Supply chain attacks continue, with Microsoft’s own open source Azure repositories being automatically disabled by GitHub following a compromise of the packages by the Miasma worm.

OpenSourceMalware reports that the infection resulted in 73 Microsoft-related package repositories being flagged and taken offline in a little over a minute by the GitHub automated security system, with over 40 repositories being related to Azure and the rest distributed across the Microsoft organization.

The center of the infection appears to be the Microsoft Durabletask package, which was previously compromised in May and used to push infected packages to PyPi. Considering that all of the supply chain worms also steal credentials for every service they can find in the build or developer environment they infect, it seems likely that credentials stolen in the original attack were never properly disabled.

Disabling the repositories can help stem the infected packages and GitHub actions from spreading and infecting more organizations, but of course any build processes depending on those packages will not function. In May, the Durabletask package showed over 400,000 downloads per month.

The OpenSourceMalware report includes a full list of the impacted repositories.

Microsoft Fixes GitHub Token Exploit

Microsoft has finally fixed a bug in GitHub which could steal a GitHub authentication token with access to all of an accounts repositories via the embedded web-based VSCode editor which is part of GitHub itself.

Ammar Askar discovered the bug and discusses it on their blog; by manipulating the sandboxed VS Code into treating an embedded web view as user keyboard strokes, it is possible to to cause it to install a VS Code extension which is then used to exfiltrate the GitHub authentication tokens of the user using the embedded VS Code instance.

TP-Link Taeover via Unregistered Domain

Julian B demonstrates capturing traffic from TP-Link routers and access points thanks to an unregistered domain name in the firmware.

After finding an archive of the firmware releases for every TP-Link product, Julian simplified the list to the latest versions, and ran a custom scraper tool to extract domain names referenced in the firmware and search for matching domain names.

After registering an available domain, Julian began receiving requests from TP-Link devices checking in to a server which had lapsed, likely years ago. Fortunately, Julian reported the issue to TP-Link and was able to transfer the domain.

It’s unclear what the risks of the unregistered domain name were in the context of the TP-Link devices, however unregistered domain names can lead to all sorts of issues in the wrong situations.

A Pile of OpenSSL Vulns

The OpenSSL library has a new collection of vulnerabilities which range from low-severity flaws in message verification in functions which aren’t used in any of the OpenSSL implemented protocols to a high-severity use-after-free bug in PKCS7 handling which could be used to run arbitrary code.

Use-after-free bugs occur when a chunk of memory is dynamically allocated, then freed and returned to the memory pool, but a later piece of code re-uses the memory that is no longer claimed. In the meantime, this memory could have been assigned to another variable or otherwise restructured, leading to memory corruption. In the case of OpenSSL, the memory associated with a PKCS7 container (a certificate storage method) or a S/MIME message (usually used in secure email) can be manipulated into using freed memory.

The advisory warns that applications processing PKCS7 or S/MIME are affected; fortunately most uses of OpenSSL are unlikely to be directly impacted (neither of those functions are common in web servers or similar), but as always, update as soon as possible!

NightmareEclipse is Back

The researcher previously identified as NightmareEclipse, known for releasing advanced Windows vulnerabilities with working proof of concept code, has returned as MSNightmare releasing several new exploits after previously being removed from GitHub. Despite a strongly worded (and poorly received) public statement by Microsoft threatening criminal investigations, the researcher returns with the RoguePlanet vulnerability.

RoguePlanet exploits race conditions in Windows Defender under Windows 10 and Windows 11 to gain a system-level shell, a fairly common trend in the vulnerabilities found by this researcher.

Additionally, another BitLocker bypass has been released, called GreatXML, which unlocks BitLocker protected drives if a Windows Defender offline scan has ever been run.

Of course, these releases coincide with Patch Tuesday, so they’re unlikely to be addressed before the July patch day.

It appears Microsoft has backed down from their initial press release which appeared to claim that vulnerability research and development outside of the guidelines Microsoft decided would be treated as criminal behavior; this was not well received by much of the security industry. At the start of the modern security industry in the late 1990s, public release of vulnerabilities was common. Companies had no way to reach a security contact to get it fixed, simply did not care to fix it, or were actively hostile to researchers. Through years and decades of community programs, it is now normal to reach out to a company with security flaws and have an expectation they will be fixed, and often rewarded either monetarily through structured bounty programs like HackerOne or through public credit to the researchers who found the flaws (nobody wants to be paid in exposure, but security is now an industry, and having a well-known name and track record can be valuable.)

Unfortunately, recently, it seems Microsoft may have forgotten that while disclosure to the vendor has become the norm, it is simply a social contract. Having already publicly alienated one skilled researcher (NightmareEclipse), the company seems to be doing the best it can to alienate others by burning community good will. Expect more publicly released vulnerabilities in the wake.

Linux Arm Fixes

Phoronix reports that the Linux kernel has patched a critical-severity flaw on Arm CPUs in the memory allocation logic. The list of processors affected continues to grow, including some NVIDIA embedded platforms.

