Jun 16, 2025Ravie LakshmananMalware / DevOps Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others. The package, named chimera-sandbox-extensions, attracted 143 downloads and likely targets users of a service called Chimera Sandbox, which was released by Singaporean tech company Grab last August to facilitate "experimentation and development of [machine learning] solutions." The package masquerades as a helper module for Chimera Sandbox, but "aims to steal credentials and other sensitive information such as Jamf configuration, CI/CD environment variables, AWS tokens, and more," JFrog security researcher Guy Korolevski said in a report published last week. Once installed, it attempts to connect to an external domain whose domain name is generated using a domain generation algorithm (DGA) in order to download and execute a next-stage payload. Specifically, the malware acquires from the domain an authentication token, which is then used to send a request to the same domain and retrieve the Python-based information stealer. The stealer malware is equipped to siphon a wide range of data from infected machines. This includes - JAMF receipts, which are records of software packages installed by Jamf Pro on managed computers Pod sandbox environment authentication tokens and git information CI/CD information from environment variables Zscaler host configuration Amazon Web Services account information and tokens Public IP address General platform, user, and host information The kind of data gathered by the malware shows that it's mainly geared towards corporate and cloud infrastructure. In addition, the extraction of JAMF receipts indicates that it's also capable of targeting Apple macOS systems. The collected information is sent via a POST request back to the same domain, after which the server assesses if the machine is a worthy target for further exploitation. However, JFrog said it was unable to obtain the payload at the time of analysis. "The targeted approach employed by this malware, along with the complexity of its multi-stage targeted payload, distinguishes it from the more generic open-source malware threats we have encountered thus far, highlighting the advancements that malicious packages have made recently," Jonathan Sar Shalom, director of threat research at JFrog Security Research team, said. "This new sophistication of malware underscores why development teams remain vigilant with updates—alongside proactive security research – to defend against emerging threats and maintain software integrity." The disclosure comes as SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below - eslint-config-airbnb-compat (676 Downloads) ts-runtime-compat-check (1,588 Downloads) solders (983 Downloads) @mediawave/lib (386 Downloads) All the identified npm packages have since been taken down from npm, but not before they were downloaded hundreds of times from the package registry. SafeDep's analysis of eslint-config-airbnb-compat found that the JavaScript library has ts-runtime-compat-check listed as a dependency, which, in turn, contacts an external server defined in the former package ("proxy.eslint-proxy[.]site") to retrieve and execute a Base64-encoded string. The exact nature of the payload is unknown. "It implements a multi-stage remote code execution attack using a transitive dependency to hide the malicious code," SafeDep researcher Kunal Singh said. Solders, on the other hand, has been found to incorporate a post-install script in its package.json, causing the malicious code to be automatically executed as soon as the package is installed. "At first glance, it's hard to believe that this is actually valid JavaScript," the Veracode Threat Research team said. "It looks like a seemingly random collection of Japanese symbols. It turns out that this particular obfuscation scheme uses the Unicode characters as variable names and a sophisticated chain of dynamic code generation to work." Decoding the script reveals an extra layer of obfuscation, unpacking which reveals its main function: Check if the compromised machine is Windows, and if so, run a PowerShell command to retrieve a next-stage payload from a remote server ("firewall[.]tel"). This second-stage PowerShell script, also obscured, is designed to fetch a Windows batch script from another domain ("cdn.audiowave[.]org") and configures a Windows Defender Antivirus exclusion list to avoid detection. The batch script then paves the way for the execution of a .NET DLL that reaches out to a PNG image hosted on ImgBB ("i.ibb[.]co"). "[The DLL] is grabbing the last two pixels from this image and then looping through some data contained elsewhere in it," Veracode said. "It ultimately builds up in memory YET ANOTHER .NET DLL." Furthermore, the DLL is equipped to create task scheduler entries and features the ability to bypass user account control (UAC) using a combination of FodHelper.exe and programmatic identifiers (ProgIDs) to evade defenses and avoid triggering any security alerts to the user. The newly-downloaded DLL is Pulsar RAT, a "free, open-source Remote Administration Tool for Windows" and a variant of the Quasar RAT. "From a wall of Japanese characters to a RAT hidden within the pixels of a PNG file, the attacker went to extraordinary lengths to conceal their payload, nesting it a dozen layers deep to evade detection," Veracode said. "While the attacker's ultimate objective for deploying the