Xiaomi has officially unveiled the Xiaomi 17 Ultra, and on paper, it has one of the most ambitious camera systems we’ve seen on a smartphone to date.

Built under an expanded co-creation partnership with Leica, the new flagship combines a 1-inch main sensor with a 200MP telephoto lens with mechanical zoom and advanced cinema-grade video tools. Xiaomi is positioning it as its most serious photography phone yet.

At the heart of the setup is a 50MP Leica 1-inch “Ultra Dynamic” main camera using the new Light Fusion 1050L sensor with LOFIC HDR technology. It is designed to boost dynamic range and improve colour accuracy in high-contrast scenes.

Advertisement

Xiaomi pairs that with a 200MP Leica telephoto camera. This camera offers a 75–100mm mechanical optical zoom range and up to 400mm (17.2x) optical-level zoom without heavy in-sensor cropping.

Advertisement

The optics themselves lean heavily into Leica’s influence. Xiaomi uses a 1G+6P hybrid lens design with multi-layer coatings to reduce ghosting and colour fringing. Meanwhile, the telephoto module includes Leica’s first APO optical lens in the company’s flagship line-up.

Video gets a notable upgrade too. The 17 Ultra can shoot 8K at 30fps, as well as 4K at 120fps with Dolby Vision. It also supports 4K 120fps Log recording with ACES colour encoding. This gives creators far more room to grade footage in post.

Despite the large sensors and 6000mAh battery, Xiaomi says this is its thinnest and lightest Ultra model yet, measuring 8.29mm thick. It features a flat 6.9-inch HyperRGB OLED display with 2K-level clarity. There is a 1–120Hz LTPO refresh rate and up to 3500 nits peak brightness.

Powering everything is Qualcomm’s Snapdragon 8 Elite Gen 5, paired with up to 16GB RAM and 1TB storage. A 3D Dual-Channel IceLoop cooling system keeps performance stable during extended shooting sessions. Meanwhile, 90W wired and 50W wireless charging aim to minimise downtime.

Advertisement

Advertisement

Xiaomi is also introducing upgraded Photography Kits, including a Pro version with a built-in 2000mAh battery and Leica-inspired grip.

If Xiaomi’s previous Ultra models were about pushing boundaries, the 17 Ultra looks more focused: bigger sensors, smarter optics, and tools designed for people who actually care about colour science and long-range detail. Whether it lives up to that promise will depend on real-world testing, but the spec sheet alone makes a strong case.

Projectors usually fall into one of two buckets: cheap models that look underwhelming the second you turn them on, or premium ones that feel great until you see the price. This deal lands in a very appealing middle ground. The XGIMI HORIZON Ultra is down to $998.98 for a limited time, which is a big drop from $1,699.99. That’s a 41% discount on a projector that’s clearly aimed at people who want a real living-room upgrade, not a toy for occasional use.

What you’re getting

The HORIZON Ultra is a 4K projector with Dolby Vision, 2300 ISO lumens, and dual light technology that combines LED and laser light sources. XGIMI also lists 3840 x 2160 resolution, built-in Bluetooth, and a set of smart image features like auto focus, auto obstacle avoidance, and auto screen alignment.

This isn’t a barebones projector where you’re expected to do all the work yourself. XGIMI says it uses its Intelligent Screen Adaption 3.0 system to adjust screen correction, handle wall color, and make setup smoother. That matters because the difference between “I use this all the time” and “this was a fun idea” often comes down to how annoying setup is.

It also includes 2 x 12W Harman Kardon speakers, plus Wi-Fi and Bluetooth, which makes it easier to use as an all-in-one entertainment device instead of immediately needing to add more stuff to your cart just to make things happen.

Why it’s worth it

This deal works because the HORIZON Ultra checks the boxes people actually care about. It’s bright enough to be practical, it supports premium HDR-friendly viewing with Dolby Vision, and it has the kind of built-in intelligence that makes everyday use feel easier instead of fiddly. That is exactly what you want if this projector is going in a living room, media room, or shared space where people want to press play, not troubleshoot.

The 2300 ISO lumens spec is the part that helps this feel more serious than the flood of bargain projectors online. It gives you more flexibility for rooms that aren’t perfectly dark, which is important in the real world, where not everyone is building a blacked-out theater cave. And the 200-inch image potential is the kind of thing that reminds you why projectors are fun in the first place: this can create a much bigger-feeling setup than most TVs, especially for movies and sports.