The flaw lies in specific ordering requirements for accessing memory via the TLB, or “Translation Lookaside Buffer”, a critical part of the virtual memory and memory protection system. The TLB is a cache of recently resolved lookups of physical memory locations, so any corruption of the TLB can cause invalid memory reads, leading to almost the same results as recent kernel vulnerabilities in the Linux page cache system which allowed binaries to be replaced in RAM.

The bug was found thanks to advisories from Arm themselves clarifying that additional protections were needed around modifications to the TLB cache on these chips. The real-world impact remains to be seen, but now that the bug and patches are public, I’d expect proof of concept code to follow soon after. It’s also safe to assume that this flaw affects other operating systems on Arm platforms, as well, but there is no public information yet.

FreeBSD Gets a Page-Cache Bug

FreeBSD racks up another kernel bug this week, the amusingly named Bumsrakete (“Bum Rocket” or “Bang Rocket”), complete with a well-crafted troll of an announcement, right down to the use of Comic Sans for the announcement site.

Beneath the crap-posting exterior lies a legitimate CVE (CVE-2026-45257) where any user with access to the PMAP_HAS_DMAP system (the standard configuration) can overwrite the disk page cache in memory. This is the FreeBSD flavor of the kernel cache flaws in Linux used by CopyFail, DirtyPipe, and friends, and even involves decryption primitives in the kernel similar to the original CopyFail process.

It’s not surprising that following the multiple disk cache corruption bugs in Linux disclosed this spring, other operating systems with similar functionality are being examined and new flaws showing up.

NPM to Block Auto Install Scripts

NPM is introducing major changes in NPM 12 to attempt to stem the flood of supply-chain vulnerabilities by removing the automatic execution of commands from the install phase of packages and disabling the use of remote URLs as dependencies.

Most of the NPM-based worms infecting packages at record rates use the install script process, hooking either pre-install, install, or post-install scripts to run commands automatically as a package dependency is included. Since the install script runs as the user (or build service) pulling the dependencies, it has direct access to any credentials or files that user and service has. Under the new model an infected package could still perform malicious actions inside a compiled application or site, but a major mechanism for automatic spreading of malicious packages will be addressed.

It’s good to see progress made towards addressing the underlying weaknesses in the package ecosystem which aid in spreading malicious packages.

Libinput Security Fix

The libinput library sees a pair of security fixes this week, centered around the handling of device names for uinput and uhid devices. Maliciously named devices could execute commands as root.

To be able to exploit this, a user needs to already be on the system and have the ability to create new uinput devices. This is normally restricted to root, however if steam-devices, antimicrox, or kdeconnectd packages are installed, the permissions to create a device are modified and any user logged into the system can create a uinput device.

Go forth, and update!

Mini Shai-Hulud Hides in Censorship

The Shai-Hulud, Mini Shai-Hulud, and Miasma worms have been prolifically infecting packages on NPM and PyPi as well as VS Code extensions and GitHub actions. Using a combination of captured worm code and publicly released versions of the worms, researchers have been reverse engineering the behavior of the worm using the decrypted payloads.

Amusingly, they have discovered that the Mini Shai-Hulud worm attempts to hide from automatic analysis and detection via AI prompt injection. The payload file executed during a NPM package install contains a block of comment text referencing biological and nuclear weapons, topics many AI models refuse to allow.

Interpreting the comment as a banned request, the AI models may immediately stop processing the rest of the file, either blocking further analysis by researchers or disabling AI-based malware detection tools scanning for malicious payloads.

Another Record Patch Tuesday

For the second time this year, Microsoft has a record-breaking number of fixes included in Patch Tuesday with more than 200 security fixes, including fixes for two vulnerabilities released by NightmareEcllipse in recent weeks, however none of the fixes specifically reference the conflict between Microsoft and the researcher.

Outside of the Patch Tuesday fixes, Microsoft also fixed 360 browser vulnerabilities.

With the increasing automatic bug finding via AI tools, this may become the new normal for Patch Tuesday fix counts.

Python Linter Blocks Shai-Hulud

Sometimes pedantry pays off. StepSecurity brings the tale of a supply chain infection of the popular Pythagoria-io GPT Pilot package, an AI coding assistant tool. After one of the developers was infected by the Miasma supply chain worm, the worm performed the typical trick of attempting to reversion and push compromised versions of all accessible packages.

This time, the commits containing the trojaned were rejected by the Python linter, Ruff, for not matching the style guidelines of the project. Linters analyze code for style, comments, and syntax (think the pretty printing in a code editor that highlights incorrect tabs and spaces or deprecated functions.)

The developer will still need to clean up their system and make sure to revoke all tokens the worm has access to, but the project itself was spared infection by a humble syntax styler.

Deep Dive into Miasma

Finally, we have a dive into the Miasma worm thanks to SafeDep.

The payload source for Miasma has been open sourced, apparently by some of the developers of the malware. Previously the payload was heavily encrypted, however progress was made in decoding it during the initial wave of attacks. By open sourcing the worm, the developers likely hope to muddy the waters by creating copy-cat worms using modified techniques and signatures.

