New York City’s Brooklyn-Queens Expressway is falling apart. Built between 1946 and 1964, the urban highway runs 12.1 miles through the heart of the two boroughs to connect on either end with the interstate highway system—a relic of midcentury car-oriented infrastructure, and a prime example of the dwindling lifespan of roads built during that time.  The degradation is most visible—and most pressing—in a section running alongside Brooklyn Heights known as the triple cantilever. This 0.4-mile section, completed in 1954, is unique among U.S. highways in that it juts out from the side of a hill and stacks the two directions of traffic on balcony-like decks, one slightly overhanging the other. A third level holds a well-loved park, the Brooklyn Heights Promenade.  This unusual layer cake of a freeway was a marvel of engineering in its day, though not without controversy. Masterminded by Robert Moses, the city’s all-powerful, often ruthless city planner for more than four decades, the roadway bisects working-class and immigrant neighborhoods that grapple with the health and environmental fallout to this day. Like the reputation of the man who built it, the triple cantilever has aged poorly. Its narrow width, (33.5 feet for the roadway in either direction) has made all but the most basic maintenance incredibly difficult, and its 71-year-old structure is constantly battered by the ever heavier automobiles and trucks. Designed to accommodate around 47,000 vehicles per day, it now carries more than three times that amount. Deteriorating deck joints and failing steel-reinforced concrete have led many to worry the triple cantilever is on the verge of collapse. An expert panel warned in 2020 that the triple cantilever could be unusable by 2026, and only then did interim repairs get made to keep it standing. [Photo: Alex Potemkin/Getty Images] The mounting concern comes amid a 50-year decline in direct government spending on infrastructure in the U.S., according to a recent analysis by Citigroup. Simply maintaining existing infrastructure is a challenge, the report notes. Meanwhile, the American Society of Civil Engineers’ grade for the country’s infrastructure has improved, from a D+ in 2017 to a C in 2025. Now even private credit firms are circling: As reported in Bloomberg, Apollo Global Management estimates that a boom in infrastructure deals help could grow the private debt market up to a staggering $40 trillion.   Independent urban designer Marc Wouters has an idea on how to fix BQE’s cantilever. He’s been working on it for years. “My process is that I always interview people in the community before I do any drawings,” he says. “So I really have listened to pretty much everybody over the past few years.” Unsolicited and developed in his own spare time, Wouters has designed an alternative for the triple cantilever that he named the BQE Streamline Plan. BQE Streamline Plan [Image: courtesy Marc Wouters | Studios/©2025] His concept, based on decades of experience in urban planning, infrastructure, and resilience projects in communities across the country, is relatively simple: extend the width of the two traffic-bearing cantilevers and add support beams to their outside edge, move both directions of traffic onto four lanes on the first level, and turn the second level into a large freeway cap park. Instead of major rebuilding efforts, Wouters’s proposal is more of a reinforcement and expansion, with a High Line-style park plopped on top. Though he’s not an engineer, Wouters is confident that his design would shift enough strain off the existing structure to allow it to continue functioning for the foreseeable future. (What actual engineers think remains to be seen.) “What I’ve done is come up with a plan that happens to be much less invasive, faster to build, a lot cheaper, and it encompasses a lot of what the community wants,” he says. “Yet it still handles the same capacity as the highway does right now.” So what will it take for this outsider’s idea to be considered a viable design alternative? This idea had been brewing in his mind for years. Wouters, who lives near the triple cantilever section of the BQE in Brooklyn Heights, has followed the highway’s planning process for more than a decade.  As complex infrastructure projects go, this one is particularly convoluted. The BQE is overseen by both the state of New York and New York City, among others, with the city in charge of the 1.5-mile section that includes the triple cantilever. This dual ownership has complicated the management of the highway and its funding. The city and the state have launched several efforts over the years to reimagine the highway’s entire length. In winter 2018, the city’s Department of Transportation (NYC DOT) released two proposals to address the ailing cantilever. Not seeing what they wanted from either one, Brooklyn Heights Association, a nonprofit neighborhood group, retained Wouters and his studio to develop an alternative design. He suggested building a temporary parallel bypass that would allow a full closure and repair of the triple cantilever. That proposal, along with competing ideas developed under the previous mayoral administration, went by the wayside in 2022, when the latest BQE redesign process commenced. Wouters found himself following yet another community feedback and planning process for the triple cantilever. The ideas being proposed by the city’s DOT this time around included a plan that would chew into the hillside that currently supports the triple cantilever to move the first tier of traffic directly underneath the second, and add a large girding structure on its open end to hold it all up. Other options included reshaping the retaining wall that currently holds up the triple cantilever, moving traffic below grade into a wide tunnel, or tearing the whole thing down and rebuilding from scratch. Each would be time-consuming and disruptive, and many of them cut into another well-loved public space immediately adjacent to the triple cantilever, Brooklyn Bridge Park. None of these options has anything close to unanimous support. And any of them will cost more than $1 billion—a price tag that hits much harder after the Federal Highway Administration rejected an $800 million grant proposal for fixing the BQE back in early 2024. BQE Streamline Plan [Image: courtesy Marc Wouters | Studios/©2025] Wouters is no highway zealot. In fact, he’s worked on a project heading into construction in Syracuse that will replace an underutilized inner-city highway with a more appropriately sized boulevard and developable land. But he felt sure there was a better way forward—a concept that would work as well in practice as on paper. “I just kept going to meetings and waiting to see what I thought was a progressive solution,” Wouters says. Unimpressed and frustrated, he set out to design it himself. Wouters released the Streamline Plan in March. The concept quickly gathered interest, receiving a flurry of local news coverage. He has since met with various elected officials to discuss it. But as elegant as Wouters’s concept may be, some stakeholders remain unconvinced that the city should be going all in on a reinterpretation of the triple cantilever. What might be more appropriate, critics say, is to make necessary fixes now to keep the triple cantilever safe and functional, and to spend more time thinking about whether this section of highway is even what the city needs in the long term. A group of local organizations is calling for a more comprehensive reconsideration of the BQE under the premise that its harms may be outnumbering its benefits. Launched last spring, the Brooklyn-Queens Expressway Environmental Justice Coalition wants any planning for the future of the BQE to include efforts to address its health and environmental impacts on neighboring communities and to seek an alternative that reconnects communities that have been divided by the corridor. One member of this coalition is the Riders Alliance, a nonprofit focused on improving public transit in New York. Danny Pearlstein, the group’s policy and communications director, says implementing a major redesign of the triple cantilever would just reinforce car dependency in a place that’s actually well served by public transit. The environmental justice coalition’s worry is that rebuilding this one section in a long-term fashion could make it harder for change across the length of the entire BQE and could increase the environmental impact the highway has on the communities that surround it. “This is not just one neighborhood. This is communities up and down the corridor that don’t resemble each other very much in income or background who are united and are standing together for something that’s transformative, rather than doubling down on the old ways,” Pearlstein says. [Photo: ©NYC DOT] Lara Birnback is executive director of the Brooklyn Heights Association, representing a neighborhood of roughly 20,000 people. Her organization, which worked directly with Wouters in the past, is circumspect about his latest concept. “It’s certainly more interesting and responsive to the kinds of things that the community has been asking for when thinking about the BQE. It’s more of those things than we’ve seen from any of the designs that New York City DOT has presented to us through their engagement process,” she says. “But at the end of the day, it’s still a way of preserving more or less the status quo of the BQE as a major interstate highway running through the borough.” She argues it makes more sense to patch up the triple cantilever and use the extra years of service that buys to do a more radical rethinking of the BQE’s future. (For example, one 2020 proposal by the Brooklyn-based architecture studio Light and Air proposed a simple intervention of installing buttresses on the open-air side of the triple cantilever, propping it up with a relatively small addition of material.) “We really strongly encourage the city to move forward immediately with a more short-term stabilization plan for the cantilever, with repairs that would last, for example, 20 to 25 years rather than spending billions and billions of dollars rebuilding it for the next 100 years,” Birnback says. Birnback says a major rebuilding plan like the one Wouters is proposing—for all its community benefits—could end up doing more harm to the city. “I think going forward now with a plan that both embeds the status quo and most likely forecloses on the possibility of real transformation across the corridor is a mistake,” she says. NYC DOT expects to begin its formal environmental review process this year, laying the necessary groundwork for deciding on a plan for what to do with the triple cantilever, either for the short term or the long term. The environmental process will evaluate all concepts equally, according to DOT spokesperson Vincent Barone, who notes that the department is required to review and respond to all feedback that comes in through that process. There is technically nothing holding back Wouters’s proposal from being one of the alternatives considered. And he may have some important political support to help make that happen. Earlier this month, Brooklyn’s Community District 2 board formally supported the plan. They are calling for the city’s transportation department to include it in the BQE’s formal environmental review process when it starts later this year. [Photo: Sinisa Kukic/Getty Images] Wouters argues that his proposal solves the pressing structural problems of the triple cantilever while also opening resources to deal with the highway’s big picture challenges. “The several hundred million dollars of savings is now funding that could go to other parts of the BQE. And there are other parts that are really struggling,” he says. “I’m always thinking about the whole length and about all these other communities, not just this one.” With a new presidential administration and a mayoral primary election in June, what happens with the triple cantilever is very much up in the air. But if the environmental review process begins as planned this year, it only makes sense for every option to fall under consideration. What gets built—or torn down, or reconstructed, or reinterpreted—could reshape part of New York City for generations.