The bottom line

At $998.98, the XGIMI HORIZON Ultra feels like the sweet spot version of a premium projector buy. You’re getting 4K, Dolby Vision, strong brightness, smart setup features, and built-in speakers in a package that now costs hundreds less than usual. If you’ve been waiting for a home theater upgrade that feels substantial without going fully overboard, this is a very easy deal to like

Alongside a global launch for Xiaomi’s 17 Ultra (read about that right here), the company announced a further deepening of its relationship with Leica. The CEO of Leica, Mattias Harsch, took to the stage to announce a new Leitzphone, which appears to be an even deeper collaboration than 17 Ultra by Leica, which is a different phone. Confused? That’s fair.

Design-wise, Leica has shifted back to a single tone body color, which looks more “Leica” to this camera dilettante’s eyes. And if you’re thinking you’ve heard of the Leitzphone before, you probably have: it was a series of phones made by Sharp that launched in Japan in 2021. They all had a 1-inch camera sensor and yes, as does Xiaomi’s first Leitzphone. It also gets a customizable ring to control camera settings.

The camera interface is also designed by Leica. with the aim of being as intuitive as possible, with a new Essential mode within the camera app for stripping away all those modes and labels, showcasing whatever you’re looking to shoot.

The regular Xiaomi 17 Ultra and Leica edition have a Snapdragon 8 Elite Gen 5 chip and a 6.9-inch 120Hz display that can reach up to 3,500 nits of peak brightness. While cameras are the focus, it’s a flagship device by pretty much any metric — and the Leitzphone seems to have a very similar specsheet. We’ll be taking a closer look at what’s different when we get to test it out very soon.

After years of collaboration (and cute little badges), this may be the first pure “Leica phone” manufactured by Xiaomi but sold directly by both companies. It’s priced at €1,999 (roughly $2,362), but it’s not known yet whether this phone will launch in the US.

This is a developing story…

A big screen, powerful camera system, and top-notch performance can eat right into your battery life, but Xiaomi has managed to pack a 6,000-mAh battery into the 17 Ultra (up from 5,410 mAh last year). The jump gives it serious stamina, and this phone can go a couple of days between charges.

I wish Xiaomi had found a way to include Qi2, as magnetic wireless charging is the one thing I missed in switching from the Pixel 10 Pro XL (though you can sort of add it with the photography kit case). The 17 Ultra does support wireless charging at an impressively fast 50-watt rate, but the camera module makes it awkward to use with some wireless chargers. Wired charging goes up to 90 watts with the right adapter (not included).

Software used to be the big caveat, but I didn’t find much to complain about with the 17 Ultra. Xiaomi’s HyperOS apes iOS in places, and I still don’t like the unlabeled quick-settings icons, but it’s mostly perfectly fine. The Leica interface, with minimalist app icons and photography widgets, is much nicer than the slightly cartoonish HyperOS, but it’s very easy to customize. I don’t think bloatware has any place on a flagship phone, so I’m always annoyed to see apps like Facebook and TikTok preinstalled.

There’s plenty of AI onboard, if you care, and you can use Google’s Gemini or Xiaomi’s HyperAI for all sorts of photo and video editing, transcription, translation, summarization, and more. It’s not quite as slick and elegant as Google’s Pixel, but you can broadly achieve all the same results.

For folks who can get their hands on the global model more easily, it’s a near-flawless flagship contender that will satisfy anyone craving a big, powerful, photography-first phone.

MRI machines come with a variety of safety warnings. Perhaps most importantly, you have to be very careful not to take ferrous metal objects anywhere near them, since strong magnetic fields can send them flying, causing damage and injuries. To that end, you might find yourself in need of magnetically-safe tools when working on such machines. [Sam Schmitz] recently whipped up a nifty example of an MRI-safe torque wrench himself.

It’s a 3D printed design which can be produced on a Formlabs Fuse 1+ as a single piece in nylon using a selective laser sintering process. The torque wrench works in a deceptively simple manner. As the handle is rotated, a flap  mates with the flat side of a fin on the shaft. This allows the shaft to turn. However, apply more than 0.6 Nm of torque, and the fin will eventually give in, snapping over the lip and stopping any further rotation that would over-tighten the fastener. [Sam] suggests these printed torque wrenches largely come out to the correct torque spec when printed, and can survive a thousand cycles or more while remaining in a usable spec.

The wrench does have one drawback though—it is apparently painfully loud to use. When the handle snaps past the detent, the “click” is quite piercing. [Sam] has measured the sound at up to 125 dB. Not exactly the best when it comes to ear safety!

