Apple Japan has launched a series of TV and social media videos with famous local artists and animators taking the App Store logo on creative journeys.
There’s got to be someone new in Apple’s marketing team, because the company is suddenly playing around with its usually protected icons and images. It started with the cute Little Finder Guy on Instagram, it’s continued with an original Mac birthday cake, and now it’s the turn of the App Store.
As first spotted by advertising and marketing publication Creative Blog, Apple Japan has launched a new campaign to promote creative apps in the App Store. There are 16 pieces of artwork, made by 13 artists, and compiled into three videos.
Continue Reading on AppleInsider | Discuss on our Forums
With Bluetooth speakers (especially portable ones), battery life is an area that I don’t think gets enough attention.
Considering this a product you’ll be taking with you on your outdoor adventures, you will a) want to make sure it’s fully charged and b) that it lasts for as long as it says it does.
That’s not always the case.
What the brand says on its website and packaging is likely true, but there’s small print that buyers often overlook, resulting in performance that’s not always what you expect.
Is it the brand’s fault for not fully disclosing the details around battery life, or an issue that’s more complicated than just that?
This has always been an issue for me, but in reviewing a number of Bluetooth speakers from JBL and Marshall, it highlighted the issue more.
Every reviewer has their approach to assessing battery life. Some will take the brand at its word and, in their review, declare the same figure. Others will use the speaker as their main one, and while they’re not totting up the exact hours, they’ll generally monitor how long (over several days) the battery life has lasted before the speaker needs a recharge.
Others will go into more depth but have different approaches. Speaking for myself, I use my own Spotify playlist, which is a library of all the tracks I’ve liked on the service since… forever. I’ll put it on shuffle so (in theory) it should never be the same tracks playing in the same order. There’s nothing scientific about it; I just prefer the variation that, in my head, mimics the different tastes of tracks that people might play on their speakers at any time. You might think that’s nonsense, but it’s my nonsense.
Most of the time I leave this playing at around 50% volume, and check in every hour to see how much battery has been depleted. I do not play the speaker until the battery dies. I’ll then take an average and calculate how much that would be and see if it adds up to the brand’s claimed battery life. Most of the time, it does not.
This is because when brands test battery life, they’re often testing at lower volume. The drivers inside a speaker generate magnetic fields that feed an electrical signal into the drivers, the push and pull motion of the drivers that’s converted into the sound energy that you hear. At higher volumes there’s obviously a greater sense of loudness, more energy being fed into the drivers and therefore more energy used – and vice versa for lower volumes.
So technically speaking, it’s not as if brands are telling a lie. But if you’re like me, you’re playing music at 50% volume, if not higher. When you first turn on a speaker, it’s often at its default level. Rarely have I ever thought of lowering the volume from that point.
So if the volume is set at 50% by default, why bother testing at lower volumes? That I’m not altogether sure of. I could be cynical and say it’s for the marketing, but I suspect the sound has been tuned at a certain volume and then scaled to make sure the drivers offer a similar response across a range of volumes – high and low.
But still, why not just make it clearer that the volume is taken from a specific level?
This has become a problem recently has brands seem to have a different approach to calculating the battery life for speakers. They don’t necessarily use a universal method. What JBL does is probably different from Sony, from Marshall, from Sonos, from Bose.
The equipment used is likely different based on what they think their customer base is most likely to use. So what can we do about it?
I have no idea.
There’s no incentive for anything to change; there aren’t any repercussions because, technically, the speaker can achieve that battery life – just probably not at the volume you’d normally play it at. If you complain that the battery life is not that good, they’re likely to ask you what volume you’re playing music at.
I should be fair and say that there are times when I’ve used my approach and battery life has been right on the money. But, in general, I think that audio brands should be a little upfront about what their speakers are truly capable of. I want a speaker to last, but it needs to meet the target in the first place.
Progress Software warned customers to patch a critical authentication bypass vulnerability in its MOVEit Automation enterprise-grade managed file transfer (MFT) application.
