Keyview 13" Touch is a mechanical keyboard with a built-in 13-inch touchscreen
It works with phones, tablets, laptops, desktops, and even game consoles
There’s no battery or touchpad unfortunately, so you'll need to provide power and a mouse
The Keyview 13" Touch, from Aura Displays, is a compact 82-key mechanical keyboard (83 keys for the UK version) with a fun, and useful twist - it has an integrated 13-inch touchscreen attached.
We’ve also encountered various DIY projects that produced laptops without displays, as well as notebook docking stations with built-in screens, but few of those have been as polished or feature-packed as this.
RGB lighting and custom shortcuts
The Keyview 13" Touch's screen folds from 0 to 90 degrees and delivers a 1920 x 720 matte IPS display. It supports full 10-point multitouch and has a wide 178° viewing angle, making it usable for video, docs, or just as a second screen.
The keyboard itself uses yellow mechanical switches and PBT keycaps. It’s fully customizable, with hot-swappable keys, RGB lighting, and support for custom shortcuts.
The device includes USB-C, HDMI, two USB 3.0 ports, an SD/TF slot, and an M2 SSD bay for internal storage expansion. It also supports 60W PD fast charging.
It’s compatible with macOS, Windows, Android, Linux, and ChromeOS. That means it works with laptops, desktops, full-featured USB-C phones like the Galaxy line, latest iPhones, tablets, and even game consoles.
The case is made from aluminum alloy, ABS, and PC plastic. It’s solid but weighs 2.12kg, which makes it more of a backpack item than something pocketable.
There’s also a built-in speaker, rated at 1W. That's nothing special, but it will be fine for notifications or quick audio tasks.
There are a couple of bigger drawbacks, though - there’s no battery for starters, so you’ll need to plug it in every time you want to use it. And there’s no touchpad either, so unless your device is touch-capable, you’ll want to bring a mouse too.
Still, for a certain type of user, especially those wanting to turn their phone into a capable workstation, it’s an unusual and potentially useful option. You can buy it direct from Aura now for $399.00, 20% off its usual MSRP of $499.
Security researchers claim Anubis ransomware is adding a file wiper
The wiper reduces all files to 0 KB, irreversibly destroying them
This could be an additional pressure point during negotiations
Anubis, a relatively new Ransomware-as-a-Service (RaaS) operation, added a new feature to its encryptor that irreversibly destroys all encrypted files on the compromised system.
Cybersecurity researchers Trend Micro has published a new in-depth report about the operation, revealing the group is currently working on adding new features to the encryptor, among which is the file-wiping ability.
“What further sets Anubis apart from other RaaS and lends an edge to its operations is its use of a file wiping feature, designed to sabotage recovery efforts even after encryption,” Trend Micro said. “This destructive tendency adds pressure on victims and raises the stakes of an already damaging attack.”
Pressuring the victims
When the threat actors activate the feature, the wiper erases the contents of the files and reduces their size to 0 KB. The filenames and the structure remain intact, which means it’s impossible to recover the files.
The best way to stay protected is, obviously, to tighten up on security and minimize the chances of getting a ransomware infection. However, out of an abundance of caution, businesses should have a separate, possibly air-gapped backup, that would allow them to restore the files safely.
Usually, ransomware actors would exfiltrate sensitive files from their target’s IT infrastructure, and then encrypt the systems.
They would then demand money, usually in bitcoin, in exchange for the decryption key that returns the victims access to their locked files. Since many companies deny paying the ransom, and instead keep an updated backup that can be restored in case of an attack, the hackers started stealing files and threatening to release them to the public.
Releasing sensitive files is, in many cases, more disruptive than encryption, since it can lead to class-action lawsuits, data watchdogs fines, loss of credibility among customers and partners, and loss of competitive edge after IP leaks.
Besides the file wiper, which is definitely a big threat, ransomware actors also sometimes engage in DDoS attacks, as well, to put pressure on both the front-end and the back-end of the business. In some instances, they would also call the victims on the phone in an attempt to get them to pay the ransom demand.
