May 21, 2025The Hacker NewsMalware Analysis / Threat Intelligence It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the access they need. Left undetected, these threats can lead to credential theft, unauthorized access, and even full-scale breaches. As phishing techniques become more evasive, they can no longer be reliably caught by automated solutions alone. Let's take a closer look at how SOC teams can ensure fast, accurate detection of even the most evasive phishing attacks, using the example of Tycoon2FA, the number one phishing threat in the corporate environment today. Step 1: Upload a suspicious file or URL to the sandbox Let's consider a typical situation: a suspicious email gets flagged by your detection system, but it's unclear whether it's indeed malicious. The fastest way to check it is to run a quick analysis inside a malware sandbox. A sandbox is an isolated virtual machine where you can safely open files, click links, and observe behavior without putting your own system at risk. It's how SOC analysts investigate malware, phishing attempts, and suspicious activity without triggering anything locally. Getting started is easy. Upload the file or paste a URL, pick your OS (Windows, Linux, or Android), tweak your settings if needed, and within seconds, you're inside a fully interactive virtual machine ready to investigate. Analysis setup inside ANY.RUN sandbox To show how easy it is to detect phishing, let's walk through a real-world example, a potential phishing email we analyzed using ANY.RUN, is one of the fastest and most intuitive sandboxes available. View the phishing sample here Phishing email analyzed inside cloud-based ANY.RUN sandbox The suspicious email includes a large green "Play Audio" button, a trick used to lure the victim into clicking. Equip your SOC team with a fast and in-depth phishing analysis service to respond to and prevent incidents in seconds. Get a special offer before May 31Step 2: Detonate the Full Attack Chain With the help of sandboxes like ANY.RUN, it's possible to detonate every single stage of an attack, from the first click to the final payload. Even junior SOC members can do it with ease. The interface is intuitive, interactive, and built to make complex analysis feel simple. In our phishing example, we've already seen how the attack begins; a suspicious email with a big green "Play Audio" button buried in a thread. But what happens after the click? Inside the sandbox session, we see it clearly: As soon as the button is pressed, a series of redirects (another evasion tactic) eventually lead us to a page with a CAPTCHA challenge. This is where automated tools typically fail. They can't click buttons, solve CAPTCHAs, or mimic user behavior, so they often miss the real threat. But in ANY.RUN's Interactive Sandbox, isn't a problem. You can either solve the CAPTCHA manually or enable the auto mode to let the sandbox handle it for you. In both cases, the analysis continues smoothly, allowing you to reach the final phishing page and observe the full attack chain. CAPTCHA challenge solved inside the interactive sandbox Once the CAPTCHA is solved, we're redirected to a fake Microsoft login page. At first glance, it looks convincing, but a closer look reveals the truth: The URL is clearly unrelated to Microsoft, full of random characters The favicon (browser tab icon) is missing; a small but telling red flag Phishing signs detected inside ANY.RUN sandbox Without the Interactive Sandbox, these details would remain hidden. But here, every move is visible, every step traceable, making it easier to detect phishing infrastructure before it tricks someone inside your organization. If left undetected, the victim may unknowingly enter their credentials into the fake login page, handing sensitive access directly to the attacker. By making sandbox analysis part of your security routine, your team can check suspicious links or files in seconds. In most cases, ANY.RUN provides an initial verdict in under 40 seconds. Step 3: Analyze and Collect IOCs Once the phishing chain is fully detonated, the next step is what matters most to security teams; gathering indicators of compromise (IOCs) that can be used for detection, response, and future prevention. Solutions like ANY.RUN makes this process fast and centralized. Here are some of the key findings from our phishing sample: In the top-right corner, we see the process tree, which helps us trace suspicious behavior. One process stands out; it's labeled "Phishing", showing exactly where the malicious activity occurred. Malicious process identified by sandbox Below the VM window, in the Network connections tab, we can inspect all HTTP/HTTPS requests. This reveals the external infrastructure used in the attack: domains, IPs, and more. In the Threats section, we see a Suricata alert: PHISHING [ANY.RUN] Suspected Tycoon2FA's Phishing-Kit Domain. This confirms the phishing kit used and adds useful context for threat classification. Suricata rule triggered by Tycoon2FA In the top panel, the tags instantly identify it as a Tycoon2FA-related threat, so analysts know what they're dealing with at a glance. Tycoon detected by ANY.RUN sandbox Need to see all IOCs in one place? Just click the IOC button, and you'll get a full list of domains, hashes, URLs, and more. No need to jump between tools or gather data manually. These IOCs can then be used to: Block malicious domains across your infrastructure Update email filters and detection rules Enrich your threat intelligence database Support incident response and SOC workflows IOCs gathered inside ANY.RUN sandbox Finally, ANY.RUN generates a well-structured, shareable report that includes all key details, from behavior logs and network traffic to screenshots and IOCs. This report is perfect for documentation, team handoff, or sharing with external stakeholders, saving valuable time during response. Well-structured report generated by an interactive sandbox Why Sandboxing Should Be Part of Your Security Workflow Interactive sandboxing helps teams cut through the noise, exposing real threats quickly and making incident response more efficient. Solutions like ANY.RUN makes this process accessible to both experienced teams and those just starting to build up threat detection capabilities: Speed Up Alert Triage and Incident Response: Don't wait for verdict, see threat behavior live for faster decisions. Increase Detection Rate: Trace multi-stage attacks from origin to execution in detail. Improve Training: Analysts work with live threats, gaining practical experience. Boost Team Coordination: Real-time data sharing and process monitoring across team members. Reduce Infrastructure Maintenance: Cloud-based sandbox requires no setup; analyze anywhere, anytime. Special Offer: From May 19 to May 31, 2025, ANY.RUN is celebrating its 9th birthday with exclusive offers. Equip your team with extra sandbox licenses and grab limited-time offers across their Sandbox, TI Lookup, and Security Training Lab. Learn more about ANY.RUN's Birthday special offers→ Wrapping Up Phishing attacks are getting smarter but detecting them doesn't have to be hard. With interactive sandboxing, you can spot threats early, trace the full attack chain, and collect all the evidence your team needs to respond quickly and confidently. Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

