• 15 riveting images from the 2025 UN World Oceans Day Photo Competition

    Big and Small Underwater Faces — 3rd Place.
    Trips to the Antarctic Peninsula always yield amazing encounters with leopard seals. Boldly approaching me and baring his teeth, this individual was keen to point out that this part of Antarctica was his territory. This picture was shot at dusk, resulting in the rather moody atmosphere.
     
    Credit: Lars von Ritter Zahony/ World Ocean’s Day

    Get the Popular Science daily newsletter
    Breakthroughs, discoveries, and DIY tips sent every weekday.

    The striking eye of a humpback whale named Sweet Girl peers at the camera. Just four days later, she would be dead, hit by a speeding boat and one of the 20,000 whales killed by ship strikes each year. Photographer Rachel Moore’s captivating imageof Sweet Girl earned top honors at the 2025 United Nations World Oceans Day Photo Competition.
    Wonder: Sustaining What Sustains Us — WinnerThis photo, taken in Mo’orea, French Polynesia in 2024, captures the eye of a humpback whale named Sweet Girl, just days before her tragic death. Four days after I captured this intimate moment, she was struck and killed by a fast-moving ship. Her death serves as a heartbreaking reminder of the 20,000 whales lost to ship strikes every year. We are using her story to advocate for stronger protections, petitioning for stricter speed laws around Tahiti and Mo’orea during whale season. I hope Sweet Girl’s legacy will spark real change to protect these incredible animals and prevent further senseless loss.Credit: Rachel Moore/ United Nations World Oceans Day www.unworldoceansday.org
    Now in its twelfth year, the competition coordinated in collaboration between the UN Division for Ocean Affairs and the Law of the Sea, DivePhotoGuide, Oceanic Global, and  the Intergovernmental Oceanographic Commission of UNESCO. Each year, thousands of underwater photographers submit images that judges award prizes for across four categories: Big and Small Underwater Faces, Underwater Seascapes, Above Water Seascapes, and Wonder: Sustaining What Sustains Us.
    This year’s winning images include a curious leopard seal, a swarm of jellyfish, and a very grumpy looking Japanese warbonnet. Given our oceans’ perilous state, all competition participants were required to sign a charter of 14 commitments regarding ethics in photography.
    Underwater Seascapes — Honorable MentionWith only orcas as their natural predators, leopard seals are Antarctica’s most versatile hunters, preying on everything from fish and cephalopods to penguins and other seals. Gentoo penguins are a favored menu item, and leopard seals can be observed patrolling the waters around their colonies. For this shot, I used a split image to capture both worlds: the gentoo penguin colony in the background with the leopard seal on the hunt in the foreground.Credit: Lars von Ritter Zahony/ United Nations World Oceans Day www.unworldoceansday.org
    Above Water Seascapes – WinnerA serene lake cradled by arid dunes, where a gentle stream breathes life into the heart of Mother Earth’s creation: Captured from an airplane, this image reveals the powerful contrasts and hidden beauty where land and ocean meet, reminding us that the ocean is the source of all life and that everything in nature is deeply connected. The location is a remote stretch of coastline near Shark Bay, Western Australia.Credit: Leander Nardin/ United Nations World Oceans Day www.unworldoceansday.org
    Above Water Seascapes — 3rd PlaceParadise Harbour is one of the most beautiful places on the Antarctic Peninsula. When I visited, the sea was extremely calm, and I was lucky enough to witness a wonderfully clear reflection of the Suárez Glacierin the water. The only problem was the waves created by our speedboat, and the only way to capture the perfect reflection was to lie on the bottom of the boat while it moved towards the glacier.Credit: Andrey Nosik/ United Nations World Oceans Day www.unworldoceansday.org
    Underwater Seascapes — 3rd Place“La Rapadura” is a natural hidden treasure on the northern coast of Tenerife, in the Spanish territory of the Canary Islands. Only discovered in 1996, it is one of the most astonishing underwater landscapes in the world, consistently ranking among the planet’s best dive sites. These towering columns of basalt are the result of volcanic processes that occurred between 500,000 and a million years ago. The formation was created when a basaltic lava flow reached the ocean, where, upon cooling and solidifying, it contracted, creating natural structures often compared to the pipes of church organs. Located in a region where marine life has been impacted by once common illegal fishing practices, this stunning natural monument has both geological and ecological value, and scientists and underwater photographers are advocating for its protection.Credit: Pedro Carrillo/ United Nations World Oceans Day www.unworldoceansday.org
    Underwater Seascapes — WinnerThis year, I had the incredible opportunity to visit a jellyfish lake during a liveaboard trip around southern Raja Ampat, Indonesia. Being surrounded by millions of jellyfish, which have evolved to lose their stinging ability due to the absence of predators, was one of the most breathtaking experiences I’ve ever had.Credit: Dani Escayola/ United Nations World Oceans Day www.unworldoceansday.org
    Underwater Seascapes — 2nd PlaceThis shot captures a school of rays resting at a cleaning station in Mauritius, where strong currents once attracted them regularly. Some rays grew accustomed to divers, allowing close encounters like this. Sadly, after the severe bleaching that the reefs here suffered last year, such gatherings have become rare, and I fear I may not witness this again at the same spot.Credit: Gerald Rambert/ United Nations World Oceans Day www.unworldoceansday.org
    Wonder: Sustaining What Sustains Us — 3rd PlaceShot in Cuba’s Jardines de la Reina—a protected shark sanctuary—this image captures a Caribbean reef shark weaving through a group of silky sharks near the surface. Using a slow shutter and strobes as the shark pivoted sharply, the motion blurred into a wave-like arc across its head, lit by the golden hues of sunset. The abundance and behavior of sharks here is a living symbol of what protected oceans can look like.Credit: Steven Lopez/ United Nations World Oceans Day www.unworldoceansday.org
     Above Water Seascapes — 2nd PlaceNorthern gannetssoar above the dramatic cliffs of Scotland’s Hermaness National Nature Reserve, their sleek white bodies and black-tipped wings slicing through the Shetland winds. These seabirds, the largest in the North Atlantic, are renowned for their striking plunge-dives, reaching speeds up to 100 kphas they hunt for fish beneath the waves. The cliffs of Hermaness provide ideal nesting sites, with updrafts aiding their take-offs and landings. Each spring, thousands return to this rugged coastline, forming one of the UK’s most significant gannet colonies. It was a major challenge to take photos at the edge of these cliffs at almost 200 meterswith the winds up to 30 kph.Credit: Nur Tucker/ United Nations World Oceans Day www.unworldoceansday.org
    Above Water Seascapes — Honorable MentionA South Atlantic swell breaks on the Dungeons Reef off the Cape Peninsula, South Africa, shot while photographing a big-wave surf session in October 2017. It’s the crescendoing sounds of these breaking swells that always amazes me.Credit: Ken Findlay/ United Nations World Oceans Day www.unworldoceansday.org
    Wonder: Sustaining What Sustains Us — Honorable MentionHumpback whales in their thousands migrate along the Ningaloo Reef in Western Australia every year on the way to and from their calving grounds. In four seasons of swimming with them on the reef here, this is the only encounter I’ve had like this one. This pair of huge adult whales repeatedly spy-hopped alongside us, seeking to interact with and investigate us, leaving me completely breathless. The female in the foreground was much more confident than the male behind and would constantly make close approaches, whilst the male hung back a little, still interested but shy. After more than 10 years working with wildlife in the water, this was one of the best experiences of my life.Credit: Ollie Clarke/ United Nations World Oceans Day www.unworldoceansday.org
    Big and Small Underwater Faces — 2nd PlaceOn one of my many blackwater dives in Anilao, in the Philippines, my guide and I spotted something moving erratically at a depth of around 20 meters, about 10 to 15 centimeters in size. We quickly realized that it was a rare blanket octopus. As we approached, it opened up its beautiful blanket, revealing its multicolored mantle. I managed to take a few shots before it went on its way. I felt truly privileged to have captured this fascinating deep-sea cephalopod. Among its many unique characteristics, this species exhibits some of the most extreme sexual size-dimorphism in nature, with females weighing up to 40,000 times more than males.Credit: Giacomo Marchione/ United Nations World Oceans Day www.unworldoceansday.org
    Big and Small Underwater Faces – WinnerThis photo of a Japanese warbonnetwas captured in the Sea of Japan, about 50 milessouthwest of Vladivostok, Russia. I found the ornate fish at a depth of about 30 meters, under the stern of a shipwreck. This species does not appear to be afraid of divers—on the contrary, it seems to enjoy the attention—and it even tried to sit on the dome port of my camera.Credit: Andrey Nosik/ United Nations World Oceans Day www.unworldoceansday.org
    Wonder: Sustaining What Sustains Us — 2nd PlaceA juvenile pinnate batfishcaptured with a slow shutter speed, a snooted light, and deliberate camera panning to create a sense of motion and drama. Juvenile pinnate batfish are known for their striking black bodies outlined in vibrant orange—a coloration they lose within just a few months as they mature. I encountered this restless subject in the tropical waters of Indonesia’s Lembeh Strait. Capturing this image took patience and persistence over two dives, as these active young fish constantly dart for cover in crevices, making the shot particularly challenging.Credit: Luis Arpa/ United Nations World Oceans Day www.unworldoceansday.org
    #riveting #images #world #oceans #dayphoto
    15 riveting images from the 2025 UN World Oceans Day Photo Competition
    Big and Small Underwater Faces — 3rd Place. Trips to the Antarctic Peninsula always yield amazing encounters with leopard seals. Boldly approaching me and baring his teeth, this individual was keen to point out that this part of Antarctica was his territory. This picture was shot at dusk, resulting in the rather moody atmosphere.   Credit: Lars von Ritter Zahony/ World Ocean’s Day Get the Popular Science daily newsletter💡 Breakthroughs, discoveries, and DIY tips sent every weekday. The striking eye of a humpback whale named Sweet Girl peers at the camera. Just four days later, she would be dead, hit by a speeding boat and one of the 20,000 whales killed by ship strikes each year. Photographer Rachel Moore’s captivating imageof Sweet Girl earned top honors at the 2025 United Nations World Oceans Day Photo Competition. Wonder: Sustaining What Sustains Us — WinnerThis photo, taken in Mo’orea, French Polynesia in 2024, captures the eye of a humpback whale named Sweet Girl, just days before her tragic death. Four days after I captured this intimate moment, she was struck and killed by a fast-moving ship. Her death serves as a heartbreaking reminder of the 20,000 whales lost to ship strikes every year. We are using her story to advocate for stronger protections, petitioning for stricter speed laws around Tahiti and Mo’orea during whale season. I hope Sweet Girl’s legacy will spark real change to protect these incredible animals and prevent further senseless loss.Credit: Rachel Moore/ United Nations World Oceans Day www.unworldoceansday.org Now in its twelfth year, the competition coordinated in collaboration between the UN Division for Ocean Affairs and the Law of the Sea, DivePhotoGuide, Oceanic Global, and  the Intergovernmental Oceanographic Commission of UNESCO. Each year, thousands of underwater photographers submit images that judges award prizes for across four categories: Big and Small Underwater Faces, Underwater Seascapes, Above Water Seascapes, and Wonder: Sustaining What Sustains Us. This year’s winning images include a curious leopard seal, a swarm of jellyfish, and a very grumpy looking Japanese warbonnet. Given our oceans’ perilous state, all competition participants were required to sign a charter of 14 commitments regarding ethics in photography. Underwater Seascapes — Honorable MentionWith only orcas as their natural predators, leopard seals are Antarctica’s most versatile hunters, preying on everything from fish and cephalopods to penguins and other seals. Gentoo penguins are a favored menu item, and leopard seals can be observed patrolling the waters around their colonies. For this shot, I used a split image to capture both worlds: the gentoo penguin colony in the background with the leopard seal on the hunt in the foreground.Credit: Lars von Ritter Zahony/ United Nations World Oceans Day www.unworldoceansday.org Above Water Seascapes – WinnerA serene lake cradled by arid dunes, where a gentle stream breathes life into the heart of Mother Earth’s creation: Captured from an airplane, this image reveals the powerful contrasts and hidden beauty where land and ocean meet, reminding us that the ocean is the source of all life and that everything in nature is deeply connected. The location is a remote stretch of coastline near Shark Bay, Western Australia.Credit: Leander Nardin/ United Nations World Oceans Day www.unworldoceansday.org Above Water Seascapes — 3rd PlaceParadise Harbour is one of the most beautiful places on the Antarctic Peninsula. When I visited, the sea was extremely calm, and I was lucky enough to witness a wonderfully clear reflection of the Suárez Glacierin the water. The only problem was the waves created by our speedboat, and the only way to capture the perfect reflection was to lie on the bottom of the boat while it moved towards the glacier.Credit: Andrey Nosik/ United Nations World Oceans Day www.unworldoceansday.org Underwater Seascapes — 3rd Place“La Rapadura” is a natural hidden treasure on the northern coast of Tenerife, in the Spanish territory of the Canary Islands. Only discovered in 1996, it is one of the most astonishing underwater landscapes in the world, consistently ranking among the planet’s best dive sites. These towering columns of basalt are the result of volcanic processes that occurred between 500,000 and a million years ago. The formation was created when a basaltic lava flow reached the ocean, where, upon cooling and solidifying, it contracted, creating natural structures often compared to the pipes of church organs. Located in a region where marine life has been impacted by once common illegal fishing practices, this stunning natural monument has both geological and ecological value, and scientists and underwater photographers are advocating for its protection.Credit: Pedro Carrillo/ United Nations World Oceans Day www.unworldoceansday.org Underwater Seascapes — WinnerThis year, I had the incredible opportunity to visit a jellyfish lake during a liveaboard trip around southern Raja Ampat, Indonesia. Being surrounded by millions of jellyfish, which have evolved to lose their stinging ability due to the absence of predators, was one of the most breathtaking experiences I’ve ever had.Credit: Dani Escayola/ United Nations World Oceans Day www.unworldoceansday.org Underwater Seascapes — 2nd PlaceThis shot captures a school of rays resting at a cleaning station in Mauritius, where strong currents once attracted them regularly. Some rays grew accustomed to divers, allowing close encounters like this. Sadly, after the severe bleaching that the reefs here suffered last year, such gatherings have become rare, and I fear I may not witness this again at the same spot.Credit: Gerald Rambert/ United Nations World Oceans Day www.unworldoceansday.org Wonder: Sustaining What Sustains Us — 3rd PlaceShot in Cuba’s Jardines de la Reina—a protected shark sanctuary—this image captures a Caribbean reef shark weaving through a group of silky sharks near the surface. Using a slow shutter and strobes as the shark pivoted sharply, the motion blurred into a wave-like arc across its head, lit by the golden hues of sunset. The abundance and behavior of sharks here is a living symbol of what protected oceans can look like.Credit: Steven Lopez/ United Nations World Oceans Day www.unworldoceansday.org  Above Water Seascapes — 2nd PlaceNorthern gannetssoar above the dramatic cliffs of Scotland’s Hermaness National Nature Reserve, their sleek white bodies and black-tipped wings slicing through the Shetland winds. These seabirds, the largest in the North Atlantic, are renowned for their striking plunge-dives, reaching speeds up to 100 kphas they hunt for fish beneath the waves. The cliffs of Hermaness provide ideal nesting sites, with updrafts aiding their take-offs and landings. Each spring, thousands return to this rugged coastline, forming one of the UK’s most significant gannet colonies. It was a major challenge to take photos at the edge of these cliffs at almost 200 meterswith the winds up to 30 kph.Credit: Nur Tucker/ United Nations World Oceans Day www.unworldoceansday.org Above Water Seascapes — Honorable MentionA South Atlantic swell breaks on the Dungeons Reef off the Cape Peninsula, South Africa, shot while photographing a big-wave surf session in October 2017. It’s the crescendoing sounds of these breaking swells that always amazes me.Credit: Ken Findlay/ United Nations World Oceans Day www.unworldoceansday.org Wonder: Sustaining What Sustains Us — Honorable MentionHumpback whales in their thousands migrate along the Ningaloo Reef in Western Australia every year on the way to and from their calving grounds. In four seasons of swimming with them on the reef here, this is the only encounter I’ve had like this one. This pair of huge adult whales repeatedly spy-hopped alongside us, seeking to interact with and investigate us, leaving me completely breathless. The female in the foreground was much more confident than the male behind and would constantly make close approaches, whilst the male hung back a little, still interested but shy. After more than 10 years working with wildlife in the water, this was one of the best experiences of my life.Credit: Ollie Clarke/ United Nations World Oceans Day www.unworldoceansday.org Big and Small Underwater Faces — 2nd PlaceOn one of my many blackwater dives in Anilao, in the Philippines, my guide and I spotted something moving erratically at a depth of around 20 meters, about 10 to 15 centimeters in size. We quickly realized that it was a rare blanket octopus. As we approached, it opened up its beautiful blanket, revealing its multicolored mantle. I managed to take a few shots before it went on its way. I felt truly privileged to have captured this fascinating deep-sea cephalopod. Among its many unique characteristics, this species exhibits some of the most extreme sexual size-dimorphism in nature, with females weighing up to 40,000 times more than males.Credit: Giacomo Marchione/ United Nations World Oceans Day www.unworldoceansday.org Big and Small Underwater Faces – WinnerThis photo of a Japanese warbonnetwas captured in the Sea of Japan, about 50 milessouthwest of Vladivostok, Russia. I found the ornate fish at a depth of about 30 meters, under the stern of a shipwreck. This species does not appear to be afraid of divers—on the contrary, it seems to enjoy the attention—and it even tried to sit on the dome port of my camera.Credit: Andrey Nosik/ United Nations World Oceans Day www.unworldoceansday.org Wonder: Sustaining What Sustains Us — 2nd PlaceA juvenile pinnate batfishcaptured with a slow shutter speed, a snooted light, and deliberate camera panning to create a sense of motion and drama. Juvenile pinnate batfish are known for their striking black bodies outlined in vibrant orange—a coloration they lose within just a few months as they mature. I encountered this restless subject in the tropical waters of Indonesia’s Lembeh Strait. Capturing this image took patience and persistence over two dives, as these active young fish constantly dart for cover in crevices, making the shot particularly challenging.Credit: Luis Arpa/ United Nations World Oceans Day www.unworldoceansday.org #riveting #images #world #oceans #dayphoto
    WWW.POPSCI.COM
    15 riveting images from the 2025 UN World Oceans Day Photo Competition
    Big and Small Underwater Faces — 3rd Place. Trips to the Antarctic Peninsula always yield amazing encounters with leopard seals (Hydrurga leptonyx). Boldly approaching me and baring his teeth, this individual was keen to point out that this part of Antarctica was his territory. This picture was shot at dusk, resulting in the rather moody atmosphere.   Credit: Lars von Ritter Zahony (Germany) / World Ocean’s Day Get the Popular Science daily newsletter💡 Breakthroughs, discoveries, and DIY tips sent every weekday. The striking eye of a humpback whale named Sweet Girl peers at the camera. Just four days later, she would be dead, hit by a speeding boat and one of the 20,000 whales killed by ship strikes each year. Photographer Rachel Moore’s captivating image (seen below) of Sweet Girl earned top honors at the 2025 United Nations World Oceans Day Photo Competition. Wonder: Sustaining What Sustains Us — WinnerThis photo, taken in Mo’orea, French Polynesia in 2024, captures the eye of a humpback whale named Sweet Girl, just days before her tragic death. Four days after I captured this intimate moment, she was struck and killed by a fast-moving ship. Her death serves as a heartbreaking reminder of the 20,000 whales lost to ship strikes every year. We are using her story to advocate for stronger protections, petitioning for stricter speed laws around Tahiti and Mo’orea during whale season. I hope Sweet Girl’s legacy will spark real change to protect these incredible animals and prevent further senseless loss.Credit: Rachel Moore (USA) / United Nations World Oceans Day www.unworldoceansday.org Now in its twelfth year, the competition coordinated in collaboration between the UN Division for Ocean Affairs and the Law of the Sea, DivePhotoGuide (DPG), Oceanic Global, and  the Intergovernmental Oceanographic Commission of UNESCO. Each year, thousands of underwater photographers submit images that judges award prizes for across four categories: Big and Small Underwater Faces, Underwater Seascapes, Above Water Seascapes, and Wonder: Sustaining What Sustains Us. This year’s winning images include a curious leopard seal, a swarm of jellyfish, and a very grumpy looking Japanese warbonnet. Given our oceans’ perilous state, all competition participants were required to sign a charter of 14 commitments regarding ethics in photography. Underwater Seascapes — Honorable MentionWith only orcas as their natural predators, leopard seals are Antarctica’s most versatile hunters, preying on everything from fish and cephalopods to penguins and other seals. Gentoo penguins are a favored menu item, and leopard seals can be observed patrolling the waters around their colonies. For this shot, I used a split image to capture both worlds: the gentoo penguin colony in the background with the leopard seal on the hunt in the foreground.Credit: Lars von Ritter Zahony (Germany) / United Nations World Oceans Day www.unworldoceansday.org Above Water Seascapes – WinnerA serene lake cradled by arid dunes, where a gentle stream breathes life into the heart of Mother Earth’s creation: Captured from an airplane, this image reveals the powerful contrasts and hidden beauty where land and ocean meet, reminding us that the ocean is the source of all life and that everything in nature is deeply connected. The location is a remote stretch of coastline near Shark Bay, Western Australia.Credit: Leander Nardin (Austria) / United Nations World Oceans Day www.unworldoceansday.org Above Water Seascapes — 3rd PlaceParadise Harbour is one of the most beautiful places on the Antarctic Peninsula. When I visited, the sea was extremely calm, and I was lucky enough to witness a wonderfully clear reflection of the Suárez Glacier (aka Petzval Glacier) in the water. The only problem was the waves created by our speedboat, and the only way to capture the perfect reflection was to lie on the bottom of the boat while it moved towards the glacier.Credit: Andrey Nosik (Russia) / United Nations World Oceans Day www.unworldoceansday.org Underwater Seascapes — 3rd Place“La Rapadura” is a natural hidden treasure on the northern coast of Tenerife, in the Spanish territory of the Canary Islands. Only discovered in 1996, it is one of the most astonishing underwater landscapes in the world, consistently ranking among the planet’s best dive sites. These towering columns of basalt are the result of volcanic processes that occurred between 500,000 and a million years ago. The formation was created when a basaltic lava flow reached the ocean, where, upon cooling and solidifying, it contracted, creating natural structures often compared to the pipes of church organs. Located in a region where marine life has been impacted by once common illegal fishing practices, this stunning natural monument has both geological and ecological value, and scientists and underwater photographers are advocating for its protection. (Model: Yolanda Garcia)Credit: Pedro Carrillo (Spain) / United Nations World Oceans Day www.unworldoceansday.org Underwater Seascapes — WinnerThis year, I had the incredible opportunity to visit a jellyfish lake during a liveaboard trip around southern Raja Ampat, Indonesia. Being surrounded by millions of jellyfish, which have evolved to lose their stinging ability due to the absence of predators, was one of the most breathtaking experiences I’ve ever had.Credit: Dani Escayola (Spain) / United Nations World Oceans Day www.unworldoceansday.org Underwater Seascapes — 2nd PlaceThis shot captures a school of rays resting at a cleaning station in Mauritius, where strong currents once attracted them regularly. Some rays grew accustomed to divers, allowing close encounters like this. Sadly, after the severe bleaching that the reefs here suffered last year, such gatherings have become rare, and I fear I may not witness this again at the same spot.Credit: Gerald Rambert (Mauritius) / United Nations World Oceans Day www.unworldoceansday.org Wonder: Sustaining What Sustains Us — 3rd PlaceShot in Cuba’s Jardines de la Reina—a protected shark sanctuary—this image captures a Caribbean reef shark weaving through a group of silky sharks near the surface. Using a slow shutter and strobes as the shark pivoted sharply, the motion blurred into a wave-like arc across its head, lit by the golden hues of sunset. The abundance and behavior of sharks here is a living symbol of what protected oceans can look like.Credit: Steven Lopez (USA) / United Nations World Oceans Day www.unworldoceansday.org  Above Water Seascapes — 2nd PlaceNorthern gannets (Morus bassanus) soar above the dramatic cliffs of Scotland’s Hermaness National Nature Reserve, their sleek white bodies and black-tipped wings slicing through the Shetland winds. These seabirds, the largest in the North Atlantic, are renowned for their striking plunge-dives, reaching speeds up to 100 kph (60 mph) as they hunt for fish beneath the waves. The cliffs of Hermaness provide ideal nesting sites, with updrafts aiding their take-offs and landings. Each spring, thousands return to this rugged coastline, forming one of the UK’s most significant gannet colonies. It was a major challenge to take photos at the edge of these cliffs at almost 200 meters (650 feet) with the winds up to 30 kph (20 mph).Credit: Nur Tucker (UK/Turkey) / United Nations World Oceans Day www.unworldoceansday.org Above Water Seascapes — Honorable MentionA South Atlantic swell breaks on the Dungeons Reef off the Cape Peninsula, South Africa, shot while photographing a big-wave surf session in October 2017. It’s the crescendoing sounds of these breaking swells that always amazes me.Credit: Ken Findlay (South Africa) / United Nations World Oceans Day www.unworldoceansday.org Wonder: Sustaining What Sustains Us — Honorable MentionHumpback whales in their thousands migrate along the Ningaloo Reef in Western Australia every year on the way to and from their calving grounds. In four seasons of swimming with them on the reef here, this is the only encounter I’ve had like this one. This pair of huge adult whales repeatedly spy-hopped alongside us, seeking to interact with and investigate us, leaving me completely breathless. The female in the foreground was much more confident than the male behind and would constantly make close approaches, whilst the male hung back a little, still interested but shy. After more than 10 years working with wildlife in the water, this was one of the best experiences of my life.Credit: Ollie Clarke (UK) / United Nations World Oceans Day www.unworldoceansday.org Big and Small Underwater Faces — 2nd PlaceOn one of my many blackwater dives in Anilao, in the Philippines, my guide and I spotted something moving erratically at a depth of around 20 meters (65 feet), about 10 to 15 centimeters in size. We quickly realized that it was a rare blanket octopus (Tremoctopus sp.). As we approached, it opened up its beautiful blanket, revealing its multicolored mantle. I managed to take a few shots before it went on its way. I felt truly privileged to have captured this fascinating deep-sea cephalopod. Among its many unique characteristics, this species exhibits some of the most extreme sexual size-dimorphism in nature, with females weighing up to 40,000 times more than males.Credit: Giacomo Marchione (Italy) / United Nations World Oceans Day www.unworldoceansday.org Big and Small Underwater Faces – WinnerThis photo of a Japanese warbonnet (Chirolophis japonicus) was captured in the Sea of Japan, about 50 miles (80 kilometers) southwest of Vladivostok, Russia. I found the ornate fish at a depth of about 30 meters (100 feet), under the stern of a shipwreck. This species does not appear to be afraid of divers—on the contrary, it seems to enjoy the attention—and it even tried to sit on the dome port of my camera.Credit: Andrey Nosik (Russia) / United Nations World Oceans Day www.unworldoceansday.org Wonder: Sustaining What Sustains Us — 2nd PlaceA juvenile pinnate batfish (Platax pinnatus) captured with a slow shutter speed, a snooted light, and deliberate camera panning to create a sense of motion and drama. Juvenile pinnate batfish are known for their striking black bodies outlined in vibrant orange—a coloration they lose within just a few months as they mature. I encountered this restless subject in the tropical waters of Indonesia’s Lembeh Strait. Capturing this image took patience and persistence over two dives, as these active young fish constantly dart for cover in crevices, making the shot particularly challenging.Credit: Luis Arpa (Spain) / United Nations World Oceans Day www.unworldoceansday.org
    0 Comentários 0 Compartilhamentos
  • Op-ed: Canada’s leadership in solar air heating—Innovation and flagship projects