MOVEit Automation automates complex data workflows without requiring manual scripting and serves as a central automation orchestrator to schedule and manage file transfers between different systems, including local servers, cloud storage, and external partners.
Tracked as CVE-2026-4670, the security flaw affects MOVEit Automation versions before 2025.1.5, 2025.0.9, and 2024.1.8. Remote threat actors can exploit it without privileges on the targeted systems in low-complexity attacks that don’t require user interaction.
“We have addressed the vulnerability and the Progress MOVEit Automation team strongly recommends performing an upgrade to the latest version,” the company says in a Thursday advisory. “Upgrading to a patched release, using the full installer, is the only way to remediate this issue. There will be an outage to the system while the upgrade is running.”
The same day, Progress also released security updates to address a high-severity privilege escalation vulnerability (CVE-2026-5174) stemming from an improper input validation weakness in the same software.
According to a Shodan search shared by PwnDefend cybersecurity consultant Daniel Card, over 1,400 MOVEit Automation instances are exposed online, and over a dozen are linked to U.S. local and state government agencies.
However, there is no information regarding how many of these systems have already been secured against CVE-2026-4670 attacks.
While the company has yet to flag these security issues as exploited in the wild, other MoveIT MFT vulnerabilities have been targeted in attacks in recent years.
For instance, the Clop ransomware gang exploited a zero-day in the MOVEit Transfer secure file transfer platform in an extensive series of data theft attacks in 2023 that affected more than 2,100 organizations and over 62 million individuals, according to Emsisoft estimates.
MFT software is an attractive target for ransomware actors, as seen in previous Clop data-theft campaigns targeting security flaws in Accellion FTA, SolarWinds Serv-U, Gladinet CentreStack, GoAnywhere MFT, and Cleo.
Progress Software says its MOVEit MFT solutions are used by more than 3,000 enterprise organizations and over 100,000 users worldwide.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Threat actors across underground forums and chat groups are increasingly crafting structured fraud methods aimed at exploiting weaknesses in work processes of financial institutions. Rather than isolated or opportunistic scams, these discussions reflect an organized, process-driven approach that combines stolen identity data, social engineering, and knowledge of financial workflows.
Within these conversations, smaller institutions, particularly small-sized to mid-sized credit unions, are often referenced as more attractive targets due to perceived gaps in verification systems and limited fraud prevention resources.
Flare researchers recently identified a detailed loan fraud method circulating within one such underground group, outlining how attackers can move through credit checks, identity verification, and loan approval processes using stolen identities while avoiding traditional security triggers.
The approach does not rely on exploiting software vulnerabilities, but instead focuses on navigating legitimate onboarding and lending workflows as if the applicant were genuine.
The structure of the post reflects a methodical approach, breaking down the process from identity use to loan approval in a way that can be consistently replicated, pointing to a more organized use of fraud techniques.
At its core, this approach relies on obtaining sufficient personal data to convincingly impersonate a legitimate borrower. This includes identifiers such as names, addresses, dates of birth, and in some cases, credit-related details.
The process is all digitized, and the attacker is using false identity to submit for a loan. This distinction is critical: the attack does not “break the system,” but he exploits the flaws in its design.
A central component of the method is the ability to pass identity verification checks, particularly those based on knowledge-based authentication (KBA). These systems typically rely on questions derived from:
In practice, much of this information can be reconstructed or inferred from: publicly available data, social media profiles, previously leaked datasets, and aggregated identity records.
This method highlights how attackers can anticipate and prepare for these checks in advance, effectively turning verification into a predictable step rather than a true barrier.
It demonstrates how what was once considered a strong identity control can quickly be learned, adapted to, and ultimately exploited by cybercriminals, who evolve their identity theft tools specifically to collect and bypass these requirements.
By the time a fraudulent application hits your queue, the hard work is already done. Attackers source stolen identities, KBA answers, and financial histories from dark web forums and underground markets—long before they ever contact your institution.
Flare monitors thousands of these sources continuously, so you can detect exposed data at the source, not after the damage is done.