Apple’s approach to building new features has always been rooted in safety and seamless convenience. Take, for example, AirPlay, a wireless standard created by the company that allows users to stream audio and video from one device to another. AirPlay works not just across Apple devices, but also on TVs and speakers cleared by the company to offer the wireless streaming facility. That also makes it a ripe target for attacks, and it seems there are, in fact, vulnerabilities in the wireless lanes that could allow bad actors to seed malware and infect more connected devices.  Recommended Videos Understanding the AirPlay risk Experts at the security research firm Oligo recently detailed Airborne, a set of flaws in Apple’s AirPlay Protocol and the AirPlay Software Development Kit (SDK) that can allow hackers to remotely execute code. These vulnerabilities can let bad actors take control of devices and use the infected machines to broaden the damage.  “An attacker can take over certain AirPlay-enabled devices and do things like deploy malware that spreads to devices on any local network the infected device connects,” Oligo explained. The risk is huge because there are billions of Apple devices out there that support AirPlay, and millions that are sold by other brands.  Simon Cohen / Digital Trends One of the vulnerabilities could allow hackers to compromise a device and then use it to gain access to a larger network, potentially targeting other devices, too. Depending on the target, the risks range from spying on conversations to tracking a car’s location, accessing sensitive information, ransomware attacks, and denial of service.  Apple has patched the vulnerabilities via macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4 updates. However, there are potentially thousands of older devices that will never get patched and remain vulnerable.  What steps do experts suggest? Of course, the first line of defense to protect yourself across all vulnerable devices is to download the fix released by Apple. But that isn’t the full picture. Trevor Horwitz, CISO and founder of TrustNet, says the patch will only work if people install it after the package downloads on their device. “The simplest and most effective thing you can do is keep your devices updated. That sounds basic, but it’s often overlooked,” he says. On an iPhone or iPad, follow this route to install the safety update: Settings > General > Software Update. For macOS, you must walk this path: Apple menu > System. Settings > General > Software Update. Nadeem Sarwar / Digital Trends Since attack vectors like Airborne rely on Wi-Fi networks to expand their damage, you must also pay attention to them. Oleh Kulchytskyi, Senior Malware Reverse Engineer at MacPaw’s Moonlock, told DigitalTrends that a Zero-Click Remote Code Execution (RCE) is the highest level of security breach.  It should be immediately patched by the companies involved, but as a user, one must take further network-related precautions. “To stay safe at home, ensure that your router has a strong password and there are no suspicious connections to your network,” Kulchytsky adds.   A safe way to AirPlay Matthias Frielingsdorf, a veteran iOS researcher and cofounder of iVerify, tells me that everyone should follow basic digital security protocols. Those include installing updates as soon as they are available, maintaining strong network passwords, and most importantly, reducing the surface area for such attacks.  Since AirPlay is the threat vector, users should take proactive steps while using it. ”Disabling this on iOS / macOS / tvOS devices that don’t need to be an AirPlay receiver would limit some of the attacks. In public spaces, disabling WiFi on the Mac and iPhone would stop those attacks as well,” says Frielingsdorf.  Nadeem Sarwar / Digital Trends AirPlay streaming is active by default, and as such, you need to disable it. To do so, follow this path on your iPhone or iPad: Settings  > General > AirPlay & Continuity > Ask. You can also set it to Never, if you don’t actively utilize this feature. There’s also an option to set a password, which I recommend that you enable, while at it. What about AirPlay itself? Can it be disabled? Yes, it can be turned off entirely. On your iPhone and iPad, go to the AirPlay & Continuity page and turn off the AirPlay Receiver toggle. Alternatively, you can choose to allow AirPlay only for the Current User, instead of keeping it open to everyone in the range.  For Mac users, this is the path you need to follow: Apple Menu > System Settings > General > AirDrop & Handoff > AirPlay Receiver. You can’t always patch older or discontinued devices, so it’s best to ensure that the machines that are currently in your hands have enabled the right protocols to minimize the risks.  The bottom line  On multiple occasions in the past, security experts have highlighted flaws in wireless transmission systems, such as Bluetooth. But a vulnerability that allows zero-click remote code execution in AirPlay is a cautionary tale. The message is clear. Apple’s security guardrails are solid, but not impenetrable. “What makes this serious is the integration. AirPlay isn’t just a standalone app. It’s a system-level service built into iOS, macOS, and tvOS. So the moment that layer is compromised, the attacker could potentially affect multiple devices at once,” TrustNet’s Horwitz told Digital Trends.  Nadeem Sarwar / Digital Trends So, where does that leave an average user who is not savvy about security measures? Well, it’s time to set aside notions and market perceptions. Chris Hill, Chief Security Strategist at BeyondTrust, says users must understand the threat landscape instead of living with the idea that a certain ecosystem is safer than the rest.  “Threat actors are opportunistic, looking for the easiest path of least resistance, they will find it, and they did in this case with AirPlay and AirBorne,” he warns. The bottom line is that keep your devices updated, disable features you don’t use, and be vigilant with network-related settings.

