Jun 16, 2025Ravie LakshmananMalware / DevOps Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others. The package, named chimera-sandbox-extensions, attracted 143 downloads and likely targets users of a service called Chimera Sandbox, which was released by Singaporean tech company Grab last August to facilitate "experimentation and development of [machine learning] solutions." The package masquerades as a helper module for Chimera Sandbox, but "aims to steal credentials and other sensitive information such as Jamf configuration, CI/CD environment variables, AWS tokens, and more," JFrog security researcher Guy Korolevski said in a report published last week. Once installed, it attempts to connect to an external domain whose domain name is generated using a domain generation algorithm (DGA) in order to download and execute a next-stage payload. Specifically, the malware acquires from the domain an authentication token, which is then used to send a request to the same domain and retrieve the Python-based information stealer. The stealer malware is equipped to siphon a wide range of data from infected machines. This includes - JAMF receipts, which are records of software packages installed by Jamf Pro on managed computers Pod sandbox environment authentication tokens and git information CI/CD information from environment variables Zscaler host configuration Amazon Web Services account information and tokens Public IP address General platform, user, and host information The kind of data gathered by the malware shows that it's mainly geared towards corporate and cloud infrastructure. In addition, the extraction of JAMF receipts indicates that it's also capable of targeting Apple macOS systems. The collected information is sent via a POST request back to the same domain, after which the server assesses if the machine is a worthy target for further exploitation. However, JFrog said it was unable to obtain the payload at the time of analysis. "The targeted approach employed by this malware, along with the complexity of its multi-stage targeted payload, distinguishes it from the more generic open-source malware threats we have encountered thus far, highlighting the advancements that malicious packages have made recently," Jonathan Sar Shalom, director of threat research at JFrog Security Research team, said. "This new sophistication of malware underscores why development teams remain vigilant with updates—alongside proactive security research – to defend against emerging threats and maintain software integrity." The disclosure comes as SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below - eslint-config-airbnb-compat (676 Downloads) ts-runtime-compat-check (1,588 Downloads) solders (983 Downloads) @mediawave/lib (386 Downloads) All the identified npm packages have since been taken down from npm, but not before they were downloaded hundreds of times from the package registry. SafeDep's analysis of eslint-config-airbnb-compat found that the JavaScript library has ts-runtime-compat-check listed as a dependency, which, in turn, contacts an external server defined in the former package ("proxy.eslint-proxy[.]site") to retrieve and execute a Base64-encoded string. The exact nature of the payload is unknown. "It implements a multi-stage remote code execution attack using a transitive dependency to hide the malicious code," SafeDep researcher Kunal Singh said. Solders, on the other hand, has been found to incorporate a post-install script in its package.json, causing the malicious code to be automatically executed as soon as the package is installed. "At first glance, it's hard to believe that this is actually valid JavaScript," the Veracode Threat Research team said. "It looks like a seemingly random collection of Japanese symbols. It turns out that this particular obfuscation scheme uses the Unicode characters as variable names and a sophisticated chain of dynamic code generation to work." Decoding the script reveals an extra layer of obfuscation, unpacking which reveals its main function: Check if the compromised machine is Windows, and if so, run a PowerShell command to retrieve a next-stage payload from a remote server ("firewall[.]tel"). This second-stage PowerShell script, also obscured, is designed to fetch a Windows batch script from another domain ("cdn.audiowave[.]org") and configures a Windows Defender Antivirus exclusion list to avoid detection. The batch script then paves the way for the execution of a .NET DLL that reaches out to a PNG image hosted on ImgBB ("i.ibb[.]co"). "[The DLL] is grabbing the last two pixels from this image and then looping through some data contained elsewhere in it," Veracode said. "It ultimately builds up in memory YET ANOTHER .NET DLL." Furthermore, the DLL is equipped to create task scheduler entries and features the ability to bypass user account control (UAC) using a combination of FodHelper.exe and programmatic identifiers (ProgIDs) to evade defenses and avoid triggering any security alerts to the user. The