As anyone who’s made a thing knows, a lot of work goes into bringing something from idea to completion. But there’s also considerable satisfaction in the process. [Willian] recently did exactly that, and shares the joyful experience of creating a homebrew handheld game gadget from scratch. It runs a homebrewed Tetris clone (as well as Snake), and we love the results.

The game gadget uses an ATmega328P programmed via the Arduino IDE, and a 1.8″ TFT color LCD screen. It’s self-contained in a box with a few buttons as controls and runs off three AAA cells. [Willian] made the smart design choice to run the microcontroller at 8 MHz instead of the more common 16 MHz, because doing so meant the board can run at 3.3 V instead of 5 V. Why does this matter? The LCD display runs off 3.3 V as well, and if all components can run off the same supply and logic levels, it simplifies things considerably.

Also, creating a 3.3 V supply is a simple matter of three alkaline cells in series with an LDO (low drop-out) regulator, which is great for a handheld device. We do note that AA cells have a considerably higher energy density and capacity than AAA cells and are usually the better choice, but one works with what one has, and sometimes the space and weight saved by AAA is just too good to pass up.

The software has some notable approaches to keep things responsive and optimal. Instead of defining each of the Tetris pieces as a 2D shape, [Willian] instead pre-defines each piece (and their rotations) so that rotating a piece is just an index change in an array, instead of a transform implementing a rotation. Also, full-screen redraws are comparatively slow over SPI and caused flickering, so only cells that have changed are redrawn to the screen to keep things responsive. The code is all on GitHub, and it’s a great peek at how things get implemented under the hood.

The enclosure is just cardboard, and it does the job in [Willian]’s case. But we’ll point out that cardboard is actually a highly adaptable material from which to prototype. With just a few tips and a little care, paper products can be your new best friend when it comes to one-offs and prototypes.

Barnes & Noble has just released the NOOK Reading Tablet 8.7, a subtle reminder that e-readers are still very much a thing. This latest device, available in Seafoam Green and priced at $150, provides a clean Android experience geared to the activities you want to do on it, such as read books, periodicals, comics, or listen to audiobooks. With its cooperation with Lenovo, the new NOOK feels more like a companion for readers than a general-purpose tablet.

The 8.7-inch display is a properly sized IPS LCD with a resolution of 1340 x 800 pixels. The screen is bright enough for even the brightest rooms at up to 480 nits, and it has an oleophobic coating to keep fingerprints to a minimum. TÜV Rheinland certification assures that it emits low enough blue light to not cause eye strain. You may switch to grayscale for text-heavy content, which feels more like actual e-ink, and you can even view comics or periodicals in full color.

Sale

Lenovo Idea Tab – College Tablet – 11″ 2.5K IPS Touchscreen Display – 90Hz – MediaTek Dimensity…

• POWER YOUR STUDY, FUEL YOUR PLAY – Discover smarter learning with the Lenovo Idea Tab. Stay campus-ready with all-day battery life, AI-powered apps…
• SMOOTH, POWERFUL, IMMERSIVE – The MediaTek Dimensity 6300 processor is more powerful than ever, with the AI-enhanced multitasking you need to stay…
• CIRCLE IT, SEARCH IT – Use your Lenovo Tab Pen or fingertip to circle items for instant search results or to translate other languages without…

Performance is provided by a MediaTek Helio G85 eight-core processor paired with 4GB of RAM; common chores such as flicking across pages, browsing the NOOK store, and streaming audiobooks all go smoothly. Storage starts at 64GB but can be expanded up to 1TB via a microSD card slot, providing ample space for a huge library or downloaded content. The tablet is powered by Android 15 and features a bespoke NOOK interface that places all of the books and reading apps right where you need them while still allowing you to access everything the Google Play Store has to offer.

