A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees’ salary payments after hijacking their accounts in payroll redirection (also known as payroll pirate) attacks.

The attackers used malicious Microsoft 365 sign-in pages to steal victims’ authentication tokens and session cookies by redirecting them to domains (e.g., bluegraintours[.]com) hosting malicious web pages (pushed to the top of search engine results through malvertising or SEO poisoning) that masqueraded as Microsoft 365 sign-in forms.

This allowed Storm-2755 to bypass multifactor authentication (MFA) in adversary‑in‑the‑middle (AiTM) attacks by replaying stolen session tokens rather than re-authenticating.

“Rather than harvesting only usernames and passwords, AiTM frameworks proxy the entire authentication flow in real time, enabling the capture session cookies and OAuth access tokens issued upon successful authentication,” Microsoft explained.

“Due to these tokens representing a fully authenticated session, threat actors can reuse them to gain access to Microsoft services without being prompted for credentials or MFA, effectively bypassing legacy MFA protections not designed to be phishing-resistant.”

After gaining access to an employee’s account, the attacker created inbox rules that automatically moved messages from human resources staff containing the words “direct deposit” or “bank” to hidden folders, preventing the victim from seeing the correspondence.

In the next stage, they searched for “payroll,” “HR,” “direct deposit,” and “finance,” then sent emails to human resources staff with the subject line “Question about direct deposit” to trick staff into updating banking information.

​Where social engineering failed, the attacker logged directly into HR software platforms such as Workday, using the stolen session to manually update direct deposit details.

To harden defenses against AiTM and payroll pirate attacks, Microsoft advises defenders to block legacy authentication protocols and implement phishing-resistant MFA.

If any signs of compromise are detected, they should also revoke compromised tokens and sessions immediately, remove malicious inbox rules, and reset MFA methods and credentials for all affected accounts.

In October, Microsoft disrupted another pirate payroll campaign targeting Workday accounts since March 2025, in which a cybercrime gang tracked as Storm-2657 targeted university employees across the United States to hijack their salary payments.

​In these attacks, Storm-2657 breached the targets’ accounts via phishing emails and stole MFA codes using AITM tactics, which allowed the threat actors to compromise the victims’ Exchange Online accounts.

Payroll pirate attacks are a variant of business email compromise (BEC) scams that target businesses and individuals who regularly make wire transfers. Last year, the FBI’s Internet Crime Complaint Center (IC3) recorded over 24,000 BEC fraud complaints, resulting in losses exceeding $3 billion, making it the second most lucrative crime type behind investment scams.

Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other.

This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.

Get Your Copy Now

NASA’s Artemis II crew of four astronauts from the United States and Canada are set to return to Earth on Friday after their historic trip to the far side of the moon.

Reid Wiseman, Victor Glover, Christina Koch, and Jeremy Hansen have spent 10 days aboard the Orion spacecraft. They are expected to begin re-entry at 7:33 p.m. ET with a splashdown of 8:07 p.m.

NASA has a live feed for when the crew lands in the Pacific Ocean later today. The Orion spacecraft is expected to splash down off the coast of San Diego, California.

The Artemis II mission marks the first time humans have ventured to the moon’s orbit in more than 50 years. The crew traveled farther from Earth than any humans have before, reaching an estimated 252,760 miles from our planet. That’s the same distance as traveling between New York City and Los Angeles around 100 times, only the astronauts are inside a capsule with 330 cubic feet of habitable space, which is about the size of two minivans.

The objective of the Artemis II mission is to collect data and insights that will help NASA prepare for future lunar missions and landings — the astronauts put the Orion spacecraft through planned tests to evaluate how it performs with a crew in deep space. This involves testing communication systems with colleagues on Earth, making trajectory adjustments, and making a safe re-entry and splashdown.

The splashdown could be one of the most dangerous moments of the whole mission. On the Artemis I mission in 2022, which did not have a crew, Orion’s protective heat shield was unexpectedly damaged upon its return to Earth. The heat shield is made of AVCOAT — a material designed to slowly dissipate and protect the crew from temperatures approaching 5,000 degrees as it penetrates Earth’s atmosphere — but the shield was charred and cracking in places, which was not supposed to happen.