Ming - stock.adobe.com Opinion UK Fraud Bill targets benefit claimants for mass surveillance The UK government’s proposed Fraud Bill will disproportionately place millions of benefit claimants under constant surveillance, creating a two-tier system where people are automatically suspected of wrongdoing for seeking welfare By Anna Dent Published: 21 May 2025 Earlier this month the House of Lords had its first debate on the Public Authorities (Fraud, Error and Recovery) Bill.  The Bill aims to reduce government losses to benefit fraud and error, and would give the Department for Work and Pensions (DWP) unprecedented powers of investigation to routinely and covertly check benefit claimants' bank accounts, the right to enter private homes, and to seize drivers' licenses or money from bank accounts. Expert organisations including Justice, the Public Law Project and Big Brother Watch warn that although the aim of the Bill is hugely important, the proposed powers are disproportionate and represent a breach of human rights. As Baroness Finn remarked in the Lords, "support for the goal must not mean silence about the means." The Bill promises an expanded regime of digital surveillance for people in receipt of Universal Credit, Employment and Support Allowance, and State Pension Credit. This includes the introduction of an 'Eligibility Verification Measure' (EVM) which would enable DWP to direct banks to check millions of bank accounts for as yet unspecified indicators of benefit fraud and error.  DWP already has similar powers but crucially can only use them where it has 'reasonable grounds' to suspect fraud is taking place, which is the standard threshold for many comparable state powers. This Bill would completely remove that threshold, and enable intrusive surveillance without any justification. Details on exactly how the EVM will be used are sparse, but it could theoretically result in every single claimant’s bank account being checked, with no suspicion or indication of any fraud, error or over-payment needed.  Accounts flagged through these checks would then be passed to a member of DWP staff for further investigation, but what this will involve is still unclear. A code of practice to accompany the Bill is still unpublished, so we don't actually know what sequence of events would play out. Will individuals be informed when they are being investigated? Will their benefits be suspended during an investigation? Will their claim be assessed by other fraud algorithms? In some circumstances, the Department could automatically take money from the bank accounts of people no longer on benefits if they are deemed to have committed fraud or been accidentally overpaid. Banks will be prevented from informing their customers that this recovery process is happening, so the first that a customer might know is when money disappears from their account.  The finance industry has expressed concern about tensions between the obligations the Bill would create and financial institutions' consumer obligations, the risks of financial harm to vulnerable customers, and the lack of robust safeguards for the transfer of banking data. Others are concerned about the potential for miscarriages of justice which many will be unable to effectively challenge: the benefits covered by the Bill are only available to people on a low income, who are unlikely to have the means to engage in legal action. These powers would apply to both fraud and error, including over-payments caused by the Department's own mistakes. Overpayments can be caused by myriad mistakes on the part of DWP or claimant, or both, and the complexity of making claims is well known. But under the Bill, fraud and error will be treated the same, with the same digital surveillance deployed and the same powers to seize money and other assets. Universal Credit already appears to be particularly prone to mistakes and over-payments. Rather than punishing people after the fact, it would be better for DWP to work out why it is particularly vulnerable, do more to help people avoid mistakes, and reduce the rate at which their own mistakes cause over-payments. Treating all claimants like intentional fraudsters stigmatises people on benefits, and risks people who need financial support disengaging from the benefit system. Rather than focus on professional criminals who are actively defrauding the Department, the bill scoops everyone up and places them all under suspicion. It creates a two-tier system in which benefit claimants would be subject to an invasion of privacy not applied to the rest of the population: millions of people who have done nothing wrong will be laid open to mass surveillance. DWP officers would be given police-like powers of entry to private premises and seizure of private property. This is an extraordinary expansion of very serious powers targeted at one section of society. It fundamentally undermines basic rights to privacy and to be presumed innocent until proven otherwise.  Whether the ends justify these heavy-handed means is doubtful. The Department's own impact assessment estimates that just 2% of social security fraud and error over-payments will be clawed back through the use of these powers over 10 years: a disproportionate invasion of privacy for little benefit. The finance industry also warns that the organised gangs who carry out large-scale benefit fraud using sophisticated methods to avoid detection will easily find ways to work around the new powers.  Also on its way through the legislative process is the Data Use and Access Bill, which proposes to reduce the requirement for human oversight of automated decisions within government. If both Bills pass into law as currently drafted, there is a potential future in which the human-in-the-loop safeguards relating to digital bank surveillance are no longer legally required. This leaves the door open to hugely consequential decisions being made entirely by automated systems. We know that existing DWP fraud algorithms generate bias; the introduction of more automation and digital surveillance and the potential for less human oversight should trouble us all.  