Published June 15, 2025 10:00am EDT close IPhone users instructed to take immediate action to avoid data breach: 'Urgent threat' Kurt 'The CyberGuy' Knutsson discusses Elon Musk's possible priorities as he exits his role with the White House and explains the urgent warning for iPhone users to update devices after a 'massive security gap.' NEWYou can now listen to Fox News articles! In the past decade, healthcare data has become one of the most sought-after targets in cybercrime. From insurers to clinics, every player in the ecosystem handles some form of sensitive information. However, breaches do not always originate from hospitals or health apps. Increasingly, patient data is managed by third-party vendors offering digital services such as scheduling, billing and marketing. One such breach at a digital marketing agency serving dental practices recently exposed approximately 2.7 million patient profiles and more than 8.8 million appointment records.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join. Illustration of a hacker at work   (Kurt "CyberGuy" Knutsson)Massive healthcare data leak exposes millions: What you need to knowCybernews researchers have discovered a misconfigured MongoDB database exposing 2.7 million patient profiles and 8.8 million appointment records. The database was publicly accessible online, unprotected by passwords or authentication protocols. Anyone with basic knowledge of database scanning tools could have accessed it.The exposed data included names, birthdates, addresses, emails, phone numbers, gender, chart IDs, language preferences and billing classifications. Appointment records also contained metadata such as timestamps and institutional identifiers.MASSIVE DATA BREACH EXPOSES 184 MILLION PASSWORDS AND LOGINSClues within the data structure point toward Gargle, a Utah-based company that builds websites and offers marketing tools for dental practices. While not a confirmed source, several internal references and system details suggest a strong connection. Gargle provides appointment scheduling, form submission and patient communication services. These functions require access to patient information, making the firm a likely link in the exposure.After the issue was reported, the database was secured. The duration of the exposure remains unknown, and there is no public evidence indicating whether the data was downloaded by malicious actors before being locked down.We reached out to Gargle for a comment but did not hear back before our deadline. A healthcare professional viewing heath data      (Kurt "CyberGuy" Knutsson)How healthcare data breaches lead to identity theft and insurance fraudThe exposed data presents a broad risk profile. On its own, a phone number or billing record might seem limited in scope. Combined, however, the dataset forms a complete profile that could be exploited for identity theft, insurance fraud and targeted phishing campaigns.Medical identity theft allows attackers to impersonate patients and access services under a false identity. Victims often remain unaware until significant damage is done, ranging from incorrect medical records to unpaid bills in their names. The leak also opens the door to insurance fraud, with actors using institutional references and chart data to submit false claims.This type of breach raises questions about compliance with the Health Insurance Portability and Accountability Act, which mandates strong security protections for entities handling patient data. Although Gargle is not a healthcare provider, its access to patient-facing infrastructure could place it under the scope of that regulation as a business associate. A healthcare professional working on a laptop   (Kurt "CyberGuy" Knutsson)5 ways you can stay safe from healthcare data breachesIf your information was part of the healthcare breach or any similar one, it’s worth taking a few steps to protect yourself.1. Consider identity theft protection services: Since the healthcare data breach exposed personal and financial information, it’s crucial to stay proactive against identity theft. Identity theft protection services offer continuous monitoring of your credit reports, Social Security number and even the dark web to detect if your information is being misused. These services send you real-time alerts about suspicious activity, such as new credit inquiries or attempts to open accounts in your name, helping you act quickly before serious damage occurs. Beyond monitoring, many identity theft protection companies provide dedicated recovery specialists who assist you in resolving fraud issues, disputing unauthorized charges and restoring your identity if it’s compromised. See my tips and best picks on how to protect yourself from identity theft.2. Use personal data removal services: The healthcare data breach leaks loads of information about you, and all this could end up in the public domain, which essentially gives anyone an opportunity to scam you.  One proactive step is to consider personal data removal services, which specialize in continuously monitoring and removing your information from various online databases and websites. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. GET FOX BUSINESS ON THE GO BY CLICKING HEREGet a free scan to find out if your personal information is already out on the web3. Have strong antivirus software: Hackers have people’s email addresses and full names, which makes it easy for them to send you a phishing link that installs malware and steals all your data. These messages are socially engineered to catch them, and catching them is nearly impossible if you’re not careful. However, you’re not without defenses.The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.4. Enable two-factor authentication: While passwords weren’t part of the data breach, you still need to enable two-factor authentication (2FA). It gives you an extra layer of security on all your important accounts, including email, banking and social media. 2FA requires you to provide a second piece of information, such as a code sent to your phone, in addition to your password when logging in. This makes it significantly harder for hackers to access your accounts, even if they have your password. Enabling 2FA can greatly reduce the risk of unauthorized access and protect your sensitive data.5. Be wary of mailbox communications: Bad actors may also try to scam you through snail mail. The data leak gives them access to your address. They may impersonate people or brands you know and use themes that require urgent attention, such as missed deliveries, account suspensions and security alerts. Kurt’s key takeawayIf nothing else, this latest leak shows just how poorly patient data is being handled today. More and more, non-medical vendors are getting access to sensitive information without facing the same rules or oversight as hospitals and clinics. These third-party services are now a regular part of how patients book appointments, pay bills or fill out forms. But when something goes wrong, the fallout is just as serious. Even though the database was taken offline, the bigger problem hasn't gone away. Your data is only as safe as the least careful company that gets access to it.CLICK HERE TO GET THE FOX NEWS APPDo you think healthcare companies are investing enough in their cybersecurity infrastructure? Let us know by writing us at Cyberguy.com/ContactFor more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/NewsletterAsk Kurt a question or let us know what stories you'd like us to coverFollow Kurt on his social channelsAnswers to the most asked CyberGuy questions:New from Kurt:Copyright 2025 CyberGuy.com.  