Jun 16, 2025Ravie LakshmananMalware / DevOps Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others. The package, named chimera-sandbox-extensions, attracted 143 downloads and likely targets users of a service called Chimera Sandbox, which was released by Singaporean tech company Grab last August to facilitate "experimentation and development of [machine learning] solutions." The package masquerades as a helper module for Chimera Sandbox, but "aims to steal credentials and other sensitive information such as Jamf configuration, CI/CD environment variables, AWS tokens, and more," JFrog security researcher Guy Korolevski said in a report published last week. Once installed, it attempts to connect to an external domain whose domain name is generated using a domain generation algorithm (DGA) in order to download and execute a next-stage payload. Specifically, the malware acquires from the domain an authentication token, which is then used to send a request to the same domain and retrieve the Python-based information stealer. The stealer malware is equipped to siphon a wide range of data from infected machines. This includes - JAMF receipts, which are records of software packages installed by Jamf Pro on managed computers Pod sandbox environment authentication tokens and git information CI/CD information from environment variables Zscaler host configuration Amazon Web Services account information and tokens Public IP address General platform, user, and host information The kind of data gathered by the malware shows that it's mainly geared towards corporate and cloud infrastructure. In addition, the extraction of JAMF receipts indicates that it's also capable of targeting Apple macOS systems. The collected information is sent via a POST request back to the same domain, after which the server assesses if the machine is a worthy target for further exploitation. However, JFrog said it was unable to obtain the payload at the time of analysis. "The targeted approach employed by this malware, along with the complexity of its multi-stage targeted payload, distinguishes it from the more generic open-source malware threats we have encountered thus far, highlighting the advancements that malicious packages have made recently," Jonathan Sar Shalom, director of threat research at JFrog Security Research team, said. "This new sophistication of malware underscores why development teams remain vigilant with updates—alongside proactive security research – to defend against emerging threats and maintain software integrity." The disclosure comes as SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below - eslint-config-airbnb-compat (676 Downloads) ts-runtime-compat-check (1,588 Downloads) solders (983 Downloads) @mediawave/lib (386 Downloads) All the identified npm packages have since been taken down from npm, but not before they were downloaded hundreds of times from the package registry. SafeDep's analysis of eslint-config-airbnb-compat found that the JavaScript library has ts-runtime-compat-check listed as a dependency, which, in turn, contacts an external server defined in the former package ("proxy.eslint-proxy[.]site") to retrieve and execute a Base64-encoded string. The exact nature of the payload is unknown. "It implements a multi-stage remote code execution attack using a transitive dependency to hide the malicious code," SafeDep researcher Kunal Singh said. Solders, on the other hand, has been found to incorporate a post-install script in its package.json, causing the malicious code to be automatically executed as soon as the package is installed. "At first glance, it's hard to believe that this is actually valid JavaScript," the Veracode Threat Research team said. "It looks like a seemingly random collection of Japanese symbols. It turns out that this particular obfuscation scheme uses the Unicode characters as variable names and a sophisticated chain of dynamic code generation to work." Decoding the script reveals an extra layer of obfuscation, unpacking which reveals its main function: Check if the compromised machine is Windows, and if so, run a PowerShell command to retrieve a next-stage payload from a remote server ("firewall[.]tel"). This second-stage PowerShell script, also obscured, is designed to fetch a Windows batch script from another domain ("cdn.audiowave[.]org") and configures a Windows Defender Antivirus exclusion list to avoid detection. The batch script then paves the way for the execution of a .NET DLL that reaches out to a PNG image hosted on ImgBB ("i.ibb[.]co"). "[The DLL] is grabbing the last two pixels from this image and then looping through some data contained elsewhere in it," Veracode said. "It ultimately builds up in memory YET ANOTHER .NET DLL." Furthermore, the DLL is equipped to create task scheduler entries and features the ability to bypass user account control (UAC) using a combination of FodHelper.exe and programmatic identifiers (ProgIDs) to evade defenses and avoid triggering any security alerts to the user. The newly-downloaded DLL is Pulsar RAT, a "free, open-source Remote Administration Tool for Windows" and a variant of the Quasar RAT. "From a wall of Japanese characters to a RAT hidden within the pixels of a PNG file, the attacker went to extraordinary lengths to conceal their payload, nesting it a dozen layers deep to evade detection," Veracode said. "While the attacker's ultimate objective for deploying the Pulsar RAT remains unclear, the sheer complexity of this delivery mechanism is a powerful indicator of malicious intent." Crypto Malware in the Open-Source Supply Chain The findings also coincide with a report from Socket that identified credential stealers, cryptocurrency drainers, cryptojackers, and clippers as the main types of threats targeting the cryptocurrency and blockchain development ecosystem. Some of the examples of these packages include - express-dompurify and pumptoolforvolumeandcomment, which are capable of harvesting browser credentials and cryptocurrency wallet keys bs58js, which drains a victim's wallet and uses multi-hop transfers to obscure theft and frustrate forensic tracing. lsjglsjdv, asyncaiosignal, and raydium-sdk-liquidity-init, which functions as a clipper to monitor the system clipboard for cryptocurrency wallet strings and replace them with threat actor‑controlled addresses to reroute transactions to the attackers "As Web3 development converges with mainstream software engineering, the attack surface for blockchain-focused