Pulsar RAT remains unclear, the sheer complexity of this delivery mechanism is a powerful indicator of malicious intent." Crypto Malware in the Open-Source Supply Chain The findings also coincide with a report from Socket that identified credential stealers, cryptocurrency drainers, cryptojackers, and clippers as the main types of threats targeting the cryptocurrency and blockchain development ecosystem. Some of the examples of these packages include - express-dompurify and pumptoolforvolumeandcomment, which are capable of harvesting browser credentials and cryptocurrency wallet keys bs58js, which drains a victim's wallet and uses multi-hop transfers to obscure theft and frustrate forensic tracing. lsjglsjdv, asyncaiosignal, and raydium-sdk-liquidity-init, which functions as a clipper to monitor the system clipboard for cryptocurrency wallet strings and replace them with threat actor‑controlled addresses to reroute transactions to the attackers "As Web3 development converges with mainstream software engineering, the attack surface for blockchain-focused projects is expanding in both scale and complexity," Socket security researcher Kirill Boychenko said. "Financially motivated threat actors and state-sponsored groups are rapidly evolving their tactics to exploit systemic weaknesses in the software supply chain. These campaigns are iterative, persistent, and increasingly tailored to high-value targets." AI and Slopsquatting The rise of artificial intelligence (AI)-assisted coding, also called vibe coding, has unleashed another novel threat in the form of slopsquatting, where large language models (LLMs) can hallucinate non-existent but plausible package names that bad actors can weaponize to conduct supply chain attacks. Trend Micro, in a report last week, said it observed an unnamed advanced agent "confidently" cooking up a phantom Python package named starlette-reverse-proxy, only for the build process to crash with the error "module not found." However, should an adversary upload a package with the same name on the repository, it can have serious security consequences. Furthermore, the cybersecurity company noted that advanced coding agents and workflows such as Claude Code CLI, OpenAI Codex CLI, and Cursor AI with Model Context Protocol (MCP)-backed validation can help reduce, but not completely eliminate, the risk of slopsquatting. "When agents hallucinate dependencies or install unverified packages, they create an opportunity for slopsquatting attacks, in which malicious actors pre-register those same hallucinated names on public registries," security researcher Sean Park said. "While reasoning-enhanced agents can reduce the rate of phantom suggestions by approximately half, they do not eliminate them entirely. Even the vibe-coding workflow augmented with live MCP validations achieves the lowest rates of slip-through, but still misses edge cases." Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

An immersive architectural installation designed by the architecture and design firm opng is staged inside the former Chase Manhattan banking hall, a 1961 structure by SOM. House of Craft x Dior is a show of haute couture works from the fashion house’s archives. Presented by UBS and Dior, and curated by fashion icon Carine Roitfeld, the clothing and accessories are  brought to life in this historic setting. The exhibition orbits around Isamu Noguchi’s 1964 Sunken Garden, a serene, geometric landscape of basalt stones, water, and abstracted nature. opng’s design uses the site’s tranquility, creating a mirrored, “maze-like” architecture that visually connects the haute couture on display with Noguchi’s own sculptural language. The exhibition spans 30,000 square feet, wrapping visitors in a network of 10-foot mirrored walls. These surfaces reflect and multiply Dior gowns, accessories, process sketches, and photographs.  The exhibition includes a striking 60-foot “Silhouette Wall” featuring Brigitte Niedermair’s portraits of each designer’s most defining creations. (Naho Kubota/Courtesy opng) House of Craft x Dior pays tribute to all seven of Dior’s creative directors—Christian Dior, Yves Saint Laurent, Marc Bohan, Gianfranco Ferré, John Galliano, Raf Simons, and Maria Grazia Chiuri—as well as menswear designer Kim Jones. Each director’s vision is represented through silhouettes, displayed alongside behind-the-scenes materials that offer insight into the meticulousness of couture. The exhibition includes a striking 60-foot “Silhouette Wall” featuring Brigitte Niedermair’s portraits of each designer’s most defining creations. A 24-foot worktable is surrounded by videos of couturiers from Dior’s Haute Couture House describing the construction process of making Dior’s most recognizable garments. Noguchi’s Sunken Garden makes for a historic setting for the fashion exhibition (Naho Kubota/Courtesy opng) Commissioned by Chase in 1961, Noguchi’s Sunken Garden embodies a midcentury belief in art’s ability to humanize the urban landscape. By placing Dior’s intricate couture into this minimalist, tranquil site, UBS and opng initiates a conversation between eras, disciplines, and design philosophies. opng’s exhibition design includes tables and rectangular vitrines that can be hung on the walls. (Naho Kubota/Courtesy opng) The exhibition is part of UBS’s ongoing House of Craft initiative, which launched in 2024. House of Craft x Dior on view from June 6 to June 8.