Identity Acquisition
Stolen personal data is obtained, including full identity details and background information sufficient to impersonate a legitimate individual.
Credit Profile Assessment
The attacker reviews the victim’s financial profile to determine loan eligibility and likelihood of approval.
Verification Preparation (KBA Readiness)
Additional personal details are gathered to anticipate and correctly answer identity verification questions.
Target Selection
Small- to mid-sized credit unions are selected based on perceived weaker verification processes and lower fraud detection maturity.
Loan Application Submission
A loan application is submitted using the stolen identity, ensuring consistency across all provided data.
Identity Verification Passed
KBA and standard checks are successfully completed, establishing legitimacy.
Loan Approval and Fund Release
The institution approves the loan and releases funds through standard channels.
Fund Movement and Cash-Out
Funds are transferred to controlled accounts, moved through intermediaries, and withdrawn or converted to complete monetization.
One of the more notable aspects of the method is its focus on smaller financial institutions. Rather than targeting large banks or highly secured fintech platforms, the approach explicitly leans toward small-sized to mid-sized credit unions, which are perceived as:
More reliant on traditional identity verification methods
Less equipped with advanced behavioral fraud detection
More likely to prioritize customer accessibility over strict controls
While not universally true, this perception alone is enough to influence attacker behavior, driving targeting decisions toward institutions believed to offer a higher success rate.
Recent industry reporting supports this trend. In auto lending alone, fraud exposure is projected to reach $9.2 billion in 2025, with smaller and regional lenders facing increasing pressure from organized fraud schemes.
Once a loan is approved, the operation shifts into its most critical phase – turning access into money. At this point, the attacker has already done the hard part: passing identity checks and establishing trust under a stolen identity. From the institution’s perspective, the process appears legitimate, and funds are released through standard channels just as they would be for a real customer.
The focus then moves to speed and separation. Rather than leaving funds in place, they are quickly moved away from the originating account, often through intermediary accounts that create distance from the source.
This stage overlaps with broader fraud ecosystems, where access to additional accounts and financial channels enables funds to be routed, split, or repositioned to reduce traceability.
What makes this phase particularly effective (and difficult to detect) is that each step mirrors normal financial behavior. Transfers, withdrawals, and account activity are not inherently suspicious on their own.
Instead, the risk lies in how these actions are chained together within a compressed timeframe, allowing attackers to complete the cash-out before detection systems or manual reviews can intervene.
The method provides indirect insight into which individuals and institutions are most frequently targeted for identity theft.
Individuals with Established Credit Histories – Attackers benefit from targeting individuals with strong or stable credit profiles, increasing the likelihood of loan approval.
Digitally Exposed Individuals – Those with a significant online presence may inadvertently expose personal details that can assist in passing verification checks.
Customers of Smaller Financial Institutions – Users of small-sized to mid-sized credit unions may face increased exposure if their institutions rely on less advanced fraud detection systems.
This loan scam method offers a clear example of how financial fraud is evolving. Instead of targeting systems directly, attackers are increasingly targeting the processes that surround them, leveraging identity, predictability, and trust to achieve their goals.
As these approaches become more structured and accessible, the line between legitimate activity and fraud continues to blur, making detection more complex and requiring a more adaptive defensive approach.
Learn more by signing up for our free trial.
Sponsored and written by Flare.
Lego and Sega have announced a new set coming next month that’ll hit you right in the nostalgia: the Lego Sega Genesis Console. The $40 model is a slightly scaled-down version of the gaming system, with the option to give it either the Genesis branding, as it was known in North America, or Mega Drive, as it was released in Japan and other regions. The Lego Sega Genesis Console will be available starting June 1 from Lego’s online and physical stores.
The set includes a total of 479 pieces, including two detachable controllers that are about three inches wide, a mock game cartridge featuring Sonic and Tails, and blocks to create a hidden Sonic portrait. Once assembled, the Lego Sega Genesis Console measures roughly 1.5 inches high, six inches wide and 4.5 inches deep.