- Officially renewed in May
- Main cast expected to return
- No official trailer released yet
- Plot details remain under wraps
- Writing for season 2 has commenced
The Four Seasons season 2 is officially on the way, thanks to a swift renewal just days after the show premiered on Netflix.
Based on the 1981 film of the same name, season 1 followed six friends, made up of three married couples, as they vacationed together during each season of the year – four trips, four seasons.
Over eight episodes, the couples experienced the highs, lows and laughs of being long-term friends and long-term lovers. Until, during the final season of winter, tragedy struck the group and the devastation threatened to tear them apart. Fortunately, it seemed to bring them closer together. Although, how about that Ginny twist?
Season 2 will take what co-showrunners Tina Fey, Lang Fisher and Tracey Wigfield lovingly crafted in the first run and hurtle viewers through another rollercoaster of emotions on one of the best streaming services.
Here's what we know so far about The Four Seasons season 2 release date, predicted cast, plot and more.
The Four Seasons season 2: is there a release date?
When it comes to The Four Seasons season 2 release date, well, there isn't one just yet. But, the show was officially renewed on May 14, just under two weeks after season 1 premiered on Netflix.
In the announcement on Netflix's Instagram, the words "It's time for another trip" appear alongside clips from season 1 of the cast discussing going on vacation again with Anne suggesting "someplace warm".
The show's co-creators and co-showrunners Fey, Fisher and Wigfield told The Hollywood Reporter: "We are so grateful that audiences worldwide share our love of cozy sweaters, drinks by the ocean, and picking fights in a hot tub. See you on our next vacation together!"
No word yet on The Four Seasons season 2 filming though, so I'd predict that we won't see the return of the show until at least mid to late 2026.
The Four Seasons season 2: has a trailer been released?
With season 2 yet to commence filming, there's no official trailer to share(Image credit: Netflix)
There's no The Four Seasons season 2 trailer yet, which isn't all that surprising considering the cast and crew haven't started filming.
For season 1, a teaser dropped in mid-March with the official full trailer landing only a couple of weeks before the show launched on Netflix. So, I'll keep an eye out and update here in what I imagine will be 2026.
The Four Seasons season 2: predicted cast
The main cast all predicted to return(Image credit: Netflix)
I'm almost certain that for The Four Seasons season 2 cast, the main characters will all reprise their roles (bar one obvious emission):
Tina Fey as Kate
Will Forte as Jack
Colman Domingo as Danny
Marco Calvani as Claude
Kerri Kenney-Silver as Anne
Erika Henningsen as Ginny
Julia Lester as Lila
It's pretty much a given that the main cast listed above will return considering they're the core of the entire show. Especially considering Wigfield told TVLine if the show was renewed for season 2 (which, of course, it now has been): "It wouldn't be, like, an anthology. We would keep our group because I think that's what makes the show so great, this particular group."
What isn't a given is whether Steve Carell (Nick) would return at all, given his shocking demise in season 1, but there's always a chance of flashbacks. After all, there's a long history between the friends he left behind and there may well be story left to tell.
While Nick and Anne's daughter, Lila, starred in a number of episodes it's not clear whether she'd be returning, so we'll wait to confirm when we hear more.
The Four Seasons season 2: story synopsis and rumors
Ginny's pregnancy opens new doors for The Four Seasons season 2(Image credit: Netflix)
Full spoilers forThe Four Seasonsseason 1 to follow. Plus, potential spoilers for season 2.
The Four Seasons season 1 brought comedy and a breadth of emotion with the six friends vacationing together over the course of a year.
And over that year, a lot happened. Like Nick leaving his wife Anne for a much-younger girlfriend, Ginny. And then Nick suddenly dying in the second-to-last episode. Oh, and then Ginny telling the group that she is in fact pregnant with Nick's baby. Excuse us while we try and ground ourselves ready for season 2.
With so much to unpack, we imagine the friends will literally be packing and unpacking their bags ready for four more vacations across four more seasons of the year with Tudum telling viewers to "settle in for another winter, spring, summer and fall."
More seasons means more vacations(Image credit: Netflix)
And we'd predict that those vacation spots will be entirely new ones. Unless, of course, Ginny can lure them all back to the Eco Resort...
