodes, all of that needs to be packaged and tested. And so theyre bringing that capability here.Having that capability for what is turning out to be heterogeneous packaging, chiplets and wafer types of packages is also super critical. The third piece of the pie, as far as were concerned, is innovation and a pipeline for future innovation and raising the visibility of semiconductors, which has created more demand for semiconductor jobs, as well as for semiconductor talent.Since the CHIPS Act and all the publicity around semiconductors, we as a start-up company have gotten a lot of renewed interest out of kids that are looking for internships in the semiconductor space, as well as looking for roles in the semiconductor space.I havent seen enrollment data, but I wouldnt be surprised if [the CHIPS Act] hasnt actually increased the enrollment in some of the technology related fields, whether it be chemistry, mechanical engineering, electrical engineering and other semiconductor-related fields. We do see an improvement there.What more should the US government do to ensure a reshoring of the industry? I think we need to do more as a nation, in terms of innovation. Its unfortunate that we are in the position we are in due to the fact that Intel kind of dropped the ball over the last 10 to 15 years. We have lost the leadership position. So the question is, what can we do as a nation to recover from that? And I think, once again, the CHIPS Act could be helpful there. It certainly does bring more wafer fabrication into the country. I think that will naturally demand more highly educated technical individuals. From that, I would expect some, some level of innovation will happen.For instance, the engineers that are going to be running the TSMC facilities, my expectation is that some of those people are very innovative, novel people that are very bright. And from that there should come some level of innovation. The question then is, are we prepared as a nation to be able to support that? Do we have basically the venture capital thats required to support these types of innovations that these individuals will hopefully be coming up with? And I think the answer there is, not so much.If you look at the number of new company formation in the technology space, and semiconductors in particular, in China thats in the hundreds if not thousands on an annual basis. In the US, not so much. And so, we definitely need to think about that as the third leg of the CHIPS Act, and what the CHIPS Act really needs to accomplish, whether it be in its current form or some other form that that the current administration envisions.We need to put in place a culture to support innovation such that we can regain our leadership position in technology.How did TSMC claim such a dominant roll, while Intel is struggling to regain its former lead? I think you know people that are experts and that have grown up in the industry and have huge amounts of experience in whatever it is youre doing. They are the individuals that should be running companies and manage a large industry workforce. I mean, that goes without saying.So, what went wrong? I think the wrong guy was running the company and making very poor decisions. And I think the board is accountable to that. And, I think certainly its not the talent within Intel. Theyre incredibly talented people who do very good work, but they do need to be managed well and given good goals.I think it was great Intel brought [former CEO Pat] Gelsinger in, but I think its just a tragedy that they cut his legs out from under him. They took him out too quickly. It took Intel 15 years to break something. Youre not going to fix something like this in a short period of time. I mean, a lot of the equipment that you need to help turn this company around has procurement lead times that were two years. So, how can you legitimately expect somebody to do something in three years? I mean, its nonsensical.What makes TSMC so successful? I think they are single-minded in purpose. They wanted to be the leaders, and they were going to do everything possible to become the leaders. And they work day and night tirelessly to do it.Their equipment is no different than the equipment that Intel has. Their material sets are no different than the material sets that Intel has. And so, at the end of the day, they fundamentally have become more innovative and been able to turn innovation into something thats manufacturable, whereas Intel has not. And I dont think their people are any better.I think it boils down to that fundamental focus and commitment and leadership to deliver the best, and we somehow, weve got to reclaim that. I mean, thats the bottom line. If you look at companies like Texas Instruments and Analog Devices up in your neck of the woods [Massachusetts], for instance. These are great, mixed-signal types of companies that have huge investments in research and development and that have huge investments in in manufacturing infrastructure right here in the US. Theyre doing very well and delivering the worlds best solutions in the space.Unfortunately, on the on the memory side of things, all thats hot is about AI solutions. Samsung, in particular, has really taken the lead there. And TSMC with their nanometer node solutions clearly claimed the AI space.Whats changed since the CHIPS Act was passed in 2022? For the last three quarters, North America has become the largest market for semiconductors. World Semiconductor Trade Statistics data shows the US is now the largest market for semiconductors, and that would be due to AI processors and high bandwidth memory for AI processing applications.So, its just amazing to me that after literally more than 20 years where Asia, specifically China, has been the leading destination for first for semiconductors, now America is.Do you believe the financial incentives under the CHIPS Act will work better than Trumps tariffs in bringing back semiconductor manufacturing and research? I dont believe the tariff thing will support the innovation.The CHIPS Act was actually envisioned under [Trumps] administration. Early on, we were there [in Washington] as part of that process, trying to put forth some ideas in terms of what matching funds could provide and things along those lines. I think incentives around innovation and having the capital formation infrastructure thats required [for new projects] is really important. So, Im hoping the current administration, much like the last administration, will see the criticality of US technology.And so Im hoping that they can put together incentive programs as a third leg of a CHIPS Act a CHIPS Act 2.0, or whatever you want to call it in order to incentivize infrastructure capitalization, and also closing the critical [talent] gap by potentially drawing more focus on these advanced degrees, perhaps