An open international competition is being held to transform the central market area of Pazardzhik, Bulgaria (Deadline: 1 September) The ‘Pazardzhik Central Market Area’ competition – organised by OPTIMISTAS on behalf of the Municipality of Pazardzhik – seeks innovative urban and architectural solutions to revitalise the historic market zone which serves as a key commercial and social hub for the wider city centre. The competition invites participants to propose a new vision for one of the city’s most significant public spaces located a short distance from Mineral Baths Park, Saedinenie Square and a shopping centre. The project aims to deliver a contemporary, multifunctional public space that strengthens the identity and vibrancy of Pazardzhik. Competition site: Pazardzhik market, Bulgaria According to the brief: ‘This is a unique opportunity for creators from all over the world to contribute to the development of Pazardzhik’s central area with ideas that preserve cultural heritage and inspire future generations. ‘A chance is emerging for bold architectural and urban inspiration that will confidently combine history with modernity, creating a new recognisable face for the city. ‘The Municipality of Pazardzhik believes that responsibility towards the urban environment is a duty to both past and future generations. ‘The launch of this competition demonstrates our choice to plan thoughtfully, create carefully, and attract ideas with an open heart. The responsibility to preserve and develop the spirit of the city market is our mission and commitment to the city and its residents.’ Located 112km southeast of Sofia, Pazardzhik – named after the Turkish word for market – is a historic city on the banks of the Maritsa River with around 50,000 inhabitants. The latest contest comes less than a year after an international contest was held to upgrade the historic market square of Stara Zagora in Bulgaria. The latest competition calls for a new vision for Pazardzhik’s main market – reorganising trading spaces, improving pedestrian and cycling access, integrating greenery and relaxation zones, resolving vehicle and parking issues and ensuring accessibility. The contest site, located in the heart of Pazardzhik, is characterised by its historic market function, proximity to key civic and cultural institutions, and its potential to serve as a catalyst for broader urban regeneration. Designs will be expected to include covered and open market areas, modern amenities and multifunctional, year-round public space. The competition is open to all Bulgarian and international architects. The competition language is Bulgarian and submissions will be assessed anonymously by a yet-to-be-announced jury featuring seven international members. Submissions will be evaluated 25 per cent on urban concept, 25 per cent on functional solution, 20 per cent on innovation, 20 per cent on design and 10 per cent on project value. The overall winner – due to be announced on 17 September – will receive a €7,500 prize while a second prize of €5,000 and third prize of €2,500 will also be awarded. The winning team will also be invited to negotiate for an estimated €75,000 contract for further design development and the implementation of their proposal. How to apply Deadline: 1 September Competition funding source: Municipality of Pazardzhik Project funding source: Municipality of Pazardzhik Owner of site(s): Municipality of Pazardzhik Contact: pazardzhikmarket@competition.bgVisit the competition website for more information

Becky Luigart-Stayner for Country LivingCountry Living editors select each product featured. If you buy from a link, we may earn a commission. Why Trust Us?Like a well-made quilt, a classic farmhouse aesthetic comes together gradually—a little bit of this, a touch of that. Each addition is purposeful and personal—and isn’t that what home is all about, really? If this type of slowed-down style speaks to you, you're probably already well aware that Etsy is a treasure trove of finds both new and old to fit your timeless farmhouse aesthetic. But with more than eight million active sellers on its marketplace, sometimes the possibilities—vintage feed sacks! primitive pie safes! galvanized grain scoops!—can quickly go from enticing to overwhelming.To better guide your search for the finest farmhouse furnishings, we’ve gathered a go-to list of editor-and designer-beloved Etsy shops which, time and again, turn out hardworking, homespun pieces of heirloom quality. From beautiful antique bureaus to hand-block-printed table linens, the character-rich wares from these sellers will help you design the farmhouse of your dreams, piece by precious piece. Related Stories For Antique AmericanaAcorn and Alice Every good old-fashioned farmhouse could use some traditional Americana to set the tone, and this Pennsylvania salvage shop offers rustic touches loaded with authentic antique allure. Aged wooden wares abound (think vintage milk crates, orchard fruit baskets, and berry boxes), as well as a grab bag of cotton and burlap feed sacks, perfect for framing as sets or crafting into footstool covers or throw pillows. For French Country TextilesForest and LinenThere’s nothing quite like breezy natural fabrics to make you want to throw open all the windows and let that country air in while the pie cools. Unfussy and lightweight, the hand-crafted curtains, bedding, and table linens from these Lithuanian textile experts have a classic understated quality that would be right at home in the coziest guest room or most bustling kitchen. Warm, welcoming hues range from marigold yellow to cornflower blue, but soft gingham checkers and timeless French ticking feel especially farm-fresh. Our current favorite? These cherry-striped country cafe curtains. Becky Luigart-Stayner for Country LivingVintage red torchons feel right at home in a farmhouse kitchenFor Rustic RugsOld New HouseWhether or not you’re lucky enough to have gorgeous wide-plank floors, an antique area rug or runner can work wonders for giving a room instant character and warmth. This fifth-generation family-run retailer specializes in importing heirloom hand-knotted carpets dating back to the 1800s, with a focus on traditional designs from the masters in Turkey, India, Persia, and more. Their vast variety of sizes and styles offers something for every aesthetic, with one-of-a-kind patterns ranging from distressed neutrals to chain-stitched florals to ornate arabesques. For Pillows and ProvisionsHabitation BohemeIn true farmhouse fashion, this Indiana shop has curated an enticing blend of handcrafted and vintage homewares that work effortlessly well together. A line of cozy hand-stitched linen pillow covers (patterned with everything from block-printed blossoms to provincial pinstripes) sits prettily alongside a mix of found objects, from patinated brass candlesticks and etched cloisonné vases to sturdy stoneware crockery and woven wicker baskets. For Elegant Everyday DishwareConvivial ProductionSimple, yet undeniably stunning, the handcrafted dinnerware from this Missouri-based ceramist is designed with durability in mind. Produced in a single, time-tested shade of ivory white glaze, these practical stoneware cups, bowls, and plates make the perfect place settings for lively farm-to-table feasts with friends and family. Beautifully balancing softness and heft, each dish is meant to feel comfortable when being held and passed, but also to look attractive when stacked upon open shelving. For English Country Antiques1100 West Co.This Illinois antiques shop is stocked with all manner of versatile vintage vessels culled from the English countryside, from massive stoneware crocks to charming little escargot pots. Their collection of neutral containers can be adapted for nearly any provincial purpose (envision white ironstone pitchers piled high with fresh-picked hyacinths, or glass canning jars holding your harvest grains), but we especially love their assortment of old advertising—from toothpaste pots to marmalade jars and ginger beer bottles galore—for a nice little nod to the quintessential country practice of repurposing what you’ve got. Brian Woodcock/Country LivingPretty English ironstone will always have our heart.For a Cozy GlowOlde Brick LightingConstructed by hand from cord to shade, the vintage-inspired lighting produced by this Pennsylvania retailer is a tribute to the iconic quality and character of old American fixtures. Nostalgic design elements include hand-blown glass (crafted using cast-iron molds from over 80 years ago) and finishes ranging from matte black to brushed nickel and antique brass. To create an authentic farmhouse ambiance, check out their gooseneck sconces, enameled red and blue barn lights, and milky white striped schoolhouse flush mounts. For Enduring ArtifactsThrough the PortholeThe weathered, artisan-made wares curated by this California husband-and-wife duo have been hand-selected from around the globe for their time-etched character. From gorgeous gray-black terracotta vases and rust-colored Turkish clay pots to patinated brass cow bells and rustic reclaimed elm stools, each item is a testament to the lasting beauty of classic materials, with storied sun-bleaching and scratches befitting the most beloved, lived-in rooms. For Winsome Wall ArtEugenia Ciotola ArtThrough graceful brushstrokes and textural swirls of paint, Maryland-based artist Eugenia Ciotola has captured the natural joy of a life that’s simple and sweet. Her pieces celebrate quiet scenes of bucolic beauty, from billowing bouquets of peonies to stoic red barns sitting in fields of wavy green. For a parlor gallery or gathering space, we gravitate toward her original oils on canvas—an impasto still life, perhaps, or a plainly frocked maiden carrying a bountiful bowl of lemons—while her stately farm animal portraits (regal roosters! ruff collared geese!) would look lovely in a child’s nursery.For Time-Tested Storage SolutionsMaterials DivisionFunction is forefront for this farmhouse supplier operating out of New York, whose specialized selection of vintage provisions have lived out dutiful lives of purpose. Standouts include a curated offering of trusty antique tool boxes and sturdy steel-clad trunks whose rugged patina tells the story of many-a household project. Meanwhile, a hardworking mix of industrial wire and woven wood gathering baskets sits handsomely alongside heavy-duty galvanized garbage bins and antique fireplace andirons.For Pastoral PrimitivesComfort Work RoomFull of history and heritage, the old, hand-fabricated furnishings and primitive wooden tools in this unique Ukrainian antique shop are rural remnants of simpler times gone by. Quaint kitchen staples like chippy chiseled spoons, scoops, and cutting boards make an accessible entry point for the casual collector, while scuffed up dough troughs, butter churns, washboards, and barrels are highly desirable conversation pieces for any antique enthusiast who’s dedicated to authentic detail. Becky Luigart-Stayner for Country LivingAntique washboards make for on-theme wall art in a laundry roomFor Heirloom-Quality CoverletsBluegrass QuiltsNo layered farmhouse look would be complete without the homey, tactile touch of a hand-pieced quilt or two draped intentionally about the room. From harvest-hued sawtooth stars to playful patchwork pinwheels, each exquisite blanket from this Kentucky-based artisan is slow-crafted in traditional fashion from 100% cotton materials, and can even be custom stitched from scratch to match your personal color palette and decorative purpose. For a classic country aesthetic, try a log cabin, double diamond, or star patch pattern. For Hand-Crafted GiftsSelselaFeaturing a busy barnyard’s worth of plucky chickens, cuddly sheep, and happy little Holstein cows, this Illinois woodworker’s whimsical line of farm figurines and other giftable goodies (think animal wine stoppers, keychains, fridge magnets, and cake toppers) is chock-full of hand-carved charm. Crafted from 100% recycled birch and painted in loving detail, each creature has a deliberately rough-hewn look and feel worthy of any cozy and collected home. For Open-Concept CabinetryFolkhausA hallmark of many modern farmhouses, open-concept shelving has become a stylish way to show that the practical wares you use everyday are the same ones you’re proud to put on display. With their signature line of bracketed wall shelves, Shaker-style peg shelves, and raw steel kitchen rails, the team at Folkhaus has created a range of open storage solutions that beautifully balances elevated design and rustic utility. Rounding out their collection is a selection of open-shelved accent pieces like bookcases, benches, and console tables—each crafted from character-rich kiln-dried timber and finished in your choice of stain.Related StoryFor Antique Farmhouse FurnitureCottage Treasures LVThe foundation of a well-furnished farmhouse often begins with a single prized piece. Whether it’s a slant-front desk, a primitive jelly cabinet, or a punched-tin pie safe, this established New York-based dealer has a knack for sourcing vintage treasures with the personality and presence to anchor an entire space. Distressed cupboards and cabinets may be their bread and butter (just look at this two-piece pine hutch!) but you’ll also find a robust roundup of weathered farm tables, Windsor chairs, and blanket chests—and currently, even a rare 1500s English bench. For Lively Table LinensMoontea StudioAs any devotee of slow decorating knows, sometimes it’s the little details that really bring a look home. For a spot of cheer along with your afternoon tea, we love the hand-stamped table linens from this Washington-based printmaker, which put a peppy, modern spin on farm-fresh produce. Patterned with lush illustrations of bright red tomatoes, crisp green apples, and golden sunflowers—then neatly finished with a color-coordinated hand-stitched trim—each tea towel, placemat, and napkin pays homage to the hours we spend doting over our gardens. For Traditional TransferwarePrior TimeThere’s lots to love about this Massachusetts antiques shop, which admittedly skews slightly cottagecore (the pink Baccarat perfume bottles! the hobnail milk glass vases! the huge primitive bread boards!) but the standout, for us, is the seller’s superior selection of dinner and serving ware. In addition to a lovely lot of mottled white ironstone platters and pitchers, you’ll find a curated mix of Ridgeway and Wedgwood transferware dishes in not only classic cobalt blue, but beautiful browns, greens, and purples, too.Becky Luigart-Stayner for Country LivingPretty brown transferware could be yours with one quick "add to cart."For Folk Art for Your FloorsKinFolk ArtworkDesigned by a West Virginia watercolor and oils artist with a penchant for painting the past, these silky chenille floor mats feature an original cast of colonial characters and folksy scenes modeled after heirloom textiles from the 18th and 19th centuries. Expect lots of early American and patriotic motifs, including old-fashioned flags, Pennsylvania Dutch fraktur, equestrian vignettes, and colonial house samplers—each made to mimic a vintage hooked rug for that cozy, homespun feeling. (We have to admit, the folk art-inspired cow and chicken is our favorite.)For Historical ReproductionsSchooner Bay Co.Even in the most painstakingly appointed interior, buying antique originals isn’t always an option (don’t ask how many times we’ve been outbid at an estate auction). And that’s where this trusted Pennsylvania-based retailer for historical reproductions comes in. Offering a colossal collection of framed art prints, decorative trays, and brass objects (think magnifying glasses, compasses, paperweights, and letter openers), these connoisseurs of the classics have decor for every old-timey aesthetic, whether it’s fox hunt prints for your cabin, Dutch landscapes for your cottage, or primitive animal portraits for your farmstead.For General Store StaplesFarmhouse EclecticsHand-plucked from New England antique shops, estate sales, and auctions, the salvaged sundries from this Massachusetts-based supplier (who grew up in an 1850s farmhouse himself) are the type you might spy in an old country store—wooden crates emblazoned with the names of local dairies, antique apple baskets, seed displays, signs, and scales. Whether you’re setting up your farmstand or styling your entryway, you’ll have plenty of storage options and authentic accents to pick from here. Becky Luigart-Stayner for Country LivingSo many food scales, so little time.Related StoriesJackie BuddieJackie Buddie is a freelance writer with more than a decade of editorial experience covering lifestyle topics including home decor how-tos, fashion trend deep dives, seasonal gift guides, and in-depth profiles of artists and creatives around the globe. She holds a degree in journalism from the University of North Carolina at Chapel Hill and received her M.F.A. in creative writing from Boston University. Jackie is, among other things, a collector of curiosities, Catskills land caretaker, dabbling DIYer, day hiker, and mom. She lives in the hills of Bovina, New York, with her family and her sweet-as-pie rescue dog.