newly-downloaded DLL is Pulsar RAT, a "free, open-source Remote Administration Tool for Windows" and a variant of the Quasar RAT. "From a wall of Japanese characters to a RAT hidden within the pixels of a PNG file, the attacker went to extraordinary lengths to conceal their payload, nesting it a dozen layers deep to evade detection," Veracode said. "While the attacker's ultimate objective for deploying the Pulsar RAT remains unclear, the sheer complexity of this delivery mechanism is a powerful indicator of malicious intent." Crypto Malware in the Open-Source Supply Chain The findings also coincide with a report from Socket that identified credential stealers, cryptocurrency drainers, cryptojackers, and clippers as the main types of threats targeting the cryptocurrency and blockchain development ecosystem. Some of the examples of these packages include - express-dompurify and pumptoolforvolumeandcomment, which are capable of harvesting browser credentials and cryptocurrency wallet keys bs58js, which drains a victim's wallet and uses multi-hop transfers to obscure theft and frustrate forensic tracing. lsjglsjdv, asyncaiosignal, and raydium-sdk-liquidity-init, which functions as a clipper to monitor the system clipboard for cryptocurrency wallet strings and replace them with threat actor‑controlled addresses to reroute transactions to the attackers "As Web3 development converges with mainstream software engineering, the attack surface for blockchain-focused projects is expanding in both scale and complexity," Socket security researcher Kirill Boychenko said. "Financially motivated threat actors and state-sponsored groups are rapidly evolving their tactics to exploit systemic weaknesses in the software supply chain. These campaigns are iterative, persistent, and increasingly tailored to high-value targets." AI and Slopsquatting The rise of artificial intelligence (AI)-assisted coding, also called vibe coding, has unleashed another novel threat in the form of slopsquatting, where large language models (LLMs) can hallucinate non-existent but plausible package names that bad actors can weaponize to conduct supply chain attacks. Trend Micro, in a report last week, said it observed an unnamed advanced agent "confidently" cooking up a phantom Python package named starlette-reverse-proxy, only for the build process to crash with the error "module not found." However, should an adversary upload a package with the same name on the repository, it can have serious security consequences. Furthermore, the cybersecurity company noted that advanced coding agents and workflows such as Claude Code CLI, OpenAI Codex CLI, and Cursor AI with Model Context Protocol (MCP)-backed validation can help reduce, but not completely eliminate, the risk of slopsquatting. "When agents hallucinate dependencies or install unverified packages, they create an opportunity for slopsquatting attacks, in which malicious actors pre-register those same hallucinated names on public registries," security researcher Sean Park said. "While reasoning-enhanced agents can reduce the rate of phantom suggestions by approximately half, they do not eliminate them entirely. Even the vibe-coding workflow augmented with live MCP validations achieves the lowest rates of slip-through, but still misses edge cases." Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

A dangerous strain of bird flu is spreading in US livestockMediaMedium/Alamy Since Donald Trump assumed office in January, the leading US public health agency has pulled back preparations for a potential bird flu pandemic. But as it steps back, another government agency is stepping up. While the US Department of Health and Human Services (HHS) previously held regular briefings on its efforts to prevent a wider outbreak of a deadly bird flu virus called H5N1 in people, it largely stopped once Trump took office. It has also cancelled funding for a vaccine that would have targeted the virus. In contrast, the US Department of Agriculture (USDA) has escalated its fight against H5N1’s spread in poultry flocks and dairy herds, including by funding the development of livestock vaccines. This particular virus – a strain of avian influenza called H5N1 – poses a significant threat to humans, having killed about half of the roughly 1000 people worldwide who tested positive for it since 2003. While the pathogen spreads rapidly in birds, it is poorly adapted to infecting humans and isn’t known to transmit between people. But that could change if it acquires mutations that allow it to spread more easily among mammals – a risk that increases with each mammalian infection. The possibility of H5N1 evolving to become more dangerous to people has grown significantly since March 2024, when the virus jumped from migratory birds to dairy cows in Texas. More than 1,070 herds across 17 states have been affected since then. H5N1 also infects poultry, placing the virus in closer proximity to people. Since 2022, nearly 175 million domestic birds have been culled in the US due to