projects is expanding in both scale and complexity," Socket security researcher Kirill Boychenko said. "Financially motivated threat actors and state-sponsored groups are rapidly evolving their tactics to exploit systemic weaknesses in the software supply chain. These campaigns are iterative, persistent, and increasingly tailored to high-value targets." AI and Slopsquatting The rise of artificial intelligence (AI)-assisted coding, also called vibe coding, has unleashed another novel threat in the form of slopsquatting, where large language models (LLMs) can hallucinate non-existent but plausible package names that bad actors can weaponize to conduct supply chain attacks. Trend Micro, in a report last week, said it observed an unnamed advanced agent "confidently" cooking up a phantom Python package named starlette-reverse-proxy, only for the build process to crash with the error "module not found." However, should an adversary upload a package with the same name on the repository, it can have serious security consequences. Furthermore, the cybersecurity company noted that advanced coding agents and workflows such as Claude Code CLI, OpenAI Codex CLI, and Cursor AI with Model Context Protocol (MCP)-backed validation can help reduce, but not completely eliminate, the risk of slopsquatting. "When agents hallucinate dependencies or install unverified packages, they create an opportunity for slopsquatting attacks, in which malicious actors pre-register those same hallucinated names on public registries," security researcher Sean Park said. "While reasoning-enhanced agents can reduce the rate of phantom suggestions by approximately half, they do not eliminate them entirely. Even the vibe-coding workflow augmented with live MCP validations achieves the lowest rates of slip-through, but still misses edge cases." Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

Europa, a moon of Jupiter, has long been one of the most exciting targets in the search for life beyond Earth. Many scientists believe that an ocean lies below its icy surface, potentially hosting geologic activity capable of supporting life, but what happens on the moon’s seafloor is still largely a mystery. Although discussions on Europa are mostly centered around this hidden ocean, the shell of ice that envelops the moon has its own surprises. A study recently published in The Planetary Science Journal suggests that Europa’s surface ice is constantly changing. The evidence explored in the study paints a better picture of Europa’s outermost layer, and it may even reveal the interior processes that shape the moon’s unique structure. Europa's Surface IceEuropa has the smoothest surface out of any known object in our Solar System, but it’s far from lacking variety. The surface is rife with distinct geologic features, such as ridges, plains, and cracks, that cross over each other. Their disorderly appearance is linked to a fitting name, “chaos terrain.”Some regions with chaos terrain also provide insight on Europa’s surface ice. Most of Europa’s surface is made of amorphous ice, which lacks a crystalline structure. Scientists previously believed that Europa’s surface was entirely covered by a thin layer of amorphous ice, and that below this was crystalline ice (the form that most ice on Earth takes). However, the researchers involved with the new study have confirmed that certain areas of Europa’s surface contain crystalline ice, aligning with spectral data captured by the James Webb Space Telescope (JWST). This same ice also appears below the surface in these regions as well. “We think that the surface is fairly porous and warm enough in some areas to allow the ice to recrystallize rapidly,” said lead author Richard Cartwright, a spectroscopist at Johns Hopkins University, in a statement.Activity in the OceanA few other factors have convinced the researchers that an ocean exists below Europa's icy surface. The regions where ice recrystallizes show evidence of sodium chloride (what we know as table salt), carbon dioxide, and hydrogen peroxide. “Our data showed strong indications that what we are seeing must be sourced from the interior, perhaps from a subsurface ocean nearly 20 miles (30 kilometers) beneath Europa’s thick icy shell,” said author Ujjwal Raut, a program manager at the Southwest Research Institute. “This region of fractured surface materials could point to geologic processes pushing subsurface materials up from below.”The Europa Clipper's MissionAlthough Europa and its subsurface ocean will be a crucial target for future space exploration, some scientists have expressed doubts regarding its capacity to sustain life. A series of obstacles could make finding life on Europa more difficult. At an American Geophysical Union conference last year, scientists reported that the ice layer covering the moon's surface is thicker than expected, indicating that there may not be enough heat or activity in the subsurface ocean to support life. Scientists aren’t yet sure if an abundance of hydrothermal vents or seafloor volcanoes sit at the bottom of the ocean — these features have been crucial in driving life on our own planet. Observations of Europa haven’t fully confirmed the existence of plumes, either, which would be a clear sign that material from the ocean could be transported to the surface. About 5 years from now, in 2030, scientists will get an unprecedented view of Europa as NASA's Europa Clipper approaches the icy moon. Launched last October, the Europa Clipper will reveal many secrets that still surround the moon's surface and the ocean below. Among its various objectives, the mission will look for plumes, which would be able to eject microbes — if they truly do exist on the moon — into space for the Europa Clipper to examine. Article SourcesOur writers at Discovermagazine.com use peer-reviewed studies and high-quality sources for our articles, and our editors review for scientific accuracy and editorial standards. Review the sources used below for this article:The Planetary Science Journal. JWST Reveals Spectral Tracers of Recent Surface Modification on EuropaThe Planetary Society. Europa, Jupiter’s possible watery moonThe Planetary Society. Could Europa Clipper find life?Jack Knudson is an assistant editor at Discover with a strong interest in environmental science and history. Before joining Discover in 2023, he studied journalism at the Scripps College of Communication at Ohio University and previously interned at Recycling Today magazine.