SafeDep takes a deep look into the capabilities of the payload, noting several unusual abilities including disabling GitHub environment protections, a full list of the credential harvesting capabilities, and more. Be sure to check out the full write up for an extremely detailed breakdown of each major component of the worm and the actions it takes, if that sort of thing is interesting to you!

It might involve connecting a keyboard to your TV, which is as fun as it sounds.

Netflix’s apps have hidden shortcuts for quality information

Max Miller/Sony Pictures/Engadget

The nuances of video streaming quality on Netflix

Mijansk786/Shutterstock

Wharfedale’s Heritage Series tends to get the loudest applause, and that is hardly surprising. Few loudspeaker brands play the vintage card with as much credibility, and commercial success. The Denton, Super Linton, Super Denton, Denton 1S, and Dovedale have helped make old-school British loudspeaker design feel relevant again rather than merely nostalgic.

But Wharfedale’s most technically ambitious loudspeakers do not live in the Heritage Series. That role belongs to Elysian, and the new Wharfedale Elysian R Series is now positioned at the top of the food chain in terms of technology, design execution, and claimed sonic performance.

The Elysian R Series is not a ground-up replacement for the original Elysian lineup. Wharfedale describes it more as a disciplined evolution of the existing platform, with refinements to the AMT high-frequency driver, woven glass fibre matrix midrange and bass drivers, crossover network, cabinet construction, bass loading, finishes, and production tolerances.

In other words, this is Wharfedale reminding everyone that it can do more than walnut nostalgia and big boxes with wide baffles. The pipe-and-slippers crowd may want to take the night off before the AMT tweeter frightens the port.

The new range includes the Elysian 1R compact standmount, Elysian 2R reference standmount, Elysian 3R compact floorstander, Elysian 4R flagship floorstander, and Elysian CR centre channel speaker. Matching stands are available for the standmount and centre models.

Elysian R Series: What Has Changed?

Wharfedale is carrying over the basic Elysian identity but has revisited the major acoustic and mechanical elements. The headline change is the further-developed AMT, or Air Motion Transformer, high-frequency driver. Instead of a conventional dome tweeter, the AMT uses a pleated diaphragm to move air more efficiently. For the R Series, Wharfedale specifies an ultra-lightweight PET diaphragm, an enlarged high-spec design, and an acoustically damped rear chamber intended to improve openness, extension, and treble control.

The midrange and bass drivers have also been refined. Wharfedale uses proprietary woven glass fibre matrix cones, with updates to cone construction, motor systems, phase plugs, and distortion control. The midrange driver includes an aluminium ring and custom phase plug to support dispersion and linearity, while the bass units use improved motor systems, large voice coils, die-cast chassis, and aluminium demodulation rings.

Bass loading remains a major part of the Elysian formula. Wharfedale’s Slot-Loaded Profiled Port system, or SLPP, has been further optimized for the R Series. The system is designed to equalize internal and external air pressure, improve bass extension and control, reduce distortion, and make the speakers less sensitive to room placement. That last point matters, because big speakers with serious bass can become a domestic negotiation very quickly.

The crossover has also been redesigned. Wharfedale specifies high-silicon iron-cored coils for bass, air-core coils for midrange and treble, polypropylene capacitors throughout the signal path, and low-inductance resistors. The components are mounted on newly designed “direct path” PCBs intended to shorten the signal route, with LC-OFC high-purity copper cabling used between the crossover and drive units.

Cabinet Design and Finishes

The Elysian R cabinet keeps the familiar sculpted look of the original Elysian models but introduces a more contemporary visual direction. Wharfedale has replaced the previous piano lacquer black and white finishes with matte black and matte grey options, while retaining the high-gloss walnut finish that has been central to the Elysian identity.

The new finishes are joined by matte-black trims, driver detailing, and metalwork. The goal is a cleaner and more architectural look without stripping away the luxury feel. The matching stands for the Elysian 1R, Elysian 2R, and Elysian CR follow the same matte black approach.

Internally, Wharfedale uses its multi-layer PROS, or Panel Resonance Optimisation System, cabinet construction. The company says this is intended to reduce cabinet resonance and energy leakage, improving structural integrity and allowing the drivers to work with less cabinet coloration. That is the promise, anyway. The proof will be whether these speakers sound more precise than the original Elysians without losing their scale and ease.

Wharfedale Elysian 1R: Compact Standmount

The Wharfedale Elysian 1R is the entry point into the new range, although “entry point” is doing a lot of work at this level. This is a two-way standmount loudspeaker using a coated glass fibre matrix bass/midrange driver and a 27 x 90mm AMT high-frequency driver, which measures roughly 1.1 x 3.5 inches.

Wharfedale specifies 89dB sensitivity, a recommended amplifier power range of 25 to 175 watts, and a peak SPL of 108dB. Frequency response is rated at 49Hz to 22kHz, with bass extension down to 44Hz and a crossover frequency of 2.6kHz.

The cabinet volume is 21.6 litres. The Elysian 1R stands 490mm tall on its plinth, or about 19.3 inches, with a width of 263mm, or about 10.4 inches. Net weight is 15kg per speaker, or about 33.1 pounds.