If humans had been aboard Artemis I, they would’ve still returned safely, NASA said. The agency has also conducted extensive research on how the heat shield was damaged in the first place. Still, the heat shield remains top of mind as people around the world hope to see these four astronauts return safely.

The crew left Earth on April 1, and the astronauts quickly encountered some mundane mishaps, including issues with Microsoft Office and their toilet. But these early moments were easily overshadowed by the wonder of the images and information that the crew sent back from the moon. You can already see new photos from the lunar flyby on the dark side of the moon.

The astronauts also named new craters, including one that was named after mission commander Wiseman’s late wife Carroll, who died of cancer in 2020 at age 46.

The crew was also able to witness a total solar eclipse from just a few thousand miles away from the moon, a unique vantage point that no astronaut had experienced before.

“It wasn’t just an eclipse with the Sun hidden behind the Moon,” Koch, the crew’s mission specialist, explained. “We could also see earthshine, the Sun’s light reflecting off Earth, wrapping the Moon in a soft, borrowed glow.”

The rest of the live broadcast is streaming here.

Amazon is ending support for third-party integrations on its Luna cloud gaming service. The most immediate changes mean that it’s no longer possible to buy Ubisoft+ and Jackbox Games subscriptions or standalone games through Luna.

Amazon will automatically any cancel active subscriptions bought through Luna at the end of customers’ next billing cycle. If you have a Ubisoft+ subscription that you bought directly from Ubisoft instead, you’ll still be able to access games on that service through Luna until June 10.

The Bring Your Own Library option — which allows users to play games they own on the likes of EA, GOG and Ubisoft on Luna — is going away too. You won’t be able to access games from on those storefronts via Amazon’s streaming service after June 3.

If you bought any games outright on Luna, you’ll still be able to play them there until June 10. Unlike Google did when it shut down Stadia, Amazon isn’t offering refunds for those purchases. However, you’ll still have access to them through the respective third-party platform that’s linked to your account, be it the EA App, GOG Galaxy or Ubisoft Connect.

That doesn’t exactly help folks who don’t have powerful-enough systems to play more demanding games and were relying on Luna. As such, some people might need to turn to the likes of GeForce Now in order to keep playing games they bought through Luna (and they’ll need to hope GFN actually supports their specific games).

Amazon has been reshaping Luna over the last several months. It rolled out a revamped version of the service back in October, with more of a focus on GameNight party games that you can play with a smartphone.

Prime subscribers will still be able to claim PC games and stream games on the Luna Standard tier at no extra cost. The Luna Premium subscription, which includes a wider range of third-party games, is still available too.

“We’re doubling down on a broad range of gaming experiences, including strong third-party titles, delivered in ways that make great games more accessible, as well as new and unique gaming experiences like GameNight,” Amazon wrote in an email to Luna users. The company also said it will offer some folks a free Luna Premium subscription.

In short: Estonia and Belgium are the only two EU member states to have declined the Jutland Declaration, an October 2025 pan-European commitment to restrict children’s access to social media. Estonia’s ministers argue that age-based bans are unenforceable, that children will find ways around them, and that the correct approach is to enforce the GDPR against the platforms themselves and invest in digital literacy rather than restricting young people’s participation in the information society.