Former Apple design chief Jony Ive sold his hardware startup io to OpenAI for nearly $6.5 billion. BI Illustration 2025-05-23T20:39:35Z Save Saved Read in app This story is available exclusively to Business Insider subscribers. Become an Insider and start reading now. Have an account? Former Apple design chief Jony Ive and OpenAI CEO Sam Altman are building a mystery ChatGPT device. The interwebs have come alive with gadget guesses, renders, and memes. OpenAI is trying to challenge Apple and Google by redefining AI interaction with new hardware. Let's get something out of the way first: nobody really knows what former Apple design chief Jony Ive and OpenAI CEO Sam Altman are building.That hasn't stopped the internet from bursting at the seams with wild guesses, gorgeous renders, speculative hot takes, and a healthy dose of meme-fueled imagination.So, what is this mystery device that Ive is cooking up for OpenAI's ChatGPT? A screenless wearable? A next-gen smart assistant? A pocketable AI oracle? A glorified paperweight?Here's our roundup of the best guesses — serious, speculative, satirical, and everything in between. Thank you to my Business Insider colleagues for contributing to this Friday's fun.Serious Guesses: Industry Analyst Weighs InOK fine. We'll start with some serious ideas.TF International Securities analyst Ming-Chi Kuo is a credible source in the tech hardware and supply-chain space, especially when it comes to Apple. His take on the Ive-OpenAI gadget is valuable:Form Factor: Think small. Maybe iPod Shuffle-sized. Portable, minimal, and delightfully Ive-ish.Wearable: One of the use cases includes wearing it around your neck. Shades of sci-fi, Star Trek, or perhaps a Tamagotchi on steroids?No Screen: It will have cameras and mics for environmental awareness but no display. The idea is to not add another screen to our lives.Companion Device: It will connect to your smartphone or laptop for processing and visual output.Production Timeline: Mass production is expected in 2027, giving us plenty of time for more leaks, renders, and conspiracy theories.Kuo suggested on X that the announcement was timed to shift attention away from Google I/O. OpenAI positioned this as a new hardware-software narrative, riding the trend of "physical AI."He also referenced a great quote from former Apple fellow Alan Kay: "People who are really serious about software should make their own hardware." That's exactly what Altman and OpenAI are trying to do here.Clues from Altman and WSJ OpenAI CEO Sam Altman. Kim Hong-Ji/REUTERS The Wall Street Journal reported this week that Altman offered OpenAI staff a preview of the devices he's building with Ive:The device was described as an AI "companion." Altman wants to ship 100 million of them on day one.It will be aware of its surroundings and fit in your pocket or sit on your desk.It's not a phone or smart glasses. Ive reportedly wasn't keen on a wearable, though the final design may still flirt with that concept.Altman said the device should be the third major object on your desk, alongside a MacBook and iPhone.There will be a "family of devices," and Altman even floated the idea of mailing subscribers new ChatGPT-powered computers.They aim to shift away from screen-based interaction and rethink what AI companionship really means in a day-to-day human context.Renders, memes, and vibesThe brilliant designer Ben Geskin imagined several cool form factors on X, including this circular disc. Geskin's ideas blend Apple-grade minimalism with futuristic whimsy, perfectly on brand for Jony Ive.Some smart glasses, because of course.A dangly dongle, equal parts techie and jewelry.Square/rectangular objects with eerie elegance.Echoing Geskin, another user on X proposed a disc-shaped device, sleek enough to pass as a high-end coaster or futuristic hockey puck. Think of it as an AI desk companion, quietly listening and gently glowing.One BI colleague mentioned a smart ChatGPT lamp, possibly inspired by "The Sopranos" episode where the FBI bugs Tony's basement. Funny, but not impossible. After all, a lamp fits Altman's desk-friendly criteria. Tony Soprano in HBO's long-running mob drama "The Sopranos." Anthony Neste/The LIFE Images Collection/Getty Images Another X user joked that the device could resemble those emergency pendants worn by older adults — "Help! I've fallen and I can't get up!" — but with ChatGPT instead of a nurse. A brutal meme, but it raises a valid