An exercise bike is a great tool if you’re looking to get cardio in at home or at the gym. However, if you don’t properly set it up or do too much too soon, it can ruin progress. Even if you’ve been cycling for years, it helps to get a refresher on the best cycling practices.

To make sure you’re using an exercise bike properly and doing the right workouts, I spoke with several cycling experts. They break down the common mistakes you’re likely making on an exercise bike and how to fix it.

1. Your seat is too low

One of the first lessons I learned when I started taking group cycling classes was that you need to properly adjust the seat height. Aviron coach and certified indoor cycling instructor John Steventon says the right seat height is key. 

“[If the seat is] too low, they won’t be able to get full extension of the legs, often needing to cycle with their knees splayed outward to make room for them,” Steventon explains. This leads to a loss of potential power and a compressed and uncomfortable pedal stroke. “If the seat is too high, the rider will risk bouncing from side to side as they lean off the side of the saddle, trying to get the right extension of the legs.” 

Peloton instructor Matt Wilpers offers a couple of tips to keep in mind when setting up your seat. “When riding, bring your one foot to the bottom of the pedal stroke (6 o’clock),” he says. “The saddle should be positioned high enough that there is a slight bend in the knee so that the knee is soft and not locked.” This will prevent you from feeling cramped or having to reach for the bottom of the pedal stroke.

Steventon points out that how the foot sits on the pedal is important, too. “The center spindle that the pedal rotates around should be underneath the ball of the foot because I’ve seen people who ride on their toes, and people who ride on their heels — both reduce power and efficiency of the stroke.”

Wilpers advises trying the “heel test,” which is when you unclip the foot at 6 o’clock to see if your heel can touch the pedal when your leg is straight.

2. The saddle isn’t the right distance from the handlebars

Another factor to consider when setting up your exercise bike’s saddle is its distance from the handlebars. Wilpers says the goal here is to get the knee stacked over the pedal, especially when the pedal is at 3 o’clock. “I usually start with the saddle pushed toward the handlebars and then adjust accordingly when I ride,” he recommends. The problem is that when your seat is too far forward, your knees take on the pressure, and if it’s too far back, the stress lands on the heels.

3. The handlebars are too high

Besides the seat, make sure the handlebars are at the right height. “In general, it’s recommended to keep the handlebars at the level of your saddle or just above,” says Wilpers. “Many competitive cyclists like their handlebars at or slightly below saddle height because it better optimizes both performance and aerodynamics when cycling outdoors.” 

However, Wilpers says that in some cases, such as if you have back problems, raising your handlebars even further is advised. 

4. You skip the warm-up or cool-down

If you’re eager to jump on your bike and get a quick workout in, chances are you’re skipping a warm-up or cool-down. Steventon says that if you want to get your body ready for your workout, spending 10 minutes increasing resistance and cadence before a longer or more intense ride will prime the muscles. 

“Rather than slowly working up from 60 revolutions per minute to 110 rpm during the warmup, 30-second bursts at gradually higher reps in between 30 seconds of easy pedalling will allow the warmup to be effective without draining energy before the main workout,” he explains.

Some warm-up exercises Wilpers recommends include: 

• Hip openers like 90/90s (a stretch that uses internal and external hip mobility), pigeon pose and lateral lunges 
• Quadruped thoracic rotations (this exercise stretches out your spine)
• World’s Greatest Stretch (a full body mobility exercise that targets hips, hamstrings, and spine)
• Exercises to wake up the ankles and feet, such as ankle-controlled articular rotations (slow rotational movement of the ankle to improve ankle mobility) and performing the downward dog stretch while pedaling out the calves

The cool-down shouldn’t be neglected either. “In some cases, after a particularly hard workout, stopping suddenly can cause the blood to pool in the legs, and the cyclist may get dizzy,” warns Steventon. He recommends spending 5 minutes slowing your cadence to help the muscles keep pumping blood and oxygen as you ease out of the strain of the main workout. 

You should also stretch the muscles used during a ride, such as your hamstrings, quads, hip flexors and calves. “Triceps, shoulders and wrists shouldn’t be ignored either,” Steventon says. “These muscles are soaking up the mass of the upper body, bouncing up and down, left and right on the handlebars.” 