If you work on MRI machines regularly, you already have the tooling to do your job. However, it’s neat to see that such a specialized tool can be easily and reliably 3D printed… with the slight drawback that you need a $60,000 SLS printer to do it. SLS isn’t readily available at the DIY level just yet, but it is slowly getting there. We’re waiting with bated breath.

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

The malicious campaign has been named Ruby Jumper and is attributed to the state-backed group APT37, also known as ScarCruft, Ricochet Chollima, and InkySquid.

Air-gapped computers are disconnected from external networks, especially the public internet. Physical isolation is achieved at the hardware level by removing all connectivity (Wi-Fi, Bluetooth, Ethernet), while logical segregation relies on various software-defined controls, like VLANs and firewalls.

In a physical air-gap environment, typical in critical infrastructure, military, and research sectors, data transfer is done through removable storage drives.

Researchers at cloud security company Zscaler analyzed the malware employed in APT37’s Ruby Jumper campaign and identified a toolkit of five malicious tools: RESTLEAF, SNAKEDROPPER, THUMBSBD, VIRUSTASK, and FOOTWINE.

Bridging the air gap

The infection chain begins when the victim opens a malicious Windows shortcut file (LNK), which deploys a PowerShell script that extracts payloads embedded in the LNK file. To divert attention, the script also launches a decoy document.

Although the researchers did not specify any victims, they note that the document is an Arabic translation of a North Korean newspaper article about the Palestine-Israel conflict.

The PowerShell script loads the first malware component, called RESTLEAF, an implant that communicates with APT37’s command-and-control (C2) infrastructure using Zoho WorkDrive.

RESTLEAF fetches encrypted shellcode from the C2 to download the next-stage payload, a Ruby-based loader named SNAKEDROPPER.

The attack continues with installing the Ruby 3.3.0 runtime environment – complete with the interpreter, standard libraries, and gem infrastructure – disguised as a legitimate USB-related utility named usbspeed.exe.

“SNAKEDROPPER is primed for execution by replacing the RubyGems default file operating_system.rb with a maliciously modified version that is automatically loaded when the Ruby interpreter starts,” via a scheduled task (rubyupdatecheck) that executes every five minutes, the researchers say.

The THUMBSBD backdoor is downloaded as a Ruby file named ascii.rb, as well as the VIRUSTASK malware as the bundler_index_client.rb file.

The role of THUMBSBD is to collect system information, stage command files, and prepare data for exfiltration. Its most crucial function is to create hidden directories on detected USB drives and copy files to them.

According to the researchers, the malware turns removable storage devices “into a bidirectional covert C2 relay.” This allows the threat actor to deliver commands to air-gapped systems as well as extract data from them.

“By leveraging removable media as an intermediary transport layer, the malware bridges otherwise air-gapped network segments,” Zscaler researchers say.

VIRUSTASK’s role is to spread the infection to new air-gapped machines, weaponizing removable drives by hiding legitimate files and replacing them with malicious shortcuts that execute the embedded Ruby interpreter when opened.

The module will only trigger an infection process if the inserted removable media has at least 2GB of free space.

Zscaler reports that THUMBSBD also delivers FOOTWINE, a Windows spyware backdoor disguised as an Android package file (APK) that supports keylogging, screenshot capture, audio and video recording, file manipulation, registry access, and remote shell commands.

Another piece of malware also observed in the APT37’s RubyJumper campaign is BLUELIGHT, a full-fledged backdoor previously associated with the North Korean threat group.

Zscaler has high confidence attributing the RubyJumper campaign to APT37 based on several indicators, including the use of the BLUELIGHT malware, initial vector relying on LNK files, two-stage shellcode delivery technique, and C2 infrastructure typically observed in attacks from this actor.

The researchers also note that the decoy document indicates that the target of the RubyJumper activity is interested in North Korean media narratives, which aligns with the victim profile of this threat group.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide

Amazon is rolling out a massive, redesigned Fire TV experience, and the star of the show for many users is a transformed Fire TV mobile app.

This isn’t just a minor tweak; the update effectively turns your smartphone into a genuine second screen, making the entire process of discovering, managing, and launching content onto your TV significantly easier and faster.

The refreshed mobile application now sports a look and feel that aligns with the updated Fire TV interface. Gone are the days of clunky navigation; the app offers streamlined browsing for a quicker path to movies, TV shows, live sports, and other content. 

This means less time wasted scrolling and more time enjoying your favourite entertainment. Users can now manage their watchlists, initiate playback on their TV, and even save recommendations from friends while they are away from home. Talk about convenience.