Lego
It’s the latest in a series of Lego game consoles that have been released over the past few years, including the Lego Game Boy (which someone modded to actually be playable) and the NES. Lego released a build kit for a standalone Sega Genesis Controller a little while back, too, and that sold out pretty quickly. The console version is likely to go the same way, so set a reminder for June 1 if you’re hoping to grab one.
Instagram is taking a small step toward increasing transparency around AI-generated content on the service. The app is testing a new account-level label that will allow creators to self-identify as an “AI creator.”
The label will appear prominently both in creators’ profiles and alongside their posts and Reels elsewhere in the app. “This profile posts content that was generated or modified with AI,” it says. According to Meta, the new labels are an effort to “raise the bar on AI transparency on Instagram.” And the language in the new labels is notably more explicit than Meta’s “AI info” badges, which indicate that a given post “may” have been created or edited with an AI tool.
But, importantly, the “AI creator” labels are entirely optional. That means a lot of users are still likely to encounter AI content with the more vague “AI info” label or no label at all. As Meta’s Oversight Board recently pointed out, those disclosures are applied somewhat haphazardly as Meta lacks the ability to reliably detect all the AI-generated content that passes through its apps. (The company has yet to respond to the board’s recommendations on improving its AI-detection methods.)
Still, Meta is encouraging creators who frequently post AI content to use the feature. “This label builds trust by helping your audience understand what they’re seeing on Instagram,” an in-app message says. Of course, if the company really wanted to “build trust” it could turn them on by default, make them required or even throttle accounts that decline to use them. Meta is, for now, at least, opting for a much lighter touch. But as AI-generated content becomes more pervasive (and harder for our lowly human eyes to detect), the company may need to change up its approach to AI labeling yet again.
Lego and Star Wars have a long history together, and it’s clear that the relationship is as strong as ever. I got to play with the new Lego Star Wars Smart Play sets and, despite being a little gimmicky, they are a whole heap of fun.
The X-Wing build was a lot of fun, and I did get a kick out of the smart brick and the noise it makes. As you fly the X-Wing around, R2-D2 screams, and you can shoot lasers at the press of a button.
It doesn’t add any bulk to the build either, just a simple brick that has a good volume and several accelerometers to add to the fun. One of the little buildings that comes in the box is an Empire laser turret that makes crashing sounds if you tip it over. It makes me giggle every time I do it.
The X-wing itself uses the brick to great effect. It makes all the movement noises as you fly around, but if you press the red button on top, it moves the brick forward, triggering the accelerometer and making the laser “pew pew” sound. Then, as it moves back into place, the NFC reads the R2-D2 tag and makes its noises as well. It really does work very well.
Overall, the $90 cost of the X-wing feels like a decent deal. The Smart Brick is not tied to the set you have, so it can be used in other sets eventually, and you get the X-wing and three mini sets to play with, too. Plus R2-D2, Leia and Luke minifigs that all make fun noises when they are near the brick.
Refrigerators today run on the same basic technology as they did more than 100 years ago. You’d think we could have come up with something better by now.
And we have, but nothing has been able to dethrone cheap, reliable vapor compression — the process that’s keeping your milk cold today. One startup hopes to change that.
Barocal has developed an entirely new way of heating and cooling using nothing but an inexpensive solid material. Early prototypes are already as effective as existing refrigerator compressors, and the technology promises to use significantly less energy. Oh, and there’s no risk of leaking climate-warming gases, something that has plagued vapor compression.
To prepare the technology for market, Barocal has raised a $10 million seed round, the startup exclusively told TechCrunch. Investors in the round included World Fund, Breakthrough Energy Discovery, Cambridge Enterprise Ventures and IP Group.
Barocal’s core technology stems from research performed by Xavier Moya, the startup’s founder. “I’ve always been very interested in technologies for heating and cooling,” he told TechCrunch. He traces it back to his youth in Spain, where he would spend hours studying in a small, hot room. “I really remember when air conditioning came to the house — it was like wow!” he recalled.
