UE5 lets you optimize materials using Variable Rate Shading (VRS). It runs your pixel shader once for a block (like 2x2 or 4x4), then spreads that result — reducing pixel shader cost with minimal visual loss. This feature is not related to LOD, Nanite or Virtual Shadow Maps - it’s a separate material level optimization. In practice, you might see 10–50% improvement on fill-rate-bound scenes, sometimes more (often less). Works per-material, no global setup needed. Available since UE5.0 (DX12/Vulkan required) Open your material — Details — Advanced — Shading Rate (1x1) — Change The larger the block, the less GPU load, but also more visible blur Great to be used on background VFX, or anything that doesn’t need crisp pixel detail. Doesn’t work with DLSS or on all platforms. Not supported for masked materials in UE5.6. May be broken with masked materials in earlier versions. I learned about this feature thanks to a super-duper-senior-boss-chief-king tech art wizard — Dmytro Baidachnyi. All hype to him. Cheers

May 23, 2025Ravie LakshmananThreat Intelligence / Network Security Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like network. The threat actor has been observed exploiting a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers (CVE-2023-20118) to corral them into a set of honeypots en masse. A majority of the infections are located in Macau, with 850 compromised devices. "The infection chain involves the execution of a shell script, dubbed NetGhost, which redirects incoming traffic from specific ports of the compromised router to a honeypot-like infrastructure under the attacker's control allowing them to intercept network flows," Sekoia said in an analysis published Thursday. It's worth noting that the exploitation of CVE-2023-20118 was previously attributed by the French cybersecurity company to another botnet dubbed PolarEdge. While there is no evidence that these two sets of activities are connected, it's believed that the threat actor behind ViciousTrap is likely setting up honeypot infrastructure by breaching a wide range of internet-facing equipment, including SOHO routers, SSL VPNs, DVRs, and BMC controllers from more than 50 brands like Araknis Networks, ASUS, D-Link, Linksys, and QNAP. "This setup would allow the actor to observe exploitation attempts across multiple environments and potentially collect non-public or zero-day exploits, and reuse access obtained by other threat actors," it added. The attack chain entails the weaponization of CVE-2023-20118 to download and execute a bash script via ftpget, which then contacts an external server to fetch the wget binary. In the next step, the Cisco flaw is exploited a second time, using it to execute a second script retrieved using the previously dropped wget. The second-stage shell script, internally referenced as NetGhost, is configured to redirect network traffic from the compromised system to third-party infrastructure controlled by the attacker, thereby facilitating adversary-in-the-middle (AitM) attacks. It also comes with capabilities to remove itself from the compromised host to minimize forensic trail. Sekoia said all exploitation attempts have originated from a single IP address ("101.99.91[.]151"), with the earliest activity dating back to March 2025. In a noteworthy event observed a month later, the ViciousTrap actors are said to have repurposed an undocumented web shell previously employed in PolarEdge botnet attacks for their own operations. "This assumption aligns with the attacker's use of NetGhost," security researchers Felix Aimé and Jeremy Scion said. "The redirection mechanism effectively positions the attacker as a silent observer, capable of collecting exploitation attempts and, potentially, web shell accesses in transit." As recently as this month, exploitation efforts have also targeted ASUS routers but from a different IP address ("101.99.91[.]239"), although the threat actors have not been found to create any honeypot on the infected devices. All the IP addresses actively used in the campaign are located in Malaysia and are part of an Autonomous System (AS45839) operated by hosting provider Shinjiru. The actor is believed to be of Chinese-speaking origin on the basis of a weak overlap with the GobRAT infrastructure and the fact that traffic is redirected to numerous assets in Taiwan and the United States. "The final objective of ViciousTrap remains unclear even [though] we assess with high confidence that it's a honeypot-style network," Sekoia concluded. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