Apple rejected nearly two million apps in 2024, cracking down harder than ever on fraud, spam, and low-effort software.The App Store saw 813 million weekly visitorsThe company rejected 1.93 million app submissions in 2024, according to its App Store Transparency Report, released in May 2025. The annual report outlines how Apple enforces App Store policies and manages content across its global platform.Apple reviewed approximately 7.7 million app submissions in 2024, rejecting over 1.9 million for failing to meet its standards. Nearly one in four were denied, typically for violating rules around performance, design, or business practices. Continue Reading on AppleInsider | Discuss on our Forums

Shenzhen-based 3D printer manufacturer Elegoo has introduced a new RFID Ecosystem for its upcoming printer line, including the upcoming Elegoo Saturn 4 Ultra. This system integrates RFID-tagged resin bottles, an Elegoo-designed scanner, and cloud-connected print profiles. Elegoo has opened a public feedback solicitation on its website and GitHub page to refine the implementation and encourage community input. The company is currently testing several use cases, such as automatic profile loading, material usage tracking, and batch traceability. Elegoo says these features aim to streamline workflow, reduce errors, and assist in quality assurance. However, in a GitHub post, the company emphasized that its RFID system is optional and will not lock users into proprietary materials. An open approach to a closed-loop trend? The Elegoo RFID Ecosystem enters a broader conversation in the additive manufacturing (AM) industry regarding material-locking strategies and proprietary ecosystems. As discussed in a recent 3D Printing Industry analysis, the proliferation of closed systems has triggered renewed debate about interoperability, user autonomy, and long-term value for manufacturers and end-users alike. Elegoo appears to be taking a middle-ground approach: providing automation and traceability features via RFID while maintaining support for third-party materials. In the Elegoo RFID Tag Guide, developers are encouraged to create and test custom tags, with detailed instructions and example code provided to the open-source community. Developer-centric rollout The Elegoo Saturn 4 Ultra, which serves as the first testbed for the RFID system, uses a dedicated RFID reader to retrieve data from tags affixed to resin bottles. These tags store encoded information such as resin name, type, batch number, and print profile metadata. The printer’s firmware can automatically sync this information with cloud-hosted slicer settings for optimal prints. According to the company, future updates may include compatibility with other Elegoo printers and additional features like usage history logging, tamper detection, and resin validation for regulatory compliance. Color scheme guide possibly used for tag classification or UI indication in Elegoo’s RFID material system. Image via Elegoo. A call for collaboration In its official blog post, Elegoo invited users, developers, and material manufacturers to contribute feedback and propose new applications. The company has not yet announced a formal launch date for the ecosystem or its associated hardware. Elegoo, known for its budget-friendly resin and FDM printers, has been expanding its R&D efforts in recent years. With the RFID ecosystem, it now joins other AM firms experimenting with embedded metadata and smart materials integration to support traceability, security, and ease of use. Interoperability and user autonomy The debate about open vs closed ecosystems has increasingly intensified in additive manufacturing discussions. For example, Bambu Lab’s controversial firmware update that introduced new authentication protocols, sparking concerns about third-party compatibility and user autonomy. Subsequent coverage highlighted pushback from the open-source community, including Orca Slicer developers, who rejected integration with Bambu Connect over transparency and access concerns. These cases underscore how interoperability is not only a technical issue, but a strategic and ideological one shaping the future of the AM sector.RFID in 3D printing While RFID integration is more common in logistics and supply chain management, researchers and companies are beginning to explore its potential in 3D printing. Scientists at Swinburne University developed biosensing RFID tags using 3D printed hybrid liquids, enabling applications in health diagnostics and environmental sensing. Meanwhile, materials firm Supernova unveiled a new resin cartridge system embedded with RFID to improve compatibility and process control in high-viscosity 3D printing platforms. These developments suggest that RFID could play a growing role in material authentication, traceability, and automated workflow management within additive manufacturing ecosystems.Subscribe to the 3D Printing Industry newsletter to keep up with the latest 3D printing news. You can also follow us onLinkedIn and subscribe to the 3D Printing Industry YouTube channel to access more exclusive content. At 3DPI, our mission is to deliver high-quality journalism, technical insight, and industry intelligence to professionals across the AM ecosystem.Help us shape the future of 3D printing industry news with our2025 reader survey. Featured image shows Elegoo RFID system displayed on a resin bottle, designed to communicate encoded material data to the printer. Image via Elegoo.

Sometimes, you've to set aside everything you've been taught in order to truly tap into your creativity. It's a brave move but one that has certainly led to big things for Berlin-based illustrator Marc Majewski. In 2024, he won the Best Illustrated Children's Book award from The New York Times and the New York Public Library for As Edward Imagined, and he's currently an in–demand artist in both children's publishing and editorial illustration. Marc grew up in the French Alps, near the border with Switzerland, surrounded by nature and with a great love of traditional picture book illustration, which was fed by his aunt. To reach his dream of becoming an illustrator, he trained the classical way, learning to paint highly realistic imagery – what everyone would call "good illustration". But something wasn't right. This just wasn't him. On the side, he would create the loose, playful sketches he loved but never conceived of them as proper illustrations. Marc's new book Parks is out 5 June. "Then I had a moment where I decided I wanted to paint and create with the same joy and freedom I had felt as a child," says Marc. "I stopped making pictures the way I'd been taught and started painting the way I did in my sketchbooks, directly with paint. The result was much livelier and more joyful illustrations." One epiphany was followed by another when he wrote and illustrated Butterfly Child. This wasn't the first book he'd worked on, but to Marc, it felt like it was. He continues: "The book touches on what it was like to be a queer kid in the countryside and on bullying – so parts of me felt like the child in the book. I think making any book is a vulnerable process, but creating something that explores more personal parts of ourselves can trigger a lot. In my case, the fear of being rejected, shamed, or bullied – which are experiences many kids, and especially queer kids, go through." Published in 2022, it has been translated into 10 languages and resonates with children around the world, supporting kids and encouraging them to express who they really are. From Butterfly Child. Marc is drawn to stories that bring that bring nature and creativity together. He grew up in the Alps, and nature continues to inspire him. In Butterfly Child, As Edward Imagined, and Peter Pan, he explores characters who build, craft, and imagine things, bringing their storybook worlds to life; his simple, Lowry-like figures burst with enthusiasm. Peter Pan is one of his favourites so far. "I knew the story before I started the project, but as I dove deeper into it, I began learning about Barrie's life and how much of it was woven into Peter Pan. That really resonated with me and my own work. I was also inspired by the author's playful spirit – how he balanced lightness and whimsy with meaning and depth," says Marc. From Peter Pan. Return of the Wolves. In future, he'd love to work on a film, and Hayao Miyazaki has always been a big influence. If there's one thing he wants to avoid, it's getting too comfortable or set in his ways. "It's important for me to stay connected to that feeling I had when I first embraced the childlike process of painting and to keep my mind open to playful exploration," says Marc.