Increasing the number of people that are flagged for investigation via these new powers could put thousands more through the difficult process of fraud investigation. DWP’s own figures show that three-quarters of people whose benefit claims are flagged as suspicious actually have no fraud or error related to their claim at all. Ten million people receive the benefits that will be covered by the new powers: if even 1% of claimants are wrongly investigated many thousands of people will be affected.  As well as the immediate impact of these disproportionate powers, politicians need to be aware of the precedents they are setting, and how the legislation could be used by other administrations in future. Eliminating the need for the government to justify wholesale digital surveillance removes a basic protection against state over-reach. Only the state pension is explicitly excluded from the powers in the Bill: a government with an even more single-minded obsession with efficiency and fraud could roll out the bank surveillance to many, many other people. What will affect a minority now could become the norm for the majority. Anna Dent is an independent researcher and policy consultant, working on the digital welfare state and human-centred technology Read more about digital surveillance UK government outlines plan to surveil migrants with eVisa data: Electronic visa data and biometric technologies will be used by the UK’s immigration enforcement authorities to surveil migrants living in the country and to ‘tighten control of the border’, attracting strong criticism from migrant support groups. AI surveillance towers place migrants in ‘even greater jeopardy’: The use of autonomous surveillance towers throughout the English coast forces migrants into increasingly dangerous routes and contributes to their criminalisation. Invasive tracking ‘endemic’ on sensitive support websites: Websites set up by police, charities and universities to help people get support for sensitive issues like addiction and sexual harassment are deploying tracking technologies that harvest information without proper consent. In The Current Issue: UK critical systems at risk from ‘digital divide’ created by AI threats UK at risk of Russian cyber and physical attacks as Ukraine seeks peace deal Standard Chartered grounds AI ambitions in data governance Download Current Issue Microsoft entices developers to build more Windows AI apps – Cliff Saran's Enterprise blog Red Hat launches llm-d community & project – Open Source Insider View All Blogs

Cyberpunk 2077 sequel will feature at least two cities says franchise creator GameCentral Published May 21, 2025 11:37am Updated May 21, 2025 11:37am Cyberpunk 2077 – the sequel is bigger than just one city (CD Projekt) The sequel to Cyberpunk 2077 will involve ‘another city’, as tabletop game designer Mike Pondsmith offers the first detail about the new video game. It was a bumpy ride getting there, but Cyberpunk 2077 is now uncontroversially accepted as one of the most critically and commercially successful video games of all time. And there’s only one thing that means: a sequel. One has been announced, under the codename Project Orion, but very little has been said about it so far, by developer CD Projekt Red – who are currently more concerned with Switch 2 launch title Cyberpunk 2077: Ultimate Edition. Although many don’t realise, Cyberpunk 2077 is based on a tabletop role-playing game that dates all the way back to 1988. Creator Mike Pondsmith was a consultant for the first game and has some involvement with the sequel too, which he’s probably said more about than he was supposed to. Speaking at the 2025 Digital Dragons conference in Poland, Pondsmith mentioned that he, ‘spent a lot of time talking to one of the environment guys and he was explaining how the new place in Orion… because there’s another city we visit.’ He seemed to be aware that he probably wasn’t supposed to be saying any of that, but continued on anyway, confirming that Night City is also still part of the sequel. Although he didn’t state what the new city is called, he recalled another conversation with CD Projekt Red’s developers: ‘I remember looking at [the new city] and going, ‘Yeah, I understand the feel that you’re going for and this really does work. It doesn’t feel like Blade Runner, it feels more like Chicago gone wrong’. That doesn’t mean that it literally is Chicago, but perhaps not coincidentally, that has been rumoured as a destination in the sequel for some time now. There are several posters in Cyberpunk 2077 that mention the city, with one that reads ‘Travel from Chicago to Night City in under three hours, coming in 2080.’ You can view that as simply a bit of environmental detail or a purposeful clue, perhaps even to the name of the sequel. Things get even more suspicious when you take into account the DLC expansion Phantom Liberty, one of whose endings is set several years later, after the ‘Transcontinental Maglev Network’ to Chicago has been completed. That does seem to add up to a pretty compelling rumour, but whether it’s just a made-up city that looks a bit like Chicago, or the place itself, Pondsmith does make clear that the original Night City is not the only location in the sequel. Despite insisting that he’s not as involved with the follow-up as he was with the original, Pondsmith says he’s still shown scripts and, as his anecdotes make clear, gets to visit the development studios, which this time round are in Boston and Vancouver. Phantom Liberty also seems to point towards Chicago as a future location (CD Projekt) Email gamecentral@metro.co.uk, leave a comment below, follow us on Twitter, and sign-up to our newsletter. To submit Inbox letters and Reader’s Features more easily, without the need to send an email, just use our Submit Stuff page here. For more stories like this, check our Gaming page. GameCentral Sign up for exclusive analysis, latest releases, and bonus community content. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. Your information will be used in line with our Privacy Policy