Macworld Just in time for any international trip, Babbel is making it easier than ever to learn a new language—you can grab a lifetime subscription for $129.99 (reg. $599) with code LEARN40 thanks to this this exclusive StackSocial offer through June 30. Babbel is a full-fledged language education tool developed by a team of over 100 expert linguists and backed by research from institutions like Yale University and Michigan State. With over 10,000 hours of lessons spanning 14 languages, you’re covered whether you’re interested in Spanish, German, Indonesian, Turkish, and beyond.  Babbel’s lessons are intentionally designed to be digestible, yet functional, with each one lasting about 10 to 15 minutes. This lets you fit language learning seamlessly into your day, from a quick practice session over coffee to a full lesson in the evening. Speech recognition technology also helps you nail pronunciation while interactive, real-life topics like shopping and dining prepare you for real conversations. And with offline access, you can keep learning on the go by downloading lessons to your device, even without Wi-Fi.  Ready to add a new language to your roster? Get a Babbel lifetime subscription on sale for just $129.99 with code LEARN40 while this StackSocial deal still lasts. This coupon code expires June 30 at 11:59 p.m. PT. Babbel Language Learning: Lifetime Subscription (All Languages)See Deal StackSocial prices subject to change. 

ExpressVPN is good at its job. It's easy to be skeptical of any service with a knack for self-promotion, but don't let ExpressVPN's hype distract you from the fact that it keeps its front-page promise of "just working." Outside of solid security, the two best things ExpressVPN offers are fast speeds and a simple interface. Our tests showed only a 7% average drop in download speed and a 2% loss of upload speed, worldwide. And while the lack of extra features may frustrate experienced users, it makes for a true set-and-forget VPN on any platform. This isn't to say ExpressVPN is without flaws — it's nearly bereft of customization options and it's notably more expensive than its competition — but it beats most VPNs in a head-to-head matchup. For this review, we followed our rigorous 10-step VPN testing process, exploring ExpressVPN's security, privacy, speed, interfaces and more. Whether you read straight through or skip to the sections that are most important for you, you should come away with all the information you need to decide whether to subscribe. Editors' note: We're in the process of rebooting all of our VPN reviews from scratch. Once we do a fresh pass on the top services, we'll be updating each review with a rating and additional comparative information. Table of contents Findings at a glance Installing, configuring and using ExpressVPN ExpressVPN speed test: Very fast averages ExpressVPN security test: Checking for leaks How much does ExpressVPN cost? ExpressVPN side apps and bundles Close-reading ExpressVPN's privacy policy Can ExpressVPN change your virtual location? Investigating ExpressVPN's server network Extra features of ExpressVPN ExpressVPN customer support options ExpressVPN background check: From founding to Kape Technologies Final verdict Findings at a glance Category Notes Installation and UI All interfaces are clean and minimalist, with no glitches and not enough depth to get lost in Windows and Mac clients are similar in both setup and general user experience Android and iOS are likewise almost identical, but Android has a nice-looking dark mode Speed Retains a worldwide average of 93% of starting download speeds Upload speeds average 98% of starting speeds Latency rises with distance, but global average stayed under 300 ms in tests Security OpenVPN, IKEv2 and Lightway VPN protocols all use secure ciphers Packet-sniffing test showed working encryption We detected no IP leaks Blocks IPv6 and WebRTC by default to prevent leaks Pricing Base price: $12.95 per month or $99.95 per year Lowest prepaid rate: $4.99 per month Can save money by paying for 28 months in advance, but only once per account 30-day money-back guarantee Bundles ExpressVPN Keys password manager and ID alerts included on all plans Dedicated IP addresses come at an extra price ID theft insurance, data removal and credit scanning available to new one-year and two-year subscribers for free 1GB eSIM deal included through holiday.com Privacy policy No storage of connection logs or device logs permitted The only risky exceptions are personal account data (which doesn't leave the ExpressVPN website) and marketing data (which the policy says should be anonymized) An independent audit found that ExpressVPN's RAM-only server infrastructure makes it impossible to keep logs Virtual location change Successfully unblocked five international Netflix libraries, succeeding on 14 out of 15 attempts Server network 164 server locations in 105 countries 38% of servers are virtual, though most virtual locations are accessed through physical servers within 1,000 miles A large number of locations in South America, Africa and central Asia Features Simple but effective kill switch Can block ads, trackers, adult sites and/or malware sites but blocklists can't be customized Split tunneling is convenient but unavailable on iOS and modern Macs Aircove is the best VPN router, albeit expensive Customer support Setup and troubleshooting guides are organized and useful, with lots of screenshots and videos Live chat starts with a bot but you can get to a person within a couple minutes Email tickets are only accessible from the mobile apps or after live chat has failed Background check Founded in 2009; based in the British Virgin Islands Has never been caught selling or mishandling user data Turkish police seized servers in 2017 but couldn't find any logs of user activity Owned by Kape Technologies, which also owns CyberGhost and Private Internet Access A previous CIO formerly worked on surveillance in the United Arab Emirates; no evidence of shady behavior during his time at ExpressVPN Windows Version 12 leaked some DNS requests when Split Tunneling was active Installing, configuring and using ExpressVPN This section focuses on how it feels to use ExpressVPN on each of the major platforms where it's available. The first step for any setup process is to make an account on expressvpn.com and buy a subscription. Windows Once subscribed, download the Windows VPN from either expressvpn.com or the Microsoft Store, then open the .exe file. Click "Yes" to let it make changes, wait for the install, then let your computer reboot. Including the reboot, the whole process takes 5-10 minutes, most of it idle. To finish, you'll need your activation code, which you can find by going to expressvpn.com and clicking "Setup" in the top-right corner. You can install ExpressVPN's Windows app from the Microsoft store, but we found the website more convenient. Sam Chapman for Engadget Extreme simplicity is the watchword for all ExpressVPN's designs. The Windows client's launch panel consists of three buttons and less than ten words. You can change your location or let the app pick a location for you — the "Smart Location" is the server with the best combination of being nearby and unburdened. Everything else is crammed into the hamburger menu at the top left. Here, in seven tabs, you'll find the Network Lock kill switch, the four types of content blockers, the split tunneling menu and the option to change your VPN protocol. You can also add shortcuts to various websites, useful if you regularly use your VPN for the same online destinations. To sum up, there's almost nothing here to get in the way: no delays, no snags, no nested menus to get lost in. It may be the world's most ignorable VPN client. That's not a bad thing at all. Mac ExpressVPN's app for macOS is almost identical in design to its Windows app. The process for downloading and setting it up is nearly the same too. As on Windows, it can be downloaded from the App Store or sideloaded directly from the expressvpn.com download center. Only a few features are missing and a couple others have been added. Split tunneling is gone (unless you're still on a macOS lower than 11), and you won't see the Lightway Turbo setting. ExpressVPN recommends some servers, but it's easy to search the whole list. Sam Chapman for Engadget Mac users do gain access to the IKEv2 protocol, along with the option to turn off automatic IPv6 blocking — Windows users have to leave it blocked at all times. Almost every website is still accessible via IPv4, but it's useful if you do need to access a specific IPv6 address while the VPN is active. Android Android users can download ExpressVPN through the Google Play Store. Open the app, sign in and you're ready to go. The Android app has a very nice dark-colored design, only slightly marred by an unnecessary information box about how long you've used the VPN this week. ExpressVPN's Android app puts a little more information on the screen than it needs to, but still runs well. Sam Chapman for Engadget There's a large button for connecting. Clicking on the server name takes you to a list of locations. On this list, you can either search or scroll and can choose individual locations within a country that has more than one. We connected to as many far-flung server locations as we could, but not a single one took longer than a few seconds. The options menu is organized sensibly, with no option located more than two clicks deep. You will see a couple of options here that aren't available on desktop, the best of which is the ability to automatically connect to your last-used ExpressVPN server whenever your phone connects to a non-trusted wifi network. There are also a few general security tools: an IP address checker, DNS and WebRTC leak testers and a password generator. These are also available on the website, but here, they're built into the app. With the exception of the latter, we'd recommend using third-party testing tools instead — even a VPN with integrity has an incentive to make its own app look like it's working. iPhone and iPad You can only install ExpressVPN's iOS app through the app store. During setup, you may need to enter your password to allow your phone to use VPN configurations. Otherwise, there are no major differences from the Android process. ExpressVPN looks good on iPhone and iPad. Sam Chapman for Engadget The interface is not quite as pleasing as the dark-mode Android app, but it makes up for that by cutting out some of the clutter. The tabs and features are similar, though split tunneling and shortcuts are absent. Also, both mobile apps make customer support a lot more accessible than their desktop counterparts — plus, mobile is the only way to send email support tickets. Browser extension ExpressVPN also includes browser extensions for Firefox and Chrome. These let you connect, disconnect and change server locations without leaving your browser window. It's nice, but not essential unless you have a very specific web browser flow you like. ExpressVPN speed test: Very fast averages Connecting to a VPN almost always decreases your speed, but the best VPNs mitigate the drop as much as possible. We used Ookla's speed testing app to see how much of your internet speed ExpressVPN preserves. For this test, we emphasized the locations ExpressVPN uses for most of its virtual servers, including the Netherlands, Brazil, Germany and Singapore. Some terms before we start: Latency, measured in milliseconds (ms), is the time it takes one data packet to travel between your device and a web server through the VPN. Latency increases with distance. It's most important for real-time tasks like video chatting and online gaming. Download speed, measured in megabits per second (Mbps), is the amount of information that can download onto your device at one time — such as when loading a web page or streaming a video. Upload speed, also measured in Mbps, is the amount of information your device can send to the web at once. It's most important for torrenting, since the amount of data you can seed determines how fast you can download in exchange. The table below shows our results. We conducted this on Windows, using the automatic protocol setting with the Lightway Turbo feature active — a recent ExpressVPN addition that keeps speed more consistent by processing connections in parallel. Server location Latency (ms) Increase factor Download speed (Mbps) Percentage dropoff Upload speed (Mbps) Percentage dropoff Portland, Oregon, USA (unprotected) 18 -- 58.77 -- 5.70 -- Seattle, Washington, USA (best server) 26 1.4x 54.86 6.7% 5.52 3.2% New York, NY, USA 156 8.7x 57.25 2.6% 5.57 2.3% Amsterdam, Netherlands 306 17x 53.83 8.4% 5.58 2.1% São Paulo, Brazil 371 20.6x 53.82 8.4% 5.65 0.9% Frankfurt, Germany 404 22.4x 55.71 5.2% 5.67 0.5% Singapore, Singapore 381 21.2x 52.76 10.2% 5.64 1.0% Average 274 15.2x 54.71 6.9% 5.61 1.6% These are extremely good results. ExpressVPN is a winner on both download and upload speed. No matter where we went in the world, we never lost more than about 7% of our download speeds, and upload lost an astoundingly low average of 2%. This suggests that ExpressVPN deftly distributes its user load between servers to eliminate bottlenecks. This Ookla speedtest shows you can still get fast internet while connected to ExpressVPN -- our unprotected speeds are around 58 Mbps. Sam Chapman for Engadget The latency numbers look worse, but the rise in the table is less sharp than we projected. Ping length depends far more on distance than download speed does, so we expect it to shoot up on servers more than 1,000 miles from our location. Keeping the average below 300 ms, as ExpressVPN does here, is a strong showing. ExpressVPN security test: Checking for leaks A VPN's core mission is to hide your IP address and make you untraceable online. Our task in this section is to figure out if ExpressVPN can carry out this mission every time you connect. While we can't be 100% certain, the tests we'll run through below have led us to believe that ExpressVPN is currently leak-proof. Available VPN protocols A VPN protocol is like a common language that a VPN server can use to mediate between your devices and the web servers you visit. If a VPN uses outdated or insecure protocols, or relies on unique protocols with no visible specs or source code, that's a bad sign. Not all protocols are available on all apps, but Mac has the full range. Sam Chapman for Engadget ExpressVPN gives you a selection of three protocols: IKEv2, OpenVPN and Lightway. The first two are solid choices that support the latest encryption algorithms. OpenVPN has been fully open-source for years and is the best choice if privacy is your goal. While IKEv2 started life as a closed project by Microsoft and Cisco, ExpressVPN uses an open-source reverse-engineering, which is both better for privacy and quite fast. Lightway is the odd one out, a protocol you'll only find on ExpressVPN, though its source code is available on Github. It's similar to WireGuard, in that both reach for faster speeds and lower processing demands by keeping their codebases slim. However, Lightway was recently rewritten in Rust to better protect the keys stored in its memory. Ultimately, you can't go wrong with any of ExpressVPN's protocol options. 