All rights reserved.   Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Jun 16, 2025Ravie LakshmananMalware / DevOps Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others. The package, named chimera-sandbox-extensions, attracted 143 downloads and likely targets users of a service called Chimera Sandbox, which was released by Singaporean tech company Grab last August to facilitate "experimentation and development of [machine learning] solutions." The package masquerades as a helper module for Chimera Sandbox, but "aims to steal credentials and other sensitive information such as Jamf configuration, CI/CD environment variables, AWS tokens, and more," JFrog security researcher Guy Korolevski said in a report published last week. Once installed, it attempts to connect to an external domain whose domain name is generated using a domain generation algorithm (DGA) in order to download and execute a next-stage payload. Specifically, the malware acquires from the domain an authentication token, which is then used to send a request to the same domain and retrieve the Python-based information stealer. The stealer malware is equipped to siphon a wide range of data from infected machines. This includes - JAMF receipts, which are records of software packages installed by Jamf Pro on managed computers Pod sandbox environment authentication tokens and git information CI/CD information from environment variables Zscaler host configuration Amazon Web Services account information and tokens Public IP address General platform, user, and host information The kind of data gathered by the malware shows that it's mainly geared towards corporate and cloud infrastructure. In addition, the extraction of JAMF receipts indicates that it's also capable of targeting Apple macOS systems. The collected information is sent via a POST request back to the same domain, after which the server assesses if the machine is a worthy target for further exploitation. However, JFrog said it was unable to obtain the payload at the time of analysis. "The targeted approach employed by this malware, along with the complexity of its multi-stage targeted payload, distinguishes it from the more generic open-source malware threats we have encountered thus far, highlighting the advancements that malicious packages have made recently," Jonathan Sar Shalom, director of threat research at JFrog Security Research team, said. "This new sophistication of malware underscores why development teams remain vigilant with updates—alongside proactive security research – to defend against emerging threats and maintain software integrity." The disclosure comes as SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below - eslint-config-airbnb-compat (676 Downloads) ts-runtime-compat-check (1,588 Downloads) solders (983 Downloads) @mediawave/lib (386 Downloads) All the identified npm packages have since been taken down from npm, but not before they were downloaded hundreds of times from the package registry. SafeDep's analysis of eslint-config-airbnb-compat found that the JavaScript library has ts-runtime-compat-check listed as a dependency, which, in turn, contacts an external server defined in the former package ("proxy.eslint-proxy[.]site") to retrieve and execute a Base64-encoded string. The exact nature of the payload is unknown. "It implements a multi-stage remote code execution attack using a transitive dependency to hide the malicious code," SafeDep researcher Kunal Singh said. Solders, on the other hand, has been found to incorporate a post-install script in its package.json, causing the malicious code to be automatically executed as soon as the package is installed. "At first glance, it's hard to believe that this is actually valid JavaScript," the Veracode Threat Research team said. "It looks like a seemingly random collection of Japanese symbols. It turns out that this particular obfuscation scheme uses the Unicode characters as variable names and a sophisticated chain of dynamic code generation to work." Decoding the script reveals an extra layer of obfuscation, unpacking which reveals its main function: Check if the compromised machine is Windows, and if so, run a PowerShell command to retrieve a next-stage payload from a remote server ("firewall[.]tel"). This second-stage PowerShell script, also obscured, is designed to fetch a Windows batch script from another domain ("cdn.audiowave[.]org") and configures a Windows Defender Antivirus exclusion list to avoid detection. The batch script then paves the way for the execution of a .NET DLL that reaches out to a PNG image hosted on ImgBB ("i.ibb[.]co"). "[The DLL] is grabbing the last two pixels from this image and then looping through some data contained elsewhere in it," Veracode said. "It ultimately builds up in memory YET ANOTHER .NET DLL." Furthermore, the DLL is equipped to create task scheduler entries and features the ability to bypass user account control (UAC) using a combination of FodHelper.exe and programmatic identifiers (ProgIDs) to evade defenses and avoid triggering any security alerts to the user. The newly-downloaded DLL is Pulsar RAT, a "free, open-source Remote Administration Tool for Windows" and a variant of the Quasar RAT. "From a wall of Japanese characters to a RAT hidden within the pixels of a PNG file, the attacker went to extraordinary lengths to conceal their payload, nesting it a dozen layers deep to evade detection," Veracode said. "While the attacker's ultimate objective for deploying the Pulsar RAT remains unclear, the sheer complexity of this delivery mechanism is a powerful indicator of malicious intent." Crypto Malware in the Open-Source Supply Chain The findings also coincide with a report from Socket that identified credential stealers, cryptocurrency drainers, cryptojackers, and clippers as the main types of threats targeting the cryptocurrency and blockchain development ecosystem. Some of the examples of these packages include - express-dompurify and pumptoolforvolumeandcomment, which are capable of harvesting browser credentials and cryptocurrency wallet keys bs58js, which drains a victim's wallet and uses multi-hop transfers to obscure theft and frustrate forensic tracing. lsjglsjdv, asyncaiosignal, and raydium-sdk-liquidity-init, which functions as a clipper to monitor the system clipboard for cryptocurrency wallet strings and replace them with threat actor‑controlled addresses to reroute transactions to the attackers "As Web3 development converges with mainstream software engineering, the attack surface for blockchain-focused projects is expanding in both scale and complexity," Socket