If you’re riding a bike with a screen, the screen’s position can sometimes lead to neck pain. In those circumstances, Steventon recommends gentle neck stretches to ease off the tension after a workout.

5. Your bike workouts aren’t planned out 

If you don’t have a general workout program or structure, you may be using your bike inefficiently. It’s important to make sure that you’re riding with intention if you want to get the most out of it. “Everyone has the same three training variables to manipulate in order to get what they want out of their training: frequency, duration and intensity,” Wilpers says. 

Frequency relates to how often you work out, since it’s important to have a consistent riding schedule. “Cycling is great because it’s low impact, meaning it’s easier to recover from it and therefore you can ride more often without much fear of injury,” Wilpers says. 

If you’re a newbie, it’s best to focus on easy rides. Steventon recommends new riders aim for two to three rides per week and take a rest day between each cycling workout to let their bodies recover from the workout the day before. “Not only for the muscles, but depending on the length of the ride, there’s an element of saddle discomfort that rest will help,” Steventon explains. 

Once you have a riding schedule established, you can focus on duration. This is when you start increasing the length of your sessions. 

Finally, once you’ve become comfortable with your bike, you can increase the intensity to improve your fitness. Steventon says more experienced riders are capable of putting in four to five workouts a week. 

“The importance of foundation building zone 2 heart rate [exercise performed at 60% to 70% of your maximum heart rate] during longer rides is the same for all riders, but with three more workouts to play with,” Steventon explains. “They can add in some tempo and sprint interval workouts too, pushing the cardio harder, and working at a mix of cadence and resistance through these workouts.” 

Below are different ways you can structure your workout depending on your goals:

Advertisement

As the main form of cardio

If cycling is your main focus, Wilpers recommends riding three to five days per week, with one to two intense days, one long day and the remainder as easier rides. Aim to ride for 30 minutes to 2 hours or longer.

As part of a strength-training program

If you’re prioritizing strength training but want to include cycling as your preferred form of cardio, Steventon and Wilpers advise aiming for two to three sessions at a zone 2 heart rate for 20 to 45 minutes.

As part of a cross-training plan

You can also use an exercise bike for cross-training. This could be ideal for runners or other athletes who want a hybrid workout schedule during the week. Steventon says, “Cross-training utilization of cycling can be a very effective way to keep cardio topped up without the impact problems of constantly running.” Wilpers recommends cross-training once or twice per week for 20 to 45 minutes, as long as you’re healthy.

If you have injuries or certain aches from running, you can shift your training to cycling two to four times per week for 20- to 45-minute sessions. Steventon recommends that runners cycle whenever their bodies need to recover from running. “Long, slow rides will keep your fitness foundation strong, with harder sprint intervals tapping into VO2 max improvements,” Steventon says. VO2 max is the maximum rate at which your body consumes oxygen during exercise.

6. Doing too much or too little on the bike 

One of the biggest mistakes people make when riding an exercise bike is either doing too much too soon or coasting while distracted. “Many people seem to think that unless they wake up sore, nothing was accomplished, and on the other end of the spectrum, I see people just pedaling and texting,” says Wilpers. 

When riding, remember to focus on the workout at hand. Distractions like texting or answering emails can get in the way of making progress. “Have a purpose and plan before getting on the bike so that your time is structured,” Wilpers suggests. “This will help you stay focused and get the most out of your time.”

Steventon notes that the best way to use a bike or any fitness machine is to mix up the intensities to avoid hitting a plateau. “Long, slow rides, short sprint intervals and tempo rides (moderately hard ride) including hard, long intervals will improve the mitochondria-building, zone 2, foundation end of fitness, while the shorter sprints will help improve the VO2 max end, and the tempo rides are where mental resilience is built,” he says.

7. Wearing the wrong cycling shoes

Wearing the right cycling shoes can improve your riding experience. Depending on the bike, you may need specific cycling shoes, like carbon-fiber cleats, road bike shoes, clip-in shoes, mountain bike shoes or even everyday shoes. 