The web is beginning to part ways with third-party cookies, a technology it once heavily relied on. Introduced in 1994 by Netscape to support features like virtual shopping carts, cookies have long been a staple of web functionality. However, concerns over privacy and security have led to a concerted effort to eliminate them. The World Wide Web Consortium Technical Architecture Group (W3C TAG) has been vocal in advocating for the complete removal of third-party cookies from the web platform. Major browsers (Chrome, Safari, Firefox, and Edge) are responding by phasing them out, though the transition is gradual. While this shift enhances user privacy, it also disrupts legitimate functionalities that rely on third-party cookies, such as single sign-on (SSO), fraud prevention, and embedded services. And because there is still no universal ban in place and many essential web features continue to depend on these cookies, developers must detect when third-party cookies are blocked so that applications can respond gracefully. Don’t Let Silent Failures Win: Why Cookie Detection Still Matters Yes, the ideal solution is to move away from third-party cookies altogether and redesign our integrations using privacy-first, purpose-built alternatives as soon as possible. But in reality, that migration can take months or even years, especially for legacy systems or third-party vendors. Meanwhile, users are already browsing with third-party cookies disabled and often have no idea that anything is missing. Imagine a travel booking platform that embeds an iframe from a third-party partner to display live train or flight schedules. This embedded service uses a cookie on its own domain to authenticate the user and personalize content, like showing saved trips or loyalty rewards. But when the browser blocks third-party cookies, the iframe cannot access that data. Instead of a seamless experience, the user sees an error, a blank screen, or a login prompt that doesn’t work. And while your team is still planning a long-term integration overhaul, this is already happening to real users. They don’t see a cookie policy; they just see a broken booking flow. Detecting third-party cookie blocking isn’t just good technical hygiene but a frontline defense for user experience. Why It’s Hard To Tell If Third-Party Cookies Are Blocked Detecting whether third-party cookies are supported isn’t as simple as calling navigator.cookieEnabled. Even a well-intentioned check like this one may look safe, but it still won’t tell you what you actually need to know: // DOES NOT detect third-party cookie blocking function areCookiesEnabled() { if (navigator.cookieEnabled === false) { return false; } try { document.cookie = "test_cookie=1; SameSite=None; Secure"; const hasCookie = document.cookie.includes("test_cookie=1"); document.cookie = "test_cookie=; Max-Age=0; SameSite=None; Secure"; return hasCookie; } catch (e) { return false; } } This function only confirms that cookies work in the current (first-party) context. It says nothing about third-party scenarios, like an iframe on another domain. Worse, it’s misleading: in some browsers, navigator.cookieEnabled may still return true inside a third-party iframe even when cookies are blocked. Others might behave differently, leading to inconsistent and unreliable detection. These cross-browser inconsistencies — combined with the limitations of document.cookie — make it clear that there is no shortcut for detection. To truly detect third-party cookie blocking, we need to understand how different browsers actually behave in embedded third-party contexts. How Modern Browsers Handle Third-Party Cookies The behavior of modern browsers directly affects which detection methods will work and which ones silently fail. Safari: Full Third-Party Cookie Blocking Since version 13.1, Safari blocks all third-party cookies by default, with no exceptions, even if the user previously interacted with the embedded domain. This policy is part of Intelligent Tracking Prevention (ITP). For embedded content (such as an SSO iframe) that requires cookie access, Safari exposes the Storage Access API, which requires a user gesture to grant storage permission. As a result, a test for third-party cookie support will nearly always fail in Safari unless the iframe explicitly requests access via this API. Firefox: Cookie Partitioning By Design Firefox’s Total Cookie Protection isolates cookies on a per-site basis. Third-party cookies can still be set and read, but they are partitioned by the top-level site, meaning a cookie set by the same third-party on siteA.com and siteB.com is stored separately and cannot be shared. As of Firefox 102, this behavior is enabled by default in the Standard (default) mode of Enhanced Tracking Protection. Unlike the Strict mode — which blocks third-party cookies entirely, similar to Safari — the Standard mode does not block them outright. Instead, it neutralizes their tracking capability by isolating them per site. As a result, even if a test shows that a third-party cookie was successfully set, it may be useless for cross-site logins or shared sessions due to this partitioning. Detection logic needs to account for that. Chrome: From Deprecation Plans To Privacy Sandbox (And Industry Pushback) Chromium-based browsers still allow third-party cookies by default — but the story is changing. Starting with Chrome 80, third-party cookies must be explicitly marked with SameSite=None; Secure, or they will be rejected. In January 2020, Google announced their intention to phase out third-party cookies by 2022. However, the timeline was updated multiple times, first in June 2021 when the company pushed the rollout to begin in mid-2023 and conclude by the end of that year. Additional postponements followed in July 2022, December 2023, and April 2024. In July 2024, Google has clarified that there is no plan to unilaterally deprecate third-party cookies or force users into a new model without consent. Instead, Chrome is shifting to a user-choice interface that will allow individuals to decide whether to block or allow third-party cookies globally. This change was influenced in part by substantial pushback from the advertising industry, as well as ongoing regulatory oversight, including scrutiny by the UK Competition and Markets Authority (CMA) into Google’s Privacy Sandbox initiative. The CMA confirmed in a 2025 update that there is no intention to force a deprecation or trigger automatic prompts for cookie blocking. As for now, third-party cookies remain enabled by default in Chrome. The new user-facing controls and the broader Privacy Sandbox ecosystem are still in various stages of experimentation and limited rollout. Edge (Chromium-Based): Tracker-Focused Blocking With User Configurability Edge (which is a Chromium-based browser) shares Chrome’s handling of third-party cookies, including the SameSite=None; Secure requirement. Additionally, Edge introduces Tracking Prevention modes: Basic, Balanced (default), and Strict. In Balanced mode, it blocks known third-party trackers using Microsoft’s maintained list but allows many third-party cookies that are not classified as trackers. Strict mode blocks more resource loads than Balanced, which may result in some websites not behaving as expected. Other Browsers: What About Them? Privacy-focused browsers, like Brave, block third-party cookies by default as part of their strong anti-tracking stance. Internet Explorer (IE) 11 allowed third-party cookies depending on user privacy settings and the presence of Platform for Privacy Preferences (P3P) headers. However, IE usage is now negligible. Notably, the default “Medium” privacy setting in IE could block third-party cookies unless a valid P3P policy was present. Older versions of Safari had partial third-party cookie restrictions (such as “Allow from websites I visit”), but, as mentioned before, this was replaced with full blocking via ITP. As of 2025, all major browsers either block or isolate third-party cookies by default, with the exception of Chrome, which still allows them in standard browsing mode pending the rollout of its new user-choice model. To account for these variations, your detection strategy must be grounded in real-world testing — specifically by reproducing a genuine third-party context such as loading your script within an iframe on a cross-origin domain — rather than relying on browser names or versions. Overview Of Detection Techniques Over the years, many techniques have been used to detect third-party cookie blocking. Most are unreliable or obsolete. Here’s a quick walkthrough of what doesn’t work (and why) and what does. Basic JavaScript API Checks (Misleading) As mentioned earlier, the navigator.cookieEnabled or setting document.cookie on the main page doesn’t reflect cross-site cookie status: In third-party iframes, navigator.cookieEnabled often returns true even when cookies are blocked. Setting document.cookie in the parent doesn’t test the third-party context. These checks are first-party only. Avoid using them for detection. Storage Hacks Via localStorage (Obsolete) Previously, some developers inferred cookie support by checking if window.localStorage worked inside a third-party iframe — which is especially useful against older Safari versions that blocked all third-party storage. Modern browsers often allow localStorage even when cookies are blocked. This leads to false positives and is no longer reliable. Server-Assisted Cookie Probe (Heavyweight) One classic method involves setting a cookie from a third-party domain via HTTP and then checking if it comes back: Load a script/image from a third-party server that sets a cookie. Immediately load another resource, and the server checks whether the cookie was sent. This works, but it: Requires custom server-side logic, Depends on HTTP caching, response headers, and cookie attributes (SameSite=None; Secure), and Adds development and infrastructure complexity. While this is technically valid, it is not suitable for a front-end-only approach, which is our focus here. Storage Access API (Supplemental Signal) The document.hasStorageAccess() method allows embedded third-party content to check if it has access to unpartitioned cookies: ChromeSupports hasStorageAccess() and requestStorageAccess() starting from version 119. Additionally, hasUnpartitionedCookieAccess() is available as an alias for hasStorageAccess() from version 125 onwards. FirefoxSupports both hasStorageAccess() and requestStorageAccess() methods. SafariSupports the Storage Access API. However, access must always be triggered by a user interaction. For example, even calling requestStorageAccess() without a direct user gesture (like a click) is ignored. Chrome and Firefox also support the API, and in those browsers, it may work automatically or based on browser heuristics or site engagement. This API is particularly useful for