Running watches have slowly evolved from being niche gadgets meant only for marathon runners into something much more mainstream. If you’re in the market for a running watch, the Garmin has something for you. The company has just launched the Garmin Forerunner 70 and Garmin Forerunner 170 series, two new running-focused smartwatches aimed at beginners and everyday fitness users. Both watches feature AMOLED displays, touchscreen support, and Garmin’s traditional five-button design that long-time users will instantly recognize.

Interestingly, Garmin isn’t positioning these as premium athlete-first devices. Instead, the focus here seems to be accessibility. The company says the new watches are designed to help users start their fitness journey while still bringing in several advanced training features from Garmin’s higher-end Forerunner lineup.

What’s the Forerunner 70 and the Forerunner 170 About?

The Garmin Forerunner 70 is built for people who want the essentials without getting overwhelmed. It comes with built-in GPS, wrist-based heart rate tracking, pace and distance monitoring, and quick workout suggestions based on fitness level and intensity preferences. Garmin is also bringing over features like Garmin Coach, daily suggested workouts, sleep tracking, Pulse Ox monitoring, HRV status, and training readiness tools. There are over 80 built-in sports modes as well, including swimming, cycling, and strength training.

Battery life also looks pretty solid. Garmin claims the watch can last up to 13 days in smartwatch mode, which is honestly refreshing in a world where most wearables still need charging every other day. The watch will be available in colors like citron, lavender, black, and whitestone.

On the other hand, the Garmin Forerunner 170 takes things a step further by adding additional recovery and performance-tracking tools. It includes features like training status, training readiness, and more structured Garmin Coach plans for runners training toward specific goals. Garmin is also launching a Music version of the watch, which will be available in brighter color variants like teal green and red pink. Battery life on the Forerunner 170 series is rated at up to 10 days in smartwatch mode.

The new Forerunner 70 and 170 series will launch in India in June 2026 after import certifications are completed. Garmin hasn’t revealed pricing yet.

HP has announced a massive refresh of its India lineup with more than 20 new products spanning laptops, tablets, AI workstations, collaboration gear, and even printers. And yes, just like every other tech launch in 2026, the letters “AI” were everywhere. Still, there are a couple of genuinely interesting products here, especially HP’s first Android tablet for India and a bizarre new “keyboard PC” that honestly looks straight out of a sci-fi setup.

HP OmniPad 12

Windows tablets are nothing new and have been on the market for ages. So, when HP announced its new OmniPad, we all thought it would be a Windows tablet for creative users. Well, it’s not. The OmniPad 12 is powered by the Qualcomm Snapdragon SM6475Q processor and runs Android, optimized for the bigger screen. The front houses a 12-inch 2K (1,200×2,000 pixels) multi-touch display with a 90Hz refresh rate and a peak brightness of 400 nits.

For cameras, HP has included a 13MP rear sensor alongside a front-facing 8MP camera for video calls. The company claims the 31Wh battery can deliver up to 18 hours of usage. Pricing starts at ₹48,999, which places the OmniPad 12 directly against Apple’s iPad Air and premium Android tablets from Samsung. We should get our hands on a review unit soon to see how well it actually stacks up.

PC in a Keyboard?

Among all the announcements, the HP EliteBoard G1a Next Gen AI PC is probably the strangest. HP describes it as the world’s first AI keyboard PC, which basically means the entire computer is built into a keyboard.

HP says the machine can deliver up to 50 TOPS of NPU performance using the AMD processor and is designed for hybrid work environments where portability and simplicity matter. While AI branding is becoming exhausting at this point, the compact form factor itself is actually pretty interesting.

EliteBook, ProBook, And OmniBook Get AI Upgrades

Beyond the bizarrness of the EliteBoard, HP has refreshed almost its entire laptop lineup in India with new processors. This includes the EliteBook X G2, EliteBook 8 G2, ProBook 4 G2, and several new OmniBook models.

The EliteBook and ProBook series are clearly aimed at enterprise users, with features like HP Wolf Security and HP Sure View privacy protection. HP claims some configurations can deliver up to 85 TOPS of AI performance, though realistically, most users will probably care more about battery life and everyday responsiveness than AI numbers alone.

The OmniBook lineup, on the other hand, targets mainstream users and creators. Models like the OmniBook Ultra 14, OmniBook X, OmniBook 5, and OmniBook 3 focus heavily on portability and AI-assisted features like posture correction, gesture controls, and smart meeting enhancements. HP is also bundling compact GaN chargers with some models, which is genuinely useful for people constantly traveling with their laptops.