99% of the time, your best choice will be to set the controls to Automatic and let the VPN decide which runs best. Testing for leaks ExpressVPN is one of the best services, but it's not leak-proof (as you can read in the Background Check below). Luckily, checking for DNS leaks is a simple matter of checking your IP address before and after connecting to a VPN server. If the new address matches the VPN server, you're good; if not, your VPN is leaking. First, we checked the Windows app with split tunneling active to ensure the flaw really had been patched. We tested several servers and didn't find any leaks, which suggests the patch worked, though leaks were rare even before ExpressVPN fixed the vulnerability. We checked our IP while connected to the virtual India location, which is run from a physical server in Singapore. Don't worry -- it still looks like India to streaming services. Sam Chapman for Engadget In fact, we didn't find any leaks on any ExpressVPN server we tested on any platform. Though questions remain about iOS, as you'll see later in this section, that's a problem on Apple's end that even the best VPNs can do very little about for now. The most common cause of VPN leaks is the use of public DNS servers to connect users to websites, which can mistakenly send browsing activity outside the VPN's encrypted tunnel. ExpressVPN avoids the risks of the public system by installing its own DNS resolvers on every server. This is the key factor behind its clean bill of health in our leak testing. Two other common flaws can lead to VPN leaks: WebRTC traffic and IPv6. The former is a communication protocol used in live streaming and the latter is a new IP standard designed to expand domain availability. Both are nice, but currently optional, so ExpressVPN automatically blocks both to ensure there's no opportunity for leaks to arise. One note about VPN security on iOS: it's a known and continuing problem that iOS VPNs do not prevent many online apps from communicating with Apple directly, outside the VPN tunnel. This risks leaking sensitive data, even with Lockdown Mode active in iOS 16. A blog post by Proton VPN shares a workaround: connect to a VPN server, then turn Airplane Mode on and off again to end all connections that were active before you connected to the VPN. Testing encryption We finished up our battery of security tests by checking out ExpressVPN's encryption directly. Using WireShark, a free packet sniffer, we inspected what it looks like when ExpressVPN transmits data from one of its servers to the internet. The screenshot below shows a data stream encrypted with Lightway UDP. After connecting to ExpressVPN, HTTP packets were rendered unreadable while in transit. Sam Chapman for Engadget That lack of any identifiable information, or even readable information, means encryption is working as intended. We repeated the test several times, always getting the same result. This left us satisfied that ExpressVPN's core features are working as intended. How much does ExpressVPN cost? ExpressVPN subscriptions cost $12.95 per month. Long-term subscriptions can bring the monthly cost down, but the great deals they offer tend to only last for the first billing period. A 12-month subscription costs $99.95 and includes three months for free with your first payment, costing a total of $6.67 per month. The bonus disappears for all subsequent years, raising the monthly cost to $8.33. You can also sign up for 28 months at a cost of $139.72, but this is also once-only — ExpressVPN can only be renewed at the $99.95 per year level. There are two ways to test ExpressVPN for free before making a financial commitment. Users on iOS and Android can download the ExpressVPN app without entering any payment details and use it free for seven days. On any platform, there's a 30-day money-back guarantee, which ExpressVPN has historically honored with no questions asked. You will have to pay before you can use it, though. In our opinion, ExpressVPN's service is solid enough that it's worth paying extra. Perhaps not this much extra, but that depends on what you get out of it. We recommend using the 30-day refund period and seeing how well ExpressVPN works for you. If it's a VPN you can enjoy using, that runs fast and unblocks everything you need, that's worth a server's weight in gold. ExpressVPN side apps and bundles ExpressVPN includes some special features that work mostly or wholly separate from its VPN apps. Some of these come free with a subscription, while others add an extra cost. Every subscription includes the ExpressVPN keys password manager. This is available under its own tab on the Android and iOS apps. On desktop, you'll need to download a separate extension from your browser's store, then sign in using your account activation code. It's available on all Chromium browsers, but not Firefox. Starting in 2025, new subscribers get an eSIM plan through holiday.com, a separate service linked to ExpressVPN. The baseline 1GB holiday eSIM plans last for 5 days and can apply to countries, regions, or the entire world (though it's not clear whether the package deal applies to the regional and global plans). Longer-term plans include larger eSIM plans. You can add a dedicated IP address to your ExpressVPN subscription for an additional cost per month. A dedicated IP lets you use the same IP address every time you connect to ExpressVPN. You can add the address to whitelists on restricted networks, and you're assured to never be blocked because of someone else's bad activity on a shared IP. Unlike many of its competitors, ExpressVPN doesn't currently offer antivirus or online storage services, but there is a comprehensive bundle of ID protection tools called Identity Defender. We haven't reviewed any of these products in detail, but here's a list for reference: ID Alerts will inform you if any of your sensitive information is leaked or misused online. It's free with all plans, but you'll have to enter your personal information on your ExpressVPN account page or a mobile app. ID Theft Insurance grants up to $1 million in identity theft reimbursement and comes free with new ExpressVPN one-year or two-year subscriptions. It's not yet available to those who subscribed before it launched in October 2024. Data Removal scans for your information in data brokerages and automatically requests that it be deleted. It's also free with one-year and two-year plans. Credit Scanner is only available for United States users. It monitors your activity on the three credit bureaus so you can quickly spot any suspicious transactions. The Identity Defender features are currently only available to new ExpressVPN customers in the US. Close-reading ExpressVPN's privacy policy Although we worry that the consolidation of VPN brands under the umbrella of Kape Technologies (ExpressVPN's parent company) will make the industry less competitive, we don't believe it's influencing ExpressVPN to take advantage of its users' privacy. To confirm, and get a full sense of what sort of privacy ExpressVPN promises its users, we set out to read ExpressVPN's privacy policy in detail. It's long, but thankfully aimed at casual users instead of lawyers. You can see it for yourself here. In the introduction, ExpressVPN states that it does not keep either activity logs (such as a user's browsing history while connected to the VPN) or connection logs (such as the duration of a user's session and their IP address, which can be used to extrapolate browsing activity). It then specifies the seven types of data it's legally allowed to collect: Data used to sign up for an account, such as names, emails and payment methods. VPN usage data which is aggregated and can't be traced to any individual. Credentials stored in the ExpressVPN Keys password manager. Diagnostic data such as crash reports, which are only shared upon user request. IP addresses authorized for MediaStreamer, which is only for streaming devices that don't otherwise support VPN apps. Marketing data collected directly from the app — a "limited amount" that's kept anonymous. Data voluntarily submitted for identity theft protection apps. Of those seven exceptions, the only ones that count as red flags are account data and marketing data. Both categories are highly personal and could be damaging if mishandled. Fortunately, complying with subpoenas is not one of the allowed uses listed for either data category, nor does the policy let ExpressVPN sell the data to other private parties. The only really annoying thing here is that if you ask ExpressVPN to delete your personal data, you won't be able to use your account from then on. You aren't even eligible for a refund in this case, unless you're within 30 days of your initial subscription. As for marketing data, ExpressVPN collects device fingerprints and location data when you sign up for an account on its website. The privacy policy also claims this is anonymized, as its "systems are engineered to decouple such data from personally identifiable information." Audits corroborate this, as we'll see in the next section. So, while it would be better if ExpressVPN didn't collect any personal data at all, its practices don't appear to pose a risk to anything you do while using the VPN — just the ExpressVPN website. Privacy audits VPN providers often get third-party accounting firms to audit their privacy policies. The idea is that a well-known firm won't mortgage its reputation to lie on behalf of a VPN, so their results can be trusted. For the last several years, ExpressVPN has had KPMG look over its privacy policy and relevant infrastructure (see "TrustedServer" below). KPMG's most recent report, completed in December 2023 and released in May 2024, found that ExpressVPN had enough internal controls in place that users could trust its privacy policy. The report is freely available to read. This is a very good sign, though we're looking out for a more up-to-date audit soon. TrustedServer "TrustedServer" is a marketing term ExpressVPN uses for its RAM-only server infrastructure. RAM-only servers have no hard drives for long-term storage and return to a standard disk image with every reboot. This makes it theoretically impossible to store user activity logs on them, even if ExpressVPN wanted to do that. The KPMG audit, linked above, reports that TrustedServer works as advertised. Between its many clean privacy audits and the Turkish server incident in 2017, we're prepared to say ExpressVPN is a private VPN, in spite of its aggravating exception for marketing. Can ExpressVPN change your virtual location? Next, we tested whether ExpressVPN can actually convince websites that you're somewhere other than your real location. Our security tests have already proven it can hide your IP address, but it takes more than leak-proofing to fool streaming sites these days — Netflix and the others have gotten very good at combing through metadata to sniff out proxy users. The process for testing this is a lot like how we handled the DNS leak tests: try several different servers and see if we get caught. We checked five sample locations outside the U.S. to see if we a) got into Netflix and b) saw different titles in the library. The results are below. Server Location Unblocked Netflix? Library changed? Canada Y Y United Kingdom Y (second try; Docklands failed) Y Slovakia Y Y India Y Y (different from UK library) Australia Y Y In fifteen tests, ExpressVPN slipped up only once. Docklands, the UK server it chose as the fastest, wasn't able to access Netflix. We switched to a server labeled simply "London" and unblocked it without issue. ExpressVPN can change your virtual location so you can explore the wonderful world of K-drama. Sam Chapman for