On September 15, WIRED is gathering a panel of leaders across technology, politics, and media to tell you everything you need to know about the future of generative AI.

Sony has announced that a new beta firmware update for the PlayStation 5 will begin rolling out to select users starting this week. One noteworthy aspect of this update is that it will include a feature that lets you cut back on your PS5's power cons

ActuGaming.net Genshin Impact : Une nouvelle vidéo s’attarde sur tous les personnages importants de la nouvelle région de Nod-Krai Malgré quelques personnages marquants, le casting de la région de Natlan dans Genshin Impact n’a […]

USB audio is great, but what if you needed to use it and had no budget? Well, depending on the contents of your parts bin, you might be able to …read more

Parece que la inteligencia artificial ha vuelto a demostrar su eficacia en el sector de la impresión 3D, concretamente en la fase de diseño. Un equipo ha utilizado la IA para desarrollar un generador de modelos 3D capaz de sintetizar…

En partenariat avec Shining 3D Comme vous le savez, chez 3DVF, nous adorons la numérisation 3D, et cela fait des années que nous explorons différentes manières de scanner des objets, des personnes et des lieux. Cependant, pendant longtemps, certaines

In-app bidding has automated most waterfall optimization, yet developers still manage multiple hybrid waterfalls, each with dozens of manual instances. Naturally, this can be timely and overwhelming to maintain, keeping you from optimizing to perfection and focusing on other opportunities to boost revenue.Rather than analyzing each individual network and checking if instances are available at each price point, breaking down your waterfall into different CPM ranges allows you to visualize the waterfall and easily identify the gaps.Here are some tips on how to use CPM buckets to better optimize your waterfall’s performance.What are CPM buckets?CPM buckets show you exactly how much revenue and how many impressions you’re getting from each CPM price range, giving you a more granular idea of how different networks are competing in the waterfall. CPM buckets are a feature of real time pivot reports, available on ironSource LevelPlay.Identifying and closing the gapsTypically in a waterfall, you can only see each ad network’s average CPM. But this keeps you from seeing ad network distribution across all price points and understanding exactly where ad networks are bidding. Bottom line - you don’t know where in the waterfall you should add a new instance.By separating CPM into buckets, (for example, seeing all the ad networks generating a CPM of $10-$20) you understand exactly which networks are driving impressions and revenue and which CPMs aren’t being filledNow how do you do it? As a LevelPlay client, simply use ironSource’s real time pivot reports - choose the CPM bucket filter option and sort by “average bid price.” From here, you’ll see how your revenue spreads out among CPM ranges and you’ll start to notice gaps in your bar graph. Every gap in revenue - where revenue is much lower than the neighboring CPM group - indicates an opportunity to optimize your monetization strategy. The buckets can range from small increments like $1 to larger increments like $10, so it’s important to compare CPM buckets of the same incremental value.Pro tip: To best set up your waterfall, create one tab with the general waterfall (filter app, OS, Ad unit, geo/geos from a specific group) and make sure to look at Revenue and eCPM in the “measures” dropdown. In the “show” section, choose CPM buckets and sort by average bid price. From here, you can mark down any gaps.But where do these gaps come from? Gaps in revenue are often due to friction in the waterfall, like not enough instances, instances that aren’t working, or a waterfall setup mistake. But gaps can also be adjusted and fixed.Once you’ve found a gap, you can look at the CPM buckets around it to better understand the context. Let’s say you see a strong instance generating significant revenue in the CPM bucket right below it, in the $70-80 group. This instance from this specific ad network has a lot of potential, so it’s worth trying to push it to a higher CPM bucket.In fact, when you look at higher CPM buckets, you don’t see this ad network anywhere else in the waterfall - what a missed opportunity! Try adding another instance of this network higher up in the waterfall. If you’re profiting well with a $70-80 CPM, imagine how much more revenue you could bring at a $150 CPM.Pro tip: Focusing on higher areas in the waterfall makes a larger financial impact, leading to bigger increases in ARPDAU.Let’s say you decide to add 5 instances of that network to higher CPM buckets. You can use LevelPlay’s quick A/B test to understand if this adjustment boosts your revenue - not just for this gap, but for any and all that you find. Simply compare your existing