PERSONAL TECH

File deletion dialog swaps recognizable names for internal gibberish

Microsoft’s latest Windows update has introduced a cosmetic bug that exposes the Recycle Bin’s internal file-naming scheme when users permanently delete a file.

When permanently deleting a single item from the Recycle Bin, Windows now displays its internal name – such as $Rxxxxx.ext – in the confirmation dialog rather than the file’s original name.

The name is correct in the Recycle Bin itself and also correct if restored. It’s only in the deletion confirmation dialog that Windows exposes its innards.

There is a workaround, but Microsoft isn’t sharing it unless an organization contacts Microsoft Support for business. Otherwise, the company stated: “A resolution is in progress and will be included in a future Windows update.”

Unlike other problems reported by users, including OneDrive woes and Blue Screens, this is relatively minor. However, it is an example of ongoing quality issues, coming after Windows boss Pavan Davuluri said Microsoft is working to improve the reliability of its software.

It has been ten days since the June 9 update was released, and a few weeks remain until the next Patch Tuesday release. So far, there are two known issues with the update, compared to one for May’s update (although that could make the update fail – quite a bit more severe than an annoying text error).

The glitch affects desktop versions of Windows from Windows 10 Enterprise LTSB 2016 through Windows 11 26H1, as well as Windows Server 2012 through 2025.

The bug is little more than a cosmetic irritation but at a time Microsoft when has acknowledged it needs to make Windows more reliable, even small failures like this do little to inspire confidence. ®

Looking for the most recent Mini Crossword answer? Click here for today’s Mini Crossword hints, as well as our daily answers and hints for The New York Times Wordle, Strands, Connections and Connections: Sports Edition puzzles.

Need some help with today’s Mini Crossword? There’s a fitting Father’s Day mention. Read on for all the answers. And if you could use some hints and guidance for daily solving, check out our Mini Crossword tips.

If you’re looking for today’s Wordle, Connections, Connections: Sports Edition and Strands answers, you can visit CNET’s NYT puzzle hints page.

Read more: Tips and Tricks for Solving The New York Times Mini Crossword

Let’s get to those Mini Crossword clues and answers.

Mini across clues and answers

1A clue: “Black” or “Yellow” dog, familiarly
Answer: LAB

4A clue: No-no for the lactose intolerant
Answer: DAIRY

6A clue: On the ocean
Answer: ATSEA

7A clue: Subway commuter’s annoyance
Answer: DELAY

8A clue: Like the logos of Marvel and Netflix
Answer: RED

Mini down clues and answers

1D clue: “See ya!”
Answer: LATER

2D clue: Pathway for an airplane beverage cart
Answer: AISLE

3D clue: No-no for the gluten-free
Answer: BREAD

4D clue: Apt palindrome for Father’s Day
Answer: DAD

5D clue: Apt palindrome for Father’s Day
Answer: YAY

Facepalm: MSI is expected to launch its latest gaming handheld very soon, but people will have to pay a high price if they want one. The Taiwanese corporation tried its best to improve the cost situation, but the supply chain issue in the memory market is not going to disappear anytime soon – and things could become even worse in the not-so-distant future.

MSI should start shipping the Claw 8 EX AI+ on June 23, 2026, slapping a massive $1,800 price tag on the device. The OEM recently explained that the cost is a result of the current state of the memory market, and that more price hikes could arrive over the next few months if the supply chain doesn’t improve soon.

The MSI Claw 8 EX AI+ is based on the Intel Arc G3 processor, a powerful APU design that should provide plenty of computing and graphics power in a 65W envelope. Unlike Valve’s Steam Deck, the new handheld focuses on powerful hardware components to offer a “no-compromise” approach to PC-based portable gaming.

According to MSI product marketing manager Andy Chu, the corporation still has “privileged” access to hardware parts compared to a company like Valve. However, this benefit didn’t result in a much different situation in terms of silicon costs or the final price for customers.

All in all, Chu confirmed in a recent interview that 2026 will be a difficult year for both chipmakers such as Intel and OEM manufacturers such as MSI. Device makers are now unable to fully absorb the cost hikes impacting crucial components such as memory chips or storage, which is why consumers are going to pay more for everything no matter the brand.

“All I can say is we have tried every approach to get the memory and also storage at a lower cost,” Chu said in the interview, “like, deepen the relationship between us and also those suppliers, like to have some deals.” In the end, MSI executives “have done everything we can do to make our system as affordable as possible.”