New Work Stations

For professionals working with demanding AI or rendering workloads, HP has launched new Z-series workstations in India, including the HP Z8 Fury G6i, HP ZGX Nano G1n AI Station, HP Z4 G6i, and HP ZBook X G2i 16. These machines can be configured with both AMD and Intel hardware and are aimed at creators, developers, engineers, and enterprise users handling heavy workflows.

HP also announced updates to its Workforce Experience Platform (WXP), which now includes AI-driven tools for device management and workflow automation. The goal here is to help IT teams monitor devices more efficiently and identify system issues before they become major problems.

Pricing and Availability

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution.

The vulnerability is tracked as CVE-2026-42945 and received a critical severity rating of 9.2, based on the latest version of the Common Vulnerability Scoring System (CVSS).

Three more memory corruption security issues were discovered in the same six-hour code scanning session by researchers at AI-native security company DepthFirst AI.

NGINX is a massively used web server and reverse proxy platform, powering a third of the top ranked websites. It can efficiently balance load by distributing incoming network traffic to multiple backend servers and reduce load times by caching content.

Owned and maintained by American tech firm F5, the web server is used by cloud providers, SaaS companies, banks, media platforms, e-commerce sites, and in Kubernetes clusters.

CVE-2026-42945 is a heap buffer overflow in ngx_http_rewrite_module affecting NGINX versions 0.6.27 through 1.30.0, which has been in the project’s code for roughly 18 years.

According to DepthFirst, the vulnerability can be triggered when NGINX configurations use both the ‘rewrite’ and ‘set’ directives, a pattern the researchers say is common in API gateways and reverse proxy setups.

The flaw stems from inconsistent state handling in NGINX’s internal script engine, which processes rewrites in two passes: one to calculate the amount of memory to allocate, and one to copy the actual data.

An ‘is_args’ flag remains set after a rewrite containing ‘?’, causing NGINX to calculate buffer size using unescaped URI lengths but later write larger escaped data like ‘+’ and ‘&’, leading to a heap buffer overflow.

The researchers demonstrated unauthenticated code execution via specially crafted HTTP requests that corrupt adjacent NGINX memory pool structures, overwrite cleanup handler pointers, spray fake structures into memory via POST request bodies, and force NGINX to execute ‘system()’ during pool cleanup.

However, remote code execution was achieved on a system with the Address Space Layout Randomization (ASLR) protection against memory-based attacks turned off. This defense is active by default, but it can be disabled to increase performance in some environments, such as embedded systems and virtual machines used for analysis.

DepthFirst notes that NGINX’s multi-process architecture makes exploitation easier because worker processes inherit nearly identical memory layouts from the master process, enabling reliable heap manipulation and repeated attempts if a worker crashes.

“If our exploit fails and crashes a worker, the master process simply spawns a new one with the exact same memory layout,” the researchers explain.

“This allows us to safely try multiple times until we succeed without worrying about the worker crashing and changing the memory layout.”

“Theoretically, we could leverage this design to leak ASLR (Address Space Layout Randomization) by progressively overwriting pointers byte by byte.”

The other three flaws uncovered by DepthFirst received a medium severity rating:

• CVE-2026-42946 — excessive memory allocation in SCGI/UWSGI modules that can crash workers via ~1 TB allocations (high severity)
• CVE-2026-40701 — use-after-free in asynchronous OCSP DNS resolution handling (medium severity)
• CVE-2026-42934 — off-by-one UTF-8 parsing bug causing out-of-bounds reads (medium severity)

Impact and fixes

The vulnerabilities were discovered on April 18, 2026, and reported to the vendor on April 21.

According to F5’s security advisory, released yesterday, the flaws impact the following NGINX builds:

• NGINX Open Source versions 0.6.27 through 1.30.0
• NGINX Plus R32 through R36
• NGINX Instance Manager 2.16.0 through 2.21.1
• F5 WAF for NGINX 5.9.0 through 5.12.1
• NGINX App Protect WAF 4.9.0 through 4.16.0 and 5.1.0 through 5.8.0
• F5 DoS for NGINX 4.8.0
• NGINX App Protect DoS 4.3.0 through 4.7.0
• NGINX Gateway Fabric 1.3.0 through 1.6.2 and 2.0.0 through 2.5.1
• NGINX Ingress Controller 3.5.0 through 3.7.2, 4.0.0 through 4.0.1, and 5.0.0 through 5.4.1

Fixes were made available in NGINX Open Source 1.31.0 and 1.30.1, NGINX Plus R36 P4, and NGINX Plus R32 P6.