The battery capacity is a reasonable 5,100mAh, and Barnes & Noble claims it can last up to 16.5 hours. It also supports 15W quick charging over USB-C. Stereo speakers calibrated for Dolby Atmos are positioned on either side, allowing for clear audiobook playback, while a 3.5mm headphone port remains for wired listening. Bluetooth 5.1 supports wireless earbuds and speakers. The cameras are quite standard, with an 8MP rear device with autofocus and a 2MP front-facing unit for video calls.

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications.

VoIP communication equipment from Grandstream Networks is being used by small and medium businesses. The maker’s GXP product line is part of the company’s high-end offering for businesses, schools, hotels, and Internet Telephony Service Providers (ITSP) around the world.

The vulnerability is tracked as CVE-2026-2329 and received a critical severity score of 9.3. It impacts the following six models of the GXP1600 series of devices that run firmware versions prior to 1.0.7.81:

• GXP1610
• GXP1615
• GXP1620
• GXP1625
• GXP1628
• GXP1630

Even if a vulnerable device is not directly reachable over the public internet, an attacker can pivot to it from another host on the network. Exploitation is silent, and everything works as expected.

In a technical report, Rapid7 researchers explain that the problem is in the device’s web-based API service (/cgi-bin/api.values.get), which is accessible without authentication in the default configuration.

The API accepts a ‘request’ parameter containing colon-delimited identifiers, which is parsed into a 64-byte stack buffer without performing a length check when copying characters into the buffer.

Because of this, an attacker supplying overly long input can cause a stack overflow, overwriting adjacent memory to gain control over multiple CPU registers, such as the Program Counter.

Rapid7 researchers developed a working Metasploit module to demonstrate unauthenticated remote code execution as root by exploiting CVE-2026-2329.

Exploitation enables arbitrary OS command execution, extracting stored credentials of local users and SIP accounts, and reconfiguring the device to use a malicious SIP proxy that allows eavesdropping on calls.

Rapid7 researchers say that successful exploitation requires writing multiple null bytes to construct a return-oriented programming (ROP) chain. However, CVE-2026-2329 permits writing of only one null terminator byte during the overflow.

To bypass the restriction, the researchers used multiple colon-separated identifiers to trigger the overflow repeatedly and write null bytes multiple times.

“Every time a colon is encountered, the overflow can be triggered a subsequent time via the next identifier,” explain the researchers in the technical writeup.

“We can leverage this, and the ability to write a single null byte as the last character in the current identifier being processed, to write multiple null bytes during exploitation.”

The researchers contacted Grandstream on January 6 and again on January 20 after receiving no response.

Eventually, Grandstream fixed the issue on February 3, with the release of firmware version 1.0.7.81.

Technical details and a module for the Metasploit penetration testing and exploitation framework. Users of vulnerable Grandstream products are strongly advised to apply available security updates as soon as possible.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide

Tesla has made considerable progress toward fully autonomous vehicles, and its staff at Gigafactory Texas are clearly excited. Just the other day, they gathered around the first Cybercab to roll off the assembly line, a streamlined two-seater with no visible steering wheel or pedals, and Tesla even shared the moment on social media, complete with a congratulatory message from Elon Musk himself on the team’s excellent work.

The fact that this vehicle arrived weeks ahead of schedule is undoubtedly impressive, and while full production isn’t expected until April, this early prototype is a major thumbs up for the entire production line. Musk has advised us not to anticipate too much too soon in the early days, but this feat demonstrates how far we’ve come in moving this hardware from the planning board to the actual world.

JCC 1/24 Diecast Taxi Alloy Model Car,Pull Back Toy, with Light and Sound, 4 Opening Parts…

• 【PULL-BACK MOTOR & NO BATTERIES NEEDED】 Simply pull the car back and watch it zoom across the floor! This classic pull-back friction mechanism…
• 【INTERACTIVE SOUND & LIGHT EFFECTS】 Press the designated buttons or wheels to trigger realistic engine revving sounds and exciting flashing LED…
• 【MULTIPLE OPENABLE PARTS & DETAILS】 Features fully functional doors, hood, and trunk that can be opened and closed. This highly interactive…

From the ground up, the engineers intended the Cybercab to function flawlessly as an autonomous vehicle. Its compact cabin with scissor doors that allow passengers to enter inside and enjoy a smooth, driverless trip. Cameras and Tesla’s cutting-edge Full Self-Driving (FSD) software handle the navigation, eliminating the need for all of the controls we normally take for granted, such as a steering wheel and pedals.