H5N1, and almost all of the 71 people who have tested positive for it had direct contact with livestock. Get the most essential health and fitness news in your inbox every Saturday. Sign up to newsletter “We need to take this seriously because when [H5N1] constantly is spreading, it’s constantly spilling over into humans,” says Seema Lakdawala at Emory University in Georgia. The virus has already killed a person in the US and a child in Mexico this year. Still, cases have declined under Trump. The last recorded human case was in February, and the number of affected poultry flocks fell 95 per cent between then and June. Outbreaks in dairy herds have also stabilised. It isn’t clear what is behind the decline. Lakdawala believes it is partly due to a lull in bird migration, which reduces opportunities for the virus to spread from wild birds to livestock. It may also reflect efforts by the USDA to contain outbreaks on farms. In February, the USDA unveiled a $1 billion plan for tackling H5N1, including strengthening farmers’ defences against the virus, such as through free biosecurity assessments. Of the 150 facilities that have undergone assessment, only one has experienced an H5N1 outbreak. Under Trump, the USDA also continued its National Milk Testing Strategy, which mandates farms provide raw milk samples for influenza testing. If a farm is positive for H5N1, it must allow the USDA to monitor livestock and implement measures to contain the virus. The USDA launched the programme in December and has since ramped up participation to 45 states. “The National Milk Testing Strategy is a fantastic system,” says Erin Sorrell at Johns Hopkins University in Maryland. Along with the USDA’s efforts to improve biosecurity measures on farms, milk testing is crucial for containing the outbreak, says Sorrell. But while the USDA has bolstered its efforts against H5N1, the HHS doesn’t appear to have followed suit. In fact, the recent drop in human cases may reflect decreased surveillance due to workforce cuts, says Sorrell. In April, the HHS laid off about 10,000 employees, including 90 per cent of staff at the National Institute for Occupational Safety and Health, an office that helps investigate H5N1 outbreaks in farm workers. “There is an old saying that if you don’t test for something, you can’t find it,” says Sorrell. Yet a spokesperson for the US Centers for Disease Control and Prevention (CDC) says its guidance and surveillance efforts have not changed. “State and local health departments continue to monitor for illness in persons exposed to sick animals,” they told New Scientist. “CDC remains committed to rapidly communicating information as needed about H5N1.” The USDA and HHS also diverge on vaccination. While the USDA has allocated $100 million toward developing vaccines and other solutions for preventing H5N1’s spread in livestock, the HHS cancelled $776 million in contracts for influenza vaccine development. The contracts – terminated on 28 May – were with the pharmaceutical company Moderna to develop vaccines targeting flu subtypes, including H5N1, that could cause future pandemics. The news came the same day Moderna reported nearly 98 per cent of the roughly 300 participants who received two doses of the H5 vaccine in a clinical trial had antibody levels believed to be protective against the virus. The US has about five million H5N1 vaccine doses stockpiled, but these are made using eggs and cultured cells, which take longer to produce than mRNA-based vaccines like Moderna’s. The Moderna vaccine would have modernised the stockpile and enabled the government to rapidly produce vaccines in the event of a pandemic, says Sorrell. “It seems like a very effective platform and would have positioned the US and others to be on good footing if and when we needed a vaccine for our general public,” she says. The HHS cancelled the contracts due to concerns about mRNA vaccines, which Robert F Kennedy Jr – the country’s highest-ranking public health official – has previously cast doubt on. “The reality is that mRNA technology remains under-tested, and we are not going to spend taxpayer dollars repeating the mistakes of the last administration,” said HHS communications director Andrew Nixon in a statement to New Scientist. However, mRNA technology isn’t new. It has been in development for more than half a century and numerous clinical trials have shown mRNA vaccines are safe. While they do carry the risk of side effects – the majority of which are mild – this is true of almost every medical treatment. In a press release, Moderna said it would explore alternative funding paths for the programme. “My stance is that we should not be looking to take anything off the table, and that includes any type of vaccine regimen,” says Lakdawala. “Vaccines are the most effective way to counter an infectious disease,” says Sorrell. “And so having that in your arsenal and ready to go just give you more options.” Topics:

The studio's founders still own the remaining 84.25% of the company.

