Latest Tech News

---

• Experts warns of fake Booking.com sites circulating the web
• The sites come with a fake "Accept Cookie" prompt that downloads a RAT
• Shoppers should be on their guard when searching for deals

---

Hackers have been found targeting holidaymakers around the world with remote access trojans (RAT) distributed through fake Booking.com websites, experts have warned.

Researchers from HP Wolf Security found cybercriminals have been making websites that, on first glance, look just like booking.com - they carry the same branding, the same color scheme, and same formatting. However, the content of the website is blurred, and over it, a deceptive cookie banner is displayed.

If victims press “Accept cookies”, they’ll trigger a download of a malicious JavaScript file. This, in turn, installs XWorm, a powerful RAT that grants the attackers full control over the compromised device, including access to files, webcams, and microphone. They can also use the access to disable security tools, deploy additional malware, and exfiltrate passwords and other data.

Peak booking period

HP Wolf Security says it first spotted the campaign in Q1 2025, which is “peak summer holiday booking period”, and a time when “click fatigue” sets in, as prospective holidaymakers are reckless and don’t pay attention to the sites they’re visiting, ending in disaster.

"Since the introduction of privacy regulations such as GDPR, cookie prompts have become so normalized that most users have fallen into a habit of ‘click-first, think later,’” commented Patrick Schläpfer, Principal Threat Researcher in the HP Security Lab.

“By mimicking the look and feel of a booking site at a time when holiday-goers are rushing to make travel plans, attackers don’t need advanced techniques - just a well-timed prompt and the user’s instinct to click.”

There are a few things users can do to stay safe, and the first one is - to slow down when browsing.

Users should also make sure not to click on links in emails or social media messages, especially for well-established sites such as Booking. Instead, type in the address in the browser’s navigation bar manually.

You might also like

• Claude AI and other systems could be vulnerable to worrying command prompt injection attacks
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

from Latest from TechRadar US in News,opinion https://ift.tt/92TEPIt

ChatGPT Defeated at Chess by 1970s-Era Atari 2600

An engineer's experiment yielded a surprising result for OpenAI's popular chatbot.

from CNET https://ift.tt/z6hJXtN

Latest Tech News

---

• Binarly spotted a legitimate utility, trusted on most modern systems utilizing UEFI firmware, carrying a flaw
• The flaw allowed threat actors to deploy bootkit malware
• Microsoft patched it the June 2025 Patch Tuesday cumulative update

---

Microsoft has fixed a Secure Boot vulnerability that allowed threat actors to turn off security solutions and install bootkit malware on most PCs.

Security researchers Binarly recently discovered a legitimate BIOS update utility, signed with Microsoft’s UEFI CA 2011 certificate. This root certificate, used in the Unified Extensible Firmware Interface (UEFI) Secure Boot process, plays a central role in verifying the authenticity and integrity of bootloaders, operating systems, and other low-level software before a system boots.

According to the researchers, the utility is trusted on most modern systems utilizing UEFI firmware - but the problem stems from the fact it reads a user-writable NVRAM variable without proper validation, meaning an attacker with admin access to an operating system can modify the variable and write arbitrary data to memory locations during the UEFI boot process.

Microsoft finds 13 extra modules

Binarly managed to use this vulnerability to disable Secure Boot and allow any unsigned UEFI modules to run. In other words, they were able to disable security features and install bootkit malware that cannot be removed even if the hard drive is replaced.

The vulnerable module had been circulating in the wild since 2022, and was uploaded to VirusTotal in 2024 before being reported to Microsoft in late February 2025.

Microsoft recently released the June edition of Patch Tuesday, its cumulative update addressing different, recently-discovered, vulnerabilities - among which was the arbitrary write vulnerability in Microsoft signed UEFI firmware, which is now tracked as CVE-2025-3052. It was assigned a severity score of 8.2/10 (high).

The company also determined that the vulnerability affected 14 modules in total, now fixing all of them.

"During the triage process, Microsoft determined that the issue did not affect just a single module as initially believed, but actually 14 different modules," Binarly said. "For this reason, the updated dbx released during the Patch Tuesday on June 10, 2025 contains 14 new hashes."