Despite the high-profile effort, the Claw 8 EX AI+ will still carry its $1,800 price tag. MSI is now trying to change the narrative, highlighting how the new handheld is a high-end gaming device targeting enthusiasts who can spend that kind of money to get a luxury x86 machine. Even the “affordable” Steam Deck is now carrying a significant price premium, which is why MSI hopes customers will take a closer look at a device’s potential in terms of performance and capabilities before placing their order.

Chu is also warning that market conditions could even worsen compared to where they are today. According to his assessment, there is room for yet another price increase related to the supply chain crisis caused by the AI industry. Still, MSI expects sales of its handheld products to remain relatively stable even when factoring in a pricey offering such as the Claw 8 EX AI+.

Microsoft Threat Intelligence has identified a new strain of self-propagating malware that spreads through USB drives, monitors the Windows clipboard for cryptocurrency wallet addresses and seed phrases, and routes all stolen data through a portable Tor client to avoid detection. The campaign has been active since at least February 2026, according to Microsoft’s analysis published this week.

The malware, which Microsoft detects as Trojan:Win32/CryptoBandits.A, works as a classic USB worm with a modern payload. When a user plugs in an infected drive, they see what appear to be their usual document files. The originals have been hidden, replaced by Windows shortcut (.lnk) files bearing the same names that silently execute the malware when opened.

The .lnk files scan the drive for documents with .doc, .xlsx, and .pdf extensions, hide the originals, and create matching shortcut files in their place. The worm component also writes itself to any new USB drive connected to an infected machine, allowing it to spread further without user action beyond opening what looks like a normal file.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

Once running on a system, the malware deploys a portable Tor client renamed ugate.exe and configures a SOCKS5 proxy on localhost port 9050. All command-and-control traffic then routes through Tor’s .onion network, making it significantly harder for corporate firewalls and security tools to intercept or trace the communications. The C2 infrastructure uses three endpoint paths: /route.php for check-ins, /recvf.php for uploading stolen files, and /stub.php for downloading additional payloads.

The clipboard monitoring is the malware’s primary theft mechanism. It checks the Windows clipboard approximately every 500 milliseconds, looking for patterns that match cryptocurrency wallet addresses or recovery phrases. When it detects a match, it silently replaces the copied address with one controlled by the attacker, so the victim unknowingly sends funds to the wrong wallet.

The malware targets six cryptocurrencies across multiple address formats. For Bitcoin, it recognises legacy addresses starting with “1,” Pay-to-Script-Hash addresses starting with “3,” native SegWit addresses starting with “bc1q,” and Taproot addresses starting with “bc1p.” It also targets Tron addresses beginning with “T” and Monero addresses beginning with “4” or “8.” Clipboard hijacking for cryptocurrency theft is not limited to Windows, with Android trojans like Rokarolla using the same technique to redirect crypto payments on mobile devices.

Beyond wallet addresses, the malware scans clipboard content for BIP39 seed phrases, the 12- or 24-word recovery keys that grant full access to a cryptocurrency wallet. It also extracts Ethereum private keys and Bitcoin Wallet Import Format (WIF) keys. Capturing a seed phrase or private key gives attackers complete control over the associated wallet, not just the ability to redirect a single transaction.

The malware includes a surveillance module that captures five screenshots over a ten-second interval, packaging them for upload to the C2 server. This gives the operators a visual record of what the victim was doing at the time of infection, potentially revealing additional credentials, open browser tabs, or financial dashboards.

A command called EVAL allows the C2 operators to push and execute arbitrary code on infected machines, turning the cryptocurrency stealer into a general-purpose remote access tool. Microsoft notes this capability means the threat actors can adapt the malware’s behaviour after deployment without needing to reinfect the target.

The malware employs multiple layers of evasion. The initial installer is a Python-based executable obfuscated with PyArmor and packaged with PyInstaller, making static analysis difficult. The JavaScript payloads dropped to C:\Users\Public\Documents use a separate dual-layer obfuscation scheme.

As an anti-analysis measure, the malware checks whether Task Manager is running and exits if it detects the process, a basic but effective way to frustrate casual investigation.

The use of Tor for C2 communications reflects a broader shift in malware infrastructure toward anonymisation networks that resist takedown efforts. Traditional malware that relies on fixed domains or IP addresses can be disrupted when defenders seize those assets. Tor-based C2 channels are substantially harder to shut down because the .onion addresses are not tied to any registrar or hosting provider that can be compelled to act.

