Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Tech

iPhone 18 Pro rumor recycles claims of slower high capacity models

Published

on

A new rumor claims that some iPhone 18 Pro models will use slower QLC NAND storage, mimicking a similar 2024 iPhone 16 Pro report. It makes more sense now than it did then, but doesn’t matter much in practical usage.

This latest report suggests that Apple will use the faster TLC storage for the iPhones that people are most likely to buy. But those choosing the larger 1TB and 2TB capacities may be left with a slower QLC alternative from SK Hynix.

Companies like Apple continue to struggle to source the storage components required for new products. With that in mind, it may not be surprising to see Apple go this route. Sourcing 1TB and 2TB TLC components may be difficult, if not impossible.

And, certainly, it will be spendy given the current economic environment surrounding flash media.

Advertisement

However, we’ve heard this story before. And it doesn’t seem to have been accurate that time around. And as we discussed back then, it’s unclear whether the use of QLC storage would be a real issue for iPhone owners.

QLC or TLC for iPhone 18 Pro

This latest report centers around the iPhone 18 Pro and iPhone 18 Pro Max. WCCFTech shared details of a post by the leaker “Reptalica” which claims Apple will use different storage types for different models.

According to the X post, Apple will use TLC NAND provided by SK Hynix, Kioxia, and SanDisk when building 256GB and 512GB iPhone Pro/Pro Max models. The 1TB model will use a mixture of SK Hynix QLC storage and Samsung TLC chips.

It’s then argued that Apple will solely use SK Hynix’s QLC storage for the 2TB model.

Advertisement

A rumor, repeated

If this all sounds familiar, it’s because we saw very similar claims in January 2024, prior to the iPhone 16 Pro’s unveiling in September of that year. We were told then that Apple would use QLC storage for iPhones with 1TB of storage or more.

Getting concrete information on whether that actually happened isn’t easy. That being said, we’ve only seen reports of high-capacity iPhone 16 Pro models with the fast TLC storage. That doesn’t mean there aren’t some QLC NAND chips floating around.

If there are, we’ve yet to see one.

The differences between QLC and TLC

Triple-Level Cell (TLC) NAND flash and Quad-Level Cell (QLC) NAND flash are both types of storage. But they aren’t the same.

Advertisement
Four modern iPhones standing upright in a row, showing backs in black, white, light blue, and pink with dual cameras, plus one front view displaying a dark abstract wallpaper

The iPhone 18 Pro storage may be a hot topic this hear.

One difference is the way QLC can store four bits of data per cell of memory, rather than the three of TLC. This then allows QLC NAND to store more data, which is why it’s sometimes used in larger-capacity storage. It’s also cheaper to produce.

Unfortunately, QLC is also thought to be less reliable than TLC and, importantly, it’s also slower as it is rewriting all four bits instead of the three.

How much slower in the real world, on mobile, is a matter for debate. The report notes that QLC storage is particularly slow when reading random data. But it’s unclear how that would impact the way people use iPhones.

Advertisement

Smartphone loads on flash storage are generally in bursts, instead of sustained transfers. As such, the difference in performance is likely to be imperceptible to users who don’t resort to benchmarking tools.

It’s also important to remember that this rumor did the rounds two years ago and, as far as we can see, turned out to be incorrect. Only time will tell if this latest report is more accurate.

Source link

Advertisement
Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Tech

Raffles Medical’s S$600M bet is still struggling to pay off

Published

on

Healthcare is a long game

For most Singaporeans, Raffles Medical is a familiar name. The healthcare group has built a reputation as one of Singapore’s most established private medical providers.

But behind the scenes, the company has spent the last decade chasing a much bigger ambition.

Rather than remaining a Singapore-focused healthcare operator, Raffles Medical wanted to become a regional healthcare brand—one with hospitals and clinics stretching across Asia.

It was a bold strategy. And an expensive one.

Advertisement

In 2016, the group announced plans to pour around S$600 million into expanding overseas, building hospitals and clinics overseas with China as its biggest bet.

Today, however, that investment still hasn’t translated into equally impressive financial returns. While its Singapore operations are well-established and consistently profitable, its sizeable investment in China continues to lag behind.

Why China looked like an obvious market

Image Credit: Raffles Medical Group

Back in the mid-2010s, expanding into China seemed like the logical move.

The country’s population was ageing, disposable incomes were rising, and healthcare reforms were gradually opening the door to private healthcare providers.