Tesla is now manufacturing the Cybercab using a unique, Unboxed approach that divides the entire thing into separate sections that are all built at the same time and then joined together at the end. The numerous small components and heavy castings of the past have been replaced by simpler, lighter single-piece castings that accelerate the process while saving space. Of course, if the problems are worked out, that change in approach will allow the Giga Texas plant to scale up to produce millions of devices every year, which is just around the corner given the expected growth over the next several years.

Of course, there are still a number of regulatory barriers to overcome before the Cybercab can be used on public roads, especially because present federal safety requirements are focused toward having a human driver behind the wheel. That means the federal government will have to make an exemption for an automobile manufactured without all of the regular restrictions, and that will be true at the state level as well. Even while Tesla is running a limited number of driverless Model Y vehicles in Austin and San Francisco, those vehicles have fallback alternatives that the Cybercab lacks.

Then there’s the subject of price, and there are some big shocks in store. Elon Musk recently revealed that a consumer version of the Cybercab might be available for $30,000 or less by 2027, at the latest. That would make it very affordable for both individuals and fleet operators, and the economics of personal transportation would begin to move toward shared, on-demand use.
[Source]

As they say, the only things you can’t escape in life are death and taxes. Doing your own taxes has only gotten easier over the years but it’s still plenty confusing, especially with both federal and state rules and rates always in flux. To help you figure out this confusing process, I’ve written a guide on How to Pay Your Taxes Online, and included H&R Block and other competitors to give you more information as you navigate between the seemingly endless options available for your specific tax needs. Tax day may not be until April 15 but as we all know too well, that date comes around quickly each year. With that in mind, now’s a great time to start getting your affairs in order.

For 70 years, H&R Block has stepped in to help with tax preparation services that aim to make things as painless as possible. H&R Block has its classic in-person help from a tax expert along with easy-to-use online tax services that you can complete online while in your pajamas. We here at WIRED love to help you save money too, and that’s why we have rotating deals and H&R Block coupons to help ease the pain of tax season a little more.

Save With Our $50 H&R Block In-Store Coupon (And More)

To help make tax season a bit more bearable, you can get $50 off in-person tax prep when you file with an H&R Block tax pro (until February 23). To redeem this offer, you’ll need to make an appointment online, and present the coupon either digitally or in-print. This coupon features single-use codes, so you’ll need to click on the module at the top of the page to get the H&R Block discount code (and you can’t use the same one twice). Also through February 23, you can also get 25% off H&R Block’s DIY online offering, with no promo code needed!

Can I File My Taxes for Free at H&R Block?

H&R Block knows taxes are confusing, and the process is one that no filer looks forward to. That’s why H&R Block eases some of the tax filing woes by offering H&R Block Online Free Edition. Over half (around 55% of filers) qualify; this service is for simple taxes only, meaning Form 1040s and no schedules except Earned Income Tax Credit, Child Tax Credit, Student Loan Interest, and Retirement Plan Distributions. File your simple state return for free on H&R Block today.

Don’t Go at it Alone With H&R Block Assistance Options

Tax assist options are available, whatever your need. Not a CPA or DIY-er? No problem. H&R Block’s tax experts are trained and ready to help with big and small tax questions. There are tons of choices, no matter your need, like a one-on-one meeting in an office where you can make an appointment ahead of time, or just walk in; from home where you can work with your Tax Pro online; and you can even drop off files at an H&R Block office. Plus, you can even get a free Second Look Review of past returns to see if there was money left on the table.