For those unable to upgrade, F5 recommends replacing unnamed PCRE capture groups ($1, $2, etc.) in vulnerable ‘rewrite’ rules with named captures, which eliminates the main exploitation prerequisite.

Exploitability in the real world

Some security researchers have pushed back on the real-world exploitability claims surrounding CVE-2026-42945, arguing that DepthFirst’s proof-of-concept relies on highly specific conditions that are not commonly present in default deployments.

Researcher Kevin Beaumont noted that exploitation requires a vulnerable NGINX configuration using particular rewrite patterns, the attacker must know or discover the affected endpoint, and the published RCE PoC was tested with ASLR disabled.

Beaumont stressed that the researchers’ exploit was built against a deliberately vulnerable setup and does not demonstrate reliable code execution against hardened real-world systems

AlmaLinux echoed a similar assessment in their advisory, after independently reproducing the flaw.

The Linux distribution maintainers confirmed that crashing NGINX worker processes via a crafted request is trivial and reliable, making denial-of-service attacks realistic.

However, they stated that turning the heap overflow into dependable remote code execution on systems with ASLR enabled “is not trivial,” and they do not expect a generic, reliable exploit to emerge from depthfirst’s work.

At the same time, AlmaLinux cautioned that “not easy” does not mean impossible, and the DoS potential is enough on its own to treat the issue as urgent.

AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.

At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.

Claim Your Spot

from the good-luck-with-that dept

A new “Christian” mobile phone provider named Radiant Mobile is promising to offer a wireless service that censors all LGBTQ+ content. The MVNO (mobile virtual network operator), which runs on the T-Mobile network, says it’s keen to deliver “faith-focused mobile service,” according to the company’s website.

According to NIT Technology Review, the MVNO is working alongside Israeli cybersecurity firm Allot to impose a network-level blockade of not just all pornography on the internet, but all LGBTQ+ content as well:

“We are going to create—and we think we have every right to do so—an environment that is Jesus-centric, that is void of pornography, void of LGBT, void of trans, Radiant Mobile’s founder, Paul Fisher, told MIT Technology Review.”

“Void of trans,” indeed. Good luck with all that. Porn filter systems, no matter whether device or network centric, are notoriously fickle and routinely make all manner of filtering mistakes that wind up blocking all manner of additional content. They’re also historically easy to bypass, depending on how they’re designed.

The article makes it clear that Fisher’s primary target is porn, and it sounds like censoring gay and trans related content isn’t something that’s been particularly well thought out. They’ll figure out in practice that trying to “sanitize” the internet on the network level to somehow conform to narrow worldviews isn’t technically possible, no matter what promises Allot is making to Reliant to justify their price tag:

“The technology to do this blocking is a blunt instrument: Allot groups website domains into more than a hundred categories, which include pornography but also violence, malware, gaming, and in Radiant Mobile’s case “sects,” which includes websites about Satanism. If one of its users tries to visit a website that belongs to a blocked category, the page won’t load.”

Yes, this would technically violate FCC net neutrality rules if the corrupt U.S. courts hadn’t dismantled them, but even if the rules still existed they wouldn’t have been enforced by the Trump FCC anyway. And yes, this raises all sorts of First Amendment and privacy legal questions, which is probably why T-Mobile tried to distance itself from things when contacted by MIT Technology Review:

“A representative for T-Mobile did not comment on whether these content blocks violate any of its policies. In a statement, the representative added that T-Mobile does not have a direct relationship with Radiant Mobile but instead works through the MVNO manager CompaxDigital.”

Fisher, who is apparently pivoting from a career as a supermodel agent to sell this heavily censored version of the internet to purportedly moral religious folks, is trying to strike brand partnerships with evangelical churches. Fisher’s backed by $17.5 million in investment from Compax Ventures and Roger Bringmann, a vice president at Nvidia.

There’s been a flood of these lazy MVNOs that pander to Trump zealots and operate on the T-Mobile network, not least of which is the Trump Organization’s Trump Mobile, which promised customers an expensive new Trump reskinned phone “made in America” that was being made in China and it never actually delivered (despite a lot of down payments). So: It’s all quite on brand.

Filed Under: bigots, censorship, fcc, filtering, lgbtq, mobile, mvno, net neutrality, network, paul fisher, roger bringmann, telecom, wireless

Companies: allot, compax ventures, nvidia, radiant mobile, t-mobile

• Blades of Fire has just arrived on Steam
• The game originally came out for PC via the Epic Games Store and consoles in May last year
• It comes alongside the launch of a huge content update and a 25% discount

One of the most underrated games of 2025 has just arrived on Steam alongside the release of a massive new update.