waterfall against the new waterfall with these 5 higher instances - then implement the one that drives the highest instances.Božo Janković, Head of Ad Monetization at GameBiz Consulting, uses CPM buckets "to understand at which CPMs the bidding networks are filling. From there, I can pinpoint exactly where in the waterfall to add more traditional instances - which creates more competition, especially for the bidding networks, and creates an opportunity for revenue growth."Finding new insightsYou can dig even deeper into your data by filtering by ad source. Before CPM buckets, you were limited to seeing an average eCPM for each bidding network. Maybe you knew that one ad source had an average CPM of $50, but the distribution of impression across the waterfall was a black box. Now, we know exactly which CPMs the bidders are filling. “I find ironSource CPM buckets feature very insightful and and use it daily. It’s an easy way to identify opportunities to optimize the waterfall and earn even more revenue." -Božo Janković, Head of Ad Monetization at GameBiz ConsultingUnderstanding your CPM distribution empowers you to not only identify your revenue sources, but also to promote revenue growth. Armed with the knowledge of which buckets some of their stronger bidding networking are performing in, some publishers actively add instances from traditional networks above those ranges. This creates better competition and also helps drive up the bids from the biddersThere’s no need for deep analysis - once you see the gaps, you can quickly understand who’s performing in the lower and higher buckets, and see exactly what’s missing. This way, you won’t miss out on any lost revenue.Learn more about CPM buckets, available exclusively to ironSource LevelPlay here.

show some love for the losers Delightfully irreverent Underdogs isn’t your parents’ nature docuseries Ryan Reynolds narrates NatGeo's new series highlighting nature's much less cool and majestic creatures Jennifer Ouellette – Jun 15, 2025 3:11 pm | 5 The indestructible honey badger is just one of nature's "benchwarmers" featured in Underdogs Credit: National Geographic/Doug Parker The indestructible honey badger is just one of nature's "benchwarmers" featured in Underdogs Credit: National Geographic/Doug Parker Story text Size Small Standard Large Width * Standard Wide Links Standard Orange * Subscribers only   Learn more Narrator Ryan Reynolds celebrates nature's outcasts in the new NatGeo docuseries Underdogs. Most of us have seen a nature documentary or two (or three) at some point in our lives, so it's a familiar format: sweeping majestic footage of impressively regal animals accompanied by reverently high-toned narration (preferably with a tony British accent). Underdogs, a new docuseries from National Geographic, takes a decidedly different and unconventional approach. Narrated by with hilarious irreverence by Ryan Reynolds, the five-part series highlights nature's less cool and majestic creatures: the outcasts and benchwarmers, more noteworthy for their "unconventional hygiene choices" and "unsavory courtship rituals." It's like The Suicide Squad or Thunderbolts*, except these creatures actually exist. Per the official premise, "Underdogs features a range of never-before-filmed scenes, including the first time a film crew has ever entered a special cave in New Zealand—a huge cavern that glows brighter than a bachelor pad under a black light thanks to the glowing butts of millions of mucus-coated grubs. All over the world, overlooked superstars like this are out there 24/7, giving it maximum effort and keeping the natural world in working order for all those showboating polar bears, sharks and gorillas." It's rated PG-13 thanks to the odd bit of scatalogical humor and shots of Nature Sexy Time Each of the five episodes is built around a specific genre. "Superheroes" highlights the surprising superpowers of the honey badger, pistol shrimp, and the invisible glass frog, among others, augmented with comic book graphics; "Sexy Beasts" focuses on bizarre mating habits and follows the format of a romantic advice column; "Terrible Parents" highlights nature's worst practices, following the outline of a parenting guide; "Total Grossout" is exactly what it sounds like; and "The Unusual Suspects" is a heist tale, documenting the supposed efforts of a macaque to put together the ultimate team of masters of deception and disguise (an inside man, a decoy, a fall guy, etc.).  