Via BleepingComputer

You might also like

• The first UEFI bootkit malware for Linux has been detected, so users beware
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

from Latest from TechRadar US in News,opinion https://ift.tt/8yDMHTh

Threads Is Finally Getting This Very Basic Function

Meta is testing DMs in Threads, almost 2 years after the social media app launched.

from CNET https://ift.tt/9YCtOuM

Latest Tech News

---

• Kaspersky warns multiple DVR devices are being targeted with malware
• The malware assimilates the devices into a botnet, granting DDoS and proxy capabilities
• The victims are scattered all over the world, and there seems to be no patch

---

If you are using TBK DVR-4104, DVR-4216, or any digital video recording device that uses these instances as its basis, you might want to keep an eye on your hardware because it’s being actively hunted.

Cybersecurity researchers at Kaspersky claim to have seen a year-old vulnerability in these devices being abused to expand the dreaded Mirai botnet.

In April 2024, security researchers found a command injection flaw in the devices listed above. As per the NVD, the flaw is tracked as CVE-2024-3721, and was given a severity score of 6.3/10 (medium). It can be triggered remotely and grants the attackers full control over the vulnerable endpoint. Soon after discovery, the flaw also got a Proof-of-Concept (PoC) exploit.

Victims around the world

Now, a year later, Kaspersky says it saw this same PoC being used to expand the Mirai botnet. The attackers are using the bug to drop an ARM32 malware which assimilates the device and grants the owners the ability to run distributed denial of service (DDoS) attacks, proxy malicious traffic, and more.

The majority of victims Kaspersky is seeing are located in China, India, Egypt, Ukraine, Russia, Turkey, and Brazil. However as a Russian company, Kaspersky’s products are banned in many Western countries, so its analysis could be somewhat skewed.

The number of potentially vulnerable devices was more than 110,000 in 2024, and has since dropped to around 50,000. While most definitely an improvement, it still means that the attack surface is rather large.

Usually, when a vulnerability like this is discovered, a patch soon follows. However, multiple media sources are claiming that it is “unclear” if makers TBK Vision patched the bug.

CyberInsider reports that multiple third-party brands use these devices as a basis for their models, further complicating patch availability, and stating that “it’s very likely that for most, there is no patch.”

Some of the brands are Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, and others.

Via BleepingComputer

You might also like

• TVT DVRs become prime target for Mirai botnet
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

from Latest from TechRadar US in News,opinion https://ift.tt/CJVHOgD

Latest Tech News

---

• Apple Music will get 3 notable new perks with iOS 26
• The updates will roll out alongside Apple Music Sing upgrades on tvOS
• Apple made the announcement at WWDC 25, on June 9

---

Liquid Glass, aka Apple's new glass-like redesign for its software platforms, is a clear headline grabber at WWDC. But what is iOS 26 bringing to Apple Music?

A few things, actually: Apple Music is getting Lyrics Translation, Lyrics Pronunciation, AutoMix for creating beat-perfect playlists and sets, plus Music Pins to put your favorite artists and albums right to the top of your home screen.

Meanwhile, Apple's Liquid Glass will level up what you see while a song is playing, because it'll provide more glass-like depth – and elements within a track's artwork will move with a more three-dimensional quality; in and out of focus, as it were.

(Image credit: Apple)

AutoMix is here – finally!

What exactly is AutoMix? Think seamless mixing of your songs into one continuous playlist, for a stream of music without any annoying gaps between tracks. It'll be similar to what a DJ does, but carried out automatically by Apple Music via Apple Intelligence's AI brain. Outstanding!

One of the other biggest perks of today's Apple WWDC 2025 event in the audio sphere? The knowledge that buying either a shiny new set of AirPods 4, AirPods 4 with Noise Cancelling or AirPods Pro 2 is a smart and future-proof thing to do: Apple has announced studio-quality audio recording and camera remote is coming to these models – and as luck would have it, both are also currently on sale too.

@techradar ♬ original sound - TechRadar

Of course, AirPods, Apple Music and iPhones all play especially nice together (it's the way Apple wants you to listen): think personalized spatial audio with Dolby Atmos, plus dynamic head-tracking that uses your iPhone or iPad as a source device to ping the soundscape all around your head as you turn it.

And then there's Live Translation. I've just finished working on a French opera, namely Gounod's Faust, and I think it might be a huge plus for me in Apple Music.

(Image credit: Apple)

Your iPhone can now become a mic in Apple Music Sing, with tvOS

And we're not done! With tvOS 26, karaoke sessions can reach new levels of fun. How? Users will be able to transform their iPhone into a handheld mic for Apple TV and have their voice amplified as they belt out their very best go at TayTay's Eyes Open.