point: If the device is meant to be always-on, context-aware, and worn, why not market it to older users, too?Although, if this is for the olds, should it use Google Gemini instead? Burn!X user Peter Hu proposed an AI-powered nail clipper. Yes, it's absurd, and no, it doesn't make sense. But the design? Low-key fire.Here's mocked up a vape pen with a ChatGPT twist. Inhale wisdom, exhale existential dread.Some of the most surreal concepts look like direct plugs into your skull. There's a "Matrix" or "Severance" vibe here, suggesting a future where ChatGPT lives in your head like a helpful parasite.This one also looks painful in a different way.This one below is cute!I asked ChatGPT to take a guess. The answer was not impressive. No wonder OpenAI paid $6.5 billion for Ive's hardware design startup. ChatGPT guesses what device Ive is designing for OpenAI. Alistair Barr/ChatGPT This last one is a Silicon Valley insider joke. It's also a warning that it's extremely hard to replace smartphones as the go-to tech gadget. It's a riff on the Humane pin, an AI device that bombed already.Can OpenAI compete with Apple and Google?This device matters beyond its shape because of what it represents. Right now, Apple and Google dominate the interface layer of computing through iOS and Android devices. If OpenAI wants to define how people interact with ChatGPT, it needs a hardware beachhead.Humane's AI pin tried and failed. The Rabbit R1 got roasted. The jury's still out on Meta's Ray-Bans. Can Ive and Altman actually crack the code?Knowing Ive, we'll probably be surprised no matter what. The real product could be something no one predicted.The race to define the next major computing interface is officially on. With Ive and Altman teaming up, OpenAI makes a major bet that how we interact with AI is just as important as what AI can do.When the curtain lifts, and Ive whispers "aluminium" in a design video, jaws will probably drop, and competitors will scramble.Until then, keep your renders weird, your guesses wild, and your brain tuned in to BI. We'll be here to cover every hilarious, ambitious, and brilliant twist along the way.See you in 2027.

Beurer is a German manufacturer of personal care products. When they needed to update their line of men's grooming devices, they turned to Munich-based industrial design firm Fluid Design.Beurer MenCare The ChallengeCrafting the next generation of a MenCare range that seamlessly embodies the Beurer brand DNA. The SolutionBased on the newly developed Beurer Visual Design Language, we created a destinctive MenCare Line that celebrates newly established design elements. A bold design languageWe have injected a dynamic and confident expression of the Beurer design DNA into the MenCare line, giving a fresh and strong resonance to its audience. The MenCare line includes an all-in-one multi-groomer, beard trimmer, hair clipper and a rotary shaver. While each product serves a distinct function and varies in size, they share a common character that underscores their belonging to the same family. All products feature a unified front contour with a consistent 4-degree tapering angle, creating a cohesive appearance. This design includes a recessed surface on the front that serves as a functional space for ergonomic buttons and the display. On the back, the well-defined gripping ribs have been carefully incorporated to ensure a secure hold, even in situations where hands may be wet, such as in the bathroom. Additionally, the prominent red "Beurer line" serves as a defining element that also contributes to a distinctive and cohesive aesthetic across all products. ?A strategic partnership?As Beurer's strategic partner, we developed the company's newly defined design language and product design guidelines to ensure a consistent company portfolio. The MenCare Line is an excellent example to represent the new aesthetics of Beurer's design language. Highlights & CapabilitiesA pivotal design element?The red "Beurer line" separates the functional from the user interaction area, supporting intuitive handling and usability while also adding to the overall distinctive aesthetics of the product line. Multidisciplinary, full-service design?Starting with early conceptual sketches, followed by in-depth market research, gathering user insights and developing both, low and high-fidelity mockups, we seamlessly progressed to the final product. You can see more of Fluid Design's work here.