Blades of Fire first came out in May last year, releasing for PlayStation 5, Xbox Series X and Series S, and PC via the Epic Games Store. It’s a third-person action game with plenty of soulslike qualities, including a vast interconnected world, challenging enemies, and a brutal checkpointing system.

Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks.

The threat actor tricks users into pasting a PowerShell command that ultimately delivers the ModeloRAT, which has been previously seen in ClickFix attacks [1, 2].

Initial access brokers (IAB) like KongTuke typically sell company network access to ransomware operators, who use it to deploy file-theft and data-encrypting malware.

Cybercriminals have increasingly adopted Microsoft Teams in attacks, reaching out to company employees and pretending to be IT and help-desk staff.

The victims are convinced to run a malicious PowerShell command on their systems, which deploys the “ModeloRAT” malware.

ReliaQuest researchers observed this activity and say that it is a shift in tactics for KongTuke, who previously relied solely on web-based “FileFix” and “CrashFix” lures.

“This Teams activity, which appears to add to, rather than replace, that web-based approach, marks the first time we’ve seen KongTuke use a collaboration platform for initial access,” explains ReliaQuest.

“In the incidents we investigated, a single external Teams chat moved the operator from cold outreach to a persistent foothold in under five minutes.”

The campaign has been active since at least April 2026, with KongTuke rotating through five Microsoft 365 tenants to evade blocking, the researchers say.

To pass as internal IT support staff, the attacker uses Unicode whitespace tricks to make the display name appear legitimate.

The malicious PowerShell command shared via Teams downloads a ZIP archive from Dropbox that contains a portable WinPython environment, which eventually launches the Python-based malware, ModeloRAT (Pmanager.py).

The malware collects system and user information, captures screenshots, and can exfiltrate files from the host filesystem.

ReliaQuest notes that the ModeloRAT version used in this recent campaign has evolved compared to what was seen in previous operations, mostly in three ways:

1. A more resilient C2 architecture with a five-server pool, automatic failover, randomized URL paths, and self-update capability.
2. Multiple independent access paths, including a primary RAT, a reverse shell, and a TCP backdoor, running on separate infrastructure to preserve access if one channel is disrupted.
3. Expanded persistence mechanisms using Run keys, Startup shortcuts, VBScript launchers, and SYSTEM-level scheduled tasks that may survive standard cleanup procedures.

The researchers note that the scheduled task isn’t removed by the implant’s self-destruct routine, which wipes the other persistence mechanisms, and can persist through system reboots.

To defend against Team-initiated attacks, it is recommended to restrict external Microsoft Teams federation using allowlists to block these attempts at their start.

Additionally, administrators can use the indicators of compromise available in ReliaQuest’s report to hunt for attacks, signs of compromise, and persistence artifacts.

AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.

At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.

Claim Your Spot

Ultrahuman’s Ring Pro is a smart fitness tracking ring weighing between 3.3 and 4.8 grams (approx 0.1 oz) (available in sizes 5 to 14. It’s the company’s first major hardware update since 2023’s Ring Air, and has been redesigned from the ground up. Two things prompted the change: First, Ring Air fell foul of an Oura-owned patent which saw it contentiously blocked from sale in the US. Second, the company realized it had done all it could with the Air and needed to radically increase the ring’s processing power. The Pro has upgraded silicon to hopefully offer plenty of new insights further down the line.

Consequently, the new model comes with a dual-core chip with onboard machine learning and 250 days of internal storage. That’s a big leap from the Air’s single-core unit which had just four days of memory to keep track of your vitals. Ultrahuman hopes Jade, the company’s new AI, will be able to delve deep and pluck out plenty of conclusions based on these long historical trends. Plus, the company expects to be able to launch a wider variety of Power Plugs — paid-for add-ons tailored to monitoring specific stats — as the ecosystem matures.

It’s instantly obvious the Pro is a different beast to the Air, which was made with a titanium outer ring and an epoxy resin interior. When you looked down your finger at the side of the ring you could see the two materials side by side. The Pro is clad in titanium inside and out, except for the resin section housing the PPG sensors. If you’re the sort to get your calipers out, you’ll find the Pro is just 0.25mm thicker than its predecessor. But the all-titanium body makes it feel a lot chunkier. I didn’t notice any meaningful difference while wearing it, but folks with daintier digits than mine may.