even underwriting some of the expense of these degrees if individuals are willing to go into those fields in exchange.In his address to Congress, Trump also mentioned immigration in terms of bringing more talent into this nation. Is that critical as well, and how would that be achieved? From an immigration perspective, our nation needs the worlds best and brightest to enable us to achieve the innovation that is required to lead in this kind of space, as well as other technology spaces.So, I would hope that our immigration policies would recognize that and incentivize that. Quite frankly, we do need to open up more university seats for foreign-born nationals and then provide a fast track to a job here in the US. I cant tell you how many people that weve talked to that have advanced degrees that are looking for jobs in the US, but they are forestalled due to the immigration system. And to me, thats at odds with what the national objective should be, which is bringing in the best and brightest.Can you describe the talent gap in the semiconductor industry? I dont think its a single thing. Its not just that theres not enough electrical engineers, theres not enough design engineers, theres not enough layout engineers, theres not enough technicians, theres not enough process development engineers, theres not enough process improvement engineers. Its the sum total of all of those. Theres just not enough of them.And as you start to add infrastructure, as companies are doing now, like TSMC, Samsung and Intel are doing with new plants, youre seeing the [talent gap] may now be stopping them or slowing them down. Texas Instruments has invested in three new 300 millimeter [fabs in Lehi, UT]. Filling those plants with the appropriate talent, whether it be for construction of the buildings or outfitting them with the equipmentmaintaining it, and running it all of those projects and tasks require a lot of very skilled and educated individuals. We need more of them.STEM is a field that requires more and more highly educated individuals as time goes on. I dont think anyone can dispute that. We dont have enough of them.Has the publicity around the CHIPS Act and reshoring the semiconductor industry increased interest in the industry and education for that? Yes. Because of our need to focus on semiconductors, theres going to be a lot more unfilled roles, which means theres opportunity for advancement in those careers.But the other thing that people havent talked about is the fact that we have an aging semiconductor workforce in the United States, and that has to be replaced if we literally, want to lead and innovate. And so, not only is it true that were trying to expand, which requires more people, [but] that in turn creates great career opportunity. But theres a bit of a vacuum above [entry-level roles] in terms of great leadership and management. Thats because we as a nation have exported an awful lot of that over the course of time.So, I think theres kind of a double bang for your buck if you get into the into the semiconductor field, as far as opportunity goes. And I also think theres are some sexy aspects to it. I mean, whos the worlds richest man in the world right now? Hes someone in the technology space. And so we need to be able to point to more of those examples of people who are hugely successful, not as much for manipulating money, but simply for developing and innovating and bringing incredible new technology to the to the world.So, is the current semiconductor talent gap going to have a significant impact on all these reshoring initiatives, both the private ones and the federal ones, i.e., the CHIPS Act? Absolutely. And I live it day-in and day-out, every day. Im a startup company. Im looking for talent, and its talent that I need up and down my organization, whether it be upper leadership, mid-level management, or individual contributors like technicians.Go and try to find an electronics technician today. They are really hard to find. And the good ones are even harder to find.So, at the end of the day, up and down my organization, theres a lack of lack of availability of individuals, and thats hampering my company. And, Im just a startup company. You know, 100 people. Now go scale that out to 10,000 people [at a large chip maker]. It becomes rather, rather challenging.

Why writing is just like runningBotanical journaling + beating writers block (Issue #284)Published inThe Medium BlogSent as aNewsletter3 min readJust now--Its just starting to feel like spring where I am (temperatures in the mid-50s, sort of San Francisco-ish even though Im on the East Coast!). After a very dark, sleet-y, dry winter that had me applying moisturizer every hour, I am glad to finally participate in my favorite pastime: popping in my AirPods and running along NYCs East River for five or six miles, or until I get through most of my workout playlist.Surprisingly (or maybe not, given that writing and running share certain core characteristics like repetition and independence), our running coverage in the Medium Newsletter is pretty significant. Last May, I wrote about how it can take up to a month to start a new habit (at the time I was trying to wake up at 6 a.m. to run). Later that month, Scott Lamb taught us the 80/20 rule of training: make 80% of your workouts low-intensity and 20% high-intensity, so its sustainable. And, on the anniversary of the first Boston Marathon, we shared former Runners World Magazine editor Amby Burfoots story about how he won in 1968. (I went to bed every night at 9:30 pm, and woke up the next morning at 6 am for the first of my two daily runs)In celebration of Medium Newsletter Running Season coming up, as well as Womens History Month, I want to share one more story Ive found on Medium: Cheryl Weavers Women Running Through Time, published in Runners Life last year. In the process of training for a marathon, Weaver starts researching its history. The history of marathons dates back to ancient Greek myth, when messenger Pheidippides ran 25 miles from Marathon to Athens to deliver news of a victory (the first marathoner was a journalist! lol).Marathons as a modern sport began with the Olympics in 1896 but it wasnt until the 70s that women were allowed to compete. Though theres a very colorful, and fascinating, history of women infiltrating marathons (the Boston Marathon, specifically): Roberta Gibb hid in the bushes and snuck in after the 1966 race started; Kathryn Switzer registered for the 1967 race using a pseudonym and had a man pick up her race packet.This is the power of running (and writing): You can just do it, almost no special equipment required. We depend on our own wills, our own bodies, our own minds to bolster us, writes Weaver, We fight worlds still excluding us from entry and we adjust to worlds that have only recently included