Here's what we looked at this week:The quest to optimize existing objects: The EDJY features an unusual single-blade fingernail clipper design that allegedly delivers better results. Apple's "Vehicle Motion Cues" are an on-screen anti-motion-sickness trick.From Australia, magnetic and custom-fit sun shades for your car.The Otemon splice: A crazy Japanese technique for splicing the bottom of a rotted column.Image and work: Chris Hall Stunning Frank Lloyd Wright art tiles by Motawi Tileworks.A glow-in-the-dark substitute for EDC gear: These Isotope Tritium Fobs rely on actual radioactive isotopes.Philips' Fixables initiative will offer free downloadable files to 3d print replacement parts for their products.Dutch researchers develop "countersnapping," the opposite of a push-to-open mechanism. An industrial design classic: The Brionvega Algol TV, by Marco Zanuso and Richard Sapper.Good or bad? The Trace camera system records entire sporting matches, but highlights just your child.From Latvia, Kanttari's bronze bar cabinet. This Solo Windchill 47 Cooler has a built-in air conditioner. Because heaven forbid you break a sweat outside.The Loki cleaning robot, here to end janitors.A new umbrella shape from Japan (for an entirely frivolous purpose). Growl: An AR punching bag for training and gaming.Design solutions for beachside umbrella-wind wars, and one man vs. nature.Form follows function: Dyson's new approach yields the super slim PencilVac. An industrial design case study from Germany: Fluid Design updates Beurer's grooming devices.

May 21, 2025Ravie LakshmananMalware / Windows Security Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. "The campaign aimed at Russian business began back in March 2023, but in the first third of 2025 the number of attacks quadrupled compared to the same period in 2024," the cybersecurity vendor said. The attack chains, which have not been attributed to any specific threat actor, commence with a phishing email that contains a RAR file attachment or a link to the archive that masquerades as a Microsoft Word or a PDF document by making use of double extensions ("doc_054_[redacted].pdf.rar"). Present within the archive file is an executable that, when launched, copies itself to the "%AppData%" location of the compromised Windows machine under the name "task.exe" and creates a Visual Basic Script called "Task.vbs" in the Startup VBS folder. The executable then proceeds to unpack another executable "ckcfb.exe", runs the system utility "InstallUtil.exe," and injects into it the decrypted module. "Ckcfb.exe," for its part, extracts and decrypts a DLL file "Spydgozoi.dll" that incorporates the main payload of the PureRAT malware. PureRAT establishes SSL connections with a command-and-control (C2) server and transmits system information, including details about the antivirus products installed, the computer name, and the time elapsed since the system startup. In response, the C2 server sends auxiliary modules to perform a variety of malicious actions - PluginPcOption, which is capable of executing commands for self-deletion, restarting the executable file, and shutting down or rebooting the computer PluginWindowNotify, which checks the name of the active window for keywords like password, bank, WhatsApp, and perform appropriate follow-up actions like unauthorized fund transfers PluginClipper, which functions as a clipper malware by substituting cryptocurrency wallet addresses copied to the system's clipboard with an attacker-controlled one "The Trojan includes modules for downloading and running arbitrary files that provide full access to the file system, registry, processes, camera and microphone, implement keylogger functionality, and give attackers the ability to secretly control the computer using the remote desktop principle," Kaspersky said. The original executable that launches "ckcfb.exe" simultaneously also extracts a second binary referred to as "StilKrip.exe," which is a commercially available downloader dubbed PureCrypter that has been used to deliver various payloads in the past. It's active since 2022. "StilKrip.exe" is designed to download "Bghwwhmlr.wav," which follows the aforementioned attack sequence to run "InstallUtil.exe" and ultimately launch "Ttcxxewxtly.exe," an executable that unpacks and runs a DLL payload called PureLogs ("Bftvbho.dll"). PureLogs is an off-the-shelf information stealer that can harvest data from web browsers, email clients, VPN services, messaging apps, wallet browser extensions, password managers, cryptocurrency wallet apps, and other programs like FileZilla and WinSCP. "The PureRAT backdoor and PureLogs stealer have broad functionality that allows attackers to gain unlimited access to infected systems and confidential organization data," Kaspersky said. "The main vector of attacks on businesses has been and remains emails with malicious attachments or links." Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