The declaration most EU countries signed

On 10 October 2025, digital ministers from 25 of the European Union’s 27 member states signed the Jutland Declaration at an informal gathering in Horsens, Denmark. Norway and Iceland also signed. The declaration is a non-binding political commitment to introduce privacy-preserving age verification on social media platforms, protect minors from addictive design features and dark patterns, and work toward what the document describes as a “digital legal age” for access to online services. Estonia and Belgium were the two EU members that declined. Belgium’s refusal came from a veto by Flemish Media Minister Cieltje Van Achter, who described the declaration’s age verification requirements as disproportionate and objected to requiring children to use national identity systems such as Itsme to access services like YouTube or Instagram. Estonia’s refusal was substantively different: principled rather than procedural, and rooted in a broader argument about where Europe’s regulatory effort should be directed. The political momentum the declaration reflects is considerable. Europe’s social media age shift accelerated through 2025 and into 2026, with Australia implementing the world’s first ban on under-16s from December 2025, France passing legislation in January 2026 to prohibit under-15s, Spain enacting restrictions for under-16s in February 2026, and Austria moving to restrict children under 14. Greece announced it would ban under-15s from social media from 2027, part of a six-country EU grouping that also includes Denmark, France, Austria, Portugal, and Spain. On 20 November 2025, the European Parliament backed a non-binding resolution calling for an EU-wide digital minimum age of 16 by 483 votes to 92, with 86 abstentions, and called on the European Commission to incorporate the measure into the forthcoming Digital Fairness Act.

Why Estonia said no

Estonia’s dissent is articulated by two ministers who have approached the question from different but complementary angles. Kristina Kallas, Minister of Education and Research, has been the more outspoken critic of the ban consensus. At a Politico forum in Barcelona, Kallas argued that age restrictions place responsibility on the wrong party. “The way to approach this, to me, is not to make kids responsible for that harm and start self-regulating,” she said. Her corresponding argument is that the responsibility should fall on the platforms. “Europe pretends to be weak when it comes to big American and international corporations,” she told the forum, challenging the EU to “actually take this power and start regulating the big American corporations.” She was also direct about the practical limits of ban-based approaches: “kids will find very quickly the ways to go around and to still use social media.” That argument connects to Europe’s broader effort to assert its regulatory power over American technology companies, a project that has gathered considerable momentum since 2025 but has not yet been applied with comparable force to social media content governance. Liisa-Ly Pakosta, Minister of Justice and Digital Affairs, has framed the positive case for Estonia’s preferred approach. “Estonia believes in an information society and including young people in the information society,” she has said, emphasising digital participation rather than exclusion. Pakosta has pointed to the General Data Protection Regulation as the enforcement mechanism already available: the GDPR prohibits platforms from processing children’s personal data without appropriate consent and carries fines of up to 4% of global annual turnover for violations. Estonia’s argument, in essence, is that Europe has not exhausted its existing tools before reaching for a new and unproven one.

The enforcement problem Estonia is pointing to

Estonia’s critique of the ban model has a concrete reference point. Australia became the first country in the world to enforce a social media ban for minors on 10 December 2025, prohibiting anyone under 16 from holding accounts on platforms including Instagram, TikTok, YouTube, Snapchat, X, and Facebook. Platforms face fines of up to approximately A$50 million for failing to take reasonable steps to prevent underage access. In the months after the ban came into force, the eSafety Commissioner found Meta, TikTok, and YouTube were not complying with the ban, with the regulator proceeding to court action against the platforms. The compliance picture was bleak: seven in ten children who had held social media accounts before the ban still had active accounts after it took effect. Workarounds including VPNs, false birth dates, and the transfer of accounts to adult relatives proved straightforward and were widely adopted. Whether the Australian experience represents the definitive verdict on the ban model, or merely an early implementation struggle that stricter enforcement will eventually resolve, remains contested. What is not contested is that the world’s first and most closely watched age ban produced a high rate of non-compliance within months of introduction, and that this outcome was predicted in advance by critics who argued the compliance burden would be met by creative circumvention rather than by genuine restriction.

What comes next in Brussels

The practical arena for the contest between Estonia’s platform-enforcement approach and the ban-majority’s position is the Digital Fairness Act, the European Commission’s forthcoming legislation targeting addictive design, dark patterns, and manipulative commercial practices in digital services. The European Parliament’s November 2025 vote made explicit that it wants a 16-plus digital minimum age incorporated into the DFA text, along with bans on engagement-based recommender algorithms for users who are minors, restrictions on loot boxes, and a default-off requirement for infinite scroll, autoplay, and pull-to-refresh mechanisms on services used by young people. The Commission is expected to table the DFA proposal in the fourth quarter of 2026. That timeline gives Estonia a legislative window in which to argue for a platform-accountability framework to sit alongside, or in place of, an age-based access restriction. The two approaches are not necessarily mutually exclusive, but they reflect genuinely different theories of where regulatory leverage is most effectively applied: against the commercial platforms that build and profit from the systems in question, or against the young people who have grown up treating social media as ordinary infrastructure. 2025 established AI as the defining technology of the decade, and as AI-powered recommendation systems become the primary mechanism by which young people encounter content online, the question of who bears legal and regulatory responsibility for what those systems serve to a 14-year-old is one that Europe will have to answer in law, not just in declarations.