us [] We walk. We jog. We run. We read. We think. We write. We breathe. Whatever form it takes, whatever recognition we do or do not get, we run the marathon. Harris SockelTake our survey to shape how we think about the future of Medium. What else were readingIf you, like me, live in the Northern Hemisphere and are irrationally excited for it to be temperate outside, here is one way to channel that energy: Start a very low-maintenance botanical journal. All you need is a watercolor sketchbook, two small brushes, a pen, and a garden or park near your home. (Anne Kullaf in Gardening, Birding, and Outdoor Adventure)Lent, originally from Old English lencten (spring), is the season for facing your mortality. (Stacey Simpson Duke)Life would be more beautiful if our phones looked like this again:The Nokia 7600, part of an early-00s boom in cyberpunk-ish mobile phone design A dose of practical wisdomThe truth about writers block: As Jenny Zhang explains, its usually a symptom of believing writing is not simply work.Deepen your understanding every day with the Medium Newsletter. Sign up here.Edited and produced by Scott Lamb & Carly Rose GillisQuestions, feedback, or story suggestions? Email us: tips@medium.comLike what you see in this newsletter but not already a Medium member? Read without limits or ads, fund great writers, and join a community that believes in human storytelling.

Yarnhub Animation Studios gets 35 million views a month on YouTube for its military history animated videos. Now it's expanding into gaming.Read More

Capcom has released Monster Hunter Wilds hotfix 1.000.05.00 across all platforms, making important improvements and fixes for the game.The patch removes various progression blockers and fixes various bugs, but players wont find any performance improvements in the patch notes, below.Monster Hunter Wilds is still sitting on a mixed user review rating on Steam despite its record-breaking launch, and most of the complaints revolve around performance problems on PC.Despite these issues, Monster Hunter Wilds success cannot be denied. It sold a huge 8 million copies in just three days, becoming the fastest-selling Capcom game of all time. Monster Hunter Wilds has the fifth highest ever concurrent player count on Steam, with a whopping 1,384,608 peak. Thats more than Dota 2, Cyberpunk 2077, and Elden Ring managed on Valves platform. By comparison, Monster Hunter: World had a peak of 334,684.A title update for Monster Hunter Wilds, expected in early April, is due to add a new endgame area to gather as well as more monster hunting action for players to embark on.To help get your Monster Hunter Wilds adventure started, take a look at what Monster Hunter Wilds doesnt tell you, and a guide to all 14 weapon types in the game. Weve also got a detailed Monster Hunter Wilds walkthrough in progress, a Monster Hunter Wilds multiplayer guide to explain how to play with friends, and if youve played one of the open betas, heres how to transfer your Monster Hunter Wilds Beta character over.IGNs Monster Hunter Wilds review returned an 8/10. We said: Monster Hunter Wilds continues to smooth off the rougher corners of the series in smart ways, making for some extremely fun fights but also lacking any real challenge.Monster Hunter Wilds Hotfix 1.000.05.00 patch notes:Issues that have been addressed as of March 10, 2025:The Grill a Meal and Ingredient Center features cannot be unlocked even after meeting the progress criteria.When heading to Azuz during Main Mission: Chapter 2-1 Toward Fervent Fields, players keep falling through the map.The Monster Field Guide cannot be accessed.During Main Mission: Chapter 5-2 A World Turned Upside Down, an NPC may not appear, preventing further progression.At the Smithy, an issue may occur where tutorials are repeatedly shown, disabling certain options in the menu.When guarding a monsters attack with a lance using Power Guard under certain conditions, the weapon flashes in red but the effect is not activatedWhen using a mantle, a Weapon Equipment Skill may mistakenly be activated.Some effects may be displayed continuously when using certain skills, such as Peak Performance and Self-Improvement.When successfully preforming an Offset Attack with the Insect Glaives Descending Slash under certain conditions, the hunter freezes and becomes unresponsive to any controls.Addressed issues that occurred under certain conditions with screen rendering and causing force quits.The Meal Invitation feature at Azuz and Sild does not unlock on some occasions.A notification or an Environment Overview Update may show that you have received a Meal Invitation when it is not available. (Some mitigation measures have been implemented.)An issue occurring when using Equipment Loadout, causing decorations to be removed from equipment, Bowgun Customization being reverted to default, and Kinsects reverting to the initial rarity.When cutting off monster parts, the parts change into a monster part from a different monster.Gravios does not gain resistance to flinches after breaking its parts. (Gravioss resistance has also been slightly adjusted in Ver. 1.000.05.00.)An issue which may cause crashes or some monsters to act strangely under certain situations.Some skills are unintentionally activated under certain conditions.Some items/rewards can be obtained repeatedly under certain conditions.When trying to catch a fish with a capture net, the fishes nearby do not swim away from the fishing spot.Some environmental features such as floating rubbles can be activated multiple times.During Main Mission: Chapter 5-2 The Root Cause, the hunter becomes unresponsive to some controls when talking to a certain NPC.Palicos support move Attract Vigorwasps may cause the hunter to become unresponsive to some controls.When scrolling through the quest list, only the first 20 quests are displayed correctly.An issue which may cause the game to forcefully shut down when starting a game with saved data that encountered a force quit.*You must close the game to apply the fix. Please ensure you restart the game after updating your game to Ver. 1.000.05.00. (This can be confirmed at the title screen.)Meanwhile, Capcom outlined various issues it's still working to address. Some currently known Monster Hunter Wilds issues as of March 10, 2025:A network error occurs when firing an SOS flare right after a quest begins.Link Members are not prioritized over other players and may not appear in some places including Base Camps.Palicos attacks with blunt weapons do not inflict stun and exhaust damages.Hunter Profile cannot be edited properly on some occasions.Some side missions cannot be completed under certain situations.Wesley is the UK News Editor for IGN. Find him on Twitter at @wyp100. You can reach Wesley at wesley_yinpoole@ign.com or confidentially at wyp100@proton.me.