Other than where season 1 left viewers, there's not much known about the season 2 plot and that's probably because they only headed back into the writer's room in May.
Though Tina Fey told The Hollywood Reporter, when it comes to writing season 2: "The writers have been very generous a lot of what you saw in season one, a lot is obviously from the movie but a lot also came from all of our lives. Adding: "We are kind of starting from scratch."
To this, Fey's co-creator and co-showrunner Wigfield expanded: "We set up fun dynamics in the finale. Ginny is pregnant, and this friend group is kind of moving on in the wake of their friend's death. There is going to be really interesting stuff to play and already we're starting to talk about it and it's really exciting."
And when it comes to Claude's part in season 2, in conversation with Variety Marco Calvani expressed his hopes for what's next: "Well, it would be fun to see Danny and Claude's group of gay friends.
"But you know, the group will be dealing with a baby now. I have a feeling Claude will confront his desire for a family. It would also be cool to have some scenes with Ginny. We're a bit of the outsiders in the group."
Will there be more seasons of The Four Seasons?
Will the friends reunite for another season?(Image credit: Netflix)
As of right now, there's really no saying whetherThe Four Seasons will return for another series.
Since season 2 hasn't commenced filming yet. In fact, it's still in the writing stages. So, it seems unlikely that there will be any intel on whether season 3 is a possibility until a little while down the road.
The renewal for season 2 happened just days after season 1's release, so if we're to hear any thoughts on season 3, I imagine it won't be until at least 2026. What I do know is that I've never written the word season so many times in my life.
Whether you’re looking for fast speeds or affordable pricing, these are the most dependable internet providers in San Antonio, according to CNET's experts.
AI-generated documents are replacing traditional forgeries and bypassing verification faster than ever imagined
Synthetic identity fraud has surged 195% globally, with Europe and North America hardest hit
Most fraud now happens after onboarding, using tricks like credential stuffing and device spoofing
Synthetic identity document fraud is now spreading at an alarming pace globally, driven almost entirely by the misuse of generative AI, experts have warned.
New data from Sumsub has claimed the creation of fake documents using AI grew by 195% worldwide between Q1 2024 and Q1 2025.
The most dramatic spike was recorded in Europe, where synthetic ID fraud surged by 378%, followed by North America (311%) and the MENA region (258%).
Traditional forgery declines
This trend appears to be gaining ground on traditional document forgery, which has declined sharply in most regions, dropping by 82% in Africa and 50% in North America - with Europe the exception, where traditional forgeries increasing by 33%.
This shift suggests scammers are moving from conventional techniques to AI-generated identities, which can now be produced in seconds using largely unregulated tools.
The industries most affected by this trend include crypto, trading, transportation, fintech, and gambling, all sectors which often rely on rapid onboarding processes and may not yet have strong enough safeguards to detect synthetic documents before damage is done.
Compounding this vulnerability is the fact over three quarter (76%) of fraud now occurs after the onboarding stage, using methods such as device fingerprint spoofing, credential stuffing, and so-called “money muling.”
“The rise of AI-generated fraud is exposing critical flaws in traditional verification systems, and this data shows sophisticated fake documents are becoming a key tool in the fraudster’s arsenal,” said Pavel Goldman-Kalaydin, Head of AI/ML at Sumsub.
“We expect companies like OpenAI to strengthen safeguards controlling the use of its programs to generate passports, IDs, and other personal documents.”
Parallel to this trend is a dramatic rise in deepfake-related fraud, where North America saw a staggering 1,100% increase in such cases, with Europe following at 900%.
Nations like Hong Kong, Singapore, and Germany saw the highest individual surges, raising concerns about the future role of manipulated visual media in identity fraud schemes.
For individuals and organizations trying to protect themselves, relying solely on conventional KYC protocols may no longer be enough. Businesses are advised to use identity management software and multi-layered verification systems for stronger protection.
Consumers should also consider top-rated ID theft protection solutions, especially those that monitor for synthetic identity use. Using reputable people search tools can add an extra layer of safety when verifying unknown contacts or confirming someone’s legitimacy online.