On most of the projects I’ve seen, there are a lot of tasks developers go through that are repetitive and error-prone, especially when it comes to integrating new art assets. For instance, setting up a character often involves dragging and dropping many asset references, checking checkboxes, and clicking buttons: Set the rig of the model to Humanoid, disable the sRGB of the SDF texture, set the normal maps as normal maps, and the UI textures as sprites. In other words, valuable time is spent and crucial steps can still be missed.In this two-part article, I’ll walk you through hacks that can help improve this workflow so that your next project runs smoother than your last. To further illustrate this, I’ve created a simple prototype – similar to an RTS – where the units of one team automatically attack enemy buildings and other units. With each scripting hack, I’ll improve one aspect of this process, whether that be the textures or models.Here’s what the prototype looks like:The main reason developers have to set up so many small details when importing assets is simple: Unity doesn’t know how you are going to use an asset, so it can’t know what the best settings for it are. If you want to automate some of these tasks, this is the first problem that needs to be addressed.The simplest way to find out what an asset is for and how it relates to others is by sticking to a specific naming convention and folder structure, such as:Naming convention: We can append things to the name of the asset itself, therefore Shield_BC.png is the base color while Shield_N.png is the normal map.Folder structure: Knight/Animations/Walk.fbx is clearly an animation, while Knight/Models/Knight.fbx is a model, even though they both share the same format (.fbx).The issue with this is that it only works well in one direction. So while you might already know what an asset is for when given its path, you can’t deduce its path if only given information on what the asset does. Being able to find an asset – for example, the material for a character – is useful when trying to automate the setup for some aspects of the assets. While this can be solved by using a rigid naming convention to ensure that the path is easy to deduce, it’s still susceptible to error. Even if you remember the convention, typos are common.An interesting approach to solve this is by using labels. You can use an Editor script that parses the paths of assets and assigns them labels accordingly. As the labels are automated, it’s possible to figure out the exact label that an asset will have. You can even look up assets by their label using AssetDatabase.FindAssets.If you want to automate this sequence, there is a class that can be very handy called the AssetPostprocessor. The AssetPostprocessor receives various messages when Unity imports assets. One of those is OnPostprocessAllAssets, a method that’s called whenever Unity finishes importing assets. It will give you all the paths to the imported assets, providing an opportunity to process those paths. You can write a simple method, like the following, to process them:In the case of the prototype, let’s focus on the list of imported assets – both to try and catch new assets, as well as moved assets. After all, as the path changes, we might want to update the labels.To create the labels, parse the path and look for relevant folders, prefixes, and suffixes of the name, as well as the extensions. Once you have generated the labels, combine them into a single string and set them to the asset.To assign the labels, load the asset using AssetDatabase.LoadAssetAtPath, then assign its labels with AssetDatabase.SetLabels.Remember, it’s important to only set labels if they have actually changed. Setting labels will trigger a reimport of the asset, so you don’t want this to happen unless it’s strictly necessary.If you check this, then the reimport won’t be an issue: Labels are set the first time you import an asset and saved in the .meta file, which means they’re also saved in your version control. A reimport will only be triggered if you rename or move your assets.With the above steps complete, all assets are automatically labeled, as in the example pictured below.Importing textures into a project usually involves tweaking the settings for each texture. Is it a regular texture? A normal map? A sprite? Is it linear or sRGB? If you want to change the settings of an asset importer, you can use the AssetPostprocessor once more.In this case, you’ll want to use the OnPreprocessTexture message, which is called right before importing a texture. This allows you to change the settings of the importer.When it comes to selecting the right settings for every texture, you need to verify what type of textures you’re working with – which is exactly why labels are key in the first step.With this information, you can write a simple TexturePreprocessor:It’s important to ensure that you only run this for textures that have the art label (our own textures). You’ll then get a reference to the importer so that you can set everything up – starting with the texture size.The AssetPostprocessor has a context property from which you can determine the target platform. As such, you can complete platform-specific changes, like setting the textures to a lower resolution for mobile:Next, check the label to see if the texture is a UI texture, and set it accordingly:For the rest of the textures, set the values to a default. It’s worth noting that Albedo is the only texture that will have sRGB enabled:Thanks to the above script, when you drag and drop the new textures into the Editor, they will automatically have the right settings in place.