Engadget All the other locations got us access to an alternate Netflix library on the first try. We even checked whether the India server, which is physically located in the UK, showed us different videos than the UK servers. It did, which makes us even more confident that ExpressVPN's virtual locations are airtight. Investigating ExpressVPN's server network ExpressVPN users can connect to a total of 164 server locations in 105 countries and territories. These locations are reasonably well distributed across the globe, but as with all VPNs, there's a bias toward the northern hemisphere. There are 24 locations in the U.S. alone and a further 66 in Europe. That isn't to say users in the Global South get nothing. ExpressVPN has IP addresses from nine nations in South America (Argentina, Brazil, Bolivia, Chile, Colombia, Ecuador, Peru, Uruguay and Venezuela) and six in Africa (Algeria, Egypt, Ghana, Kenya, Morocco and South Africa). The network even includes Kazakhstan, Uzbekistan and Mongolia, impressive since central Asia may be the region most often shafted by VPNs. However, many of these servers have virtual locations different from their real ones. For those of you choosing a server based on performance instead of a particular IP address, ExpressVPN's website has a helpful list of which servers are virtual. The bad news is that it's a big chunk of the list. A total of 63 ExpressVPN locations are virtual, or 38% of its entire network. To reduce the sting, ExpressVPN takes care to locate virtual servers as close to their real locations as possible. Its virtual locations in Indonesia and India are physically based in Singapore. This isn't always practical, leading to some awkwardness like operating a Ghana IP address out of Germany. But it helps ExpressVPN perform better in the southern hemisphere. Extra features of ExpressVPN Compared to direct competitors like NordVPN and Surfshark, ExpressVPN doesn't have many special features. It's aimed squarely at the casual market and will probably disappoint power users. Having said that, what they do include works well. In this section, we'll run through ExpressVPN's four substantial features outside its VPN servers themselves. Network Lock kill switch "Network Lock" is the name ExpressVPN gives to its kill switch (though it's called "Network Protection" on mobile). A VPN kill switch is a safety feature that keeps you from broadcasting outside the VPN tunnel. If it ever detects that you aren't connected to a legitimate ExpressVPN server, it cuts off your internet access. You won't be able to get back online until you either reconnect to the VPN or disable Network Lock. ExpressVPN's kill switch is called Network Lock on desktop, and Network Protection on mobile (Android pictured) Sam Chapman for Engadget This is important for everyone, not just users who need to hide sensitive traffic. The recently discovered TunnelVision bug theoretically allows hackers to set up fake public wi-fi networks through which they redirect you to equally fake VPN servers, which then harvest your personal information. It's unlikely, but not impossible, and a kill switch is the best way to prevent it — the switch always triggers unless you're connected to a real server in the VPN's network. Like most of ExpressVPN's features, all you can do with Network Lock is turn it on and off. You can also toggle whether you'll still be able to access local devices while the kill switch is blocking your internet — this is allowed by default. Threat manager, ad blocker and parental controls ExpressVPN groups three tools under the heading of "advanced protection" — Threat Manager, an ad blocker and parental controls. Threat Manager consists of two checkboxes: one that blocks your browser from communicating with activity tracking software and one that blocks a list of websites known to be used for malware. Check any of these boxes to use the pre-set blocklists whenever you're connected to ExpressVPN. Sam Chapman for Engadget You can't customize the lists, so you're limited to what ExpressVPN considers worthy of blocking. They share their sources on the website. While the lists are extensive and open-source, they rely on after-the-fact reporting and can't detect and block unknown threats like a proper antivirus. The adblock and parental control options work the same way: check a box to block everything on the list, uncheck it to allow everything through. In tests, the ad blocker was nearly 100% effective against banner ads, but failed to block any video ads on YouTube or Netflix. The parental control option blocks a list of porn sites. It's an easy option for concerned parents, but only works while ExpressVPN is connected. As such, it's meant to be used in conjunction with device-level parental controls that prevent the child from turning off or uninstalling the VPN client. Split tunneling Sometimes, you'll find it helpful to have your device getting online through two different IP addresses at once — one for your home services and one for a location you're trying to spoof. That's where split tunneling is helpful: it runs some apps through the VPN while leaving others unprotected. This can also improve your speeds, since the VPN needs to encrypt less in total. You can configure split tunneling through either a blocklist or an allowlist. Sam Chapman for Engadget ExpressVPN includes split tunneling on Windows, Android and Mac (though only on versions 10 and below). You can only split by app, not by website, but it's still pretty useful. For example, you can have BitTorrent handling a heavy download in the background while you use your browser for innocuous activities that don't need protecting. ExpressVPN Aircove router By now, it should be clear that we find ExpressVPN to be a highly reliable but often unexceptional VPN service. However, there's one area in which it's a clear industry leader: VPN routers. ExpressVPN Aircove is, to our knowledge, the only router with a built-in commercial VPN that comes with its own dashboard interface. Usually, installing a VPN on your router requires tinkering with the router control panel, which turns off all but the most experienced users — not to mention making it a massive pain to switch to a new server location. Aircove's dashboard, by contrast, will be instantly familiar to anyone who already knows how to use an ExpressVPN client. It even allows different devices in your home to connect to different locations through the router VPN. Aircove's biggest drawback is its price. Currently retailing at $189 (not including an ExpressVPN subscription), it's around three times more expensive than an aftermarket router fitted with free VPN firmware. Some of you might still find the convenience worth the one-time payment. ExpressVPN customer support options ExpressVPN's written help pages are some of the best on the market. Its live chat is more of a mixed bag, and complex questions may cause delays. However, it is at least staffed with human agents who aim to reply accurately, rather than resolve your ticket as quickly as possible. You can directly access both live chat and email from ExpressVPN's mobile apps (on desktop, you'll have to go to the website). Sam Chapman for Engadget We approached ExpressVPN's support features with a simple question: "If I requested that ExpressVPN delete all my personal data, would I be able to get a refund for my unused subscription time?" (Remember from the Privacy Policy section that submitting a full deletion request also cancels your ExpressVPN account.) Our first stop was expressvpn.com/support, the written support center and FAQ page. It's divided into setup guides, troubleshooting, account management and information on each of ExpressVPN's products. The setup guides are excellent, including screenshots and clearly written steps; each one includes a video guide for those who learn better that way. Troubleshooting is just as good — no videos, but the same standards of clarity and usefulness prevail. The section starts with general problems, then delves into specific issues you might face on each operating system. Each article clearly derives from a real customer need. The live support experience To get answers on our refund question, we visited the account management FAQs. This section stated that the refund policy only applies within 30 days of purchase. Pretty clear-cut, but we still wanted an answer on our special case, so we contacted live chat by clicking the button at the bottom-right of every FAQ page. Live chat is in the bottom-right corner of every page of expressvpn.com. Sam Chapman for Engadget Live chat starts with an AI assistant, which is not too hard to get past — just ask it a question it can't answer, then click "Transfer to an Agent." We got online with (what claimed to be) a human in less than a minute. Answering the question took longer and involved an uncomfortable 10-minute silence, but we did get a clear verdict from a real person: refunds are within 30 days only, no matter what. If the live chat agent can't answer your question, you'll be redirected to open an email support ticket. Annoyingly, there's no way to go directly to email support through the website or desktop apps, though mobile users have the option to skip directly there. ExpressVPN background check: From founding to Kape Technologies ExpressVPN launched in 2009, which makes it one of the oldest consumer VPNs in continual operation. In more than 15 years of operation, it's never been caught violating its own privacy policy, though its record isn't free of more minor blemishes. Headquarters in the British Virgin Islands Founders Dan Pomerantz and Peter Burchhardt registered the company in the British Virgin Islands from the start to take advantage of that territory's favorable legal environment for online privacy. The BVIs have no law requiring businesses to retain data on their users, and the process for extraditing data is famously difficult, requiring a direct order from the highest court. In 2021, the BVI implemented the Data Protection Act (DPA) [PDF link], which prevents companies based in the territory from accessing data on their users anywhere in the world. It's a great privacy law in theory, modeled on best-in-class legislation in the EU. However, we couldn't find any evidence that its supervising authority — the Office of the Information Commissioner — has a leader or staff. In other words, while ExpressVPN is not legally required to log any data on its users, there's technically nobody stopping them from doing so. Whether you trust the jurisdiction depends on whether you trust the company itself. Let's see what the other evidence says. Security and privacy incidents Two significant incidents stand out from ExpressVPN's 16-year history. In 2017, when Andrei Karlov, Russia's ambassador to Turkey, was shot to death at an art show. Turkish police suspected someone had used ExpressVPN to mask their identity while they deleted information from social media accounts belonging to the alleged assassin. To investigate, they confiscated an ExpressVPN server to comb for evidence. They didn't find anything. A police seizure is the best possible test of a VPN's approach to privacy. The provider can't prepare beforehand, fake anything, or collude with investigators. The Turkey incident is still one of the best reasons to recommend ExpressVPN, though eight years is a long time for policy to change. The second incident began in March 2024, when a researcher at CNET informed ExpressVPN that its version 12 for Windows occasionally leaked DNS requests when users enabled the split tunneling feature. While these users remained connected to an ExpressVPN server, their browsing activity was often going directly to their ISP, unmasked. The bug only impacted a few users, and to their credit, ExpressVPN sprang into action as soon as they learned about it. The team had it patched by April, as confirmed by the researcher who initially discovered the vulnerability. But while their quick and effective response deserves praise, it's still a mark against them that a journalist noticed the bug before they did. Kape Technologies ownership and management questions In 2021, an Israeli-owned, UK-based firm called Kape Technologies purchased a controlling interest in ExpressVPN. In addition to ExpressVPN, privately held Kape owns CyberGhost, Private Internet Access, and Zenmate (before it merged into CyberGhost). As shown on its website, it also owns Webselenese, publisher of VPN review websites WizCase and vpnMentor, which poses an apparent conflict of interest. When reached for comment, a representative for ExpressVPN said that "ExpressVPN does not directly engage with, nor seek to influence, the content on any Webselenese site," and pointed us to disclosure statements on the websites in question — here's one example. Even so, it's a good reminder not to take VPN reviews at face value without knowing who's behind them (Engadget is owned by Yahoo, which does not own any VPNs). Diving deeper into the background of Kape's ownership will lead you to owner Teddy Sagi. Go back far enough, and you'll see he did prison time in Israel and was mentioned in the Pandora Papers, among other things. More recently, headlines about the billionaire have focused more his businesses in the online gambling and fintech arenas, as well as his real estate ventures. An ExpressVPN representative told us that "Kape's brands continue to operate independently," and our investigation bore that out — we couldn't find any proof that