security researcher Kirill Boychenko said. "Financially motivated threat actors and state-sponsored groups are rapidly evolving their tactics to exploit systemic weaknesses in the software supply chain. These campaigns are iterative, persistent, and increasingly tailored to high-value targets." AI and Slopsquatting The rise of artificial intelligence (AI)-assisted coding, also called vibe coding, has unleashed another novel threat in the form of slopsquatting, where large language models (LLMs) can hallucinate non-existent but plausible package names that bad actors can weaponize to conduct supply chain attacks. Trend Micro, in a report last week, said it observed an unnamed advanced agent "confidently" cooking up a phantom Python package named starlette-reverse-proxy, only for the build process to crash with the error "module not found." However, should an adversary upload a package with the same name on the repository, it can have serious security consequences. Furthermore, the cybersecurity company noted that advanced coding agents and workflows such as Claude Code CLI, OpenAI Codex CLI, and Cursor AI with Model Context Protocol (MCP)-backed validation can help reduce, but not completely eliminate, the risk of slopsquatting. "When agents hallucinate dependencies or install unverified packages, they create an opportunity for slopsquatting attacks, in which malicious actors pre-register those same hallucinated names on public registries," security researcher Sean Park said. "While reasoning-enhanced agents can reduce the rate of phantom suggestions by approximately half, they do not eliminate them entirely. Even the vibe-coding workflow augmented with live MCP validations achieves the lowest rates of slip-through, but still misses edge cases." Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

While IO Interactive may be heavily focused on its inaugural James Bond game, 2026’s 007 First Light, it’s still providing ambitious new levels and updates for Hitman: World of Assassination and its new science fiction action game MindsEye. To continue to build hype for First Light and IOI’s growing partnership with the James Bond brand, the latest World of Assassination level is a Bond crossover, as Hitman protagonist Agent 47 targets Le Chiffre, the main villain of the 2006 movie Casino Royale. Available through July 6, 2025, the Le Chiffre event in World of Assassination features actor Mads Mikkelsen reprising his fan-favorite Bond villain role, not only providing his likeness but voicing the character as he confronts the contract killer in France. Den of Geek attended the first-ever in-person IO Interactive Showcase, a partner event with Summer Game Fest held at The Roosevelt Hotel in Hollywood. Mikkelsen and the developers shared insight on the surprise new World of Assassination level, with the level itself playable in its entirety to attendees on the Nintendo Switch 2 and PlayStation Portal. The developers also included an extended gameplay preview for MindsEye, ahead of its June 10 launch, while sharing some details about the techno-thriller. Matching his background from Casino Royale, Le Chiffre is a terrorist financier who manipulates the stock market by any means necessary to benefit himself and his clients. After an investment deal goes wrong, Le Chiffre tries to recoup a brutal client’s losses through a high-stakes poker game in France, with Agent 47 hired to assassinate the criminal mastermind on behalf of an unidentified backer. The level opens with 47 infiltrating a high society gala linked to the poker game, with the contract killer entering under his oft-used assumed name of Tobias Rieper, a facade that Le Chiffre immediately sees through. At the IO Interactive Showcase panel, Mikkelsen observed that the character of Le Chiffre is always one that he enjoyed and held a special place for him and his career. Reprising his villainous role also gave Mikkelsen the chance to reunite with longtime Agent 47 voice actor David Bateson since their ‘90s short film Tom Merritt, though both actors recorded their respective lines separately. Mikkelsen enjoyed that Le Chiffre’s appearance in World of Assassination gave him a more physical role than he had in Casino Royale, rather than largely placing him at a poker table. Of course, like most Hitman levels, there are multiple different ways that players can accomplish their main objective of killing Le Chiffre and escaping the premises. The game certainly gives players multiple avenues to confront the evil financier over a game of poker before closing in for the kill, but it’s by no means the only way to successfully assassinate him. We won’t give away how we ultimately pulled off the assassination, but rest assured that it took multiple tries, careful plotting, and with all the usual trial-and-error that comes from playing one of Hitman’s more difficult and immersively involved levels. Moving away from its more grounded action titles, IO Interactive also provided a deeper look at its new sci-fi game MindsEye, developed by Build a Rocket Boy. Set in the fictional Redrock City, the extended gameplay sneak peek at the showcase featured protagonist Adam Diaz fighting shadowy enemies in the futuristic city’s largely abandoned streets. While there were no hands-on demos at the showcase itself, the preview demonstrated Diaz using his abilities and equipment, including an accompanying drone, to navigate the city from a third-person perspective and use an array of weapons to dispatch those trying to hunt him down. MindsEye marks the first game published through IOI Partners, an initiative that has IOI publish games from smaller, external developers. The game did not have a hands-on demo at the showcase and, given its bug-heavy and poorly-received launch, this distinction is not particularly surprising. Build a Robot Boy has since pledged to support the game through June to fix its technical issues but, given the game’s hands-on access at the IOI Showcase, there were already red flags surrounding the game’s performance. With that in mind, most of the buzz at the showcase was unsurprisingly centered around 007 First Light and updates to Hitman: World of Assassination, and IO Interactive did not disappoint in that regard. Even with Hitman: World of Assassination over four years old now, the game continues to receive impressive post-release support from IO Interactive, both in bringing the title to the Nintendo Switch 2 and with additional DLC. At the showcase, IOI hinted at additional special levels for World of Assassintation with high-profile guest targets like Le Chiffre, without identifying who or if they’re also explicitly tied to the James Bond franchise. But with 007 First Light slated for its eagerly anticipated launch next year, it’s a safe bet that IOI has further plans to hype its own role in building out the James Bond legacy for the foreseeable future. The Hitman: World of Assassination special Le Chiffre level is available now through July 6, 2025 on all the game’s major platforms, including the Nintendo Switch 2. MindsEye is now on sale for PlayStation 5, Xbox Series X|S, and PC.