Fake wallet apps ask for your 12-word phrase and quietly drain your crypto funds
CRIL found over 20 Play Store apps built solely to steal users’ crypto credentials
Malicious apps used WebView to fake real login pages from PancakeSwap and others
New research by Cyble Research and Intelligence Labs (CRIL) has uncovered a large-scale phishing campaign involving more than 20 Android applications listed on the Google Play Store.
These apps, which appeared to be legitimate cryptocurrency wallet tools, were created with a singular purpose: stealing users’ mnemonic phrases, the crucial 12-word keys that provide full access to crypto wallets.
Once compromised, victims risk losing their entire cryptocurrency holdings, with no possibility of recovery.
How the apps work and what makes them dangerous
Many of the malicious apps were built using the Median framework, which enables the rapid conversion of websites into Android applications.
Using this method, threat actors embedded phishing URLs directly into the app code or within privacy policy documents.
These links would then load deceptive login pages via a WebView, tricking users into entering their mnemonic phrases under the false belief they were interacting with trusted wallet services such as PancakeSwap, SushiSwap, Raydium, and Hyperliquid.
For example, a fraudulent PancakeSwap app used the URL hxxps://pancakefentfloyd[.]cz/api.php, which led to a phishing page mimicking the legitimate PancakeSwap interface.
Likewise, a fake Raydium app redirected users to hxxps://piwalletblog[.]blog to carry out a similar scam.
Despite variations in branding, these apps shared a common objective: extracting users’ private access keys.
CRIL's analysis revealed that the phishing infrastructure supporting these apps was extensive. The IP address 94.156.177[.]209, used to host these malicious pages, was linked to over 50 other phishing domains.
These domains imitate popular crypto platforms and are reused across multiple apps, indicating a centralized and well-resourced operation.
Some malicious apps were even published under developer accounts previously associated with legitimate software, such as gaming or streaming applications, further lowering user suspicion.
This tactic complicates detection, as even advanced mobile security tools may struggle to identify threats hidden behind familiar branding or developer profiles.
To protect against such attacks, CRIL advises users to download apps only from verified developers and avoid any that request sensitive information.
Using reputable Android antivirus or endpoint protection software, along with ensuring that Google Play Protect is enabled, adds an important, though not infallible, layer of defense.
Strong, unique passwords and multi-factor authentication should be standard practice, and biometric security features should be enabled when available.
Users should also avoid clicking on suspicious links received via SMS or email, and never enter sensitive information into mobile apps unless their legitimacy is certain.
Ultimately, no legitimate app should ever request a full mnemonic phrase through a login prompt. If that happens, it’s likely already too late.
Attackers use real Google URLs to sneak malware past antivirus and into your browser undetected
This malware only activates during checkout, making it a silent threat to online payments
The script opens a WebSocket connection for live control, completely invisible to the average user
A new browser-based malware campaign has surfaced, demonstrating how attackers are now exploiting trusted domains like Google.com to bypass traditional antivirus defenses.
A report from security researchers at c/side, this method is subtle, conditionally triggered, and difficult for both users and conventional security software to detect.
It appears to originate from a legitimate OAuth-related URL, but covertly executes a malicious payload with full access to the user's browser session.
Malware hidden in plain sight
The attack begins with a script embedded in a compromised Magento-based ecommerce site which references a seemingly harmless Google OAuth logout URL: https://ift.tt/axqznMW.
However, this URL includes a manipulated callback parameter, which decodes and runs an obfuscated JavaScript payload using eval(atob(...)).
The use of Google’s domain is central to the deception - because the script loads from a trusted source, most content security policies (CSPs) and DNS filters allow it through without question.
This script only activates under specific conditions. If the browser appears automated or the URL includes the word “checkout,” it silently opens a WebSocket connection to a malicious server. This means it can tailor malicious behavior to user actions.
Any payload sent through this channel is base64-encoded, decoded, and executed dynamically using JavaScript’s Function constructor.
The attacker can remotely run code in the browser in real time with this setup.
One of the primary factors influencing this attack's efficacy is its ability to evade many of the best antivirus programs currently on the market.
The script's logic is heavily obfuscated and only activates under certain conditions, making it unlikely to be detected by even the best Android antivirus apps and static malware scanners.