Microsoft recommends several mitigations, starting with disabling AutoRun and AutoPlay to prevent automatic execution when USB drives are connected. Group Policy can be configured to block .lnk files from running on removable media, and restricting wscript.exe and cscript.exe through application control policies prevents the JavaScript-based payloads from executing.

Network monitoring for connections to localhost port 9050 can flag machines where the portable Tor client has been installed.

USB-borne malware had largely fallen out of the security spotlight as cloud storage and collaboration tools reduced reliance on physical drives. But supply chain and trust-exploitation attacks remain effective precisely because they target behaviours users consider routine, whether that is plugging in a USB drive or installing a package from a familiar repository.

Microsoft published SHA-256 indicators of compromise, MITRE ATT&CK technique mappings, and KQL hunting queries in its blog post to help security teams detect existing infections. The company says Microsoft Defender detects the malware family, and its Defender Experts team assisted in the investigation. Microsoft did not attribute the campaign to a specific threat actor or estimate the number of infections.

Deductive AI, a startup that uses AI to catch and resolve bugs in software, has agreed to be sold to enterprise software company Elastic for up to $85 million, according to a person with knowledge of the deal.

Deductive, which was founded in 2023, came out stealth last November when it announced a $7.5 million seed round led by CRV with participation from Databricks Ventures, Thomvest Ventures, and PrimeSet. The investment valued the startup at $33 million, according to PitchBook.

Elastic and Deductive did not respond to multiple requests for comment. TechCrunch will update this article if either company responds.

The sale marks a speedy exit for Deductive, which is operating in a fast-growing sector known as AI site reliability engineering (AI SRE). Building AI-powered SRE tools has become an important area, driven by the massive influx of AI-written code. Replacing manual debugging with AI enables human SREs to shift focus from constantly fixing outages and other problems to spending more time on helping with product development.

The acquisition reflects a broader trend in which established tech incumbents are looking to buy AI-native startups to integrate agentic technologies into their existing product suites, the source told TechCrunch.

Elastic, which went public in 2018, is best known for Elasticsearch, the search and analytics engine that helps organizations store, search, analyze, and monitor large amounts of data in near real time.

The company’s observability software — essentially tools that let engineers monitor software systems and detect security threats — could benefit from Deductive’s tech. According to the source, integrating Deductive’s AI technology into Elastic will enhance its observability platform by giving customers tools to automatically monitor performance and resolve system failures in real time.

Deductive was co-founded by Rakesh Kothari, who was previously VP of engineering at Lightspeed-backed business analytics startup ThoughtSpot, and Sameer Agarwal, who formerly worked at Apache Software Foundation and Meta. Agrawal was one of the founding engineers at Databricks.  

While Deductive reached roughly $1 million in annual recurring revenue (ARR,) according to the source, the startup’s growth lagged behind Resolve AI, one of the sectors’ perceived early winners. The two-year-old Resolve was co-founded by former Splunk executive Spiros Xanthos and Mayank Agarwal. The Greylock and Lightspeed-backed startup was last valued at $1.5 billion when it raised a $40 million Series A extension in April.

Apple TV will stream an entire Formula 1 race weekend free to U.S. viewers for the first time, opening every Austrian Grand Prix session to fans without a subscription.

Viewers in the United States will be able to watch all Formula 1 Austrian Grand Prix sessions live through Apple TV at no cost. The free access runs from June 26 through June 28 and includes every on-track session, from practice and qualifying to Sunday’s Grand Prix.

The schedule begins with Practice 1 at 7:30 a.m. Eastern on June 26, followed by Practice 2 at 11 a.m. Practice 3 starts at 6:30 a.m. on June 27, with qualifying at 10 a.m. The Austrian Grand Prix is scheduled to begin at 9 a.m. Eastern on June 28.

Apple said the Austrian Grand Prix marks the first time it has made an entire Formula 1 race weekend available free to viewers in the United States. The company has offered free sports programming before, but this promotion includes every Formula 1 session across a race weekend rather than a single event.

Opening every Formula 1 session to non-subscribers gives fans a chance to follow the entire race weekend, not just Sunday’s Grand Prix. Practice sessions shape car setups and race strategy, while qualifying determines the starting grid.

Why Apple is opening a Formula 1 weekend for free

The promotion arrives as Formula 1 continues to draw a larger audience in the United States. Following a full race weekend typically requires access to paid television or streaming services.

The Austrian Grand Prix gives casual viewers a chance to watch every session without paying for access.