Whether you’re an advertiser or a publisher, partnering up with the right programmatic video advertising platform is one of the most important business decisions you can make. More than half of U.S. marketing budgets are now devoted to programmatically purchased media, and there’s no indication that trend will reverse any time soon.Everybody wants to find the solution that’s best for their bottom line. However, the specific considerations that should go into choosing the right video programmatic advertising solution differ depending on whether you have supply to sell or are looking for an audience for your advertisements. This article will break down key factors for both mobile advertisers and mobile publishers to keep in mind as they search for a programmatic video advertising platform.Before we get into the specifics on either end, let’s recap the basic concepts.What is a programmatic video advertising platform?A programmatic video advertising platform combines tools, processes, and marketplaces to place video ads from advertising partners in ad placements furnished by publishing partners. The “programmatic” part of the term means that it’s all done procedurally via automated tools, integrating with demand side platforms and supply side platforms to allow advertising placements to be bid upon, selected, and displayed in fractions of a second.If a mobile game has ever offered you extra rewards for watching a video and you found yourself watching an ad for a related game a split second later, you’ve likely been on the user side of an advertising programmatic transaction. Now let’s take a look at what considerations make for the ideal programmatic video advertising platform for the other two main parties involved.4 points to help advertisers choose the best programmatic platformLooking for the best way to leverage your video demand side platform? These are four key points for advertisers to consider when trying to find the right programmatic video advertising platform.A large, engaged audienceOne of the most important things a programmatic video advertising platform can do for advertisers is put their creative content in front of as many people as possible. However, it’s not enough to just pass your content in front of the most eyeballs. It’s equally important for the platform to give you access to engaged audiences who are more likely to convert so you can make the most of your advertising dollar.Full-screen videos to grab attentionYou need every advantage you can get when you’re grappling for the attention of a busy mobile user. Your video demand side platform should prioritize full-screen takeovers when and where they make sense, making sure your content isn’t just playing unnoticed on the far side of the screen.A range of ad options that are easy to testYour video programmatic advertising partner should be able to offer a broad variety of creative and placement options, including interstitial and rewarded ads. It should also enable you to test, iterate, and optimize ads as soon as they’re put into rotation, ensuring your ad spend is meeting your targets and allowing for fast and flexible changes if needed.Simple access to supplyEven the most powerful programmatic video advertising platform is no good if it’s impractical to get running. Look for partners that allows instant access to supply through tried-and-true platforms like Google Display & Video 360, Magnite, and others. On top of that, you should seek out a private exchange to ensure access to premium inventory.4 points for publishers in search of the best programmatic platformYou work hard to make the best apps for your users, and you deserve to partner up with a programmatic video advertising platform that works hard too. Serving video ads that both keep users engaged and your profits rising can be a tricky needle to thread, but the right platform should make your part of the process simple and effective.A large selection of advertisersEncountering the same ads over and over again can get old fast — and diminish engagement. On top of that, a small selection of advertisers means fewer chances for your users to connect with an ad and convert — which means less revenue, too. The ideal programmatic video advertising platform will partner with thousands of advertisers to fill your placements with fresh, engaging content.Rewarded videos and offerwallsInterstitial video ads aren’t likely to disappear any time soon, but players strongly prefer other means of advertisement. In fact, 76% of US mobile gamers say they prefer rewarded videos over interstitial ads. Giving players the choice of when to watch ads, with the inducement of in-game rewards, can be very powerful — and an offerwall is another powerful way to put the ball in your player’s court.Easy supply-side SDK integrationThe time your developers spend integrating a new video programmatic advertising solution into your apps is time they could have spent making those apps more engaging for users. While any backend adjustment will naturally take some time to implement, your new programmatic partner should offer a powerful, industry-standard SDK to make the process fast and non-disruptive.Support for programmatic mediationMediators such as LevelPlay by ironSource automatically prioritize ad demand from multiple third-party networks, optimizing your cash flow and reducing work on your end. Your programmatic video advertising platform should seamlessly integrate with mediators to make the most of each ad placement, every time.Pick a powerful programmatic partnerThankfully, advertisers and publishers alike can choose one solution that checks all the above boxes and more. For advertisers, the ironSource Programmatic Marketplace will connect you with targeted audiences in thousands of apps that gel with your brand. For publishers, ironSource’s marketplace means a massive selection of ads that your users and your bottom line will love.