They will not inspect, flag, or block JavaScript payloads delivered through seemingly legitimate OAuth flows.
DNS-based filters or firewall rules also offer limited protection, since the initial request is to Google’s legitimate domain.
In the enterprise environment, even some of the best endpoint protection tools may struggle to detect this activity if they rely heavily on domain reputation or fail to inspect dynamic script execution within browsers.
While advanced users and cybersecurity teams may use content inspection proxies or behavioral analysis tools to identify anomalies like these, average users are still vulnerable.
Limiting third-party scripts, separating browser sessions used for financial transactions, and remaining vigilant about unexpected site behaviors could all help reduce risk in the short term.
Cortical Labs offers cloud access to neuron-powered computing for just $300 a week
CL1 fuses human brain cells and silicon and can run real code
System enables real-time neural processing for research in AI and neuroscience
Cortical Labs, an Australian startup we've covered previously, has launched what it describes as the world’s first commercially available biological computer capable of running code.
The CL1 device combines lab-grown human neurons with silicon hardware and is designed for neuroscience, biotech, and artificial intelligence research.
Customers can purchase a CL1 unit outright for $35,000 or access it remotely through a weekly rental priced at $300, with the platform already available via Cortical Labs’ wetware-as-a-service.
A new way to study brain function
Each CL1 contains about 800,000 neurons grown from reprogrammed adult cells. These neurons are kept alive by an integrated life-support system that delivers nutrients and controls the environment.
The neurons communicate and adapt using sub-millisecond electrical signals, which the company says allows the CL1 to process inputs and generate outputs almost instantly, offering a new way to study brain function.
“The CL1 does this in real time using simple code abstracted through multiple interacting layers of firmware and hardware,” Brett Kagan, Chief Scientific Officer at Cortical Labs told IEEE Spectrum. “Sub-millisecond loops read information, act on it, and write new information into the cell culture.”
The CL1 builds on DishBrain, a proof-of-concept where neurons learned to play Pong in a simulated environment.
The new model increases input channels, improves signal latency, and includes hardware enhancements that make it more suitable for research and potential commercial applications. It has already been used to restore learning function in neural cultures modeling epilepsy.
The device consumes less power than conventional AI hardware and supports use cases including drug development, AI testing, and disease modeling. It requires buyers to obtain ethical approval for new cell lines and to operate within a lab environment.
Karl Friston, a theoretical neuroscientist, called the CL1 a “remarkable achievement” and noted that it provides researchers with a practical platform to test theories about learning, behavior, and brain function using real neurons.
Is Weber still the king of the grill? We put a slew of top full-sized, tabletop and portable grills to the test to find the best propane and natural gas grills for summer 2025.
The Fiio M21 hi-res audio player costs £279 / $329 (about AU$583)
Quad-DAC configuration and two-stage amplification
Desktop mode for optimized output for hi-fi systems
The arrival of a new affordable audio player from FiiO is guaranteed to get our attention: when we reviewed the JM21 portable music player we were blown away by its sound and its value for money. And now there's a new player that's more powerful without being much more expensive.
Where the JM21 is a dual-DAC device, the new FiiO M21 is a quad-DAC player. And double the DACs doesn't mean double the price: where the JM21 launched at $199 / £179, the M21 is $329 / £279.
FiiO M21 portable audio player: key specifications and features
(Image credit: FiiO)
The M21 is a sleek-looking thing with a big 4.7-inch IPS touchscreen on the front, a glass back, and an octa-core Snapdragon 680 inside it. The device runs Android 13 and comes with 4GB of RAM, 64GB of internal storage with 52GB of that available for use, and you can add up to 2TB via microSD. Bluetooth is 5.0 (SBC, AAC, aptX, aptX HD, LDAC and LHDC).
The DACs are four Cirrus Logic CS4319s arranged to minimize crosstalk and noise. The two-stage amplification provides voltage first and current second, which Fiio says creates a clean and dynamic sonic profile.
A key new feature is M21, a first for Fiio's entry-level Androids. It enables you to connect to a USB-C supply and bypass the battery, delivering up to 21Vpp peak voltage and 950mW per channel into 32 ohms. Desktop mode also enables you to use the M21 as a hi-res streamer for a wider hi-fi system.