The free weekend also gives Apple a chance to put Apple TV in front of viewers who may not regularly use the platform. Fans can follow the weekend from practice through qualifying and the Grand Prix itself.

Apple hasn’t said whether similar free Formula 1 weekends will follow. For now, the Austrian Grand Prix is Apple’s first effort to make an entire Formula 1 race weekend available free to U.S. viewers.

On June 11, Kalshi released a buzzy ad featuring noted New York Knicks fan Timothée Chalamet. It was a zeitgeist-capturing moment for prediction markets, akin to the 2022 Super Bowl, when seemingly every commercial featured a celebrity shilling crypto.

Yet when I brought Chalamet’s spot up with attendees at Manifest, a recent festival for prediction markets, I was mostly met with blank stares. These conference goers—a mix of academics, startup founders, job seekers, and players in the markets—hadn’t even heard about it. They were too busy thinking about the bigger picture and the risks facing markets.

Their confusion was the perfect encapsulation of a battle that I observed again and again that weekend: The way forecasting philosophers see the markets (tools for the greater good) is very different from how the vast majority of the world sees them (a way to bet on sports).

“We were all waiting for so long to be in the world we’re in now,” Dan Schwarz, the cofounder and chief executive officer of FutureSearch, an artificial intelligence research and prediction startup, tells me. But the platforms have run into problems, from insider trading to sports contracts that, Schwarz worries, are fueling addiction. To outweigh these harms, “prediction markets would have to deliver a lot more value than they are now.”

The prognosticators, it turns out, are concerned that the very thing that’s made prediction markets a global phenomenon could be their undoing.

This year’s iteration of Manifest took place at Lighthaven, an idyllic compound in Berkeley, California. The campus, which takes up about half a city block, also functions as the epicenter of the rationalist movement, which, among other things, prioritizes the safe development of AI and effective altruism.

The vibe skewed heavily male but was still eclectic. Clusters of twenty- and thirty-somethings huddled over laptops in the Tudor-style main house, and someone told me I looked like a guy who would have a stick of gum. Talks about markets jostled for attention alongside sessions about the odds that AI will kill us all and lessons on how to optimize your sex life. There was a furry meetup and watch parties for the first US World Cup match and game 5 of the NBA Finals. (I couldn’t find anyone who had put money on either event, though a few attendees told me they knew of folks who had made bank.) There were markets on play-money platform Manifold about the festival itself, like whether someone would break a bone (still unresolved) and whether Caroline Ellison would show up (yes).

Still, the broader background conditions were wildly different from previous years. Though Kalshi and Polymarket had sponsored the event in past years, they were AWOL this year. Both companies declined to comment on the change. Last year, Kalshi held a session on sports markets, which it had launched just six months earlier. This year, the companies are facilitating billions of dollars in sports trades during an especially friendly political era at the national level.

Sports were also conspicuously absent during a session on strategies for mastering markets around world events and politics. I caught up with David Bensoussan, the session’s organizer, who has made $1.6 million in profits on the platform, under the boughs of one of Lighthaven’s trees.

“The truth-seeking mechanism that prediction markets can have in terms of predicting things and making the population more informed—what on Earth does that have to do with sports?” he asks, wrapped in a blanket to ward off the chill of Bay Area shade.

An average visitor is expected to spend around $5,400 in the US—far above the $720-$2,500 visitors to Qatar spent in 2022.

Transport at this year’s tournament is fundamentally different from that of the one-city tournament in Qatar, or in Russia in 2018, which provided free public transportation and an additional 500 trains to help people get around.

This year, because of the vast distances, the only option for fans and teams is flights, which airlines have been adding to accommodate potential World Cup travelers.

“Teams and fans now must factor in flights, not metro rides, and the carbon and cost implications are real,” Anagnostopoulos says.

The need to book flights, not trains or taxis, may also be decreasing demand for hotels simply because the travel costs are too high for some people. “US hotels are already reporting bookings below expectations,” Anagnostopoulos says. “Scale doesn’t guarantee the crowds will show up.”

Security

For organizers and host cities, the scale of the tournament demands a massive investment in security, including against threats that would have barely crossed the minds of previous hosts.

The US federal government has issued $625 million in grants for host cities to address security issues. On top of that, the Department of Homeland Security has made over $200 million worth of grants available to states to buy anti-drone technology, with the US State Department highlighting hostile actors’ increasing access to drones and other technology.

In Canada, federal authorities have issued around $104 million worth of grants to host cities Vancouver and Toronto. That brings total public grants in Canada and the US alone to nearly $1 billion—likely just a fraction of the real costs of securing the tournament.