Kape or Sagi have directly attempted to influence ExpressVPN's software or daily operations. Closer to the immediate day-to-day operations of ExpressVPN was the company's employment of Daniel Gericke as CTO from 2019 through 2023. During that time, the US Justice Department announced it had fined Gericke and two others for their previous employment on a surveillance operation called Project Raven, which the United Arab Emirates (UAE) used to spy on its own citizens. The revelation prompted a public response from ExpressVPN defending its decision to hire Gericke, arguing that "[t]he best goalkeepers are the ones trained by the best strikers." ExpressVPN's representative confirmed that the company still stands by that linked statement. Gericke parted ways with ExpressVPN in October 2023, per his LinkedIn profile. While we don't know what we don't know, we can say that ExpressVPN has not notably changed its public-facing security and privacy policies during the time it's been connected to Kape, Sagi, or Gericke. In the end, how much ExpressVPN's history matters to you is a personal choice. If you object to any current or past actions by Kape Technologies or Teddy Sagi, there are other premium VPN options you might prefer. If you need more information to make up your mind, we recommend reading through CNET's 2022 deep dive on ExpressVPN's corporate history. Final verdict ExpressVPN is the VPN we most often recommend to beginners. It takes zero training to use, and consistently gets past filters on streaming sites. It also runs in the background with virtually no impact. If anything is worth the high price of admission, it's the excellent speeds distributed evenly across the worldwide server network. However, for certain specific cases, ExpressVPN may not be the best choice. There's no way to set up your own server locations, like NordVPN offers, and no double VPN connections, like you can build for yourself on Surfshark. Its corporate background is more suspect than the entities backing Proton VPN, and unlike Mullvad, ExpressVPN doesn't work in China — it's so well-known that the government targets its servers specifically. We suggest going with ExpressVPN for general online privacy, for spoofing locations in your home country while traveling, or if you regularly need to unblock sites in other countries. That encompasses 19 of every 20 users, which is fine by us, as ExpressVPN is a great service. It's just more of a reliable old screwdriver than a multi-tool. This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/expressvpn-review-2025-fast-speeds-and-a-low-learning-curve-160052884.html?src=rss

Cyber threats don't show up one at a time anymore. They're layered, planned, and often stay hidden until it's too late. For cybersecurity teams, the key isn't just reacting to alerts—it's spotting early signs of trouble before they become real threats. This update is designed to deliver clear, accurate insights based on real patterns and changes we can verify. With today's complex systems, we need focused analysis—not noise. What you'll see here isn't just a list of incidents, but a clear look at where control is being gained, lost, or quietly tested. ⚡ Threat of the Week Lumma Stealer, DanaBot Operations Disrupted — A coalition of private sector companies and law enforcement agencies have taken down the infrastructure associated with Lumma Stealer and DanaBot. Charges have also been unsealed against 16 individuals for their alleged involvement in the development and deployment of DanaBot. The malware is equipped to siphon data from victim computers, hijack banking sessions, and steal device information. More uniquely, though, DanaBot has also been used for hacking campaigns that appear to be linked to Russian state-sponsored interests. All of that makes DanaBot a particularly clear example of how commodity malware has been repurposed by Russian state hackers for their own goals. In tandem, about 2,300 domains that acted as the command-and-control (C2) backbone for the Lumma information stealer have been seized, alongside taking down 300 servers and neutralizing 650 domains that were used to launch ransomware attacks. The actions against international cybercrime in the past few days constituted the latest phase of Operation Endgame. Get the Guide ➝ 🔔 Top News Threat Actors Use TikTok Videos to Distribute Stealers — While ClickFix has become a popular social engineering tactic to deliver malware, threat actors have been observed using artificial intelligence (AI)-generated videos uploaded to TikTok to deceive users into running malicious commands on their systems and deploy malware like Vidar and StealC under the guise of activating pirated version of Windows, Microsoft Office, CapCut, and Spotify. "This campaign highlights how attackers are ready to weaponize whichever social media platforms are currently popular to distribute malware," Trend Micro said. APT28 Hackers Target Western Logistics and Tech Firms — Several cybersecurity and intelligence agencies from Australia, Europe, and the United States issued a joint alert warning of a state-sponsored campaign orchestrated by the Russian state-sponsored threat actor APT28 targeting Western logistics entities and technology companies since 2022. "This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors' wide scale targeting of IP cameras in Ukraine and bordering NATO nations," the agencies said. The attacks are designed to steal sensitive information and maintain long-term persistence on compromised hosts. Chinese Threat Actors Exploit Ivanti EPMM Flaws — The China-nexus cyber espionage group tracked as UNC5221 has been attributed to the exploitation of a pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software (CVE-2025-4427 and CVE-2025-4428) to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The intrusions leverage the vulnerabilities to obtain a reverse shell and drop malicious payloads like KrustyLoader, which is known to deliver the Sliver command-and-control (C2) framework. "UNC5221 demonstrates a deep understanding of EPMM's internal architecture, repurposing legitimate system components for covert data exfiltration," EclecticIQ said. "Given EPMM's role in managing and pushing configurations to enterprise mobile devices, a successful exploitation could allow threat actors to remotely access, manipulate, or compromise thousands of managed devices across an organization." Over 100 Google Chrome Extensions Mimic Popular Tools — An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities such as DeepSeek, Manus, DeBank, FortiVPN, and Site Stats but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. Links to these browser add-ons are hosted on specially crafted sites to which users are likely redirected to via phishing and social media posts. While the extensions appear to offer the advertised features, they also stealthily facilitate credential and cookie theft, session hijacking, ad injection, malicious redirects, traffic manipulation, and phishing via DOM manipulation. Several of these extensions have been taken down by Google. CISA Warns of SaaS Providers of Attacks Targeting Cloud Environments — The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that SaaS companies are under threat from bad actors who are on the prowl for cloud applications with default configurations and elevated permissions. While the agency did not attribute the activity to a specific group, the advisory said enterprise backup platform Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault's (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure," CISA said. "This provided the threat actors with unauthorized access to Commvault's customers' M365 environments that have application secrets stored by Commvault." GitLab AI Coding Assistant Flaws Could Be Used to Inject Malicious Code — Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. The attack could also leak confidential issue data, such as zero-day vulnerability details. All that's required is for the attacker to instruct the chatbot to interact with a merge request (or commit, issue, or source code) by taking advantage of the fact that GitLab Duo has extensive access to the platform. "By embedding hidden instructions in seemingly harmless project content, we were able to manipulate Duo's behavior, exfiltrate private source code, and demonstrate how AI responses can be leveraged for unintended and harmful outcomes," Legit Security said. One variation of the attack involved hiding a malicious instruction in an otherwise legitimate piece of source code, while another exploited Duo's parsing of markdown responses in real-time asynchronously. An attacker could leverage this behavior – that Duo begins rendering the output line by line rather than waiting until the entire response is generated and sending it all at once – to introduce malicious HTML code that can access sensitive data and exfiltrate the information to a remote server. The issues have been patched by GitLab following responsible disclosure. ‎️‍🔥 Trending CVEs Software vulnerabilities remain one of the simplest—and most effective—entry points for attackers. Each week uncovers new flaws, and even small delays in patching can escalate into serious security incidents. Staying ahead means acting fast. Below is this week's list of high-risk vulnerabilities that demand attention. Review them carefully, apply updates without delay, and close the doors before they're forced open. This week's list includes — CVE-2025-34025, CVE-2025-34026, CVE-2025-34027 (Versa Concerto), CVE-2025-30911 (RomethemeKit For Elementor WordPress plugin), CVE-2024-57273, CVE-2024-54780, and CVE-2024-54779 (pfSense), CVE-2025-41229 (VMware Cloud Foundation), CVE-2025-4322 (Motors WordPress theme), CVE-2025-47934 (OpenPGP.js), CVE-2025-30193 (PowerDNS), CVE-2025-0993 (GitLab), CVE-2025-36535 (AutomationDirect MB-Gateway), CVE-2025-47949 (Samlify), CVE-2025-40775 (BIND DNS), CVE-2025-20152 (Cisco Identity Services Engine), CVE-2025-4123 (Grafana), CVE-2025-5063 (Google Chrome), CVE-2025-37899 (Linux Kernel), CVE-2025-26817 (Netwrix Password Secure), CVE-2025-47947 (ModSecurity), CVE-2025-3078, CVE-2025-3079 (Canon Printers), and CVE-2025-4978 (NETGEAR). 📰 Around the Cyber World Sandworm Drops New Wiper in Ukraine — The Russia-aligned Sandworm group intensified destructive operations against Ukrainian energy companies, deploying a new wiper named ZEROLOT. "The infamous Sandworm group concentrated heavily on compromising Ukrainian energy infrastructure. In recent cases, it deployed the ZEROLOT wiper in Ukraine. For this, the attackers abused Active Directory Group Policy in the affected organizations," ESET Director of Threat Research, Jean-Ian Boutin, said. Another Russian hacking group, Gamaredon, remained the most prolific actor targeting the East European nation, enhancing malware obfuscation and introducing PteroBox, a file stealer leveraging Dropbox. Signal Says No to Recall — Signal has released a new version of its messaging app for Windows that, by default, blocks the ability of Windows to use Recall to periodically take screenshots of the app. "Although Microsoft made several adjustments over the past twelve months in response to critical feedback, the revamped version of Recall still places any content that's displayed within privacy-preserving apps like Signal at risk," Signal said. "As a result, we are enabling an extra layer of protection by default on Windows 11 in order to help maintain the security of Signal Desktop on that platform even though it introduces some usability trade-offs. Microsoft has simply given us no other option." Microsoft began officially rolling out Recall last month. Russia Introduces New Law to Track Foreigners Using Their Smartphones — The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. This includes gathering their real-time locations, fingerprint, face photograph, and residential information. "The adopted mechanism will allow, using modern technologies, to strengthen control in the field of migration and will also contribute to reducing the number of violations and crimes in this area," Vyacheslav Volodin, chairman of the State Duma, said. "If migrants change their actual place of residence, they will be required to inform the Ministry of Internal Affairs (MVD) within three working days." A proposed four-year trial period begins on September 1, 2025, and runs until September 1, 2029. Dutch Government Passes Law to Criminalize Cyber Espionage — The Dutch government has approved a law criminalizing a wide range of espionage activities, including digital espionage, in an effort to protect national security, critical infrastructure, and high-quality technologies. Under the amended law, leaking sensitive information that is not classified as a state secret or engaging in activities on behalf of a foreign government that harm Dutch interests can also result in criminal charges. "Foreign governments are also interested in non-state-secret, sensitive information about a particular economic sector or about political decision-making," the government said. "Such information can be used to influence political processes, weaken the Dutch economy or play allies against each other. Espionage can also involve actions other than sharing information." Microsoft Announces Availability of Quantum-Resistant Algorithms to SymCrypt — Microsoft has revealed that it's making post-quantum cryptography (PQC) capabilities, including ML-KEM and ML-DSA, available for Windows Insiders, Canary