Gamers across the world are stuck without access to Steam following an outage as status monitoring service Downdetector reported a sudden surge of people being unable to access the networkTech23:32, 20 May 2025Updated 00:48, 21 May 2025Steam seems to be down for people across the UK Online video game streaming service Steam has gone down, according to reports, affecting gamers around the world.Almost 4000 reports of people being unable to access the service were logged on Tuesday night, according to Downdetector.‌The majority of the issues so far appear to be reported from users across the UK and Europe, though some based in the United States are also having problems connecting.‌Gamers across the world have flocked to X to voice their frustration. Many simply ranting that "Steam is down again".However, according to some X users, the shutdown is for "maintenance". One user wrote: "Lovely, Steam is down for maintenance again. hey Steam why don't you guys do this s*** when idk ppl are asleep? Just a thought. any how don't matter."The Steam outage happened around 11pm on Tuesday May 20Article continues belowThis comes after PC gamers urged to change Steam password following a breach of 89 million users' data.According to the Underdark post, "a threat actor going by Machine1337 posted on a well-known dark web forum claiming to have breached Steam, offering a dataset of over 89 million user records for $5,000.""The implications here are serious — Steam isn’t just a game platform; it's a treasure trove of personal and financial data tied to users worldwide. If this breach is verified, it could lead to widespread phishing, account takeovers, and targeted attacks across the gaming community."‌The post urges users to enable 2FA if they haven't already, update their passwords, and monitor their emails for suspicious activity.It's worth stressing that Valve's own service has not been breached, but that wherever the leak has come from, it could lead to phishing attempts that could have big consequences for users.If the breach is from a 2FA service, it could allow a bad actor to hijack those requests and gain access to a user's Steam account.‌It's common practice for these kinds of data purchasers to try the same login details on multiple accounts, meaning they could gain access to your email, shopping, or even banking accounts.As a result, we'd suggest changing your Steam account password, while also ensuring it isn't reused elsewhere.Password manager apps can be an ideal tool in these kinds of situations, letting you see at a glance how often you've reused a string of characters.‌A Twilio spokesperson said: "There is no evidence to suggest that Twilio was breached. We have reviewed a sampling of the data found online, and see no indication that this data was obtained from Twilio."The computer game distribution service was first launched in 2003 for games made by Valve. It expanded to include third-party games in 2005. Popular current titles available on Steam include Diablo 4 and Apex Legends.By 2017, game purchases through Steam totaled about US$4.3 billion, or at least 18% of global PC game sales according to Steam Spy.Article continues belowFor the latest breaking news and stories from across the globe from the Daily Star, sign up for our newsletter by clicking here.

Buying online furniture is not for the faint of heart. Photos lie. Descriptions are vague. And reviews—while occasionally helpful—often read like dramatic short fiction. (One person’s “cloud-like cocoon” is another’s “uncomfortable nightmare.”) Add Amazon to the mix, and things can get even dicier. Can you really find a well-made, good-looking accent chair on a site better known for used books and fast fashion? Surprisingly: yes.Amazon has become a solid source for design-forward furniture, if you know where to look. Between the endless scroll of stock photos and suspiciously affordable listings, you can surface some real gems. We’re talking sherpa-clad statement pieces, curvy velvet shells, and midcentury silhouettes—pieces that make you feel like you finally figured out what your space is missing. And many that even ship within two days.We combed through hundreds of listings to find the standouts. Whether you’re channeling Parisian salon energy or just need a comfy spot to throw your bag, these are the best accent chairs on Amazon to add to your cart.Our Top Picks for the Best Accent Chairs on AmazonBest Swivel Chair: HomePop Barrel Back Swivel Chair, $371Best Sling Style: Zinus Aidan Sling Chair, $139Best Ottoman Set: Colamy Accent Chair With Storage Ottoman, $300 $230Best Armchair: Tov Furniture Marla Velvet Accent Chair, $404Best Living Room Set: Chita Swivel Accent Chair Set, $1,159 $1,099HomePop Barrel Back Swivel ChairSpecsMaterials: Bouclé fabric, woodDimensions: 33.5 x 29.5 x 32 inchesThere’s something satisfyingly sculptural about this chair with a 360° swivel—the barrel shape, the neat tailoring, the continuous curves. But then you get up close and realize it’s also absurdly cozy, thanks to thick cushioning and nubby bouclé fabric for added texture and warmth. Above all, it’s compact enough for city apartments, cozy home offices, or tucking into that weird empty corner that’s just begging for a glow-up.Tov Furniture Marla Velvet Accent ChairSpecsMaterials: Velvet, pine woodDimensions: 28.5 x 29.9 x 28.2 inchesThe Marla chair doesn’t need flashy hardware or oversized proportions to make a point. It’s all about curves, color, and texture. The warm cognac hue seen here adds a touch of earth-toned elegance, playing nicely with neutrals and contrasting beautifully with bold tones. The kiln-dried pine frame also ensures durability, while the plush foam cushioning offers comfort that doesn’t skimp on style.ZINUS Aidan Sling Accent ChairSpecsMaterials: Steel, fabricDimensions: 30.71 x 30.71 x 35.15 inchesThis chair knows how to mix