The size of the tournament, and the fact that it crosses borders, has pushed the price tag higher.

“Qatar 2022 benefited from a highly compact geography, with venues operating within a relatively unified environment. The 2026 World Cup will involve multiple cities, jurisdictions, agencies, and technology ecosystems across the United States, Canada, and Mexico,” says Leo Levit, chair of Onvif, a membership body focused on standardization of physical security products.

“The challenge is not simply the number of systems involved, but whether those systems can exchange information efficiently,” he adds.

The Future of the World Cup

The numbers tell a story of a tournament straining under its own ambition. It’s not yet clear whether these investments will pay off in terms of tickets bought and advertising slots sold. Why, then, is FIFA pursuing growth at all costs?

According to Simon Chadwick, professor of sport and geopolitical economy at the international SKEMA Business School, the reason may be growing competition from other sports.

“What [FIFA president Gianni] Infantino is trying to do is to ensure that football remains robust, relevant, prominent and that it doesn’t begin losing market share—to the NBA, which is in China, India, Africa, and the Gulf region; to the NFL, which is making moves on Europe; and to Formula One, which has grown hugely in popularity, particularly in North America,” Chadwick says.

Rumor mill: According to a source familiar with the matter and proposed legislative language reviewed by Reuters, Meta has lobbied Congress to include a provision in the Kids Online Safety Act (KOSA) that would limit companies’ exposure to child safety and privacy lawsuits. The proposal would grant platforms immunity from state-level child-harm claims involving users under 18, a change that could undercut thousands of lawsuits already filed.

The proposal comes as lawmakers and courts increasingly scrutinize how social media platforms are designed and used by minors. Features such as infinite scrolling, activity notifications, and appearance-altering photo filters – key tools for driving user engagement – have become central to legal and regulatory battles over youth safety. Critics argue these features can encourage compulsive use, particularly among younger users.

KOSA directly targets those design choices. The bill would require companies to take reasonable steps to reduce risks associated with minors’ use of their platforms, including design elements that encourage prolonged engagement. In other words, the legislation focuses not only on the content users see, but also on the systems designed to keep them online.

At the same time, Meta’s liability proposal could reshape how families and schools pursue lawsuits over those features. The proposed language would make companies “immune from suit or liability under state law with respect to all claims for loss caused by, arising out of, relating to, or resulting from the safety or privacy of individuals under the age of eighteen online or otherwise related to the provisions” of KOSA. It would also override certain state laws governing children’s online protections.

Meta has framed the proposal as a way to establish consistent national standards rather than avoid accountability. Company spokesperson Stephanie Otway said the provision “does not extinguish existing lawsuits, nor does it represent blanket immunity.”

Instead, she said, it is intended to create “uniform national standards for online youth safety, ensuring these critical issues are governed by comprehensive federal legislation, not plaintiffs’ lawyers or patchwork state legislation.”

That interpretation is disputed by legal advocates. Julia Duncan of the American Association for Justice told Reuters that the language, as written, could have sweeping consequences for ongoing litigation. “The language is pretty clear-cut immunity against every parent, every school district, that is seeking to hold any AI or social media company accountable for harm” to children, Duncan said. “There is no other way to read this language.”

The legal stakes are not theoretical. Meta and Google’s YouTube are already facing thousands of lawsuits over alleged harms to minors. Earlier this year, the companies lost the first case to go to trial, resulting in a combined $6 million in damages. Both have said they plan to appeal.

Behind the scenes, the liability proposal appears tied to broader negotiations over KOSA’s future. The bill, sponsored by Senators Marsha Blackburn and Richard Blumenthal, passed the Senate in 2024 with strong bipartisan support but stalled in the House. It has since been reintroduced and is now part of discussions involving the White House, as well as other measures related to artificial intelligence and federal preemption of state laws.

A spokesperson for Blackburn said the office had not seen the specific liability language and would not support it.

According to the source, Meta has offered to drop its opposition to KOSA if the provision is included – a signal of how high the stakes have become for companies whose core products rely on engagement-driven design. For engineers and product teams, the result could reshape how they design recommendation algorithms, notifications, and interface features for users under 18.

For now, the issue remains unsettled. Lawmakers are trying to impose guardrails on the very technologies that define modern social platforms, while companies are seeking clearer – and potentially narrower – rules on how those systems can be challenged. It is not yet clear how Congress will reconcile these competing aims.