Channel Build 27852 and higher, and Linux, SymCrypt-OpenSSL version 1.9.0. "This advancement will enable customers to commence their exploration and experimentation of PQC within their operational environments," Microsoft said. "By obtaining early access to PQC capabilities, organizations can proactively assess the compatibility, performance, and integration of these novel algorithms alongside their existing security infrastructure." New Malware DOUBLELOADER Uses ALCATRAZ for Obfuscation — The open-source obfuscator ALCATRAZ has been seen within a new generic loader dubbed DOUBLELOADER, which has been deployed alongside Rhadamanthys Stealer infections starting December 2024. The malware collects host information, requests an updated version of itself, and starts beaconing to a hardcoded IP address (185.147.125[.]81) stored within the binary. "Obfuscators such as ALCATRAZ end up increasing the complexity when triaging malware," Elastic Security Labs said. "Its main goal is to hinder binary analysis tools and increase the time of the reverse engineering process through different techniques; such as hiding the control flow or making decompilation hard to follow." New Formjacking Campaign Targets WooCommerce Sites — Cybersecurity researchers have detected a sophisticated formjacking campaign targeting WooCommerce sites. The malware, per Wordfence, injects a fake but professional-looking payment form into legitimate checkout processes and exfiltrates sensitive customer data to an external server. Further analysis has revealed that the infection likely originated from a compromised WordPress admin account, which was used to inject malicious JavaScript via a Simple Custom CSS and JS plugin (or something similar) that allows administrators to add custom code. "Unlike traditional card skimmers that simply overlay existing forms, this variant carefully integrates with the WooCommerce site's design and payment workflow, making it particularly difficult for site owners and users to detect," the WordPress security company said. "The malware author repurposed the browser's localStorage mechanism – typically used by websites to remember user preferences – to silently store stolen data and maintain access even after page reloads or when navigating away from the checkout page." E.U. Sanctions Stark Industries — The European Union (E.U.) has announced sanctions against 21 individuals and six entities in Russia over its "destabilising actions" in the region. One of the sanctioned entities is Stark Industries, a bulletproof hosting provider that has been accused of acting as "enablers of various Russian state-sponsored and affiliated actors to conduct destabilising activities including, information manipulation interference and cyber attacks against the Union and third countries." The sanctions also target its CEO Iurie Neculiti and owner Ivan Neculiti. Stark Industries was previously spotlighted by independent cybersecurity journalist Brian Krebs, detailing its use in DDoS attacks in Ukraine and across Europe. In August 2024, Team Cymru said it discovered 25 Stark-assigned IP addresses used to host domains associated with FIN7 activities and that it had been working with Stark Industries for several months to identify and reduce abuse of their systems. The sanctions have also targeted Kremlin-backed manufacturers of drones and radio communication equipment used by the Russian military, as well as those involved in GPS signal jamming in Baltic states and disrupting civil aviation. The Mask APT Unmasked as Tied to the Spanish Government — The mysterious threat actor known as The Mask (aka Careto) has been identified as run by the Spanish government, according to a report published by TechCrunch, citing people who worked at Kaspersky at the time and had knowledge of the investigation. The Russian cybersecurity company first exposed the hacking group in 2014, linking it to highly sophisticated attacks since at least 2007 targeting high-profile organizations, such as governments, diplomatic entities, and research institutions. A majority of the group's attacks have targeted Cuba, followed by hundreds of victims in Brazil, Morocco, Spain, and Gibraltar. While Kaspersky has not publicly attributed it to a specific country, the latest revelation makes The Mask one of the few Western government hacking groups that has ever been discussed in public. This includes the Equation Group, the Lamberts (the U.S.), and Animal Farm (France). Social Engineering Scams Target Coinbase Users — Earlier this month, cryptocurrency exchange Coinbase revealed that it was the victim of a malicious attack perpetrated by unknown threat actors to breach its systems by bribing customer support agents in India and siphon funds from nearly 70,000 customers. According to Blockchain security firm SlowMist, Coinbase users have been the target of social engineering scams since the start of the year, bombarding with SMS messages claiming to be fake withdrawal requests and seeking their confirmation as part of a "sustained and organized scam campaign." The goal is to induce a false sense of urgency and trick them into calling a number, eventually convincing them to transfer the funds to a secure wallet with a seed phrase pre-generated by the attackers and ultimately drain the assets. It's assessed that the activities are primarily carried out by two groups: low-level skid attackers from the Com community and organized cybercrime groups based in India. "Using spoofed PBX phone systems, scammers impersonate Coinbase support and claim there's been 'unauthorized access' or 'suspicious withdrawals' on the user's account," SlowMist said. "They create a sense of urgency, then follow up with phishing emails or texts containing fake ticket numbers or 'recovery links.'" Delta Can Sue CrowdStrike Over July 2024 Mega Outage — Delta Air Lines, which had its systems crippled and almost 7,000 flights canceled in the wake of a massive outage caused by a faulty update issued by CrowdStrike in mid-July 2024, has been given the green light to pursue to its lawsuit against the cybersecurity company. A judge in the U.S. state of Georgia stating Delta can try to prove that CrowdStrike was grossly negligent by pushing a defective update to its Falcon software to customers. The update crashed 8.5 million Windows devices across the world. Crowdstrike previously claimed that the airline had rejected technical support offers both from itself and Microsoft. In a statement shared with Reuters, lawyers representing CrowdStrike said they were "confident the judge will find Delta's case has no merit, or will limit damages to the 'single-digit millions of dollars' under Georgia law." The development comes months after MGM Resorts International agreed to pay $45 million to settle multiple class-action lawsuits related to a data breach in 2019 and a ransomware attack the company experienced in 2023. Storm-1516 Uses AI-Generated Media to Spread Disinformation — The Russian influence operation known as Storm-1516 (aka CopyCop) sought to spread narratives that undermined the European support for Ukraine by amplifying fabricated stories on X about European leaders using drugs while traveling by train to Kyiv for peace talks. One of the posts was subsequently shared by Russian state media and Maria Zakharova, a senior official in Russia's foreign ministry, as part of what has been described as a coordinated disinformation campaign by EclecticIQ. The activity is also notable for the use of synthetic content depicting French President Emmanuel Macron, U.K. Labour Party leader Keir Starmer, and German chancellor Friedrich Merz of drug possession during their return from Ukraine. "By attacking the reputation of these leaders, the campaign likely aimed to turn their own voters against them, using influence operations (IO) to reduce public support for Ukraine by discrediting the politicians who back it," the Dutch threat intelligence firm said. Turkish Users Targeted by DBatLoader — AhnLab has disclosed details of a malware campaign that's distributing a malware loader called DBatLoader (aka ModiLoader) via banking-themed banking emails, which then acts as a conduit to deliver SnakeKeylogger, an information stealer developed in .NET. "The DBatLoader malware distributed through phishing emails has the cunning behavior of exploiting normal processes (easinvoker.exe, loader.exe) through techniques such as DLL side-loading and injection for most of its behaviors, and it also utilizes normal processes (cmd.exe, powershell.exe, esentutl.exe, extrac32.exe) for behaviors such as file copying and changing policies," the company said. SEC SIM-Swapper Sentenced to 14 Months for SEC X Account Hack — A 26-year-old Alabama man, Eric Council Jr., has been sentenced to 14 months in prison and three years of supervised release for using SIM swapping attacks to breach the U.S. Securities and Exchange Commission's (SEC) official X account in January 2024 and falsely announced that the SEC approved Bitcoin (BTC) Exchange Traded Funds (ETFs). Council Jr. (aka Ronin, Agiantschnauzer, and @EasyMunny) was arrested in October 2024 and pleaded guilty to the crime earlier this February. He has also been ordered to forfeit $50,000. According to court documents, Council used his personal computer to search incriminating phrases such as "SECGOV hack," "telegram sim swap," "how can I know for sure if I am being investigated by the FBI," "What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them," "what are some signs that the FBI is after you," "Verizon store list," "federal identity theft statute," and "how long does it take to delete telegram account." FBI Warns of Malicious Campaign Impersonating Government Officials — The U.S. Federal Bureau of Investigation (FBI) is warning of a new campaign that involves malicious actors impersonating senior U.S. federal or state government officials and their contacts to target individuals since April 2025. "The malicious actors have sent text messages and AI-generated voice messages — techniques known as smishing and vishing, respectively — that claim to come from a senior US official in an effort to establish rapport before gaining access to personal accounts," the FBI said. "One way the actors gain such access is by sending targeted individuals a malicious link under the guise of transitioning to a separate messaging platform." From there, the actor may present malware or introduce hyperlinks that lead intended targets to an actor-controlled site that steals login information. DICOM Flaw Enables Attackers to Embed Malicious Code Within Medical Image Files — Praetorian has released a proof-of-concept (PoC) for a high-severity security flaw in Digital Imaging and Communications in Medicine (DICOM), predominant file format for medical images, that enables attackers to embed malicious code within legitimate medical image files. CVE-2019-11687 (CVSS score: 7.8), originally disclosed in 2019 by Markel Picado Ortiz, stems from a design decision that allows arbitrary content at the start of the file, otherwise called the Preamble, which enables the creation of malicious polyglots. Codenamed ELFDICOM, the PoC extends the attack surface to Linux environments, making it a much more potent threat. As mitigations, it's advised to implement a DICOM preamble whitelist. "DICOM's file structure inherently allows arbitrary bytes at the beginning of the file, where Linux and most operating systems will look for magic bytes," Praetorian researcher Ryan Hennessee said. "[The whitelist] would check a DICOM file's preamble before it is imported into the system. This would allow known good patterns, such as 'TIFF' magic bytes, or '\x00' null bytes, while files with the ELF magic bytes would be blocked." Cookie-Bite Attack Uses Chrome Extension to Steal Session Tokens — Cybersecurity researchers have demonstrated a new attack technique called Cookie-Bite that employs custom-made malicious browser extensions to steal "ESTAUTH" and "ESTSAUTHPERSISTNT" cookies in Microsoft Azure Entra ID and bypass multi-factor authentication (MFA). The attack has multiple moving parts to it: A custom Chrome extension that monitors authentication events and captures cookies; a PowerShell script that automates the extension deployment and ensures persistence; an exfiltration mechanism to send the cookies to a remote collection point; and a complementary extension to inject the captured cookies into the attacker's browser. "Threat actors often use infostealers to extract authentication tokens directly from a victim's machine or buy them directly through darkness markets, allowing adversaries to hijack active cloud sessions without triggering MFA," Varonis said. "By injecting these cookies while mimicking the victim's OS, browser, and network, attackers can evade Conditional Access Policies (CAPs) and maintain persistent access." Authentication cookies can also be stolen using adversary-in-the-middle (AitM) phishing kits in real-time, or using rogue browser extensions that request excessive permissions to interact with web sessions, modify page content, and extract stored authentication data. Once installed, the extension can access the browser's storage API, intercept network requests, or inject malicious JavaScript into active sessions to harvest real-time session cookies. "By leveraging stolen session cookies, an adversary can bypass authentication mechanisms, gaining seamless entry into cloud environments without requiring user credentials," Varonis said. "Beyond initial access, session hijacking can facilitate lateral movement across the tenant, allowing attackers to explore additional resources, access sensitive data, and escalate privileges by abusing existing permissions or misconfigured roles." 