Get Up to $4,000 With a Refund Advance Loan at H&R Block

If you can’t wait on your refund (no judgement; I get it), you can get up to $4,000 in refunds immediately after filing, without waiting for the slow-moving federal and state processes. If eligible, you can get a Refund Advance loan within minutes of filing when you complete the process with an H&R Block Tax Pro. With this loan advance, there’s no loan fees or interest. Act sooner rather than later, as this deal is only available through March 15.

How Much Does H&R Block Charge?

H&R Block has different tiers depending on tax filing needs, so you can pick the online filing option that works best for you. The free online is best for simple returns, with $0 per state filed; deluxe starts at $28 for federal and $37 per state filed, which includes itemized deductions and free tax Pro review. Premium is now only $56 and $37 per state filed, and also includes investments and free tax Pro review. Plus, they have an option for self-employed folks and business owners, whose taxes can be complicated and costly. That service includes 1099 forms with expenses and includes free tax Pro reviews, and costs $68 right now with $37 per state filed.

How Do I Get an H&R Block Key Code?

An H&R Block Activation Code is a unique ten-character code that’s attached to your personal H&R Block Tax Software. It’ll be a long string of uppercase letters and numbers. This activation code registers your software and is used to unlock your five free federal e-files. Once opened, you’ll need to enter it to activate the software. More in-depth directions and troubleshooting can be found here.

Other Deals for New and Existing H&R Block Customers

To find which service best fits your needs, select all that apply to you—like if you have kids, own a home, or are a freelancer—to find your best personal filing experience. H&R Block has four different packages, including federal and state. Best of all, you can save 20% on H&R Block tax software products without an H&R Block promo code (until April 15).

H&R Block has tons of incentives and perks, including a free 3-year Second Look. That means H&R Block will review your last three tax returns to find errors, mistakes, or money others may have missed. Get your taxes done and spend the rest of the spring chilling; DIY online file, or get an in-store assisted file for less—no H&R Block coupon needed.

Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google’s Gemini model to adapt its persistence across different devices.

In a report today, ESET researcher Lukas Stefanko explains how a new Android malware family named “PromptSpy” is abusing the Google Gemini AI model to help it achieve persistence on infected devices.

“In February 2026, we uncovered two versions of a previously unknown Android malware family,” explains ESET.

“The first version, which we named VNCSpy, appeared on VirusTotal on January 13th, 2026 and was represented by three samples uploaded from Hong Kong. On February 10th, 2026, four samples of more advanced malware based on VNCSpy were uploaded to VirusTotal from Argentina.”

First known Android malware to use generative AI

While machine learning models have previously been used by Android malware to analyze screenshots for ad fraud, ESET says that PromptSpy is the first known case of Android malware integrating generative AI directly into its execution.

On some Android devices, users can “lock” or “pin” an app in the Recent Apps list by long-pressing it and selecting a lock option. When an app is locked this way, Android is less likely to terminate it during memory cleanup or when the user taps “Clear all.”

For legitimate apps, this prevents background processes from being killed. For malware like PromptSpy, it can serve as a persistence mechanism.

However, the method used to lock or pin an app varies between manufacturers, making it hard for malware to script the right way to do so on every device. That is where AI comes into play.

PromptSpy sends Google’s Gemini model a chat prompt along with an XML dump of the current screen, including the visible UI elements, text labels, class types, and screen coordinates.

Gemini then responds with JSON-formatted instructions describing the action to take on the device to pin the app.

The malware executes the action through Android’s Accessibility Service, retrieves the updated screen state, and sends it back to Gemini in a loop until the AI confirms that the app has been successfully locked in the recent apps list.

“Even though PromptSpy uses Gemini in just one of its features, it still demonstrates how incorporating these AI tools can make malware more dynamic, giving threat actors ways to automate actions that would normally be more difficult with traditional scripting,” explains ESET.

While the use of an AI LLM for run-time changes to behavior is novel, PromptSpy’s primary functionality is to act as spyware.

The malware includes a built-in VNC module that allows the threat actors to gain full remote access to devices with Accessibility permissions are granted.