Green Day even wrote and recorded a special theme song for the opening credits. Co-creators Mark Linfield and Vanessa Berlowitz of Wildstar Films are longtime producers of award-winning wildlife films, most notably Frozen Planet, Planet Earth and David Attenborough's Life of Mammals—you know, the kind of prestige nature documentaries that have become a mainstay for National Geographic and the BBC, among others. They're justly proud of that work, but this time around the duo wanted to try something different. Madagascar's aye-aye: "as if fear and panic had a baby and rolled it in dog hair" National Geographic/Eleanor Paish Madagascar's aye-aye: "as if fear and panic had a baby and rolled it in dog hair" National Geographic/Eleanor Paish An emerald jewel wasp emerges from a cockroach. National Geographic/Simon De Glanville An emerald jewel wasp emerges from a cockroach. National Geographic/Simon De Glanville A pack of African hunting dogs is no match for the honey badger's thick hide. National Geographic/Tom Walker A pack of African hunting dogs is no match for the honey badger's thick hide. National Geographic/Tom Walker An emerald jewel wasp emerges from a cockroach. National Geographic/Simon De Glanville A pack of African hunting dogs is no match for the honey badger's thick hide. National Geographic/Tom Walker A fireworm is hit by a cavitation bubble shot from the claw of a pistol shrimp defending its home. National Geographic/Hugh Miller As it grows and molts, the mad hatterpillar stacks old head casings on top of its head. Scientists think it is used as a decoy against would-be predators and parasites, and when needed, it can also be used as a weapon. National Geographic/Katherine Hannaford Worst parents ever? A young barnacle goose chick prepares t make the 800-foot jump from its nest to the ground. National Geographic An adult pearlfish reverses into a sea cucumber's butt to hide. National Geographic A vulture sticks its head inside an elephant carcass to eat. National Geographic A manatee releases flatulence while swimming to lose the buoyancy build up of gas inside its stomach, and descend down the water column. National Geographic/Karl Davies "There is a sense after awhile that you're playing the same animals to the same people, and the shows are starting to look the same and so is your audience," Linfield told Ars. "We thought, okay, how can we do something absolutely the opposite? We've gone through our careers collecting stories of these weird and crazy creatures that don't end up in the script because they're not big or sexy and they live under a rock. But they often have the best life histories and the craziest superpowers." Case in point: the velvet worm featured in the "Superheroes" episode, which creeps up on unsuspecting prey before squirting disgusting slime all over their food. (It's a handy defense mechanism, too, against predators like the wolf spider.) Once Linfield and Berlowitz decided to focus on nature's underdogs and to take a more humorous approach, Ryan Reynolds became their top choice for a narrator—the anti-Richard Attenborough. As luck would have it, the pair shared an agent with the mega-star. So even though they thought there was no way Reynolds would agree to the project, they put together a sizzle reel, complete with a "fake Canadian Ryan Reynolds sound-alike" doing the narration. Reynolds was on set when he received the reel, and loved it so much he recoded his own narration for the footage and sent it back. "From that moment he was in," said Linfield, and Wildstar Films worked closely with Reynolds and his company to develop the final series. "We've never worked that way on a series before, a joint collaboration from day one," Berlowitz admitted. But it worked: the end result strikes the perfect balance between scientific revelation and accurate natural history, and an edgy comic tone. That tone is quintessential Reynolds, and while he did mostly follow the script (which his team helped write), Linfield and Berlowitz admit there was also a fair amount of improvisation—not all of it PG-13.  "What we hadn't appreciated is that he's an incredible improv performer," said Berlowitz. "He can't help himself. He gets into character and starts riffing off [the footage]. There are some takes that we definitely couldn't use, that potentially would fit a slightly more Hulu audience."  Some of the ad-libs made it into the final episodes, however—like Reynolds describing an Aye-Aye as "if fear and panic had a baby and rolled it in dog hair"—even though it meant going back and doing a bit of recutting to get the new lines to fit. Cinematographer Tom Beldam films a long-tailed macaque who stole his smart phone minutes later. National Geographic/Laura Pennafort Cinematographer Tom Beldam films a long-tailed macaque who stole his smart phone minutes later. National Geographic/Laura Pennafort The macaque agrees to trade ithe stolen phone for a piece of food. National Geographic The macaque agrees to trade ithe stolen phone for a piece of food. National Geographic A family of tortoise beetles defend themselves from a carnivorous ant by wafting baby poop in its direction. National Geographic A family of tortoise beetles defend themselves from a carnivorous ant by wafting baby poop in its direction. National Geographic The macaque agrees to trade ithe stolen phone for a piece of