Indiana Jones and the Great Circle has a PlayStation 5 rating on the website of the Entertainment Software Rating Board, suggesting a release date isnt too far away.MachineGames well-received action adventure game launched on Xbox Series X and S and PC in December 2024, and currently has a spring 2025 release window on PS5. That suggests the game will be out at some point in the next few months.Microsoft has so far remained quiet on Indiana Jones and the Great Circles PS5 release date, preferring to focus on other games at its recent Xbox Developer Direct showcase. But it seems an announcement will be made soon.MachineGames has issued a series of updates since the games initial Xbox launch, most recently fixing various bugs and adding support for Nvidia DLSS 4 with Multi Frame Generation and DLSS Ray Reconstruction on PC. The PS5 version will of course feature all the console updates released to date.Boosted by launching day one on Game Pass, Indiana Jones and the Great Circle has so far reached 4 million players a figure that will no doubt see a significant boost one the PS5 version goes live.Indiana Jones actor Harrison Ford has said Troy Baker playing the beloved character in Indiana Jones and the Great Circle is proof "you don't need artificial intelligence to steal my soul."Ford discussed alleviating control of Indy with The Wall Street Journal, saying he was very happy with the performance of The Last of Us actor Baker."You dont need artificial intelligence to steal my soul," Ford said. "You can already do it for nickels and dimes with good ideas and talent. He did a brilliant job, and it didnt take AI to do it."Wesley is the UK News Editor for IGN. Find him on Twitter at @wyp100. You can reach Wesley at wesley_yinpoole@ign.com or confidentially at wyp100@proton.me.

Apple SVP Eddy Cue and director Ben Stiller took to the SXSW stage to discuss Severance, Apples hit sci-fi thriller. Cue talks about how Severance has become a core of Apple TV+ and an example of how focusing on just a few shows promotes quality.The in-person stage experience included two clips from the upcoming S2E9, but these are cut out of the recorded version. Otherwise, you can watch the full interview after the break Unfortunately, the interview is a bit lacking in revelations. Stiller and Cue reminisce about how the show came to be, and congratulate each other for their support. Stiller says Apple has never given him notes about anything we do, even as the show crosses into corporate satires that dont stray too far from the goings on at Apple Park. Tongue-in-cheek, at one point, Stiller asks Cue how is Apple doing and if you guys are in the black?. Cue says If you keep doing this as well as youre doing, I think were gonna be okay.Heres the full video:Severance is currently in the midst of its second season. The show has become an undisputed phenomenon for Apple TV+, with Apple saying it is now its most popular show ever. Episode 9 airs this Friday, with the season finale Episode 10 following the week after.Although as yet officially unconfirmed, the show is expected to be renewed for a third season. A writers room on scripts is already underway.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Cyber threats today don't just evolvethey mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new battlegroundsranging from nation-state espionage and ransomware to manipulated AI chatbotsthe landscape becomes increasingly complex, prompting vital questions: How secure are our cloud environments? Can our IoT devices be weaponized unnoticed? What happens when cybercriminals leverage traditional mail for digital ransom?This week's events reveal a sobering reality: state-sponsored groups are infiltrating IT supply chains, new ransomware connections are emerging, and attackers are creatively targeting industries previously untouched. Moreover, global law enforcement actions highlight both progress and persistent challenges in countering cybercrime networks.Dive into this edition to understand the deeper context behind these developments and stay informed about threats that continue reshaping the cybersecurity world. Threat of the WeekU.S. Charges 12 Chinese Nationals for Nation-State Hacking The U.S. Department of Justice (DoJ) announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent across the world. The defendants include two officers of the People's Republic of China's (PRC) Ministry of Public Security (MPS), eight employees of the company i-Soon, and two members of APT27. "These malicious cyber actors, acting as freelancers or as employees of i-Soon, conducted computer intrusions at the direction of the PRC's MPS and Ministry of State Security (MSS) and on their own initiative," the DoJ said. "The MPS and MSS paid handsomely for stolen data."Get the guide Top NewsU.S. Secret Service Dismantles Garantex A coalition of international law enforcement agencies has seized the online infrastructure associated with the cryptocurrency exchange Garantex for facilitating money laundering by transnational criminal organizations. The exchange is estimated to have processed at least $96 billion in cryptocurrency transactions, with crypto transactions worth more than $60 billion processed since it was sanctioned in 2022. In addition, two individuals Aleksej Besciokov and Aleksandr Mira Serda have been charged in connection with operating an unlicensed money-transmitting business.Silk Typhoon Goes After IT Supply Chains In what appears to be a shift in tactics, Salt Typhoon, the China-linked threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021, has begun to target the information technology (IT) supply chain, specifically remote management tools and cloud applications, as a means to obtain initial access