Matching stands are available and measure 476mm tall, 340mm wide, and 287mm deep with badge, or about 18.7 x 13.4 x 11.3 inches.

Wharfedale Elysian 2R: Reference Standmount

The Wharfedale Elysian 2R is the larger and more ambitious standmount model in the lineup. Unlike most standmount speakers, this is a three-way design using a coated glass fibre matrix low-frequency driver, a coated glass fibre matrix midrange driver, and a 27 x 90mm AMT high-frequency driver, or roughly 1.1 x 3.5 inches.

Wharfedale rates the Elysian 2R at 89dB sensitivity, with a recommended amplifier power range of 25 to 250 watts and a peak SPL of 109dB. Frequency response is specified at 35Hz to 22kHz, with bass extension down to 28Hz.

Crossover points are 360Hz and 2.9kHz, with cabinet volumes of 17.5 litres and 43.6 litres. The Elysian 2R stands 700mm tall, or about 27.6 inches, with a width of 334mm, or about 13.1 inches.

Net weight is 30.5kg per speaker, or about 67.2 pounds, so this is not exactly a “bookshelf” speaker unless your bookshelf was built by a shipyard.

The matching Elysian 2R stands measure 428mm tall, 402mm wide, and 435mm deep with badge, or about 16.9 x 15.8 x 17.1 inches.

Wharfedale Elysian 3R: Compact Floorstander

The Wharfedale Elysian 3R is the smaller of the two floorstanding models, but it still uses a proper three-way architecture. It features two coated glass fibre matrix bass drivers, a coated glass fibre matrix midrange driver, and a 27 x 90mm AMT high-frequency driver, roughly 1.1 x 3.5 inches.

Wharfedale specifies 89dB sensitivity, a recommended amplifier power range of 30 to 200 watts, and a peak SPL of 108dB. Frequency response is rated at 44Hz to 22kHz, with bass extension down to 35Hz.

The crossover frequencies are 375Hz and 2.9kHz, with cabinet volumes of 9.4 litres and 35 litres. The Elysian 3R stands 1050mm tall on its plinth, or about 41.3 inches, with a width of 263mm, or about 10.4 inches.

Net weight is 28.45kg per speaker, or about 62.7 pounds. It is the most room-manageable floorstander in the series, offering the full AMT, dedicated midrange, and dual-bass-driver layout without the size and weight of the flagship Elysian 4R.

Wharfedale Elysian 4R: Flagship Floorstander

The Wharfedale Elysian 4R sits at the top of the range and is the largest, most sensitive, and deepest-reaching model in the new series. It is a three-way floorstanding loudspeaker using two coated glass fibre matrix bass drivers, a coated glass fibre matrix midrange driver, and a 27 x 90mm AMT high-frequency driver, or approximately 1.1 x 3.5 inches.

Wharfedale rates the Elysian 4R at 92dB sensitivity, with a recommended amplifier power range of 15 to 250 watts and a peak SPL of 110dB. Frequency response is specified at 30Hz to 22kHz, with bass extension down to 24Hz.

Crossover frequencies are 340Hz and 3.1kHz, with cabinet volumes of 38 litres and 79.4 litres. The Elysian 4R stands 1188mm tall on its plinth, or about 46.8 inches, with a width of 402mm, or about 15.8 inches.

Net weight is 49.5kg per speaker, or about 109.1 pounds. That makes it the model most likely to deliver the full Elysian R scale and low-frequency authority, but also the one that will demand the most from the room, amplifier, and the person foolish enough to move it alone.

Wharfedale Elysian CR: Centre Channel

The Wharfedale Elysian CR is the centre channel speaker in the range, designed for matching Elysian R home cinema systems. It is a three-way design using dual coated glass fibre matrix low-frequency drivers, a coated glass fibre matrix midrange driver, and a smaller 27 x 45mm AMT high-frequency driver, or roughly 1.1 x 1.8 inches.

Wharfedale specifies 91dB sensitivity, a recommended amplifier power range of 25 to 250 watts, and a peak SPL of 110dB. Frequency response is rated at 35Hz to 22kHz, with bass extension down to 27Hz.

Crossover frequencies are 360Hz and 2.9kHz, with cabinet volumes of 5.7 litres and 64 litres. The Elysian CR measures 320mm tall and 830mm wide, or about 12.6 inches tall and 32.7 inches wide.

Net weight is 30.2kg, or about 66.6 pounds. Matching stands are available and measure 496mm tall, 618mm wide, and 372mm deep with badge, or about 19.5 x 24.3 x 14.6 inches.

This is clearly not a token centre speaker added to complete the brochure; it is a large, heavy, full-range centre channel intended for serious multichannel systems.

Pricing and Availability

The Wharfedale Elysian R Series is expected to be available in June in the U.S., with five models covering both stereo and home cinema systems. UK pricing listed in the supplied Wharfedale document shows the range scheduled for April 2026 availability in that market.