food. National Geographic A family of tortoise beetles defend themselves from a carnivorous ant by wafting baby poop in its direction. National Geographic A male hippo sprays his feces at another male who is threatening to take over his patch. National Geographic A male proboscis monkey flaunts his large nose. The noses of these males are used to amplify their calls in the vast forest. National Geographic Dream girl: A blood-soaked female hyena looks across the African savanna. National Geographic A male bowerbird presents one of the finest items in his collection to a female in his bower. National Geographic The male nursery web spider presents his nuptial gift to the female. National Geographic Cue the Barry White mood music: Two leopard slugs suspend themselves on a rope of mucus as they entwine their bodies to mate with one another. National Geographic Despite their years of collective experience, Linfield and Berlowitz were initially skeptical when the crew told them about the pearl fish, which hides from predators in a sea cucumber's butt (along with many other species). "It had never been filmed so we said, 'You're going to have to prove it to us,'" said Berlowitz. "They came back with this fantastic, hilarious sequence of a pearl fish reverse parking [in a sea cucumber's anus)." The film crew experienced a few heart-pounding moments, most notably while filming the cliffside nests of barnacle geese for the "Terrible Parents" episode. A melting glacier caused a watery avalanche while the crew was filming the geese, and they had to quickly grab a few shots and run to safety. Less dramatic: cinematographer Tom Beldam had his smartphone stolen by a long-tailed macaque mere minutes after he finished capturing the animal on film. If all goes well and Underdogs finds its target audience, we may even get a follow-up. "We are slightly plowing new territory but the science is as true as it's ever been and the stories are good. That aspect of the natural history is still there," said Linfield. "I think what we really hope for is that people who don't normally watch natural history will watch it. If people have as much fun watching it as we had making it, then the metrics should be good enough for another season." Verdict: Underdogs is positively addictive; I binged all five episodes in a single day. (For his part, Reynolds said in a statement that he was thrilled to "finally watch a project of ours with my children. Technically they saw Deadpool and Wolverine but I don't think they absorbed much while covering their eyes and ears and screaming for two hours.") Underdogs premieres June 15, 2025, at 9 PM/8 PM Central on National Geographic (simulcast on ABC) and will be available for streaming on Disney+ and Hulu the following day.  You should watch it, if only to get that second season. Jennifer Ouellette Senior Writer Jennifer Ouellette Senior Writer Jennifer is a senior writer at Ars Technica with a particular focus on where science meets culture, covering everything from physics and related interdisciplinary topics to her favorite films and TV series. Jennifer lives in Baltimore with her spouse, physicist Sean M. Carroll, and their two cats, Ariel and Caliban. 5 Comments

Jun 16, 2025Ravie LakshmananMalware / DevOps Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others. The package, named chimera-sandbox-extensions, attracted 143 downloads and likely targets users of a service called Chimera Sandbox, which was released by Singaporean tech company Grab last August to facilitate "experimentation and development of [machine learning] solutions." The package masquerades as a helper module for Chimera Sandbox, but "aims to steal credentials and other sensitive information such as Jamf configuration, CI/CD environment variables, AWS tokens, and more," JFrog security researcher Guy Korolevski said in a report published last week. Once installed, it attempts to connect to an external domain whose domain name is generated using a domain generation algorithm (DGA) in order to download and execute a next-stage payload. Specifically, the malware acquires from the domain an authentication token, which is then used to send a request to the same domain and retrieve the Python-based information stealer. The stealer malware is equipped to siphon a wide range of data from infected machines. This includes - JAMF receipts, which are records of software packages installed by Jamf Pro on managed computers Pod sandbox environment authentication tokens and git information CI/CD information from environment variables Zscaler host configuration Amazon Web Services account information and tokens Public IP address General platform, user, and host information The kind of data gathered by the malware shows that it's mainly geared towards corporate and cloud infrastructure. In addition, the extraction of JAMF receipts indicates that it's also capable of targeting Apple macOS systems. The