“Channel packing” refers to the combination of diverse textures into one by using the different channels. It is common and offers many advantages. For instance, the value of the Red channel is metallic and the value of the Green channel is its smoothness.However, combining all textures into one requires some extra work from the art team. If the packing needs to change for some reason (i.e., a change in the shader), the art team will have to redo all the textures that are used with that shader.As you can see, there’s room for improvement here. The approach that I like to use for channel packing is to create a special asset type where you set the “raw” textures and generate a channel-packed texture to use in your materials.First, I create a dummy file with a specific extension and then use a Scripted Importer that does all the heavy lifting when importing that asset. This is how it works:The importers can have parameters, such as the textures you need to combine.From the importer, you can set the textures as a dependency, which allows the dummy asset to be reimported every time one of the source textures changes. This lets you rebuild the generated textures accordingly.The importer has a version. If you need to change the way that textures are packed, you can modify the importer and bump the version. This will force a regeneration of all the packed textures in your project and everything will be packed in the new way, immediately.A nice side effect of generating things in an importer is that the generated assets only live in the Library folder, so it doesn’t fill up your version control.To implement this, create a ScriptableObject that will hold the created textures and serve as the result of the importer. In the example, I called this class TexturePack.With this created, you can begin by declaring the importer class and adding the ScriptedImporterAttribute to define the version and extension associated with the importer:In the importer, declare the fields you want to use. They will appear in the Inspector, just as MonoBehaviours and ScriptableObjects do:With the parameters ready, create new textures from the ones you have set as parameters. Note, however, that in the Preprocessor (from the previous section), we set isReadable to True to do this.In this prototype, you’ll notice two textures: the Albedo, which has the Albedo in the RGB and a mask for applying the player color in the Alpha, and the Mask texture, which includes the metallic in the Red channel and the smoothness in the Green channel.While this is perhaps outside the scope of this article, let’s look at how to combine the Albedo and the player mask as an example. First, check to see if the textures are set, and if they are, get their color data. Then set the textures as dependencies using AssetImportContext.DependsOnArtifact. As mentioned above, this will force the object to be recalculated if any of the textures end up changing.You also need to create a new texture. To do this, get the size from the TexturePreprocessor that you created in the previous section so that it follows the preset restrictions:Next, fill in all the data for the new texture. This could be massively optimized by using Jobs and Burst (but that would require an entire article on its own). Here we’ll use a simple loop:Set this data in the texture:Now, you can create the method for generating another texture in a very similar way. Once this is ready, create the main body of the importer. In this case, we’ll only create the ScriptableObject that holds the results, creates the textures, and sets the result of the importer through the AssetImportContext.When you write an importer, all of the assets generated must be registered using AssetImportContext.AddObjectToAsset so that they appear in the project window. Select a main asset using AssetImportContext.SetMainObject. This is what it looks like:The only thing left to do is to create the dummy assets. As these are custom, you can’t use the CreateAssetMenuattribute. You must make them manually instead.Using the MenuItem attribute, specify the full path to the create the asset menu, Assets/Create. To create the asset, use ProjectWindowUtil.CreateAssetWithContent, which generates a file with the content you’ve specified and allows the user to input a name for it. It looks like this:Finally, create the channel-packed textures.Most projects use custom shaders. Sometimes they’re used to add extra effects, like a dissolve effect to fade out defeated enemies, and other times, the shaders implement a custom art style, like toon shaders. Whatever the use case, Unity will create new materials with the default shader, and you will need to change it to use the custom shader.In this example, the shader used for units has two added features: the dissolve effect and the player color (red and blue in the video prototype). When implementing these in your project, you must ensure that all the buildings and units use the appropriate shader.To validate that an asset matches certain requirements – in this case, that it uses the right shader – there is another useful class: the AssetModificationProcessor. With AssetModificationProcessor.OnWillSaveAssets, in particular, you’ll be notified when Unity is about to write an asset to disk. This will give you the opportunity to check if the asset is correct and fix it before it’s saved.Additionally, you can “tell” Unity not to save the asset, which is effective for when the problem you detect cannot be fixed automatically. To accomplish this, create the OnWillSaveAssets method:To process the assets, check whether they are materials and if they have the right labels. If they match the code below, then you have the correct shader:What’s convenient here is that this code is also called when the asset is created, meaning the new material will have the correct shader.As a new feature in Unity 2022, we also have Material Variants. Material Variants are incredibly useful when creating materials for units. In fact, you can create a base material and derive the materials for each unit from there – overriding the relevant fields (like the textures) and inheriting the rest of the properties. This allows for solid defaults for our materials, which can be updated as needed.Importing animations is similar to importing textures. There are various settings that need to be established, and some of them can be automated.Unity imports the materials of all the FBX (.fbx) files by default. For animations, the materials you want to use will either be in the project or in the FBX of the mesh. The extra materials from the animation FBX appear every time you search for materials in the project, adding quite a bit of noise, so it’s worth disabling them.To set up the rig – that is, choosing between Humanoid and Generic, and in cases where we are using a carefully setup avatar, assigning it – apply the same approach that was applied to textures. But for animations, the message you’ll use is AssetPostprocessor.OnPreprocessModel. This will be called for all FBX files, so you need to discern animation FBX files from model FBX files.Thanks to the labels you set up earlier, this shouldn’t be too complicated. The method starts much like the one for textures:Next up, you’ll want to use the rig from the mesh FBX, so you need to find that asset. To locate the asset, use the labels once more. In the case of this prototype, animations have labels that end with “animation,” whereas meshes have labels that end with “model.” You can complete a simple replacement to get the label for your model. Once you have the label, find your asset using AssetDatabase.FindAssets with “l:label-name.”When accessing other assets, there’s something else to consider: It’s possible that, in the middle of the import process, the avatar has not yet been imported when this method is called. If this occurs, the LoadAssetAtPath will return null and you won’t be able to set the avatar. To work around this issue, set a dependency to the path of the avatar. The animation will be imported again once the avatar is imported, and you will be able to set it there.Putting all of this into code will look something like this:Now you can drag the animations into the right folder, and if your mesh is ready, each one will be set up automatically. But if there isn’t an avatar available when you import the animations, the project won’t be able to pick it up once it’s created. Instead, you’ll need to reimport the animation manually after creating it. This can be done by right-clicking the folder with the animations and selecting Reimport.You can see all of this in the sample video below.Using exactly the same ideas from the previous sections, you’ll want to set up the models you are going to use. In this case, employ AssetPostrocessor.OnPreprocessModel to set the importer settings for this model.For the prototype, I’ve set the importer to not generate materials (I will use the ones I’ve created in the project) and checked whether the model is a unit or a building (by verifying the label, as always). The units are set to generate an avatar, but the avatar creation for the buildings is disabled, as the buildings aren’t animated.For your project, you might want to set the materials and animators (and anything else you want to add) when importing the model. This way, the Prefab generated by the importer is ready for immediate use.To do this, use the AssetPostprocessor.OnPostprocessModel method. This method is called after a model is finished importing. It receives the Prefab that has been generated as a parameter, which lets us modify the Prefab however we want.For the prototype, I found the material and Animation Controller by matching the label, just as I located the avatar for the animations. With the Renderer and Animator in the Prefab, I set the material and the controller as in normal gameplay.You can then drop the model into your project and it will be ready to drop into any scene. Except we haven’t set any gameplay-related components, which I’ll address in the second part of this blog.With these advanced scripting tips, you’re just about game ready. Stay tuned for the next installment in this two-part Tech from the Trenches article, which will cover hacks for balancing game data and more.If you would like to discuss the article, or share your ideas after reading it, head on over to our Scripting forum. You can also connect with me on Twitter at @CaballolD.