GKIDS has acquired the North American distribution rights for Shin Godzilla, which hits theaters on August 14, with a home entertainment release to follow. The 4K remaster will feature the original Japanese voice cast with English subtitles, including restored text cards. In the film, something has surfaced in Tokyo Bay. As the Prime Minister of Japan pleads with the public to remain calm, a horrific creature of tremendous size makes landfall in the city, leaving death and destruction in its wake. Then it evolves. Originally released in Japan in 2016, Shin Godzilla is directed by Hideaki Anno (Neon Genesis Evangelion) and Shinji Higuchi (Shin Ultraman), with a screenplay by Anno and VFX by Higuchi. Shin Godzilla won seven Japan Academy Prize awards and was the highest-grossing Japanese-produced Godzilla film prior to 2023’s Godzilla Minus One. Check out the teaser trailer now: Journalist, antique shop owner, aspiring gemologist—L'Wren brings a diverse perspective to animation, where every frame reflects her varied passions.

You might have heard the term "private equity" thrown around lately.Private equity, or "termite capitalism," as it's been ironically called, is a sweeping term for a massive industry built around buying and flipping established companies. These businesses can be just about anything — municipal water utilities, chain restaurants, bottling plants, and even retirement homes.The strategy is largely extractive. When someone flips an abandoned house, they're theoretically making structural repairs and quality-of-life updates, in the hopes of selling for more than the cost of the whole project. At its worst, private equity does the opposite: taking over healthy companies, selling off their assets and laying off employees en masse — hence the "termite" moniker.Now, venture capitalist and tech billionaire Elad Gil is doing something that sounds awfully similar — except that unlike the largely technophobic private equity space, according to a recent profile by TechCrunch, he's been using his immense fortune to buy up companies and reshape them to run using AI.The scheme looks like this: Gil, or a firm he backs, acquires a stable, white-collar business with a healthy cashflow, like a law firm or a marketing agency. Then, Gil "helps them scale through AI" — techno corpospeak for "lay off a bunch of workers and automate their labor with AI" — using the proceeds to buy other firms to add to the empire. Think Sam Bankman-Fried meets "The Blob," and you're not far off.Overall, it's not really a new strategy. "Roll-ups" of small firms into one conglomerate are pretty common in private equity, even if they have some pretty devastating consequences for workers and their communities.By embracing AI, the billionaire insists, "you can increase the margins dramatically and create very different types of businesses." Gil lists tasks like text manipulation, audio, video, coding, and sales as key tasks generative AI can supposedly help streamline — all things it's notoriously awful at, by the way, so you could look at the whole project as a huge bet that the tech will improve dramatically enough for it to succeed."There used to be these technology-enabled roll-ups 10 years ago, and most of them kind of ended up being not really that much of a user of technology," Gil told TC."It was kind of like a thin veneer painted on to increase the valuation of the company," he said without a hint of irony. "I think in the case of AI, you can actually radically change the cost structure of these things."In reality, experts say it's more likely that competition in the tech space and poor performance by AI models make this strategy a bust. But hey, billionaires know best.Share This Article

An artist's illustration of an unlucky massive star approaching a supermassive black hole. Credit: University of Hawai'i Get the Popular Science daily newsletter💡 Breakthroughs, discoveries, and DIY tips sent every weekday. At any given time across the universe, massive cosmic bodies are releasing incomprehensible amounts of energy. Stars burn like celestial nuclear fusion reactors, quasars emit thousands of times the luminosity of the Milky Way galaxy, and asteroids slam into planets. But all of these pale in comparison to a new class of events discovered by researchers at the University of Hawai’i’s Institute for Astronomy (IfA). According to their findings published June 4 in the journal Science Advances, it’s time to classify the universe’s most energetic explosions as extreme nuclear transients–or ENTs. ENTs are as devastating as they are rare. They only occur when a massive star at least three times heavier than the sun drifts too close to a supermassive black hole. The colliding forces subsequently obliterate the star, sending out plumes of energy across huge swaths of space. Similar events known as tidal disruption events (TDEs) are known to occur on a (comparatively) smaller scale, and have been documented for over a decade. But ENTs are something else entirely. “ENTs are different beasts,” study lead author and astronomer Jason Hinkle explained in an accompanying statement. “Not only are ENTs far brighter than normal tidal disruption events, but they remain luminous for years, far surpassing the energy output of even the brightest known supernova explosions.” Hinkle was first tipped off to ENTs while looking into transients—longlasting flares that spew energy from a galaxy’s center. Two particularly strange examples captured by the European Space Agency’s Gaia mission caught his eye. The pair of events brightened over a much longer timeframe than previously documented transients, but lacked some of their usual characteristics. “Gaia doesn’t tell you what a transient is, just that something