to corporate networks. Upon gaining successful access, the threat actors have been found using stolen keys and credentials to further burrow into the compromised network and exfiltrate data of interest.Dark Caracal Linked to Use of Poco RAT The threat actor called Dark Caracal has been linked to a phishing campaign that distributed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024. An analysis of Poco RAT artifacts indicates the intrusions are mainly targeting enterprises in Venezuela, Chile, the Dominican Republic, Colombia, and Ecuador.Links Between Black Basta and CACTUS Ransomware Examined Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over compromised systems, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS. The BackConnect module has source code references to QakBot, indicating likely shared authorship. The component is distributed via sophisticated social engineering tactics to trick targets into installing the Quick Assist remote desktop software.U.A.E. Entities Targeted by UNK_CraftyCamel A previously undocumented threat activity cluster dubbed UNK_CraftyCamel has targeted "fewer than five" aviation and satellite communications entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano. The attacks stand out because they took advantage of a compromised email account belonging to the Indian electronics company INDIC Electronics to send phishing messages. It's suspected that the campaign is the work of an Iranian-aligned hacking group. Trending CVEsThe software you rely on every day can have hidden risks that hackers actively target. Staying safe means keeping up-to-date with the latest security patches before vulnerabilities become costly breaches.Here's this week's critical list of software vulnerabilities you should urgently patch or review to protect your systems CVE-2025-25015 (Elastic Kibana), CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 (VMware), CVE-2024-50302 (Google Android), CVE-2025-0364 (BigAntSoft BigAnt), CVE-2024-48248 (NAKIVO Backup & Replication), CVE-2025-1723 (Zoho ADSelfService Plus), CVE-2025-27423 (Vim), CVE-2025-24494 (Keysight Ixia Vision), CVE-2025-1080 (LibreOffice), CVE-2025-27218 (Sitecore), CVE-2025-20206 (Cisco Secure Client for Windows), CVE-2024-56325 (Apache Pinot), CVE-2025-1316 (Edimax IC-7100), CVE-2025-27622, CVE-2025-27623 (Jenkins), and CVE-2024-41334 through CVE-2024-41340, CVE-2024-51138, CVE-2024-51139 (Draytek routers). Around the Cyber WorldApple Reportedly Pushes Back Against Backdoor Access Apple appears to be pushing back against a secret order issued by the U.K. to give the government access to encrypted iCloud data. According to a report from the Financial Times, the company has filed an appeal with the Investigatory Powers Tribunal, an independent judicial body that examines complaints against the U.K. security services, in hopes of overturning the order. The tribunal is expected to probe whether "the U.K.'s notice to Apple was lawful and, if not, could order it to be quashed." Apple recently stopped offering Advanced Data Protection in the U.K. in response to the secret order.IoT Devices Targeted by New Eleven11bot Botnet A new botnet malware dubbed Eleven11bot is estimated to have infected thousands of IoT devices, primarily security cameras and network video recorders (NVRs), to conduct volumetric DDoS attacks. A majority of the infections are in the United States, the United Kingdom, Mexico, Canada, and Australia, per The Shadowserver Foundation. Threat intelligence firm GreyNoise said it has observed 1,042 IP addresses tied to the botnet's operation in the past month, most of which are based in Iran. Eleven11bot is assessed to be a variant of the infamous Mirai malware, which had its source code leaked in 2016. That said, there have been conflicting reports on the number of devices comprising Eleven11bot. Nokia said the botnet is made of roughly 30,000 devices, the Shadowserver Foundation said the size is well over 86,000. However, GreyNoise estimated the true number was likely fewer than 5,000.U.S. Treasury Sanctions Iranian National for Running Nemesis Market The U.S. Treasury Department on Tuesday announced sanctions against an Iranian national named Behrouz Parsarad for running an online darknet marketplace called Nemesis Market that was used for trading drugs and cybercrime services. The online bazaar was shut down in March 2024 as a result of a law enforcement operation conducted by Germany, the U.S., and Lithuania. "As the administrator of the Nemesis darknet marketplace, Parsarad sought to build and continues to try to re-establish a safe haven to facilitate the production, sale, and shipment of illegal narcotics like fentanyl and other synthetic opioids," the Treasury Department said.Moonstone Sleet Deploys Qilin Ransomware Microsoft revealed that it observed the North Korean threat actor tracked as Moonstone Sleet deploying Qilin ransomware at a limited number of organizations in late February 2025. "Qilin is a ransomware as a service (RaaS) payload used by multiple threat actors, both state-sponsored and cybercriminal groups," it said. "Moonstone Sleet has previously exclusively deployed their own custom ransomware in their attacks, and this represents the first instance they are deploying ransomware developed by a RaaS operator."Kaspersky Flags Thousands of Malicious Installations of Banking Trojans Russian cybersecurity company Kaspersky said it prevented a total of 33.3 million attacks involving malware, adware, or unwanted mobile software in 2024. Adware accounted for 35% of total detections, with 1.13 million malicious and potentially unwanted installation packages detected. Nearly 69,000 of those installations were associated with banking trojans. The company