detecting scenarios where cookies are present but partitioned (e.g., Firefox’s Total Cookie Protection), as it helps determine if the iframe has unrestricted cookie access. But for now, it’s still best used as a supplemental signal, rather than a standalone check. iFrame + postMessage (Best Practice) Despite the existence of the Storage Access API, at the time of writing, this remains the most reliable and browser-compatible method: Embed a hidden iframe from a third-party domain. Inside the iframe, attempt to set a test cookie. Use window.postMessage to report success or failure to the parent. This approach works across all major browsers (when properly configured), requires no server (kind of, more on that next), and simulates a real-world third-party scenario. We’ll implement this step-by-step next. Bonus: Sec-Fetch-Storage-Access Chrome (starting in version 133) is introducing Sec-Fetch-Storage-Access, an HTTP request header sent with cross-site requests to indicate whether the iframe has access to unpartitioned cookies. This header is only visible to servers and cannot be accessed via JavaScript. It’s useful for back-end analytics but not applicable for client-side cookie detection. As of May 2025, this feature is only implemented in Chrome and is not supported by other browsers. However, it’s still good to know that it’s part of the evolving ecosystem. Step-by-Step: Detecting Third-Party Cookies Via iFrame So, what did I mean when I said that the last method we looked at “requires no server”? While this method doesn’t require any back-end logic (like server-set cookies or response inspection), it does require access to a separate domain — or at least a cross-site subdomain — to simulate a third-party environment. This means the following: You must serve the test page from a different domain or public subdomain, e.g., example.com and cookietest.example.com, The domain needs HTTPS (for SameSite=None; Secure cookies to work), and You’ll need to host a simple static file (the test page), even if no server code is involved. Once that’s set up, the rest of the logic is fully client-side. Step 1: Create A Cookie Test Page (On A Third-Party Domain) Minimal version (e.g., https://cookietest.example.com/cookie-check.html): <!DOCTYPE html> <html> <body> <script> document.cookie = "thirdparty_test=1; SameSite=None; Secure; Path=/;"; const cookieFound = document.cookie.includes("thirdparty_test=1"); const sendResult = (status) => window.parent?.postMessage(status, "*"); if (cookieFound && document.hasStorageAccess instanceof Function) { document.hasStorageAccess().then((hasAccess) => { sendResult(hasAccess ? "TP_COOKIE_SUPPORTED" : "TP_COOKIE_BLOCKED"); }).catch(() => sendResult("TP_COOKIE_BLOCKED")); } else { sendResult(cookieFound ? "TP_COOKIE_SUPPORTED" : "TP_COOKIE_BLOCKED"); } </script> </body> </html> Make sure the page is served over HTTPS, and the cookie uses SameSite=None; Secure. Without these attributes, modern browsers will silently reject it. Step 2: Embed The iFrame And Listen For The Result On your main page: function checkThirdPartyCookies() { return new Promise((resolve) => { const iframe = document.createElement('iframe'); iframe.style.display = 'none'; iframe.src = "https://cookietest.example.com/cookie-check.html"; // your subdomain document.body.appendChild(iframe); let resolved = false; const cleanup = (result, timedOut = false) => { if (resolved) return; resolved = true; window.removeEventListener('message', onMessage); iframe.remove(); resolve({ thirdPartyCookiesEnabled: result, timedOut }); }; const onMessage = (event) => { if (["TP_COOKIE_SUPPORTED", "TP_COOKIE_BLOCKED"].includes(event.data)) { cleanup(event.data === "TP_COOKIE_SUPPORTED", false); } }; window.addEventListener('message', onMessage); setTimeout(() => cleanup(false, true), 1000); }); } Example usage: checkThirdPartyCookies().then(({ thirdPartyCookiesEnabled, timedOut }) => { if (!thirdPartyCookiesEnabled) { someCookiesBlockedCallback(); // Third-party cookies are blocked. if (timedOut) { // No response received (iframe possibly blocked). // Optional fallback UX goes here. someCookiesBlockedTimeoutCallback(); }; } }); Step 3: Enhance Detection With The Storage Access API In Safari, even when third-party cookies are blocked, users can manually grant access through the Storage Access API — but only in response to a user gesture. Here’s how you could implement that in your iframe test page: <button id="enable-cookies">This embedded content requires cookie access. Click below to continue.</button> <script> document.getElementById('enable-cookies')?.addEventListener('click', async () => { if (document.requestStorageAccess && typeof document.requestStorageAccess === 'function') { try { const granted = await document.requestStorageAccess(); if (granted !== false) { window.parent.postMessage("TP_STORAGE_ACCESS_GRANTED", "*"); } else { window.parent.postMessage("TP_STORAGE_ACCESS_DENIED", "*"); } } catch (e) { window.parent.postMessage("TP_STORAGE_ACCESS_FAILED", "*"); } } }); </script> Then, on the parent page, you can listen for this message and retry detection if needed: // Inside the same onMessage listener from before: if (event.data === "TP_STORAGE_ACCESS_GRANTED") { // Optionally: retry the cookie test, or reload iframe logic checkThirdPartyCookies().then(handleResultAgain); } (Bonus) A Purely Client-Side Fallback (Not Perfect, But Sometimes Necessary) In some situations, you might not have access to a second domain or can’t host third-party content under your control. That makes the iframe method unfeasible. When that’s the case, your best option is to combine multiple signals — basic cookie checks, hasStorageAccess(), localStorage fallbacks, and maybe even passive indicators like load failures or timeouts — to infer whether third-party cookies are likely blocked. The important caveat: This will never be 100% accurate. But, in constrained environments, “better something than nothing” may still improve the UX. Here’s a basic example: async function inferCookieSupportFallback() { let hasCookieAPI = navigator.cookieEnabled; let canSetCookie = false; let hasStorageAccess = false; try { document.cookie = "testfallback=1; SameSite=None; Secure; Path=/;"; canSetCookie = document.cookie.includes("test_fallback=1"); document.cookie = "test_fallback=; Max-Age=0; Path=/;"; } catch (_) { canSetCookie = false; } if (typeof document.hasStorageAccess === "function") { try { hasStorageAccess = await document.hasStorageAccess(); } catch (_) {} } return { inferredThirdPartyCookies: hasCookieAPI && canSetCookie && hasStorageAccess, raw: { hasCookieAPI, canSetCookie, hasStorageAccess } }; } Example usage: inferCookieSupportFallback().then(({ inferredThirdPartyCookies }) => { if (inferredThirdPartyCookies) { console.log("Cookies likely supported. Likely, yes."); } else { console.warn("Cookies may be blocked or partitioned."); // You could inform the user or adjust behavior accordingly } }); Use this fallback when: You’re building a JavaScript-only widget embedded on unknown sites, You don’t control a second domain (or the team refuses to add one), or You just need some visibility into user-side behavior (e.g., debugging UX issues). Don’t rely on it for security-critical logic (e.g., auth gating)! But it may help tailor the user experience, surface warnings, or decide whether to attempt a fallback SSO flow. Again, it’s better to have something rather than nothing. Fallback Strategies When Third-Party Cookies Are Blocked Detecting blocked cookies is only half the battle. Once you know they’re unavailable, what can you do? Here are some practical options that might be useful for you: Redirect-Based Flows For auth-related flows, switch from embedded iframes to top-level redirects. Let the user authenticate directly on the identity provider's site, then redirect back. It works in all browsers, but the UX might be less seamless. Request Storage Access Prompt the user using requestStorageAccess() after a clear UI gesture (Safari requires this). Use this to re-enable cookies without leaving the page. Token-Based Communication Pass session info directly from parent to iframe via: postMessage (with required origin); Query params (e.g., signed JWT in iframe URL). This avoids reliance on cookies entirely but requires coordination between both sides: // Parent const iframe = document.getElementById('my-iframe'); iframe.onload = () => { const token = getAccessTokenSomehow(); // JWT or anything else iframe.contentWindow.postMessage( { type: 'AUTH_TOKEN', token }, 'https://iframe.example.com' // Set the correct origin! ); }; // iframe window.addEventListener('message', (event) => { if (event.origin !== 'https://parent.example.com') return; const { type, token } = event.data; if (type === 'AUTH_TOKEN') { validateAndUseToken(token); // process JWT, init session, etc } }); Partitioned Cookies (CHIPS) Chrome (since version 114) and other Chromium-based browsers now support cookies with the Partitioned attribute (known as CHIPS), allowing per-top-site cookie isolation. This is useful for widgets like chat or embedded forms where cross-site identity isn’t needed. Note: Firefox and Safari don’t support the Partitioned cookie attribute. Firefox enforces cookie partitioning by default using a different mechanism (Total Cookie Protection), while Safari blocks third-party cookies entirely. But be careful, as they are treated as “blocked” by basic detection. Refine your logic if needed. Final Thought: Transparency, Transition, And The Path Forward Third-party cookies are disappearing, albeit gradually and unevenly. Until the transition is complete, your job as a developer is to bridge the gap between technical limitations and real-world user experience. That means: Keep an eye on the standards.APIs like FedCM and Privacy Sandbox features (Topics, Attribution Reporting, Fenced Frames) are reshaping how we handle identity and analytics without relying on cross-site cookies. Combine detection with graceful fallback.Whether it’s offering a redirect flow, using requestStorageAccess(), or falling back to token-based messaging — every small UX improvement adds up. Inform your users.Users shouldn't be left wondering why something worked in one browser but silently broke in another. Don’t let them feel like they did something wrong — just help them move forward. A clear, friendly message can prevent this confusion. The good news? You don’t need a perfect solution today, just a resilient one. By detecting issues early and handling them thoughtfully, you protect both your users and your future architecture, one cookie-less browser at a time. And as seen with Chrome’s pivot away from automatic deprecation, the transition is not always linear. Industry feedback, regulatory oversight, and evolving technical realities continue to shape the time and the solutions. And don’t forget: having something is better than nothing.