changed in brightness,” Hinkle said. “But when I saw these smooth, long-lived flares from the centers of distant galaxies, I knew we were looking at something unusual.” Hinkle soon reached out to observatory teams around the world for what would become a multiyear project to understand these anomalies. In the process, a third suspect was detected by the Zwicky Transient Facility at the Palomar Observatory in San Diego. After months of analysis, Hinkle and collaborators realized they were witnessing something unprecedented. An infrared echo tells us that a dusty torus surrounds the central black hole and newly-formed accretion disk. Credit: University of Hawai’i The ENTs analyzed by astronomers displayed smoother, longer lasting flares that pointed towards something very particular—a supermassive black hole accreting a giant, wayward star. This contrasts with a more standard black hole that typically acquires its material and energy unpredictably, resulting in irregular brightness fluctuations. The energy and luminosity of an ENT boggles the mind. The most powerful ENT documented in Hinkle’s study, Gaia18cdj, generated 25 times more energy than the most powerful known supernovae. For reference, a standard supernova puts out as much energy in a single year as the sun does across its entire 10 billion year lifespan. Gaia18cdj, meanwhile, manages to give off 100 suns’ worth of energy over just 12 months. The implications of ENTs and their massive energy surges go far beyond their impressive energy outputs. Astronomers believe they contribute to some of the most pivotal events in the cosmos. “These ENTs don’t just mark the dramatic end of a massive star’s life. They illuminate the processes responsible for growing the largest black holes in the universe,” said Hinkle. From here on Earth, ENTs can also help researchers as they continue studying massive, distant black holes. “Because they’re so bright, we can see them across vast cosmic distances—and in astronomy, looking far away means looking back in time,” explained study co-author and astronomer Benjamin Shappee. “By observing these prolonged flares, we gain insights into black hole growth when the universe was half its current age… forming stars and feeding their supermassive black holes 10 times more vigorously than they do today.” There’s a catch for astronomers, however. While supernovae are relatively well-documented, ENTs are estimated to occur at least 10 million times less often. This means that further study requires consistent monitoring of the cosmos backed by the support of international governments, astronomical associations, and the public.

US-based brokerage firm Robinhood has officially acquired Luxembourg-headquartered crypto exchange Bitstamp. In an announcement posted on June 2, Robinhood said that it paid $200 million (roughly Rs. 1,709 crore) in cash to complete this acquisition. With this, Robinhood has now added over 50 licences held by Bitstamp to its own network. Johann Kerbrat, the general manager of Robinhood Crypto had first spoken about the plan to acquire Bitstamp last year during an interview with the Wall Street Journal.Bitstamp was founded in 2011 and is touted as the longest running crypto exchange in the world. Its offices are located in Singapore, Slovenia, the UK, as well as the US. Robinhood plans to use Bitstamp's resources to bring service offerings to institutional investors, Vlad Tenev, the CEO and co-founder of Robinhood, indicated on X."Bitstamp is now part of Robinhood, adding a globally-scaled crypto exchange and our first-ever institutional crypto business. Our work is just beginning," Tenev posted.Following the announcement, Bitstamp changed its name to "Bitstamp by Robinhood" on various online platforms including X.In an official blog post, Bitstamp said that it "has been trusted for 14 years by institutions for its reliable trade execution, deep order books and industry-leading API connectivity and offerings like crypto-as-a-service, institutional lending, and staking. Robinhood is entering the space with an active and highly trusted business with established relationships."Key Highlights on the AcquisitionRobinhood published some important details about Bitstamp and its acquisition for its investor community on June 2.The American firm disclosed that Bitstamp was catering to over 500,000 retail and around five thousand funded institutional customers as of April 30, 2025. Bitstamp's yearly revenue up till April 30 was clocked at $95 million (roughly Rs. 811 crore)."In 2025, for the remaining seven months of the year post close, Robinhood expects to record approximately $65 million (roughly Rs. 555 crore) of Bitstamp-related costs. These costs are nearly all Adjusted Operating Expenses and are primarily driven by business operations, along with some anticipated integration and deal-related costs," Robinhood's announcement post added.Robinhood will now integrate Bitstamp's infrastructure into its own services and offerings."Bringing Bitstamp's platform and expertise into Robinhood's ecosystem will give users an enhanced trading experience with a continuing commitment to compliance, security, and customer-centricity," JB Graftieaux, CEO of Bitstamp said as commenting on the development.Robinhood's crypto trading service had faced legal challenges with the US SEC last year on allegations of having violated the US Securities laws. However, following Donald Trump's return to the White House as the 47th US President, the SEC closed its investigation into Robinhood and did not take any action.(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)

The new app will reportedly feature a centralized in-game achievement system, leaderboards, communication features, and more.