Outdated coding practices and memory-unsafe languages like C are putting software, including cryptographic libraries, at risk. Fortunately, memory-safe languages like Rust, along with formal verification tools, are now mature enough to be used at scale, helping prevent issues like crashes, data corruption, flawed implementation, and side-channel attacks. To address these vulnerabilities and improve memory safety, we’re rewriting SymCrypt (opens in new tab)—Microsoft’s open-source cryptographic library—in Rust. We’re also incorporating formal verification methods. SymCrypt is used in Windows, Azure Linux, Xbox, and other platforms. Currently, SymCrypt is primarily written in cross-platform C, with limited use of hardware-specific optimizations through intrinsics (compiler-provided low-level functions) and assembly language (direct processor instructions). It provides a wide range of algorithms, including AES-GCM, SHA, ECDSA, and the more recent post-quantum algorithms ML-KEM and ML-DSA.  Formal verification will confirm that implementations behave as intended and don’t deviate from algorithm specifications, critical for preventing attacks. We’ll also analyze compiled code to detect side-channel leaks caused by timing or hardware-level behavior. Proving Rust program properties with Aeneas Program verification is the process of proving that a piece of code will always satisfy a given property, no matter the input. Rust’s type system profoundly improves the prospects for program verification by providing strong ownership guarantees, by construction, using a discipline known as “aliasing xor mutability”. For example, reasoning about C code often requires proving that two non-const pointers are live and non-overlapping, a property that can depend on external client code. In contrast, Rust’s type system guarantees this property for any two mutably borrowed references. As a result, new tools have emerged specifically for verifying Rust code. We chose Aeneas (opens in new tab) because it helps provide a clean separation between code and proofs. Developed by Microsoft Azure Research in partnership with Inria, the French National Institute for Research in Digital Science and Technology, Aeneas connects to proof assistants like Lean (opens in new tab), allowing us to draw on a large body of mathematical proofs—especially valuable given the mathematical nature of cryptographic algorithms—and benefit from Lean’s active user community. Compiling Rust to C supports backward compatibility   We recognize that switching to Rust isn’t feasible for all use cases, so we’ll continue to support, extend, and certify C-based APIs as long as users need them. Users won’t see any changes, as Rust runs underneath the existing C APIs. Some users compile our C code directly and may rely on specific toolchains or compiler features that complicate the adoption of Rust code. To address this, we will use Eurydice (opens in new tab), a Rust-to-C compiler developed by Microsoft Azure Research, to replace handwritten C code with C generated from formally verified Rust. Eurydice (opens in new tab) compiles directly from Rust’s MIR intermediate language, and the resulting C code will be checked into the SymCrypt repository alongside the original Rust source code. As more users adopt Rust, we’ll continue supporting this compilation path for those who build SymCrypt from source code but aren’t ready to use the Rust compiler. In the long term, we hope to transition users to either use precompiled SymCrypt binaries (via C or Rust APIs), or compile from source code in Rust, at which point the Rust-to-C compilation path will no longer be needed. Microsoft research podcast Ideas: AI and democracy with Madeleine Daepp and Robert Osazuwa Ness As the “biggest election year in history” comes to an end, researchers Madeleine Daepp and Robert Osazuwa Ness and Democracy Forward GM Ginny Badanes discuss AI’s impact on democracy, including the tech’s use in Taiwan and India. Listen now Opens in a new tab Timing analysis with Revizor  Even software that has been verified for functional correctness can remain vulnerable to low-level security threats, such as side channels caused by timing leaks or speculative execution. These threats operate at the hardware level and can leak private information, such as memory load addresses, branch targets, or division operands, even when the source code is provably correct.  To address this, we’re extending Revizor (opens in new tab), a tool developed by Microsoft Azure Research, to more effectively analyze SymCrypt binaries. Revizor models microarchitectural leakage and uses fuzzing techniques to systematically uncover instructions that may expose private information through known hardware-level effects.   Earlier cryptographic libraries relied on constant-time programming to avoid operations on secret data. However, recent research has shown that this alone is insufficient with today’s CPUs, where every new optimization may open a new side channel.  By analyzing binary code for specific compilers and platforms, our extended Revizor tool enables deeper scrutiny of vulnerabilities that aren’t visible in the source code. Verified Rust implementations begin with ML-KEM This long-term effort is in alignment with the Microsoft Secure Future Initiative and brings together experts across Microsoft, building on decades of Microsoft Research investment in program verification and security tooling. A preliminary version of ML-KEM in Rust is now available on the preview feature/verifiedcrypto (opens in new tab) branch of the SymCrypt repository. We encourage users to try the Rust build and share feedback (opens in new tab). Looking ahead, we plan to support direct use of the same cryptographic library in Rust without requiring C bindings.  Over the coming months, we plan to rewrite, verify, and ship several algorithms in Rust as part of SymCrypt. As our investment in Rust deepens, we expect to gain new insights into how to best leverage the language for high-assurance cryptographic implementations with low-level optimizations.  As performance is key to scalability and sustainability, we’re holding new implementations to a high bar using our benchmarking tools to match or exceed existing systems. Looking forward  This is a pivotal moment for high-assurance software. Microsoft’s investment in Rust and formal verification presents a rare opportunity to advance one of our key libraries. We’re excited to scale this work and ultimately deliver an industrial-grade, Rust-based, FIPS-certified cryptographic library. Opens in a new tab