Since President Donald Trump excitedly announced that he would be accepting a $400 million plane from the Qatari government to serve as the next Air Force One, even members of his own party have expressed alarm. There’s the price tag of refurbishing the plane with top-secret systems—upward of $1 billion, according to some estimates. Then there are the conflicts of interest from accepting such a large present from a foreign nation—what some say would be the most valuable gift ever given to the U.S. But it would also mark a striking departure from tradition. While they’re often variants of commercial planes, presidential planes have almost always been U.S. military aircraft, flown and maintained by the Air Force. The first White Houses in the sky I’m an aviation historian who once worked in the United States Air Force’s history program for three years, so I’m well acquainted with the history of presidential aircraft. Franklin D. Roosevelt became the first president to fly while in office. In January 1943, he boarded the Navy-owned, civilian-operated Boeing Dixie Clipper—a seaplane—for a trip to Casablanca to meet with Allied leaders. President Franklin D. Roosevelt made the first presidential flight on a Dixie Clipper, a seaplane built by Boeing. [Photo: Hulton Archive/Getty Images] The security measures needed to safely transport the president—especially during wartime—spurred the creation of the first custom-built aircraft for presidential use, a heavily modified VC-54 Skymaster. Though officially named “The Flying White House,” the new presidential aircraft became better known by its nickname, the “Sacred Cow.” President Harry Truman used the Sacred Cow as his presidential aircraft through much of his first term in office. In late 1947, the U.S. Air Force ordered a second custom-built presidential aircraft, a modified DC-6, which Truman named the Independence. While in office, Presidents Franklin D. Roosevelt and Harry Truman flew on a modified Douglas C-54, nicknamed the “Sacred Cow.” [Photo: © Museum of Flight/CORBIS/Corbis/Getty Images] During Dwight D. Eisenhower’s two terms, the president flew on two different planes operated by the Air Force: the Columbine II, which was a customized, military version of Lockheed’s commercial airliner the Constellation, and the Columbine III, which was a Super Constellation. Embracing the jet age In the 1960s, the use of jet engine technology in U.S. commercial aircraft revolutionized air travel, allowing planes to fly higher, farther, and faster. Jet travel became associated with the glamorous and the elegant lifestyles of the “jet set” crowd. So it’s fitting that President John F. Kennedy—who was sometimes called the “the first celebrity president”—was the first White House occupant to fly in a jet, the Boeing 707. Kennedy’s aircraft was also the first painted in the distinctive light-blue-and-white scheme that’s still used today. First lady Jacqueline Kennedy developed it with the help of industrial designer Raymond Loewy. It would go on to serve eight presidents before leaving the presidential fleet in 1990, when Boeing delivered the first of two modified Boeing 747s. These are the aircraft that continue to serve as the president’s primary plane. Boeing signed a contract to provide two new aircraft in 2017, during Trump’s last term. In 2020, the company decided to refurbish two existing aircraft that were originally built for another customer. The refurbishment has been more cumbersome and expensive than building a new aircraft from scratch. But it’s the only option because Boeing closed its 747 assembly line in late 2022. A nickname sticks On a trip to Florida, the crew of Columbine II first used “Air Force One” as the plane’s call sign to clearly distinguish the plane from other air traffic. While the public has associated the name Air Force One with the modified Boeing 707s and 747s and their distinctive colors, any plane with the president aboard will carry that call sign. They include several smaller aircraft, also operated by the Air Force, such as the North American T-39 Sabreliner used to transport Lyndon B. Johnson to his ranch in Texas and the Lockheed VC-140B JetStars, the fleet of backup planes used by several presidents, which Johnson jokingly called “Air Force One Half.” A cultural and political symbol Air Force One has long served as a symbol of the power and prestige of the presidency. It became an indelible part of U.S. history in November 1963, when Johnson took his oath of office from Air Force One’s cabin while Kennedy’s body lay in rest in the back of the aircraft. Vice President Lyndon B. Johnson is sworn in as president aboard Air Force One following the assassination of President John F. Kennedy. [Photo: Universal History Archive/Universal Images Group/Getty Images] Air Force One carried President Richard M. Nixon to China and the Soviet Union for historic diplomatic missions. But it also famously flew him from Andrews Air Force Base in Maryland to his home state, California, after he resigned from office. On that day, the plane took off as Air Force One. But it landed as SAM 27000, the plane’s call sign used when the president wasn’t on board. Trump has been compared to Nixon in more ways than one. And Trump’s complaint that Arab leaders have bigger and more impressive airplanes than the current Air Force One is reminiscent of Nixon’s own concerns of being outclassed on the world stage. When president, Nixon strongly advocated for American supersonic transport—a 270-passenger plane designed to be faster than the speed of sound—that he hoped could be modified to serve as a new Air Force One. He feared the failure to develop supersonic transport would relegate the U.S. to second-tier status, as other world leaders—particularly those from England, France, and the USSR—traversed the globe in sleeker, better performing aircraft. Trump’s concerns about Air Force One seem less focused on safety and security and more on size and opulence. His longing for a “palace in the sky” is befitting for a president drawn to soaring skyscrapers, lavish parades, and gold ornamentation. Janet Bednarek is a professor of history at the University of Dayton. This article is republished from The Conversation under a Creative Commons license. Read the original article.

We live in an interesting, some might say gluttonous, era of product development. In addition to the seemingly daily invention of new EDC objects, any given product design has multiple competitors' offerings to choose from. On top of that, both startups and established companies regularly seek to re-invent and re-design existing objects in the name of optimization.On that latter note, take the nail clipper. Most of us take them for granted, if we think about them at all. But Canadian startup Khlip reckoned they could improve the ergonomics and reversed the leverage arrangement. The Griff rotating nail clipper, by Japanese industrial designer Yoshita Moritaka, is also designed with ergonomics in mind. Now a startup called EDJY jumps into this market with both reversed leverage and a re-thought blade arrangement. While the Khlip and Griff designs do demonstrate some ergonomic advantage, particularly for those with compromised grip strength, EDJY's claim is a bit harder to swallow: Their cutting technique, they say, results in "Smoother, healthier nails." Most nail clippers have two blades in a jaw arrangement. EDJY's eponymous product features just a top blade, with an anvil arrangement at the bottom. The company claims this set-up "cuts, not crushes" fingernails, "leaving them with a flawlessly smooth edge." (Sincere question: Are jagged nails a problem for many? I don't pay much attention to mine.) Standard resultsEDJY resultsThey do claim that the leverage arrangement "requires 250% less force to cut through your nails," which would be an improvement for the elderly or those with grip issues. The nail clippings are captured within the body of the clippers. While that's not a unique feature, with multiple manufacturers offering a collection-bin-style design, the Khlip and Griff designs lack this. The EDJY is made in the U.S.A. and runs $16.50.

Reports that prominent American national security officials used a freely available encrypted messaging app, coupled with the rise of authoritarian policies around the world, have led to a surge in interest in encrypted apps like Signal and WhatsApp. These apps prevent anyone, including the government and the app companies themselves, from reading messages they intercept. The spotlight on encrypted apps is also a reminder of the complex debate pitting government interests against individual liberties. Governments desire to monitor everyday communications for law enforcement, national security and sometimes darker purposes. On the other hand, citizens and businesses claim the right to enjoy private digital discussions in today’s online world. The positions governments take often are framed as a “war on encryption” by technology policy experts and civil liberties advocates. As a cybersecurity researcher, I’ve followed the debate for nearly 30 years and remain convinced that this is not a fight that governments can easily win. Understanding the ‘golden key’ Traditionally, strong encryption capabilities were considered military technologies crucial to national security and not available to the public. However, in 1991, computer scientist Phil Zimmermann released a new type of encryption software called Pretty Good Privacy (PGP). It was free, open-source software available on the internet that anyone could download. PGP allowed people to exchange email and files securely, accessible only to those with the shared decryption key, in ways similar to highly secured government systems. Following an investigation into Zimmermann, the U.S. government came to realize that technology develops faster than law and began to explore remedies. It also began to understand that once something is placed on the internet, neither laws nor policy can control its global availability. Fearing that terrorists or criminals might use such technology to plan attacks, arrange financing or recruit members, the Clinton administration advocated a system called the Clipper Chip, based on a concept of key escrow. The idea was to give a trusted third party access to the encryption system and the government could use that access when it demonstrated a law enforcement or national security need. Clipper was based on the idea of a “golden key,” namely, a way for those with good intentions – intelligence services, police – to access encrypted data, while keeping people with bad intentions – criminals, terrorists – out. Clipper Chip devices never gained traction outside the U.S. government, in part because its encryption algorithm was classified and couldn’t be publicly peer-reviewed. However, in the years since, governments around the world have continued to embrace the golden key concept as they grapple with the constant stream of technology developments reshaping how people access and share information. Following Edward Snowden’s disclosures about global surveillance of digital communications in 2013, Google and Apple took steps to make it virtually impossible for anyone but an authorized user to access data on a smartphone. Even a court order was ineffective, much to the chagrin of law enforcement. In Apple’s case, the company’s approach to privacy and security was tested in 2016 when the company refused to build a mechanism to help the FBI break into an encrypted iPhone owned by a suspect in the San Bernardino terrorist attack. At its core, encryption is, fundamentally, very complicated math. And while the golden key concept continues to hold allure for governments, it is mathematically difficult to achieve with an acceptable degree of trust. And even if it was viable, implementing it in practice makes the internet less safe. Security experts agree that any backdoor access, even if hidden or controlled by a trusted entity, is vulnerable to hacking. Competing justifications and tech realities Governments around the world continue to wrestle with the proliferation of strong encryption in messaging tools, social media and virtual private networks. For example, rather than embrace a technical golden key, a recent proposal in France would have provided the government the ability to add a hidden “ghost” participant to any encrypted chat for surveillance purposes. However, legislators removed this from the final proposal after civil liberties and cybersecurity experts warned that such an approach would undermine basic cybersecurity practices and trust in secure systems. In 2025, the U.K. government secretly ordered Apple to add a backdoor to its encryption services worldwide. Rather than