The Elysian 1R Compact standmount is the entry point into the lineup. It is a two-way design priced at $5,995 per pair in the U.S. and £3,499 in the UK. The larger Elysian 2R Reference standmount moves to a three-way configuration and is priced at $8,495 per pair in the U.S. and £4,999 in the UK.

For listeners looking for floorstanding models, the Elysian 3R Compact floorstander is a three-way design priced at $9,995 per pair in the U.S. and £5,599 in the UK. The Elysian 4R Flagship floorstander sits at the top of the range and is priced at $11,995 per pair in the U.S. and £6,999 in the UK.

Wharfedale is also offering the Elysian CR Centre channel, a three-way design intended for matching home cinema systems, priced at $5,995 in the U.S. and £3,499 in the UK.

Available finishes include walnut high gloss, matte black, and lunar grey. The walnut finish preserves the more traditional luxury loudspeaker look, while matte black and lunar grey give the Elysian R Series a cleaner, more contemporary direction.

The Bottom Line

The Elysian R Series is Wharfedale’s strongest modern engineering play, not another exercise in walnut-finished nostalgia. The refinements are meaningful: upgraded AMT tweeters, revised glass fibre matrix drivers, redesigned crossovers, improved SLPP bass loading, and resonance-controlled cabinet construction.

What makes the range compelling is the value equation. With the flagship Elysian 4R priced at $11,995 per pair in the U.S. and £6,999 in the UK, Wharfedale is competing in a category where many rivals now cost three to five times more and do not always offer more speaker for the money.

The lineup is missing a dedicated subwoofer, surround speaker, and height channel option, so it is not a complete home theater ecosystem. But as a high-end stereo range with a serious matching center channel, Elysian R looks like a very strong technical and financial argument. Not cheap, but increasingly rare in 2026: expensive for a reason.

For more information:

Where to buy:

security

Telegram-based ‘Outsider Enterprise’ accused of sending millions of scam texts and impersonating trusted brands

Google has sued an alleged China-based cybercrime operation it says used AI-powered phishing kits to blast out millions of scam text messages and funnel victims to fake websites designed to steal passwords, payment cards, and other sensitive information.

The complaint targets a group Google refers to as the “Outsider Enterprise,” which the company describes as a sprawling criminal network that operates on Telegram and supplies phishing tools to other fraudsters.

According to Google’s filing, the operation has been linked to more than 9,000 fraudulent websites, over one million malicious URLs, and scams that have allegedly defrauded hundreds of thousands of people.

The group’s biz model centers on distributing phishing kits that enable criminals to impersonate Google and other trusted brands through large-scale text message campaigns, Google claims. Victims are directed to fraudulent websites designed to steal login credentials, payment card details, and other sensitive information, it adds.

Google’s allegation is not that AI is somehow breaking into people’s phones, but rather that the technology appears to have been used to help churn out phishing content, allowing the operation to push more scams, more quickly, and with less effort.

Android users flagged more than 55,000 spam texts linked to the operation during a two-week period in May, we’re told, while the company detected roughly 2.5 million messages containing links to Outsider-controlled websites sent to Android devices during the same time frame.

The lawsuit forms part of a broader effort involving federal law enforcement and US telecom providers. Google said it is coordinating with the FBI, AT&T, T-Mobile, and Verizon to disrupt the infrastructure behind the campaigns and block malicious messages before they reach users.

“The criminals behind the Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims,” said Brett Leatherman, assistant director of the FBI’s Cyber Division.

“Criminals increasingly use AI to make fraud like this more convincing and harder to detect. Together with partners like Google, we can disrupt criminal networks in ways no single organization could on its own.”

The lawsuit may never put the alleged operators in a courtroom, but it could still help pull apart the infrastructure behind the campaigns. ®

I’ve spent the last 21 years of my life on a vegetarian diet, and because of that, I naturally cook and eat many meat-free vegan recipes. However, when I first heard about meal kits, I was skeptical, assuming that they wouldn’t cater to a plant-based diet. But when I began testing meal delivery services for CNET, I was happy to discover that there are a plethora of meal kits that accommodate vegan dietary restrictions.

When it comes to vegan meal kits, Purple Carrot often comes to mind because it’s a 100% plant-based service. Yet, there are many other companies that offer vegan dishes — just not as many. It’s one of those other services that outperformed Purple Carrot in my eyes. I’m talking about the USDA-certified organic Green Chef.

Although Green Chef isn’t 100% vegan like Purple Carrot, this is why I’d chose the former if I were to spend my own money on vegan meal kits.

Green Chef puts thought into its vegan dishes

Choosing Green Chef over Purple Carrot as my favorite vegan meal kit service came down to taste and the thoughtfulness of recipes. Over the two decades I’ve been preparing and chowing down on vegan meals, I’ve noticed that some recipes tend to equate “vegan” with “flavorless,” either overcompensating on spice or salt or undercompensating by simply throwing tofu in a dish with barely any preparation. 