Cyber threats don't show up one at a time anymore. They're layered, planned, and often stay hidden until it's too late. For cybersecurity teams, the key isn't just reacting to alerts—it's spotting early signs of trouble before they become real threats. This update is designed to deliver clear, accurate insights based on real patterns and changes we can verify. With today's complex systems, we need focused analysis—not noise. What you'll see here isn't just a list of incidents, but a clear look at where control is being gained, lost, or quietly tested. ⚡ Threat of the Week Lumma Stealer, DanaBot Operations Disrupted — A coalition of private sector companies and law enforcement agencies have taken down the infrastructure associated with Lumma Stealer and DanaBot. Charges have also been unsealed against 16 individuals for their alleged involvement in the development and deployment of DanaBot. The malware is equipped to siphon data from victim computers, hijack banking sessions, and steal device information. More uniquely, though, DanaBot has also been used for hacking campaigns that appear to be linked to Russian state-sponsored interests. All of that makes DanaBot a particularly clear example of how commodity malware has been repurposed by Russian state hackers for their own goals. In tandem, about 2,300 domains that acted as the command-and-control (C2) backbone for the Lumma information stealer have been seized, alongside taking down 300 servers and neutralizing 650 domains that were used to launch ransomware attacks. The actions against international cybercrime in the past few days constituted the latest phase of Operation Endgame. Get the Guide ➝ 🔔 Top News Threat Actors Use TikTok Videos to Distribute Stealers — While ClickFix has become a popular social engineering tactic to deliver malware, threat actors have been observed using artificial intelligence (AI)-generated videos uploaded to TikTok to deceive users into running malicious commands on their systems and deploy malware like Vidar and StealC under the guise of activating pirated version of Windows, Microsoft Office, CapCut, and Spotify. "This campaign highlights how attackers are ready to weaponize whichever social media platforms are currently popular to distribute malware," Trend Micro said. APT28 Hackers Target Western Logistics and Tech Firms — Several cybersecurity and intelligence agencies from Australia, Europe, and the United States issued a joint alert warning of a state-sponsored campaign orchestrated by the Russian state-sponsored threat actor APT28 targeting Western logistics entities and technology companies since 2022. "This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors' wide scale targeting of IP cameras in Ukraine and bordering NATO nations," the agencies said. The attacks are designed to steal sensitive information and maintain long-term persistence on compromised hosts. Chinese Threat Actors Exploit Ivanti EPMM Flaws — The China-nexus cyber espionage group tracked as UNC5221 has been attributed to the exploitation of a pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software (CVE-2025-4427 and CVE-2025-4428) to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The intrusions leverage the vulnerabilities to obtain a reverse shell and drop malicious payloads like KrustyLoader, which is known to deliver the Sliver command-and-control (C2) framework. "UNC5221 demonstrates a deep understanding of EPMM's internal architecture, repurposing legitimate system components for covert data exfiltration," EclecticIQ said. "Given EPMM's role in managing and pushing configurations to enterprise mobile devices, a successful exploitation could allow threat actors to remotely access, manipulate, or compromise thousands of managed devices across an organization." Over 100 Google Chrome Extensions Mimic Popular Tools — An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities such as DeepSeek, Manus, DeBank, FortiVPN, and Site Stats but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. Links to these browser add-ons are hosted on specially crafted sites to which users are likely redirected to via phishing and social media posts. While the extensions appear to offer the advertised features, they also stealthily facilitate credential and cookie theft, session hijacking, ad injection, malicious redirects, traffic manipulation, and phishing via DOM manipulation. Several of these extensions have been taken down by Google. CISA Warns of SaaS Providers of Attacks Targeting Cloud Environments — The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that SaaS companies are under threat from bad actors who are on the prowl for cloud applications with default configurations and elevated permissions. While the agency did not attribute the activity to a specific group, the advisory said enterprise backup platform Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault's (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure," CISA said. "This provided the threat actors with unauthorized access to Commvault's customers' M365 environments that have application secrets stored by Commvault." GitLab AI Coding Assistant Flaws Could Be Used to Inject Malicious Code — Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. The attack could also leak confidential issue data, such as zero-day vulnerability details. All that's required is for the attacker to instruct the chatbot to interact with a merge request (or commit, issue, or source code) by taking advantage of the fact that GitLab Duo has extensive access to the platform. "By embedding hidden instructions in seemingly harmless project content, we were able to manipulate Duo's behavior, exfiltrate private source code, and demonstrate how AI responses can be leveraged for unintended and harmful outcomes," Legit Security said. One variation of the attack involved hiding a malicious instruction in an otherwise legitimate piece of source code, while another exploited Duo's parsing of markdown responses in real-time asynchronously. An attacker could leverage this behavior – that Duo begins rendering the output line by line rather than waiting until the entire response is generated and sending it all at once – to introduce malicious HTML code that can access sensitive data and exfiltrate the information to a remote server. The issues have been patched by GitLab following responsible disclosure. ‎️‍🔥 Trending CVEs Software vulnerabilities remain one of the simplest—and most effective—entry points for attackers. Each week uncovers new flaws, and even small delays in patching can escalate into serious security incidents. Staying ahead means acting fast. Below is this week's list of high-risk vulnerabilities that demand attention. Review them carefully, apply updates without delay, and close the doors before they're forced open. This week's list includes — CVE-2025-34025, CVE-2025-34026, CVE-2025-34027 (Versa Concerto), CVE-2025-30911 (RomethemeKit For Elementor WordPress plugin), CVE-2024-57273, CVE-2024-54780, and CVE-2024-54779 (pfSense), CVE-2025-41229 (VMware Cloud Foundation), CVE-2025-4322 (Motors WordPress theme), CVE-2025-47934 (OpenPGP.js), CVE-2025-30193 (PowerDNS), CVE-2025-0993 (GitLab), CVE-2025-36535 (AutomationDirect MB-Gateway), CVE-2025-47949 (Samlify), CVE-2025-40775 (BIND DNS), CVE-2025-20152 (Cisco Identity Services Engine), CVE-2025-4123 (Grafana), CVE-2025-5063 (Google Chrome), CVE-2025-37899 (Linux Kernel), CVE-2025-26817 (Netwrix Password Secure), CVE-2025-47947 (ModSecurity), CVE-2025-3078, CVE-2025-3079 (Canon Printers), and CVE-2025-4978 (NETGEAR). 📰 Around the Cyber World Sandworm Drops New Wiper in Ukraine — The Russia-aligned Sandworm group intensified destructive operations against Ukrainian energy companies, deploying a new wiper named ZEROLOT. "The infamous Sandworm group concentrated heavily on compromising Ukrainian energy infrastructure. In recent cases, it deployed the ZEROLOT wiper in Ukraine. For this, the attackers abused Active Directory Group Policy in the affected organizations," ESET Director of Threat Research, Jean-Ian Boutin, said. Another Russian hacking group, Gamaredon, remained the most prolific actor targeting the East European nation, enhancing malware obfuscation and introducing PteroBox, a file stealer leveraging Dropbox. Signal Says No to Recall — Signal has released a new version of its messaging app for Windows that, by default, blocks the ability of Windows to use Recall to periodically take screenshots of the app. "Although Microsoft made several adjustments over the past twelve months in response to critical feedback, the revamped version of Recall still places any content that's displayed within privacy-preserving apps like Signal at risk," Signal said. "As a result, we are enabling an extra layer of protection by default on Windows 11 in order to help maintain the security of Signal Desktop on that platform even though it introduces some usability trade-offs. Microsoft has simply given us no other option." Microsoft began officially rolling out Recall last month. Russia Introduces New Law to Track Foreigners Using Their Smartphones — The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. This includes gathering their real-time locations, fingerprint, face photograph, and residential information. "The adopted mechanism will allow, using modern technologies, to strengthen control in the field of migration and will also contribute to reducing the number of violations and crimes in this area," Vyacheslav Volodin, chairman of the State Duma, said. "If migrants change their actual place of residence, they will be required to inform the Ministry of Internal Affairs (MVD) within three working days." A proposed four-year trial period begins on September 1, 2025, and runs until September 1, 2029. Dutch Government Passes Law to Criminalize Cyber Espionage — The Dutch government has approved a law criminalizing a wide range of espionage activities, including digital espionage, in an effort to protect national security, critical infrastructure, and high-quality technologies. Under the amended law, leaking sensitive information that is not classified as a state secret or engaging in activities on behalf of a foreign government that harm Dutch interests can also result in criminal charges. "Foreign governments are also interested in non-state-secret, sensitive information about a particular economic sector or about political decision-making," the government said. "Such information can be used to influence political processes, weaken the Dutch economy or play allies against each other. Espionage can also involve actions other than sharing information." Microsoft Announces Availability of Quantum-Resistant Algorithms to SymCrypt — Microsoft has revealed that it's making post-quantum cryptography (PQC) capabilities, including ML-KEM and ML-DSA, available for Windows Insiders, Canary Channel Build 27852 and higher, and Linux, SymCrypt-OpenSSL version 1.9.0. "This advancement will enable customers to commence their exploration and experimentation of PQC within their operational environments," Microsoft said. "By obtaining early access to PQC capabilities, organizations can proactively assess the compatibility, performance, and integration of these novel algorithms alongside their existing security infrastructure." New Malware DOUBLELOADER Uses ALCATRAZ for Obfuscation — The open-source obfuscator ALCATRAZ has been seen within a new