In a nutshell: As nations set ever more ambitious targets for renewable energy and electrification, the humble high-voltage cable has emerged as a linchpin – and a potential chokepoint – in the race to decarbonize the global economy. A Bloomberg interview with Claes Westerlind, CEO of NKT, a leading cable manufacturer based in Denmark, explains why. A global surge in demand for high-voltage electricity cables is threatening to stall the clean energy revolution, as the world's ability to build new wind farms, solar plants, and cross-border power links increasingly hinges on a supply chain bottleneck few outside the industry have considered. At the center of this challenge is the complex, capital-intensive process of manufacturing the giant cables that transport electricity across hundreds of miles, both over land and under the sea. Despite soaring demand, cable manufacturers remain cautious about expanding capacity, raising questions about whether the pace of electrification can keep up with climate ambitions, geopolitical tensions, and the practical realities of industrial investment. High-voltage cables are the arteries of modern power grids, carrying electrons from remote wind farms or hydroelectric dams to the cities and industries that need them. Unlike the thin wires that run through a home's walls, these cables are engineering marvels – sometimes as thick as a person's torso, armored to withstand the crushing pressure of the ocean floor, and designed to last for decades under extreme electrical and environmental stress. "If you look at the very high voltage direct current cable, able to carry roughly two gigawatts through two pairs of cables – that means that the equivalent of one nuclear power reactor is flowing through one cable," Westerlind told Bloomberg. The process of making these cables is as specialized as it is demanding. At the core is a conductor, typically made of copper or aluminum, twisted together like a rope for flexibility and strength. Around this, manufacturers apply multiple layers of insulation in towering vertical factories to ensure the cable remains perfectly round and can safely contain the immense voltages involved. Any impurity in the insulation, even something as small as an eyelash, can cause catastrophic failure, potentially knocking out power to entire cities. // Related Stories As the world rushes to harness new sources of renewable energy, the demand for high-voltage direct current (HVDC) cables has skyrocketed. HVDC technology, initially pioneered by NKT in the 1950s, has become the backbone of long-distance power transmission, particularly for offshore wind farms and intercontinental links. In recent years, approximately 80 to 90 percent of new large-scale cable projects have utilized HVDC, reflecting its efficiency in transmitting electricity over vast distances with minimal losses. But this surge in demand has led to a critical bottleneck. Factories that produce these cables are booked out for years, Westerlind reports, and every project requires custom engineering to match the power needs, geography, and environmental conditions of its route. According to the International Energy Agency, meeting global clean energy goals will require building the equivalent of 80 million kilometers (around 49.7 million miles) of new grid infrastructure by 2040 – essentially doubling what has been constructed over the past century, but in just 15 years. Despite the clear need, cable makers have been slow to add capacity due to reasons that are as much economic and political as technical. Building a new cable factory can cost upwards of a billion euros, and manufacturers are wary of making such investments without long-term commitments from utilities or governments. "For a company like us to do investments in the realm of €1 or 2 billion, it's a massive commitment... but it's also a massive amount of demand that is needed for this investment to actually make financial sense over the next not five years, not 10 years, but over the next 20 to 30 years," Westerlind said. The industry still bears scars from a decade ago, when anticipated demand failed to materialize and expensive new facilities sat underused. Some governments and transmission system operators are trying to break the logjam by making "anticipatory investments" – committing to buy cable capacity even before specific projects are finalized. This approach, backed by regulators, gives manufacturers the confidence to expand, but it remains the exception rather than the rule. Meanwhile, the industry's structure itself creates barriers to rapid expansion, according to Westerlind. The expertise, technology, and infrastructure required to make high-voltage cables are concentrated in a handful of companies, creating what analysts describe as a "deep moat" that is difficult for new entrants to cross. Geopolitical tensions add another layer of complexity. China has built more HVDC lines than any other country, although Western manufacturers, such as NKT, maintain a technical edge in the most advanced cable systems. Still, there is growing concern in Europe and the US about becoming dependent on foreign suppliers for such critical infrastructure, especially in light of recent global conflicts and trade disputes. "Strategic autonomy is very important when it comes to the core parts and the fundamental parts of your society, where the grid backbone is one," Westerlind noted. The stakes are high. Without a rapid and coordinated push to expand cable manufacturing, the world's clean energy transition could be slowed not by a lack of wind or sun but by a shortage of the cables needed to connect them to the grid. As Westerlind put it, "We all know it has to be done... These are large investments. They are very expensive investments. So also the governments have to have a part in enabling these anticipatory investments, and making it possible for the TSOs to actually carry forward with them."

Solar air heating is among the most cost-effective applications of solar thermal energy. These systems are used for space heating and preheating fresh air for ventilation, typically using glazed or unglazed perforated solar collectors. The collectors draw in outside air, heat it using solar energy, and then distribute it through ductwork to meet building heating and fresh air needs. In 2024, Canada led again the world for the at least seventh year in a row in solar air heating adoption. The four key suppliers – Trigo Energies, Conserval Engineering, Matrix Energy, and Aéronergie – reported a combined 26,203 m2 (282,046 ft2) of collector area sold last year. Several of these providers are optimistic about the growing demand. These findings come from the newly released Canadian Solar Thermal Market Survey 2024, commissioned by Natural Resources Canada. Canada is the global leader in solar air heating. The market is driven by a strong network of experienced system suppliers, optimized technologies, and a few small favorable funding programs – especially in the province of Quebec. Architects and developers are increasingly turning to these cost-effective, façade-integrated systems as a practical solution for reducing onsite natural gas consumption. Despite its cold climate, Canada benefits from strong solar potential with solar irradiance in many areas rivaling or even exceeding that of parts of Europe. This makes solar air heating not only viable, but especially valuable in buildings with high fresh air requirements including schools, hospitals, and