As a professor of materials physics at the University of Cambridge, he focused on refrigerants of all kinds, though he became particularly fascinated by solid materials could capture and release heat simply by squeezing and stretching them. In one of his favorite demonstrations, he asks people to take an deflated balloon, hold it to their lips, and repeatedly stretch and relax it.
“If you stretch it, it gets hot. And then if you wait, when you let it go, it feels cold,” he said.
Techcrunch event
San Francisco, CA
|
October 13-15, 2026
That same principle applies to the class of materials Barocal has developed, which is related to an organic material widely used in a range of industries, from plastics to paints. Normally, the molecules inside the material rotate freely. But when they’re compressed, the molecules stop rotating. Since heat, at its most basic level, is the movement of atoms and molecules, the reducing that movement causes the material to give off heat. Removing the pressure allows the materials to absorb heat.
Barocal uses these materials to transfer heat. In a refrigerator, for example, the material will pump heat from inside the fridge to outside, lowering the temperature for the food within. To transfer heat, the company flows water past the materials and then out to a radiator.
Because the materials are solids, gas leaks don’t pose a problem. In conventional refrigerators, the gaseous refrigerants either degrade the ozone later or warm the climate, depending on the type. Greenhouse gas-based refrigerants have become a particular concern since they can warm the climate over 1,000 times more than an equivalent amount of carbon dioxide.
Though Barocal’s technology can work at any scale, the company is studying large HVAC and refrigerators first, systems where the startup’s efficiency gains will make a noticeable dent in a customer’s bottom line. “We are looking at bigger commercial systems where I think we can we can make a bigger impact faster,” Moya said.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
DoorDash on Monday added new AI-powered tools that let merchants speed up onboarding, edit photos to make dishes look better, and create websites based on their app listings.
The onboarding tool works similarly to the one Amazon launched in 2024. Merchants can point the tool to their website, from which it will automatically fetch information such as photos, store hours, and menu items to create a listing on the app. Merchants can review and edit all of this information before publishing the listing.
DoorDash has also revamped its video library. The library now lets merchants tag dishes in videos so that customers can order those items directly. The library also shows stats such as total views, video-driven sales, and new customer sales.
Restaurants are getting a few photo editing tools, too: AI Retouch can replace backgrounds, sharpen images, and optimize lighting without changing the dish; and AI Replate manipulates pictures of dishes so they look like they’re plated professionally, changing lighting and color. Merchants can also provide a reference image to apply a particular style to an existing image.
“At DoorDash, we’re constantly building tools to help merchants succeed, from their very first day on the platform, to every order after. These new tools reflect our belief that the right technology should remove friction, not add it, so merchants can focus on what they do best: making great food and delivering incredible customer experiences,” Brian Tolkin, head of merchant product at DoorDash, said in a statement.
The company is adding new features to its commerce platform as well, one of which lets restaurant owners spin up a website based on existing DoorDash content, such as menu items and photos. The company said during a test of the new feature, merchants saw order conversion rates of nearly 10% on average.
The company has also added a new marketing campaign builder that lets merchants automate content creation, email outreach and scheduling.
Techcrunch event
San Francisco, CA
|
October 13-15, 2026
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
New data from Orange Cyberdefense has suggested the biggest risks companies face could now be coming from inside, with internal threats rising from 47% to 57% in the space of less than a year.
For the first time ever, internal threats have become more common that external ones, with hacking remaining pretty steady at 31% of attacks compared with employee misuse, which rose from 29% to 45%.
However, while it’s the employees who could be driving a higher risk internally, companies could be doing more to protect themselves in far more than just the basic cybersecurity sense.
Article continues below
The report attributes some risks to the rise in shadow IT – something we’ve heard a lot about lately as companies struggle to apply AI correctly across their organizations. Frustrated workers often resort to unapproved tools, often feeding sensitive company information into public apps.
There’s also the fact that hackers themselves are more frequently targeting company insiders, exploiting everyday employee behavior instead of having to rely on more sophisticated, crafted attacks from outside.