generic loader dubbed DOUBLELOADER, which has been deployed alongside Rhadamanthys Stealer infections starting December 2024. The malware collects host information, requests an updated version of itself, and starts beaconing to a hardcoded IP address (185.147.125[.]81) stored within the binary. "Obfuscators such as ALCATRAZ end up increasing the complexity when triaging malware," Elastic Security Labs said. "Its main goal is to hinder binary analysis tools and increase the time of the reverse engineering process through different techniques; such as hiding the control flow or making decompilation hard to follow." New Formjacking Campaign Targets WooCommerce Sites — Cybersecurity researchers have detected a sophisticated formjacking campaign targeting WooCommerce sites. The malware, per Wordfence, injects a fake but professional-looking payment form into legitimate checkout processes and exfiltrates sensitive customer data to an external server. Further analysis has revealed that the infection likely originated from a compromised WordPress admin account, which was used to inject malicious JavaScript via a Simple Custom CSS and JS plugin (or something similar) that allows administrators to add custom code. "Unlike traditional card skimmers that simply overlay existing forms, this variant carefully integrates with the WooCommerce site's design and payment workflow, making it particularly difficult for site owners and users to detect," the WordPress security company said. "The malware author repurposed the browser's localStorage mechanism – typically used by websites to remember user preferences – to silently store stolen data and maintain access even after page reloads or when navigating away from the checkout page." E.U. Sanctions Stark Industries — The European Union (E.U.) has announced sanctions against 21 individuals and six entities in Russia over its "destabilising actions" in the region. One of the sanctioned entities is Stark Industries, a bulletproof hosting provider that has been accused of acting as "enablers of various Russian state-sponsored and affiliated actors to conduct destabilising activities including, information manipulation interference and cyber attacks against the Union and third countries." The sanctions also target its CEO Iurie Neculiti and owner Ivan Neculiti. Stark Industries was previously spotlighted by independent cybersecurity journalist Brian Krebs, detailing its use in DDoS attacks in Ukraine and across Europe. In August 2024, Team Cymru said it discovered 25 Stark-assigned IP addresses used to host domains associated with FIN7 activities and that it had been working with Stark Industries for several months to identify and reduce abuse of their systems. The sanctions have also targeted Kremlin-backed manufacturers of drones and radio communication equipment used by the Russian military, as well as those involved in GPS signal jamming in Baltic states and disrupting civil aviation. The Mask APT Unmasked as Tied to the Spanish Government — The mysterious threat actor known as The Mask (aka Careto) has been identified as run by the Spanish government, according to a report published by TechCrunch, citing people who worked at Kaspersky at the time and had knowledge of the investigation. The Russian cybersecurity company first exposed the hacking group in 2014, linking it to highly sophisticated attacks since at least 2007 targeting high-profile organizations, such as governments, diplomatic entities, and research institutions. A majority of the group's attacks have targeted Cuba, followed by hundreds of victims in Brazil, Morocco, Spain, and Gibraltar. While Kaspersky has not publicly attributed it to a specific country, the latest revelation makes The Mask one of the few Western government hacking groups that has ever been discussed in public. This includes the Equation Group, the Lamberts (the U.S.), and Animal Farm (France). Social Engineering Scams Target Coinbase Users — Earlier this month, cryptocurrency exchange Coinbase revealed that it was the victim of a malicious attack perpetrated by unknown threat actors to breach its systems by bribing customer support agents in India and siphon funds from nearly 70,000 customers. According to Blockchain security firm SlowMist, Coinbase users have been the target of social engineering scams since the start of the year, bombarding with SMS messages claiming to be fake withdrawal requests and seeking their confirmation as part of a "sustained and organized scam campaign." The goal is to induce a false sense of urgency and trick them into calling a number, eventually convincing them to transfer the funds to a secure wallet with a seed phrase pre-generated by the attackers and ultimately drain the assets. It's assessed that the activities are primarily carried out by two groups: low-level skid attackers from the Com community and organized cybercrime groups based in India. "Using spoofed PBX phone systems, scammers impersonate Coinbase support and claim there's been 'unauthorized access' or 'suspicious withdrawals' on the user's account," SlowMist said. "They create a sense of urgency, then follow up with phishing emails or texts containing fake ticket numbers or 'recovery links.'" Delta Can Sue CrowdStrike Over July 2024 Mega Outage — Delta Air Lines, which had its systems crippled and almost 7,000 flights canceled in the wake of a massive outage caused by a faulty update issued by CrowdStrike in mid-July 2024, has been given the green light to pursue to its lawsuit against the cybersecurity company. A judge in the U.S. state of Georgia stating Delta can try to prove that CrowdStrike was grossly negligent by pushing a defective update to its Falcon software to customers. The update crashed 8.5 million Windows devices across the world. Crowdstrike previously claimed that the airline had rejected technical support offers both from itself and Microsoft. In a statement shared with Reuters, lawyers representing CrowdStrike said they were "confident the judge will find Delta's case has no merit, or will limit damages to the 'single-digit millions of dollars' under Georgia law." The development comes months after MGM Resorts International agreed to pay $45 million to settle multiple class-action lawsuits related to a data breach in 2019 and a ransomware attack the company experienced in 2023. Storm-1516 Uses AI-Generated Media to Spread Disinformation — The Russian influence operation known as Storm-1516 (aka CopyCop) sought to spread narratives that undermined the European support for Ukraine by amplifying fabricated stories on X about European leaders using drugs while traveling by train to Kyiv for peace talks. One of the posts was subsequently shared by Russian state media and Maria Zakharova, a senior official in Russia's foreign ministry, as part of what has been described as a coordinated disinformation campaign by EclecticIQ. The activity is also notable for the use of synthetic content depicting French President Emmanuel Macron, U.K. Labour Party leader Keir Starmer, and German chancellor Friedrich Merz of drug possession during their return from Ukraine. "By attacking the reputation of these leaders, the campaign likely aimed to turn their own voters against them, using influence operations (IO) to reduce public support for Ukraine by discrediting the politicians who back it," the Dutch threat intelligence firm said. Turkish Users Targeted by DBatLoader — AhnLab has disclosed details of a malware campaign that's distributing a malware loader called DBatLoader (aka ModiLoader) via banking-themed banking emails, which then acts as a conduit to deliver SnakeKeylogger, an information stealer developed in .NET. "The DBatLoader malware distributed through phishing emails has the cunning behavior of exploiting normal processes (easinvoker.exe, loader.exe) through techniques such as DLL side-loading and injection for most of its behaviors, and it also utilizes normal processes (cmd.exe, powershell.exe, esentutl.exe, extrac32.exe) for behaviors such as file copying and changing policies," the company said. SEC SIM-Swapper Sentenced to 14 Months for SEC X Account Hack — A 26-year-old Alabama man, Eric Council Jr., has been sentenced to 14 months in prison and three years of supervised release for using SIM swapping attacks to breach the U.S. Securities and Exchange Commission's (SEC) official X account in January 2024 and falsely announced that the SEC approved Bitcoin (BTC) Exchange Traded Funds (ETFs). Council Jr. (aka Ronin, Agiantschnauzer, and @EasyMunny) was arrested in October 2024 and pleaded guilty to the crime earlier this February. He has also been ordered to forfeit $50,000. According to court documents, Council used his personal computer to search incriminating phrases such as "SECGOV hack," "telegram sim swap," "how can I know for sure if I am being investigated by the FBI," "What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them," "what are some signs that the FBI is after you," "Verizon store list," "federal identity theft statute," and "how long does it take to delete telegram account." FBI Warns of Malicious Campaign Impersonating Government Officials — The U.S. Federal Bureau of Investigation (FBI) is warning of a new campaign that involves malicious actors impersonating senior U.S. federal or state government officials and their contacts to target individuals since April 2025. "The malicious actors have sent text messages and AI-generated voice messages — techniques known as smishing and vishing, respectively — that claim to come from a senior US official in an effort to establish rapport before gaining access to personal accounts," the FBI said. "One way the actors gain such access is by sending targeted individuals a malicious link under the guise of transitioning to a separate messaging platform." From there, the actor may present malware or introduce hyperlinks that lead intended targets to an actor-controlled site that steals login information. DICOM Flaw Enables Attackers to Embed Malicious Code Within Medical Image Files — Praetorian has released a proof-of-concept (PoC) for a high-severity security flaw in Digital Imaging and Communications in Medicine (DICOM), predominant file format for medical images, that enables attackers to embed malicious code within legitimate medical image files. CVE-2019-11687 (CVSS score: 7.8), originally disclosed in 2019 by Markel Picado Ortiz, stems from a design decision that allows arbitrary content at the start of the file, otherwise called the Preamble, which enables the creation of malicious polyglots. Codenamed ELFDICOM, the PoC extends the attack surface to Linux environments, making it a much more potent threat. As mitigations, it's advised to implement a DICOM preamble whitelist. "DICOM's file structure inherently allows arbitrary bytes at the beginning of the file, where Linux and most operating systems will look for magic bytes," Praetorian researcher Ryan Hennessee said. "[The whitelist] would check a DICOM file's preamble before it is imported into the system. This would allow known good patterns, such as 'TIFF' magic bytes, or '\x00' null bytes, while files with the ELF magic bytes would be blocked." Cookie-Bite Attack Uses Chrome Extension to Steal Session Tokens — Cybersecurity researchers have demonstrated a new attack technique called Cookie-Bite that employs custom-made malicious browser extensions to steal "ESTAUTH" and "ESTSAUTHPERSISTNT" cookies