Editor's take: Windows 11 brought a slew of UI changes and "improvements" few users welcome. File Explorer's state is particularly dire, yet Microsoft shows no sign of backing off its relentless quest to make the interface worse. What should be a simple file manager is now a confusing mess, frustrating longtime users and driving a flood of third-party fixes. Microsoft's revamp of the Windows 11 File Explorer context menu hid or removed many helpful features, sparking a boom in third-party tools to restore the old interface. Once again, Microsoft is reinventing the wheel with a redesigned Start Menu that brings more frustrating changes to the right-click menu. The Redmond corporation has added a new "AI action" sub-menu to File Explorer's context menu. This change is already available to unpaid beta testers in the Windows Insider program with the recent Windows 11 Insider Preview Build 26200.5603 (KB5058488) released to the Dev Channel. Microsoft explains that AI actions in File Explorer offer a deeper interaction with users' files through AI technology. The first four AI actions focus on image editing. Bing Visual Search helps find similar pictures online. Blur Background and Erase Objects automatically detect and modify objects and backgrounds in Photos. Remove Background lets users extract an image's background in Paint. The four AI context menu options support JPG and PNG files but hardly represent an AI revolution. These new actions directly link Bing search or image-editing features from the File Explorer menu – nothing extraordinary about that. Microsoft plans to launch new Copilot-powered AI actions in the coming weeks. Microsoft 365 subscribers will soon get a new "Summarize" option to generate summaries of larger documents – Word, PDF, or TXT – stored on OneDrive and SharePoint. Microsoft also has a "Create an FAQ" feature that utilizes Copilot's chatbot to transform cloud documents into a neatly formatted, AI-generated Q&A list. // Related Stories The new Microsoft 365-exclusive AI actions sound far more promising than a handful of shortcuts to AI tools in a couple of Windows-native image editors. Still, I'd bet a kidney they won't ease the frustration for anyone who's disliked Windows 11 File Explorer since day one. Microsoft's new mission is to bring AI everywhere, so get ready to welcome your fully AI-powered Windows operating system sooner than you think.

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Microsoft is testing redesigned Office icons, and you can already download them Taras Buria Neowin @TarasBuria · May 18, 2025 17:56 EDT In April, news emerged that Microsoft was asking users to share their thoughts about a set of redesigned Office icons, the first remake in seven years (the last redesign was in late 2018). While we were waiting for more details from Microsoft, someone decided to take the matter into their own hands and make a pack of high-res icons that Microsoft shared with users for feedback. Reddit user u/Thunder_Ruler0 posted their creation on the r/Windows11. Of course, these icons are not from Microsoft, and they are not pixel-perfect. According to the poster, they were made by cleaning up the "leaked icons," downscaling them, upscaling, and re-generating with DALLE-3. In total, the pack took about two hours to make, and the author claims they are not going to spend more time on that. Overall, the project is for the impatient users who cannot wait for Microsoft to drop the new icon pack. However, since there has been no announcement from Microsoft yet, chances are that we will never see it rolling out to all users. Alternatively, Microsoft might ship it in a slightly or fully reworked variant. Therefore, this unofficial icon pack could be a unique piece of customization. It is also worth noting that the pack has the Outlook icon yellow, a tribute to the original Microsoft Outlook icon, which, with time, evolved into a blue envelope. Many users in the comments agree that the yellow variant suits Outlook better than the blue one. You can download the entire pack using this Google Drive link. Note that you will have to convert PNG to ICO in order to set those logos as app icons. What do you think about the new Office icons? Would you like to see Microsoft shipping them to all users? Share your thoughts in the comments. Tags Report a problem with article Follow @NeowinFeed