Using this access, the threat actors can view and control the Android screen in real time.

According to ESET, the malware can:

• Upload a list of installed apps
• Intercept lockscreen PINs or passwords
• Record the pattern unlock screen as a video
• Capture screenshots on demand
• Record screen activity and user gestures
• Report the current foreground application and screen status

To make removal harder, when users attempt to uninstall the app or turn off Accessibility permissions, the malware overlays transparent, invisible rectangles over UI buttons that display strings like “stop,” “end,” “clear,” and “Uninstall.”

When a user taps the button to stop or uninstall the app, they will instead tap the invisible button, which blocks removal.

Unclear if its a proof-of-concept malware

Stefanko says that victims must reboot into Android Safe Mode so that third-party apps are disabled and cannot block the malware’s uninstall.

ESET told BleepingComputer that it has not yet observed PromptSpy or its dropper in its telemetry, so it is unclear whether the malware is a proof-of-concept.

“We haven’t seen any signs of the PromptSpy dropper or its payload in our telemetry so far, which could mean they’re only proofs of concept,” Stefanko told BleepingComputer.

However, as VirusTotal indicates that several samples were previously distributed via the dedicated domain mgardownload[.]com and used a web page on m-mgarg[.]com to impersonate JPMorgan Chase Bank, it may have been used in actual attacks.

“Still, because there appears to be a dedicated domain that was used to distribute them, and fake bank website, we can’t rule out the possibility that both the dropper and PromptSpy are or were in the wild,” Štefanko added.

While the distribution of this malware appears very limited, it demonstrates how threat actors are using generative AI to not only create attacks and phishing sites, but also to modify malware behavior in real time.

Earlier this month, Google Threat Intelligence reported that state-sponsored hackers are also using Google’s Gemini AI model to support all stages of their attacks, from reconnaissance to post-compromise actions.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide

Meta is formally sectioning off Horizon Worlds, the closest thing it has to a metaverse, from its Quest VR platform, according to a new blog post from Samantha Ryan, Meta’s VP of Content, Reality Labs. While the decision runs counter to Meta’s original plan to own an immersive virtual world that could serve as the future home for all online interaction, it fits with the recent cuts it made to its costly Reality Labs division, and Mark Zuckerberg’s public commitment to focus the company on AI hardware like smart glasses going forward.

“We’re explicitly separating our Quest VR platform from our Worlds platform in order to create more space for both products to grow,” Ryan writes in the blog post. “We’re doubling down on the VR developer ecosystem while shifting the focus of Worlds to be almost exclusively mobile. By breaking things down into two distinct platforms, we’ll be better able to clearly focus on each.”

Meta has been developing mobile and web versions of Horizon Worlds in parallel with its VR app since at least 2023. Switching Worlds to being a mobile-first software platform isn’t good for VR diehards, but it does make it a more natural competitor to something like Roblox or Fortnite, which also offer user-created and monetizable worlds and games. It’s also a business Meta believes it can more easily scale because of its ability to connect games to “billions of people on the world’s biggest social networks.”

While Meta shuttered several of its own VR game studios earlier this year, it still wants to support third-party developers publishing games on its platform. The company says new monetization tools, better discoverability, a “Deals” tab and more ways for developers to talk to their customers should help make a difference. Maintaining the Quest’s library of games could also be critical going forward. Business Insider reported in December 2025 that Meta was working on a gaming-focused Quest headset, and Meta CTO Andrew Bosworth confirmed earlier this February that the company still had multiple Quest devices on its roadmap.

Call of Duty: Warzone Mobile will go offline on April 17, 2026, as Activision confirms the permanent shutdown of its mobile battle royale spin-off and ends server access for all players worldwide.

Activision confirmed the closure as the final stage of previously announced service changes, marking the complete end of a project that aimed to extend the Warzone ecosystem to Android and iOS devices.

The shutdown follows months of restricted access, as the game disappeared from official storefronts in May 2025, effectively preventing new downloads through both Google Play and Apple’s App Store.