in Microsoft Azure Entra ID and bypass multi-factor authentication (MFA). The attack has multiple moving parts to it: A custom Chrome extension that monitors authentication events and captures cookies; a PowerShell script that automates the extension deployment and ensures persistence; an exfiltration mechanism to send the cookies to a remote collection point; and a complementary extension to inject the captured cookies into the attacker's browser. "Threat actors often use infostealers to extract authentication tokens directly from a victim's machine or buy them directly through darkness markets, allowing adversaries to hijack active cloud sessions without triggering MFA," Varonis said. "By injecting these cookies while mimicking the victim's OS, browser, and network, attackers can evade Conditional Access Policies (CAPs) and maintain persistent access." Authentication cookies can also be stolen using adversary-in-the-middle (AitM) phishing kits in real-time, or using rogue browser extensions that request excessive permissions to interact with web sessions, modify page content, and extract stored authentication data. Once installed, the extension can access the browser's storage API, intercept network requests, or inject malicious JavaScript into active sessions to harvest real-time session cookies. "By leveraging stolen session cookies, an adversary can bypass authentication mechanisms, gaining seamless entry into cloud environments without requiring user credentials," Varonis said. "Beyond initial access, session hijacking can facilitate lateral movement across the tenant, allowing attackers to explore additional resources, access sensitive data, and escalate privileges by abusing existing permissions or misconfigured roles." 🎥 Cybersecurity Webinars Non-Human Identities: The AI Backdoor You're Not Watching → AI agents rely on Non-Human Identities (like service accounts and API keys) to function—but these are often left untracked and unsecured. As attackers shift focus to this hidden layer, the risk is growing fast. In this session, you'll learn how to find, secure, and monitor these identities before they're exploited. Join the webinar to understand the real risks behind AI adoption—and how to stay ahead. Inside the LOTS Playbook: How Hackers Stay Undetected → Attackers are using trusted sites to stay hidden. In this webinar, Zscaler experts share how they detect these stealthy LOTS attacks using insights from the world's largest security cloud. Join to learn how to spot hidden threats and improve your defense. 🔧 Cybersecurity Tools ScriptSentry → It is a free tool that scans your environment for dangerous logon script misconfigurations—like plaintext credentials, insecure file/share permissions, and references to non-existent servers. These overlooked issues can enable lateral movement, privilege escalation, or even credential theft. ScriptSentry helps you quickly identify and fix them across large Active Directory environments. Aftermath → It is a Swift-based, open-source tool for macOS incident response. It collects forensic data—like logs, browser activity, and process info—from compromised systems, then analyzes it to build timelines and track infection paths. Deploy via MDM or run manually. Fast, lightweight, and ideal for post-incident investigation. AI Red Teaming Playground Labs → It is an open-source training suite with hands-on challenges designed to teach security professionals how to red team AI systems. Originally developed for Black Hat USA 2024, the labs cover prompt injections, safety bypasses, indirect attacks, and Responsible AI failures. Built on Chat Copilot and deployable via Docker, it's a practical resource for testing and understanding real-world AI vulnerabilities. 🔒 Tip of the Week Review and Revoke Old OAuth App Permissions — They're Silent Backdoor → You've likely logged into apps using "Continue with Google," "Sign in with Microsoft," or GitHub/Twitter/Facebook logins. That's OAuth. But did you know many of those apps still have access to your data long after you stop using them? Why it matters: Even if you delete the app or forget it existed, it might still have ongoing access to your calendar, email, cloud files, or contact list — no password needed. If that third-party gets breached, your data is at risk. What to do: Go through your connected apps here: Google: myaccount.google.com/permissions Microsoft: account.live.com/consent/Manage GitHub: github.com/settings/applications Facebook: facebook.com/settings?tab=applications Revoke anything you don't actively use. It's a fast, silent cleanup — and it closes doors you didn't know were open. Conclusion Looking ahead, it's not just about tracking threats—it's about understanding what they reveal. Every tactic used, every system tested, points to deeper issues in how trust, access, and visibility are managed. As attackers adapt quickly, defenders need sharper awareness and faster response loops. The takeaways from this week aren't just technical—they speak to how teams prioritize risk, design safeguards, and make choices under pressure. Use these insights not just to react, but to rethink what "secure" really needs to mean in today's environment. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

As policy makers in the UK weigh how to regulate the AI industry, Nick Clegg, former UK deputy prime minister and former Meta executive, claimed a push for artist consent would “basically kill” the AI industry.Speaking at an event promoting his new book, Clegg said the creative community should have the right to opt out of having their work used to train AI models. But he claimed it wasn’t feasible to ask for consent before ingesting their work first.“I think the creative community wants to go a step further,” Clegg said according to The Times. “Quite a lot of voices say, ‘You can only train on my content, [if you] first ask’. And I have to say that strikes me as somewhat implausible because these systems train on vast amounts of data.”“I just don’t know how you go around, asking everyone first. I just don’t see how that would work,” Clegg said. “And by the way if you did it in Britain and no one else did it, you would basically kill the AI industry in this country overnight.”The comments follow a back-and-forth in Parliament over new legislation that aims to give creative industries more insight into how their work is used by AI companies. An amendment to the Data (Use and Access) Bill would require technology companies to disclose what copyrighted works were used to train AI models. Paul McCartney, Dua Lipa, Elton John, and Andrew Lloyd Webber are among the hundreds of musicians, writers, designers, and journalists who signed an open letter in support of the amendment earlier in May.The amendment — introduced by Beeban Kidron, who is also a film producer and director — has bounced around gaining support. But on Thursday members of parliament rejected the proposal, with technology secretary Peter Kyle saying the “Britain’s economy needs both [AI and creative] sectors to succeed and to prosper.” Kidron and others have said a transparency requirement would allow copyright law to be enforced, and that AI companies would be less likely to “steal” work in the first place if they are required to disclose what content they used to train models.In an op-ed in the Guardian Kidron promised that “the fight isn’t over yet,” as the Data (Use and Access) Bill returns to the House of Lords in early June.See More:

Mid-Century & Mid-Western: Tracing the Modernist Movement in America’s Industrial CorridorSave this picture!United States Chicago Federal Center by Mies van der Rohe. Image © Samuel LudwigThe Mid-Century Modernist movement was more than an aesthetic or material shift in the United States, as it was a response to a rapidly changing world. Emerging after World War II, this architectural revolution rejected ornate, traditional styles of the past in favor of clean lines, functional design, and incorporation of flashy materials like steel, glass, and concrete. Modernism was a break from tradition, focusing instead on simplicity, efficiency, and a vision for the future. It reflected the optimism of a nation rebuilding itself, where technology and innovation shaped everything from cityscapes to suburban homes.Open floor plans, large windows, flat roofs, and the integration of interior and exterior spaces characterized mid-century modernism in the United States. Buildings were designed with functionality in mind, stripped of unnecessary ornamentation, and adapted to the needs of a modern, postwar society. These structures often blurred the boundaries between architecture and landscape, seeking harmony with their surroundings rather than imposing on them. From the glass-and-steel towers of Chicago to the minimalist ranch homes in California, this movement redefined what it meant to live in the modern world.While cities like New York and Los Angeles are often associated with Mid-Century Modernism, the Midwest played a pivotal role in shaping the movement across the country. Some of the most influential modernist architects found their canvas in this region, using the Midwest's urban and rural landscapes to explore new architectural possibilities. From skyscrapers in Chicago to churches in small towns like Columbus, Indiana, the Midwest was a fertile ground for architectural innovation. Related Article Mid-Century Modernism and East Coast Ruralism: A Study of Adaptive Design An Urban Epicenter of Post-War Modernism in Chicago, Illinois Save this picture!It is impossible to exclude Chicago from the conversation of modernism in North America. It stands, even today, as a city whose relationship with modernism was more symbiotic than incidental. The city's long history of architectural innovation laid the groundwork for the birth of the Mid-Century Modern movement, which took off in the aftermath of World War II. Famously admired as the birthplace of modern skyscraper design and home to pioneers like Louis Sullivan and Frank Lloyd Wright, Chicago was uniquely positioned to embrace the principles of the International Style, perfected by Mies van der Rohe.The arrival of Mies van der Rohe at the Illinois Institute of Technology in the 1930s marked a pivotal moment for the city. Mies's architectural philosophy, characterized by minimalist forms and an emphasis on new industrial materials like steel and glass, found a perfect outlet in Chicago's rapidly evolving urban landscape. His designs, such as the Lake Shore Drive Apartments (1951) and Crown Hall (1956), broke from the past, rejecting ornamentation in favor of structure as the form of beauty. These buildings were more than just physical structures—they were a new way of seeing the world that blended art and function into an elegant whole.Save this picture!Chicago's embrace of modernism wasn't just theoretical but intensely practical. The John Hancock Center by SOM (1970), with its bold tapering shape and integrated design, embodied the city's ongoing transformation. These skyscrapers weren't just symbols of wealth—they represented a forward-thinking, industrial city reinventing itself in the face of postwar change. Modernism in Chicago was about making a statement, about pushing the boundaries of what was possible, and the skyline became an urban laboratory for this new architectural philosophy.An Unexpected Modernist Haven in Columbus, IndianaSave this picture!Modernism in