said it also discovered threat actors using novel social engineering tactics to distribute the Mamont banking trojan targeting Android devices in Russia. "The attackers lured users with a variety of discounted products," it said. "The victim had to send a message to place an order. Some time later, the user received a phishing link to download malware disguised as a shipment tracking app."PrintSteal Campaigns Engages in Large-Scale KYC Document Generation Fraud in India Details have emerged about a large-scale, organized criminal operation that involves the mass production and distribution of fake Indian KYC (Know Your Customer) documents, an activity that has been codenamed PrintSteal by CloudSEK. One such platform, named crrsg.site, is estimated to have fueled the creation of more than 167,391 fake documents since its creation in 2021. There are at least 2,727 registered operators on crrsg.site. "The infrastructure of this operation includes a centralized web platform, access to illicit APIs that provide data like Aadhaar, PAN, and vehicle information, a streamlined payment system, and encrypted communication channels (such as Telegram)," CloudSEK researcher Abhishek Mathew said. "The operation relies heavily on a network of affiliates, primarily local businesses like mobile shops and internet cafes, which serve as points of contact for customers seeking fake documents." Further investigation has revealed that an individual named Manish Kumar is a key figure behind crrsg.site. To date, no less than 1,800 domains have been identified as part of this operation, with over 600 domains currently active.Malicious Use of Cobalt Strike Down 80% Since 2023 In April 2023, Microsoft and Health Information Sharing and Analysis Center (Health-ISAC) teamed up with Fortra, the company behind Cobalt Strike, to combat the abuse of the post-exploitation toolkit by bad actors to facilitate malicious activities. Since then, the number of unauthorized copies of Cobalt Strike observed in the wild has decreased by 80%, Fortra said. The company said it also seized and sinkholed over 200 malicious domains, effectively severing the connections. "Additionally, the average dwell time the period between initial detection and takedown has been reduced to less than one week in the United States and less than two weeks worldwide," it added. In July 2024, a coordinated law enforcement operation codenamed MORPHEUS dismantled 593 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with unlicensed versions of Cobalt Strike. CrowdStrike Reports $21 Million Loss from July 2024 Outage Cybersecurity firm CrowdStrike reported another $21 million in costs related to the July 19, 2024, outage in the fourth quarter, bringing the annual total to $60 million. In a related development, security firm SEC Consult detailed a now-patched vulnerability in CrowdStrike Falcon that allowed attackers to pause the sensor. "The vulnerability allowed an attacker with 'NT AUTHORITY\SYSTEM' permissions to suspend the CS Falcon Sensor processes," the Austrian company said. "A subset of malicious applications that are blocked or deleted when the CS Falcon Sensor processes are active could be executed or retained on the disk after the CS Falcon Sensor processes were suspended. This leads to a partial bypass of the CS Falcon Sensor detection mechanisms."FBI Warns of Fake Ransomware Notes Sent via Snail Mail The U.S. government is warning that scammers are masquerading as the BianLian (aka Bitter Scorpius) ransomware and data extortion group to target corporate executives by sending extortion letters that threaten to release sensitive information on the e-crime gang's data leak site unless payment ranging between $250,000 and $500,000 is received within 10 days from receipt of the letter. The letters are believed to be an attempt to scam organizations into paying a ransom. Cybersecurity firm Arctic Wolf said the letters were being sent to executives primarily within the U.S. healthcare industry, but noted that the physical ransom letters are drastically different in word usage and tone from those of the actual BianLian group. GuidePoint Security and Palo Alto Networks Unit 42 also pointed out that the activity is likely the work of an imposter.Moscow-Based News Network Poisons AI Chatbot Results A Moscow-based disinformation network named Pravda is publishing false claims and pro-Kremlin propaganda to deliberately distort responses from artificial intelligence (AI) models that rely on up-to-date information. The network, which uses search engine optimization strategies to boost the visibility of its content, is said to have published 3.6 million misleading articles in 2024 alone. "By flooding search results and web crawlers with pro-Kremlin falsehoods, the network is distorting how large language models process and present news and information," NewsGuard said, adding "the leading AI chatbots repeated false narratives laundered by the Pravda network 33 percent of the time."DoJ Charges 2 Venezuelans for ATM Jackpotting Scheme The U.S. Justice Department said two Venezuelan nationals David Jose Gomez Cegarra, 24, and Jesus Segundo Hernandez-Gil, 19, were arrested and charged recently over their role in an ATM jackpotting scheme in the U.S. states of New York, Massachusetts, and Illinois in October and November 2024. The charges carry a maximum penalty of ten years in prison. "ATM Jackpotting involves removing an ATM's cover and infecting the ATMs hard drive with malware or removing the hard drive and replacing it with an infected hard drive, which allows the operator to assume control of the ATM and cause it to dispense currency," the agency said.Researchers Flag Flaw in China's Great Firewall Cybersecurity researchers have detailed a now-fixed buffer over-read vulnerability dubbed Wallbleed in the DNS injection subsystem of the Great Firewall of China that could result in information disclosure, causing certain nation-wide censorship middleboxes to reveal up to 125 bytes of their memory when censoring a crafted DNS query. It was patched in March 2024. "Until March 2024, certain DNS injection devices had a parsing bug that would, under certain conditions, cause them to include up to 125 bytes of their own memory in the forged DNS responses they sent," a group of academics said. The GFW's DNS injection subsystem relies on what's called DNS spoofing and tampering to inject fake DNS responses containing random IP addresses when a request matches a banned keyword or a blocked domain.Nine Threat Groups Active in OT Operations in 2024 Industrial cybersecurity company Dragos said nine out of the 23 threat groups it tracks as targeting industrial organizations were active in 2024. Two of them Bauxite (aka Cyber Av3ngers) and Graphite (aka APT28) have been identified as two new threat groups setting their sights on operational technology (OT) networks. "A striking trend in 2024 was the continued lowering of the barrier to entry for adversaries targeting OT/ICS," Dragos said. "Adversaries that would have once been unaware of or ignored OT/ICS entirely now view it as an effective attack vector to achieve disruption and attention." Furthermore, the number of ransomware attacks targeting OT systems increased by 87% in 2024, and the number of groups going after such targets spiked by 60%. The disclosure comes as CrowdStrike revealed that China-nexus activity increased by 150% across all sectors in 2024, with a "staggering 200-300% surge" in key targeted industries including financial services, media, manufacturing, and industrials/engineering. The security vendor, which is tracking 257 named adversaries and over 140 emerging activity clusters, said adversaries are increasingly targeting cloud-based SaaS applications for data theft, lateral movement, extortion, and third-party targeting. Some of the new notable clusters include Envoy Panda (aka BackdoorDiplomacy), Liminal Panda, Locksmith Panda, Operator Panda (aka Salt Typhoon), Vanguard Panda (aka Volt Typhoon), and Vault Panda (aka Earth Berberoka).Google Details AMD Zen Vulnerability Google researchers have disclosed the details of a recently patched AMD processor vulnerability dubbed EntrySign (CVE-2024-56161, CVSS score: 7.2) that could potentially permit an attacker to load a malicious CPU microcode under specific conditions. In a nutshell, the vulnerability enables arbitrary microcode patches to be installed on all Zen 1 through Zen 4 CPUs. "Luckily, the security impact was limited by the fact that attackers must first obtain host ring 0 access in order to attempt to install a microcode patch and that these patches do not persist through a power cycle," Google said. "Confidential computing using SEV-SNP, DRTM using SKINIT, and supply chain modification are some of the situations where the threat model permits an attacker to subvert microcode patches." Expert WebinarTraditional AppSec is BrokenWatch This to See How ASPM Can Fix ItTraditional AppSec tools often struggle with today's complex software environments, creating security blind spots. Application Security Posture Management (ASPM) promises to bridge these gaps by combining code-level insights and runtime context. But is ASPM the future or a passing trend?Join Amir Kaushansky from Palo Alto Networks to quickly grasp ASPM's real-world benefitssuch as proactive risk management and reduced patching workloads. Get actionable insights and evaluate whether adopting ASPM can strengthen your organization's security posture.Secure your spot now to stay ahead of evolving threats.P.S. Know someone who could use these? Share it. Cybersecurity ToolsRayhunter It is a free and open-source tool developed by EFF to identify devices used for cellular surveillance, commonly called IMSI catchers. Designed specifically for use with the Orbic RC400L mobile hotspot, Rayhunter helps users detect if their cellular communications are being monitored. While built mainly for research and testing purposesrather than high-risk situationsthe tool offers a user-friendly web interface, allowing easy monitoring, capture of cellular signals, and basic analysis of potential spying attempts. Although Rayhunter might function on similar Qualcomm-based Linux or Android devices, compatibility is currently only confirmed for this specific Orbic model.GCPGoat: A Damn Vulnerable GCP Infrastructure GCPGoat is a purposely vulnerable Google Cloud environment designed to help users safely learn cloud security. It mirrors real-world mistakes in cloud setups, covering OWASP's top web app risks and common misconfigurations. Users can practice penetration testing, audit infrastructure code, improve secure coding, and enhance threat detection directly in their own GCP accounts. Tip of the WeekGet Defense Against Advanced 'Living off the Land' Threats Hackers often misuse built-in tools like PowerShell (Windows) or common Linux utilities to quietly break into systemsthis is called a "Living off the Land" (LotL) attack. A simple, effective defense is Binary Allowlisting via Checksums, which ensures only verified tools can run.For Linux users, create a trusted baseline by running this one-time command on a clean system:sudo find /usr/bin -type f -exec sha256sum {} \; > /root/trusted.sha256Then, schedule hourly checks using cron (edit with sudo crontab -e) to verify these binaries:0 * * * * sha256sum -c /root/trusted.sha256 2>&1 | grep -v ": OK$" && echo "Checksum mismatch detected!" | mail -s "Security Alert" you@example.comFor Windows users, install the free, user-friendly security tool Wazuh, and enable its File Integrity Monitoring feature. It automatically alerts you if critical binaries like those in C:\Windows\System32 are unexpectedly changed or replaced.This quick, practical approach stops attackers from sneaking through unnoticed, greatly strengthening your overall security posture.ConclusionCybersecurity isn't just about technologyit's about understanding patterns, staying alert, and connecting the dots. As you finish this newsletter, ask yourself: which dot might become tomorrow's headline, and are you ready for it? Stay informed, stay curious, and keep connecting.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