“While not inherently malicious, employee misuse can be just as damaging as a sophisticated breach, especially given that attackers are increasingly turning policy workarounds into external entry points,” Senior Security Researcher Carl Morris explained.
Endpoints remain one of the biggest targets, with workers’ devices involved in more than half (53%) of incidents. And while they account for a smaller percentage overall, identity attacks also rose from 10% to 17% in around a year.
Looking ahead, Orange Cyberdefense urges companies to acknowledge that many risks now come from within an organization. Tightening access controls and privileges can shrink the attack surface altogether, while simple multi-factor authentication can also serve to prevent attackers from gaining access.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
AI slop has already flooded video feeds, gaming debates, software code, and search results. Now the same low-effort machine-made content is moving into podcasts.
Music usually dominates the AI slop debate, but the podcast problem may be harder to spot and harder to clean up. AI tools can now create, upload, and even monetize entire shows far faster than traditional podcast studios.
`
A Bloomberg report points to how quickly this is spreading. According to the Podcast Index, 10,871 new podcast feeds were created over roughly nine days, and about 4,243 of them, or 39%, were likely AI-generated. One AI podcast startup now says it has more than 10,000 active shows and published 877 new shows in only 48 hours.
Podcasting becomes especially vulnerable at that scale because discovery works differently from music. A low-quality AI song can be skipped in seconds, but podcasts rely heavily on search, recommendations, and trust. If feeds are filled with machine-made shows, listeners may have to work harder to find real hosts, original reporting, or actual conversations.
That pattern is already visible across other AI-hit formats. Video platforms are trying to deal with low-quality AI uploads while also promoting AI tools for creators. Gaming has seen backlash over AI-assisted visuals, with some players calling certain AI graphics features slop. Coding has a similar issue too. AI can help developers write more code faster, but that also means more bugs, weak fixes, security risks, and extra review work. In podcasts, the concern is not just volume, but also how easily that volume can be turned into money.
Easy monetization is what makes podslop more than just a quality problem. Some hosting services allow free podcasts to join ad marketplaces with very few checks, so AI-made shows can still earn money from downloads even if the content is thin or barely reviewed. One platform shares 60% of ad revenue with creators, while another says it can pause ads or remove shows if they are found to be slop.
Apple Podcasts has at least started asking creators to disclose when a material part of a show uses AI. Spotify, on the other hand, relies on broader rules against misleading content and has not released a specific AI podcast policy yet. This leaves listeners and advertisers with a trust problem because AI has made audio easier to produce and harder to verify.
Register Renaming | Hackaday
Drax board avoid their own AGM, accused of greenwashing & environmental racism
Kylie Jenner’s KHY Enters a New Era with ‘Born in LA’
Channel 5 – All Creatures Great and Small series 7 new post
Images of Samsung’s rumored smart glasses have leaked
Trump’s 25% EU auto tariff breaches Turnberry Agreement that also covers semiconductors and digital trade
Most Commercial Energy Audits Miss the Real Losses
CFTC’s AI will review U.S. crypto registration applications, chairman tells CoinDesk
Paul Scholes issues Marcus Rashford reality check as agreement emerges over Man United star
Barclay Brothers Avoid Bankruptcy: HSBC Drops High Court Petitions After IVA Deal
Tesla Officially Registers Elon Musk’s Stock: What Investors Need to Know
Get Ready for More Brain-Scanning Consumer Gadgets
Robinhood Phishing Scam Exploits Gmail Dot Feature to Bypass Security
Sister Wives: Janelle Posts New Scary Warning
Gmail Dot Trick Underpins Robinhood Phishing, Sending Real-Looking Emails
Michael Jackson’s Biopic Excluded Abuse Allegations For $25M
Two Powerball Tickets Split $143 Million Jackpot in Indiana and Kansas
Superdry co-founder accused of raping woman
Meme Coin Based on White House Shooter Conspiracy Rallies 320%
5 Movies Turning 20 That We’d Rather Forget About
You must be logged in to post a comment Login