materials without making a scene. With its sleek metal frame and generously stuffed cushions, it offers the perfect blend of industrial lines and cozy comfort. It works beautifully in a minimalist living room, but also shines in a home office or den where you want a seat that feels relaxed, not rigid.Christopher Knight Home Evete Tufted Club ChairSpecsMaterials: Polyester fabric, birchDimensions: 28.75 x 32.00 x 34.50 inchesIf your space could use some tasteful prints, but you’re not quite ready to commit to wallpaper, this chair is a perfect entry point. With its bold black-and-cream buffalo check upholstery, it walks that line with confidence. Tufted details and nailhead trim add additional visual accents, and the turned birch wood legs lend it just the right amount of polish. Place it in an entry hall for immediate impact or use two as conversational anchors flanking a fireplace or bookshelf.CHITA Swivel Accent ChairSpecsMaterials: Velvet, pine wood, metalDimensions: 31.1 x 31.1 x 28.3 inchesWith its graceful silhouette, featuring sloped arms and a curved back, this accent chair offers a modern twist on the classic club chair design. The 360-degree swivel base adds functionality, while the velvet upholstery brings a hint of drama. Think of it as your living room’s new focal point—one that plays well with both natural light and evening mood lighting.Signature Design by Ashley Puckman Leather Accent ChairSpecsMaterials: Leather, metalDimensions: 29 x 32 x 34 inchesWith its black metal frame and rich, tobacco-brown leather cushions, the Puckman Chair strikes a balance between raw industrial edge and classic comfort. Even the arms have been considered, with inset padding wrapped in matching leather for a balanced look and added coziness. We’d use it to ground a minimalist loft space, or to add structure to a more layered, eclectic room.COLAMY Velvet Barrel Chair with Storage OttomanSpecsMaterials: Velvet, rubberwoodDimensions: 25.59 x 29.72 x 29.53 inchesTalk about thoughtful design. Not only can the matching ottoman be tucked under the chair itself, but it also offers the holy grail of small-space living: hidden storage. Better yet, its compact footprint doesn't sacrifice comfort, thanks to the barrel back and padded armrests. Use it in a bedroom corner with a moody floor lamp or float it near a bay window for an afternoon reading perch that doubles as a secret spot for throw blankets.

Today, in questions you didn't know you needed the answer to: Is there such a thing as a perfect ball? And if there were, would it contain the secrets of the universe? To wit, a spherical object lurking in our galaxy is so perfectly round that astronomers can't explain how it was formed.Dubbed "Teleios" after the Greek word for "perfect," the object is what's known as a supernova remnant (SNR), a glowing cloud of hot gases and other material left behind after a massive star dies in a powerful explosion called a supernova. And it's definitely earned its nickname. According to the astronomers' findings, as reported in a pre-print study accepted for publication in Publications of the Astronomical Society of Australia, this is one of the most circular galactic SNRs ever found."The shape indicates Teleios has remained relatively untouched by its environment," said lead author Miroslav Filipovic, an astronomer at Western Sydney University, in an written with his colleagues earlier this year. "This presents us with an opportunity to make inferences about the initial supernova explosion, providing rare insight into one of the most energetic events in the universe."When a star goes supernova, it blasts all that stellar material into space in a tremendous release of energy bright enough to momentarily outshine even entire galaxies. The astronomers believe that Teleios is the result of a rare type of explosion — we're talking happening only once every 500 years in the Milky Way rare — called a type Ia supernova that occurs in binary star systems. When a smaller but far denser white dwarf siphons enough matter from its companion star whose orbit has crept too close, the stolen stellar material detonates in an epic thermonuclear explosion that obliterates both the stars.For something so symmetrical to emerge out of an event so violent is unusual, to put it mildly."The supernova remnant will be deformed by its environment over time. If one side of the explosion slams into an interstellar cloud, we'll see a squashed shape," explained Filipovic in the essay. "So, a near-perfect circle in a messy universe is a special find."Teleios was uncovered as part of the Evolutionary Map of the Universe (EMU) survey using the Australian Square Kilometer Array Pathfinder (ASKAP), an enormous radio telescope that's proving to be a powerful tool for finding SNRs that aren't visible in other wavelengths. Teleios, exclusively seen at radio-continuum frequencies, is one of them. Along with its perfect shape, it has one of the lowest surface brightnesses among all known galactic SNRs.The astronomers estimate that Teleios lies at a distance of either 2.2 or 7.7 kiloparsecs away (or approximately 7,100 or 25,100 light years). The uncertainty surrounding its distance means its age and size are hard to pin down, too. It's either on the younger side at less than 1,000 years old, or much older at over 10,000 years old. Likewise, it could be as small as 46 light years across, or as large as 157 light years. In any case, their findings place Teleios at a stage of its evolution called the Sedov-Taylor phase, during which the expansion of the SNR first begins to slow down, as it sweeps up additional mass from the interstellar medium of space. There's a catch, though: this process should produce detectable x-ray emissions, but the astronomers haven't see any.Maybe, the astronomers explored, Teleios is actually the remnant of an even rarer type of Ia supernova: a type Iax, in which the white dwarf partially survives as "zombie star." In that case, Teleios might be much closer at less than 3,200 light years away while being about 10.7 light years across.No hard answer, however, can be made from the data we have now. But this is just the beginning, and the astronomers are optimistic that more detailed observations in the future will one day help put this mystery to bed.Share This Article