Everyone in your sing-along session will be able to jump in using their own iPhone to cue up tracks, too, or even react with an onscreen emoji.

Along with the aforementioned Lyrics Translation and Pronunciation updates, plus visual effects to light up the main screen, Sing in Apple Music will be more advanced and engaging than ever, allowing you to sing along even if you don't speak the language fluently (which is music to my ears).

I cannot wait to try it out. For now though, I'm gonna keep on dancin' at the Pink Pony Club… with all my iPhone-toting, Apple Music-streaming friends.

(Image credit: Apple)

You may also like

• Keep up on all things WWDC with our Apple WWDC Live Blog
• No new AirPods, no problem: check out the best earbuds around right now
• Not sold on Apple Music? See our pick of the best music streaming services

from Latest from TechRadar US in News,opinion https://ift.tt/FBT4WUu

Latest Tech News

Looking for a different day?

A new NYT Strands puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Sunday's puzzle instead then click here: NYT Strands hints and answers for Sunday, June 8 (game #462).

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #463) - hint #1 - today's theme

What is the theme of today's NYT Strands?

• Today's NYT Strands theme is… What you see isn't what you get

NYT Strands today (game #463) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• DANCE
• CARD
• NOSE
• CONE
• FOAM
• SKIDS

NYT Strands today (game #463) - hint #3 - spangram letters

How many letters are in today's spangram?

• Spangram has 10 letters

NYT Strands today (game #463) - hint #4 - spangram position

What are two sides of the board that today's spangram touches?

First side: top, 3rd column

Last side: bottom, 3rd column

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #463) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #463, are…

• MASK
• CAMOUFLAGE
• DISGUISE
• CLOAK
• COVER
• FACADE
• SPANGRAM: FALSE FRONT

---

• My rating: Moderate
• My score: 1 hint

---

Fittingly, today’s search words were well hidden and I needed a hint to get started. The word MASK confirmed what we were looking for – so I immediately started looking for CAMOUFLAGE and DISGUISE.

The spangram was not a term I was familiar with, but is one that I have seen in action in London. Here, there is a beautiful old theater I watched turn from thriving to derelict that has been under development for years to become apartments.

As is the case in many cities, the back of the building was demolished – leaving just the FACADE. However, along the way something structurally most have gone wrong as the propped-up facade was then completely replaced by a new facade, copying the art deco style of the original. So now, not one brick of the original building remains, which maybe was the plan all along. Either way, not once but twice, a FALSE FRONT.

How did you do today? Let me know in the comments below.

---

Yesterday's NYT Strands answers (Sunday, June 8, game #462)

• CAST
• SCORE
• LIGHTS
• SINGING
• DANCING
• COSTUMES
• SPANGRAM: ITS SHOWTIME

---

What is NYT Strands?

Strands is the NYT's not-so-new-any-more word game, following Wordle and Connections. It's now a fully fledged member of the NYT's games stable that has been running for a year and which can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.

from Latest from TechRadar US in News,opinion https://ift.tt/y7kvCKH

Latest Tech News

---

• SilverStone’s FLP01 case brings old-school charm, complete with fake floppy drives and retro lights
• arkhive Business Limited comes with RTX 5060 Ti and offers real creative power
• Noctua cooling keeps the retro shell silent while the modern internals do all the heavy lifting

---

Arc has unveiled a curious blend of nostalgia and modern performance with its desktop system, the "arkhive Business Limited," now available via PC Shop Ark.

The Japanese device is housed in SilverStone’s FLP01 case, designed after the classic 1980s PC-9801, and features distinctive styling, including a fake 5.25-inch bay cover and mock indicator lights.

The vintage aesthetic may evoke beige memories of dial-up tones and DOS prompts, but its internals suggest something far more capable, perhaps even worthy of use as a video editing or workstation PC, if judged solely on specs.

Nostalgia meets modern power

The base models come in two CPU versions: Intel’s Core Ultra 7 265 and AMD’s Ryzen 7 9700X. Both models are paired with 32GB of RAM and a 2TB NVMe SSD, and are cooled using a Noctua air cooler, a name respected for silence and efficiency rather than flair.

Graphics are handled by the new GeForce RTX 5060 Ti, whose 16GB of VRAM places it squarely in the mid-range performance bracket.