This A$37 app is a smarter way to work with PDFs Credit: Acethinker Deal pricing and availability subject to change after time of publication. TL;DR: Take control of your documents with PDF Converter and Editor. Easily convert, edit, and manage PDFs with this lifetime license, now just A$37 with code SAVE20 through June 1.Tired of the daily PDF struggle? With PDF Converter and Editor, you can easily switch between formats, edit text, and organize your documents like a pro. And right now, you can secure a lifetime subscription for only A$37 (reg. A$156) with code SAVE20 before June 1.Conquer PDFs once and for all with this appStop jumping through hoops when it comes to PDFs. PDF Converter and Editor lets you tackle this pesky file format easily on one handy platform. Convert PDFs to Word, Excel, JPG, and more files — or turn other formats into PDFs with just a few clicks.PDF Converter offers lightning-fast conversions without sacrificing quality. You'll enjoy high-quality output, so you can confidently convert files for any purpose. This app does more than convert PDFs — it’s packed with extra tools to make working with PDFs a breeze. Built-in OCR technology can extract text from image-based files. And merging, splitting, or compressing documents is equally straightforward. Need to fill out an existing PDF? It's easy to fill out forms with text, check boxes, shapes, and annotations all on PDF Converter. Want to just grab the images off a PDF file? That's just as simple — you can extract all JPGs and PNGs from a PDF with just one click. If you're dealing with sensitive data, PDF Converter lets you lock or unlock your files, add password protection, and even encrypt sensitive information for peace of mind.Need to enhance your PDF? This app makes it easy to add customizable watermarks and shapes as needed. Mashable Deals Want more hand-picked deals from our shopping experts? Sign up for the Mashable Deals newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up! Manage, edit, and convert PDFs with PDF Converter and Editor for just A$37 using code SAVE20 through June 1.StackSocial prices subject to change. Opens in a new window Credit: Acethinker PDF Converter & Editor: Lifetime License AU$37 AU$156 Save AU$119 Topics Apps & Software

We crafted the character design, level-up system, 3D icons, and artwork for K Bank's gamified finance mission, "Grow Your Money Tree". Each visual element was meticulously developed in layered APNG format, enabling seamless in-app performance with minimal file size. Our goal was to balance a playful user experience with efficient mobile rendering, bringing life to every tap and growth stage. ??? K Bank? ??? ?? ??, '??? ???'? ??? ???, ??? ???, 3D ???, ????? ???????. ?? ?? ??? APNG? ?????? ? ??? ?? ????? ?? ?? ??? ? ??? ???????.

Macworld Adobe Acrobat may be the industry standard, but that comes with a $200+ price tag every single year. So when a Mac-friendly PDF editor comes along offering a lifetime of features for a fraction of the cost, it’s worth taking seriously.  If you only need app that can edit, annotate, and convert PDFs that you don’t have to pay for every month, then check out this lifetime subscription for PDF Expert. There are no recurring costs of any kind, you can use it on all current and future Macs, and it’s on sale for $79.97 (reg. $139.99).  PDF expert packs a lot of different tools into one easy-to-navigate interface. You can edit PDFs by changing the text, inserting images, or adding links. You can annotate to highlight or comment on different areas. You can also merge, re-arrange, or split PDF files. PDF Expert can also convert to and from JPG, PNG, Word, PPT, and Excel files.  Working with an older file? The OCR scanner can recognize almost any text and turn it into a searchable document. You can even enhance scans and remove shadows.  If you don’t want to pay every month to access files you’ll need forever, then get lifetime PDF editor for $79.97 (reg. $139.99). No coupon is needed to get this price. PDF Expert Premium Plan: Lifetime Subscription (Mac)See Deal StackSocial prices subject to change.