Apple’s iPhone 5C is apparently getting a second life, and this time it is not because it was a hidden gem that was slept on.

In an NBC News segment, the network highlights a small but noticeable social media comeback for Apple’s old iPhone 5C. The sudden popularity is largely driven by Gen Z users who seem drawn to its colorful design, “throwback” camera quality, and overall retro charm.

The story is less about raw utility and more about the vibes. So after the iPod, the colorful iPhone is the next to get a revival.

Why Gen Z is suddenly into the iPhone 5C again

The appeal behind the iPhone 5C is pretty simple. Gen Z is drawn to how different it feels from modern phones. Today’s smartphones mostly look like polished slabs of metal and glass. The iPhone 5C, on the other hand, is bright, plastic, cheerful, and a little awkward in a way that now reads charming rather than cheap.

NBC notes that another reason for the renewed interest is the camera. One of the on-screen captions specifically notes that the iPhone 5C is trending thanks to its grainy photo quality. The softer and lower image quality fits neatly into the broader social media obsession with imperfect digital aesthetics, particularly with older digital cameras.

So what used to feel outdated now reads as character.

Nostalgia plays a big role

Back when it was first released in 2013, the iPhone 5C failed to meet sales expectations because it failed to be affordable, despite its “budget iPhone” pitch. It lacked the popular Touch ID, and the plastic was perceived as “cheap”.

The segment brought in Clay Routledge, an existential psychologist and author of Past Forward, to explain the deeper pull behind retro tech. He also gives the story a broader cultural frame. The comeback is not just about one old iPhone model. It is about how younger users are increasingly drawn to gadgets that feel less optimized, less overwhelming, and less trapped in today’s hyper-polished digital culture.

At AXPONA 2026, where six-figure systems are aplenty and it’s not unusual to stumble into rooms pushing past $500,000 or even flirting with $1 million, most of what’s on display exists for a very small slice of the population. That’s part of the spectacle, but it’s not always where the story is. The Dynaudio Legend bookshelf speakers stopped me cold because they don’t rely on excess to make their point. Compact, handcrafted in Denmark, and built around real-world usability, they deliver the kind of scale, detail, and physical presence that makes a lot of those megabuck systems feel like overkill. In a show full of gear chasing perfection at any cost, this is the rare product that actually makes you question where that line should be drawn — which is $7,000 in this particular case.

Danish Craft, No Shortcuts: Why the Dynaudio Legend Stands Out

Listening to music should feel like a break from everything else. At a busy show, that’s harder than it sounds—but the Dynaudio Legend made a convincing case without trying too hard. That was clear before I even realized they’re using Dynaudio’s best tweeter here, which explains a lot about the control and refinement I was hearing.

Dynaudio doesn’t cut corners. It never has. That shows up here in a straightforward way: consistent parts, consistent tuning, and a compact design that doesn’t try to overreach. What changes from pair to pair is the finish.

Each cabinet uses natural rosewood veneer that’s selected and matched by eye, paired with Jatoba hardwood corner pieces that complement the grain. Final assembly is done by hand in Denmark. No two pairs look exactly the same, but they’re all built to the same standard.

The finish deserves mention because it’s noticeably better in person than in photos—more depth, more texture, less “factory uniform.” It’s the kind of detail you notice up close, not from across the room. And for those losing their minds online because they don’t look like $7,000 loudspeakers—the reality is they look sensational in person, and that’s what actually matters.