    Solar air heating is among the most cost-effective applications of solar thermal energy. These systems are used for space heating and preheating fresh air for ventilation, typically using glazed or unglazed perforated solar collectors. The collectors draw in outside air, heat it using solar energy, and then distribute it through ductwork to meet building heating and fresh air needs. In 2024, Canada led again the world for the at least seventh year in a row in solar air heating adoption. The four key suppliers – Trigo Energies, Conserval Engineering, Matrix Energy, and Aéronergie – reported a combined 26,203 m2of collector area sold last year. Several of these providers are optimistic about the growing demand. These findings come from the newly released Canadian Solar Thermal Market Survey 2024, commissioned by Natural Resources Canada.
    Canada is the global leader in solar air heating. The market is driven by a strong network of experienced system suppliers, optimized technologies, and a few small favorable funding programs – especially in the province of Quebec. Architects and developers are increasingly turning to these cost-effective, façade-integrated systems as a practical solution for reducing onsite natural gas consumption.
    Despite its cold climate, Canada benefits from strong solar potential with solar irradiance in many areas rivaling or even exceeding that of parts of Europe. This makes solar air heating not only viable, but especially valuable in buildings with high fresh air requirements including schools, hospitals, and offices. The projects highlighted in this article showcase the versatility and relevance of solar air heating across a range of building types, from new constructions to retrofits.
    Figure 1: Preheating air for industrial buildings: 2,750 m2of Calento SL solar air collectors cover all south-west and south-east facing facades of the FAB3R factory in Trois-Rivières, Quebec. The hourly unitary flow rate is set at 41 m3/m2 or 2.23 cfm/ft2 of collector area, at the lower range because only a limited number of intake fans was close enough to the solar façade to avoid long ventilation ductwork. Photo: Trigo Energies
    Quebec’s solar air heating boom: the Trigo Energies story
    Trigo Energies makes almost 90 per cent of its sales in Quebec. “We profit from great subsidies, as solar air systems are supported by several organizations in our province – the electricity utility Hydro Quebec, the gas utility Energir and the Ministry of Natural Resources,” explained Christian Vachon, Vice President Technologies and R&D at Trigo Energies.
    Trigo Energies currently has nine employees directly involved in planning, engineering and installing solar air heating systems and teams up with several partner contractors to install mostly retrofit projects. “A high degree of engineering is required to fit a solar heating system into an existing factory,” emphasized Vachon. “Knowledge about HVAC engineering is as important as experience with solar thermal and architecture.”
    One recent Trigo installation is at the FAB3R factory in Trois-Rivières. FAB3R specializes in manufacturing, repairing, and refurbishing large industrial equipment. Its air heating and ventilation system needed urgent renovation because of leakages and discomfort for the workers. “Due to many positive references he had from industries in the area, the owner of FAB3R contacted us,” explained Vachon. “The existence of subsidies helped the client to go for a retrofitting project including solar façade at once instead of fixing the problems one bit at a time.” Approximately 50 per cent of the investment costs for both the solar air heating and the renovation of the indoor ventilation system were covered by grants and subsidies. FAB3R profited from an Energir grant targeted at solar preheating, plus an investment subsidy from the Government of Quebec’s EcoPerformance Programme.
     
    Blue or black, but always efficient: the advanced absorber coating
    In October 2024, the majority of the new 2,750 m²solar façade at FAB3R began operation. According to Vachon, the system is expected to cover approximately 13 per cent of the factory’s annual heating demand, which is otherwise met by natural gas. Trigo Energies equipped the façade with its high-performance Calento SL collectors, featuring a notable innovation: a selective, low-emissivity coating that withstands outdoor conditions. Introduced by Trigo in 2019 and manufactured by Almeco Group from Italy, this advanced coating is engineered to maximize solar absorption while minimizing heat loss via infrared emission, enhancing the overall efficiency of the system.
    The high efficiency coating is now standard in Trigo’s air heating systems. According to the manufacturer, the improved collector design shows a 25 to 35 per cent increase in yield over the former generation of solar air collectors with black paint. Testing conducted at Queen’s University confirms this performance advantage. Researchers measured the performance of transpired solar air collectors both with and without a selective coating, mounted side-by-side on a south-facing vertical wall. The results showed that the collectors with the selective coating produced 1.3 to 1.5 times more energy than those without it. In 2024, the monitoring results were jointly published by Queen’s University and Canmat Energy in a paper titled Performance Comparison of a Transpired Air Solar Collector with Low-E Surface Coating.
    Selective coating, also used on other solar thermal technologies including glazed flat plate or vacuum tube collectors, has a distinctive blue color. Trigo customers can, however, choose between blue and black finishes. “By going from the normal blue selective coating to black selective coating, which Almeco is specially producing for Trigo, we lose about 1 per cent in solar efficiency,” explained Vachon.
    Figure 2: Building-integrated solar air heating façade with MatrixAir collectors at the firehall building in Mont Saint Hilaire, south of Montreal. The 190 m2south-facing wall preheats the fresh air, reducing natural gas consumption by 18 per cent compared to the conventional make-up system. Architect: Leclerc Architecture. Photo: Matrix Energy
    Matrix Energy: collaborating with architects and engineers in new builds
    The key target customer group of Matrix Energy are public buildings – mainly new construction. “Since the pandemic, schools are more conscious about fresh air, and solar preheating of the incoming fresh air has a positive impact over the entire school year,” noted Brian Wilkinson, President of Matrix Energy.
    Matrix Energy supplies systems across Canada, working with local partners to source and process the metal sheets used in their MatrixAir collectors. These metal sheets are perforated and then formed into architectural cladding profiles. The company exclusively offers unglazed, single-stage collectors, citing fire safety concerns associated with polymeric covers.
    “We have strong relationships with many architects and engineers who appreciate the simplicity and cost-effectiveness of transpired solar air heating systems,” said President Brian Wilkinson, describing the company’s sales approach. “Matrix handles system design and supplies the necessary materials, while installation is carried out by specialized cladding and HVAC contractors overseen by on-site architects and engineers,” Wilkinson added.
    Finding the right flow: the importance of unitary airflow rates
    One of the key design factors in solar air heating systems is the amount of air that passes through each square meter of the perforated metal absorber,  known as the unitary airflow rate. The principle is straightforward: higher airflow rates deliver more total heat to the building, while lower flow rates result in higher outlet air temperatures. Striking the right balance between air volume and temperature gain is essential for efficient system performance.
    For unglazed collectors mounted on building façades, typical hourly flow rates should range between 120 and 170, or 6.6 to 9.4 cfm/ft2. However, Wilkinson suggests that an hourly airflow rate of around 130 m³/h/m²offers the best cost-benefit balance for building owners. If the airflow is lower, the system will deliver higher air temperatures, but it would then need a much larger collector area to achieve the same air volume and optimum performance, he explained.
    It’s also crucial for the flow rate to overcome external wind pressure. As wind passes over the absorber, air flow through the collector’s perforations is reduced, resulting in heat losses to the environment. This effect becomes even more pronounced in taller buildings, where wind exposure is greater. To ensure the system performs well even in these conditions, higher hourly airflow rates typically between 150 and 170 m³/m² are necessary.
    Figure 3: One of three apartment blocks of the Maple House in Toronto’s Canary District. Around 160 m2of SolarWall collectors clad the two-storey mechanical penthouse on the roof. The rental flats have been occupied since the beginning of 2024. Collaborators: architects-Alliance, Claude Cormier et Associés, Thornton Tomasetti, RWDI, Cole Engineering, DesignAgency, MVShore, BA Group, EllisDon. Photo: Conserval Engineering
    Solar air heating systems support LEED-certified building designs
    Solar air collectors are also well-suited for use in multi-unit residential buildings. A prime example is the Canary District in Toronto, where single-stage SolarWall collectors from Conserval Engineering have been installed on several MURBs to clad the mechanical penthouses. “These penthouses are an ideal location for our air heating collectors, as they contain the make-up air units that supply corridor ventilation throughout the building,” explained Victoria Hollick, Vice President of Conserval Engineering. “The walls are typically finished with metal façades, which can be seamlessly replaced with a SolarWall system – maintaining the architectural language without disruption.” To date, nine solar air heating systems have been commissioned in the Canary District, covering a total collector area of over 1,000 m².
    “Our customers have many motivations to integrate SolarWall technology into their new construction or retrofit projects, either carbon reduction, ESG, or green building certification targets,” explained Hollick.
    The use of solar air collectors in the Canary District was proposed by architects from the Danish firm Cobe. The black-colored SolarWall system preheats incoming air before it is distributed to the building’s corridors and common areas, reducing reliance on natural gas heating and supporting the pursuit of LEED Gold certification. Hollick estimates the amount of gas saved between 10 to 20 per cent of the total heating load for the corridor ventilation of the multi-unit residential buildings. Additional energy-saving strategies include a 50/50 window-to-wall ratio with high-performance glazing, green roofs, high-efficiency mechanical systems, LED lighting, and Energy Star-certified appliances.
    The ideal orientation for a SolarWall system is due south. However, the systems can be built at any orientation up to 90° east and west, explained Hollick. A SolarWall at 90° would have approximately 60 per cent of the energy production of the same area facing south.Canada’s expertise in solar air heating continues to set a global benchmark, driven by supporting R&D, by innovative technologies, strategic partnerships, and a growing portfolio of high-impact projects. With strong policy support and proven performance, solar air heating is poised to play a key role in the country’s energy-efficient building future.
    Figure 4: Claude-Bechard Building in Quebec is a showcase project for sustainable architecture with a 72 m2Lubi solar air heating wall from Aéronergie. It serves as a regional administrative center. Architectural firm: Goulet et Lebel Architectes. Photo: Art Massif