The council voted to approve the architects plans for Clandon House, a National Trust property near Guildford in Surrey, on Thursday (6 March).The approval comes despite a major recent backlash from traditionalists over the plans to preserve the 18th-century Palladian mansion as a fire-damaged shell. Classical architect Francis Terry accused the National Trust of an act of barbarism against the Grade I-listed building.But councillors praised the proposal for its major public benefits, including changes that make [the building] accessible to everyone following the tragedy of the fire that destroyed it.AdvertisementOne councillor said that while the vote was not an easy decision, he was quite excited at seeing a building stripped back I do think thats something different that can attract visitors and show something different.The stately home has sat in its current state since 2015, when a devastating fire, likely caused by an electrical fault, tore through the building destroying all but one room.The National Trust had originally planned to rebuild and restore Clandon Park, to a competition-winning design also by Allies and Morrison but u-turned on the proposal in 2022. A spokesperson put the change down to a process of detailed feasibility with our design team.Allies and Morrison continues to lead on the design with conservation design support from Purcell. Source:NH53 (creative commons)Planning officers had recommended the latest scheme for approval, concluding that it caused less than substantial harm to Clandons heritage, while preserving and restoring important features such as windows, faades, and a roof.AdvertisementThe local planning authority concluded that the proposal would ensure the stately home could maintain its optimal viable use as a much-visited cultural attraction, with new public benefits including accessibility, roof access, and the opportunity to learn about the historic construction of country houses.The planning permission is subject to referral to the secretary of state for secondary approval, as well as completion of a Section 106 legal agreement including provision of biodiversity net gain and contribution towards a long-term sustainable' travel strategy for the site.In November, submission of the planning application for the now-approved design triggered a major backlash from Classicists, which became the forefront of a major dispute within the National Trust.The Restore Trust a group of activists within the heritage organisation accused it of a tragic dereliction of duty by refusing to restore the mansion.The protestors claimed the National Trust was failing to preserve its historic buildings in favour of modish, divisive ideologies.The trust, however, has argued that the sensitive contemporary design of the light-touch proposals will bring Clandon Park back to life as a welcoming, engaging and fully functional house' and create an exciting new chapter in [the buildings] history.In January, a spokesperson said the designs reflected in-depth conversations with heritage bodies, architectural specialists, community organisations and more than 75,000 visitors to Clandon since the fire. It added that public feedback had been overwhelmingly positive.The trust added: Our vision is for a house that showcases the importance and beauty of what survived the fire and celebrates the stories of the many people who made and crafted it over centuries. Source:Allies and Morrison (taken from planning documents)Allies and Morrisons latest plans (Nov 2024) for Clandon Park House in Surrey walkways for displays and viewingIn a design and access (D&A) statement, Allies and Morrison said its proposal, which includes events space and walkways allowing views of Clandons scorched interiors, celebrates the beauty of the building that survived.It said the design would display the buildings visually dramatic and historically intriguing fire-damaged interiors while allowing visitors to learn the story of how it was designed, built and crafted over the centuries.The proposed scheme would renew the house as a fully functioning building, it said, with a new roof, windows, heating and structural repairs to conserve the surviving house, including its Speakers Parlour. Furniture and artworks would be returned to the house to form new displays.Interior walkways and a new public roof terrace will enable new ways of seeing and encountering the house that actively reveal its historic and architectural significance and enhance its visual drama, the practice added. Source:Jim Linwood creative commonsClandon Park House, Surrey, before the 2015 fire which badly damaged itAllies and Morrison was appointed in 2017 to lead the rebuild, following a star-studded contest run by Malcolm Reading Consultants. The top five AJ100 practice selected specialist Purcell to offer conservation design support.The first phase of construction works, repairing exterior walls and stonework, is expected to cost up to 20 million.Clandon Park was built in the 1720s by Venetian architect Giacomo Leoni and left to the National Trust in 1956.