collected information is sent via a POST request back to the same domain, after which the server assesses if the machine is a worthy target for further exploitation. However, JFrog said it was unable to obtain the payload at the time of analysis. "The targeted approach employed by this malware, along with the complexity of its multi-stage targeted payload, distinguishes it from the more generic open-source malware threats we have encountered thus far, highlighting the advancements that malicious packages have made recently," Jonathan Sar Shalom, director of threat research at JFrog Security Research team, said. "This new sophistication of malware underscores why development teams remain vigilant with updates—alongside proactive security research – to defend against emerging threats and maintain software integrity." The disclosure comes as SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below - eslint-config-airbnb-compat (676 Downloads) ts-runtime-compat-check (1,588 Downloads) solders (983 Downloads) @mediawave/lib (386 Downloads) All the identified npm packages have since been taken down from npm, but not before they were downloaded hundreds of times from the package registry. SafeDep's analysis of eslint-config-airbnb-compat found that the JavaScript library has ts-runtime-compat-check listed as a dependency, which, in turn, contacts an external server defined in the former package ("proxy.eslint-proxy[.]site") to retrieve and execute a Base64-encoded string. The exact nature of the payload is unknown. "It implements a multi-stage remote code execution attack using a transitive dependency to hide the malicious code," SafeDep researcher Kunal Singh said. Solders, on the other hand, has been found to incorporate a post-install script in its package.json, causing the malicious code to be automatically executed as soon as the package is installed. "At first glance, it's hard to believe that this is actually valid JavaScript," the Veracode Threat Research team said. "It looks like a seemingly random collection of Japanese symbols. It turns out that this particular obfuscation scheme uses the Unicode characters as variable names and a sophisticated chain of dynamic code generation to work." Decoding the script reveals an extra layer of obfuscation, unpacking which reveals its main function: Check if the compromised machine is Windows, and if so, run a PowerShell command to retrieve a next-stage payload from a remote server ("firewall[.]tel"). This second-stage PowerShell script, also obscured, is designed to fetch a Windows batch script from another domain ("cdn.audiowave[.]org") and configures a Windows Defender Antivirus exclusion list to avoid detection. The batch script then paves the way for the execution of a .NET DLL that reaches out to a PNG image hosted on ImgBB ("i.ibb[.]co"). "[The DLL] is grabbing the last two pixels from this image and then looping through some data contained elsewhere in it," Veracode said. "It ultimately builds up in memory YET ANOTHER .NET DLL." Furthermore, the DLL is equipped to create task scheduler entries and features the ability to bypass user account control (UAC) using a combination of FodHelper.exe and programmatic identifiers (ProgIDs) to evade defenses and avoid triggering any security alerts to the user. The newly-downloaded DLL is Pulsar RAT, a "free, open-source Remote Administration Tool for Windows" and a variant of the Quasar RAT. "From a wall of Japanese characters to a RAT hidden within the pixels of a PNG file, the attacker went to extraordinary lengths to conceal their payload, nesting it a dozen layers deep to evade detection," Veracode said. "While the attacker's ultimate objective for deploying the Pulsar RAT remains unclear, the sheer complexity of this delivery mechanism is a powerful indicator of malicious intent." Crypto Malware in the Open-Source Supply Chain The findings also coincide with a report from Socket that identified credential stealers, cryptocurrency drainers, cryptojackers, and clippers as the main types of threats targeting the cryptocurrency and blockchain development ecosystem. Some of the examples of these packages include - express-dompurify and pumptoolforvolumeandcomment, which are capable of harvesting browser credentials and cryptocurrency wallet keys bs58js, which drains a victim's wallet and uses multi-hop transfers to obscure theft and frustrate forensic tracing. lsjglsjdv, asyncaiosignal, and raydium-sdk-liquidity-init, which functions as a clipper to monitor the system clipboard for cryptocurrency wallet strings and replace them with threat actor‑controlled addresses to reroute transactions to the attackers "As Web3 development converges with mainstream software engineering, the attack surface for blockchain-focused projects is expanding in both scale and complexity," Socket security researcher Kirill Boychenko said. "Financially motivated threat actors and