When choosing a cycling shoe, you want to make sure it’s comfortable because they don’t come cheap. Steventon recommends mountain bike shoes if you aren’t sure what to pick. “These are a little bit more flexible and have recessed cleats, making it a lot easier to move around, providing stability in situations where ‘off bike’ moves like squats or weights are included in a cycling class.”

Wilpers favors clip-in cycling shoes because they’re stiff and lead to better energy transfer from the body to the bike. However, the shoe you pick will depend on the type of bike you’re using, and most importantly, you want the shoe to fit well. 

Steventon says everyday gym sneakers are acceptable, but that they may not be the best option. “The pedal efficiency may be compromised even with toe clips that hold these shoes in place on the pedal,” he explains, pointing out that because these shoes tend to be soft-soled, it can be uncomfortable to use for long periods of time. 

Wilpers notes that some cycling shoe brands are much narrower than others, so it depends on your needs and comfort. “Lastly, I think it’s worth noting that a good set of road cycling shoes can cost hundreds of dollars, but these shoes typically last up to five years,” he says.

8. You’re not braking correctly

Usually, when you stop an exercise bike, you’re either pressing down the emergency brake or using the resistance knob to slow it down. “Trying to suddenly stop the flywheel or unclip feet while the heavy flywheel still wants to turn has great potential for injury,” warns Steventon. “Always use the resistance knob or emergency brake to slow things down properly, and wait until the flywheel has stopped before unclipping.”

9. You don’t maintain or clean your bike

It’s easy to forget that you need to do maintenance and clean your bike every so often. Wilpers reminds us that all bikes need to be cleaned and maintained. “Cyclists are known for constantly cleaning and occasionally replacing parts on their bikes because this is what it takes to keep your bike working great for many years,” he explains. 

One thing people often overlook is adjusting their bike settings annually. “Think about how much your body can change in a year,” explains Wilpers. “You may get stronger, weaker, heavier, lighter, tighter, more flexible and so on.” By adhering to bike settings, you’ll not only have a more comfortable ride but also one that’s customized to your changing needs. 

A solo Russian-speaking threat actor used a jailbroken Google Gemini in a fraud and credential-theft campaign targeting hardcore Trump supporters and conspiracy theorists.

Between September 2025 and May 2026, the “low-skilled” scumbag using the handle bandcampro partnered with the LLM to impersonate an American veteran, run a Telegram channel (@americanpatriotus), hack admin credentials, and steal cryptocurrency, according to a threat report from TrendAI. His only “real cost” in the operation was stolen API keys.

Bandcampro ultimately reached about 17,000 subscribers, used 73 likely-stolen Gemini API keys, hacked 29 WordPress admin credentials, infiltrated at least one company, and emptied at least one victim’s cryptocurrency wallets, according to TrendAI researchers Philippe Lin, Joseph C Chen, Fyodor Yarochkin, and Vladimir Kropotov. 

The threat-hunters detailed the campaign in a Thursday report, and said while the Telegram channel dates back five years, bandcampro’s success skyrocketed once he started using AI-generated content last fall.

“We have reached an inflection point for cybercrime conspiracies,” Tom Kellermann, TrendAI’s VP of AI security and threat research, told The Register, adding that “bandcampro’s conspiracy underscores the sophistication of the Russian cybercriminal community and how weaponized jailbroken LLMs are manipulated to orchestrate a systemic cybercrime campaign.”

Kellermann said the attack “highlights LLMs’ Achilles heel, which is the tremendous exposure to API attacks.” 

TrendAI researchers discovered the scammer’s infrastructure in May, which exposed the full contents of the individual’s operational environment. 

He used Google Gemini to generate the Telegram channel text and Venice.ai to power an interactive chatbot designed to simulate a Quantum Financial System (QFS) terminal. 

Neither Google nor Venice responded to The Register’s requests for comment.

The campaign targeted the QAnon and MAGA communities, mimicking the cryptic, anonymous “Q drop” messages at the heart of the QAnon conspiracy, but the researchers say his “use of information operation techniques was more likely for cryptocurrency fraud instead of political motives,” based on the content posted, and the stock remote access trojan (RAT) used alongside other commercial malware.

On September 9, 2025, the actor posted a fake “freedom-first, self-custody wallet” called StellarMonster, with a welcome bonus of up to 1,000 XLM (about $380) on the Telegram channel.

It was an executable named StellarMonSetup.exe. Malware analysis determined that in reality, StellarMonSetup.exe is a legitimate remote access tool called GoToResolve, which gives the operator a persistent remote desktop session with file access, command execution, and clipboard capture. 

Plus, any subscribers who used the “import your wallet” function and typed their seed phrase into the fake import screen gave the attacker their wallet keys.

“At least one victim’s crypto-wallet was fully compromised: password cracked, 12-word mnemonic stolen, and the owner’s 40+ wallet addresses harvested across all major chains,” the researchers noted.

The attacker also used an AI-powered brute-forcing tool to hack WordPress accounts, we’re told. “The script is built on the premise that people mutate familiar base passwords in predictable ways, and Gemini 2.5 Flash can model the mutations when supplied with static wordlists,” Trend wrote.

In total, the AI-assisted WordPress hacking operation cracked 29 WordPress administrator accounts, including those belonging to weapons retailers, legal offices, medical practices, and small commercial sites.

During his conversations with Gemini, bandcampro asked questions like: “When the bot accumulates 5,000 active users, how much can we earn from one pump-and-dump cycle?” The criminal also asked how professional crypto call centers scam North American victims and Gemini suggested Medicare and/or Health Canada fraud targeting the elderly.

The Russian speaker also automated his content campaign through a pipeline he named “Quantum Patriot,” a set of Python scripts that called Gemini to role-play as an American veteran patriot. The pipeline fed a preset list of newsfeeds into the LLM and Gemini rewrote them, prompted to act as an admin of an “American Patriot” channel looking for “hidden angles.”

The crypto- and credential-thief also used Gemini to help him hack, set up a command-and-control framework – including a mail-testing tool, a Gmail aggregator, and an anonymous proxy on a VM in the Netherlands – steal and validate credentials, and run the chatbot.

“In the anatomy of one busy working day, Gemini deployed servers, helped debug code, automated workflows, wrote a script to rotate API keys, and managed the actor’s Cloudflare tunnels,” the TrendAI researchers wrote. “The actor prompted in Russian, while the LLM reasoned and replied in English. Over one 16-hour session, the actor co-worked with Gemini end-to-end.”

At one point, after a nine-hour pause from the human partner, which the authors say “was likely a 9-hour sleep,” bandcampro found the bot posting every 20 minutes without a break – but with Russian slang appearing in the English posts. So he opened another session to fix it.

“What previously required a team of writers, social media managers, IT workers, and malware programmers can now be automated by a single actor using a VPS, a Telegram bot, and API access to frontier models,” Trend’s team warned. ®

T-Mobile for Business is the upgrade a small business owner will find useful, boasting unlimited plans, a super-fast 5G network, and customer service support whenever you need it. With no data overages, surprise fees, or annual service contracts, there’s an affordable plan for any type of business. Plus, without an annual contract, you’re never locked into anything long term, and as your business changes and grows, your plan can too.

With T-Mobile for Business, you can just focus on your growing business, knowing that you’ll have unlimited data and texting in over 215 countries, four full-flight Wi-Fi sessions per year, and unlimited one hour Wi-Fi sessions with streaming on flights, so wherever your business takes you, T-Mobile Business will be there. And we at WIRED have a T-Mobile promo code and other deals to help you save on essential plans so you can stay connected.

Lock in a Big Sign-Up Bonus for Business Internet

If T-Mobile Business is right for you (and your business), be sure to check business internet eligibility in your area. All you’ll need to do is enter your business address on T-Mobile’s site to see the plans available near you. And as an added bonus, you can get a Virtual Prepaid Mastercard when you activate (allow 10 weeks). But this deal isn’t going to be around forever, so act soon to get big rewards on the internet service you already need.

Switch to T-Mobile Business and Score a Prepaid Card Reward

No matter how your small business changes and grows, you can feel secure knowing that your 5G Business Internet rate will be locked in for five years, guaranteed. Plus, T-Mobile has business experts available to assist in finding the perfect plan and hardware to support any and all of your business needs. And (perhaps best of all) for a limited time, you can receive cash via a Virtual Prepaid Mastercard when you sign up (allow 10 weeks).

Bundle and Save on Your T-Mobile Business Plan

You can get business internet at an even lower price when you bundle it with other T-Mobile plans. You’ll get huge discounts when you pair your business internet with any voice line. Plus, the offer is backed by the five year price guarantee, meaning your rate won’t change for five years. There’s also no annual contracts, with flexible month-to-month services on T-Mobile’s fast 5G network.

Pick the Right T-Mobile Business Phone Plan for Your Team

There are a few T-Mobile Business phone plans to choose from, so you’ll want to make sure you’re choosing the right plan for your small business and its needs. The first plan is the basic CoreMobile plan, which has unlimited hotspots with 5GB high-speed data, 50GB of premium data, and unlimited talk and text. Next is ProMobile, which has all the above benefits, as well as enhanced security, premium and hotspot data, and in-flight Wi-Fi. The top tier is SuperMobile, which also includes all previous perks, as well as intelligent network performance, satellite coverage, unlimited premium data, and more mobile hotspot data.

Upgrade to iPhone 17 for Less With T-Mobile

The WIRED Gear team loves the iPhone 17. We even have a guide to which iPhone 17 is best for you, including a long list of our favorite iPhone 17 accessories and cases so that you can make sure your phone is fitted with all the right gear. Right now, you can get the iPhone 17 Pro for under $100 at T-Mobile. All you need to do to score this deal is switch to T-Mobile and bring your number on either an Experience Beyond or Better Value plan.

Get a Third Line Free When You Activate a New Business Plan

Right now, if you’re a new customer and you activate a new business plan, you’ll get a third line for free! This T-Mobile discount is for any new customer activating two new lines on a new eligible voice plan, which includes: SuperMobile, ProMobile, CoreMobile, Business Unlimited Ultimate+, Experience More for Business, and Experience Beyond for Business plans.

Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems.

Apex One is Trend Micro’s enterprise-grade endpoint security platform that protects corporate networks from a wide range of security threats, including malware, ransomware, fileless attacks, and web-based threats.

Tracked as CVE-2026-34926, this directory traversal vulnerability in the Apex One (on-premises) server allows local attackers with admin privileges to inject malicious code.

“A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations,” Trend Micro saidon Thursday.

“This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained administrative credentials to the server via some other method to exploit this vulnerability.”

However, despite the restrictive requirements for successful exploitation, the company warned that “TrendAI has observed at least one attempt to exploit this vulnerability in the wild.”

Federal agencies ordered to patch within three weeks

Yesterday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) also added CVE-2026-34926 to its list of actively exploited vulnerabilities and ordered federal agencies to patch their devices by June 4.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA warned. “Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”

On Thursday, Trend Micro also released security updates to address seven local privilege escalation vulnerabilities in the Apex One Standard Endpoint Protection (SEP) agent that attackers can exploit if they have permission to execute low-privileged code on the target system.

Threat actors have frequently targeted flaws in Trend Micro Apex One over the last several years, often in zero-day attacks.

For instance, Trend Micro warned of an actively exploited Apex One RCE bug (CVE-2025-54948) in August 2025 and addressed two other Apex One zero-days exploited in the wild in September 2022 (CVE-2022-40139) and September 2023 (CVE-2023-41179).

CISA currently tracks 12 Trend Micro Apex vulnerabilities that have either been or are still being abused in attacks.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.

This guide covers the 6 surfaces you actually need to validate.

Download Now

Trdo is a modern internet radio player built for Windows with a focus on simplicity and elegance. Stream your favorite radio stations with a beautiful, intuitive interface designed for Windows 11.

Built with .NET 9, WinUI 3, and the Windows App SDK, Trdo provides a native Windows experience with smooth animations and responsive controls.

Features

• Stream internet radio stations from around the world
• Modern, clean user interface with Fluent Design
• Customizable settings
• High-quality audio playback
• Save and organize your favorite stations
• Now playing information display
• Support for Windows 11 themes

Trdo is designed to be simple and elegant, focusing on what matters most: enjoying your favorite radio stations. By leveraging modern Windows technologies, Trdo provides a smooth, native experience that feels at home on Windows 11. The interface is designed to be intuitive and uncluttered, letting you focus on discovering and listening to great content.

Motorola appears to be getting ready to bring a more capable version of its Edge 70 series to India. A new phone, called the Edge 70 Pro+, is now listed as “coming soon” on Flipkart, and the teaser already points to a major camera upgrade over the Edge 70 Pro model recently launched in the country.

What camera features has Motorola confirmed?

According to the promotional page, the phone will feature a 50MP primary camera and a 50MP telephoto lens. The main camera uses a Sony Lytia 710 sensor with optical image stabilization.

The more interesting addition is the 50MP 3.5x periscope telephoto camera, which supports 24mm, 35mm, 50mm, and 85mm portrait modes. Motorola is also advertising up to 50x AI-powered zoom.

This could be an important upgrade for buyers who were disappointed by the regular Edge 70 Pro launched in India, as that model skipped the telephoto camera entirely.

Is this just the global Edge 70 Pro under a new name?

This camera setup closely matches the global Motorola Edge 70 Pro, which debuted in Europe last month. Two of the promoted color options, Pantone Zinfandel and Pantone Chicory Coffee, are also the same shades offered on the global model. That strongly suggests the Edge 70 Pro+ could simply be a rebranded version of the international Edge 70 Pro for India.

This would not be unusual for Motorola. The company has previously brought global models to India under slightly different names, and the regular Edge 70 Pro already arrived here in a cut-down form without the telephoto camera.

There may still be one India-specific touch. Pantone Stormy Sea appears to be a new colorway for the market, with Motorola describing it as “a soothing green-grey tone that channels calm amid chaos.”

Motorola has not confirmed the rest of the specifications yet. However, if the Edge 70 Pro+ is based on the global Edge 70 Pro, it could feature a 6.8-inch 144Hz AMOLED display, 90W wired fast charging, wireless charging, and more RAM than the Indian Edge 70 Pro. The official launch date is still under wraps, so these details should be treated as likely rather than confirmed.

Buymedia is ranked as one of Deloitte’s fastest growing EMEA technology companies.

Galway adtech player Buymedia is investing £1.5m and has opened a new Belfast office with plans to create 30 jobs in Ireland and the UK over the next three years.

Founded in Galway, with offices in Dublin and Manchester, Buymedia ranked 73rd in Deloitte’s Technology Fast 500 list for Europe, Middle East and Africa – one of four Irish companies in the top 100 – and fourth in the Irish Technology Fast 50 Awards in 2024.

2015-founded Buymedia’s AI-powered platform aims to simplify the way businesses and agencies plan, manage, purchase and measure advertising across multiple channels. The company’s clientele includes the likes of E45, Bio Oil, Eir and Jysk.

“This investment will create new jobs, support skills development and strengthen our economy, and it shows that the North is a place where businesses want to be and that’s something we should all be proud of,” said Northern Irish first minister Michelle O’Neill.

The Belfast launch is supported by InterTradeIreland, Enterprise Ireland, Belfast City Council, Belfast Chamber of Commerce and Ormeau Labs.

Deputy first minister Emma Little-Pengelly added that the investment “further cements [Northern Ireland’s] reputation as a growing centre for innovation and digital enterprise as we continue to play our part on the world stage in this exciting sector”.

In 2024, the company announced plans to create 100 new jobs in a bid to expand its Galway-based workforce.

The new jobs are rolling out over four years and will span engineering, software development and data science, as well as sales, marketing, media and operations.

CEO and founder Fergal O’Connor said: “Buymedia’s expansion into Belfast is an exciting step for the company and also for our clients, so we can help them plan and purchase media better, using data-driven AI to understand what really works, where to best spend their advertising budget and gain the best efficiencies and effectiveness for a better overall return on their investment.

“Our mission is simple. It’s about democratising advertising, giving every business, regardless of its size, the tools to compete on strategy and performance, not just budget.” Buymedia launched its UK headquarters in Manchester in October 2025.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Two former executives of a call-tracking and analytics company pleaded guilty to concealing a years-long tech support fraud scheme that victimized individuals worldwide.

Former CEO Adam Young (from Miami, Florida) and former CSO Harrison Gevirtz (from Las Vegas, Nevada) admitted to a misprision of a felony charge, which carries a maximum penalty of three years in federal prison, a fine of up to $250,000, or both, and are scheduled for sentencing on June 16.

According to court documents, they operated the C.A. Cloud Attribution, Ltd. business (using the C.A. Cloud tradename) between early 2017 and April 2022, providing telephone numbers, call recordings, call forwarding, and call-tracking services to many customers they knew were also engaged in telemarketing and tech support fraud scams.

The fraudsters behind these schemes placed deceptive pop-up ads on users’ computers, falsely claiming the systems were infected with malware, and directing victims to call center agents who asked for hundreds of dollars for fictitious technical services, while impersonating Microsoft and Apple in some cases.

Some scammers also allegedly remotely accessed their victims’ computers and, in some instances, stole personal and financial information to withdraw funds without authorization.

While Young and Gevirtz knew some of their customers were involved in fraud schemes, they did not report it to law enforcement authorities. Instead, the prosecutors alleged that the two defendants advised customers to use large pools of rotating telephone numbers to reduce complaints and prevent account terminations.

They also directed their company’s sales staff to market services to businesses they knew were engaged in fraud and, on occasion, introduced fraudsters to one another to buy and sell calls.

“What the CEO and CSO of this well-known call tracking and analytics company did was downright despicable,” said Ted E. Docks, special agent in charge of the FBI’s Boston Division.

“By their own admission, they willfully profited from telemarketing and tech support scammers, here and abroad, who preyed on the elderly, exploited the vulnerable, and drained victims of their life savings and peace of mind. Behind every fraudulent call was a real person left frightened, humiliated, or financially shattered.”

Young and Gevirtz also owned and operated a call center in Tunisia from 2016 through April 2022, where some of their employees engaged in tech support fraud, which involved fraudulently accessing victims’ computers via compromised links, posing as an official technical support service, and sending false invoices.

In August 2024, the leader of a tech support fraud scheme was sentenced to seven years in prison after collecting more than $6 million from at least 6,500 elderly victims in the United States and Canada.

According to the FBI’s 2025 Internet Crime Report, Americans lost at least $2.1 billion to tech support fraud last year based on data collected from nearly 48,000 complaints received by the FBI’s Internet Crime Complaint Center (IC3) in 2025.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.

This guide covers the 6 surfaces you actually need to validate.

Download Now

EngBroken started with an ordinary cheap Rubik’s Cube and a question. What would happen if someone tried to build one completely on their own, without relying on factory parts or store shelves? That simple curiosity stretched into an eight-month project centered on injection molding every single piece.

The cube was disassembled first, showing the critical components inside: the core mechanism that held everything together, as well as the edge and corner parts that interlocked and turned against one another. Each had a distinct shape, angle, and tolerance that allowed the puzzle to rotate and turn smoothly, without sticking or breaking apart. At this time, he also made precise measurements to ensure that the pieces did not bind when reassembled.

Sale

Rubik’s Cube, The Original 3×3 Cube, Problem-Solving Brain Teaser, Color-Matching Puzzle, Fidget Toy…

• The Original Rubik’s Cube: A combination of math, art, & science- the iconic Rubik’s Cube is here to challenge your mind; the 3×3 has fascinated…
• Twist, Turn, Learn: The Rubik’s Cube features 6 colored sides, each made up of 9 squares; once the sides are jumbled up, you twist, turn, & rotate…
• Great For Anxiety Relief: This fidget toy pack is not only a fun brain puzzle, this puzzle toy is great to keep your hands moving in stressful moments…

The details were then transferred to CAD software. He developed a digital model of every edge, corner, and center, with precise proportions down to the millimeter. As the project progressed, he realized he needed to make a few changes because, let’s face it, real-world plastic acts very differently than it does on a screen. The digital files then serve as the pattern for the molds used.

To create those molds, he used 6061 aluminum blocks cut out using a CNC machine, essentially carving out the precise cavity of the CAD model. Injection molding requires the molds to be able to take heat and pressure while still popping out the pieces neatly, so he paid great attention to all of the minutiae, including draft angles and ejector pins. In the end, he created three separate moulds: one for the corners, one for the edges, and one for the core components.

The following phase was plastic prep, which involved loading clear ABS pellets into the hopper. But here’s the thing: we didn’t only acquire our colors from the pellets. He cut up some colored 3D printer filament into little bits, blended them in, and voila, we had our color. The plastic to filament ratios were difficult to get correct, but he eventually figured it out, and our trial runs helped us get it perfect, consistent across batches.

The actual molding procedure needed the crew to have extremely stable hands and a great deal of patience. He’d heat the plastic and press it into the molds under pressure, then cool it at a predetermined rate so it didn’t bend or anything. At that point, it would pop out, and he’d have to smooth up the borders and remove any minor flashes. To be honest, there were a few batches where he discovered microscopic faults in the molds that required tuning or temperature adjustments.

Finally, he began assembling all of the pieces in the typical layered pattern, beginning with the central core and progressing to the edges and corners. He used UV-curing adhesive to hold everything together without adding bulk or interfering with the moving parts. Because he had the molds, creating extra cubes was simple. He ended up with several finished puzzles, all made from raw pellets and machined aluminum. If you can believe it, the total labor hours came to about $56,000 if he had been paying the minimum wage… and it doesn’t even include the aluminum or plastic supplies.
[Source]

science

Release of spectrogram of cockpit recorder audio allows conversation recovery with ’emerging’ decades-old tech

The US National Transportation Safety Board, which investigates plane crashes, has a policy of not releasing cockpit audio recordings.

Nonetheless, earlier this week, the NTSB released a spectrographic image derived from the cockpit audio recording that captured the last words of two UPS pilots before their plane crashed in Louisville, Kentucky, last year. 

Scott Manley, a scientist, developer, and gaming influencer, warned the agency about doing so.

“NTSB doesn’t release cockpit voice recorders from crashes, except in this case they’ve released an image of a spectrogram,” he wrote in a social media post on May 20, 2026. “I’m not sure that’s a good idea since you can probably reconstruct a lot of audio from the megabytes of data encoded in this image.”

Technically savvy individuals promptly turned the soundwave graph back into audio and posted it on the internet, prompting the NTSB to acknowledge it is now aware that advances in image processing and computation allow graphs to be turned back into approximate audio.

“Federal law prohibits such public release due to the highly sensitive nature of verbal communications inside the cockpit,” the board said on Thursday. “The NTSB takes these privacy restrictions seriously.”

The spectrogram was released on May 19, 2026, in conjunction with the NTSB investigative hearing into the November 4, 2025 crash of a United Parcel Service MD-11F cargo plane (flight 2976), which occurred shortly after takeoff from Louisville Muhammad Ali International Airport.

Three crew members on board and 12 people on the ground were killed. Twenty-three others were injured.

The accident has also been reconstructed using a flight simulator and the text transcript of the cockpit voice recorder.

In a post on social media network X, Jennifer Homendy, chairwoman of the NTSB, said, “It’s deeply troubling that emerging technology can be used to extract [cockpit voice recorder] audio from visualized data we share to help the public understand the circumstances of an accident.”

“Emerging” here means at least forty-two years ago. Relevant techniques involving a magnitude spectrum are discussed in a 1984 research paper, “Signal estimation from modified short-time Fourier transform,” by Daniel W. Griffin and Jae S. Lim. Their work builds upon a long established signal processing algorithm, the Fast Fourier Transform. But the availability of machine learning models has undoubtedly lowered the technical barriers to signal transformation.

Coincidentally, “federal science agencies lost about 20 percent of their staff in 2025 relative to the previous year,” according to Nature.

Homendy continued by noting that the laws disallowing the release of cockpit voice recorder audio exist to protect privacy, to preserve investigative integrity, to demonstrate respect for accident victims and their families.

“NTSB is taking steps to address this issue,” she said. “The public docket is offline for now, and we are urging X, Reddit, and others to take such disgusting, manipulated posts down.”

At the time this article was filed, audio reconstructions of the pilots’ last words remained available on X. ®