For firms like Raffles Medical, the opportunity looked enormous.

Advertisement

The company wasn’t rushing into an unfamiliar market either.

According to management, senior executives had spent more than 30 years observing China’s healthcare reforms before deciding the timing was finally right to enter the country.

Rather than stopping at outpatient clinics, Raffles Medical doubled down on its China ambitions by investing in full-service hospitals.

The Raffles Hospital in Beijing./ Image Credit: Raffles Medical Group

It opened a 700-bed international tertiary hospital in Chongqing in 2019, followed by a 400-bed tertiary hospital in Shanghai in 2021. Around the same time, it also upgraded its existing Beijing medical centre into Raffles Hospital Beijing, expanding its services to include inpatient and emergency care.

Together, the projects required years of planning, construction, regulatory approvals, specialist recruitment and investment in medical equipment before they could even begin seeing patients.

Advertisement

Unlike retail stores or restaurants, hospitals can’t simply open their doors and expect customers to flood in.

Patients need to trust the brand. Doctors need to establish referral networks. Insurance partnerships have to be secured. Operating theatres, diagnostic equipment and inpatient wards all have to be utilised before a hospital starts generating meaningful profits.

In other words, healthcare is a long game.

The investment is huge, but so is the gap

The Raffles Hospital in Chongqing./ Image Credit: Raffles Medical Group

That long game is becoming increasingly visible in Raffles Medical’s financials.

Ahead of its 2026 AGM, shareholders questioned why China’s business had grown so slowly despite years of investment. Between FY2018 and FY2025, revenue from China increased by only S$25.4 million, reaching S$65.4 million.

Advertisement

The disparity becomes even more striking when compared with the group’s asset base. China accounts for around 30% of Raffles Medical’s total assets, yet contributes only 10% of group revenue.

By comparison, Singapore’s asset base is only about 2.2 times larger than China’s, but generates more than 10 times the revenue.

The figures suggest that while Raffles Medical has built a sizeable presence in China, its overseas assets have yet to achieve the same level of utilisation and productivity as its mature Singapore operations.

The company says patience is part of the plan

Raffles Medical doesn’t dispute that its overseas operations are taking time. Instead, management argues that’s simply how hospital investments work.

Advertisement

Building a hospital isn’t the hardest part—building patient volumes is.

Image Credit: Getty Images

The group says overseas operations typically require years to develop clinical capabilities, improve utilisation and reach sufficient scale before becoming meaningfully profitable.

China has also become a tougher operating environment than many expected. The company cited geopolitical tensions, technological restrictions and broader economic challenges as factors weighing on its performance.

Even so, management continues to view China as a strategic market, pointing out that around 30% of the country’s population can already afford higher-quality healthcare, giving it a sizeable addressable market.

More importantly, Raffles Medical has gradually secured access to China’s public insurance system, allowing it to treat more local patients instead of relying primarily on expatriates—a key milestone that could improve patient volumes over time.

Advertisement

China was the exception, not the rule

Image Credit: Raffles Medical Group

Despite more than a decade of overseas expansion, Singapore still remains Raffles Medical’s financial backbone. In FY2025, the group’s local operations generated nearly 90% of its revenue, effectively funding its regional ambitions while newer markets continue to mature.

Not all of its overseas markets, however, have followed the same playbook.

While China saw Raffles Medical invest heavily in building full-fledged tertiary hospitals, its expansion elsewhere has been far more measured.

In markets such as Vietnam, Cambodia and Japan, the group has focused on outpatient clinics, specialist centres and partnerships with local healthcare providers instead of embarking on similarly capital-intensive hospital projects.

That more cautious approach is reflected in its balance sheet. As at FY2025, Raffles Medical’s non-current assets in Greater China stood at about S$304 million, compared with just S$13.4 million across the rest of Asia.

Advertisement

This makes China the group’s biggest regional bet and the market that will likely determine whether its international expansion ultimately pays off.

So, was the gamble worth it?

The Raffles Hospital in Shanghai./ Image Credit: Raffles Medical Group

Hospital investments are unlike most businesses. They take years to generate sustainable returns, but there are signs that Raffles Medical’s China operations are beginning to gain traction.

In FY2025, both its Shanghai and Chongqing hospitals reported higher patient volumes, while Shanghai also recorded revenue and profit growth. The group has also expanded partnerships with leading public hospitals and secured access to China’s National Health Insurance Programme for its Shanghai hospital, moves aimed at broadening its local patient base.

Still, there’s no denying that its financials are still catching up.

If Raffles Medical succeeds in improving utilisation and profitability, years of investment could prove worthwhile. If not, its China expansion could become a costly reminder that succeeding overseas is much harder than replicating a proven business model.

Advertisement

For now, Raffles Medical appears committed to seeing the strategy through.

After spending a decade—and hundreds of millions of dollars—building its regional footprint, turning back is no longer really an option.

  • Read other articles we’ve written on Singaporean businesses here.

Featured Image Credit: Raffles Medical Group

Advertisement

Source link

Continue Reading

Tech

Anthropic’s Claude to help Micron design better HBM, DRAM, and SSD for AI even as both companies refuse to address computational storage directly

Published

on


  • Micron and Anthropic announce four-part strategic agreement
  • Micron will adopt Claude models as both a daily driver and an assistant to oversee parts of its infrastructure stack
  • Despite billing itself as a full-stack collaboration, the agreement is silent on computational storage and processing-in-memory

Anthropic and Micron Technology have announced a new strategic agreement which will see the latter use Claude AI models to better oversee parts of its infrastructure stack.

However the move does have a curious aspect to it versus most other deals: generally, buyers tend to invest in their suppliers to support them financially while also benefiting in turn from the business they bring in.

Source link

Advertisement
Continue Reading

Tech

Is Discord included in the UK social media ban for under-16s?

Published

on

Back in June, the UK government announced that it would ban those under 16 years old from accessing social media platforms.

While details are yet to be officially confirmed, the government has stated that under-16s won’t be able to use Instagram, YouTube, TikTok, Snapchat, Facebook and X. If you’re surprised to see YouTube included there, then visit our guide which explains all you need to know about the video-sharing platform’s social media ban

However, one platform that’s missing from the government’s initial round-up is Discord. At the time of writing, we don’t know whether the government will eventually add Discord to the ban list or not. 

In the meantime, we explain everything you need to know about Discord including whether it is classed as a social media, what safety measures it takes for younger users and more.

Advertisement

Otherwise, visit our UK social media ban explainer for more information on the upcoming rule-change for under-16s.

Advertisement

What is Discord?

We’ll start with a refresher on what Discord actually is. Discord is designed for gamers and allows its users to communicate with others online, using either video or voice calls and instant messaging.  

At the heart of Discord are “servers” which are a collection of chat rooms and voice channels that can be accessed either through private invite links or simply by searching. Each server can hold up to a massive 25 million users at once, though you can also create smaller and private servers for chatting with friends.

Advertisement

For more information, our dedicated what is Discord explainer goes into more detail on the platform.

Xbox DiscordXbox Discord
Streaming on Discord via Xbox

Discord is described as being a “communications platform” that enables users to build connections around the “joy of playing games through voice, video and text features”. 

So, although it does enable communication and sharing with friends, it isn’t technically classified as social media.

Advertisement

At the time of writing, Discord is not included in the list of platforms that will be banned by the UK governments for under-16s. However, the government hasn’t confirmed whether this list is exhaustive or not, so there’s potential for more platforms to be added.

Advertisement

The government has also disclaimed that it doesn’t intend for “messaging services like Whatsapp and Signal” to be included in the ban. Considering Discord is classed as a communications platform, this could suggest that the government may not see it as a social media platform.

Plus, the UK government has said that it plans to use the “same model for a social media ban as Australia”, who doesn’t include Discord in its own ban. However, many critics have since called for Australia to include Discord in its ban, as the platform allows for video chatting and live streaming. 

What is Discord’s minimum age, and does it change under the ban?

The minimum age you need to be to join Discord is 13 years old, however this varies depending on where you are in the world. For example, while UK residents can join when they’re 13, some European countries like Spain and Italy require users to be 14 years old. In fact, countries including Ireland, Germany and Poland have a minimum age requirement of 16 years old. 

Discord hasn’t disclosed whether it plans to change the UK’s minimum age in-line with the upcoming social media ban. That means for now, we can assume its minimum age will remain at 13 years old.

Advertisement

What other apps are and aren’t included in the ban?

So far, the apps included in the ban are: X, Snapchat, Facebook, Instagram, YouTube and TikTok. Messaging apps are “not intended” to be included in the ban, with the government explicitly referencing Whatsapp and Signal. At the time of writing, those are all the apps that we know about.

Advertisement

When does the ban come into effect?

The UK’s social media ban for under-16s should be implemented in Spring 2027, after the first set of regulations are laid out by the end of 2026. 

Advertisement

Source link

Continue Reading

Tech

4th of July Apple Deals AirTags iPads MacBooks up to $650 off

Published

on

Take advantage of holiday savings in the U.S. on AirTags, MacBooks, iPads, and more. Many of these 4th of July deals could sell out after Apple’s recent price hikes.

Holiday deals are in effect in the U.S. and Apple products are now up to $650 off. Highlights can be found below, with even more discounts in our Apple Price Guides.

Shop Apple 4th of July deals

Close-up of an Apple AirTag in a brown leather keychain holder attached to the zipper pull of a gray fabric bag or jacket

Get 4 AirTags for just $89 for July 4th.

Advertisement

Apple’s newest AirTags are still at the lowest price seen since release when you opt for the 4-pack that’s on sale for $89.

AirPods from $99

White AirPods 4 charging case resting on a closed brown leather notebook with stitched edges, next to a blurred green succulent plant on a clean, light-colored desk

AirPods 4 prices are as low as $99 heading into the weekend.

AirPods 4 without ANC are still available for $99 at Amazon, matching Prime Day pricing.

iPads up to $400 off

Apple iPad Pro 13-inch on a wooden desk showing Snoopy and Woodstock paddling a canoe on a calm blue river, with studio microphone and soundproof foam panels blurred in the background

iPad Pro and iPad Air models are heavily discounted at Amazon.

Advertisement

Amazon’s iPad discounts of up to $400 off are worth checking out, as Apple’s recent price hikes may result in these deals expiring or selling out soon.

11-inch iPad Air M4 deals

13-inch iPad Air M4 discounts

11-inch iPad Pro M5 sale

13-inch iPad Pro M5 sale

MacBook Air and MacBook Pro models up to $650 off

Sky Blue Apple MacBook Air laptop partly open on a white surface, showing the back of the screen with black Apple logo, against a soft blue and purple gradient background

Save up to $650 on current MacBook Pro and MacBook Air models.

Steep discounts are in effect on Apple MacBook Air and MacBook Pro models, with Amazon knocking up to $650 off M5, M5 Pro, and M5 Max models.

4th of July 13-inch MacBook Air deals

15-inch MacBook Air deals

Top 14-inch MacBook Pro deals

Best 16-inch MacBook Pro discounts

Source link

Advertisement
Continue Reading

Tech

Right now you can snag LG’s 55-inch OLED with a cool 27% discount

Published

on

A 55-inch OLED is an upgrade for anyone, especially at this price.

The LG OLED55C54LA has dropped to £879 from its original £1199, a saving of 27% that puts serious cinema-grade picture quality within much easier reach for anyone who has been circling this set for a while.

LG 55 inch OLED on a stone backgroundLG 55 inch OLED on a stone background

Right now you can snag LG’s 55-inch OLED with a cool 27% discount

A 55-inch OLED that self-lights every single pixel with a saving of 27% is a deal that is seriously hard to ignore.

Advertisement

View Deal

That perfect black foundation is driven by the alpha 9 AI Processor Gen8, which analyses and upscales every frame in real time to sharpen detail without making anything look artificially smoothed over or overworked.

Advertisement

Brightness Booster works alongside that same processor to lift highlights and punch through glare, so the picture holds its impact whether the room is pitch dark or lit by an unforgiving afternoon sun.

The Whatsapp LogoThe Whatsapp Logo

Get Updates Straight to Your WhatsApp

Join Now

Advertisement

Advertisement

That kind of responsiveness carries straight into motion handling, where the 120Hz refresh rate keeps fast-paced sport and gaming sequences fluid rather than letting quick pans smear into a distracting blur.

That same fine texture in skin, foliage and fabric gets matched by sound, with Dolby Atmos and AI Sound Pro spreading dialogue and effects convincingly around the room via a virtual 11.1.2 up-mix.

Advertisement

None of that immersive setup requires extra hardware either, since the AI Magic Remote’s dedicated AI button lets you search, adjust settings or ask questions using nothing more than your own voice.

Connectivity has been built with the same forward thinking, offering four HDMI ports, three USB ports and both Bluetooth and Wi-Fi so every console, soundbar and streaming stick stays connected without a fuss.

The webOS platform ties the whole experience together, pulling in Netflix, Prime Video, Disney Plus and Apple TV without ever needing a separate streaming box cluttering up the cabinet underneath.

If you want to see how this LG model stacks up against rivals from Samsung, Sony and Panasonic, our Best OLED TV 2026 roundup breaks down the strongest option from every major brand.

Advertisement

Advertisement

SQUIRREL_PLAYLIST_10148964

Source link

Advertisement
Continue Reading

Tech

The Strange Reason SR-71 Blackbird Parts Made In Summer Were So Prone To Fail

Published

on





Of the many impressive aircraft developed for the United States military, Lockheed’s SR-71 Blackbird is probably the most well-known. The high-altitude reconnaissance jet has set numerous world records for speed, and many of the SR-71’s records have yet to be broken. The SR-71 is unlike pretty much every aircraft ever operated by the U.S. Air Force, and it had strict build requirements that enabled its altitude and speed achievements.

Among its many unique requirements, the SR-71 cannot use standard jet fuel, and it was built out of highly expensive titanium, much of which was procured from the Soviet Union by the CIA. Working with titanium was challenging, leading to another interesting quirk of the aircraft’s design: many of the SR-71’s parts were prone to fail, but only when they were manufactured during the summer. At the time of its initial construction, the use of titanium was relatively new, so finding out what caused the problem took some time to figure out.

Advertisement

Winter-built parts functioned seemingly indefinitely, and the unusual reason for this early issue in the SR-71’s development was something few could have imagined: water. It turns out that water mucked up the wing panels that were welded during the summer, and it had everything to do with the chlorine content of the water used during manufacturing. Lockheed solved the problem after spending some time trying to determine its cause, and it’s something Lockheed’s engineers couldn’t have imagined being a problem in the construction of one of the most secretive and advanced aircraft ever built.

Advertisement

The problem chlorinated water posed to the SR-71

Titanium isn’t an easy metal to work with, and it is highly sensitive to contaminants capable of corroding it. Wing panels needed to be welded into place, but the water used to wash the panels after an acid treatment caused the summer problem because of chlorine. The SR-71 was assembled by Skunk Works out of the Burbank Airport in California. The Burbank Water treatment plant added chlorine to the water during the summer to prevent algae blooms. Because algae prospers in warm environments, chlorine wasn’t required during the winter.

As a result, the parts welded during the summer degraded within six to seven weeks. Conversely, the parts that were worked on during the winter didn’t have this problem. The fix was relatively easy, requiring the workers to switch to using distilled water devoid of chlorine or other contaminants for the post-acid treatment. Another contaminant caused similar issues, but it wasn’t found on the parts — it had to do with the tools.

Skunk Works’ personnel working on the problem found that cadmium-plated wrenches left enough residue that weakened the bolts, causing them to fail. Cadmium, like chlorine, degrades titanium, so they replaced the tools. All of these issues resulted in a great deal of titanium and expensive tools tossed in the trash, elevating costs and delaying the production of the SR-71 Blackbird. Ultimately, it all worked out; the aircraft took to the skies, where it was most often used to spy on the very nation that unknowingly supplied much of the metal that went into its construction.

Advertisement



Source link

Advertisement
Continue Reading

Tech

Spotify Confirms Streaming Fraud After Kalshi Trader Cries Foul

Published

on

Top Kalshi trader Caleb Davies usually speaks to the press about how prediction markets help him rake in money. The Minneapolis-based IT worker estimates he’s made $1.2 million overall across different prediction platforms, with $414,000 in winnings from Kalshi’s culture markets alone. He especially enjoys wagering on music charts, because he carefully analyzes Spotify data to pick winners. “Every single morning, I’m going in, downloading the data, and updating my projections,” he tells WIRED.

This summer, though, he’s become increasingly agitated about what he claims is an obvious, bot-fueled effort to manipulate Spotify-related markets. He recently began compiling and publishing evidence for his theory, eventually becoming so convinced that he contacted Spotify, Kalshi, and Polymarket with his concerns.

This week, the situation hit a boiling point when the song “Earrings” by Malcolm Todd surged to number one on a Spotify chart. In a series of X posts, Davies outlined his suspected culprit: “botting,” or scammers who purchase bots to juice streaming numbers. Davies argued that prediction market traders were botting the charts to influence the outcome of related events contracts. Todd’s song was such an underdog that it wasn’t even listed as an option on Polymarket: “Looking at the dataset of Sunday to Monday changes, it was a 11.24 sigma event, or a roughly 1 in 77 octillion chance of happening randomly,” Davies wrote.

It turns out that he was on to something. Spotify confirmed to WIRED that it investigated suspected manipulation incidents Davies flagged and found evidence of artificial streaming. “All streaming services face ever-changing stream manipulation. Spotify has best-in-class detection and mitigation practices for manipulated streams, and we don’t pay out associated royalties,” spokesperson Laura Batey says. (The company didn’t offer any explanation for the manipulation, however, so Davies’ theory that it was directly tied to a scheme to manipulate prediction markets remains just that.)

Advertisement

Spotify ultimately adjusted its charts to account for the discrepancy, culling over 500,000 artificial streams, which bumped Todd’s song from first to fourth. The process was not immediate, though, and Kalshi had already resolved the market to award traders who selected Todd’s song.

“We’re in touch with Spotify and are actively investigating this matter,” Kalshi spokesperson Elisabeth Diana tells WIRED. Those conversations did prompt a more immediate change: At the Swedish streaming giant’s request, Kalshi removed Spotify’s logo from its markets that relate to the company, and adjusted language that initially suggested Spotify had verified chart results.

When Davies first reached out to Kalshi with concerns, the company’s head of enforcement Robert DeNault told the trader that only Spotify would be able to definitively confirm whether it had been botted, and noted that there could be non-suspicious reasons for the uptick. DeNault also floated a theory that Kalshi traders could be merely copying what peers were doing on Polymarket.

“Nobody from Polymarket profited from the fraud. That’s what undermines Kalshi’s argument, because they didn’t have a Malcom Todd bracket,” Davies tells WIRED.

Advertisement

Polymarket refutes this theory as well. “It’s actually not plausible since we didn’t even have Malcolm Todd as an option on this Spotify market,” said spokesperson Annabel Walsh. The company confirmed it’s reviewing the broader streaming manipulation situation, but hasn’t identified any immediate manipulation thus far.

No one has spoken with the people or group of people behind the streaming manipulation, so their motivations remain unclear. (Todd did not respond to requests for comment, but there’s nothing to suggest he’s anything more than an innocent bystander.)

Source link

Advertisement
Continue Reading

Tech

Asus ProArt PZ14 review | TechRadar

Published

on

Why you can trust TechRadar


We spend hours testing every product or service we review, so you can be sure you’re buying the best. Find out more about how we test.

ASUS ProArt PZ14: 30-second review

The Asus ProArt PZ14 arrives as one of the most impressive pieces of hardware to come through the test setup this year. At 9mm thick and weighing in at an impressive 0.79kg, it’s closer in scale to an iPad Pro than a conventional laptop, but with a 14-inch 3K OLED display, and the optional removable keyboard and Asus Pen 3.0, all powered by a Snapdragon X2 Elite processor, it proved to handle every Adobe Creative Suite application without issue.

Lightroom Classic, Photoshop, Premiere Pro, After Effects, and DaVinci Resolve all ran well, with no compatibility or performance issues that I have experienced when running ARM machines in the past. Microsoft Office ran as well as ever, and it was only when testing some of the games at the end of the test that those compatibility issues did appear. Some games, such as Indiana Jones and the Great Circle, were a no-go, while Hogwarts Legacy, suffered some graphics breakup, but beyond that, the performance was generally balanced.

Advertisement

Source link

Continue Reading

Tech

Smooth AI criminal drives ‘first’ end-to-end agentic ransomware attack

Published

on

Security

Don’t count on the LLM to return your data – even if you pay up

They’re not bad; they’re just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented agentic ransomware infection with an LLM – not a human – driving the entire extortion operation, from gaining initial access to compromising a production database server and destroying data.

The security shop’s research team named the agentic intruder JadePuffer and said it gained initial access to an internet-facing Langflow instance by exploiting CVE-2025-3248, and then ran a fully automated attack.

Advertisement

“The most striking characteristic, however, was the LLM’s behavior,” Sysdig director of threat research Michael Clark said in a blog about the agentic ransomware and extortion operation. 

JadePuffer’s “self-narrating” payloads “contained natural language reasoning, target prioritization, and the kind of detailed annotations that human operators don’t often write but LLM-generated code produces reflexively,” Clark added. “The operation also adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds.”

After exploiting CVE-2025-3248, a missing authentication vulnerability in Langflow that allows remote, unauthenticated attackers to execute arbitrary Python on the host, the AI agent began scanning for and collecting secrets, including LLM provider API keys, cloud credentials “with explicit coverage of Chinese providers” including Alibaba, Aliyun, Tencent, and Huawei, while also scanning for AWS, Azure and Google Cloud Platform, cryptocurrency wallets, and database credentials. 

The AI also installed a crontab entry on the Langflow server to maintain persistence and call back to the attacker’s infrastructure every 30 minutes.

Advertisement

JadePuffer’s intended target was a separate internet-exposed production server running a MySQL database and an Alibaba Nacos configuration service, we’re told. Nacos is an open-source service-discovery and dynamic configuration platform developed by Alibaba and used in the cloud provider’s microservices applications.

The agent connected to the server’s exposed MySQL port using root credentials, although Sysdig doesn’t know how the attacker obtained them. These credentials weren’t stolen from the victim’s environment.

JadePuffer then attacked Nacos via multiple vectors including an authorization bypass flaw (CVE-2021-29441) and forging a valid JSON web token (JWT) using Nacos’s default signing key. Additionally, using its root database access, the LLM injected a backdoor administrator into the Nacos backing database.

It ultimately encrypted all 1,342 Nacos service configuration items using MySQL’s built-in AES encryption function, and created an extortion demand, ransom note, Bitcoin payment address, and a Proton Mail contact:

Advertisement

“YOUR DATA HAS BEEN ENCRYPTED. All NACOS configurations, REDACTED customer data, and REDACTED PII have been encrypted with AES-256.”, “3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy”, “e78393397[@]proton[.]me”

However, according to the threat hunters, the victim can’t recover the encrypted data, even if they paid the ransom demand, because the agent escalated “from row-level deletion to dropping entire database schemas, narrating its own targeting rationale,” without backing up any of the encrypted data.  

There are a couple of things that security teams and vulnerability managers should do immediately to avoid being ransomed by this AI agent. First up: patch Langflow to a release that fixes CVE-2025-3248, and do not expose code-execution/validation endpoints to the internet.

Also, don’t ever expose Nacos to the open internet, change its default token.secret.key, and upgrade to a release that forces a custom key.

Advertisement

The threat hunters also recommend against running any AI orchestration servers with provider API keys or cloud credentials in their environment.

While the AI agent didn’t use any especially sophisticated or unique techniques in this attack, the fact that an LLM “strung them together into a complete ransomware operation against neglected internet-facing infrastructure,” is notable, according to Clark. “The skill floor for running ransomware has dropped to whatever it costs to run an agent, and if that agent is running on stolen credentials through LLMjacking, the cost to an attacker is close to zero.”®

Source link

Advertisement
Continue Reading

Tech

An EInk, ESP32-based Game Boy

Published

on

This is one of those projects that was both inspired and made possible by the absolute embarrassment of dev boards available to the modern hacker. In this case, the dev board was the M5Stack PaperS3, which as the name implies combines an ESP32-S3 with an e-ink panel. [Wenting Zhang] picked one up and was immediately inspired to try and make an e-ink Game Boy.

The M5Stack PaperS3 made this project possible by exposing the display with row/column control — parallel, some would call it, as opposed to the usual serial interface of SPI. That allowed [Wenting] to work some of the same e-ink magic he perfected on his Modos monitors to allow partial refresh at up to 60 Hz. That the ESP32-S3 is capable of emulating a Game Boy while driving the screen should surprise no one, since it can emulate an MSX while outputting VGA or even Windows 95 on a 386. In this case, he’s basing the actual Game Boy emulation on Crank Boy.

Of course the e-ink screen on the M5Stack is far larger and has a much higher resolution than what the Game Boy shipped with, which lets him implement touch controls and scale the image up 3X so he can fake a couple of shades of grayscale while actually outputting black and white. Even better, if he was actually playing this thing on the regular, once the high-refresh portion of the screen starts to wear out, he can flip the orientation and keep gaming on the virtually-unrefreshed control portion of the screen — doubling the lifetime of the system, something many of you raised as a concern when we last looked at a his e-ink monitor project.

Advertisement

The only real shortcoming of this hack is the sound. With one-bit beeps coming out of the M5Stack buzzer, it’s got nothing on Nintendo’s hardware. Of course, that’s partially down to using the hardware as-is. With the addition of an I2S sound chip like the one used in the MOD player project we featured recently, you’d just need to squeeze out enough processor cycles to make this sound as good as it looks.

Advertisement

Source link

Continue Reading

Trending

Copyright © 2025