offices. The projects highlighted in this article showcase the versatility and relevance of solar air heating across a range of building types, from new constructions to retrofits. Figure 1: Preheating air for industrial buildings: 2,750 m2 (29,600 ft2) of Calento SL solar air collectors cover all south-west and south-east facing facades of the FAB3R factory in Trois-Rivières, Quebec. The hourly unitary flow rate is set at 41 m3/m2 or 2.23 cfm/ft2 of collector area, at the lower range because only a limited number of intake fans was close enough to the solar façade to avoid long ventilation ductwork. Photo: Trigo Energies Quebec’s solar air heating boom: the Trigo Energies story Trigo Energies makes almost 90 per cent of its sales in Quebec. “We profit from great subsidies, as solar air systems are supported by several organizations in our province – the electricity utility Hydro Quebec, the gas utility Energir and the Ministry of Natural Resources,” explained Christian Vachon, Vice President Technologies and R&D at Trigo Energies. Trigo Energies currently has nine employees directly involved in planning, engineering and installing solar air heating systems and teams up with several partner contractors to install mostly retrofit projects. “A high degree of engineering is required to fit a solar heating system into an existing factory,” emphasized Vachon. “Knowledge about HVAC engineering is as important as experience with solar thermal and architecture.” One recent Trigo installation is at the FAB3R factory in Trois-Rivières. FAB3R specializes in manufacturing, repairing, and refurbishing large industrial equipment. Its air heating and ventilation system needed urgent renovation because of leakages and discomfort for the workers. “Due to many positive references he had from industries in the area, the owner of FAB3R contacted us,” explained Vachon. “The existence of subsidies helped the client to go for a retrofitting project including solar façade at once instead of fixing the problems one bit at a time.” Approximately 50 per cent of the investment costs for both the solar air heating and the renovation of the indoor ventilation system were covered by grants and subsidies. FAB3R profited from an Energir grant targeted at solar preheating, plus an investment subsidy from the Government of Quebec’s EcoPerformance Programme.   Blue or black, but always efficient: the advanced absorber coating In October 2024, the majority of the new 2,750 m² (29,600 ft2) solar façade at FAB3R began operation (see figure 1). According to Vachon, the system is expected to cover approximately 13 per cent of the factory’s annual heating demand, which is otherwise met by natural gas. Trigo Energies equipped the façade with its high-performance Calento SL collectors, featuring a notable innovation: a selective, low-emissivity coating that withstands outdoor conditions. Introduced by Trigo in 2019 and manufactured by Almeco Group from Italy, this advanced coating is engineered to maximize solar absorption while minimizing heat loss via infrared emission, enhancing the overall efficiency of the system. The high efficiency coating is now standard in Trigo’s air heating systems. According to the manufacturer, the improved collector design shows a 25 to 35 per cent increase in yield over the former generation of solar air collectors with black paint. Testing conducted at Queen’s University confirms this performance advantage. Researchers measured the performance of transpired solar air collectors both with and without a selective coating, mounted side-by-side on a south-facing vertical wall. The results showed that the collectors with the selective coating produced 1.3 to 1.5 times more energy than those without it. In 2024, the monitoring results were jointly published by Queen’s University and Canmat Energy in a paper titled Performance Comparison of a Transpired Air Solar Collector with Low-E Surface Coating. Selective coating, also used on other solar thermal technologies including glazed flat plate or vacuum tube collectors, has a distinctive blue color. Trigo customers can, however, choose between blue and black finishes. “By going from the normal blue selective coating to black selective coating, which Almeco is specially producing for Trigo, we lose about 1 per cent in solar efficiency,” explained Vachon. Figure 2: Building-integrated solar air heating façade with MatrixAir collectors at the firehall building in Mont Saint Hilaire, south of Montreal. The 190 m2 (2,045 ft2) south-facing wall preheats the fresh air, reducing natural gas consumption by 18 per cent compared to the conventional make-up system. Architect: Leclerc Architecture. Photo: Matrix Energy Matrix Energy: collaborating with architects and engineers in new builds The key target customer group of Matrix Energy are public buildings – mainly new construction. “Since the pandemic, schools are more conscious about fresh air, and solar preheating of the incoming fresh air has a positive impact over the entire school year,” noted Brian Wilkinson, President of Matrix Energy. Matrix Energy supplies systems across Canada, working with local partners to source and process the metal sheets used in their MatrixAir collectors. These metal sheets are perforated and then formed into architectural cladding profiles. The company exclusively offers unglazed, single-stage collectors, citing fire safety concerns associated with polymeric covers. “We have strong relationships with many architects and engineers who appreciate the simplicity and cost-effectiveness of transpired solar air heating systems,” said President Brian Wilkinson, describing the company’s sales approach. “Matrix handles system design and supplies the necessary materials, while installation is carried out by specialized cladding and HVAC contractors overseen by on-site architects and engineers,” Wilkinson added. Finding the right flow: the importance of unitary airflow rates One of the key design factors in solar air heating systems is the amount of air that passes through each square meter of the perforated metal absorber,  known as the unitary airflow rate. The principle is straightforward: higher airflow rates deliver more total heat to the building, while lower flow rates result in higher outlet air temperatures. Striking the right balance between air volume and temperature gain is essential for efficient system performance. For unglazed collectors mounted on building façades, typical hourly flow rates should range between 120 and 170 (m3/h/m2), or 6.6 to 9.4 cfm/ft2. However, Wilkinson suggests that an hourly airflow rate of around 130 m³/h/m² (7.2 cfm/ft2) offers the best cost-benefit balance for building owners. If the airflow is lower, the system will deliver higher air temperatures, but it would then need a much larger collector area to achieve the same air volume and optimum performance, he explained. It’s also crucial for the flow rate to overcome external wind pressure. As wind passes over the absorber, air flow through the collector’s perforations