    Bärbel Epp is the general manager of the German Agency solrico, whose focus is on solar market research and international communication.
    The post Op-ed: Canada’s leadership in solar air heating—Innovation and flagship projects appeared first on Canadian Architect.
    #oped #canadas #leadership #solar #air
    Op-ed: Canada’s leadership in solar air heating—Innovation and flagship projects
    Solar air heating is among the most cost-effective applications of solar thermal energy. These systems are used for space heating and preheating fresh air for ventilation, typically using glazed or unglazed perforated solar collectors. The collectors draw in outside air, heat it using solar energy, and then distribute it through ductwork to meet building heating and fresh air needs. In 2024, Canada led again the world for the at least seventh year in a row in solar air heating adoption. The four key suppliers – Trigo Energies, Conserval Engineering, Matrix Energy, and Aéronergie – reported a combined 26,203 m2of collector area sold last year. Several of these providers are optimistic about the growing demand. These findings come from the newly released Canadian Solar Thermal Market Survey 2024, commissioned by Natural Resources Canada. Canada is the global leader in solar air heating. The market is driven by a strong network of experienced system suppliers, optimized technologies, and a few small favorable funding programs – especially in the province of Quebec. Architects and developers are increasingly turning to these cost-effective, façade-integrated systems as a practical solution for reducing onsite natural gas consumption. Despite its cold climate, Canada benefits from strong solar potential with solar irradiance in many areas rivaling or even exceeding that of parts of Europe. This makes solar air heating not only viable, but especially valuable in buildings with high fresh air requirements including schools, hospitals, and offices. The projects highlighted in this article showcase the versatility and relevance of solar air heating across a range of building types, from new constructions to retrofits. Figure 1: Preheating air for industrial buildings: 2,750 m2of Calento SL solar air collectors cover all south-west and south-east facing facades of the FAB3R factory in Trois-Rivières, Quebec. The hourly unitary flow rate is set at 41 m3/m2 or 2.23 cfm/ft2 of collector area, at the lower range because only a limited number of intake fans was close enough to the solar façade to avoid long ventilation ductwork. Photo: Trigo Energies Quebec’s solar air heating boom: the Trigo Energies story Trigo Energies makes almost 90 per cent of its sales in Quebec. “We profit from great subsidies, as solar air systems are supported by several organizations in our province – the electricity utility Hydro Quebec, the gas utility Energir and the Ministry of Natural Resources,” explained Christian Vachon, Vice President Technologies and R&D at Trigo Energies. Trigo Energies currently has nine employees directly involved in planning, engineering and installing solar air heating systems and teams up with several partner contractors to install mostly retrofit projects. “A high degree of engineering is required to fit a solar heating system into an existing factory,” emphasized Vachon. “Knowledge about HVAC engineering is as important as experience with solar thermal and architecture.” One recent Trigo installation is at the FAB3R factory in Trois-Rivières. FAB3R specializes in manufacturing, repairing, and refurbishing large industrial equipment. Its air heating and ventilation system needed urgent renovation because of leakages and discomfort for the workers. “Due to many positive references he had from industries in the area, the owner of FAB3R contacted us,” explained Vachon. “The existence of subsidies helped the client to go for a retrofitting project including solar façade at once instead of fixing the problems one bit at a time.” Approximately 50 per cent of the investment costs for both the solar air heating and the renovation of the indoor ventilation system were covered by grants and subsidies. FAB3R profited from an Energir grant targeted at solar preheating, plus an investment subsidy from the Government of Quebec’s EcoPerformance Programme.   Blue or black, but always efficient: the advanced absorber coating In October 2024, the majority of the new 2,750 m²solar façade at FAB3R began operation. According to Vachon, the system is expected to cover approximately 13 per cent of the factory’s annual heating demand, which is otherwise met by natural gas. Trigo Energies equipped the façade with its high-performance Calento SL collectors, featuring a notable innovation: a selective, low-emissivity coating that withstands outdoor conditions. Introduced by Trigo in 2019 and manufactured by Almeco Group from Italy, this advanced coating is engineered to maximize solar absorption while minimizing heat loss via infrared emission, enhancing the overall efficiency of the system. The high efficiency coating is now standard in Trigo’s air heating systems. According to the manufacturer, the improved collector design shows a 25 to 35 per cent increase in yield over the former generation of solar air collectors with black paint. Testing conducted at Queen’s University confirms this performance advantage. Researchers measured the performance of transpired solar air collectors both with and without a selective coating, mounted side-by-side on a south-facing vertical wall. The results showed that the collectors with the selective coating produced 1.3 to 1.5 times more energy than those without it. In 2024, the monitoring results were jointly published by Queen’s University and Canmat Energy in a paper titled Performance Comparison of a Transpired Air Solar Collector with Low-E Surface Coating. Selective coating, also used on other solar thermal technologies including glazed flat plate or vacuum tube collectors, has a distinctive blue color. Trigo customers can, however, choose between blue and black finishes. “By going from the normal blue selective coating to black selective coating, which Almeco is specially producing for Trigo, we lose about 1 per cent in solar efficiency,” explained Vachon. Figure 2: Building-integrated solar air heating façade with MatrixAir collectors at the firehall building in Mont Saint Hilaire, south of Montreal. The 190 m2south-facing wall preheats the fresh air, reducing natural gas consumption by 18 per cent compared to the conventional make-up system. Architect: Leclerc Architecture. Photo: Matrix Energy Matrix Energy: collaborating with architects and engineers in new builds The key target customer group of Matrix Energy are public buildings – mainly new construction. “Since the pandemic, schools are more conscious about fresh air, and solar preheating of the incoming fresh air has a positive impact over the entire school year,” noted Brian Wilkinson, President of Matrix Energy. Matrix Energy supplies systems across Canada, working with local partners to source and process the metal sheets used in their MatrixAir collectors. These metal sheets are perforated and then formed into architectural cladding profiles. The company exclusively offers unglazed, single-stage collectors, citing fire safety concerns associated with polymeric covers. “We have strong relationships with many architects and engineers who appreciate the simplicity and cost-effectiveness of transpired solar air heating systems,” said President Brian Wilkinson, describing the company’s sales approach. “Matrix handles system design and supplies the necessary materials, while installation is carried out by specialized cladding and HVAC contractors overseen by on-site architects and engineers,” Wilkinson added. Finding the right flow: the importance of unitary airflow rates One of the key design factors in solar air heating systems is the amount of air that passes through each square meter of the perforated metal absorber,  known as the unitary airflow rate. The principle is straightforward: higher airflow rates deliver more total heat to the building, while lower flow rates result in higher outlet air temperatures. Striking the right balance between air volume and temperature gain is essential for efficient system performance. For unglazed collectors mounted on building façades, typical hourly flow rates should range between 120 and 170, or 6.6 to 9.4 cfm/ft2. However, Wilkinson suggests that an hourly airflow rate of around 130 m³/h/m²offers the best cost-benefit balance for building owners. If the airflow is lower, the system will deliver higher air temperatures, but it would then need a much larger collector area to achieve the same air volume and optimum performance, he explained. It’s also crucial for the flow rate to overcome external wind pressure. As wind passes over the absorber, air flow through the collector’s perforations is reduced, resulting in heat losses to the environment. This effect becomes even more pronounced in taller buildings, where wind exposure is greater. To ensure the system performs well even in these conditions, higher hourly airflow rates typically between 150 and 170 m³/m² are necessary. Figure 3: One of three apartment blocks of the Maple House in Toronto’s Canary District. Around 160 m2of SolarWall collectors clad the two-storey mechanical penthouse on the roof. The rental flats have been occupied since the beginning of 2024. Collaborators: architects-Alliance, Claude Cormier et Associés, Thornton Tomasetti, RWDI, Cole Engineering, DesignAgency, MVShore, BA Group, EllisDon. Photo: Conserval Engineering Solar air heating systems support LEED-certified building designs Solar air collectors are also well-suited for use in multi-unit residential buildings. A prime example is the Canary District in Toronto, where single-stage SolarWall collectors from Conserval Engineering have been installed on several MURBs to clad the mechanical penthouses. “These penthouses are an ideal location for our air heating collectors, as they contain the make-up air units that supply corridor ventilation throughout the building,” explained Victoria Hollick, Vice President of Conserval Engineering. “The walls are typically finished with metal façades, which can be seamlessly replaced with a SolarWall system – maintaining the architectural language without disruption.” To date, nine solar air heating systems have been commissioned in the Canary District, covering a total collector area of over 1,000 m². “Our customers have many motivations to integrate SolarWall technology into their new construction or retrofit projects, either carbon reduction, ESG, or green building certification targets,” explained Hollick. The use of solar air collectors in the Canary District was proposed by architects from the Danish firm Cobe. The black-colored SolarWall system preheats incoming air before it is distributed to the building’s corridors and common areas, reducing reliance on natural gas heating and supporting the pursuit of LEED Gold certification. Hollick estimates the amount of gas saved between 10 to 20 per cent of the total heating load for the corridor ventilation of the multi-unit residential buildings. Additional energy-saving strategies include a 50/50 window-to-wall ratio with high-performance glazing, green roofs, high-efficiency mechanical systems, LED lighting, and Energy Star-certified appliances. The ideal orientation for a SolarWall system is due south. However, the systems can be built at any orientation up to 90° east and west, explained Hollick. A SolarWall at 90° would have approximately 60 per cent of the energy production of the same area facing south.Canada’s expertise in solar air heating continues to set a global benchmark, driven by supporting R&D, by innovative technologies, strategic partnerships, and a growing portfolio of high-impact projects. With strong policy support and proven performance, solar air heating is poised to play a key role in the country’s energy-efficient building future. Figure 4: Claude-Bechard Building in Quebec is a showcase project for sustainable architecture with a 72 m2Lubi solar air heating wall from Aéronergie. It serves as a regional administrative center. Architectural firm: Goulet et Lebel Architectes. Photo: Art Massif Bärbel Epp is the general manager of the German Agency solrico, whose focus is on solar market research and international communication. The post Op-ed: Canada’s leadership in solar air heating—Innovation and flagship projects appeared first on Canadian Architect. #oped #canadas #leadership #solar #air
    WWW.CANADIANARCHITECT.COM
    Op-ed: Canada’s leadership in solar air heating—Innovation and flagship projects
    Solar air heating is among the most cost-effective applications of solar thermal energy. These systems are used for space heating and preheating fresh air for ventilation, typically using glazed or unglazed perforated solar collectors. The collectors draw in outside air, heat it using solar energy, and then distribute it through ductwork to meet building heating and fresh air needs. In 2024, Canada led again the world for the at least seventh year in a row in solar air heating adoption. The four key suppliers – Trigo Energies, Conserval Engineering, Matrix Energy, and Aéronergie – reported a combined 26,203 m2 (282,046 ft2) of collector area sold last year. Several of these providers are optimistic about the growing demand. These findings come from the newly released Canadian Solar Thermal Market Survey 2024, commissioned by Natural Resources Canada. Canada is the global leader in solar air heating. The market is driven by a strong network of experienced system suppliers, optimized technologies, and a few small favorable funding programs – especially in the province of Quebec. Architects and developers are increasingly turning to these cost-effective, façade-integrated systems as a practical solution for reducing onsite natural gas consumption. Despite its cold climate, Canada benefits from strong solar potential with solar irradiance in many areas rivaling or even exceeding that of parts of Europe. This makes solar air heating not only viable, but especially valuable in buildings with high fresh air requirements including schools, hospitals, and offices. The projects highlighted in this article showcase the versatility and relevance of solar air heating across a range of building types, from new constructions to retrofits. Figure 1: Preheating air for industrial buildings: 2,750 m2 (29,600 ft2) of Calento SL solar air collectors cover all south-west and south-east facing facades of the FAB3R factory in Trois-Rivières, Quebec. The hourly unitary flow rate is set at 41 m3/m2 or 2.23 cfm/ft2 of collector area, at the lower range because only a limited number of intake fans was close enough to the solar façade to avoid long ventilation ductwork. Photo: Trigo Energies Quebec’s solar air heating boom: the Trigo Energies story Trigo Energies makes almost 90 per cent of its sales in Quebec. “We profit from great subsidies, as solar air systems are supported by several organizations in our province – the electricity utility Hydro Quebec, the gas utility Energir and the Ministry of Natural Resources,” explained Christian Vachon, Vice President Technologies and R&D at Trigo Energies. Trigo Energies currently has nine employees directly involved in planning, engineering and installing solar air heating systems and teams up with several partner contractors to install mostly retrofit projects. “A high degree of engineering is required to fit a solar heating system into an existing factory,” emphasized Vachon. “Knowledge about HVAC engineering is as important as experience with solar thermal and architecture.” One recent Trigo installation is at the FAB3R factory in Trois-Rivières. FAB3R specializes in manufacturing, repairing, and refurbishing large industrial equipment. Its air heating and ventilation system needed urgent renovation because of leakages and discomfort for the workers. “Due to many positive references he had from industries in the area, the owner of FAB3R contacted us,” explained Vachon. “The existence of subsidies helped the client to go for a retrofitting project including solar façade at once instead of fixing the problems one bit at a time.” Approximately 50 per cent of the investment costs for both the solar air heating and the renovation of the indoor ventilation system were covered by grants and subsidies. FAB3R profited from an Energir grant targeted at solar preheating, plus an investment subsidy from the Government of Quebec’s EcoPerformance Programme.   Blue or black, but always efficient: the advanced absorber coating In October 2024, the majority of the new 2,750 m² (29,600 ft2) solar façade at FAB3R began operation (see figure 1). According to Vachon, the system is expected to cover approximately 13 per cent of the factory’s annual heating demand, which is otherwise met by natural gas. Trigo Energies equipped the façade with its high-performance Calento SL collectors, featuring a notable innovation: a selective, low-emissivity coating that withstands outdoor conditions. Introduced by Trigo in 2019 and manufactured by Almeco Group from Italy, this advanced coating is engineered to maximize solar absorption while minimizing heat loss via infrared emission, enhancing the overall efficiency of the system. The high efficiency coating is now standard in Trigo’s air heating systems. According to the manufacturer, the improved collector design shows a 25 to 35 per cent increase in yield over the former generation of solar air collectors with black paint. Testing conducted at Queen’s University confirms this performance advantage. Researchers measured the performance of transpired solar air collectors both with and without a selective coating, mounted side-by-side on a south-facing vertical wall. The results showed that the collectors with the selective coating produced 1.3 to 1.5 times more energy than those without it. In 2024, the monitoring results were jointly published by Queen’s University and Canmat Energy in a paper titled Performance Comparison of a Transpired Air Solar Collector with Low-E Surface Coating. Selective coating, also used on other solar thermal technologies including glazed flat plate or vacuum tube collectors, has a distinctive blue color. Trigo customers can, however, choose between blue and black finishes. “By going from the normal blue selective coating to black selective coating, which Almeco is specially producing for Trigo, we lose about 1 per cent in solar efficiency,” explained Vachon. Figure 2: Building-integrated solar air heating façade with MatrixAir collectors at the firehall building in Mont Saint Hilaire, south of Montreal. The 190 m2 (2,045 ft2) south-facing wall preheats the fresh air, reducing natural gas consumption by 18 per cent compared to the conventional make-up system. Architect: Leclerc Architecture. Photo: Matrix Energy Matrix Energy: collaborating with architects and engineers in new builds The key target customer group of Matrix Energy are public buildings – mainly new construction. “Since the pandemic, schools are more conscious about fresh air, and solar preheating of the incoming fresh air has a positive impact over the entire school year,” noted Brian Wilkinson, President of Matrix Energy. Matrix Energy supplies systems across Canada, working with local partners to source and process the metal sheets used in their MatrixAir collectors. These metal sheets are perforated and then formed into architectural cladding profiles. The company exclusively offers unglazed, single-stage collectors, citing fire safety concerns associated with polymeric covers. “We have strong relationships with many architects and engineers who appreciate the simplicity and cost-effectiveness of transpired solar air heating systems,” said President Brian Wilkinson, describing the company’s sales approach. “Matrix handles system design and supplies the necessary materials, while installation is carried out by specialized cladding and HVAC contractors overseen by on-site architects and engineers,” Wilkinson added. Finding the right flow: the importance of unitary airflow rates One of the key design factors in solar air heating systems is the amount of air that passes through each square meter of the perforated metal absorber,  known as the unitary airflow rate. The principle is straightforward: higher airflow rates deliver more total heat to the building, while lower flow rates result in higher outlet air temperatures. Striking the right balance between air volume and temperature gain is essential for efficient system performance. For unglazed collectors mounted on building façades, typical hourly flow rates should range between 120 and 170 (m3/h/m2), or 6.6 to 9.4 cfm/ft2. However, Wilkinson suggests that an hourly airflow rate of around 130 m³/h/m² (7.2 cfm/ft2) offers the best cost-benefit balance for building owners. If the airflow is lower, the system will deliver higher air temperatures, but it would then need a much larger collector area to achieve the same air volume and optimum performance, he explained. It’s also crucial for the flow rate to overcome external wind pressure. As wind passes over the absorber, air flow through the collector’s perforations is reduced, resulting in heat losses to the environment. This effect becomes even more pronounced in taller buildings, where wind exposure is greater. To ensure the system performs well even in these conditions, higher hourly airflow rates typically between 150 and 170 m³/m² (8.3 to 9.4 cfm/ft2)  are necessary. Figure 3: One of three apartment blocks of the Maple House in Toronto’s Canary District. Around 160 m2 (1,722 ft2) of SolarWall collectors clad the two-storey mechanical penthouse on the roof. The rental flats have been occupied since the beginning of 2024. Collaborators: architects-Alliance, Claude Cormier et Associés, Thornton Tomasetti, RWDI, Cole Engineering, DesignAgency, MVShore, BA Group, EllisDon. Photo: Conserval Engineering Solar air heating systems support LEED-certified building designs Solar air collectors are also well-suited for use in multi-unit residential buildings. A prime example is the Canary District in Toronto (see Figure 3), where single-stage SolarWall collectors from Conserval Engineering have been installed on several MURBs to clad the mechanical penthouses. “These penthouses are an ideal location for our air heating collectors, as they contain the make-up air units that supply corridor ventilation throughout the building,” explained Victoria Hollick, Vice President of Conserval Engineering. “The walls are typically finished with metal façades, which can be seamlessly replaced with a SolarWall system – maintaining the architectural language without disruption.” To date, nine solar air heating systems have been commissioned in the Canary District, covering a total collector area of over 1,000 m² (10,764 ft2). “Our customers have many motivations to integrate SolarWall technology into their new construction or retrofit projects, either carbon reduction, ESG, or green building certification targets,” explained Hollick. The use of solar air collectors in the Canary District was proposed by architects from the Danish firm Cobe. The black-colored SolarWall system preheats incoming air before it is distributed to the building’s corridors and common areas, reducing reliance on natural gas heating and supporting the pursuit of LEED Gold certification. Hollick estimates the amount of gas saved between 10 to 20 per cent of the total heating load for the corridor ventilation of the multi-unit residential buildings. Additional energy-saving strategies include a 50/50 window-to-wall ratio with high-performance glazing, green roofs, high-efficiency mechanical systems, LED lighting, and Energy Star-certified appliances. The ideal orientation for a SolarWall system is due south. However, the systems can be built at any orientation up to 90° east and west, explained Hollick. A SolarWall at 90° would have approximately 60 per cent of the energy production of the same area facing south.Canada’s expertise in solar air heating continues to set a global benchmark, driven by supporting R&D, by innovative technologies, strategic partnerships, and a growing portfolio of high-impact projects. With strong policy support and proven performance, solar air heating is poised to play a key role in the country’s energy-efficient building future. Figure 4: Claude-Bechard Building in Quebec is a showcase project for sustainable architecture with a 72 m2 (775 ft2) Lubi solar air heating wall from Aéronergie. It serves as a regional administrative center. Architectural firm: Goulet et Lebel Architectes. Photo: Art Massif Bärbel Epp is the general manager of the German Agency solrico, whose focus is on solar market research and international communication. The post Op-ed: Canada’s leadership in solar air heating—Innovation and flagship projects appeared first on Canadian Architect.
    0 Comentários 0 Compartilhamentos
  • Patel Taylor unveils images for 54-storey Canary Wharf tower

    How the 54-storey towerwould look when built
    Architect Patel Taylor has unveiled images of what one of London’s tallest residential towers in Canary Wharf would look like.
    The 54-storey 77 Marsh Wall scheme is being developed by Areli Developments on behalf of British Airways Pension Trustees and would contain around 820 homes above a mixed-use podium which will include retail, restaurant and café space.
    It would be Canary Wharf’s third tallest tower if built, behind the 235m One Canada Square and 233m Landmark Pinnacle.
    The scheme would require the demolition of the site’s existing building, a 17-storey office block built in the early 1990s known as Sierra Quebec Bravo.

    The 77 Marsh Wall scheme would include restaurants and retail at ground floor level
    Areli said the existing building offers “very little in the way of benefits to the community” and that it wanted to maximise the “unique and exciting” potential of the waterfront site with new public spaces, shops and restaurants.
    The podium would contain around 4,000sq m of retail, leisure and workspace along with a cinema and cycle parking under early plans aired in a public consultation. Green space is also included in the plans which saw two public consultation events held last month.
    Homes in the tower above the podium would be of a mix of tenures including shared ownership, build to rent, social rent, apart-hotel and co-living.

    The site’s existing 17-storey office block would be demolished
    An environmental impact assessment scoping report has been drawn up by consultant Trium for to Tower Hamlets council with a planning application expected to be submitted later this summer.
    Other firms currently on the project team include planning consultant DP9 and communications firm Kanda Consulting.
    #patel #taylor #unveils #images #54storey
    Patel Taylor unveils images for 54-storey Canary Wharf tower
    How the 54-storey towerwould look when built Architect Patel Taylor has unveiled images of what one of London’s tallest residential towers in Canary Wharf would look like. The 54-storey 77 Marsh Wall scheme is being developed by Areli Developments on behalf of British Airways Pension Trustees and would contain around 820 homes above a mixed-use podium which will include retail, restaurant and café space. It would be Canary Wharf’s third tallest tower if built, behind the 235m One Canada Square and 233m Landmark Pinnacle. The scheme would require the demolition of the site’s existing building, a 17-storey office block built in the early 1990s known as Sierra Quebec Bravo. The 77 Marsh Wall scheme would include restaurants and retail at ground floor level Areli said the existing building offers “very little in the way of benefits to the community” and that it wanted to maximise the “unique and exciting” potential of the waterfront site with new public spaces, shops and restaurants. The podium would contain around 4,000sq m of retail, leisure and workspace along with a cinema and cycle parking under early plans aired in a public consultation. Green space is also included in the plans which saw two public consultation events held last month. Homes in the tower above the podium would be of a mix of tenures including shared ownership, build to rent, social rent, apart-hotel and co-living. The site’s existing 17-storey office block would be demolished An environmental impact assessment scoping report has been drawn up by consultant Trium for to Tower Hamlets council with a planning application expected to be submitted later this summer. Other firms currently on the project team include planning consultant DP9 and communications firm Kanda Consulting. #patel #taylor #unveils #images #54storey
    WWW.BDONLINE.CO.UK
    Patel Taylor unveils images for 54-storey Canary Wharf tower
    How the 54-storey tower (centre) would look when built Architect Patel Taylor has unveiled images of what one of London’s tallest residential towers in Canary Wharf would look like. The 54-storey 77 Marsh Wall scheme is being developed by Areli Developments on behalf of British Airways Pension Trustees and would contain around 820 homes above a mixed-use podium which will include retail, restaurant and café space. It would be Canary Wharf’s third tallest tower if built, behind the 235m One Canada Square and 233m Landmark Pinnacle. The scheme would require the demolition of the site’s existing building, a 17-storey office block built in the early 1990s known as Sierra Quebec Bravo. The 77 Marsh Wall scheme would include restaurants and retail at ground floor level Areli said the existing building offers “very little in the way of benefits to the community” and that it wanted to maximise the “unique and exciting” potential of the waterfront site with new public spaces, shops and restaurants. The podium would contain around 4,000sq m of retail, leisure and workspace along with a cinema and cycle parking under early plans aired in a public consultation. Green space is also included in the plans which saw two public consultation events held last month. Homes in the tower above the podium would be of a mix of tenures including shared ownership, build to rent, social rent, apart-hotel and co-living. The site’s existing 17-storey office block would be demolished An environmental impact assessment scoping report has been drawn up by consultant Trium for to Tower Hamlets council with a planning application expected to be submitted later this summer. Other firms currently on the project team include planning consultant DP9 and communications firm Kanda Consulting.
    0 Comentários 0 Compartilhamentos
  • Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs

    Cyber threats don't show up one at a time anymore. They're layered, planned, and often stay hidden until it's too late.
    For cybersecurity teams, the key isn't just reacting to alerts—it's spotting early signs of trouble before they become real threats. This update is designed to deliver clear, accurate insights based on real patterns and changes we can verify. With today's complex systems, we need focused analysis—not noise.
    What you'll see here isn't just a list of incidents, but a clear look at where control is being gained, lost, or quietly tested.
    Threat of the Week
    Lumma Stealer, DanaBot Operations Disrupted — A coalition of private sector companies and law enforcement agencies have taken down the infrastructure associated with Lumma Stealer and DanaBot. Charges have also been unsealed against 16 individuals for their alleged involvement in the development and deployment of DanaBot. The malware is equipped to siphon data from victim computers, hijack banking sessions, and steal device information. More uniquely, though, DanaBot has also been used for hacking campaigns that appear to be linked to Russian state-sponsored interests. All of that makes DanaBot a particularly clear example of how commodity malware has been repurposed by Russian state hackers for their own goals. In tandem, about 2,300 domains that acted as the command-and-controlbackbone for the Lumma information stealer have been seized, alongside taking down 300 servers and neutralizing 650 domains that were used to launch ransomware attacks. The actions against international cybercrime in the past few days constituted the latest phase of Operation Endgame.

    Get the Guide ➝

    Top News

    Threat Actors Use TikTok Videos to Distribute Stealers — While ClickFix has become a popular social engineering tactic to deliver malware, threat actors have been observed using artificial intelligence-generated videos uploaded to TikTok to deceive users into running malicious commands on their systems and deploy malware like Vidar and StealC under the guise of activating pirated version of Windows, Microsoft Office, CapCut, and Spotify. "This campaign highlights how attackers are ready to weaponize whichever social media platforms are currently popular to distribute malware," Trend Micro said.
    APT28 Hackers Target Western Logistics and Tech Firms — Several cybersecurity and intelligence agencies from Australia, Europe, and the United States issued a joint alert warning of a state-sponsored campaign orchestrated by the Russian state-sponsored threat actor APT28 targeting Western logistics entities and technology companies since 2022. "This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors' wide scale targeting of IP cameras in Ukraine and bordering NATO nations," the agencies said. The attacks are designed to steal sensitive information and maintain long-term persistence on compromised hosts.
    Chinese Threat Actors Exploit Ivanti EPMM Flaws — The China-nexus cyber espionage group tracked as UNC5221 has been attributed to the exploitation of a pair of security flaws affecting Ivanti Endpoint Manager Mobilesoftwareto target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The intrusions leverage the vulnerabilities to obtain a reverse shell and drop malicious payloads like KrustyLoader, which is known to deliver the Sliver command-and-controlframework. "UNC5221 demonstrates a deep understanding of EPMM's internal architecture, repurposing legitimate system components for covert data exfiltration," EclecticIQ said. "Given EPMM's role in managing and pushing configurations to enterprise mobile devices, a successful exploitation could allow threat actors to remotely access, manipulate, or compromise thousands of managed devices across an organization."
    Over 100 Google Chrome Extensions Mimic Popular Tools — An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities such as DeepSeek, Manus, DeBank, FortiVPN, and Site Stats but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. Links to these browser add-ons are hosted on specially crafted sites to which users are likely redirected to via phishing and social media posts. While the extensions appear to offer the advertised features, they also stealthily facilitate credential and cookie theft, session hijacking, ad injection, malicious redirects, traffic manipulation, and phishing via DOM manipulation. Several of these extensions have been taken down by Google.
    CISA Warns of SaaS Providers of Attacks Targeting Cloud Environments — The U.S. Cybersecurity and Infrastructure Security Agencywarned that SaaS companies are under threat from bad actors who are on the prowl for cloud applications with default configurations and elevated permissions. While the agency did not attribute the activity to a specific group, the advisory said enterprise backup platform Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault'sMicrosoft 365backup software-as-a-servicesolution, hosted in Azure," CISA said. "This provided the threat actors with unauthorized access to Commvault's customers' M365 environments that have application secrets stored by Commvault."
    GitLab AI Coding Assistant Flaws Could Be Used to Inject Malicious Code — Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligenceassistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. The attack could also leak confidential issue data, such as zero-day vulnerability details. All that's required is for the attacker to instruct the chatbot to interact with a merge requestby taking advantage of the fact that GitLab Duo has extensive access to the platform. "By embedding hidden instructions in seemingly harmless project content, we were able to manipulate Duo's behavior, exfiltrate private source code, and demonstrate how AI responses can be leveraged for unintended and harmful outcomes," Legit Security said. One variation of the attack involved hiding a malicious instruction in an otherwise legitimate piece of source code, while another exploited Duo's parsing of markdown responses in real-time asynchronously. An attacker could leverage this behavior – that Duo begins rendering the output line by line rather than waiting until the entire response is generated and sending it all at once – to introduce malicious HTML code that can access sensitive data and exfiltrate the information to a remote server. The issues have been patched by GitLab following responsible disclosure.