Battery life in portable mode is 15 hours over the 3.5mm output and 11.5 hours with the balanced 4.4mm output. And there's an optional retro case that looks like a cassette tape – it's the larger metal-colored box the M21 is sitting on in the main photo at the top.
There's no doubt that this is going to sound fantastic – and I suspect it'll probably cope better with higher volumes than the JM21, which gets a bit shouty when you crank things up too high. And at £279 / $329 the M21 still undercuts many rival hi-res audio devices – not least Fiio's own M23, another player we love.
Between that and the fake-cassette cas,e I think FiiO's come up with a winning formula here. The player is available now.
Researchers are warning about the "unsubscribe here" button in spam emails
They can be used to redirect victims to malicious pages
There are other ways to get rid of spam, so users should be on their guard
If you've received a spam email with an “unsubscribe here” button at the bottom, don’t press it - it could do more harm than good.
This is according to TK Keanini, CTO of DNSFilter, who recently revealed pressing such a button sends the recipient away from the safety of the email client and into the open internet, where potentially malicious landing pages are lurking.
In fact, Keanini claims that one in every 644 clicks can lead to a malicious website.
How to unsubscribe, then?
Even if clicking the button doesn’t lead directly to a phishing page, other, more subtle, risks, are lurking as well.
Keanini says that hackers would often place that button just to see who clicks - which would also help them determine which email addresses are active and thus worth targeting further.
The general rule of thumb seems to be - if you don’t trust the company that sent the email, don’t trust the unsubscribe process, either.
So, what’s the alternative? The alternative is to unsubscribe through the email client itself, rather than through the email’s body.
Most email clients have “list-unsubscribe headers”, which appear as built-in buttons and thus don’t include source code, Tom’s Guide explained. “If your email header doesn’t contain a link, you can reply on your spam filters, or try blacklisting the sender instead,” the publication further explained.
Those who don’t have these options can use disposable email addresses when signing up for different services. Most email service providers allow users to create throwaway email addresses, as well. For example, Gmail has a feature called “plus addressing” or “Gmail aliases”, which allow users to modify their address by adding a + and a tag before the @gmail.com address.
That way, the email address used during registration could be yourname+shopping@gmail.com. Messages will still arrive in the inbox, but they can be easily tracked or filtered.
Experts warns of fake Booking.com sites circulating the web
The sites come with a fake "Accept Cookie" prompt that downloads a RAT
Shoppers should be on their guard when searching for deals
Hackers have been found targeting holidaymakers around the world with remote access trojans (RAT) distributed through fake Booking.com websites, experts have warned.
Researchers from HP Wolf Security found cybercriminals have been making websites that, on first glance, look just like booking.com - they carry the same branding, the same color scheme, and same formatting. However, the content of the website is blurred, and over it, a deceptive cookie banner is displayed.
If victims press “Accept cookies”, they’ll trigger a download of a malicious JavaScript file. This, in turn, installs XWorm, a powerful RAT that grants the attackers full control over the compromised device, including access to files, webcams, and microphone. They can also use the access to disable security tools, deploy additional malware, and exfiltrate passwords and other data.
Peak booking period
HP Wolf Security says it first spotted the campaign in Q1 2025, which is “peak summer holiday booking period”, and a time when “click fatigue” sets in, as prospective holidaymakers are reckless and don’t pay attention to the sites they’re visiting, ending in disaster.
"Since the introduction of privacy regulations such as GDPR, cookie prompts have become so normalized that most users have fallen into a habit of ‘click-first, think later,’” commented Patrick Schläpfer, Principal Threat Researcher in the HP Security Lab.
“By mimicking the look and feel of a booking site at a time when holiday-goers are rushing to make travel plans, attackers don’t need advanced techniques - just a well-timed prompt and the user’s instinct to click.”
There are a few things users can do to stay safe, and the first one is - to slow down when browsing.
Users should also make sure not to click on links in emails or social media messages, especially for well-established sites such as Booking. Instead, type in the address in the browser’s navigation bar manually.