state-sponsored groups are rapidly evolving their tactics to exploit systemic weaknesses in the software supply chain. These campaigns are iterative, persistent, and increasingly tailored to high-value targets." AI and Slopsquatting The rise of artificial intelligence (AI)-assisted coding, also called vibe coding, has unleashed another novel threat in the form of slopsquatting, where large language models (LLMs) can hallucinate non-existent but plausible package names that bad actors can weaponize to conduct supply chain attacks. Trend Micro, in a report last week, said it observed an unnamed advanced agent "confidently" cooking up a phantom Python package named starlette-reverse-proxy, only for the build process to crash with the error "module not found." However, should an adversary upload a package with the same name on the repository, it can have serious security consequences. Furthermore, the cybersecurity company noted that advanced coding agents and workflows such as Claude Code CLI, OpenAI Codex CLI, and Cursor AI with Model Context Protocol (MCP)-backed validation can help reduce, but not completely eliminate, the risk of slopsquatting. "When agents hallucinate dependencies or install unverified packages, they create an opportunity for slopsquatting attacks, in which malicious actors pre-register those same hallucinated names on public registries," security researcher Sean Park said. "While reasoning-enhanced agents can reduce the rate of phantom suggestions by approximately half, they do not eliminate them entirely. Even the vibe-coding workflow augmented with live MCP validations achieves the lowest rates of slip-through, but still misses edge cases." Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

While we’ve had plenty of superhero games come out over the past decade and a half (and I’m always down for more), most have either been open-world adventures or fighting games. I’m as excited as anyone for the upcoming Marvel Tōkon and Invincible VS, but I’m also ready for a little something different. That’s where Dispatch from AdHoc Studio comes in. Dispatch is a game made for people who enjoy watching a rerun of The Office as a palate cleanser after the bloody battles of Invincible. So, me. You’re cast as Robert Robertson, the former superhero known as Mecha Man. He has to step away from frontline superheroics as the mech suit he relied on was destroyed in battle. Needing a job, he starts work at a dispatch center for superheroes, and the demo takes you through a small, 30-minute chunk of his first day. You’ll notice Dispatch’s crude humor early on. The first thing you can do in Dispatch is give a colleague a “bro fist” at a urinal, and the juvenile jokes don’t stop there. Middle school boys are going to love it, though I’d be lying if I said a few of the jokes didn’t get chuckles from me. Another of Robertson’s co-workers, who also used to be a superhero until his powers caused him to rapidly age, introduces Robertson’s team of misfit heroes, though that term should be used loosely. He notes they’re a “motley crew of dangerous fuck-ups” as Robertson examines their files, each with a mugshot and rapsheet. Robertson isn’t in charge of the Avengers — he’s leading a D-List Suicide Squad. The cast, however, is full of A-listers: Laura Bailey, Matthew Mercer, Aaron Paul, and Jeffrey Wright are among those lending their voices to Dispatch. Much like The Boys, Dispatch plays with the idea of the corporatization of superheroes (though without the satire of and parallels to modern-day politics). These heroes aren’t a lone Spider-Man swinging through Manhattan on patrol — they’re employees waiting for an assignment. Gameplay consists of matching the right (or perhaps “good enough”) hero to the job. Some assignments I saw in the demo included breaking up a robbery, catching a 12-year-old thief, and grabbing a kid’s balloon from a tree while also making sure the kid didn’t cry. Seeing as how one of your misfits is a literal bat man and another looks like a tiefling, you have to choose wisely. The real draw of Dispatch for me isn’t the point-and-click assignment gameplay, but rather the choice-based dialogue. It’s developed by AdHoc Studio, which was formed in 2018 by former developers who had worked on Telltale titles like The Wolf Among Us, The Walking Dead, and Tales from the Borderlands, and you can easily see the throughline from those titles to Dispatch. At various points, you have a limited time to select Robertson’s dialogue, and occasionally a pop-up saying a character “will remember that” appears. How much Robertson’s choices actually have consequences or influence his relationships with others remains to be seen, though I have no doubt those choices will be fun to make. After its reveal at The Game Awards six months ago, Dispatch will be coming to Windows PC and unspecified consoles sometime this year. You can check out its demo now on Steam.