Apple prepares to cry wolf over gaming again | Opinion Gaming on Apple platforms is set to be a WWDC focus once again – but with the company increasingly pushed to open up its app ecosystem, maybe this time the wolf is real Feature by Rob Fahey Contributing Editor Published on May 30, 2025 Apple's developer-focused annual WWDC event kicks off in a little over a week, which means that it's time once again for one of the industry's most well-established games of farce; in which Apple, the GM, tries to convince us all that this time, no this time, it's really truly serious about gaming, and we, the players, all try to keep our faces straight and our eyes unrolled. It's a ritual that often skips a year or two but always comes back with a vengeance – Apple cites some impressive numbers about hours or dollars spent on games on their platforms, wheels out a famous developer to wax lyrical about the power of the hardware and demonstrate a build of their game, and announces some new iOS features related to gaming. With love-bombing of the games industry complete for another few years, they promptly delete us from their contacts and pretend not to know us when they walk past us in the supermarket. The reason we all still pay attention to this merry-go-round, though, is because just as it's hard to take seriously any of Apple's claims of yet another Damascene conversion to gaming religion, it's also impossible not to take seriously the importance of the platforms the company controls. There are 2.35 billion active Apple computing devices in the world right now. The company doesn't break down those stats into Macs, iPhones, and iPads, but we know there are well over a billion iPhones in those numbers. Most of those devices are perfectly good gaming devices, at least in terms of what their hardware is capable of. The existing mobile gaming market – while a large market by any measure – is still only scratching at the surface of the potential growth for the gaming market that could be reached through that installed base. Having one of Apple's boy-who-cried-wolf moments actually turn into a genuine commitment to gaming would be a major step towards realising that – which makes them very hard to ignore, even if we're pretty sure we know all the steps to this dance by now. So what's this year's love-bombing going to consist of? We don't know which development luminary they'll bring on stage, but it does seem pretty certain that there's a shiny new gaming-centric app that's going to be built into the next release of iOS, replacing the rather clunky Game Centre with a more streamlined game launcher (which may encompass games bought on other stores on macOS, a bit like how the Apple TV app shows the next shows in your watchlists on Netflix and other streaming services) and providing various editorial and social features. Image credit: Apple It's not clear whether this is just a new app, or if it actually represents an overhaul of the services layer of Apple's gaming offerings – for example, whether it's going to have things like chat, matchmaking, teams and so on implemented in a way that centres on the app but also available in games via an overlay or direct integration through an API. That sounds fine and dandy, though of course the Game Centre app this will replace is a reminder of one of the previous iterations of the "Apple is serious about games this time" dance. What's perhaps more interesting, though we don't yet know if it'll get an on-stage mention at WWDC, is that this is coming just as Apple wraps up the acquisition of its first ever game studio – RAC7, the studio best known for creating Sneaky Sasquatch, which has been a very steadily performing hit on the Apple Arcade service since its launch. Now, there's a very obvious caveat here before we start speculating about Apple trying to build out a game development studio system: RAC7 is a micro-studio consisting of just two people, so while it's apparently going to continue operating more or less autonomously as a wholly-owned studio, there's still a bit of a whiff of an acquihire about the situation. It makes sense for Apple to bring a studio that's been pretty solidly committed to Arcade, and successful on the platform, into the fold in this way even if it's only so that they can be used as consultants and testers for upcoming changes to the service offering. The core concept of the Apple Arcade offering – a ton of well-vetted games that are guaranteed not to be packed with microtransactions and ads – remains very compelling, especially for parents While that may be a bit of a letdown to people who got excited at the prospect that Apple would follow its efforts at building up movie and TV production studios with a similar move into gaming, this acquisition does still send a cautiously positive signal. Apple acquires small companies all the time, but it's never done so with a games studio before, so the willingness to do this suggests that it is tacitly aware of a lack of internal know-how and skills related to this market segment, and moreover, that it remains quite committed to Apple Arcade. That second part is important, because honestly, it's quite easy to forget that Apple Arcade exists sometimes. It's a bit of a cypher to a lot of the industry, I think; it was launched with much fanfare but it now essentially just sits there occupying zero mindshare for most of the gaming sector and its consumers. However, there have been some hints that it's actually quite successful commercially – a tricky thing to measure given that its primary commercial target is driving subscription numbers and retention metrics for the all-encompassing Apple One service, but at the very least there's never been a suggestion from Apple that it's unhappy with how it's performing in that regard. The core concept of the offering – a ton of well-vetted games that are guaranteed not to be packed with microtransactions and ads – remains very compelling, especially for parents, and it seems reasonable to posit that it's quietly doing a very solid amount of business off in demographic sectors that rarely engage with the traditional games industry. This, to some extent, might explain why Apple has ghosted the industry after its most recent bouts of love-bombing; Apple Arcade and the infrastructure that supports it isn't terribly meaningful to the traditional games industry, but actually accomplishes quite a lot of Apple's own internal goals with regard to gaming. That leads us to another crucially important piece of context to bear in mind when watching what the company unveils at WWDC this year – that this may be a series of strategic moves that are less about enticing the games industry to focus on Apple platforms, and more about preparing the ground for the possibility of major parts of the games business simply turning up on Apple's turf unannounced and uninvited. That spectre has been raised by various different legislative and legal moves in major markets over the past few years, all of which seem to be pointing in a similar direction – that Apple is going to be forced to open up its platform to third-party app stores, or at the very least streaming apps. The company is still fighting its corner in the courts in a lot of places, but I suspect it knows that the clock is ticking, especially in some of its most lucrative global markets. While the commercial threat posed by actual app stores is probably minimal (most people just aren't going to install a whole other app management ecosystem when the path of least resistance works fine), the threat from game storefronts is very real. Epic, Steam, and Xbox are all potentially going to have functional storefronts on iOS in one form or another in the coming years – which means an end to Apple's era of taking for granted that games will just keep churning out giant stacks of App Store cash despite being largely held at arm's length by the company. Rethinking its gaming app software and buying a small studio are far from sufficient to win a war on this new front if it opens up – but if they indicate some actual momentum building up, they might not be a bad start.

Male fertility rates have been plummeting over the past half-century. An analysis from 1992 noted a steady decrease in sperm counts and quality since the 1940s. A more recent study found that male infertility rates increased nearly 80% from 1990 to 2019. The reasons driving this trend remain a mystery, but frequently cited culprits include obesity, poor diet, and environmental toxins. Infectious diseases such as gonorrhea or chlamydia are often overlooked factors that affect fertility in men. Accumulating evidence suggests that a common single-celled parasite called Toxoplasma gondii may also be a contributor: An April 2025 study showed for the first time that “human sperm lose their heads upon direct contact” with the parasite. I am a microbiologist, and my lab studies Toxoplasma. This new study bolsters emerging findings that underscore the importance of preventing this parasitic infection. The many ways you can get toxoplasmosis Infected cats defecate Toxoplasma eggs into the litter box, garden or other places in the environment where they can be picked up by humans or other animals. Water, shellfish and unwashed fruits and vegetables can also harbor infectious parasite eggs. In addition to eggs, tissue cysts present in the meat of warm-blooded animals can spread toxoplasmosis as well if they are not destroyed by cooking to proper temperature. While most hosts of the parasite can control the initial infection with few if any symptoms, Toxoplasma remains in the body for life as dormant cysts in brain, heart and muscle tissue. These cysts can reactivate and cause additional episodes of severe illness that damage critical organ systems. Between 30% and 50% of the world’s population is permanently infected with Toxoplasma due to the many ways the parasite can spread. Toxoplasma can target male reproductive organs Upon infection, Toxoplasma spreads to virtually every organ and skeletal muscle. Evidence that Toxoplasma can also target human male reproductive organs first surfaced during the height of the AIDS pandemic in the 1980s, when some patients presented with the parasitic infection in their testes. While immunocompromised patients are most at risk for testicular toxoplasmosis, it can also occur in otherwise healthy individuals. Imaging studies of infected mice confirm that Toxoplasma parasites quickly travel to the testes in addition to the brain and eyes within days of infection. Toxoplasma cysts floating in cat feces. DPDx Image Library/CDC In 2017, my colleagues and I found that Toxoplasma can also form cysts in mouse prostates. Researchers have also observed these parasites in the ejaculate of many animals, including human semen, raising the possibility of sexual transmission. Knowing that Toxoplasma can reside in male reproductive organs has prompted analyses of fertility in infected men. A small 2021 study in Prague of 163 men infected with Toxoplasma found that over 86% had semen anomalies. A 2002 study in China found that infertile couples are more likely to have a Toxoplasma infection than fertile couples, 34.83% versus 12.11%. A 2005 study in China also found that sterile men are more likely to test positive for Toxoplasma than fertile men. Not all studies, however, produce a link between toxoplasmosis and sperm quality. Toxoplasma can directly damage human sperm Toxoplasmosis in animals mirrors infection in humans, which allows researchers to address questions that are not easy to examine in people. Testicular function and sperm production are sharply diminished in Toxoplasma-infected mice, rats and rams. Infected mice have significantly lower sperm counts and a higher proportion of abnormally shaped sperm. In that April 2025 study, researchers from Germany, Uruguay, and Chile observed that Toxoplasma can reach the testes and epididymis, the tube where sperm mature and are stored, two days after infection in mice. This finding prompted the team to test what happens when the parasite comes into direct contact with human sperm in a test tube. After only five minutes of exposure to the parasite, 22.4% of sperm cells were beheaded. The number of decapitated sperm increased the longer they interacted with the parasites. Sperm cells that maintained their head were often twisted and misshapen. Some sperm cells had holes in their head, suggesting the parasites were trying to invade them as it would any other type of cell in the organs it infiltrates. In addition to direct contact, Toxoplasma may also damage sperm because the infection promotes chronic inflammation. Inflammatory conditions in the male reproductive tract are harmful to sperm production and function. The researchers speculate that the harmful effects Toxoplasma may have on sperm could be contributing to large global declines in male fertility over the past decades. Sperm exposed to Toxoplasma. Arrows point to holes and other damage to the sperm; asterisks indicate where the parasite has burrowed. The two nonconfronted controls at the bottom show normal sperm. Rojas-Barón et al/The FEBS Journal, CC BY-SA Preventing toxoplasmosis The evidence that Toxoplasma can infiltrate male reproductive organs in animals is compelling, but whether this produces health issues in people remains unclear. Testicular toxoplasmosis shows that parasites can invade human testes, but symptomatic disease is very rare. Studies to date that show defects in the sperm of infected men are too small to draw firm conclusions at this time. Additionally, some reports suggest that rates of toxoplasmosis in high-income countries have not been increasing over the past few decades while male infertility was rising, so it’s likely to only be one part of the puzzle. Regardless of this parasite’s potential effect on fertility, it is wise to avoid Toxoplasma. An infection can cause miscarriage or birth defects if someone acquires it for the first time during pregnancy, and it can be life-threatening for immunocompromised people. Toxoplasma is also the leading cause of death from foodborne illness in the United States. Taking proper care of your cat, promptly cleaning the litter box and thoroughly washing your hands after can help reduce your exposure to Toxoplasma. You can also protect yourself from this parasite by washing fruits and vegetables, cooking meat to proper temperatures before consuming and avoiding raw shellfish, raw water and raw milk. Bill Sullivan, Professor of Microbiology and Immunology, Indiana University. This article is republished from The Conversation under a Creative Commons license. Read the original article.