As for tracking, you’ll get temperature, movement and a PPG sensor the company says is redesigned for better accuracy. Given that’s pretty much all the laws of physics will allow you to include in a smart ring these days, there’s not much more to say about them. After all, it’s not the data you collect but the insights you’re able to generate from it that’s important. Battery life is rated for 12 days in “Turbo Mode,” but you can extend that to 15 days or so with “Chill Mode,” which reduces the amount of tracking to prolong longevity.

The Ring Pro doesn’t charge wirelessly. Instead, it uses a physical pin connection on the charging case to reduce thermal issues caused by wireless charging. The ring itself has also been designed to be easily cut open to free your finger in a hurry should the battery start to swell. Naturally, it’s rare for a wearables company to talk about these things, so Ultrahuman deserves props for foregrounding it.

I suspect people will be looking for direct comparisons between the Ring Pro and the Oura 4. Depending on your finger size, they’re both a shade under 3mm (0.1 inch) thick and virtually indistinguishable. Up close, the Oura’s silver coated titanium is a tad shinier than the raw titanium found on the Pro, but that’s about it. The only real differences are in the Pro’s slightly more visible sensor zone or the Oura’s orientation notch.

Smill sat down with a fresh idea and a kit that arrived in the mail. The British YouTuber had already beaten Minecraft on a receipt printer and on a vape, but this time he wanted something older and stranger. He picked a replica of John Logie Baird’s 1925 televisor, the kind of device that came before every modern screen. What followed turned into four attempts spread across hours of careful play, each one revealing just how far the limits could stretch before they snapped back.

https://www.youtube.com/watch?v=9-0OKkkqMc0
As it turned out, what he believed would be a fast job developed into four attempts over several hours, and it was a tremendous effort to get everything working together. The televisor kit arrived as a collection of dissimilar parts waiting to be slotted together, which is what Smill performed in the first segment of his movie. He carefully positioned the motor and balanced the circular bit that is meant to do all of the work. The Nipkow disk is a flat disk with 32 small holes arranged in a tight spiral design. When the motor spins it at the appropriate speed, those holes swoop across a single bright LED at the back of the disk, and as the brightness of that LED changes, so do the scan lines that comprise the image. Only one row at a time. The entire image is exhibited in magnificent black and white, with no color or extra features, and it all fits inside a tiny circular window about the size of a coaster.

Getting a modern game like Minecraft to function on that hardware, however, was a completely different challenge. It worked flawlessly on Smill’s computer, but the televisor lacks standard connectors such as HDMI, so it had to be done differently. He created a small program that takes the game’s images and chops them up into the exact pattern of brightness that the television expects. Then he sent that pattern, which I know seems strange, but just go with it, out as an ordinary audio signal via cable. The televisor simply treated it as if it were receiving a signal from an old radio. The LED lit up, the disk began spinning, and before you knew it, blocks and mobs were flying by on the whirling disk.

Even after he fixed the signal, the picture was still small and dark. You only have 32 lines, so everything becomes blurry and weird. The lag was also rather significant, with more than a second between when the action occurred and when it appeared on the screen. Quick reflexes were out of the question, and trying to comprehend any writing was nearly impossible. To make survival even remotely conceivable, he had to experiment with Minecraft itself, such as increasing the size of the cursor to make it stand out and creating a preview window that appears anytime you hover over something in your inventory. That allowed him to read labels and plan his next action without guessing.

The first run went quickly as Smill gathered wood, created tools, and began mining, but the delayed perspective caused him to walk directly into a creeper. The second attempt went well after Smill built a modest shelter and started knitting wool for some beds. He’d need them later, in case he needed a few extra hours of sleep after that exhausting conflict. The second attempt lasted longer after he built a small shelter and began farming wool for beds. He needed those beds later for the final fight. Each death forced a restart from the beginning because the world generated fresh each time. By the third try he had iron, flint, and enough arrows to feel ready for the Nether. He stepped through the portal, fought his way to the fortress, and collected the eyes of ender. The lag turned every blaze battle into a slow dance of careful clicks and patient waiting.

On the fourth run everything lined up. Smill farmed extra wool early, stocked arrows, and carried spare iron. He built the portal, entered the Nether, and reached the End without a single wasted step. In the dim circle of the televisor he located the dragon, destroyed the crystals one by one using the beds he had saved, and finally cornered the boss. When the dragon fell, the victory screen appeared in the same low-resolution glow.
[Source]