Published May 20, 2025 10:00am EDT close Google's AI unleashes new powerful scam-busting features for Android The CyberGuy explains steps you can take to protect yourself from scams. Scammers are always coming up with new tricks. Just when you start feeling confident about spotting phishing emails, suspicious links and fake banking apps, they find a new angle. Lately, they have been getting more creative, turning to the built-in features of our phones to pull off their schemes. One of the latest targets is NFC, the technology behind tap-to-pay. It might seem harmless, but a new scam is using it in ways most people would never expect. An Android malware called SuperCard goes beyond just stealing your card details. It gives attackers the ability to use your card remotely for real transactions. And the worst part is that it all begins with something as simple as a text message. An Android phone (Kurt "CyberGuy" Knutsson)What makes SuperCard X different?SuperCard X stands out from other Android malware because of how it operates. As reported by researchers at Cleafy, instead of stealing usernames, passwords or verification codes, it uses a method called NFC relay. This allows attackers to copy card data from a victim's device in real time and use it elsewhere to make payments or withdraw cash. The process does not require physical access to the card or knowledge of the PIN.The malware is offered through a Malware-as-a-Service model, which means different cybercriminals can use it in their own regions. This makes the threat more scalable and harder to contain. Unlike most banking trojans, SuperCard X is not focused on one specific institution. It targets any cardholder regardless of which bank issued their card.Another key difference is how stealthy the malware is. It uses minimal permissions and does not include extra features that would make it easier to detect. This lean approach helps it avoid detection by antivirus software and allows it to operate quietly on infected devices. SuperCardX fully undetectable (FUD | Cleafy) (Kurt "CyberGuy" Knutsson)How the scam worksThe fraud begins with a message sent through SMS or WhatsApp. It pretends to be from a bank and warns the recipient about a suspicious transaction. The message includes a phone number and urges the person to call to resolve the issue. This is the first step in gaining the victim's trust.Once on the phone, the attacker poses as a bank representative and walks the victim through a fake security process. This may include asking them to confirm personal details or adjust settings in their mobile banking app, such as removing spending limits on their card.Next, the attacker asks the victim to install a mobile app that is described as a tool to verify the account or enhance security. In reality, this app contains the SuperCard X malware. After the installation, the attacker instructs the victim to tap their card against the phone. The malware then captures the NFC data from the card and sends it to a second phone controlled by the attacker.Using the copied data, the attacker can make contactless payments or make ATM withdrawals almost instantly. This method allows them to steal funds quickly and leaves little opportunity for banks or victims to intervene in time. A woman scrolling on her phone (Kurt "CyberGuy" Knutsson)8 ways you can stay safe from SuperCard X malware1) Be cautious of suspicious texts and calls. Use strong antivirus software: Fraudulent campaigns often begin with an SMS or call that seems to come from your bank. These messages usually claim there's suspicious activity on your account and urge you to click a link or dial a number to resolve the issue. However, this is a tactic used to gain access to your personal information. Always approach such messages with skepticism.The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.2) Avoid installing apps from untrusted sources: One of the key ways malware like SuperCard X spreads is through deceptive apps that victims are persuaded to install. These apps often look harmless, posing as tools for security or account verification. If you receive a link to download an app via SMS, email or messaging apps like WhatsApp, do not click on it. Instead, only download apps from trusted sources, such as the Google Play Store. Additionally, carefully review app permissions and avoid granting unnecessary access, particularly to sensitive data like NFC, location or personal contacts.3) Turn off NFC when not in use: NFC, or Near Field Communication, is a useful feature that allows contactless payments and data exchanges. However, it can be exploited by attackers to capture your card information without you even realizing it. To minimize your risk of falling victim to NFC-based malware like SuperCard X, turn off NFC when you're not actively using it. On most Android devices, you can do this by going to "Settings," then "Connected Devices" or "Connection Preferences," where you’ll find the NFC toggle. By disabling NFC, your phone won't transmit data wirelessly, which helps protect your payment card information from being stolen by nearby attackers.4) Keep a close eye on your bank accounts and cards: If your device has come into contact with the SuperCard or anything similar, it’s possible your banking details are already compromised. That’s why it’s important to regularly check your transaction history for anything odd, like a small payment you don’t remember making or a charge from a strange location could be a sign of misuse. If you spot anything suspicious, report it to your bank right away. It’s also worth checking your credit reports every now and then to catch signs of identity theft before they snowball into bigger issues.5) Use a personal data removal service: If scammers