While that might not win over hardcore gamers, it should be more than sufficient for creative professionals and could make the system a viable business PC for those needing GPU acceleration in Adobe apps or 3D workloads.

Physically, the PC measures 440 x 362 x 170 mm, a footprint that’s not particularly compact by modern standards.

It comes with Windows 11 Home preinstalled and includes an 80PLUS GOLD 850W power supply.

However, with a price tag of 299,800 yen (about $2,081) and lacking even a standard optical drive (unless added via a limited-time campaign), some may question whether the retro shell justifies the cost.

PC Shop Ark is now accepting orders with full BTO (build-to-order) options, allowing for further customization.

The company appears to be banking on a blend of nostalgia and performance to attract buyers, but the arkhive Business Limited may appeal more to the heart than the head.

Via PCWatch

You might also like

• These are the best business laptops available to buy right now
• And you should take a look at the best office chairs we've tried
• The AI search boom: why advertisers must embrace the next evolution of search

from Latest from TechRadar US in News,opinion https://ift.tt/6lQrxeZ

Latest Tech News

---

• Activision has officially announced Call of Duty: Black Ops 7
• The game is coming to PS5, Xbox Series X, Xbox Series S, and PC, but there's no release date yet
• The game will be set 40 years after Black Ops 6 in the year 2035

---

Activision has officially announced Call of Duty: Black Ops 7 for PS5, Xbox Series X, Xbox Series S, and PC.

To close out the Xbox Games Showcase 2025, Activision revealed its next Call of Duty game with a cinematic trailer, starring Gilmore Girls actor Milo Ventimiglia, as David Mason.

Developed by Treyarch and Raven Software, it's confirmed that Black Ops 7 will return to a futuristic setting and be set in 2035, which is 10 years after the events of Call of Duty: Black Ops 2.

In this next entry, players will be able to play with friends or play solo in a co-op campaign, a multiplayer mode featuring brand-new maps, and experience the next chapter of the round-based Zombies mode.

"The year is 2035 and the world is on the brink of chaos, ravaged by violent conflict and psychological warfare following the events of Black Ops 2 and Black Ops 6," the official description reads.

"Wielding cutting-edge technology, the Black Ops team led by David Mason must fight back against a manipulative enemy who weaponizes fear above all else."

Activision has confirmed that it will share the next look at Black Ops 7 later this summer.

"The team is looking to build on the incredible community enthusiasm and excitement we’ve seen within the Black Ops universe," said Tyler Bahl, Head of Activision Publishing Marketing, in a blog post.

"This is the first time we’re staying within the Black Ops series with back-to-back releases, so we’re excited to give players a bit more time to enjoy all the live seasons and provide players more of what they want across Black Ops 6 and Call of Duty: Warzone before we turn the page to Black Ops 7."

You might also like...

• Best Xbox Series X games 2025: smash hits for Microsoft's top console
• Best RPGs 2024 - top role-playing games for PC and consoles
• Nintendo Switch 2: review in progress

from Latest from TechRadar US in News,opinion https://ift.tt/dIXLpx3

Today's NYT Strands Hints, Answers and Help for June 8, #462

Here are hints and answers for the NYT Strands puzzle No. 462 for June 8.

from CNET https://ift.tt/38a7sTr

Best Internet Providers in Pittsburgh, Pennsylvania

Looking for high-speed internet in Pittsburgh? Our CNET broadband experts found the best providers in the city, from budget plans to ultra-fast offerings.

from CNET https://ift.tt/7LDHGsk

The Secret to Staying Strong as You Age May be This Type of Workout

It's low-impact, science-backed and left me feeling energized.

from CNET https://ift.tt/WRLFxrt

Latest Tech News

---

• Netsh.exe is the most abused Windows tool, and it still hides in plain sight
• PowerShell shows up on 73% of endpoints, not just in admin hands
• WMIC’s surprising comeback shows attackers favor tools no one’s watching anymore

---

A new analysis of 700,000 security incidents has revealed just how extensively cybercriminals exploit trusted Microsoft tools to breach systems undetected.

While the trend of attackers using native utilities, known as Living off the Land (LOTL) tactics, is not new, the latest data from Bitdefender’s GravityZone platform suggests it’s even more widespread than previously believed.

A staggering 84% of high-severity attacks involved the use of legitimate system binaries already present on machines. This undermines the effectiveness of conventional defenses, even those marketed as the best antivirus or best malware protection.