    ‎️‍ Trending CVEs
    Software vulnerabilities remain one of the simplest—and most effective—entry points for attackers. Each week uncovers new flaws, and even small delays in patching can escalate into serious security incidents. Staying ahead means acting fast. Below is this week's list of high-risk vulnerabilities that demand attention. Review them carefully, apply updates without delay, and close the doors before they're forced open.
    This week's list includes — CVE-2025-34025, CVE-2025-34026, CVE-2025-34027, CVE-2025-30911, CVE-2024-57273, CVE-2024-54780, and CVE-2024-54779, CVE-2025-41229, CVE-2025-4322, CVE-2025-47934, CVE-2025-30193, CVE-2025-0993, CVE-2025-36535, CVE-2025-47949, CVE-2025-40775, CVE-2025-20152, CVE-2025-4123, CVE-2025-5063, CVE-2025-37899, CVE-2025-26817, CVE-2025-47947, CVE-2025-3078, CVE-2025-3079, and CVE-2025-4978.
    Around the Cyber World

    Sandworm Drops New Wiper in Ukraine — The Russia-aligned Sandworm group intensified destructive operations against Ukrainian energy companies, deploying a new wiper named ZEROLOT. "The infamous Sandworm group concentrated heavily on compromising Ukrainian energy infrastructure. In recent cases, it deployed the ZEROLOT wiper in Ukraine. For this, the attackers abused Active Directory Group Policy in the affected organizations," ESET Director of Threat Research, Jean-Ian Boutin, said. Another Russian hacking group, Gamaredon, remained the most prolific actor targeting the East European nation, enhancing malware obfuscation and introducing PteroBox, a file stealer leveraging Dropbox.
    Signal Says No to Recall — Signal has released a new version of its messaging app for Windows that, by default, blocks the ability of Windows to use Recall to periodically take screenshots of the app. "Although Microsoft made several adjustments over the past twelve months in response to critical feedback, the revamped version of Recall still places any content that's displayed within privacy-preserving apps like Signal at risk," Signal said. "As a result, we are enabling an extra layer of protection by default on Windows 11 in order to help maintain the security of Signal Desktop on that platform even though it introduces some usability trade-offs. Microsoft has simply given us no other option." Microsoft began officially rolling out Recall last month.
    Russia Introduces New Law to Track Foreigners Using Their Smartphones — The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. This includes gathering their real-time locations, fingerprint, face photograph, and residential information. "The adopted mechanism will allow, using modern technologies, to strengthen control in the field of migration and will also contribute to reducing the number of violations and crimes in this area," Vyacheslav Volodin, chairman of the State Duma, said. "If migrants change their actual place of residence, they will be required to inform the Ministry of Internal Affairswithin three working days." A proposed four-year trial period begins on September 1, 2025, and runs until September 1, 2029.
    Dutch Government Passes Law to Criminalize Cyber Espionage — The Dutch government has approved a law criminalizing a wide range of espionage activities, including digital espionage, in an effort to protect national security, critical infrastructure, and high-quality technologies. Under the amended law, leaking sensitive information that is not classified as a state secret or engaging in activities on behalf of a foreign government that harm Dutch interests can also result in criminal charges. "Foreign governments are also interested in non-state-secret, sensitive information about a particular economic sector or about political decision-making," the government said. "Such information can be used to influence political processes, weaken the Dutch economy or play allies against each other. Espionage can also involve actions other than sharing information."
    Microsoft Announces Availability of Quantum-Resistant Algorithms to SymCrypt — Microsoft has revealed that it's making post-quantum cryptographycapabilities, including ML-KEM and ML-DSA, available for Windows Insiders, Canary Channel Build 27852 and higher, and Linux, SymCrypt-OpenSSL version 1.9.0. "This advancement will enable customers to commence their exploration and experimentation of PQC within their operational environments," Microsoft said. "By obtaining early access to PQC capabilities, organizations can proactively assess the compatibility, performance, and integration of these novel algorithms alongside their existing security infrastructure."
    New Malware DOUBLELOADER Uses ALCATRAZ for Obfuscation — The open-source obfuscator ALCATRAZ has been seen within a new generic loader dubbed DOUBLELOADER, which has been deployed alongside Rhadamanthys Stealer infections starting December 2024. The malware collects host information, requests an updated version of itself, and starts beaconing to a hardcoded IP addressstored within the binary. "Obfuscators such as ALCATRAZ end up increasing the complexity when triaging malware," Elastic Security Labs said. "Its main goal is to hinder binary analysis tools and increase the time of the reverse engineering process through different techniques; such as hiding the control flow or making decompilation hard to follow."
    New Formjacking Campaign Targets WooCommerce Sites — Cybersecurity researchers have detected a sophisticated formjacking campaign targeting WooCommerce sites. The malware, per Wordfence, injects a fake but professional-looking payment form into legitimate checkout processes and exfiltrates sensitive customer data to an external server. Further analysis has revealed that the infection likely originated from a compromised WordPress admin account, which was used to inject malicious JavaScript via a Simple Custom CSS and JS pluginthat allows administrators to add custom code. "Unlike traditional card skimmers that simply overlay existing forms, this variant carefully integrates with the WooCommerce site's design and payment workflow, making it particularly difficult for site owners and users to detect," the WordPress security company said. "The malware author repurposed the browser's localStorage mechanism – typically used by websites to remember user preferences – to silently store stolen data and maintain access even after page reloads or when navigating away from the checkout page."

    E.U. Sanctions Stark Industries — The European Unionhas announced sanctions against 21 individuals and six entities in Russia over its "destabilising actions" in the region. One of the sanctioned entities is Stark Industries, a bulletproof hosting provider that has been accused of acting as "enablers of various Russian state-sponsored and affiliated actors to conduct destabilising activities including, information manipulation interference and cyber attacks against the Union and third countries." The sanctions also target its CEO Iurie Neculiti and owner Ivan Neculiti. Stark Industries was previously spotlighted by independent cybersecurity journalist Brian Krebs, detailing its use in DDoS attacks in Ukraine and across Europe. In August 2024, Team Cymru said it discovered 25 Stark-assigned IP addresses used to host domains associated with FIN7 activities and that it had been working with Stark Industries for several months to identify and reduce abuse of their systems. The sanctions have also targeted Kremlin-backed manufacturers of drones and radio communication equipment used by the Russian military, as well as those involved in GPS signal jamming in Baltic states and disrupting civil aviation.
    The Mask APT Unmasked as Tied to the Spanish Government — The mysterious threat actor known as The Maskhas been identified as run by the Spanish government, according to a report published by TechCrunch, citing people who worked at Kaspersky at the time and had knowledge of the investigation. The Russian cybersecurity company first exposed the hacking group in 2014, linking it to highly sophisticated attacks since at least 2007 targeting high-profile organizations, such as governments, diplomatic entities, and research institutions. A majority of the group's attacks have targeted Cuba, followed by hundreds of victims in Brazil, Morocco, Spain, and Gibraltar. While Kaspersky has not publicly attributed it to a specific country, the latest revelation makes The Mask one of the few Western government hacking groups that has ever been discussed in public. This includes the Equation Group, the Lamberts, and Animal Farm.
    Social Engineering Scams Target Coinbase Users — Earlier this month, cryptocurrency exchange Coinbase revealed that it was the victim of a malicious attack perpetrated by unknown threat actors to breach its systems by bribing customer support agents in India and siphon funds from nearly 70,000 customers. According to Blockchain security firm SlowMist, Coinbase users have been the target of social engineering scams since the start of the year, bombarding with SMS messages claiming to be fake withdrawal requests and seeking their confirmation as part of a "sustained and organized scam campaign." The goal is to induce a false sense of urgency and trick them into calling a number, eventually convincing them to transfer the funds to a secure wallet with a seed phrase pre-generated by the attackers and ultimately drain the assets. It's assessed that the activities are primarily carried out by two groups: low-level skid attackers from the Com community and organized cybercrime groups based in India. "Using spoofed PBX phone systems, scammers impersonate Coinbase support and claim there's been 'unauthorized access' or 'suspicious withdrawals' on the user's account," SlowMist said. "They create a sense of urgency, then follow up with phishing emails or texts containing fake ticket numbers or 'recovery links.'"
    Delta Can Sue CrowdStrike Over July 2024 Mega Outage — Delta Air Lines, which had its systems crippled and almost 7,000 flights canceled in the wake of a massive outage caused by a faulty update issued by CrowdStrike in mid-July 2024, has been given the green light to pursue to its lawsuit against the cybersecurity company. A judge in the U.S. state of Georgia stating Delta can try to prove that CrowdStrike was grossly negligent by pushing a defective update to its Falcon software to customers. The update crashed 8.5 million Windows devices across the world. Crowdstrike previously claimed that the airline had rejected technical support offers both from itself and Microsoft. In a statement shared with Reuters, lawyers representing CrowdStrike said they were "confident the judge will find Delta's case has no merit, or will limit damages to the 'single-digit millions of dollars' under Georgia law." The development comes months after MGM Resorts International agreed to pay million to settle multiple class-action lawsuits related to a data breach in 2019 and a ransomware attack the company experienced in 2023.
    Storm-1516 Uses AI-Generated Media to Spread Disinformation — The Russian influence operation known as Storm-1516sought to spread narratives that undermined the European support for Ukraine by amplifying fabricated stories on X about European leaders using drugs while traveling by train to Kyiv for peace talks. One of the posts was subsequently shared by Russian state media and Maria Zakharova, a senior official in Russia's foreign ministry, as part of what has been described as a coordinated disinformation campaign by EclecticIQ. The activity is also notable for the use of synthetic content depicting French President Emmanuel Macron, U.K. Labour Party leader Keir Starmer, and German chancellor Friedrich Merz of drug possession during their return from Ukraine. "By attacking the reputation of these leaders, the campaign likely aimed to turn their own voters against them, using influence operationsto reduce public support for Ukraine by discrediting the politicians who back it," the Dutch threat intelligence firm said.
    Turkish Users Targeted by DBatLoader — AhnLab has disclosed details of a malware campaign that's distributing a malware loader called DBatLoadervia banking-themed banking emails, which then acts as a conduit to deliver SnakeKeylogger, an information stealer developed in .NET. "The DBatLoader malware distributed through phishing emails has the cunning behavior of exploiting normal processesthrough techniques such as DLL side-loading and injection for most of its behaviors, and it also utilizes normal processesfor behaviors such as file copying and changing policies," the company said.
    SEC SIM-Swapper Sentenced to 14 Months for SEC X Account Hack — A 26-year-old Alabama man, Eric Council Jr., has been sentenced to 14 months in prison and three years of supervised release for using SIM swapping attacks to breach the U.S. Securities and Exchange Commission'sofficial X account in January 2024 and falsely announced that the SEC approved BitcoinExchange Traded Funds. Council Jr.was arrested in October 2024 and pleaded guilty to the crime earlier this February. He has also been ordered to forfeit According to court documents, Council used his personal computer to search incriminating phrases such as "SECGOV hack," "telegram sim swap," "how can I know for sure if I am being investigated by the FBI," "What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them," "what are some signs that the FBI is after you," "Verizon store list," "federal identity theft statute," and "how long does it take to delete telegram account."
    FBI Warns of Malicious Campaign Impersonating Government Officials — The U.S. Federal Bureau of Investigationis warning of a new campaign that involves malicious actors impersonating senior U.S. federal or state government officials and their contacts to target individuals since April 2025. "The malicious actors have sent text messages and AI-generated voice messages — techniques known as smishing and vishing, respectively — that claim to come from a senior US official in an effort to establish rapport before gaining access to personal accounts," the FBI said. "One way the actors gain such access is by sending targeted individuals a malicious link under the guise of transitioning to a separate messaging platform." From there, the actor may present malware or introduce hyperlinks that lead intended targets to an actor-controlled site that steals login information.
    DICOM Flaw Enables Attackers to Embed Malicious Code Within Medical Image Files — Praetorian has released a proof-of-conceptfor a high-severity security flaw in Digital Imaging and Communications in Medicine, predominant file format for medical images, that enables attackers to embed malicious code within legitimate medical image files. CVE-2019-11687, originally disclosed in 2019 by Markel Picado Ortiz, stems from a design decision that allows arbitrary content at the start of the file, otherwise called the Preamble, which enables the creation of malicious polyglots. Codenamed ELFDICOM, the PoC extends the attack surface to Linux environments, making it a much more potent threat. As mitigations, it's advised to implement a DICOM preamble whitelist. "DICOM's file structure inherently allows arbitrary bytes at the beginning of the file, where Linux and most operating systems will look for magic bytes," Praetorian researcher Ryan Hennessee said. "would check a DICOM file's preamble before it is imported into the system. This would allow known good patterns, such as 'TIFF' magic bytes, or '\x00' null bytes, while files with the ELF magic bytes would be blocked."
    Cookie-Bite Attack Uses Chrome Extension to Steal Session Tokens — Cybersecurity researchers have demonstrated a new attack technique called Cookie-Bite that employs custom-made malicious browser extensions to steal "ESTAUTH" and "ESTSAUTHPERSISTNT" cookies in Microsoft Azure Entra ID and bypass multi-factor authentication. The attack has multiple moving parts to it: A custom Chrome extension that monitors authentication events and captures cookies; a PowerShell script that automates the extension deployment and ensures persistence; an exfiltration mechanism to send the cookies to a remote collection point; and a complementary extension to inject the captured cookies into the attacker's browser. "Threat actors often use infostealers to extract authentication tokens directly from a victim's machine or buy them directly through darkness markets, allowing adversaries to hijack active cloud sessions without triggering MFA," Varonis said. "By injecting these cookies while mimicking the victim's OS, browser, and network, attackers can evade Conditional Access Policiesand maintain persistent access." Authentication cookies can also be stolen using adversary-in-the-middlephishing kits in real-time, or using rogue browser extensions that request excessive permissions to interact with web sessions, modify page content, and extract stored authentication data. Once installed, the extension can access the browser's storage API, intercept network requests, or inject malicious JavaScript into active sessions to harvest real-time session cookies. "By leveraging stolen session cookies, an adversary can bypass authentication mechanisms, gaining seamless entry into cloud environments without requiring user credentials," Varonis said. "Beyond initial access, session hijacking can facilitate lateral movement across the tenant, allowing attackers to explore additional resources, access sensitive data, and escalate privileges by abusing existing permissions or misconfigured roles."

    Cybersecurity Webinars

    Non-Human Identities: The AI Backdoor You're Not Watching → AI agents rely on Non-Human Identitiesto function—but these are often left untracked and unsecured. As attackers shift focus to this hidden layer, the risk is growing fast. In this session, you'll learn how to find, secure, and monitor these identities before they're exploited. Join the webinar to understand the real risks behind AI adoption—and how to stay ahead.
    Inside the LOTS Playbook: How Hackers Stay Undetected → Attackers are using trusted sites to stay hidden. In this webinar, Zscaler experts share how they detect these stealthy LOTS attacks using insights from the world's largest security cloud. Join to learn how to spot hidden threats and improve your defense.

    Cybersecurity Tools

    ScriptSentry → It is a free tool that scans your environment for dangerous logon script misconfigurations—like plaintext credentials, insecure file/share permissions, and references to non-existent servers. These overlooked issues can enable lateral movement, privilege escalation, or even credential theft. ScriptSentry helps you quickly identify and fix them across large Active Directory environments.
    Aftermath → It is a Swift-based, open-source tool for macOS incident response. It collects forensic data—like logs, browser activity, and process info—from compromised systems, then analyzes it to build timelines and track infection paths. Deploy via MDM or run manually. Fast, lightweight, and ideal for post-incident investigation.
    AI Red Teaming Playground Labs → It is an open-source training suite with hands-on challenges designed to teach security professionals how to red team AI systems. Originally developed for Black Hat USA 2024, the labs cover prompt injections, safety bypasses, indirect attacks, and Responsible AI failures. Built on Chat Copilot and deployable via Docker, it's a practical resource for testing and understanding real-world AI vulnerabilities.

    Tip of the Week
    Review and Revoke Old OAuth App Permissions — They're Silent Backdoor → You've likely logged into apps using "Continue with Google," "Sign in with Microsoft," or GitHub/Twitter/Facebook logins. That's OAuth. But did you know many of those apps still have access to your data long after you stop using them?
    Why it matters:
    Even if you delete the app or forget it existed, it might still have ongoing access to your calendar, email, cloud files, or contact list — no password needed. If that third-party gets breached, your data is at risk.
    What to do:

    Go through your connected apps here:
    Google: myaccount.google.com/permissions
    Microsoft: account.live.com/consent/Manage
    GitHub: github.com/settings/applications
    Facebook: facebook.com/settings?tab=applications

    Revoke anything you don't actively use. It's a fast, silent cleanup — and it closes doors you didn't know were open.
    Conclusion
    Looking ahead, it's not just about tracking threats—it's about understanding what they reveal. Every tactic used, every system tested, points to deeper issues in how trust, access, and visibility are managed. As attackers adapt quickly, defenders need sharper awareness and faster response loops.
    The takeaways from this week aren't just technical—they speak to how teams prioritize risk, design safeguards, and make choices under pressure. Use these insights not just to react, but to rethink what "secure" really needs to mean in today's environment.

    Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.
    #weekly #recap #apt #campaigns #browser
    ⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
    Cyber threats don't show up one at a time anymore. They're layered, planned, and often stay hidden until it's too late. For cybersecurity teams, the key isn't just reacting to alerts—it's spotting early signs of trouble before they become real threats. This update is designed to deliver clear, accurate insights based on real patterns and changes we can verify. With today's complex systems, we need focused analysis—not noise. What you'll see here isn't just a list of incidents, but a clear look at where control is being gained, lost, or quietly tested. ⚡ Threat of the Week Lumma Stealer, DanaBot Operations Disrupted — A coalition of private sector companies and law enforcement agencies have taken down the infrastructure associated with Lumma Stealer and DanaBot. Charges have also been unsealed against 16 individuals for their alleged involvement in the development and deployment of DanaBot. The malware is equipped to siphon data from victim computers, hijack banking sessions, and steal device information. More uniquely, though, DanaBot has also been used for hacking campaigns that appear to be linked to Russian state-sponsored interests. All of that makes DanaBot a particularly clear example of how commodity malware has been repurposed by Russian state hackers for their own goals. In tandem, about 2,300 domains that acted as the command-and-controlbackbone for the Lumma information stealer have been seized, alongside taking down 300 servers and neutralizing 650 domains that were used to launch ransomware attacks. The actions against international cybercrime in the past few days constituted the latest phase of Operation Endgame. Get the Guide ➝ 🔔 Top News Threat Actors Use TikTok Videos to Distribute Stealers — While ClickFix has become a popular social engineering tactic to deliver malware, threat actors have been observed using artificial intelligence-generated videos uploaded to TikTok to deceive users into running malicious commands on their systems and deploy malware like Vidar and StealC under the guise of activating pirated version of Windows, Microsoft Office, CapCut, and Spotify. "This campaign highlights how attackers are ready to weaponize whichever social media platforms are currently popular to distribute malware," Trend Micro said. APT28 Hackers Target Western Logistics and Tech Firms — Several cybersecurity and intelligence agencies from Australia, Europe, and the United States issued a joint alert warning of a state-sponsored campaign orchestrated by the Russian state-sponsored threat actor APT28 targeting Western logistics entities and technology companies since 2022. "This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors' wide scale targeting of IP cameras in Ukraine and bordering NATO nations," the agencies said. The attacks are designed to steal sensitive information and maintain long-term persistence on compromised hosts. Chinese Threat Actors Exploit Ivanti EPMM Flaws — The China-nexus cyber espionage group tracked as UNC5221 has been attributed to the exploitation of a pair of security flaws affecting Ivanti Endpoint Manager Mobilesoftwareto target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The intrusions leverage the vulnerabilities to obtain a reverse shell and drop malicious payloads like KrustyLoader, which is known to deliver the Sliver command-and-controlframework. "UNC5221 demonstrates a deep understanding of EPMM's internal architecture, repurposing legitimate system components for covert data exfiltration," EclecticIQ said. "Given EPMM's role in managing and pushing configurations to enterprise mobile devices, a successful exploitation could allow threat actors to remotely access, manipulate, or compromise thousands of managed devices across an organization." Over 100 Google Chrome Extensions Mimic Popular Tools — An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities such as DeepSeek, Manus, DeBank, FortiVPN, and Site Stats but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. Links to these browser add-ons are hosted on specially crafted sites to which users are likely redirected to via phishing and social media posts. While the extensions appear to offer the advertised features, they also stealthily facilitate credential and cookie theft, session hijacking, ad injection, malicious redirects, traffic manipulation, and phishing via DOM manipulation. Several of these extensions have been taken down by Google. CISA Warns of SaaS Providers of Attacks Targeting Cloud Environments — The U.S. Cybersecurity and Infrastructure Security Agencywarned that SaaS companies are under threat from bad actors who are on the prowl for cloud applications with default configurations and elevated permissions. While the agency did not attribute the activity to a specific group, the advisory said enterprise backup platform Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault'sMicrosoft 365backup software-as-a-servicesolution, hosted in Azure," CISA said. "This provided the threat actors with unauthorized access to Commvault's customers' M365 environments that have application secrets stored by Commvault." GitLab AI Coding Assistant Flaws Could Be Used to Inject Malicious Code — Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligenceassistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. The attack could also leak confidential issue data, such as zero-day vulnerability details. All that's required is for the attacker to instruct the chatbot to interact with a merge requestby taking advantage of the fact that GitLab Duo has extensive access to the platform. "By embedding hidden instructions in seemingly harmless project content, we were able to manipulate Duo's behavior, exfiltrate private source code, and demonstrate how AI responses can be leveraged for unintended and harmful outcomes," Legit Security said. One variation of the attack involved hiding a malicious instruction in an otherwise legitimate piece of source code, while another exploited Duo's parsing of markdown responses in real-time asynchronously. An attacker could leverage this behavior – that Duo begins rendering the output line by line rather than waiting until the entire response is generated and sending it all at once – to introduce malicious HTML code that can access sensitive data and exfiltrate the information to a remote server. The issues have been patched by GitLab following responsible disclosure. ‎️‍🔥 Trending CVEs Software vulnerabilities remain one of the simplest—and most effective—entry points for attackers. Each week uncovers new flaws, and even small delays in patching can escalate into serious security incidents. Staying ahead means acting fast. Below is this week's list of high-risk vulnerabilities that demand attention. Review them carefully, apply updates without delay, and close the doors before they're forced open. This week's list includes — CVE-2025-34025, CVE-2025-34026, CVE-2025-34027, CVE-2025-30911, CVE-2024-57273, CVE-2024-54780, and CVE-2024-54779, CVE-2025-41229, CVE-2025-4322, CVE-2025-47934, CVE-2025-30193, CVE-2025-0993, CVE-2025-36535, CVE-2025-47949, CVE-2025-40775, CVE-2025-20152, CVE-2025-4123, CVE-2025-5063, CVE-2025-37899, CVE-2025-26817, CVE-2025-47947, CVE-2025-3078, CVE-2025-3079, and CVE-2025-4978. 📰 Around the Cyber World Sandworm Drops New Wiper in Ukraine — The Russia-aligned Sandworm group intensified destructive operations against Ukrainian energy companies, deploying a new wiper named ZEROLOT. "The infamous Sandworm group concentrated heavily on compromising Ukrainian energy infrastructure. In recent cases, it deployed the ZEROLOT wiper in Ukraine. For this, the attackers abused Active Directory Group Policy in the affected organizations," ESET Director of Threat Research, Jean-Ian Boutin, said. Another Russian hacking group, Gamaredon, remained the most prolific actor targeting the East European nation, enhancing malware obfuscation and introducing PteroBox, a file stealer leveraging Dropbox. Signal Says No to Recall — Signal has released a new version of its messaging app for Windows that, by default, blocks the ability of Windows to use Recall to periodically take screenshots of the app. "Although Microsoft made several adjustments over the past twelve months in response to critical feedback, the revamped version of Recall still places any content that's displayed within privacy-preserving apps like Signal at risk," Signal said. "As a result, we are enabling an extra layer of protection by default on Windows 11 in order to help maintain the security of Signal Desktop on that platform even though it introduces some usability trade-offs. Microsoft has simply given us no other option." Microsoft began officially rolling out Recall last month. Russia Introduces New Law to Track Foreigners Using Their Smartphones — The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. This includes gathering their real-time locations, fingerprint, face photograph, and residential information. "The adopted mechanism will allow, using modern technologies, to strengthen control in the field of migration and will also contribute to reducing the number of violations and crimes in this area," Vyacheslav Volodin, chairman of the State Duma, said. "If migrants change their actual place of residence, they will be required to inform the Ministry of Internal Affairswithin three working days." A proposed four-year trial period begins on September 1, 2025, and runs until September 1, 2029. Dutch Government Passes Law to Criminalize Cyber Espionage — The Dutch government has approved a law criminalizing a wide range of espionage activities, including digital espionage, in an effort to protect national security, critical infrastructure, and high-quality technologies. Under the amended law, leaking sensitive information that is not classified as a state secret or engaging in activities on behalf of a foreign government that harm Dutch interests can also result in criminal charges. "Foreign governments are also interested in non-state-secret, sensitive information about a particular economic sector or about political decision-making," the government said. "Such information can be used to influence political processes, weaken the Dutch economy or play allies against each other. Espionage can also involve actions other than sharing information." Microsoft Announces Availability of Quantum-Resistant Algorithms to SymCrypt — Microsoft has revealed that it's making post-quantum cryptographycapabilities, including ML-KEM and ML-DSA, available for Windows Insiders, Canary Channel Build 27852 and higher, and Linux, SymCrypt-OpenSSL version 1.9.0. "This advancement will enable customers to commence their exploration and experimentation of PQC within their operational environments," Microsoft said. "By obtaining early access to PQC capabilities, organizations can proactively assess the compatibility, performance, and integration of these novel algorithms alongside their existing security infrastructure." New Malware DOUBLELOADER Uses ALCATRAZ for Obfuscation — The open-source obfuscator ALCATRAZ has been seen within a new generic loader dubbed DOUBLELOADER, which has been deployed alongside Rhadamanthys Stealer infections starting December 2024. The malware collects host information, requests an updated version of itself, and starts beaconing to a hardcoded IP addressstored within the binary. "Obfuscators such as ALCATRAZ end up increasing the complexity when triaging malware," Elastic Security Labs said. "Its main goal is to hinder binary analysis tools and increase the time of the reverse engineering process through different techniques; such as hiding the control flow or making decompilation hard to follow." New Formjacking Campaign Targets WooCommerce Sites — Cybersecurity researchers have detected a sophisticated formjacking campaign targeting WooCommerce sites. The malware, per Wordfence, injects a fake but professional-looking payment form into legitimate checkout processes and exfiltrates sensitive customer data to an external server. Further analysis has revealed that the infection likely originated from a compromised WordPress admin account, which was used to inject malicious JavaScript via a Simple Custom CSS and JS pluginthat allows administrators to add custom code. "Unlike traditional card skimmers that simply overlay existing forms, this variant carefully integrates with the WooCommerce site's design and payment workflow, making it particularly difficult for site owners and users to detect," the WordPress security company said. "The malware author repurposed the browser's localStorage mechanism – typically used by websites to remember user preferences – to silently store stolen data and maintain access even after page reloads or when navigating away from the checkout page." E.U. Sanctions Stark Industries — The European Unionhas announced sanctions against 21 individuals and six entities in Russia over its "destabilising actions" in the region. One of the sanctioned entities is Stark Industries, a bulletproof hosting provider that has been accused of acting as "enablers of various Russian state-sponsored and affiliated actors to conduct destabilising activities including, information manipulation interference and cyber attacks against the Union and third countries." The sanctions also target its CEO Iurie Neculiti and owner Ivan Neculiti. Stark Industries was previously spotlighted by independent cybersecurity journalist Brian Krebs, detailing its use in DDoS attacks in Ukraine and across Europe. In August 2024, Team Cymru said it discovered 25 Stark-assigned IP addresses used to host domains associated with FIN7 activities and that it had been working with Stark Industries for several months to identify and reduce abuse of their systems. The sanctions have also targeted Kremlin-backed manufacturers of drones and radio communication equipment used by the Russian military, as well as those involved in GPS signal jamming in Baltic states and disrupting civil aviation. The Mask APT Unmasked as Tied to the Spanish Government — The mysterious threat actor known as The Maskhas been identified as run by the Spanish government, according to a report published by TechCrunch, citing people who worked at Kaspersky at the time and had knowledge of the investigation. The Russian cybersecurity company first exposed the hacking group in 2014, linking it to highly sophisticated attacks since at least 2007 targeting high-profile organizations, such as governments, diplomatic entities, and research institutions. A majority of the group's attacks have targeted Cuba, followed by hundreds of victims in Brazil, Morocco, Spain, and Gibraltar. While Kaspersky has not publicly attributed it to a specific country, the latest revelation makes The Mask one of the few Western government hacking groups that has ever been discussed in public. This includes the Equation Group, the Lamberts, and Animal Farm. Social Engineering Scams Target Coinbase Users — Earlier this month, cryptocurrency exchange Coinbase revealed that it was the victim of a malicious attack perpetrated by unknown threat actors to breach its systems by bribing customer support agents in India and siphon funds from nearly 70,000 customers. According to Blockchain security firm SlowMist, Coinbase users have been the target of social engineering scams since the start of the year, bombarding with SMS messages claiming to be fake withdrawal requests and seeking their confirmation as part of a "sustained and organized scam campaign." The goal is to induce a false sense of urgency and trick them into calling a number, eventually convincing them to transfer the funds to a secure wallet with a seed phrase pre-generated by the attackers and ultimately drain the assets. It's assessed that the activities are primarily carried out by two groups: low-level skid attackers from the Com community and organized cybercrime groups based in India. "Using spoofed PBX phone systems, scammers impersonate Coinbase support and claim there's been 'unauthorized access' or 'suspicious withdrawals' on the user's account," SlowMist said. "They create a sense of urgency, then follow up with phishing emails or texts containing fake ticket numbers or 'recovery links.'" Delta Can Sue CrowdStrike Over July 2024 Mega Outage — Delta Air Lines, which had its systems crippled and almost 7,000 flights canceled in the wake of a massive outage caused by a faulty update issued by CrowdStrike in mid-July 2024, has been given the green light to pursue to its lawsuit against the cybersecurity company. A judge in the U.S. state of Georgia stating Delta can try to prove that CrowdStrike was grossly negligent by pushing a defective update to its Falcon software to customers. The update crashed 8.5 million Windows devices across the world. Crowdstrike previously claimed that the airline had rejected technical support offers both from itself and Microsoft. In a statement shared with Reuters, lawyers representing CrowdStrike said they were "confident the judge will find Delta's case has no merit, or will limit damages to the 'single-digit millions of dollars' under Georgia law." The development comes months after MGM Resorts International agreed to pay million to settle multiple class-action lawsuits related to a data breach in 2019 and a ransomware attack the company experienced in 2023. Storm-1516 Uses AI-Generated Media to Spread Disinformation — The Russian influence operation known as Storm-1516sought to spread narratives that undermined the European support for Ukraine by amplifying fabricated stories on X about European leaders using drugs while traveling by train to Kyiv for peace talks. One of the posts was subsequently shared by Russian state media and Maria Zakharova, a senior official in Russia's foreign ministry, as part of what has been described as a coordinated disinformation campaign by EclecticIQ. The activity is also notable for the use of synthetic content depicting French President Emmanuel Macron, U.K. Labour Party leader Keir Starmer, and German chancellor Friedrich Merz of drug possession during their return from Ukraine. "By attacking the reputation of these leaders, the campaign likely aimed to turn their own voters against them, using influence operationsto reduce public support for Ukraine by discrediting the politicians who back it," the Dutch threat intelligence firm said. Turkish Users Targeted by DBatLoader — AhnLab has disclosed details of a malware campaign that's distributing a malware loader called DBatLoadervia banking-themed banking emails, which then acts as a conduit to deliver SnakeKeylogger, an information stealer developed in .NET. "The DBatLoader malware distributed through phishing emails has the cunning behavior of exploiting normal processesthrough techniques such as DLL side-loading and injection for most of its behaviors, and it also utilizes normal processesfor behaviors such as file copying and changing policies," the company said. SEC SIM-Swapper Sentenced to 14 Months for SEC X Account Hack — A 26-year-old Alabama man, Eric Council Jr., has been sentenced to 14 months in prison and three years of supervised release for using SIM swapping attacks to breach the U.S. Securities and Exchange Commission'sofficial X account in January 2024 and falsely announced that the SEC approved BitcoinExchange Traded Funds. Council Jr.was arrested in October 2024 and pleaded guilty to the crime earlier this February. He has also been ordered to forfeit According to court documents, Council used his personal computer to search incriminating phrases such as "SECGOV hack," "telegram sim swap," "how can I know for sure if I am being investigated by the FBI," "What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them," "what are some signs that the FBI is after you," "Verizon store list," "federal identity theft statute," and "how long does it take to delete telegram account." FBI Warns of Malicious Campaign Impersonating Government Officials — The U.S. Federal Bureau of Investigationis warning of a new campaign that involves malicious actors impersonating senior U.S. federal or state government officials and their contacts to target individuals since April 2025. "The malicious actors have sent text messages and AI-generated voice messages — techniques known as smishing and vishing, respectively — that claim to come from a senior US official in an effort to establish rapport before gaining access to personal accounts," the FBI said. "One way the actors gain such access is by sending targeted individuals a malicious link under the guise of transitioning to a separate messaging platform." From there, the actor may present malware or introduce hyperlinks that lead intended targets to an actor-controlled site that steals login information. DICOM Flaw Enables Attackers to Embed Malicious Code Within Medical Image Files — Praetorian has released a proof-of-conceptfor a high-severity security flaw in Digital Imaging and Communications in Medicine, predominant file format for medical images, that enables attackers to embed malicious code within legitimate medical image files. CVE-2019-11687, originally disclosed in 2019 by Markel Picado Ortiz, stems from a design decision that allows arbitrary content at the start of the file, otherwise called the Preamble, which enables the creation of malicious polyglots. Codenamed ELFDICOM, the PoC extends the attack surface to Linux environments, making it a much more potent threat. As mitigations, it's advised to implement a DICOM preamble whitelist. "DICOM's file structure inherently allows arbitrary bytes at the beginning of the file, where Linux and most operating systems will look for magic bytes," Praetorian researcher Ryan Hennessee said. "would check a DICOM file's preamble before it is imported into the system. This would allow known good patterns, such as 'TIFF' magic bytes, or '\x00' null bytes, while files with the ELF magic bytes would be blocked." Cookie-Bite Attack Uses Chrome Extension to Steal Session Tokens — Cybersecurity researchers have demonstrated a new attack technique called Cookie-Bite that employs custom-made malicious browser extensions to steal "ESTAUTH" and "ESTSAUTHPERSISTNT" cookies in Microsoft Azure Entra ID and bypass multi-factor authentication. The attack has multiple moving parts to it: A custom Chrome extension that monitors authentication events and captures cookies; a PowerShell script that automates the extension deployment and ensures persistence; an exfiltration mechanism to send the cookies to a remote collection point; and a complementary extension to inject the captured cookies into the attacker's browser. "Threat actors often use infostealers to extract authentication tokens directly from a victim's machine or buy them directly through darkness markets, allowing adversaries to hijack active cloud sessions without triggering MFA," Varonis said. "By injecting these cookies while mimicking the victim's OS, browser, and network, attackers can evade Conditional Access Policiesand maintain persistent access." Authentication cookies can also be stolen using adversary-in-the-middlephishing kits in real-time, or using rogue browser extensions that request excessive permissions to interact with web sessions, modify page content, and extract stored authentication data. Once installed, the extension can access the browser's storage API, intercept network requests, or inject malicious JavaScript into active sessions to harvest real-time session cookies. "By leveraging stolen session cookies, an adversary can bypass authentication mechanisms, gaining seamless entry into cloud environments without requiring user credentials," Varonis said. "Beyond initial access, session hijacking can facilitate lateral movement across the tenant, allowing attackers to explore additional resources, access sensitive data, and escalate privileges by abusing existing permissions or misconfigured roles." 🎥 Cybersecurity Webinars Non-Human Identities: The AI Backdoor You're Not Watching → AI agents rely on Non-Human Identitiesto function—but these are often left untracked and unsecured. As attackers shift focus to this hidden layer, the risk is growing fast. In this session, you'll learn how to find, secure, and monitor these identities before they're exploited. Join the webinar to understand the real risks behind AI adoption—and how to stay ahead. Inside the LOTS Playbook: How Hackers Stay Undetected → Attackers are using trusted sites to stay hidden. In this webinar, Zscaler experts share how they detect these stealthy LOTS attacks using insights from the world's largest security cloud. Join to learn how to spot hidden threats and improve your defense. 🔧 Cybersecurity Tools ScriptSentry → It is a free tool that scans your environment for dangerous logon script misconfigurations—like plaintext credentials, insecure file/share permissions, and references to non-existent servers. These overlooked issues can enable lateral movement, privilege escalation, or even credential theft. ScriptSentry helps you quickly identify and fix them across large Active Directory environments. Aftermath → It is a Swift-based, open-source tool for macOS incident response. It collects forensic data—like logs, browser activity, and process info—from compromised systems, then analyzes it to build timelines and track infection paths. Deploy via MDM or run manually. Fast, lightweight, and ideal for post-incident investigation. AI Red Teaming Playground Labs → It is an open-source training suite with hands-on challenges designed to teach security professionals how to red team AI systems. Originally developed for Black Hat USA 2024, the labs cover prompt injections, safety bypasses, indirect attacks, and Responsible AI failures. Built on Chat Copilot and deployable via Docker, it's a practical resource for testing and understanding real-world AI vulnerabilities. 🔒 Tip of the Week Review and Revoke Old OAuth App Permissions — They're Silent Backdoor → You've likely logged into apps using "Continue with Google," "Sign in with Microsoft," or GitHub/Twitter/Facebook logins. That's OAuth. But did you know many of those apps still have access to your data long after you stop using them? Why it matters: Even if you delete the app or forget it existed, it might still have ongoing access to your calendar, email, cloud files, or contact list — no password needed. If that third-party gets breached, your data is at risk. What to do: Go through your connected apps here: Google: myaccount.google.com/permissions Microsoft: account.live.com/consent/Manage GitHub: github.com/settings/applications Facebook: facebook.com/settings?tab=applications Revoke anything you don't actively use. It's a fast, silent cleanup — and it closes doors you didn't know were open. Conclusion Looking ahead, it's not just about tracking threats—it's about understanding what they reveal. Every tactic used, every system tested, points to deeper issues in how trust, access, and visibility are managed. As attackers adapt quickly, defenders need sharper awareness and faster response loops. The takeaways from this week aren't just technical—they speak to how teams prioritize risk, design safeguards, and make choices under pressure. Use these insights not just to react, but to rethink what "secure" really needs to mean in today's environment. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. #weekly #recap #apt #campaigns #browser
    THEHACKERNEWS.COM
    ⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
    Cyber threats don't show up one at a time anymore. They're layered, planned, and often stay hidden until it's too late. For cybersecurity teams, the key isn't just reacting to alerts—it's spotting early signs of trouble before they become real threats. This update is designed to deliver clear, accurate insights based on real patterns and changes we can verify. With today's complex systems, we need focused analysis—not noise. What you'll see here isn't just a list of incidents, but a clear look at where control is being gained, lost, or quietly tested. ⚡ Threat of the Week Lumma Stealer, DanaBot Operations Disrupted — A coalition of private sector companies and law enforcement agencies have taken down the infrastructure associated with Lumma Stealer and DanaBot. Charges have also been unsealed against 16 individuals for their alleged involvement in the development and deployment of DanaBot. The malware is equipped to siphon data from victim computers, hijack banking sessions, and steal device information. More uniquely, though, DanaBot has also been used for hacking campaigns that appear to be linked to Russian state-sponsored interests. All of that makes DanaBot a particularly clear example of how commodity malware has been repurposed by Russian state hackers for their own goals. In tandem, about 2,300 domains that acted as the command-and-control (C2) backbone for the Lumma information stealer have been seized, alongside taking down 300 servers and neutralizing 650 domains that were used to launch ransomware attacks. The actions against international cybercrime in the past few days constituted the latest phase of Operation Endgame. Get the Guide ➝ 🔔 Top News Threat Actors Use TikTok Videos to Distribute Stealers — While ClickFix has become a popular social engineering tactic to deliver malware, threat actors have been observed using artificial intelligence (AI)-generated videos uploaded to TikTok to deceive users into running malicious commands on their systems and deploy malware like Vidar and StealC under the guise of activating pirated version of Windows, Microsoft Office, CapCut, and Spotify. "This campaign highlights how attackers are ready to weaponize whichever social media platforms are currently popular to distribute malware," Trend Micro said. APT28 Hackers Target Western Logistics and Tech Firms — Several cybersecurity and intelligence agencies from Australia, Europe, and the United States issued a joint alert warning of a state-sponsored campaign orchestrated by the Russian state-sponsored threat actor APT28 targeting Western logistics entities and technology companies since 2022. "This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors' wide scale targeting of IP cameras in Ukraine and bordering NATO nations," the agencies said. The attacks are designed to steal sensitive information and maintain long-term persistence on compromised hosts. Chinese Threat Actors Exploit Ivanti EPMM Flaws — The China-nexus cyber espionage group tracked as UNC5221 has been attributed to the exploitation of a pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software (CVE-2025-4427 and CVE-2025-4428) to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The intrusions leverage the vulnerabilities to obtain a reverse shell and drop malicious payloads like KrustyLoader, which is known to deliver the Sliver command-and-control (C2) framework. "UNC5221 demonstrates a deep understanding of EPMM's internal architecture, repurposing legitimate system components for covert data exfiltration," EclecticIQ said. "Given EPMM's role in managing and pushing configurations to enterprise mobile devices, a successful exploitation could allow threat actors to remotely access, manipulate, or compromise thousands of managed devices across an organization." Over 100 Google Chrome Extensions Mimic Popular Tools — An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities such as DeepSeek, Manus, DeBank, FortiVPN, and Site Stats but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. Links to these browser add-ons are hosted on specially crafted sites to which users are likely redirected to via phishing and social media posts. While the extensions appear to offer the advertised features, they also stealthily facilitate credential and cookie theft, session hijacking, ad injection, malicious redirects, traffic manipulation, and phishing via DOM manipulation. Several of these extensions have been taken down by Google. CISA Warns of SaaS Providers of Attacks Targeting Cloud Environments — The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that SaaS companies are under threat from bad actors who are on the prowl for cloud applications with default configurations and elevated permissions. While the agency did not attribute the activity to a specific group, the advisory said enterprise backup platform Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault's (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure," CISA said. "This provided the threat actors with unauthorized access to Commvault's customers' M365 environments that have application secrets stored by Commvault." GitLab AI Coding Assistant Flaws Could Be Used to Inject Malicious Code — Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. The attack could also leak confidential issue data, such as zero-day vulnerability details. All that's required is for the attacker to instruct the chatbot to interact with a merge request (or commit, issue, or source code) by taking advantage of the fact that GitLab Duo has extensive access to the platform. "By embedding hidden instructions in seemingly harmless project content, we were able to manipulate Duo's behavior, exfiltrate private source code, and demonstrate how AI responses can be leveraged for unintended and harmful outcomes," Legit Security said. One variation of the attack involved hiding a malicious instruction in an otherwise legitimate piece of source code, while another exploited Duo's parsing of markdown responses in real-time asynchronously. An attacker could leverage this behavior – that Duo begins rendering the output line by line rather than waiting until the entire response is generated and sending it all at once – to introduce malicious HTML code that can access sensitive data and exfiltrate the information to a remote server. The issues have been patched by GitLab following responsible disclosure. ‎️‍🔥 Trending CVEs Software vulnerabilities remain one of the simplest—and most effective—entry points for attackers. Each week uncovers new flaws, and even small delays in patching can escalate into serious security incidents. Staying ahead means acting fast. Below is this week's list of high-risk vulnerabilities that demand attention. Review them carefully, apply updates without delay, and close the doors before they're forced open. This week's list includes — CVE-2025-34025, CVE-2025-34026, CVE-2025-34027 (Versa Concerto), CVE-2025-30911 (RomethemeKit For Elementor WordPress plugin), CVE-2024-57273, CVE-2024-54780, and CVE-2024-54779 (pfSense), CVE-2025-41229 (VMware Cloud Foundation), CVE-2025-4322 (Motors WordPress theme), CVE-2025-47934 (OpenPGP.js), CVE-2025-30193 (PowerDNS), CVE-2025-0993 (GitLab), CVE-2025-36535 (AutomationDirect MB-Gateway), CVE-2025-47949 (Samlify), CVE-2025-40775 (BIND DNS), CVE-2025-20152 (Cisco Identity Services Engine), CVE-2025-4123 (Grafana), CVE-2025-5063 (Google Chrome), CVE-2025-37899 (Linux Kernel), CVE-2025-26817 (Netwrix Password Secure), CVE-2025-47947 (ModSecurity), CVE-2025-3078, CVE-2025-3079 (Canon Printers), and CVE-2025-4978 (NETGEAR). 📰 Around the Cyber World Sandworm Drops New Wiper in Ukraine — The Russia-aligned Sandworm group intensified destructive operations against Ukrainian energy companies, deploying a new wiper named ZEROLOT. "The infamous Sandworm group concentrated heavily on compromising Ukrainian energy infrastructure. In recent cases, it deployed the ZEROLOT wiper in Ukraine. For this, the attackers abused Active Directory Group Policy in the affected organizations," ESET Director of Threat Research, Jean-Ian Boutin, said. Another Russian hacking group, Gamaredon, remained the most prolific actor targeting the East European nation, enhancing malware obfuscation and introducing PteroBox, a file stealer leveraging Dropbox. Signal Says No to Recall — Signal has released a new version of its messaging app for Windows that, by default, blocks the ability of Windows to use Recall to periodically take screenshots of the app. "Although Microsoft made several adjustments over the past twelve months in response to critical feedback, the revamped version of Recall still places any content that's displayed within privacy-preserving apps like Signal at risk," Signal said. "As a result, we are enabling an extra layer of protection by default on Windows 11 in order to help maintain the security of Signal Desktop on that platform even though it introduces some usability trade-offs. Microsoft has simply given us no other option." Microsoft began officially rolling out Recall last month. Russia Introduces New Law to Track Foreigners Using Their Smartphones — The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. This includes gathering their real-time locations, fingerprint, face photograph, and residential information. "The adopted mechanism will allow, using modern technologies, to strengthen control in the field of migration and will also contribute to reducing the number of violations and crimes in this area," Vyacheslav Volodin, chairman of the State Duma, said. "If migrants change their actual place of residence, they will be required to inform the Ministry of Internal Affairs (MVD) within three working days." A proposed four-year trial period begins on September 1, 2025, and runs until September 1, 2029. Dutch Government Passes Law to Criminalize Cyber Espionage — The Dutch government has approved a law criminalizing a wide range of espionage activities, including digital espionage, in an effort to protect national security, critical infrastructure, and high-quality technologies. Under the amended law, leaking sensitive information that is not classified as a state secret or engaging in activities on behalf of a foreign government that harm Dutch interests can also result in criminal charges. "Foreign governments are also interested in non-state-secret, sensitive information about a particular economic sector or about political decision-making," the government said. "Such information can be used to influence political processes, weaken the Dutch economy or play allies against each other. Espionage can also involve actions other than sharing information." Microsoft Announces Availability of Quantum-Resistant Algorithms to SymCrypt — Microsoft has revealed that it's making post-quantum cryptography (PQC) capabilities, including ML-KEM and ML-DSA, available for Windows Insiders, Canary Channel Build 27852 and higher, and Linux, SymCrypt-OpenSSL version 1.9.0. "This advancement will enable customers to commence their exploration and experimentation of PQC within their operational environments," Microsoft said. "By obtaining early access to PQC capabilities, organizations can proactively assess the compatibility, performance, and integration of these novel algorithms alongside their existing security infrastructure." New Malware DOUBLELOADER Uses ALCATRAZ for Obfuscation — The open-source obfuscator ALCATRAZ has been seen within a new generic loader dubbed DOUBLELOADER, which has been deployed alongside Rhadamanthys Stealer infections starting December 2024. The malware collects host information, requests an updated version of itself, and starts beaconing to a hardcoded IP address (185.147.125[.]81) stored within the binary. "Obfuscators such as ALCATRAZ end up increasing the complexity when triaging malware," Elastic Security Labs said. "Its main goal is to hinder binary analysis tools and increase the time of the reverse engineering process through different techniques; such as hiding the control flow or making decompilation hard to follow." New Formjacking Campaign Targets WooCommerce Sites — Cybersecurity researchers have detected a sophisticated formjacking campaign targeting WooCommerce sites. The malware, per Wordfence, injects a fake but professional-looking payment form into legitimate checkout processes and exfiltrates sensitive customer data to an external server. Further analysis has revealed that the infection likely originated from a compromised WordPress admin account, which was used to inject malicious JavaScript via a Simple Custom CSS and JS plugin (or something similar) that allows administrators to add custom code. "Unlike traditional card skimmers that simply overlay existing forms, this variant carefully integrates with the WooCommerce site's design and payment workflow, making it particularly difficult for site owners and users to detect," the WordPress security company said. "The malware author repurposed the browser's localStorage mechanism – typically used by websites to remember user preferences – to silently store stolen data and maintain access even after page reloads or when navigating away from the checkout page." E.U. Sanctions Stark Industries — The European Union (E.U.) has announced sanctions against 21 individuals and six entities in Russia over its "destabilising actions" in the region. One of the sanctioned entities is Stark Industries, a bulletproof hosting provider that has been accused of acting as "enablers of various Russian state-sponsored and affiliated actors to conduct destabilising activities including, information manipulation interference and cyber attacks against the Union and third countries." The sanctions also target its CEO Iurie Neculiti and owner Ivan Neculiti. Stark Industries was previously spotlighted by independent cybersecurity journalist Brian Krebs, detailing its use in DDoS attacks in Ukraine and across Europe. In August 2024, Team Cymru said it discovered 25 Stark-assigned IP addresses used to host domains associated with FIN7 activities and that it had been working with Stark Industries for several months to identify and reduce abuse of their systems. The sanctions have also targeted Kremlin-backed manufacturers of drones and radio communication equipment used by the Russian military, as well as those involved in GPS signal jamming in Baltic states and disrupting civil aviation. The Mask APT Unmasked as Tied to the Spanish Government — The mysterious threat actor known as The Mask (aka Careto) has been identified as run by the Spanish government, according to a report published by TechCrunch, citing people who worked at Kaspersky at the time and had knowledge of the investigation. The Russian cybersecurity company first exposed the hacking group in 2014, linking it to highly sophisticated attacks since at least 2007 targeting high-profile organizations, such as governments, diplomatic entities, and research institutions. A majority of the group's attacks have targeted Cuba, followed by hundreds of victims in Brazil, Morocco, Spain, and Gibraltar. While Kaspersky has not publicly attributed it to a specific country, the latest revelation makes The Mask one of the few Western government hacking groups that has ever been discussed in public. This includes the Equation Group, the Lamberts (the U.S.), and Animal Farm (France). Social Engineering Scams Target Coinbase Users — Earlier this month, cryptocurrency exchange Coinbase revealed that it was the victim of a malicious attack perpetrated by unknown threat actors to breach its systems by bribing customer support agents in India and siphon funds from nearly 70,000 customers. According to Blockchain security firm SlowMist, Coinbase users have been the target of social engineering scams since the start of the year, bombarding with SMS messages claiming to be fake withdrawal requests and seeking their confirmation as part of a "sustained and organized scam campaign." The goal is to induce a false sense of urgency and trick them into calling a number, eventually convincing them to transfer the funds to a secure wallet with a seed phrase pre-generated by the attackers and ultimately drain the assets. It's assessed that the activities are primarily carried out by two groups: low-level skid attackers from the Com community and organized cybercrime groups based in India. "Using spoofed PBX phone systems, scammers impersonate Coinbase support and claim there's been 'unauthorized access' or 'suspicious withdrawals' on the user's account," SlowMist said. "They create a sense of urgency, then follow up with phishing emails or texts containing fake ticket numbers or 'recovery links.'" Delta Can Sue CrowdStrike Over July 2024 Mega Outage — Delta Air Lines, which had its systems crippled and almost 7,000 flights canceled in the wake of a massive outage caused by a faulty update issued by CrowdStrike in mid-July 2024, has been given the green light to pursue to its lawsuit against the cybersecurity company. A judge in the U.S. state of Georgia stating Delta can try to prove that CrowdStrike was grossly negligent by pushing a defective update to its Falcon software to customers. The update crashed 8.5 million Windows devices across the world. Crowdstrike previously claimed that the airline had rejected technical support offers both from itself and Microsoft. In a statement shared with Reuters, lawyers representing CrowdStrike said they were "confident the judge will find Delta's case has no merit, or will limit damages to the 'single-digit millions of dollars' under Georgia law." The development comes months after MGM Resorts International agreed to pay $45 million to settle multiple class-action lawsuits related to a data breach in 2019 and a ransomware attack the company experienced in 2023. Storm-1516 Uses AI-Generated Media to Spread Disinformation — The Russian influence operation known as Storm-1516 (aka CopyCop) sought to spread narratives that undermined the European support for Ukraine by amplifying fabricated stories on X about European leaders using drugs while traveling by train to Kyiv for peace talks. One of the posts was subsequently shared by Russian state media and Maria Zakharova, a senior official in Russia's foreign ministry, as part of what has been described as a coordinated disinformation campaign by EclecticIQ. The activity is also notable for the use of synthetic content depicting French President Emmanuel Macron, U.K. Labour Party leader Keir Starmer, and German chancellor Friedrich Merz of drug possession during their return from Ukraine. "By attacking the reputation of these leaders, the campaign likely aimed to turn their own voters against them, using influence operations (IO) to reduce public support for Ukraine by discrediting the politicians who back it," the Dutch threat intelligence firm said. Turkish Users Targeted by DBatLoader — AhnLab has disclosed details of a malware campaign that's distributing a malware loader called DBatLoader (aka ModiLoader) via banking-themed banking emails, which then acts as a conduit to deliver SnakeKeylogger, an information stealer developed in .NET. "The DBatLoader malware distributed through phishing emails has the cunning behavior of exploiting normal processes (easinvoker.exe, loader.exe) through techniques such as DLL side-loading and injection for most of its behaviors, and it also utilizes normal processes (cmd.exe, powershell.exe, esentutl.exe, extrac32.exe) for behaviors such as file copying and changing policies," the company said. SEC SIM-Swapper Sentenced to 14 Months for SEC X Account Hack — A 26-year-old Alabama man, Eric Council Jr., has been sentenced to 14 months in prison and three years of supervised release for using SIM swapping attacks to breach the U.S. Securities and Exchange Commission's (SEC) official X account in January 2024 and falsely announced that the SEC approved Bitcoin (BTC) Exchange Traded Funds (ETFs). Council Jr. (aka Ronin, Agiantschnauzer, and @EasyMunny) was arrested in October 2024 and pleaded guilty to the crime earlier this February. He has also been ordered to forfeit $50,000. According to court documents, Council used his personal computer to search incriminating phrases such as "SECGOV hack," "telegram sim swap," "how can I know for sure if I am being investigated by the FBI," "What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them," "what are some signs that the FBI is after you," "Verizon store list," "federal identity theft statute," and "how long does it take to delete telegram account." FBI Warns of Malicious Campaign Impersonating Government Officials — The U.S. Federal Bureau of Investigation (FBI) is warning of a new campaign that involves malicious actors impersonating senior U.S. federal or state government officials and their contacts to target individuals since April 2025. "The malicious actors have sent text messages and AI-generated voice messages — techniques known as smishing and vishing, respectively — that claim to come from a senior US official in an effort to establish rapport before gaining access to personal accounts," the FBI said. "One way the actors gain such access is by sending targeted individuals a malicious link under the guise of transitioning to a separate messaging platform." From there, the actor may present malware or introduce hyperlinks that lead intended targets to an actor-controlled site that steals login information. DICOM Flaw Enables Attackers to Embed Malicious Code Within Medical Image Files — Praetorian has released a proof-of-concept (PoC) for a high-severity security flaw in Digital Imaging and Communications in Medicine (DICOM), predominant file format for medical images, that enables attackers to embed malicious code within legitimate medical image files. CVE-2019-11687 (CVSS score: 7.8), originally disclosed in 2019 by Markel Picado Ortiz, stems from a design decision that allows arbitrary content at the start of the file, otherwise called the Preamble, which enables the creation of malicious polyglots. Codenamed ELFDICOM, the PoC extends the attack surface to Linux environments, making it a much more potent threat. As mitigations, it's advised to implement a DICOM preamble whitelist. "DICOM's file structure inherently allows arbitrary bytes at the beginning of the file, where Linux and most operating systems will look for magic bytes," Praetorian researcher Ryan Hennessee said. "[The whitelist] would check a DICOM file's preamble before it is imported into the system. This would allow known good patterns, such as 'TIFF' magic bytes, or '\x00' null bytes, while files with the ELF magic bytes would be blocked." Cookie-Bite Attack Uses Chrome Extension to Steal Session Tokens — Cybersecurity researchers have demonstrated a new attack technique called Cookie-Bite that employs custom-made malicious browser extensions to steal "ESTAUTH" and "ESTSAUTHPERSISTNT" cookies in Microsoft Azure Entra ID and bypass multi-factor authentication (MFA). The attack has multiple moving parts to it: A custom Chrome extension that monitors authentication events and captures cookies; a PowerShell script that automates the extension deployment and ensures persistence; an exfiltration mechanism to send the cookies to a remote collection point; and a complementary extension to inject the captured cookies into the attacker's browser. "Threat actors often use infostealers to extract authentication tokens directly from a victim's machine or buy them directly through darkness markets, allowing adversaries to hijack active cloud sessions without triggering MFA," Varonis said. "By injecting these cookies while mimicking the victim's OS, browser, and network, attackers can evade Conditional Access Policies (CAPs) and maintain persistent access." Authentication cookies can also be stolen using adversary-in-the-middle (AitM) phishing kits in real-time, or using rogue browser extensions that request excessive permissions to interact with web sessions, modify page content, and extract stored authentication data. Once installed, the extension can access the browser's storage API, intercept network requests, or inject malicious JavaScript into active sessions to harvest real-time session cookies. "By leveraging stolen session cookies, an adversary can bypass authentication mechanisms, gaining seamless entry into cloud environments without requiring user credentials," Varonis said. "Beyond initial access, session hijacking can facilitate lateral movement across the tenant, allowing attackers to explore additional resources, access sensitive data, and escalate privileges by abusing existing permissions or misconfigured roles." 🎥 Cybersecurity Webinars Non-Human Identities: The AI Backdoor You're Not Watching → AI agents rely on Non-Human Identities (like service accounts and API keys) to function—but these are often left untracked and unsecured. As attackers shift focus to this hidden layer, the risk is growing fast. In this session, you'll learn how to find, secure, and monitor these identities before they're exploited. Join the webinar to understand the real risks behind AI adoption—and how to stay ahead. Inside the LOTS Playbook: How Hackers Stay Undetected → Attackers are using trusted sites to stay hidden. In this webinar, Zscaler experts share how they detect these stealthy LOTS attacks using insights from the world's largest security cloud. Join to learn how to spot hidden threats and improve your defense. 🔧 Cybersecurity Tools ScriptSentry → It is a free tool that scans your environment for dangerous logon script misconfigurations—like plaintext credentials, insecure file/share permissions, and references to non-existent servers. These overlooked issues can enable lateral movement, privilege escalation, or even credential theft. ScriptSentry helps you quickly identify and fix them across large Active Directory environments. Aftermath → It is a Swift-based, open-source tool for macOS incident response. It collects forensic data—like logs, browser activity, and process info—from compromised systems, then analyzes it to build timelines and track infection paths. Deploy via MDM or run manually. Fast, lightweight, and ideal for post-incident investigation. AI Red Teaming Playground Labs → It is an open-source training suite with hands-on challenges designed to teach security professionals how to red team AI systems. Originally developed for Black Hat USA 2024, the labs cover prompt injections, safety bypasses, indirect attacks, and Responsible AI failures. Built on Chat Copilot and deployable via Docker, it's a practical resource for testing and understanding real-world AI vulnerabilities. 🔒 Tip of the Week Review and Revoke Old OAuth App Permissions — They're Silent Backdoor → You've likely logged into apps using "Continue with Google," "Sign in with Microsoft," or GitHub/Twitter/Facebook logins. That's OAuth. But did you know many of those apps still have access to your data long after you stop using them? Why it matters: Even if you delete the app or forget it existed, it might still have ongoing access to your calendar, email, cloud files, or contact list — no password needed. If that third-party gets breached, your data is at risk. What to do: Go through your connected apps here: Google: myaccount.google.com/permissions Microsoft: account.live.com/consent/Manage GitHub: github.com/settings/applications Facebook: facebook.com/settings?tab=applications Revoke anything you don't actively use. It's a fast, silent cleanup — and it closes doors you didn't know were open. Conclusion Looking ahead, it's not just about tracking threats—it's about understanding what they reveal. Every tactic used, every system tested, points to deeper issues in how trust, access, and visibility are managed. As attackers adapt quickly, defenders need sharper awareness and faster response loops. The takeaways from this week aren't just technical—they speak to how teams prioritize risk, design safeguards, and make choices under pressure. Use these insights not just to react, but to rethink what "secure" really needs to mean in today's environment. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.
    0 Comentários 0 Compartilhamentos
  • Microsoft Weekly: Build 2025, more Xbox games for PS5, and remastered Windows 95 wallpapers

    This week's news recap is here with a lot of news and announcements from the Build 2025 developer conference, a bunch of new Windows 11 preview builds, fresh features for inbox Windows 11 apps, more Xbox games for PlayStation 5, and other stories.
    Quick links:

    Here, we talk about everything happening around Microsoft's latest operating system in the Stable channel and preview builds: new features, removed features, controversies, bugs, interesting findings, and more. And, of course, you may find a word or two about older versions.
    Build 2025, Microsoft's annual developer conference, took place this week. There, the company announced some interesting stuff for Windows 11. While it was primarily aimed at developers, regular users will also find some of the upcoming changes useful and interesting. The Settings app, for one, is getting the new Advanced page for the Settings app. There is also a new command-like editor called Edit, WinGet Configuration for quick dev environment deployments, and more.

    Developers and users will also be glad to learn about the Microsoft Store improvements, which include the "last updated" date for apps, free registration for individual developers, better Health Reports in the Partner Center, direct Win32 updates, and more.
    Microsoft is also improving Administrator protection in Windows 11, adding quantum encryption to Windows builds, and bringing Model Context Protocol support to its operating system.

    Moving from announcements to releases, Microsoft pushed KB5061768 to Windows 10 users to address BitLocker recovery loops on certain Intel-based systems. The update is available in the Microsoft Update Catalog only.

    Now, here is some interesting Windows trivia. A Microsoft engineer published a blog post explaining how Windows cleverly guesses it despitenot knowing how fast your processor actually is. Another engineer showed how bad code in apps can lead to Windows system slowdown.
    Also, here is a remastered version of the original Windows 95 wallpaper, in case you want some high-resolution nostalgia on your 4K monitor, and an interesting discussion about which Windows version is the best for old PCs.
    Here is what Microsoft released for Windows Insiders this week:

    Builds

    Canary Channel

    Build 27863
    The Canary Channel received a relatively small build with post-quantum cryptography support and a few bug fixes.

    Dev Channel

    Build 26200.5603A pretty big release with new stuff like the announced AI actions in File Explorer, the Advanced Settings page, redesigned Windows Widgets, an improved energy saver, the ability to compress images before sharing them, and plenty more.

    Beta Channel

    Build 26120.4151This build is identical to 26200.5603 from the Dev Channel.
    Build 26120.4151In this build, Microsoft introduced new capabilities for Click to Do, some widget improvements, lock screen widget customization, more app recommendations across the operating system, and various fixes.

    Release Preview Channel

    Build 26100.4188This preview of the upcoming non-security update delivers more AI-powered capabilities to compatible Copilot+ PCs, HDR improvements, new Copilot features, and various fixes for audio, USB, MMC, input, and more.

    Plenty of new features in this week's builds are rolling out gradually, including AI Actions for File Explorer. However, as usual, you can enable them with a simple third-party tool. Check out this article to learn how to force-enable AI Actions in File Explorer.
    Some hidden stuff for Windows 11 was also discovered this week. For one, it looks like Windows 11 will soon have its own variant of Handoff from macOS. During a Build session, Microsoft showcased how users can transfer their workflow from a mobile device and continue where they left off on Windows 11. Nothing has been publicly announced, though. Second, Microsoft is working on the ability to save screen recordings as GIFs in Snipping Tool.

    What is not hidden are the new features for Paint, Snipping Tool, and Notepad, which Microsoft announced earlier this month at its Surface event. Those features are now rolling out to Windows Insiders in the Dev and Canary Channels.
    This section covers software, firmware, and other notable updatesdelivering new features, security fixes, improvements, patches, and more from Microsoft and third parties.
    At Build 2025, Microsoft announced many updates. Starting with open-source, GitHub Copilot in Visual Studio Code and Windows Subsystem for Linux are now open-source, which means everyone can build their own projects based on them and contribute to the development.
    Recently, Microsoft sent an email asking for feedback on a new set of Office icons. While a public announcement has not been made yet, someone on Reddit took the matter into their own hands and made the icon pack themselves. Behold, a pack of high-quality Office icons that you can download right now.

    Speaking of Office, Microsoft introduced its presentation customization tool for PowerPoint to Mac users. This accessibility feature helps create a logical reading flow for elements in your slide and improves other aspects that make it easier for viewers to make sense when viewing and reading your slides.
    This week brought plenty of browser updates. Microsoft, for one, is making Google Chrome a bit safer by bringing Edge's automatic privilege de-elevation mechanism to the most popular browser in the world. Microsoft Edge received this feature six years ago, and now, it is finally making it to Chrome. Microsoft also released two updates: one for Edge Stable and one for Edge Beta. These updates introduced more Copilot for the new tab page and fixed a bunch of bugs.
    At Build 2025, Microsoft announced several updates to its browser, including free content filtering on Edge for Business, PDF translation, summaries, and take automation. The company also proposed a new AI API web standard to help developers integrate AI functionality into their web apps.

    Vivaldi received a new feature update under version 7.4. While it is not the biggest release, it introduced some neat improvements, such as better keyboard shortcut controls and enhancements to the address bar.
    Here are other updates and releases you may find interesting:
    Here are the latest drivers and firmware updates released this week:

    Nvidia 576.52 WHQL with the RTX 5060 support and bug fixes. Also, Nvidia released a firmware update for the RTX 5060 and 5060 Ti to fix black screens during reboots on systems with old motherboards.

    Here is the hardware and software we reviewed this week
    This week, Robbie Khan reviewed the Sharge ICEMAG 2, an interesting Qi2 wireless power bank with active cooling to keep temperatures low when charging your device wirelessly. It has a unique design and solid build quality, but some of its quirks lowered the final score.
    Learn about upcoming game releases, Xbox rumors, new hardware, software updates, freebies, deals, discounts, and more.
    PlayStation is getting another slice of the Xbox pie. Ninja Theory announced that Senua's Saga: Hellblade II is coming to PlayStation 5 later this year. No exact dates have been shared yet, though.
    Valve released an update for SteamOS. Version 3.7.8 arrived in the Stable Channel with a few important changes, such as support for other AMD-based handhelds, a battery limiter for the Steam Deck, and multiple bug fixes.
    Nvidia is running a Summer Sale, during which you can purchase six months of the GeForce NOW Performance plan with a 40% discount for just In addition, the company added support for more games, including the enhanced edition of the STALKER trilogy, Survive the Fall, Blades of Fire, Monster Train 2, and more.
    Speaking of GeForce NOW, it is now available in the updated Xbox app on PC. The app can now prompt you to select the preferred streaming service: Xbox Cloud Gaming or GeForce NOW. Other changes in the May 2025 update include improved widgets for the GameBar and more.
    Xbox Game Pass now has more games. Microsoft announced the latest additions to the catalog, which include Moster Train 2, Creatures of Ava, S.T.A.L.K.E.R. 2, Symphonia, Spray Paint Simulator, and more.

    Deals and freebies
    This week's Weekend PC Game Deals is full of Warhammer specials, Witcher anniversary discounts, and three freebies from the Epic Games Store, which include the just-released Deliver At All Costs.

    Other gaming news includes the following:
    Every week, we cover many deals on different hardware and software. The following discounts are still available, so check them out. You might find something you want or need.

    Samsung Q-Series Soundbar HW-Q900F - |

    Skullcandy Crusher ANC 2 Wireless - | 44% off

    Sonos Move 2 - | 25% off

    Samsung Q990F Soundbar - | 20% off

    This link will take you to other issues of the Microsoft Weekly series. You can also support Neowin by registering a free member account or subscribing for extra member benefits, along with an ad-free tier option.
    Microsoft Weekly image background by Engin_Akyurt on Pixabay
    #microsoft #weekly #build #more #xbox
    Microsoft Weekly: Build 2025, more Xbox games for PS5, and remastered Windows 95 wallpapers
    This week's news recap is here with a lot of news and announcements from the Build 2025 developer conference, a bunch of new Windows 11 preview builds, fresh features for inbox Windows 11 apps, more Xbox games for PlayStation 5, and other stories. Quick links: Here, we talk about everything happening around Microsoft's latest operating system in the Stable channel and preview builds: new features, removed features, controversies, bugs, interesting findings, and more. And, of course, you may find a word or two about older versions. Build 2025, Microsoft's annual developer conference, took place this week. There, the company announced some interesting stuff for Windows 11. While it was primarily aimed at developers, regular users will also find some of the upcoming changes useful and interesting. The Settings app, for one, is getting the new Advanced page for the Settings app. There is also a new command-like editor called Edit, WinGet Configuration for quick dev environment deployments, and more. Developers and users will also be glad to learn about the Microsoft Store improvements, which include the "last updated" date for apps, free registration for individual developers, better Health Reports in the Partner Center, direct Win32 updates, and more. Microsoft is also improving Administrator protection in Windows 11, adding quantum encryption to Windows builds, and bringing Model Context Protocol support to its operating system. Moving from announcements to releases, Microsoft pushed KB5061768 to Windows 10 users to address BitLocker recovery loops on certain Intel-based systems. The update is available in the Microsoft Update Catalog only. Now, here is some interesting Windows trivia. A Microsoft engineer published a blog post explaining how Windows cleverly guesses it despitenot knowing how fast your processor actually is. Another engineer showed how bad code in apps can lead to Windows system slowdown. Also, here is a remastered version of the original Windows 95 wallpaper, in case you want some high-resolution nostalgia on your 4K monitor, and an interesting discussion about which Windows version is the best for old PCs. Here is what Microsoft released for Windows Insiders this week: Builds Canary Channel Build 27863 The Canary Channel received a relatively small build with post-quantum cryptography support and a few bug fixes. Dev Channel Build 26200.5603A pretty big release with new stuff like the announced AI actions in File Explorer, the Advanced Settings page, redesigned Windows Widgets, an improved energy saver, the ability to compress images before sharing them, and plenty more. Beta Channel Build 26120.4151This build is identical to 26200.5603 from the Dev Channel. Build 26120.4151In this build, Microsoft introduced new capabilities for Click to Do, some widget improvements, lock screen widget customization, more app recommendations across the operating system, and various fixes. Release Preview Channel Build 26100.4188This preview of the upcoming non-security update delivers more AI-powered capabilities to compatible Copilot+ PCs, HDR improvements, new Copilot features, and various fixes for audio, USB, MMC, input, and more. Plenty of new features in this week's builds are rolling out gradually, including AI Actions for File Explorer. However, as usual, you can enable them with a simple third-party tool. Check out this article to learn how to force-enable AI Actions in File Explorer. Some hidden stuff for Windows 11 was also discovered this week. For one, it looks like Windows 11 will soon have its own variant of Handoff from macOS. During a Build session, Microsoft showcased how users can transfer their workflow from a mobile device and continue where they left off on Windows 11. Nothing has been publicly announced, though. Second, Microsoft is working on the ability to save screen recordings as GIFs in Snipping Tool. What is not hidden are the new features for Paint, Snipping Tool, and Notepad, which Microsoft announced earlier this month at its Surface event. Those features are now rolling out to Windows Insiders in the Dev and Canary Channels. This section covers software, firmware, and other notable updatesdelivering new features, security fixes, improvements, patches, and more from Microsoft and third parties. At Build 2025, Microsoft announced many updates. Starting with open-source, GitHub Copilot in Visual Studio Code and Windows Subsystem for Linux are now open-source, which means everyone can build their own projects based on them and contribute to the development. Recently, Microsoft sent an email asking for feedback on a new set of Office icons. While a public announcement has not been made yet, someone on Reddit took the matter into their own hands and made the icon pack themselves. Behold, a pack of high-quality Office icons that you can download right now. Speaking of Office, Microsoft introduced its presentation customization tool for PowerPoint to Mac users. This accessibility feature helps create a logical reading flow for elements in your slide and improves other aspects that make it easier for viewers to make sense when viewing and reading your slides. This week brought plenty of browser updates. Microsoft, for one, is making Google Chrome a bit safer by bringing Edge's automatic privilege de-elevation mechanism to the most popular browser in the world. Microsoft Edge received this feature six years ago, and now, it is finally making it to Chrome. Microsoft also released two updates: one for Edge Stable and one for Edge Beta. These updates introduced more Copilot for the new tab page and fixed a bunch of bugs. At Build 2025, Microsoft announced several updates to its browser, including free content filtering on Edge for Business, PDF translation, summaries, and take automation. The company also proposed a new AI API web standard to help developers integrate AI functionality into their web apps. Vivaldi received a new feature update under version 7.4. While it is not the biggest release, it introduced some neat improvements, such as better keyboard shortcut controls and enhancements to the address bar. Here are other updates and releases you may find interesting: Here are the latest drivers and firmware updates released this week: Nvidia 576.52 WHQL with the RTX 5060 support and bug fixes. Also, Nvidia released a firmware update for the RTX 5060 and 5060 Ti to fix black screens during reboots on systems with old motherboards. Here is the hardware and software we reviewed this week This week, Robbie Khan reviewed the Sharge ICEMAG 2, an interesting Qi2 wireless power bank with active cooling to keep temperatures low when charging your device wirelessly. It has a unique design and solid build quality, but some of its quirks lowered the final score. Learn about upcoming game releases, Xbox rumors, new hardware, software updates, freebies, deals, discounts, and more. PlayStation is getting another slice of the Xbox pie. Ninja Theory announced that Senua's Saga: Hellblade II is coming to PlayStation 5 later this year. No exact dates have been shared yet, though. Valve released an update for SteamOS. Version 3.7.8 arrived in the Stable Channel with a few important changes, such as support for other AMD-based handhelds, a battery limiter for the Steam Deck, and multiple bug fixes. Nvidia is running a Summer Sale, during which you can purchase six months of the GeForce NOW Performance plan with a 40% discount for just In addition, the company added support for more games, including the enhanced edition of the STALKER trilogy, Survive the Fall, Blades of Fire, Monster Train 2, and more. Speaking of GeForce NOW, it is now available in the updated Xbox app on PC. The app can now prompt you to select the preferred streaming service: Xbox Cloud Gaming or GeForce NOW. Other changes in the May 2025 update include improved widgets for the GameBar and more. Xbox Game Pass now has more games. Microsoft announced the latest additions to the catalog, which include Moster Train 2, Creatures of Ava, S.T.A.L.K.E.R. 2, Symphonia, Spray Paint Simulator, and more. Deals and freebies This week's Weekend PC Game Deals is full of Warhammer specials, Witcher anniversary discounts, and three freebies from the Epic Games Store, which include the just-released Deliver At All Costs. Other gaming news includes the following: Every week, we cover many deals on different hardware and software. The following discounts are still available, so check them out. You might find something you want or need. Samsung Q-Series Soundbar HW-Q900F - | Skullcandy Crusher ANC 2 Wireless - | 44% off Sonos Move 2 - | 25% off Samsung Q990F Soundbar - | 20% off This link will take you to other issues of the Microsoft Weekly series. You can also support Neowin by registering a free member account or subscribing for extra member benefits, along with an ad-free tier option. Microsoft Weekly image background by Engin_Akyurt on Pixabay #microsoft #weekly #build #more #xbox
    WWW.NEOWIN.NET
    Microsoft Weekly: Build 2025, more Xbox games for PS5, and remastered Windows 95 wallpapers
    This week's news recap is here with a lot of news and announcements from the Build 2025 developer conference, a bunch of new Windows 11 preview builds, fresh features for inbox Windows 11 apps, more Xbox games for PlayStation 5, and other stories. Quick links: Here, we talk about everything happening around Microsoft's latest operating system in the Stable channel and preview builds: new features, removed features, controversies, bugs, interesting findings, and more. And, of course, you may find a word or two about older versions. Build 2025, Microsoft's annual developer conference, took place this week. There, the company announced some interesting stuff for Windows 11. While it was primarily aimed at developers, regular users will also find some of the upcoming changes useful and interesting. The Settings app, for one, is getting the new Advanced page for the Settings app (now available in the latest preview build). There is also a new command-like editor called Edit, WinGet Configuration for quick dev environment deployments, and more. Developers and users will also be glad to learn about the Microsoft Store improvements, which include the "last updated" date for apps, free registration for individual developers, better Health Reports in the Partner Center, direct Win32 updates, and more. Microsoft is also improving Administrator protection in Windows 11, adding quantum encryption to Windows builds, and bringing Model Context Protocol support to its operating system. Moving from announcements to releases, Microsoft pushed KB5061768 to Windows 10 users to address BitLocker recovery loops on certain Intel-based systems. The update is available in the Microsoft Update Catalog only (not obtainable via Windows Update). Now, here is some interesting Windows trivia. A Microsoft engineer published a blog post explaining how Windows cleverly guesses it despitenot knowing how fast your processor actually is. Another engineer showed how bad code in apps can lead to Windows system slowdown. Also, here is a remastered version of the original Windows 95 wallpaper, in case you want some high-resolution nostalgia on your 4K monitor, and an interesting discussion about which Windows version is the best for old PCs (not Windows 11). Here is what Microsoft released for Windows Insiders this week: Builds Canary Channel Build 27863 The Canary Channel received a relatively small build with post-quantum cryptography support and a few bug fixes. Dev Channel Build 26200.5603 (KB5058488) A pretty big release with new stuff like the announced AI actions in File Explorer, the Advanced Settings page, redesigned Windows Widgets, an improved energy saver, the ability to compress images before sharing them, and plenty more. Beta Channel Build 26120.4151 (KB5058486) This build is identical to 26200.5603 from the Dev Channel. Build 26120.4151 (KB5058515) In this build, Microsoft introduced new capabilities for Click to Do, some widget improvements, lock screen widget customization, more app recommendations across the operating system, and various fixes. Release Preview Channel Build 26100.4188 (KB5058499) This preview of the upcoming non-security update delivers more AI-powered capabilities to compatible Copilot+ PCs, HDR improvements, new Copilot features, and various fixes for audio, USB, MMC, input, and more. Plenty of new features in this week's builds are rolling out gradually, including AI Actions for File Explorer. However, as usual, you can enable them with a simple third-party tool. Check out this article to learn how to force-enable AI Actions in File Explorer. Some hidden stuff for Windows 11 was also discovered this week. For one, it looks like Windows 11 will soon have its own variant of Handoff from macOS. During a Build session, Microsoft showcased how users can transfer their workflow from a mobile device and continue where they left off on Windows 11. Nothing has been publicly announced, though. Second, Microsoft is working on the ability to save screen recordings as GIFs in Snipping Tool. What is not hidden are the new features for Paint, Snipping Tool, and Notepad, which Microsoft announced earlier this month at its Surface event. Those features are now rolling out to Windows Insiders in the Dev and Canary Channels. This section covers software, firmware, and other notable updates (released and coming soon) delivering new features, security fixes, improvements, patches, and more from Microsoft and third parties. At Build 2025, Microsoft announced many updates. Starting with open-source, GitHub Copilot in Visual Studio Code and Windows Subsystem for Linux are now open-source, which means everyone can build their own projects based on them and contribute to the development. Recently, Microsoft sent an email asking for feedback on a new set of Office icons. While a public announcement has not been made yet, someone on Reddit took the matter into their own hands and made the icon pack themselves. Behold, a pack of high-quality Office icons that you can download right now. Speaking of Office, Microsoft introduced its presentation customization tool for PowerPoint to Mac users. This accessibility feature helps create a logical reading flow for elements in your slide and improves other aspects that make it easier for viewers to make sense when viewing and reading your slides. This week brought plenty of browser updates. Microsoft, for one, is making Google Chrome a bit safer by bringing Edge's automatic privilege de-elevation mechanism to the most popular browser in the world. Microsoft Edge received this feature six years ago, and now, it is finally making it to Chrome. Microsoft also released two updates: one for Edge Stable and one for Edge Beta. These updates introduced more Copilot for the new tab page and fixed a bunch of bugs. At Build 2025, Microsoft announced several updates to its browser, including free content filtering on Edge for Business, PDF translation, summaries, and take automation. The company also proposed a new AI API web standard to help developers integrate AI functionality into their web apps. Vivaldi received a new feature update under version 7.4. While it is not the biggest release, it introduced some neat improvements, such as better keyboard shortcut controls and enhancements to the address bar. Here are other updates and releases you may find interesting: Here are the latest drivers and firmware updates released this week: Nvidia 576.52 WHQL with the RTX 5060 support and bug fixes. Also, Nvidia released a firmware update for the RTX 5060 and 5060 Ti to fix black screens during reboots on systems with old motherboards. Here is the hardware and software we reviewed this week This week, Robbie Khan reviewed the Sharge ICEMAG 2, an interesting Qi2 wireless power bank with active cooling to keep temperatures low when charging your device wirelessly. It has a unique design and solid build quality, but some of its quirks lowered the final score. Learn about upcoming game releases, Xbox rumors, new hardware, software updates, freebies, deals, discounts, and more. PlayStation is getting another slice of the Xbox pie. Ninja Theory announced that Senua's Saga: Hellblade II is coming to PlayStation 5 later this year. No exact dates have been shared yet, though. Valve released an update for SteamOS. Version 3.7.8 arrived in the Stable Channel with a few important changes, such as support for other AMD-based handhelds, a battery limiter for the Steam Deck, and multiple bug fixes. Nvidia is running a Summer Sale, during which you can purchase six months of the GeForce NOW Performance plan with a 40% discount for just $29.99. In addition, the company added support for more games, including the enhanced edition of the STALKER trilogy, Survive the Fall, Blades of Fire, Monster Train 2, and more. Speaking of GeForce NOW, it is now available in the updated Xbox app on PC. The app can now prompt you to select the preferred streaming service: Xbox Cloud Gaming or GeForce NOW. Other changes in the May 2025 update include improved widgets for the GameBar and more. Xbox Game Pass now has more games. Microsoft announced the latest additions to the catalog, which include Moster Train 2, Creatures of Ava, S.T.A.L.K.E.R. 2, Symphonia, Spray Paint Simulator, and more. Deals and freebies This week's Weekend PC Game Deals is full of Warhammer specials, Witcher anniversary discounts, and three freebies from the Epic Games Store, which include the just-released Deliver At All Costs. Other gaming news includes the following: Every week, we cover many deals on different hardware and software. The following discounts are still available, so check them out. You might find something you want or need. Samsung Q-Series Soundbar HW-Q900F - $1,097.99 | Skullcandy Crusher ANC 2 Wireless - $128.99 | 44% off Sonos Move 2 - $336 | 25% off Samsung Q990F Soundbar - $1,597.99 | 20% off This link will take you to other issues of the Microsoft Weekly series. You can also support Neowin by registering a free member account or subscribing for extra member benefits, along with an ad-free tier option. Microsoft Weekly image background by Engin_Akyurt on Pixabay
    0 Comentários 0 Compartilhamentos
  • Windows 11 gets post-quantum cryptography and various fixes in build 27863

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

    Windows 11 gets post-quantum cryptography and various fixes in build 27863

    Taras Buria

    Neowin
    @TarasBuria ·

    May 23, 2025 13:40 EDT

    Microsoft is rolling out a new Windows 11 preview build in the Canary Channel. Build 27863 is not the biggest one, and there are not that many updates. However, it contains some important changes, like post-quantum cryptography, which Microsoft announced at its annual Build conference earlier this week. Windows 11 now supports the post-quantum signature algorithm ML-DSA in the NCrypt and BCrypt cryptography API surfaces, as well as the Crypt32 certificate APIs.
    Other changes in Windows 11 build 27863 include three fixes. One resolves error 0xc0370106 upon Windows Sandbox launch that occurred in the previous Canary build. Another fix patches the bug with core Windows surfaces not being able to load in safe mode. Those include File Explorer, Start menu, and other elements.
    Finally, build 27863 fixes problems with the msftedit.dll library, which was causing apps like Sticky Notes and Dxdiag to crash on systems with certain locales, such as Hebrew or Arabic.

    Known issues include the following:

    Improtant Note for Copilot+ PCs: If you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel or retail, you will lose Windows Hello pin and biometrics to sign into your PC with error 0xd0000225 and error message “Something went wrong, and your PIN isn’t available”. You should be able to re-create your PIN by clicking “Set up my PIN”.
    You may see an Administrative Templates error message when opening Group Policy Editor. If you click OK you should be able to proceed as normal. One of the causes of this is fixed with this flight – there’s a second fix we’re working on which will be included in an upcoming flight.
    We’re investigating an issue where the taskbar is unexpectedly not showing acrylic material after upgrading to this build.
    We’re working on the fix for an issue where audio devices with high samplingand multiple channels aren’t producing sound after upgrading to this build. Thanks Insiders that provided detailed information in your feedback!Pen input may be non-responsive on some PCs that support pen for inking.Search and other options such as filtering in Task Manager does not work.

    You can find the official announcement post here.

    Tags

    Report a problem with article

    Follow @NeowinFeed
    #windows #gets #postquantum #cryptography #various
    Windows 11 gets post-quantum cryptography and various fixes in build 27863
    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Windows 11 gets post-quantum cryptography and various fixes in build 27863 Taras Buria Neowin @TarasBuria · May 23, 2025 13:40 EDT Microsoft is rolling out a new Windows 11 preview build in the Canary Channel. Build 27863 is not the biggest one, and there are not that many updates. However, it contains some important changes, like post-quantum cryptography, which Microsoft announced at its annual Build conference earlier this week. Windows 11 now supports the post-quantum signature algorithm ML-DSA in the NCrypt and BCrypt cryptography API surfaces, as well as the Crypt32 certificate APIs. Other changes in Windows 11 build 27863 include three fixes. One resolves error 0xc0370106 upon Windows Sandbox launch that occurred in the previous Canary build. Another fix patches the bug with core Windows surfaces not being able to load in safe mode. Those include File Explorer, Start menu, and other elements. Finally, build 27863 fixes problems with the msftedit.dll library, which was causing apps like Sticky Notes and Dxdiag to crash on systems with certain locales, such as Hebrew or Arabic. Known issues include the following: Improtant Note for Copilot+ PCs: If you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel or retail, you will lose Windows Hello pin and biometrics to sign into your PC with error 0xd0000225 and error message “Something went wrong, and your PIN isn’t available”. You should be able to re-create your PIN by clicking “Set up my PIN”. You may see an Administrative Templates error message when opening Group Policy Editor. If you click OK you should be able to proceed as normal. One of the causes of this is fixed with this flight – there’s a second fix we’re working on which will be included in an upcoming flight. We’re investigating an issue where the taskbar is unexpectedly not showing acrylic material after upgrading to this build. We’re working on the fix for an issue where audio devices with high samplingand multiple channels aren’t producing sound after upgrading to this build. Thanks Insiders that provided detailed information in your feedback!Pen input may be non-responsive on some PCs that support pen for inking.Search and other options such as filtering in Task Manager does not work. You can find the official announcement post here. Tags Report a problem with article Follow @NeowinFeed #windows #gets #postquantum #cryptography #various
    WWW.NEOWIN.NET
    Windows 11 gets post-quantum cryptography and various fixes in build 27863
    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Windows 11 gets post-quantum cryptography and various fixes in build 27863 Taras Buria Neowin @TarasBuria · May 23, 2025 13:40 EDT Microsoft is rolling out a new Windows 11 preview build in the Canary Channel. Build 27863 is not the biggest one, and there are not that many updates. However, it contains some important changes, like post-quantum cryptography, which Microsoft announced at its annual Build conference earlier this week. Windows 11 now supports the post-quantum signature algorithm ML-DSA in the NCrypt and BCrypt cryptography API surfaces, as well as the Crypt32 certificate APIs. Other changes in Windows 11 build 27863 include three fixes. One resolves error 0xc0370106 upon Windows Sandbox launch that occurred in the previous Canary build. Another fix patches the bug with core Windows surfaces not being able to load in safe mode. Those include File Explorer, Start menu, and other elements. Finally, build 27863 fixes problems with the msftedit.dll library, which was causing apps like Sticky Notes and Dxdiag to crash on systems with certain locales, such as Hebrew or Arabic. Known issues include the following: Improtant Note for Copilot+ PCs: If you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel or retail, you will lose Windows Hello pin and biometrics to sign into your PC with error 0xd0000225 and error message “Something went wrong, and your PIN isn’t available”. You should be able to re-create your PIN by clicking “Set up my PIN”. You may see an Administrative Templates error message when opening Group Policy Editor. If you click OK you should be able to proceed as normal. One of the causes of this is fixed with this flight – there’s a second fix we’re working on which will be included in an upcoming flight. We’re investigating an issue where the taskbar is unexpectedly not showing acrylic material after upgrading to this build. We’re working on the fix for an issue where audio devices with high sampling (like 192Hz) and multiple channels aren’t producing sound after upgrading to this build. Thanks Insiders that provided detailed information in your feedback! [Input] Pen input may be non-responsive on some PCs that support pen for inking. [Task Manager] Search and other options such as filtering in Task Manager does not work. You can find the official announcement post here. Tags Report a problem with article Follow @NeowinFeed
    0 Comentários 0 Compartilhamentos
  • Now AI can write for you in Windows Notepad

    Since last year, it has been possible to summarize texts and adjust the tone of your writing in Notepad, using Microsoft’s AI tool Copilot.

    In the latest beta version of Notepad, it is also possible to create new texts from a text prompt. You can then edit the document until you are satisfied.

    Paint will also be equipped with new AI features, including the ability to create stickers that you can use in your documents. It will also be possible to isolate and edit individual elements, which can be useful if you want to reuse parts of your drawings.

    Finally, the Snipping Tool will have a new AI feature to make sure your screenshots are ‘perfect.’

    The latest beta versions of these apps are available to Windows Insiders in the Canary and Dev Channels on Windows 11.

    More information about the AI news can be found on the official Windows Insider blog.
    #now #can #write #you #windows
    Now AI can write for you in Windows Notepad
    Since last year, it has been possible to summarize texts and adjust the tone of your writing in Notepad, using Microsoft’s AI tool Copilot. In the latest beta version of Notepad, it is also possible to create new texts from a text prompt. You can then edit the document until you are satisfied. Paint will also be equipped with new AI features, including the ability to create stickers that you can use in your documents. It will also be possible to isolate and edit individual elements, which can be useful if you want to reuse parts of your drawings. Finally, the Snipping Tool will have a new AI feature to make sure your screenshots are ‘perfect.’ The latest beta versions of these apps are available to Windows Insiders in the Canary and Dev Channels on Windows 11. More information about the AI news can be found on the official Windows Insider blog. #now #can #write #you #windows
    WWW.COMPUTERWORLD.COM
    Now AI can write for you in Windows Notepad
    Since last year, it has been possible to summarize texts and adjust the tone of your writing in Notepad, using Microsoft’s AI tool Copilot. In the latest beta version of Notepad (11.2504.46.0), it is also possible to create new texts from a text prompt. You can then edit the document until you are satisfied. Paint will also be equipped with new AI features, including the ability to create stickers that you can use in your documents. It will also be possible to isolate and edit individual elements, which can be useful if you want to reuse parts of your drawings. Finally, the Snipping Tool will have a new AI feature to make sure your screenshots are ‘perfect.’ The latest beta versions of these apps are available to Windows Insiders in the Canary and Dev Channels on Windows 11. More information about the AI news can be found on the official Windows Insider blog.
    0 Comentários 0 Compartilhamentos
  • Microsoft is now testing AI-generated text in Windows Notepad

    As of yesterday, Microsoft has begun rolling out a new update to Windows 11 Insiders on the Dev and Canary Channels. This update brings new AI features to Notepad, Paint, and the Snipping Tool.
    Notepad now has the ability to write text from scratch using generative AI, which is meant to aid you by quickly producing drafts based on your prompts and instructions. To use AI text generation, simply right-click anywhere in the document and select Write. Type in your instructions, then either click Keep Text or Discard on the results. You’ll need a Microsoft account and AI credits to use Write in Notepad.
    Meanwhile, Paint now has a new AI-generated sticker feature as well as an AI-assisted smart selection tool for isolating and editing elements in an image, and Snipping Tool has a new AI-powered “perfect screenshot” feature for capturing your screen without the need to crop or resize afterwards. Paint’s new AI features only work on Copilot+ PCs while Snipping Tool’s features work on all computers.
    All of this builds on Microsoft’s strategy to bring more AI experiences to Notepad, Paint, and other Windows apps.
    #microsoft #now #testing #aigenerated #text
    Microsoft is now testing AI-generated text in Windows Notepad
    As of yesterday, Microsoft has begun rolling out a new update to Windows 11 Insiders on the Dev and Canary Channels. This update brings new AI features to Notepad, Paint, and the Snipping Tool. Notepad now has the ability to write text from scratch using generative AI, which is meant to aid you by quickly producing drafts based on your prompts and instructions. To use AI text generation, simply right-click anywhere in the document and select Write. Type in your instructions, then either click Keep Text or Discard on the results. You’ll need a Microsoft account and AI credits to use Write in Notepad. Meanwhile, Paint now has a new AI-generated sticker feature as well as an AI-assisted smart selection tool for isolating and editing elements in an image, and Snipping Tool has a new AI-powered “perfect screenshot” feature for capturing your screen without the need to crop or resize afterwards. Paint’s new AI features only work on Copilot+ PCs while Snipping Tool’s features work on all computers. All of this builds on Microsoft’s strategy to bring more AI experiences to Notepad, Paint, and other Windows apps. #microsoft #now #testing #aigenerated #text
    WWW.PCWORLD.COM
    Microsoft is now testing AI-generated text in Windows Notepad
    As of yesterday, Microsoft has begun rolling out a new update to Windows 11 Insiders on the Dev and Canary Channels. This update brings new AI features to Notepad, Paint, and the Snipping Tool. Notepad now has the ability to write text from scratch using generative AI, which is meant to aid you by quickly producing drafts based on your prompts and instructions. To use AI text generation, simply right-click anywhere in the document and select Write. Type in your instructions, then either click Keep Text or Discard on the results. You’ll need a Microsoft account and AI credits to use Write in Notepad. Meanwhile, Paint now has a new AI-generated sticker feature as well as an AI-assisted smart selection tool for isolating and editing elements in an image, and Snipping Tool has a new AI-powered “perfect screenshot” feature for capturing your screen without the need to crop or resize afterwards. Paint’s new AI features only work on Copilot+ PCs while Snipping Tool’s features work on all computers. All of this builds on Microsoft’s strategy to bring more AI experiences to Notepad, Paint, and other Windows apps.
    0 Comentários 0 Compartilhamentos
  • Microsoft Build summary: 4 big announcements you’ll want to know

    Microsoft Build 2025 is almost at an end. Microsoft’s annual developer conference might be aimed at software engineers and cloud devs, but realistically, there’s plenty in there to dig into even if you don’t work as a programmer. Unsurprisingly, the theme throughout the conference this yearhas been AI.
    In his opening keynote, Microsoft’s CEO Satya Nadella highlighted the importance of AI and the company’s plan of “building the open, agentic web at scale.” The idea is to hand over the reins to Copilot and let the AI agents take over repetitive, costly tasks. Here are some of the most important announcements from this year’s Microsoft Build.

    Recommended Videos

    Windows File Explorer gets an AI-powered boost
    By the sound of it, this is a tool we might all benefit from and not something strictly aimed at devs. Windows File Explorer will now receive something Microsoft refers to as “AI actions.”
    Available in Windows 11, AI actionswill let you right-click on a file of your choosing and use AI to get things done easier.
    Some of the highlights here include the ability to get Copilot to summarize an Office document for you, right from the File Explorer menu. You can also erase unwanted objects from photos, again, thanks to AI, or blur or remove the background with Paint.
    As reported by The Verge, there might be more coming than what Microsoft specifically spoke about; four new image-related AI actions are currently in the Dev Channel builds of Windows 11. This includes the ability to find similar images on the web with the help of Bing.
    GitHub gets an AI coding agent
    The big announcement here is that GitHub Copilot will now be available to all Copilot Enterprise and Copilot Pro+ users, but also that Copilot’s coding agent will save devs a lot of time — which could reduce the time it takes for new features to come out and be available to us all.
    Although many developers aren’t huge fans of the use of AI in their daily work, many others find the benefits in automating simpler tasks, which frees them up to work on more complex code. For the latter, Microsoft has just introduced a new coding agent, now available on GitHub.
    The agent was made to help programmers with one of the most annoying parts of their jobs — bug fixes. It’ll also take care of adding features and refactoring code. “GitHub continues to be the home for developers.We’re doubling down for developers building any applications. Trust, security, compliance, auditability, data residency are even more critical today. Open-source is at the core of GitHub, and we’re taking this next big step,” said Nadella.
    You can now translate PDFs directly in Edge
    If you deal with a lot of PDFs, you’ll love this one: You’ll soon be able to translate them directly in the Microsoft Edge browser. Simply clicking “translate” in the address bar will let you leverage AI to translate the entire document into one of over 70 languages supplied by Microsoft.
    This appears to only be a feature in Edge for Business, though. Right now, it’s rolling out to Windows Canary users and is said to be available next month.
    Microsoft 365 gets a major AI boost with new agents
    As reported by PCMag, the new update to Copilot is said to be huge. Microsoft CEO Satya Nadella himself referred to it as the biggest update since the launch of Teams — and whether you love it or not, it’s hard to deny that Teams turned out to be a pretty big thing worldwide.
    Copilot’s current arsenal of AI-powered goodies includes Chat, which is essentially Microsoft’s version of ChatGPT. Search lets Copilot dig through your files and help you find what you’re asking for. The results of both those tools can be summarized in Notebook. Of course, you can also generate images, PowerPoints, and videos with Create.
    Microsoft is now taking AI a few steps further by adding Agents. Agentic AI is a big topic these days, so it’s not a surprise to see Microsoft jumping on the bandwagon. Microsoft’s AI agents now include Researcher and Analyst.
    Researcher relies on deep reasoning to help you create comprehensive reports. Copilot’s Researcher will be able to search the web and your own files, giving it a solid overview of various sources. Analyst fills in the gaps by being able to analyze data, including massive spreadsheets, to help you analyzevarious data points and draw accurate comparisons.
    Although exciting, these new AI agents will be available to large enterprises. The company needs to be included in Microsoft’s Frontier program to benefit. Perhaps with time, Microsoft will bring AI agents to Copilot at large.
    AI, AI everywhere
    At this point, no one is surprised when an event such as Microsoft Build focuses solely on the use of AI. Many hoped to hear more about things like the Xbox handheld, but alas, that did not happen.
    A lot of the new features and improvements announced during Build weren’t consumer-centric, but I recommend watching the full video if you’re curious about what else is new. Remember to also check out our Best of Computex 2025 roundup to give you a better overview of the exciting tech that made a debut in the last week.
    #microsoft #build #summary #big #announcements
    Microsoft Build summary: 4 big announcements you’ll want to know
    Microsoft Build 2025 is almost at an end. Microsoft’s annual developer conference might be aimed at software engineers and cloud devs, but realistically, there’s plenty in there to dig into even if you don’t work as a programmer. Unsurprisingly, the theme throughout the conference this yearhas been AI. In his opening keynote, Microsoft’s CEO Satya Nadella highlighted the importance of AI and the company’s plan of “building the open, agentic web at scale.” The idea is to hand over the reins to Copilot and let the AI agents take over repetitive, costly tasks. Here are some of the most important announcements from this year’s Microsoft Build. Recommended Videos Windows File Explorer gets an AI-powered boost By the sound of it, this is a tool we might all benefit from and not something strictly aimed at devs. Windows File Explorer will now receive something Microsoft refers to as “AI actions.” Available in Windows 11, AI actionswill let you right-click on a file of your choosing and use AI to get things done easier. Some of the highlights here include the ability to get Copilot to summarize an Office document for you, right from the File Explorer menu. You can also erase unwanted objects from photos, again, thanks to AI, or blur or remove the background with Paint. As reported by The Verge, there might be more coming than what Microsoft specifically spoke about; four new image-related AI actions are currently in the Dev Channel builds of Windows 11. This includes the ability to find similar images on the web with the help of Bing. GitHub gets an AI coding agent The big announcement here is that GitHub Copilot will now be available to all Copilot Enterprise and Copilot Pro+ users, but also that Copilot’s coding agent will save devs a lot of time — which could reduce the time it takes for new features to come out and be available to us all. Although many developers aren’t huge fans of the use of AI in their daily work, many others find the benefits in automating simpler tasks, which frees them up to work on more complex code. For the latter, Microsoft has just introduced a new coding agent, now available on GitHub. The agent was made to help programmers with one of the most annoying parts of their jobs — bug fixes. It’ll also take care of adding features and refactoring code. “GitHub continues to be the home for developers.We’re doubling down for developers building any applications. Trust, security, compliance, auditability, data residency are even more critical today. Open-source is at the core of GitHub, and we’re taking this next big step,” said Nadella. You can now translate PDFs directly in Edge If you deal with a lot of PDFs, you’ll love this one: You’ll soon be able to translate them directly in the Microsoft Edge browser. Simply clicking “translate” in the address bar will let you leverage AI to translate the entire document into one of over 70 languages supplied by Microsoft. This appears to only be a feature in Edge for Business, though. Right now, it’s rolling out to Windows Canary users and is said to be available next month. Microsoft 365 gets a major AI boost with new agents As reported by PCMag, the new update to Copilot is said to be huge. Microsoft CEO Satya Nadella himself referred to it as the biggest update since the launch of Teams — and whether you love it or not, it’s hard to deny that Teams turned out to be a pretty big thing worldwide. Copilot’s current arsenal of AI-powered goodies includes Chat, which is essentially Microsoft’s version of ChatGPT. Search lets Copilot dig through your files and help you find what you’re asking for. The results of both those tools can be summarized in Notebook. Of course, you can also generate images, PowerPoints, and videos with Create. Microsoft is now taking AI a few steps further by adding Agents. Agentic AI is a big topic these days, so it’s not a surprise to see Microsoft jumping on the bandwagon. Microsoft’s AI agents now include Researcher and Analyst. Researcher relies on deep reasoning to help you create comprehensive reports. Copilot’s Researcher will be able to search the web and your own files, giving it a solid overview of various sources. Analyst fills in the gaps by being able to analyze data, including massive spreadsheets, to help you analyzevarious data points and draw accurate comparisons. Although exciting, these new AI agents will be available to large enterprises. The company needs to be included in Microsoft’s Frontier program to benefit. Perhaps with time, Microsoft will bring AI agents to Copilot at large. AI, AI everywhere At this point, no one is surprised when an event such as Microsoft Build focuses solely on the use of AI. Many hoped to hear more about things like the Xbox handheld, but alas, that did not happen. A lot of the new features and improvements announced during Build weren’t consumer-centric, but I recommend watching the full video if you’re curious about what else is new. Remember to also check out our Best of Computex 2025 roundup to give you a better overview of the exciting tech that made a debut in the last week. #microsoft #build #summary #big #announcements
    WWW.DIGITALTRENDS.COM
    Microsoft Build summary: 4 big announcements you’ll want to know
    Microsoft Build 2025 is almost at an end. Microsoft’s annual developer conference might be aimed at software engineers and cloud devs, but realistically, there’s plenty in there to dig into even if you don’t work as a programmer. Unsurprisingly, the theme throughout the conference this year (and for some years previous now) has been AI. In his opening keynote, Microsoft’s CEO Satya Nadella highlighted the importance of AI and the company’s plan of “building the open, agentic web at scale.” The idea is to hand over the reins to Copilot and let the AI agents take over repetitive, costly tasks. Here are some of the most important announcements from this year’s Microsoft Build. Recommended Videos Windows File Explorer gets an AI-powered boost By the sound of it, this is a tool we might all benefit from and not something strictly aimed at devs. Windows File Explorer will now receive something Microsoft refers to as “AI actions.” Available in Windows 11, AI actions (or shortcuts, if you will) will let you right-click on a file of your choosing and use AI to get things done easier. Some of the highlights here include the ability to get Copilot to summarize an Office document for you, right from the File Explorer menu. You can also erase unwanted objects from photos, again, thanks to AI, or blur or remove the background with Paint (via Copilot, that is). As reported by The Verge, there might be more coming than what Microsoft specifically spoke about; four new image-related AI actions are currently in the Dev Channel builds of Windows 11. This includes the ability to find similar images on the web with the help of Bing. GitHub gets an AI coding agent The big announcement here is that GitHub Copilot will now be available to all Copilot Enterprise and Copilot Pro+ users, but also that Copilot’s coding agent will save devs a lot of time — which could reduce the time it takes for new features to come out and be available to us all. Although many developers aren’t huge fans of the use of AI in their daily work, many others find the benefits in automating simpler tasks, which frees them up to work on more complex code. For the latter, Microsoft has just introduced a new coding agent, now available on GitHub. The agent was made to help programmers with one of the most annoying parts of their jobs — bug fixes. It’ll also take care of adding features and refactoring code. “GitHub continues to be the home for developers. […] We’re doubling down for developers building any applications. Trust, security, compliance, auditability, data residency are even more critical today. Open-source is at the core of GitHub, and we’re taking this next big step,” said Nadella. You can now translate PDFs directly in Edge If you deal with a lot of PDFs, you’ll love this one: You’ll soon be able to translate them directly in the Microsoft Edge browser. Simply clicking “translate” in the address bar will let you leverage AI to translate the entire document into one of over 70 languages supplied by Microsoft. This appears to only be a feature in Edge for Business, though. Right now, it’s rolling out to Windows Canary users and is said to be available next month. Microsoft 365 gets a major AI boost with new agents As reported by PCMag, the new update to Copilot is said to be huge. Microsoft CEO Satya Nadella himself referred to it as the biggest update since the launch of Teams — and whether you love it or not, it’s hard to deny that Teams turned out to be a pretty big thing worldwide. Copilot’s current arsenal of AI-powered goodies includes Chat, which is essentially Microsoft’s version of ChatGPT. Search lets Copilot dig through your files and help you find what you’re asking for. The results of both those tools can be summarized in Notebook. Of course, you can also generate images, PowerPoints, and videos with Create. Microsoft is now taking AI a few steps further by adding Agents. Agentic AI is a big topic these days, so it’s not a surprise to see Microsoft jumping on the bandwagon. Microsoft’s AI agents now include Researcher and Analyst. Researcher relies on deep reasoning to help you create comprehensive reports. Copilot’s Researcher will be able to search the web and your own files, giving it a solid overview of various sources. Analyst fills in the gaps by being able to analyze data, including massive spreadsheets, to help you analyze (well, duh) various data points and draw accurate comparisons. Although exciting, these new AI agents will be available to large enterprises. The company needs to be included in Microsoft’s Frontier program to benefit. Perhaps with time, Microsoft will bring AI agents to Copilot at large. AI, AI everywhere At this point, no one is surprised when an event such as Microsoft Build focuses solely on the use of AI. Many hoped to hear more about things like the Xbox handheld, but alas, that did not happen. A lot of the new features and improvements announced during Build weren’t consumer-centric, but I recommend watching the full video if you’re curious about what else is new. Remember to also check out our Best of Computex 2025 roundup to give you a better overview of the exciting tech that made a debut in the last week.
    0 Comentários 0 Compartilhamentos