I’ll admit they got my attention for practical reasons as well. As I think about building out a home office and splitting time between New Jersey, Florida, and Texas; this is the type of speaker that makes sense: compact, well-built, and visually distinct without being over the top.

There’s nothing complicated about the pitch here. Every pair is unique in appearance, but the approach is consistent. And that consistency is really the point.

Specifications and System Context

The Dynaudio Legend is a compact two-way, rear-ported bass reflex bookshelf speaker designed for smaller spaces and more focused listening setups. It uses a 28mm Esotar 3 tweeter with Hexis; Dynaudio’s top-tier high-frequency driver paired with a single 15cm MSP (magnesium silicate polymer) mid/bass unit. The crossover is set at 3,500Hz with a second-order topology, and the rated impedance is 6 ohms.

On paper, the sensitivity is a modest 83 dB (2.83V/1m), with frequency response specified from 60Hz to 28kHz. Power handling is rated at 150 watts, which tells you everything you need to know: these are not speakers you throw on the end of a budget integrated and call it a day. They need current, and they respond to it.

That explains the rather serious MOON by Simaudio network amplifier used in the demo system. Even in a relatively small room: think den, bedroom, or office, the pairing made sense. This wasn’t about filling a cavernous space; it was about control, headroom, and getting the most out of that low sensitivity.

Physically, the Legend measures 31.1 cm (12 1/4 inches) tall, 18.6 cm (7 1/3 inches) wide, and 27.1 cm (10 2/3 inches) deep, with a weight of 6.3 kg (14 lbs) per speaker. In practice, that translates to an easy fit on proper stands or a solid shelf setup.

The system I heard leaned into nearfield listening from a leather sofa positioned fairly close to the speakers. In that context, the Legend’s scale and control made a lot of sense—this is a speaker designed to work in real rooms, not just showrooms pushing six figures.

The Danes Heard the Internet Naysayers and Carried On Anyway

Right off the bat, what stood out was how composed they stayed at higher listening levels. These are passive bookshelf speakers, and while Dynaudio offers a dedicated stand, it felt a bit too low in this setup. I preferred them on a media credenza, which brought the drivers into a better position and made the overall presentation more convincing.

You can push these harder than you probably should. Not that you need to because they’re engaging at lower levels, but when the volume goes up, they don’t lose their grip. With electronic tracks that lean on impact and control, the Legend held together without sounding strained or thin.

That also puts to rest one of the louder online takes floating around from people who haven’t actually heard them: that there’s no meaningful bass below 60 or 70 Hz. That’s not what I heard. In-room, with proper amplification, there’s usable, convincing low-end extension. No, they’re not replacing a subwoofer on paper, but the idea that they fall off a cliff down low doesn’t line up with reality.

In fact, I found them to be rather hard hitting. For my listening; electronic, metal, new wave, and progressive synth rock, I wouldn’t feel the need to add a subwoofer.

The midrange leans warm, but it’s controlled and doesn’t drift into thickness. Vocals have weight, instruments have body, and nothing feels pushed forward just to grab attention. It sounds intentional, not romanticized.

Up top, this is where things separate quickly. Dynaudio is using its best tweeter here, and it shows. The treble is open and extended with real air, plenty of energy, and strong detail retrieval, but it never turns hard or brittle. You get resolution without edge, which is harder to pull off than it sounds.

What caught me off guard was the overall sense of scale. These don’t sound like small bookshelf speakers. The presentation is wider than expected, with a soundstage that stretches well beyond the cabinets and holds together even when things get busy.

And yes, there were moments where I actually laughed out loud with familiar tracks. Not because I forgot my meds, though thanks for the reminder, but because they delivered something I wasn’t expecting. These are better than they have any right to be based on size alone, and they make that point pretty quickly.

In the context of AXPONA 2026, where it’s easy to get desensitized by six-figure systems, the Dynaudio Legend stands out for a simpler reason: it makes sense. Solid engineering, real-world size, and performance that holds up under scrutiny. At $7,000, it’s not inexpensive, but most certainly one of the few speakers that I listened to so far that I would consider buying.

For more information: Dynaudio Legend

Related Reading: