WTF?! According to Kaspersky, cybercriminals have been targeting Steam users with a sustained malware campaign since 2025, distributing malicious software disguised as desktop wallpapers. The attack hijacked the accounts of gamers using Steam’s live wallpaper application Wallpaper Engine, which ranks among the platform’s most popular non-game downloads.

The attack reportedly abused Wallpaper Engine’s “Application Wallpaper” executable, which runs as a standalone Windows program and can include community-developed games, planners, calendars, system monitors, and other widgets. However, because the app allows unverified third-party code to run on users’ systems, it can be abused by threat actors to target unsuspecting users.

The researchers found that the attackers used two primary methods to distribute malware. The first involved archives containing the executable wallpaper alongside a malicious payload, typically including compromised .exe files, DLLs, or scripts. The malware was also frequently concealed within password-protected archives and executed automatically when the wallpaper was applied.

Once applied, the infected executables stole users’ account credentials, hijacked live sessions, and transmitted the stolen data to servers controlled by the attackers. The researchers discovered dozens of malicious application wallpapers on Steam Workshop, some of which were downloaded tens of thousands of times.

To test the attackers’ modus operandi, the researchers launched a wallpaper containing a malicious game called NTRaholic, which ran “flawlessly.” The gameplay and controls worked as advertised, raising no suspicion at first glance. However, unbeknownst to the user, the wallpaper dropped a backdoor called Synaptics.exe, part of the notorious DarkKomet malware family.

The executable that launched the game was named ._cache_GAME1.exe, but it also installed a system library called AggregatorHost.dll, which contained a malicious payload designed to steal user data and transmit it to the attackers’ command-and-control server. Once the attackers gained control of the active session, they used the compromised account to upload additional malicious wallpapers to Steam Workshop.

The campaign primarily targeted gamers in China, who accounted for 89% of the compromised downloads. Users in Germany, Canada, Russia, Singapore, Hong Kong, Vietnam, and India were also affected, though in much smaller numbers. Steam has since removed all of the malicious wallpapers, but Kaspersky is still urging users to run antivirus scans before applying wallpapers that include built-in executables.

Benz’s electric “Grand Limousine” might just make minivans cool.

Don’t call it a Caravan

The media experience

Creature comforts

Behind the wheel

Wrap-up

Compilation Matters: Despite the meteoric rise of generative AI services, traditional image editing tools like Photoshop still dominate the creative industry. So much so that Microsoft – now largely focused on cloud services and AI models – is working hard to find new ways to make Windows-based applications run faster.

Thanks to a close collaboration with Adobe, Microsoft engineers have significantly improved performance in certain Photoshop operations. Photoshop is a large, native desktop application written in C++ and compiled with Microsoft’s Visual C++ compiler on Windows, which is why Microsoft focused on MSVC in an effort to extract additional performance from one of the world’s most widely used image editing applications.

Microsoft explained that the collaboration targeted real-world customer scenarios involving CPU-intensive operations. Many complex image processing workloads are now handled – or in some cases “accelerated” – by the GPU. However, some latency-sensitive tasks, such as brush responsiveness, stroke input, and file-opening operations, still depend heavily on a CPU’s raw performance.

The engineers explored new practical ways to improve Photoshop’s performance at compile time. First, they enabled MSVC’s “peak-performance” compilation mode, which is designed to produce highly optimized binaries on Windows.

They then experimented with profile-guided optimization to further optimize the executables. PGO uses data collected from test runs of .exe and .dll binaries to better reflect real-world usage patterns and improve performance. However, the engineers found that PGO was not an ideal fit for Photoshop’s development workflow, as it adds complexity to the build process.

After trying – and failing – with PGO, the engineers turned to Sample-based Profile Guided Optimizations as a potential alternative. Unlike traditional PGO, SPGO replaces data collected from “representative” workloads with hardware performance samples gathered from actual release binaries. SPGO is also more flexible in terms of data collection, enabling analysis across a diverse set of test and production machines, and can deliver typical performance gains of around 5% to 15%.

Microsoft said SPGO proved to be a better fit for the Photoshop collaboration. Instead of relying on manual tuning, engineers could use compiler feedback – collected with negligible runtime overhead – to improve the code generated during MSVC’s final build process.

SPGO also proved to be more compatible with Adobe’s engineering environment. By combining MSVC’s peak-performance mode with SPGO, the teams were able to improve Photoshop performance by 20% on x64 Windows systems and by 13% on Arm.

As noted by Adobe senior software developer John Fitzgerald, the optimized builds delivered better responsiveness in drawing and stroke operations, file-opening times, and filter processing. “These are among the most frequently used and latency-sensitive interactions in a professional creative workflow, where responsiveness directly affects a user’s ability to work fluidly and iteratively,” Fitzgerald said.

Microsoft said the collaboration with Adobe provides a meaningful foundation for improving performance in software designed for Windows. The company is now highlighting MSVC’s capabilities as a way to improve performance and user experience across its broader software ecosystem.

Like other popular services like Netflix and Max, Hulu is a streaming service that has exclusive series, current-season episodes, hit movies, Hulu Originals, kids shows, and more. There’s also a Hulu plan for nearly every kind of watcher, including streaming content with ads for a service on the cheap, or bundles for additional platforms like Disney+ and ESPN+ to get even more content at reduced prices. I have a Hulu plan to watch some of my favorite shows like critically-acclaimed Atlanta or my current fave wholesome comedy, Abbott Elementary. We at WIRED stay glued to our devices and round up the best movies and the best TV shows currently being streamed on Hulu. Right now, we have outlined various ways to save while streaming on Hulu, including the chance to pay just $1.99 per month with the Hulu student discount.

Get this Hulu Student Discount: $2 Per Month

Students can stream a bevy of shows and movies with Hulu for just $2 per month. This deal saves you 80% off the original monthly subscription price, and is valid for new and existing Hulu subscribers enrolled in an accredited college or university who meet verification qualifications. All you need to do to get Hulu for less than two bucks is verify your student status through SheerID to save.

Enjoy a Hulu TV + Live TV Free Trial

I love my Hulu account, but with half-a-dozen other streaming services, it’s been hard to keep them all, or even know which is worth the money at the end of every month. I’m trying to decide which to keep, and the Hulu TV free trial is an excellent way to test the plan and see if it fits my TV watching needs. There is a free 3-day trial to test it out, and the plan has a $0 Broadcast TV fee, $0 Regional Sports fee, $0 Set-top box or related rental fees, and a $0 administrative fee. The Hulu live TV plan is essentially the best of both worlds—your favorite streaming-only series, along with cable-only content like sports and news programming, including over 95 live TV channels like ABC and ESPN.

Watch the Latest Hulu TV Shows for Less

One of the things I love most about Hulu is that they are constantly adding both new original shows and old favorites. They truly have something for every type of watcher and mood. As a true crime lover (I know it’s problematic, I’m sorry), I’ve been excited to see the Twisted Tale of Amanda Knox.

Here’s what I’m also excited to watch this season. Classic crime drama The Rookie stars perennial heartthrob Nathan Fillion centers on a small-town man becoming the oldest rookie in the LAPD. I always look forward to the feel-good comedy Abbott Elementary, which focuses on a quirky cast of misfits in the public education system in Philadelphia. In R.J. Decker, the titular character is a conman and disgraced newspaper photographer who begins entering the dark underworld of private investigating in South Florida.

Plus, there’s something for everyone, from trash reality TV like The Bachelorette, to intriguing Paradise, to quirky comedy High Potential, to the classic boy cartoon-comedy Family Guy.

UK businesses find Google’s search ranking ‘neither fair nor transparent’, the CMA said.

The UK’s competition watchdog has ordered Google to tweak its search tool to help businesses better integrate with it and understand its workings. As part of the new “conduct requirements”, Google must rank search results organically and make free-of-charge data portability available to third-party businesses.

The Competition and Markets Authority (CMA) awarded Google’s general search and search advertising services with the ‘strategic market status’ (SMS) designation last year. The label is applied to businesses that hold substantial market power and significance in a digital activity, and enables the watchdog to take targeted action to improve competition.

Google has also been given the SMS designation in relation to its mobile platform, alongside Apple, while the CMA is considering its position on Microsoft.

UK businesses find Google’s search ranking “neither fair nor transparent”, the CMA said in its statement yesterday (17 June). Businesses told the watchdog that changes to Google’s search practices are made without sufficient notice, and pointed to a lack of effective ways to raise concerns with the company.

The competition watchdog is attempting to remedy the issue by having Google rank organic search results using “objective and non-discriminatory criteria”. This is to include AI Overviews, but not sponsored results.

Google has also been asked to provide greater transparency to businesses about how search rankings work, give advance notice of any significant changes and introduce clear procedures to raise concerns.

The CMA also intends to address businesses’ data portability concerns with Google. As part of the requirement, Google must provide third-party businesses with the tools to move specified types of user data free of charge.

“Third-party firms are keen to offer people new products and services based on their Google search data but need to be able to access it with confidence,” the CMA said. “Using this data would allow third parties to offer people more personalised features”.

The company has six months to comply with the fair ranking requirement and three months for the data portability requirement.

Yesterday’s orders follow just weeks after the CMA told Google to let publishers opt out of having their content used to power AI features in its search offerings. Google said it would begin testing a new toggle in its Search Console, which would allow website owners to decide whether their content appears in AI Overviews, AI Mode and related features.

“Step by step, we’re ensuring that Google’s search services work better for businesses and consumers across the UK,” said Will Hayter, the executive director for digital markets at the CMA.

“Search is a vital gateway for businesses in the UK to reach customers, and clearer, predictable and more transparent ranking systems could give them greater scope to expand and invest.

“These new measures will ensure search results are ranked fairly and objectively, with clearer information about changes and effective routes to raise concerns.

“At the same time, innovative businesses will have the confidence that they can access search data in practice, unlocking investment and innovation in new products and services for users.”

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

from the lucy-pulling-away-the-copyright-football dept

I can’t say I know for sure that Stephen Colbert is a Techdirt reader, but I very much believe he is. His interests align somewhat with ours, he often comments on some of the same topics we do, and, it turns out, he decided to troll his previous employer during his last show in a very Techdirt-ian manner.

After CBS decided to sacrifice Colbert at the altar of American fascism, the wind down of The Late Show culminated in a final broadcast weeks ago. During that broadcast, Colbert was covering a story about Lee Mendelson Film Productions, which owns the music catalogue for the Charlie Brown franchise, suing several targets for use of its copyrighted music. As he did so, the show band began playing the Charlie Brown theme song. Colbert mused afterwards sarcastically that he hoped that wouldn’t cost CBS any money.

Well played, if only to highlight the absurdity that such a short performance of an iconic song like that could actually result in threats, lawsuits, or demands for payment. But many speculated that the show had already gotten the rights to play the music before it aired, or that Lee Mendelson Film Productions wouldn’t actually do anything about it all to avoid inserting itself into the public spat between Colbert, CBS, and our current government.

Wrong. The company did apparently reach out to CBS, which eventually had to enter into a licensing agreement to avoid any legal issues.

The agreement will see CBS take a license for “Linus and Lucy,” the unofficial Peanuts theme that Colbert’s band played on the air during the show. The proceeds from the deal will be donated to the charity World Central Kitchen, run by Chef José Andrés.

“LMFP found the music’s use on The Late Show funny and entertaining, and is proud to support World Central Kitchen’s mission,” the group’s chairman Jason Mendelson said. A spokeswoman for CBS confirmed the agreement but declined to comment.

On the one hand, I guess it’s nice to see some of CBS’ money go to a good organization like World Central Kitchen. But I do indeed wonder if similar arrangements were struck with the other four entities against which LMFP filed lawsuits. I somehow doubt it. I would guess instead that such treatment was reserved for CBS, in order to make this story more lighthearted and warming.

It’s not, this is stupid, and none of this is as it should be. Colbert shouldn’t have been forced out of his job by a combination of a thin-skinned gibbon and a compliant CBS. It’s insanity that copyright law is in a place where such a diminutive use of a famous song could result in the requirement of a licensing arrangement, never mind actual potential lawsuits. And if it’s so necessary to protect copyright in this instance that lawsuits need to be filed against multiple parties, it should be important enough that any licensing fees and/or damages obtained shouldn’t just be given away to charities.

But as a final poke in CBS’ eye, this was a good one.

Filed Under: charlie brown, copyright, licensing, stephen colbert

Companies: cbs, lmfp, paramount, world central kitchen

In context: Unpatchable, hardware-level vulnerabilities caused a stir some years ago when they repeatedly turned up in AMD and Intel processors, but they’ve been far rarer on Apple chips. This latest discovery only affects older iPhone processors, but it still shows that even relatively recent SecureROM implementations aren’t foolproof.

Security researchers at Paradigm Shift have published the first iPhone bootROM exploit in years. The process, called usbliter8, targets a hardware-level flaw, which means upgrading to newer hardware is the only real fix.

The exploit affects the iPhone XS’s A12 chip, the Apple Watch Series 4’s S4 chip, and the iPhone 11’s A13 SoC. The S5, found in the Apple Watch Series 5, first-generation SE, and HomePod mini, is vulnerable too. Pulling it off requires physical access and a Raspberry Pi, since the flaw sits in a part of the USB controller that standard Mac and PC USB stacks can’t reach.

A12 and A13 are exposed because of how their USB controllers mishandle data packets, leaving SRAM data insecure. Earlier SoCs avoid the issue because they reset the DMA address after each packet comes through the USB controller, and A14 and newer are also safe, having corrected the underlying configuration.

Using the exploit to jailbreak devices is fairly simple on A12, S4, and S5 chips. A13 is trickier, since SecureROM’s PAC protections add extra steps, but it’s ultimately just as vulnerable as its predecessor. The flaw can’t be patched via software, and altered firmware survives reboots.

While most devices built on these chips have been considered obsolete for years, the iPhone 11 which still runs on the A13 chip happens to be the oldest iPhone that supports iOS 26. Apple isn’t dropping it for iOS 27 this fall, either, so it’s guaranteed at least another year of software updates.

The last unpatchable iPhone jailbreak, checkm8, surfaced in 2019 and covered the A5 (iPhone 4S) through A11 (iPhone X). It later resurfaced as a way to bypass the security chips on some Macs. Together, the two exploits leave every iPhone from the 4S through the 11 open to an unpatchable jailbreak.

A fundamentally similar bootROM exploit recently surfaced for Microsoft’s Xbox One, a console long considered unhackable. But getting it to work proved far harder than on iPhones, requiring a voltage-based hijack to pull off.

Google’s next-generation smart speaker is finally available to pre-order. The new Google Home Speaker launches with Gemini built in, costs $99.99/£99.99, and comes with a six-month subscription to Google Home Premium for a limited time.

The speaker was first teased last year, with Google recently hinting that more details were just around the corner. Now, pre-orders are officially live ahead of general availability from June 25.

Gemini is the headline feature here, bringing Google’s AI assistant directly to the speaker. Buyers will also get six months of Google Home Premium, which unlocks additional features including access to Gemini Live.

Google is promising a noticeable audio upgrade over the Nest Mini. The Home Speaker features a centrally positioned 58mm driver. It claims to deliver 2.5 times stronger bass than its smaller smart speaker. While it lacks the dedicated tweeter found in the larger Nest Audio, Google is clearly positioning it as a more capable option for music playback. It is more capable than the Nest Mini.