comply, Apple removed the ability for its iPhone and iCloud customers in the U.K. to use its Advanced Data Protection encryption features. In this case, Apple chose to defend its users’ security in the face of government mandates, which ironically now means that users in the U.K. may be less secure. In the United States, provisions removed from the 2020 EARN IT bill would have forced companies to scan online messages and photos to guard against child exploitation by creating a golden-key-type hidden backdoor. Opponents viewed this as a stealth way of bypassing end-to-end encryption. The bill did not advance to a full vote when it was last reintroduced in the 2023-2024 legislative session. Opposing scanning for child sexual abuse material is a controversial concern when encryption is involved: Although Apple received significant public backlash over its plans to scan user devices for such material in ways that users claimed violated Apple’s privacy stance, victims of child abuse have sued the company for not better protecting children. Even privacy-centric Switzerland and the European Union are exploring ways of dealing with digital surveillance and privacy in an encrypted world. The laws of math and physics, not politics Governments usually claim that weakening encryption is necessary to fight crime and protect the nation – and there is a valid concern there. However, when that argument fails to win the day, they often turn to claiming to need backdoors to protect children from exploitation. From a cybersecurity perspective, it is nearly impossible to create a backdoor to a communications product that is only accessible for certain purposes or under certain conditions. If a passageway exists, it’s only a matter of time before it is exploited for nefarious purposes. In other words, creating what is essentially a software vulnerability to help the good guys will inevitably end up helping the bad guys, too. Often overlooked in this debate is that if encryption is weakened to improve surveillance for governmental purposes, it will drive criminals and terrorists further underground. Using different or homegrown technologies, they will still be able to exchange information in ways that governments can’t readily access. But everyone else’s digital security will be needlessly diminished. This lack of online privacy and security is especially dangerous for journalists, activists, domestic violence survivors and other at-risk communities around the world. Encryption obeys the laws of math and physics, not politics. Once invented, it can’t be un-invented, even if it frustrates governments. Along those lines, if governments are struggling with strong encryption now, how will they contend with a world when everyone is using significantly more complex techniques like quantum cryptography? Governments remain in an unenviable position regarding strong encryption. Ironically, one of the countermeasures the government recommended in response to China’s hacking of global telephone systems in the Salt Typhoon attacks was to use strong encryption in messaging apps such as Signal or iMessage. Reconciling that with their ongoing quest to weaken or restrict strong encryption for their own surveillance interests will be a difficult challenge to overcome. Richard Forno is a teaching professor of computer science and electrical engineering, and assistant director of the UMBC Cybersecurity Institute at the University of Maryland, Baltimore County. This article is republished from The Conversation under a Creative Commons license. Read the original article.

May 19, 2025Ravie LakshmananMalware / Supply Chain Attack The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement posted on its website. "Robware.net and RVTools.com are the only authorized and supported websites for RVTools software. Do not search for or download purported RVTools software from any other websites or sources." The development comes after security researcher Aidan Leon revealed that an infected version of the installer downloaded from the website was being used to sideload a malicious DLL that turned out to be a known malware loader called Bumblebee. It's currently not known how long the trojanized version of RVTools had been available for download and how many had installed it before the site was taken offline. In the interim, users are recommended to verify the installer's hash and review any execution of version.dll from user directories. The disclosure comes as it has come to light that the official software supplied with Procolored printers included a Delphi-based backdoor called XRed and a clipper malware dubbed SnipVex that's capable of substituting wallet addresses in the clipboard with that of a hard-coded address. Details of the malicious activity were first discovered by Cameron Coward, who is behind the YouTube channel Serial Hobbyism. XRed, believed to be active since at least 2019, comes with features to collect system information, log keystrokes, propagate via connected USB drives, and execute commands sent from an attacker-controlled server to capture screenshots, enumerate file systems and directories, download files, and delete files from the system. "[SnipVex] searches the clipboard for content that resembles a BTC address and replaces it with the attacker's address, such that cryptocurrency transactions will be diverted to the attacker," G DATA researcher Karsten Hahn, who further investigated the incident, said. But in an interesting twist, the malware infects .EXE files with the clipper functionality and makes use of an infection marker sequence – 0x0A 0x0B 0x0C – at the end to avoid re-infecting the files a second time. The wallet address in question has received 9.30857859 BTC (about $974,000) to date. Procolored has since acknowledged that the software packages were uploaded to the Mega file hosting service in October 2024 via USB drives and that the malware may have been introduced during this process. Software downloads are currently only available for F13 Pro, VF13 Pro, and V11 Pro products. "The malware's command-and-control server has been offline since February 2024," Hahn noted. "So it is not possible that XRed established a successful remote connection after that date. The accompanying clipbanker virus SnipVex is still a serious threat. Although transactions to the BTC address stopped on March 3, 2024, the file infection itself damages systems." Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    