🎥 Cybersecurity Webinars Non-Human Identities: The AI Backdoor You're Not Watching → AI agents rely on Non-Human Identities (like service accounts and API keys) to function—but these are often left untracked and unsecured. As attackers shift focus to this hidden layer, the risk is growing fast. In this session, you'll learn how to find, secure, and monitor these identities before they're exploited. Join the webinar to understand the real risks behind AI adoption—and how to stay ahead. Inside the LOTS Playbook: How Hackers Stay Undetected → Attackers are using trusted sites to stay hidden. In this webinar, Zscaler experts share how they detect these stealthy LOTS attacks using insights from the world's largest security cloud. Join to learn how to spot hidden threats and improve your defense. 🔧 Cybersecurity Tools ScriptSentry → It is a free tool that scans your environment for dangerous logon script misconfigurations—like plaintext credentials, insecure file/share permissions, and references to non-existent servers. These overlooked issues can enable lateral movement, privilege escalation, or even credential theft. ScriptSentry helps you quickly identify and fix them across large Active Directory environments. Aftermath → It is a Swift-based, open-source tool for macOS incident response. It collects forensic data—like logs, browser activity, and process info—from compromised systems, then analyzes it to build timelines and track infection paths. Deploy via MDM or run manually. Fast, lightweight, and ideal for post-incident investigation. AI Red Teaming Playground Labs → It is an open-source training suite with hands-on challenges designed to teach security professionals how to red team AI systems. Originally developed for Black Hat USA 2024, the labs cover prompt injections, safety bypasses, indirect attacks, and Responsible AI failures. Built on Chat Copilot and deployable via Docker, it's a practical resource for testing and understanding real-world AI vulnerabilities. 🔒 Tip of the Week Review and Revoke Old OAuth App Permissions — They're Silent Backdoor → You've likely logged into apps using "Continue with Google," "Sign in with Microsoft," or GitHub/Twitter/Facebook logins. That's OAuth. But did you know many of those apps still have access to your data long after you stop using them? Why it matters: Even if you delete the app or forget it existed, it might still have ongoing access to your calendar, email, cloud files, or contact list — no password needed. If that third-party gets breached, your data is at risk. What to do: Go through your connected apps here: Google: myaccount.google.com/permissions Microsoft: account.live.com/consent/Manage GitHub: github.com/settings/applications Facebook: facebook.com/settings?tab=applications Revoke anything you don't actively use. It's a fast, silent cleanup — and it closes doors you didn't know were open. Conclusion Looking ahead, it's not just about tracking threats—it's about understanding what they reveal. Every tactic used, every system tested, points to deeper issues in how trust, access, and visibility are managed. As attackers adapt quickly, defenders need sharper awareness and faster response loops. The takeaways from this week aren't just technical—they speak to how teams prioritize risk, design safeguards, and make choices under pressure. Use these insights not just to react, but to rethink what "secure" really needs to mean in today's environment. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

Katja Pargger’s latest project has a unique setting, surrounded by what feels like a small forest in the middle of the city. When she first visited the bucolic Paris home, it was like discovering a magical overgrown garden. That also made it impossible to get a good photograph of the house in its entirety, as nature hid sections of it from view. Behind all that greenery was a typical early 19th-century home with a classically inspired exterior. The romantic setting near Paris and the house that occupied it belonged to the pointillist painter Jac Martin-Ferrières in the 1930s; he added a studio with a glass roof in the 1950s. (Unfortunately, after years of neglect, the studio was beyond the point of being salvaged when Pargger arrived.) “I wanted the house to continue to maintain its connection with nature while also preserving the large volume and better organizing the space,” the Austrian architect and designer says. In order to save the house, it would have to be completely gutted and its faux brick facade entirely rebuilt.The facade of the home was completely rebuilt. Large French windows in modernist style open onto the garden. On the roofs are planters with trees. The staircase consists of a metal structure covered in plaster. On the wall hangs Kernelless Siamese Cobs by Xolo Cuintle (DS Galerie). Next to a chair by Charles Rennie Mackintosh stands a Teatro armchair by Aldo Rossi (Nans Design). “We kept the very high ceiling and the large French windows overlooking this fabulous garden, in an assertively modernist style, along the lines of Le Corbusier and Robert Mallet-Stevens,” Pargger explains. An indoor swimming pool with a sober and restrained design now stands where the studio once did. With gardens on both sides of the house, Pargger has created a new fluidity: the building has large vertical openings that blur the lines between exterior and interior on warm days. From the living room to the bedrooms, wherever you are, you’re surrounded by trees, and the architect’s goal has been to engage with this natural setting that both reveals and hides itself behind the layers of foliage.In the living room, behind one of the leather sofas (Katja Pargger), a Regen rope and silicone pouf (Wendy Andreu) and a pair of Armloffel armchairs by Joseph Hoffman. The Park rug is from Nordic Knots. Photos: Clément Vayssieres/Réalisation: Aurore Lameyre et Alice Mesguich assistées de Joanne FaberIn terms of colors and textures, the architect, who says she “loves authentic materials,” has restored the original appearance of the elegant classical facades—which were whitewashed with small bits of marble—and curated an interior aesthetic that’s reminiscent of the Viennese Secession, while simultaneously evoking the designs of Josef Hoffmann. “I like stone, lime, wood, glass, metal—as raw as possible without being too finished. I don’t use my design freedom simply to make a bold gesture without considering other factors. I design interiors that are sustainable, so that they don’t have to be redone in 10 or 15 years, having fallen out of fashion,” Pargger says. In the vast living area with its soaring ceiling, for example, the walls are constructed from a mineral plaster, while the herringbone parquet is in natural oak. The staircase leading to the mezzanine, made of a single piece of metal, is clad in plaster and has a presence like an elegant sculpture rising in the space at the heart of the home.The living room is organized around a conversation pit: two large modular sofas designed by Pargger form a circle. In the center, an aluminum Sella Curulis stool by SashaxSasha (GSL Gallery) and, atop glazed ceramic coffee tables by Pargger, a bronze Hera Pira box by Victor Guedy. Toward the rear of the room, a 19th-century Italian Studiolo cabinet (Nans Design) and a Les Artisans de Marolles wrought-iron lamp (Maison Cédric). On the stele, a patinated bronze sculpture, Broac over Paris, by Victor Guedy. Above the fireplace, the diptych (Dé)-camper by Clément Borderie (Galerie Jousse Entreprise). On the right, the textile work A Trillion Threads Still Weaving by Zuzanna Czebatul (Galerie Sans Titre) and a vintage Indian wooden chair. Upstairs, in a smaller lounge, the lightly stained oak and Japanese raffia complement the garden without feeling forcefully coordinated. The forest green carpet—which Pargger denotes as “something very new for me!”—evokes nature and the outdoors in a similarly subtle way.“I don’t use my design freedom simply to make a bold gesture—I make my interiors sustainable, so that they don’t have to be redone in 10 or 15 years.”—Katja ParggerAbove a cabinet of wood and parchment and an ivory box (Karin Szanto), an untitled work by Loïc Blairon. In front, a pair of Armloffel armchairs by Joseph Hoffman. On the stele, a vase by Natalia Criado (Galerie Paradis). The Park rug is by Nordic Knots. In an alcove off of the living room, a lacquered wooden bench by Pierre Cardin (Maison Verrsen) with an Iranian sofreh by Afshar hanging on the wall behind it(Galerie Triff). On the small black melamine table (Hélène Lalbaltry), a terracotta vase by Sakata Jinnai (MBA Fine Arts). The pair of Saucer sconces are by Gilles Derain (Nans Design). Constantly questioning her training as an architect, Pargger attempts to create lucky accidents, like placing a door frame in a paneled wall. It’s an effect that recalls a certain Japanese purity. “The more solid and perfect that you build the base, the more you can then innovate, but it’s like a mathematical equation. You have to master everything in sequence before you can go off in other directions.” She embraces experimentation and the blending of materials with an empirical approach that comes from deep within her, the result of her travels around the world to experience art and marvel at beauty that is the result of age and a certain patina. For example, the sofa in the form of a conversation pit, made with leather scraps from Hermès—a design she especially loves—encourages openness and fosters communication. As for the rest of the space, the room is pure and simple. Whitewashed walls diffuse light, while the convex fireplace features a concave sheet-metal hearth. The space is calm, glowing, and Zen-like. The curation of furniture and contemporary works gives the house its personality, with paintings by Clément Borderie, sculptures by artist duo Xolo Cuintle, a tapestry by Zuzanna Czebatul, other paintings by Ciprian Tocu, and furniture by Elias Van Orshaegen.In the dining room, above the fireplace, Origanum Phengaris and, to the right, Seed, Roots, Seed and Inside Out Shell, both by Xolo Cuintle (DS Galerie). On the lacquer table, a Teodora cup by Ettore Sottsass (Galerie Romain Morandi). Vintage chairs. The paint from Clay used for the kitchen cabinets echoes the emerald green of the swimming pool. They also complement the brilliance of the lacquered worktops. “I like stone, lime, wood, glass, metal—as raw as possible without being too finished.”—Katja ParggerCombining leather, wood, lacquer, and thick fabrics, Pargger’s design is more than a collection of materials, it’s also a meeting of the souls of designers and craftsmen. “This whole mix requires a solid base on which to then fill in the gaps and create a whole that can be experienced. It’s my attempt to take something from Umberto Eco’s theory of literature and apply it to architecture,” says Pargger with a smile. “It’s a little bit of something here, a little bit of something else there, and it all adds up to create something unique.” It’s a design that relies on differences of scale, discreet contrasts, and creating a rigorous whole from a variety of elements.In the library, in front of okoumé and velvet armchairs, two glazed ceramic coffee tables (all by Katja Pargger). The sculptural vase is by Anatole Riecke (Maison Cédric). On a lacquer table, a parchment frame (Hélène Lalbaltry). The chair, which is also lacquered, is by Takahama Kazuhide. On the bookshelves, hinoki wood boxes, a ceramic bowl (Garnier & Linker), and a small Hera Pira bronze box by Victor Guedy along with other objects. Next to the indoor swimming pool, Maze by Wendy Andreu (Théorème Editions). On the floor, One Body, Two Heartbeats by Xolo Cuintle (DS Galerie). In the bathroom, on the left, a small glazed Albarello terracotta jar and a steel piece, The Mirror of Simple Souls. On the stele, a glazed terracotta Fiasco vase (all by Coseincorso). Inoki wood and bronze Masu box (Garnier & Linker). Stainless steel and leather stool (Katja Pargger). On the desk with drawers, an inoki wood and bronze Masu box (Garnier & Linker). Lacquer chair by Takahama Kazuhide. On the wall to the left, works on canvas by Ciprian Tocu (Galerie Sinople). Loveseat bench in brushed metal by Elias Van Orshaegen (Galerie Sinople). On the right, Bulb Study of an Arum Psychoda by Xolo Cuintle (DS Galerie). In the foreground, atop a stele, Laetitia Jacquetton’s Tursiope in magmatic stone and Murano glass (Galerie Sinople). In the bedroom, in front of a Maya screen, on an Art Nouveau wooden stand (Hélène Lalbaltry), a wood and bronze Iwa vase and, on the right, an alabaster and patinated brass Lara floor lamp (all Garnier & Linker). On the wall, a pair of small mirrors by Line Vautrin (Maison Cédric). The leather bedspread is, like the living room’s conversation pit, made from scraps from Hermès fabric (Katja Pargger). The Turkish kilim is from Konya (Galerie Triff). In front of the bed, a stainless steel and leather bench (Katja Pargger). Architect Katja Pargger sits on glazed ceramic coffee tables in the living room, which overlooks the garden. The large leather sofas are made from scraps from Hermès (all by Katja Pargger). This bucolic Paris home by Katja Pargger was originally published in AD France.