I found that Green Chef’s meals incorporated a lovely blend of veggies, greens, grains, seeds and beans while still ensuring that each layer of its dishes was packed with the right amount of flavor. Even though Green Chef doesn’t solely focus on vegan recipes, each one I tried didn’t feel like an afterthought. 

Roasted squash and bell pepper sandwiches, creamy tomato pasta with roasted veggies and black bean burritos and spiced cauliflower are the three Green Chef meals I tried, and I would gladly make them all again.

Advertisement

A Purple Carrot protein predicament 

From Purple Carrot, I’ve tried eight different meals, and some I liked better than others, but overall it felt like the brand was struggling to find the right balance of flavors, especially in how its vegan proteins were prepared. For example, two of the proteins I tried, crispy lemon chick’n and adobo-roasted tofu, lacked tasty, well-rounded flavors, and I wasn’t able to finish eating them. 

Most recently, I tried Head Peloton Instructor Robin Arzón’s “Eat To Hustle” high-protein meal collaboration with Purple Carrot. I liked those meals better than others I’d tried from the brand, but still, Green Chef’s recipes win in the flavor category.

If it’s important to you, Green Chef’s meals are also USDA-certified organic, while only some Purple Carrot ingredients are organic or non-GMO.

Green Chef vs. Purple Carrot: The price comparison evens out

Purple Carrot and Green Chef meal kits are about even in price, and both are subscription services. Green Chef charges a flat $14 a serving, while Purple Carrot’s meal kits are $13 to $14 a serving. The latter’s ready-to-eat dishes range from $13 to $18, while grocery items are $3 to $40. 

Purple Carrot’s shipping is $12, but orders over $100 ship free. A $15 shipping surcharge may apply to select ZIP codes. As for Green Chef, shipping is a flat $10. 

Some Purple Carrot meal kits may be $1 cheaper per serving than Green Chef’s, but the latter’s shipping for orders under $100 is $2 less.

Where Purple Carrot wins: Variety

Green Chef offers at least five vegan meal kits per week, whereas Purple Carrot provides over 50 options, including meal kits and ready-to-eat meals, each week. The week of writing, there were 33 meal kits. 

Both services include breakfast, lunch and dinner options. While Purple Carrot has ready-to-eat meals and grocery items, such as oatmeal, cheese, snacks and vegan proteins, Green Chef has its Green Market as “add-ons” on its menu, including side dishes, juices, egg bites and ready-to-cook non-vegan proteins. 

If you want more than five vegan meal kits each week, Purple Carrot would be a better choice.

Other dietary restrictions offered

Along with vegan meals, Green Chef provides recipes for the following dietary restrictions and preferences: vegetarian, Mediterranean, gluten-free, calorie smart, high protein, high fiber, low added sugar, keto, dairy-free, sodium smart and carb smart. There are also kits with ingredients that support gut or brain health.

In addition to being 100% vegan, Purple Carrot supports gluten-free, high-protein, high-fiber and under-600-calorie meals. 

Between the two, Green Chef has more preferences that you can use to sort through its menu. It would also be great for flexitarians who want to eat more plant-based food but don’t want to go all the way.

My final thoughts

After testing a variety of vegan meal kit services for the past few years, I’ve come to the conclusion that, as long as price isn’t an issue, the deciding factor between companies is taste. In this respect, and since they’re about the same cost, my favorite vegan meal kits are Green Chef’s, despite Purple Carrot’s notoriety in the category. 

Ultimately, if you’re vegan and want to give meal kits a try, or if you eat meat but want to consume less of it, my personal recommendation for meal kits is Green Chef. But if you’re going for more variety and options each week, then check out Purple Carrot. 

EXCLUSIVE For the past 90 days, Microsoft has been quietly patching a firmware flaw in Surface devices that allowed the hardware to be bricked with a single packet, though only for those who have disabled Secure Core and Secure Boot.

And the company’s Copilot AI software inadvertently helped identify the faulty firmware.

According to Jack Darcy, a security researcher based in Australia, his instance of Microsoft Copilot stumbled across the bug after being asked to adjust the screen backlighting on a Surface device. The Copilot-conjured Python script ended up rendering the researcher’s laptop inoperable by overwriting the embedded controller firmware.

“Copilot autonomously created and executed four progressively aggressive Python scripts during a probe for backlight control values that sent raw SSAM ioctl commands (SSAM_CDEV_REQUEST = 0xC028A501) directly to the SAM microcontroller through the SAM software path,” Darcy explained to The Register.

The SAM or SSAM is the embedded controller used in Surface devices. And as our source explained, Microsoft’s implementation of the controller in Surface devices did not include any defense against arbitrary write values.

Microsoft does not consider the bug to be a practical threat. “There is no realistic attack scenario with this issue,” a spokesperson told The Register. “In order to successfully exploit it, an attacker would need to interact with specific drivers and send commands to a hardware interface. This would require administrator privileges on the machine, as well as disabling the Secure Boot feature. With this access, they could perform any number of actions.”

Commonly, Darcy said, digital devices require holding a button down or connecting a jumper cable to enable arbitrary write access. But that security check is absent in Surface devices, we’re told, enabling Copilot to vandalize the firmware in the absence of Secure Core and Secure Boot. Essentially, the probing triggered an update command from the SAM that overwrote the UEFI and Secure Boot firmware.

Surface devices treated to this sort of probing should continue to operate because the SAM was already initialized and is running in RAM. But upon reboot, when the SAM tries to reload using corrupted data in its non-volatile storage, it will fail to initialize, and the system will be unable to Power-On Self-Test (POST).

The Python script crafted by Copilot on the security researcher’s Surface device iterated blindly over a particular Target Category and the set of Command ID (CID) pairs, sending empty/null payloads to WRITE commands.

The result, Darcy explained, is that the SET Feature Report was called with null payload, the Output Report was called with null payload, and other CIDs were hit by SET commands that wrote garbage data.

As a result, the device became inoperable. We’re told this has been a common complaint about Surface devices online support forums over the years, though we have no way to determine whether boot failures reported for other Surface devices can be attributed to this specific problem.

Many Surface hardware issues reported publicly appear to be fixable through various troubleshooting techniques. But devices made inoperable by SAM access, our source insists, are permanently bricked – a situation that can entail hundreds of dollars in repairs for a new motherboard. No USB, no factory reset, no access to the BIOS/UEFI, we’re told.

Darcy said that the SAM Bus is terribly designed.

“There is no way to see the current value without scanning the bus,” he said. “But scanning the bus kills the unit.”

The problem is that the CIDs, which are like APIs for the SAM, have been interleaved in a way that’s dangerous.

“If all the reads were grouped together (say, CIDs 0x01–0x0F) and all the writes were grouped separately (say, CIDs 0x10–0x1F), a probe script could safely scan the read range without ever accidentally wandering into write territory,” Darcy said. “You could even put a simple bounds check in your code: ‘only probe below 0x10.’ Done. Safe.

“But because reads and writes are interleaved in the same numbering space, there is no safe range to probe. You literally cannot scan even two consecutive CIDs without a coin-flip chance of hitting a write command. The moment you decide to enumerate what’s available, you’re already firing blind writes, because the command space gives you zero structural information about which operations are safe and which are destructive.”

Managed devices not at risk

The Register asked Microsoft about our source’s claims on March 10, 2026. A company spokesperson reiterated a prior suggestion that the researcher contact the Microsoft Security Response Center (MSRC), an effort our source found too cumbersome. Rather than publishing details about what might have been a potential zero-day flaw – we were uncertain about the Secure Boot/Secure Core requirement at the time – The Register reached out to internal Microsoft sources in an effort to get someone’s attention.

By March 12, with the help of Microsoft media relations, we managed to coordinate a conversation between Darcy and Madeline Eckert, senior program manager with MSRC. Microsoft subsequently acknowledged the vulnerability and committed to issuing a fix. The Register in turn agreed to delay publication for 90 days while repairs were made. We’re told most affected devices have been updated (via Windows Update), or will receive updates in coming weeks. The issue did not meet the bar for a CVE, according to the company.

“We appreciate the work of Jack Darcy and The Register for reporting this issue under a coordinated vulnerability disclosure,” a Microsoft spokesperson said in a statement. “Our investigation found that a deprecated UEFI interface could trigger a boot loop on some devices. To trigger this loop, the user must have administrator privileges and have already disabled the Secure Boot security feature. We have released updates to address the issue for most impacted devices.”

That means managed devices are not at risk.

But those using Linux, or Windows users who have disabled Secure Core and Secure Boot for gaming, or who use custom Windows drivers, or who have USB boot enabled, may still be vulnerable if their systems haven’t received the update.

We’re uncertain about the range of Surface devices affected. Our source said it appears to be all of them (Surface Laptops 3-6, Surface Book 1-3) except for Surface Go models. ARM variants, however, have not been tested.

Microsoft moving Surface to Rust

One of the things we learned from Darcy during the effort to get this issue patched is that Microsoft is planning to move the Surface stack to Rust. We understand from David Abzarian, chief architect for Microsoft Surface, that work is underway to transition future Surface for Business hardware to a more secure architecture based on Rust code.

“Our most recent Surface for Business hardware features a major architectural shift in terms of improved reliability and security that spans our embedded controller, UEFI, but also some of our drivers,” said Abzarian in a statement provided to The Register. “We’re investing in the most secure foundation for a PC by building our embedded controller firmware from the ground up in Rust (as part of leveraging and contributing to the Open Device Partnership (ODP)) in addition to a rewrite of the UEFI DXE Core in Rust; these projects are known as Secure EC and Project Patina respectively. 

“We’re also not only shipping some of our drivers written in Rust, but also helping co-develop the framework Windows Drivers in Rust (WDR) to help enable a broad set of partners in the Windows ecosystem to capitalize on these benefits. I will also note that all of these efforts are open-source promoting one of our key security principles around transparency.”

Asked to comment, Darcy said, “The fact that a device can be destroyed, irreparably from userspace is… certainly an interesting design decision. While I applaud Microsoft for their beautiful, and innovative Surface series, a little more innovation around verifying incoming data at the firmware level would have been greatly appreciated.” 

We’re told Microsoft provided Darcy with a Surface laptop as a show of appreciation. ®

Within an hour after a horrific knife attack took place in Belfast on Monday night, far-right UK activist Tommy Robinson had shared a video of the incident on X, a post that racked up six million views. Within hours Elon Musk, the owner of the platform, weighed in, agreeing with a post calling for “consequences” for politicians.

By Tuesday morning, supercharged by X, the video was everywhere, and groups on Facebook were organizing protests across Northern Ireland and the UK. Far-right figures in the US and UK continued to pour fuel on the fire online, framing the incident as part of a broader anti-white agenda being perpetrated in Western countries.

By Tuesday evening, violent protests had broken out in Belfast, with masked rioters setting fire to vehicles, kicking in the doors of homes they believed housed immigrants, and setting those homes on fire.

Politicians were quick to criticize Musk and Robinson, who did not reply to requests for comment, for their role in fomenting the violence, but what no one appeared to notice was the role played by the white supremacist Active Club movement and its Youth Club wing in not only stoking tensions, but advising and orchestrating the masked youths who spearheaded much of the violence.

A WIRED investigation has documented how this global network activated within hours of the incident, showing how groups across the US helped promote the violence in Belfast. The movement is already analyzing how the protests played out and using them as a template for others to follow, highlighting the “organisation and professionalism” of those involved.

“Active Clubs, the fastest growing neo-Nazi movement around the globe, never miss an opportunity to exploit a tragedy for their own hateful purposes,” says Wendy Via, cofounder and president of the Global Project Against Hate and Extremism. “The protests in Belfast had hardly started before Active Club senior voices were functioning as a support network for the racist riots and encouraging replication in other countries.”

Around 10:30 pm local time on Monday night, emergency services were called to the Kinnaird Avenue area in north Belfast. Soon after, a video was shared online by an unknown person which showed a horrific knife attack against Stephen Ogilvie, who was left hospitalised with severe injuries to the face and neck, including the loss of his left eye.

Hadi Alodid, a 30-year-old Sudanese man, was arrested at the scene and has since been charged with attempted murder.

After Robinson posted the footage, it quickly gained steam on mainstream social media platforms. US-based X account End Wokeness, which specializes in sharing culture war and ragebait content, shared a screenshot from the video, with the caption: “African migrant just tried to behead a white man in North Belfast, Ireland. Video is too graphic to post.” The post has been viewed over 16M times.

Musk posted dozens of times about the incident in the following days, drawing the ire of politicians in the UK, but away from mainstream platforms like X and Facebook, other groups were also mobilizing and being much more explicit about the reason they believed a strong response was necessary.

Just hours after the attack took place, at 2:19 am on Tuesday morning, a Telegram channel called “White Youth In Revolt”—named after a phrase used across the Active Club and Youth Club movements—shared a screenshot of the video, writing: “Negro invader just attempted to behead a white man in the United Kingdom.”

The account typically shares content from Active Clubs in the US, but given the network’s growing footprint outside of America, it has a lot of followers in Europe.

Modern TV-watching is as much about anxiously messing around with settings to make sure the picture doesn’t look terrible as it is about actually enjoying a show. Happily, Google TV now lets you offload all the hassle onto Gemini.

First announced during a Google TV news dump at CES at the beginning of 2026, the new functionality allows you to adjust picture and audio settings with natural language voice commands. You can set brightness and contrast levels, change the picture mode, increase volume and tweak the EQ without needing to reach for your remote (although you can also summon Gemini by holding the microphone button if you’d rather not use the wake word).

As well as specific commands like “set picture mode to Sport” (likely to be a popular one in the coming weeks given the World Cup has just started), you can also troubleshoot if something doesn’t look or sound right. If you say “Hey Google, the screen is too dark,” Gemini will attempt to correct the issue for you. Tell it you can’t hear dialogue clearly and it will boost voices. That kind of thing. 

You can also use Gemini for mood-setting if you want a theater-worthy movie night, and if you don’t entirely trust the AI’s calibration skills, you can instead just ask it to save you a few clicks by opening the exact settings menu you’re looking for before taking over.

Google points out that picture and sound modes vary across devices, so it’s probably wise to make sure you know what your TV can do before using the new voice features. Otherwise you might spend even longer trying to get it looking and sounding right than you would using the old-fashioned manual solution.

The other thing to note is that this functionality is currently exclusive to select TCL models in the US. In the next few weeks it’ll start rolling out to the QM9K, X11L, QM9L, QM8L and RM9L. You’ll have to perform a system update to start using it. There’s no word on when or indeed if other models or brands will be supported.

Google TV’s Gemini-assisted functionality has been expanding over the last few months. Back in March, Google introduced its “richer visual help” feature, which tries to respond to commands with more useful information. Ask for current sports scores, for example, and Gemini will display both a live scorecard and information on where you can watch that game.

Sport briefs, which are essentially a sports-oriented version of the news roundups that debuted last year, also arrived in March, as well as visual “deep dives” on specific topics.