Curious how others are creating with Unity? Check out this roundup of the latest Made with Unity news and discover what the Unity community has been up to.#MadeWithUnity games reached some exciting milestones in February.To start, Intercept Games’ Kerbal Space Program 2 has been released in Early Access on Steam, if you’re looking for something out of this world. Ready to get your puzzle on? NAHUAL by Thirdworld Productions may be the quirky brainteaser you’ve been waiting for.Congratulations to all of the games that won an Academy of Interactive Arts & Sciences’ D.I.C.E. Award! As a follow up to last month’s finalists list, you can find the full list of winners in this IGN article. Esteemed Made with Unity winners include:TUNIC, Outstanding Achievement for an Independent GameMarvel SNAP, Mobile Game of the YearOlliOlli World, Sports Game of the YearWe share new releases or milestone spotlights every Monday on the @UnityGames Twitter account. Be sure to give us a follow and support your fellow creators.Tuesdays are dedicated to #UnityTips on Twitter. Here are a couple we found particularly helpful in February:@SunnyVStudio dropped some major grout for your tiles if you start to see screen tearing.@jamesebrill is on a roll with getting stones rolling – learn how to breathe life into 2D rolling stones.Keep tagging us using the #UnityTips hashtag.We're stunned by what you all create every week, and you certainly kept the amazing projects coming in February. If we missed something from you, be sure to use the #MadeWithUnity hashtag next time you share.Twitter’s @cptnsigh gave us all virtual whiplash with a strikingly smooth fast-paced FPS, and @canopy_studio healed our whiplash with a relaxing waterfall. Then, we snuck around with a bow and arrow and completed puzzles in @CatthiaGames’ Cynthia: Hidden in the Moonshadow. Finally, @PhillipWitz's adorable frog showed off its new skating skills.On Instagram, @papetura warmed our cups with a dose of fiery cuteness, and now we’re certainly ready for Spring thanks to @Studio_unjenesaisquoi, @umanimation1, and @focus_entmt. @Cornf_blue went super speed with some insane parkour and @JfvmYt was busy expanding their castle!We’re so excited for the #MadeWithUnity year ahead (and GDC 2023 later this month), so keep adding the hashtag to your posts to show us what you’ve been up to.Following the wrap of Global Game Jam 2023, we took to Twitch for a Let’s Play stream that saw members of our team play a selection of 10 games created during the event and solicited from the community.Later in the month, we sat down with Whales and Games to discuss Townseek in an all-new Creator Spotlight stream. Then, we released another Creator Spotlight clip (above) on the use of timeline in As Dusk Falls. And finally, as a callback to the 2022 Let’s Dev 101 session on animation, we posted the full stream to YouTube.Don’t forget to follow us on Twitch and hit the notification bell so you never miss a stream.On February 23, we hosted our second Dev Blitz Day of the year, focusing on scripting. The event was held in both the forums and on the Discord server. Throughout the day, we had more than 100 threads and would like to thank everyone who participated.Keep an eye on our forum announcements and Discord for updates about future Dev Blitz Days.Just because you're a “one-person team” doesn’t mean you can’t call in extra help! Check out how Thomas Sala, creator of The Falconeer, was able to fill in skill gaps using assets from the Unity Asset Store. Assets were able to take the game to another level – from adding realism to gameplay to localizing in 13 different languages. Similarly, here are three more stories from studios that were able to save time and money by using assets.Taking to social media, here's a roundup of some of our favorite creator showcases from Twitter in February:Clay Outdoors Pack | Unicorn OneVolcano | NatureManufactureMegabook 2 | Chris WestLove/Hate | PixelcrushersDon’t forget to tag the @AssetStore Twitter account and use the #AssetStore hashtag when posting your latest creations.Last but not least, here’s a non-exhaustive list of Made with Unity titles released in February. Do you see any on the list that have already become favorites or notice that something is missing? Tell us about it in the forums.Birth, Madison Karrh (February 17)The end is nahual: If I may say so, Third World Productions (February 17)PlayStation® VR2 (PS VR2) releases (February 22): Cities: VR – Enhanced Edition, Fast Travel GamesCosmonious High, Owlchemy LabsDemeo, Resolution GamesThe Last Clockwinder, PontocoThe Last Worker, Oiffy, Wolf & Wood Interactive LtdThe Light Brigade, Funktronic LabsSynth Riders, Kluge InteractiveThe Tale of Onogoro, Amata K.K.Tentacular, Firepunchd Games UGWHAT THE BAT?, TribandZenith: The Last City, Ramen VRSons Of The Forest, Endnight Games Ltd (February 23)Clive ‘N’ Wrench, Dinosaur Bytes Studio (February 23)Kerbal Space Program 2, Intercept Games (February 24)Phantom Brigade, Brace Yourself Games (February 28)Rytmos, Floppy Club (February 28)That’s a wrap for February! Want more community news as it happens? Don’t forget to follow us on social media: Twitter, Facebook, LinkedIn, Instagram, YouTube, or Twitch.