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. ExplorerPatcher fix bypasses Windows 11 24H2 upgrade block, and squashes two major bugs Sayan Sen Neowin @ssc_combater007 · May 23, 2025 04:06 EDT ExplorerPatcher is a popular third-party customization and tweaking app on Windows. The latest update has three major improvements for Windows 11 24H2. First up, the author has made changes so that the app can bypass the Windows 11 24H2 upgrade block. Microsoft informed earlier that 24H2 compatibility block related to customization apps was slowly being removed. With the latest update, the ExplorerPatcher developer notes that they made changes to improve the app's Desktop Window Manager compatibility with the newest Windows version by renaming the ep_dwm EXE file to ep_dwm_svc. If you remember, Microsoft started blocking third-party apps like this one back in April 2024 during Insider testing and the safeguard hold continued even after general availability. In terms of bug fixes, there are several and two of them are related to Windows 11 24H2. The feature "disable rounded corner" now works on the latest Windows feature update. If you are familiar with Windows 11, one of the many characteristics of its aesthetics is the presence of rounder corners, which Microsoft has also brought over to its other apps, although there is still clearly room for sharper edged tabs too. So many who disliked the rounded corners on Windows 11 would rely on unofficial apps like ExplorerPatcher to deal with them. Thankfully, the feature now works, as previously it would simply automatically uncheck when detecting a 24H2 build. The second improvement is about Simple Window Switcher or SWS as the developer of ExplorerPatcher refers to it. SWS is meant as an alternative to the Alt-Tab functionality on stock Windows. Unlike the "disable rounded corner" option, the SWS feature still worked, although its implementation on Windows 11 24H2 was buggy, as users experienced slowdowns and lag. Underlying code issues can often cause problems like these as recently pointed out by a senior Microsoft engineer. From the user comments, it is apparent that the window switcher feature exhibited various other issues too. One user 03juan documented the several problems they encountered in great detail. These included being stuck in an infinite loop, high CPU usage, among others. The full changelog is given below: Start10: Fixed Pin to Start on 226x1.4541+ and 261xx.2454+. sws: Added support for 24H2. ep_dwm: Added support for 24H2. ep_dwm.exe has been renamed to ep_dwm_svc.exe to get around 24H2 upgrade blocks. ep_dwm: Now always unregistered on uninstallation, regardless of whether it was running during the uninstallation or not. Setup: The failure message now displays the associated code line number that failed, to assist in troubleshooting. Taskbar10: Fixed disabling immersive menus on ARM64. Taskbar10: Fixed Win+X menu still having Windows Terminal entries when Windows Terminal is not installed, that crashes Explorer when selected. For now, if you want to have PowerShell entries, Windows Terminal must be uninstalled. Taskbar10: Fixed Win+X entry clicks doing nothing on 26xxx.5551+ ARM64. GUI: Added dropdown indicators to dropdown entries. GUI: The language names now include the country name. (3f11766) Localization: Added Czech translations. (Thanks @9hb, @andrewz1986, and @Panzimy!) Localization: Added Spanish (Spain) translations. (Thanks @AlejandroMartiGisbert!) ep_taskbar: Added support for "Show desktop button: Hidden" setting. (#4020) (1be6658) ep_taskbar: Fixed a bug that prevented shortcut global hotkeys from working on 24H2. (#3777, #4016) ep_taskbar: Fixed a bug that prevented the taskbar from resizing properly after DPI changes. (#3796) ep_taskbar: Added the following languages: German, French, Hungarian, Indonesian, Italian, Korean, Lithuanian, Dutch, Polish, Portuguese (Brazil), Romanian, Spanish (Spain), Turkish, Ukrainian, Chinese (Simplified). ep_taskbar: Fixed a number of memory leaks and code/behavior inaccuracies. ❗ ep_taskbar: Fixed incompatibility with 26200.5603 (Dev), 26120.4151 (Beta), and 26100.4188 (Release Preview). (#4321) ep_taskbar: Now supports all Windows 10 versions supported by EP (17763/1809+). (aec8c70, 1edb989) To download the latest version, 22631.5335.68, of ExplorerPatcher, head over to Neowin's software stories page or its official GitHub repo here. The ExplorerPatcher author has also cautioned that Microsoft Defender will still flag the newer versions of the app, and has provided the following PowerShell to optionally add to anti-virus exclusions: Add-MpPreference -ExclusionPath "C:\Program Files\ExplorerPatcher" Add-MpPreference -ExclusionPath "$env:APPDATA\ExplorerPatcher" Add-MpPreference -ExclusionPath "C:\Windows\dxgi.dll" Add-MpPreference -ExclusionPath "C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy" Add-MpPreference -ExclusionPath "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy" Bear in mind though, that Defender serves to protect your system from dangerous malware like the recently reported Lumma, which affects nearly 400,000 systems worldwide. So if you do add exceptions manually, make sure to not let a dangerous quarantined threat out. Tags Report a problem with article Follow @NeowinFeed

The Hulu anthology series Nine Perfect Strangers is back for another season, leaving sunny California behind for the snowy Austrian Alps. So far, Nicole Kidman’s wellness guru Masha Dmitrichenko is the only character from season 1 set to return. The rest of the cast is made up of new characters that Masha has invited to this new iteration of her Tranquillum retreat. While there’s still a lot yet to be revealed about who these people are, we at least know which actors we can expect to see potentially tripping out on Masha’s psilocybin protocol this season. The trailer alludes to some unexpected connections between these characters, which isn’t a surprise given how Masha likes to hand-pick her groups. There’s bound to be some twists and turns in store, but for now, here’s what we know about the cast this season. Nicole Kidman as Masha Dmitrichenko Nicole Kidman returns as the mysterious Russian wellness guru Masha Dmitrichenko, who we last saw leaving her Tranquillum House spa in Cabrillo, California after finding a way to reunite with her deceased daughter via the hallucinogenic psilocybin she and everyone else were taking. Now that she has seemingly “perfected” her formula, it’s time to try and heal a new group of people, even though Masha still seems to be struggling herself. Nicole Kidman has had a long career thus far appearing in projects like Moulin Rouge!, Eyes Wide Shut, Practical Magic, and more recently Babygirl, Big Little Lies, The Undoing, and The Perfect Couple. Murray Bartlett as Brian Murray Bartlett joins the cast this season as Brian, one of Masha’s nine new guests. Based on clips from the trailer, it seems like Brian was once a Mr. Rogers-like figure and the host of a children’s TV show, but some kind of on-set outburst may have seen him ousted from his role. That kind of tarnished legacy seems like the kind of thing that would appeal to Masha, as we saw with Tony (Bobby Canavale) last season. It seems like he might also have a connection to Tina, but we’ll have to wait and see how that plays out. You’ll likely recognize Bartlett from his roles in The White Lotus and The Last of Us. Christine Baranski as Victoria Christine Baranski joins the cast as Victoria, yet another of Masha’s guests. Victoria appears to be wealthy and seems like she’s sought Masha out. She greets one of the attendants, Martin, with a familiarity that indicates they’ve likely spoken before, and she seems to know more than the other guests about Masha’s unorthodox practices. Victoria and Matteo seem to have come to this retreat together, though the exact nature of their relationship is unclear. You’ll likely recognize Baranski from one of her many projects such as Mamma Mia!, The Good Wife, The Gilded Age, and Chicago. Annie Murphy as Imogen Annie Murphy plays Imogen this season, another guest of Masha’s and Victoria’s estranged daughter. We don’t know much else about her, other than she seems a little awkward, but Annie Murphy has proven time and time again that she can play layered characters, so it’s only a matter of time before we see what’s under Imogen’s surface. Murphy has previously starred in Black Mirror, Russian Doll, Kevin Can F**ck Himself, and what most people will likely recognize her from, Schitt’s Creek. Aras Aydın as Matteo Aras Aydın plays Matteo, Victoria’s younger lover. Aydın is a Turkish actor who has previously appeared in projects such as Cherry Season, Runaway, and Siyah Kalp. Dolly de Leon as Agnes Dolly de Leon plays Agnes, a guest at the retreat who appears to have once been a nun, though seems to have gone through a crisis of faith. She also seems to have crossed paths with Tina at some point in her journey. De Leon has previously appeared in Triangle of Sadness, Jackpot!, and Ghostlight. Maisie Richardson-Sellers as Wolfie Maisie Richardson-Sellers plays Wolfie, Tina’s partner and a guest of Masha’s. It seems like Wolfie knows a little more about what this experience is about than Tina does, and really wants them to keep an open mind. Richardson-Sellers has previously appeared in projects such as The Originals, DC’s Legends of Tomorrow, and The Kissing Booth 2 and 3. King Princess as Tina Musician King Princess makes her on-screen acting debut as Tina, a depressed piano virtuoso in desperate need of a relaxing spa vacation. What she doesn’t realize is that her partner Wolfie seems to have other plans for their time off together. Tina also seems to have a connection to Agnes and appears to have been under her care at some point in their lives. Lucas Englander as Martin Lucas Englander plays Martin, Masha’s assistant this time around. He’s there to make sure things don’t get too out of hand as the guests take their various trips throughout their experience. Englander is an Austrian actor who has previously appeared in Catherine the Great, The Witcher, and Fantastic Beasts: The Secrets of Dumbledore. Join our mailing list Get the best of Den of Geek delivered right to your inbox! Henry Golding as Peter Henry Golding plays Peter, the son of David and a guest of Masha’s. Peter wants to reconnect with his aloof father, and this retreat is certainly a way to do that. You’ll likely recognize Golding from movies like Crazy Rich Asians, Snake Eyes, The Gentlemen, and Last Christmas. Mark Strong as David Mark Strong plays David, a billionaire who is skeptical of Masha’s methods, but still attends the retreat with the others. Mark Strong has appeared in a number of other projects, such as Shazam!, Dune Prophecy, The Penguin, and Kingsman: The Secret Service. Lena Olin as Helena Lena Olin plays Helena, an assistant of sorts to Masha this season, though she appears to have a much different role than Martin does. She seems to have helped Masha herself overcome something, and appears to be there to help her stay sane as well. Helena is also very adamant against bringing David into the fold, though her reasons for that are still unclear. Olin has previously appeared in Alias, Hunters, and The Darkness. The first two episodes of Nine Perfect Strangers season 2 are available to stream on Hulu now. New episodes premiere on Wednesdays, culminating with the finale on July 2.

Everything you purchase for your home says something about you and your personal style, and we've found that to be especially true when it comes to your dishes. Which ones do you use to set the table on a Tuesday night when you and your family are gathered around the table to discuss what the kids learned today in school? And which set are you choosing for your annual dinner party with your longtime friends? Whether you like it or not, your choice in dishware—and ultimately, your tablescape as a whole—says a lot about you. As dishware aficionados, we can attest that there are simply too many patterns to analyze and assign to a type of person, so we picked five beautiful options that are both timelessly popular and unique. What's more, we asked Rebecca Gardner, founder of the interior design firm, event planning service, and online shopping platform Houses & Parties, for her hot take. "Things that you touch several times each day, like dinner plates, are due thoughtful consideration," she explains. "Imagine starting your day with a pretty coffee cup and saucer in lieu of a clunky handled mug. Suddenly, you're a new person." She's not wrong. Enjoying meals on beautiful pieces is transformative in a way that we may not realize.Below, the charismatic design expert assigns each of these pinnacle plates to a specific fictional "character," if you will. We dare you not to laugh.Related StoriesGinori 1735 Oriente ItalianoThe SophisticateProduct Shot Image"You registered for the Oriente set in the sophisticated Vermiglio colorway. Your sister has the Malachite. Thank goodness you two live in the same city with 24 dinner plates combined. The big oval platters are on her Christmas list—eight of them are for a bountiful breakfast or family-style feast. 'It's surprising how these two colors go with everything,' you surmise. The dishes are especially fresh with your tufted dining banquette that's upholstered in Le Lac chintz fabric. Your friends constantly say you're such a 'fearless' decorator."Buy them here.Hermès Cheval D'OrientThe BachelorProduct Shot Image"This pattern belongs to you, a dapper bachelor in your late 50s. You live in a contemporary apartment at the very end of the very coveted and exclusive South Ocean Boulevard in Palm Beach, and your home's marble floors are covered in myriad Turkish rugs. Your Cheval D'Orient coffee cups get the most use, and you never take a sip without pointing your pinkie finger, donning a signet ring, straight up."Buy them here.Carolina Irving & Daughters Blue FlowerThe TraditionalistProduct Shot Image"These Portuguese blue flower dinner plates stack on the open kitchen shelving in her revival-style home in Buckhead, Atlanta. The kitchen was just renovated with a hidden coffee bar and a big island for casual cocktail buffets."Buy them here.Bordallo Pinheiro CabbageThe DecoratorProduct Shot Image"Half of these cabbage plates came from your grandmother's collection, but you bought 10 more to anchor the table with repetition. After all, they mix so well with your pantry that's full of mismatched treasures (sterling silver julep cups to Murano tumblers), which, somehow, are always on top of the frayed Decor Barbares fabric left over from a project you worked on years ago. You use the Cabbage tureen for cosmos and zinnias from the garden. Dinner is takeout, but you always take the cake."Buy them here.Crate & Barrel Cielo Scalloped The HostessProduct Shot Image"You are a regular host to your friends and family and known for serving fresh paella at summer soirées in Montauk. You have 50 of these white plates that your guests always want to know where to buy. The scalloped edge adds a little low-maintenance je ne sais quoi that lets your culinary creations shine.Buy them here.Follow House Beautiful on Instagram and TikTok.