Abuse of trusted system tools - netsh.exe tops the list

Some of the tools most commonly abused will be very familiar to system administrators, including powershell.exe and wscript.exe.

However, one tool unexpectedly emerged at the top: netsh.exe. A command-line utility for managing network configuration, netsh.exe was found in a third of major attacks - and while it is still used for firewall and interface management, its frequent appearance in attack chains suggests its potential for misuse is underestimated.

PowerShell remains a key component of both legitimate operations and malicious activity - although 96% of organizations use PowerShell, it was found running on 73% of endpoints, well beyond the scope of what would be expected from administrative use alone.

Bitdefender found, “third-party applications running PowerShell code without a visible interface” were a common cause.

This dual-use nature makes detection difficult, especially for tools not backed by behavior-aware engines.

It raises questions about whether the best EPP solutions are adequately tuned to account for this blurred line between normal and nefarious use.

Another surprising finding was the continued use of wmic.exe, a tool that Microsoft has deprecated.

Despite its age, the analysis shows it is still widely present in environments, often invoked by software seeking system information. It is particularly attractive when attackers are trying to blend in because of its legitimate appearance.

To tackle this issue, Bitdefender developed PHASR (Proactive Hardening and Attack Surface Reduction). This tool employs a targeted approach that goes beyond simply disabling tools.

“PHASR goes beyond blocking entire tools, it also monitors and stops the specific actions attackers use within them,” the company said.

Still, this approach is not without trade-offs. The fundamental dilemma, “can’t live with them, can’t live without them”, remains unresolved.

You might also like

• Downloaded something dodgy? These are the best malware removal tools
• Nail the basics with the best firewalls available now
• Qualcomm finally patches Adreno GPU zero-day flaws used in Android attacks

from Latest from TechRadar US in News,opinion https://ift.tt/Tcy2kGI

'Love Island USA' Season 7 Is Back: How to Stream the Latest Episodes

Season 7 is off to a wonky start with minor technical difficulties but maybe now things will start to steam up.

from CNET https://ift.tt/Ps5cLv3

Latest Tech News

---

• Unihertz Titan 2 brings back the QWERTY keyboard with an impressive 512GB upgrade
• The Titan 2 is not for everyone, but that’s exactly its strongest selling point
• This phone brings back business-class typing and storage in a tank-like body

---

Unihertz has announced a Kickstarter campaign for its upcoming rugged smartphone, the Titan 2.

In a 16-second ad released by Unihertz, the company said, “We are getting ready for our Kickstarter in June,” offering a first look at a device that feels both familiar and ambitious.

The ad reveals the Titan 2 follows the original Uniherz Titan and the Titan Slim, continuing the brand’s focus on rugged smartphones with physical QWERTY keyboards.

A familiar form factor with rugged credentials

With its square screen and hardware keys, the Titan 2 clearly echoes the BlackBerry era, when such designs were synonymous with business productivity and communication.

The new model appears to be a wider, flat-edged version of the Titan Slim, lacking the curved top and bottom design found on the original Titan.

Though detailed specifications remain scarce, Unihertz confirmed to TechRadar Pro that the commercial version of the Titan 2 will offer a substantial 512GB of internal storage.

This marks a significant upgrade from previous iterations, particularly the 2019 Unihertz Titan, which shipped with 128GB of storage, 6GB of RAM, and a MediaTek Helio P60 processor.

The original Titan was notable for its 4.5-inch 1440x1440 display, global LTE support, NFC capability, and 6,000mAh battery, all packed into a bulky 305g chassis with IP67 water and dust resistance.

The Titan and Titan Slim were never aimed at mainstream users. Instead, they targeted those seeking something unconventional.

The Titan 2 now seems poised to build on that lineage, with greater storage and a refreshed design, while remaining firmly rooted in the company’s niche aesthetic and utilitarian philosophy.

This business smartphone does not appear to be a contender for mass-market dominance. However, its physical QWERTY keyboard could appeal to professionals who value tactile input for communication-heavy workflows.

That said, this device is undeniably a niche product, and physical keyboards have long fallen out of fashion.

The Titan 2 will need to prove that nostalgia and rugged durability can coexist with modern expectations, otherwise, it will remain a niche offering.

You might also like

• These are the best rugged laptops around today
• And these are the best rugged tablets you can buy right now
• Devious new ClickFix malware variant targets macOS, Android, and iOS

from Latest from TechRadar US in News,opinion https://ift.tt/MLVmTBe