is reduced, resulting in heat losses to the environment. This effect becomes even more pronounced in taller buildings, where wind exposure is greater. To ensure the system performs well even in these conditions, higher hourly airflow rates typically between 150 and 170 m³/m² (8.3 to 9.4 cfm/ft2)  are necessary. Figure 3: One of three apartment blocks of the Maple House in Toronto’s Canary District. Around 160 m2 (1,722 ft2) of SolarWall collectors clad the two-storey mechanical penthouse on the roof. The rental flats have been occupied since the beginning of 2024. Collaborators: architects-Alliance, Claude Cormier et Associés, Thornton Tomasetti, RWDI, Cole Engineering, DesignAgency, MVShore, BA Group, EllisDon. Photo: Conserval Engineering Solar air heating systems support LEED-certified building designs Solar air collectors are also well-suited for use in multi-unit residential buildings. A prime example is the Canary District in Toronto (see Figure 3), where single-stage SolarWall collectors from Conserval Engineering have been installed on several MURBs to clad the mechanical penthouses. “These penthouses are an ideal location for our air heating collectors, as they contain the make-up air units that supply corridor ventilation throughout the building,” explained Victoria Hollick, Vice President of Conserval Engineering. “The walls are typically finished with metal façades, which can be seamlessly replaced with a SolarWall system – maintaining the architectural language without disruption.” To date, nine solar air heating systems have been commissioned in the Canary District, covering a total collector area of over 1,000 m² (10,764 ft2). “Our customers have many motivations to integrate SolarWall technology into their new construction or retrofit projects, either carbon reduction, ESG, or green building certification targets,” explained Hollick. The use of solar air collectors in the Canary District was proposed by architects from the Danish firm Cobe. The black-colored SolarWall system preheats incoming air before it is distributed to the building’s corridors and common areas, reducing reliance on natural gas heating and supporting the pursuit of LEED Gold certification. Hollick estimates the amount of gas saved between 10 to 20 per cent of the total heating load for the corridor ventilation of the multi-unit residential buildings. Additional energy-saving strategies include a 50/50 window-to-wall ratio with high-performance glazing, green roofs, high-efficiency mechanical systems, LED lighting, and Energy Star-certified appliances. The ideal orientation for a SolarWall system is due south. However, the systems can be built at any orientation up to 90° east and west, explained Hollick. A SolarWall at 90° would have approximately 60 per cent of the energy production of the same area facing south.Canada’s expertise in solar air heating continues to set a global benchmark, driven by supporting R&D, by innovative technologies, strategic partnerships, and a growing portfolio of high-impact projects. With strong policy support and proven performance, solar air heating is poised to play a key role in the country’s energy-efficient building future. Figure 4: Claude-Bechard Building in Quebec is a showcase project for sustainable architecture with a 72 m2 (775 ft2) Lubi solar air heating wall from Aéronergie. It serves as a regional administrative center. Architectural firm: Goulet et Lebel Architectes. Photo: Art Massif Bärbel Epp is the general manager of the German Agency solrico, whose focus is on solar market research and international communication. The post Op-ed: Canada’s leadership in solar air heating—Innovation and flagship projects appeared first on Canadian Architect.

PlayStation Studios boss Hermen Hulst has insisted that Bungie's upcoming live service shooter Marathon won't make the same mistakes as Concord.Discussing the company's live service ambitions during a fireside chat aimed at investors, Hulst said the market remains a "great opportunity" for PlayStation despite the company having a decidedly patchy track record when it comes to live service offerings.Last year, the company launched and swiftly scrapped live service hero shooter Concord after it failed to hit the ground running. It shuttered developer Firewalk weeks later after conceding the title "did not hit our targets."Sony scrapped two more live services titles in development at internal studios Bluepoint Games and Bend Studios in January this year. Earlier this week, it confirmed an undisclosed number of workers at Bend had been laid off as the studio transitions to its next project.Hulst said the company has learned hard lessons from those failures, and believes Marathon is well positioned to succeed as a result. "There are som unique challenges associated [with live service titles]. We've had some early successes as with Helldivers II. We've also faced some challenges, as with the release of Concord," said Hulst."I think that some really good work went into that title. Some really big efforts. But ultimately that title entered into a hyper-competitive segment of the market. I think it was insufficiently differentiated to be able to resonate with players. So we have reviewed our processes in light of this to deeply understand how and why that title failed to meet expectations—and to ensure that we are not going to make the same mistakes again."Related:PlayStation Studios boss claims the demise of Concord presented a learning opportunityHulst said PlayStation Studios has now implemented more rigorous processes for validating and revalidating its creative, commercial, and development assumptions and hypothesis. "We do that on a much more ongoing basis," he added. "That's the plan that will ensure we're investing in the right opportunities at the right time, all while maintaining much more predictable timelines for Marathon."The upcoming shooter is set to be the first new Bungie title in over a decade—and the first project outside of Destiny the studio has worked on since it was acquired by PlayStation in 2022.Hulst said the aim is to release a "very bold, very innovative, and deeply engaging title." He explained Marathon is currently navigating test cycles that have yielded "varied" feedback, but said those mixed impressions have been "super useful."Related:"That's why you do these tests. The constant testing and constant revalidation of assumptions that we just talked about, to me, is so valuable to iterate and to constantly improves the title," he added. "So when launch comes we're going to give the title the optimal chance of success."Hulst might be exuding confidence, but a recent report from Forbes claimed morale is in "free fall" at Bungie after the studio admitted to using stolen art assets in Marathon. That "varied" player feedback has also reportedly caused concern internally ahead of Marathon's proposed September 23 launch date.The studio was also made to ensure layoffs earlier this year, with Sony cutting 220 roles after exceeding "financial safety margins."