html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd" https://www.cgchannel.com/wp-content/uploads/2024/02/240206_Cavalry2_particles.mp4 Originally posted on 6 February 2024. Scroll down for news of the Cavalry 2.4 update. Scene Group has begun the next big series of releases for Cavalry, its motion design software. Cavalry 2.0 adds animatable scene cameras, making it possible to create 2.5D effects, plus an experimental new particle system, and increases scene playback speed around 200%. A next-gen 2D motion graphics tool inspired by 3D software Originally released in 2020, Cavalry is a procedural animation app “combining the power and flexibility of 3D with the ease of use of 2D”.Although currently a pure 2D animation tool, it supports workflows that will be familiar to 3D animators, including keyframing, curve editing, deformation, rigging, scattering and instancing. Scene Group’s background is also in 3D motion graphics: the firm is a spin-off from Mainframe North, which developed MASH, Maya’s motion graphics toolset. Once created, images may be exported in a range of file formats, including as JPEG, PNG or SVG sequences, as animated PNGs, as WEBM or QuickTime movies, or in Lottie format. https://www.cgchannel.com/wp-content/uploads/2024/02/240206_Cavalry2_cameras.mp4 Add a Camera to a scene to create 2.5D animations Major changes in Cavalry 2.0 include support for Cameras, making it possible to create 2.5D effects like the one above.Users can create Freeform or Look At cameras, with the option to offset the position of the camera and look-at target to create secondary motion, and to set view distance limits for layers. Experimental new particle system creates 2D particle effects Cavalry 2.0 also introduces an experimental new particle system, for creating particle effects.It’s still a tech preview, but it already includes a range of standard basic features, including settings for particle shape, and a range of emitter types and modifiers. Particles can be emitted from points, shapes, paths or Distributions; and it is possible to direct particle motion with paths, goals, forces or turbulence. Other new features and performance improvements Other new features in Cavalry 2.0 include a new Auto-Animate behavior for animating Shapes with fewer keyframes, and support for tapered strokes along Shapes.Workflow improvements include the option to set up overrides for Pre-Comps, making it easier to create variants for a composition. Users can also now group Layers into simplified custom containers called Components, controlling which Attributes are exposed in the UI. Performance improvements include boosts of 10-600% in playback speed: the improvement is greater in complex scenes, but Scene Group says that the average is around 200%. Cavalry also now supports background rendering, making it possible to continue to work while a scene is rendering. https://www.cgchannel.com/wp-content/uploads/2024/02/240524_Cavalry21_tw.mp4 Updated 23 May 2024: Scene Group has released Cavalry 2.1. The update focuses on the audio tools, adding support for multi-track audio playback, and the option to export audio from Cavalry. Audio projects can be exported as AAC files, or in MP4, QuickTime or WebM files. It is also possible to import audio files in more formats, now including AAC, MP3 and CAF. Updated 11 November 2024: Scene Group has released Cavalry 2.2. The biggest change in the update is support for OpenType fonts in the Text Shape, with the option to control OpenType features like ligatures and superscript procedurally. It is also possible to create color gradients along Strokes, and to add multiple Strokes to paths. Other changes include the option to fill closed paths with Stitches, new Sweep and Shape Falloff patterns, a new Quick Mask mode, and proportional easing when scaling keyframes. Users of the paid Pro edition also get a new Knot behavior, which automatically adds gaps to paths where they self-intersect, and a new Stroke Duplicator feature. Released 11 December 2025: Scene Group has released Cavalry 2.3. Workflow improvements include the option to save presets for Layers, Compositions and Render Queue Items, and to ‘seed‘ random values for Attributes. Users of the Pro edition get the option to open multiple viewports, and to convert images or shape layers to contours, and to convert contours within shapes to sub-meshes. Updated 15 May 2025: Scene Group has released Cavalry 2.4. It’s a sizeable update, adding the option to write custom image-manipulation filters in SkSL, and save them as third-party plugins. SkSL, the shading language used by open-source 2D graphics library Skia, is a variant of GLSL, so code from sites like Shadertoy should work with “minor modifications”. The update also adds a new SLA shader for creating a range of animatable noise types. Text styling and .xslx import Other changes include new styling options in the Text Shape, making it possible to apply apply effects like underline, strikethrough and superscript to text.It is also now possible to import Excel .xslx files. Pro edition: use 2D meshes to deform images and shaders Users of the paid Pro edition also get the option to create 2D meshes to deform images or shaders by placing control vertices.When creating 2.5D animation, it is now possible to use a Camera Guide – a representation of the region of the scene visible to the camera – to drive its animation. For managing complex projects, a new Dependency Graph window provides an editable schematic view of a composition, replacing the old Flow Graph. Price and system requirements Cavalry 2.4 is available for Windows 10+ and macOS 12.0+. The full software is available rental-only, with Pro subscriptions costing £192/year (around $255/year). The free edition caps renders at full HD resolution, and lacks the advanced features in this table. Read a full list of new features in Cavalry in the online release notes Read an overview of original Cavalry 2.0 update on Scene Group’s blog Have your say on this story by following CG Channel on Facebook, Instagram and X (formerly Twitter). As well as being able to comment on stories, followers of our social media accounts can see videos we don’t post on the site itself, including making-ofs for the latest VFX movies, animations, games cinematics and motion graphics projects.