the Midwest wasn't only defined by the sprawling urban landscapes. Small-town America, too, embraced the movement with a surprising fervor, most notably in Columbus, Indiana. A town of less than 50,000, Columbus became an unlikely hub of modernist architecture, thanks to the vision of J. Irwin Miller, the CEO of Cummins Engine Company.Miller was convinced that architecture could be a tool for civic pride, and he set out to bring some of the world's greatest architects to his hometown. This endeavor transformed Columbus into an architectural mecca, attracting renowned figures like Eliel Saarinen, I.M. Pei, and Richard Meier. These architects didn't just design buildings—they shaped a new identity for the town, infusing it with the spirit of Mid-Century Modernism. One of the town's most notable landmarks, the First Christian Church (1942), designed by Eliel Saarinen, is a stunning example of how modernism could transform sacred spaces. The church's minimalist design, with its soaring concrete arches and light-filled interior, departs from traditional religious architecture, yet remains deeply spiritual in its simplicity.Save this picture!But Columbus didn't just embrace modernism in its public buildings. It influenced the narrative and construction of its schools, libraries, and bus stations. By the 1970s, the town had more modernist structures per capita than any other place in the United States. Columbus is a perfect example of how modernism transcended urban centers and became a way of life in a small Midwestern town, elevating everyday spaces and embedding a sense of future-oriented civic pride into the region's identity.Rural Mid-Century Modernism in Small-Town AmericaSave this picture!While Chicago and Columbus may stand as the most iconic expressions of Mid-Century Modernism in the Midwest, the movement's influence rippled through even the most rural corners of the region. In towns like Mason City, Iowa, and Fort Wayne, Indiana, the modernist ideals of simplicity, openness, and functionality weren't just limited to grand urban projects. They found their way into everyday life, shaping residential homes, schools, libraries, civic buildings, and community infrastructure. Unlike the towering skyscrapers and bold public spaces in Chicago or Columbus, the rural examples of Mid-Century Modernism were more modest in scale. Still, they reflected the same commitment to clean lines, efficient design, and environmental integration.Take, for example, the Frank Lloyd Wright-designed Prairie School houses in Mason City, Iowa. With their flat rooflines, wide overhangs, and open, flowing interiors, these homes captured the essence of Mid-Century Modern design, breaking away from traditional boxed-in rooms to create spaces that were expansive and connected to nature. While these houses were private homes, they served as a microcosm of the broader Mid-Century ethos, embracing local materials, blending with the landscape, and using design to enhance the quality of life. Wright's work in Mason City reflects how Mid-Century Modernism did not answer only to aesthetics, but to the ideologies of designing spaces that are simple, functional, and intrinsically linked to their environmental context.Save this picture!Beyond architecture, the principles of Mid-Century Modernism began to permeate every facet of design in these rural communities. The same values that shaped the homes and schools of the region also influenced furniture design, product design, and even infrastructure. In small towns, schools were designed with expansive glass windows to foster openness and connect students to the natural world outside. At the same time, the clean lines of modernist furniture became commonplace in local homes, offering simplicity and functionality. Schools in Fort Wayne, like those designed by the notable architect Eero Saarinen, incorporated modernist elements such as open, flexible spaces that could adapt to the needs of students, reflecting the movement's broader aim of creating environments that encouraged collaboration, innovation, and community.Moreover, Mid-Century Modernism in rural areas extended into urban planning and community infrastructure—with designs focused on efficiency, accessibility, and a seamless integration with the natural landscape. Roads, parks, and even public transportation in these small towns were planned with an emphasis on simplicity and clarity of form, ensuring that the built environment was not an imposition, but a complement to the natural surroundings. Urban planners in small towns embraced the modernist ideal that architecture and design should serve the community as a backdrop to daily life and a means to enrich it.Save this picture!In these Midwestern towns, the modernist movement was not simply a top-down trend but a deeply ingrained part of the local culture, resonating with residents' desire for a forward-thinking yet regionally grounded approach to life. The Mid-Century ideals of openness, simplicity, and a connection to nature found expression not just in towering civic buildings or sweeping urban parks, but in the very fabric of small-town life. Here, modernism was not about creating grand, world-changing gestures—it was about designing for the people, in the here and now, with an eye toward the future, and understanding the past. This local adaptation of modernist principles shows how the movement's philosophy could be realized at any scale, and how rural America embraced a movement that was fundamentally about making life simpler, more efficient, and more beautiful.Scales of Mid-Century Modernism in the MidwestSave this picture!Mid-century modernism in the Midwestern states refused to be confined by scale, geography, or urban context. It remains proof that modern architecture was not the exclusive realm of sprawling cities or privileged elites. Instead, it was a versatile and democratic force in sprawling urban contexts and furniture design decisions.The beauty of mid-century modernism in the Midwest lies in its ability to translate the ideals of openness, simplicity, and functionality into various forms. The movement reshaped the Midwestern landscape at every level through monumental civic buildings, streamlined homes, or sleek furniture designs, from the grandest civic gestures to the most miniature everyday objects. In this multi-scaled application of modernism, the heart of the Midwest's architectural legacy truly shines.Save this picture!As cities and towns across the region look to the future, the lessons of this movement offer valuable insight into creating functional spaces that reflect a community's spirit and aspirations. However, preserving these structures remains a contested issue, with some modernist landmarks lost to time while others are finally recognized for their cultural and architectural significance. This ongoing conversation about preservation speaks to the broader legacy of the movement.Ultimately, the Midwest's embrace of Mid-Century Modernism stands as a testament to an era marked by optimism, forward-thinking, and a profound belief in the potential of design to shape everyday life. In the industrial heartland of the United States, modernism adopted a vision for a future that was accessible, scalable, and grounded in the values of simplicity, function, and beauty. Related Article Mid-Century Modernism and East Coast Ruralism: A Study of Adaptive Design Image gallerySee allShow less About this authorOlivia PostonAuthor••• Cite: Olivia Poston. "Mid-Century & Mid-Western: Tracing the Modernist Movement in America’s Industrial Corridor" 25 May 2025. ArchDaily. Accessed . <https://www.archdaily.com/1026454/mid-century-and-mid-western-tracing-scales-of-the-modernist-movement-in-americas-industrial-corridor&gt ISSN 0719-8884Save世界上最受欢迎的建筑网站现已推出你的母语版本!想浏览ArchDaily中国吗?是否 You've started following your first account!Did you know?You'll now receive updates based on what you follow! Personalize your stream and start following your favorite authors, offices and users.Go to my stream

The Building Safety Regulator (BSR) is looking at taking a “firmer approach” by rejecting more gateway 2 applications outright as it seeks to decrease delays in building control approval, the organisation’s chief has said. Since taking over the building control for higher-risk buildings, the regulator has been subject to a stream of criticism from the housing development sector over delays of up to 11 months to approval at the ‘gateway 2’ pre-construction stage. Source: Shutterstock In a statement published on the government’s website, Philip White, chief inspector of buildings at BSR, he stressed that “industry needs to step up and comply with the process” in providing good quality applications. White indicated that the regulator could begin taking a different approach in how it handles poor quality applications in order to ensure more complete submissions are not delayed.  > Also read: Homes England boss calls on government to fix ‘unacceptably slow’ gateway 2 approvals He said that the regulator’s attempts to engage with applicants rather than simply rejecting submissions had meant that applications “take longer and appear to be delayed”. “Of course, the time we spend on those incomplete applications is time we can’t spend on others, some of which would be perfectly good to go,” he said. He said a shift in method could mean the regulator takes a “firmer approach to rejecting those applications that aren’t making the bar straight away”. He explained that a backlog of cases which built up last summer was “almost cleared”, but the regulator was still struggling with poor quality applications. White explained that application volumes had been “steady” when it first took on building control for higher-risk buildings, but that things changed in Spring 2024 when transitional arrangements from the pre-Building Safety Act regime came to an end and private building control suffered a collapse. He said the “temporary backlog of cases” that subsequently built up before July 2024 had nearly been dealt with by the regulator. While White said there were “a small set of applications from the pre-July backlog that have been in the system for a long time”, approval times had otherwise come down. He said that for other applications, the average Gateway 2 handling time was now around 16 to 18 weeks. However, he stressed that “industry needs to step up and comply with the process” in providing good quality applications. The most recent data showed 44% of applications were still being rejected at the validation stage, which is a simple administration check that all the required documents have been supplied. He emphasised that the process was not “red tape for the sake of it”, but that it was “preventing risks and problems from being designed into the built environment”. “It’s about making sure residents have safe and quality homes and avoiding costly works at a later date. Or homeowners not being able to secure lending and insurance,” he said. He also outlined some of the most common and serious failures in applications. These included missing details on how key structural components connect, inadequate information on fire resistance of cladding, walls or barriers, corridors that don’t meet evacuation width requirements and poorly designed or unproven smoke extraction systems.  “These aren’t minor omissions – they present significant safety risks and lead to delays in the approval process,” he said.