have targeted you once, there's a higher chance they’ll try again, especially if your personal details (like your phone number, address or email) are easily found online. Data removal services scan people-search sites and brokers, then request the removal of your info. This reduces your exposure and helps prevent future phishing or social engineering attacks.While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here.6) Contact your bank and freeze your cards: If you think you’ve tapped or handled a suspicious card, or if your phone acted strangely afterward, don’t brush it off. Call your bank and let them know what happened. They can freeze your card to stop any unauthorized payments and issue a new one for added safety. You should also ask them to monitor your account more closely for a while. On top of that, place a fraud alert with a credit bureau so no one can easily open a new line of credit in your name.7) Consider enrolling in identity theft protection services: If you've been targeted by a sophisticated scam like SuperCard X, there's a chance your personal information, not just your card data, may be at risk. Identity theft companies can monitor personal information, like your Social Security number, phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.8) Report the scam to your national cybercrime authority: Whether or not you lost money, reporting the scam helps authorities track emerging threats and warn others. You can report such fraud to the FBI’s Internet Crime Complaint Center or the Federal Trade Commission. Your report could help catch the people behind the scam or at least shut down their infrastructure.Kurt’s key takeawayThe SuperCard X malware campaign represents a significant shift in how cybercriminals are targeting individuals and financial institutions. By exploiting NFC technology and combining it with social engineering tactics, attackers have found a way to bypass traditional fraud detection systems. What's especially concerning is how quickly these attacks unfold, making them harder to detect before the damage is done. As this threat evolves, it's important for both consumers and institutions to recognize the potential risks of these multilayered fraud strategies.Do you think Google is doing enough to protect you from malware? Let us know by writing us atCyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.Follow Kurt on his social channels:Answers to the most-asked CyberGuy questions:New from Kurt:Copyright 2025 CyberGuy.com. All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Boxes Full of Nazi Propaganda Discovered in the Basement of Argentina’s Supreme Court Workers found crates packed with swastika-covered notebooks, postcards and photographs while preparing to move the court’s archives to a new museum Notebooks decorated with swastikas were among the documents found in the wooden crates. Supreme Court of Argentina Boxes full of Nazi propaganda that were confiscated during World War II have been rediscovered in the basement of Argentina’s Supreme Court. Workers recently stumbled across the cache while preparing to move the court’s archives to a new museum, according to BBC News’ Vanessa Buschschlüter. They found wooden champagne crates that were packed with documents that had been “intended to consolidate and propagate Adolf Hitler’s ideology in Argentina,” according to a statement from the court. On May 9, officials formally opened the boxes during a ceremony led by Horacio Rosatti, president of Argentina’s Supreme Court. Also in attendance were Eliahu Hamra, the chief rabbi of the Argentine Israelite Mutual Association, and Jonathan Karszenbaum, the executive director of the Holocaust Museum of Buenos Aires. “I was shocked because of the volume of this,” Karszenbaum tells the New York Times’ Claire Moses. Now, Rosatti has ordered a thorough investigation and detailed inventorying of the contents. Historians hope the documents will shed new light on the Nazis’ international financing network. Workers found the crates while preparing to move the court's archives to a new museum. Supreme Court of Argentina Officials think the boxes arrived in Argentina on June 20, 1941, aboard the Japanese steamship Nan-a-Maru. That year, the German embassy in Tokyo sent 83 packages to Argentina that supposedly contained the personal effects of members of the German diplomatic mission. But Argentine customs officials were suspicious. They wanted to inspect the boxes’ contents to ensure they did not undermine Argentina’s neutrality during World War II. When they randomly opened five containers, they found Nazi propaganda material—including postcards, photographs and notebooks decorated with swastikas. German diplomatic representatives wanted to send the boxes back to the German embassy in Tokyo. Instead, a federal judge ordered that the boxes be seized and brought the affair to Argentina’s Supreme Court. What happened to them after that isn’t clear. Karszenbaum hopes to get to the bottom of why the boxes were hidden away for so many years, per the Times. The boxes arrived on a Japanese steamship in 1941. Supreme Court of Argentina Argentina maintained neutrality until 1944, when it cut off its relationships with the Axis powers. In 1945, the nation declared war on Germany and Japan. Some 44,000 European Jews fled to Argentina between 1933 and 1943, according to the United States Holocaust Memorial Museum. After the war, thousands of Nazi officers and sympathizers escaped to Argentina in a bid to evade justice. They included prominent figures such as Adolf Eichmann, who orchestrated Hitler’s “final solution” to exterminate European Jews, and Josef Mengele, who was nicknamed the “angel of death” for conducting inhumane medical experiments on Auschwitz prisoners. In 2000, President Fernando de la Rúa formally apologized for the refuge Argentina provided for Nazi war criminals. Today, Argentina is home to around 200,000 Jews, the largest Jewish population in Latin America. Get the latest stories in your inbox every weekday.