As long as a refined and slightly self-consciously grown up rendition of your tunes is what you’re after, and provided they actually fit you in the first place, the Meze Audio Strada are a brilliantly open, revealing and sophisticated listen
Controlled, informative and engaging sound
Open and spacious presentation by closed-back standards
Very comfortable (if they fit)
Can fractionally overplay the sonic refinement card
Cable is slightly noisy
Another Meze Audio product that mocks the smaller-headed
Key Features
Introduction
How do you take a proven and successful closed-back over-ear headphone design like the Meze Audio Liric and reduce the asking price more than 50 percent?
Advertisement
With its new Strada closed-back over-ear design, Meze Audio thinks it has the answer…
Advertisement
Design
Magnesium frame
Macassar hardwood earcups
magnetically attached earpads
If you’re familiar with the look of Meze Audio’s Liric II over-ear headphones, there’s really only the colour of the magnesium frame that’s going to set the design of the Strada apart. If you’re not, though, well – it’s like this…
These are relatively wide, fairly light (330g without cable) headphones, and they feature magnetically attached earpads that are a) made from memory foam with a PU leather cover, and b) so generously padded that they contribute to that width more than somewhat.
Image Credit (Trusted Reviews)
The frame is made from magnesium, and the elaborately shaped yoke arrangement is quite strongly at odds with not-even-remotely elaborate adjustment rod mechanism that modifies the position of the headband.
The headband itself is fairly wide and thin. It’s covered with more PU leather on the outside, while on the inside it’s covered in fabric and much more judiciously padded than the earpads – the four-stage contact points are designed to help airflow and thus prevent your head heating up too readily.
Advertisement
Advertisement
Image Credit (Trusted Reviews)
The outside of each earcup is made from a quantity of good-looking and tactile Macassar ebony hardwood. And the frame surrounding each of these quantities of Macassar features a 3.5mm cable connection – Meze Audio supplies two 1.8m lengths of braided Kevlar OFC cable in the fairly large EVA case the STRADA travel in. One is terminated with an unbalanced 3.5mm jack, the other with a balanced 4.4mm alternative.
The frame of the STRADA is hand-painted, and available in just one finish: a deep, mildly metallic tone that anyone with an interest in motor racing from back in the day is going to recognise immediately as a very close relative of British Racing Green.
Image Credit (Trusted Reviews)
Specification
50mm dynamic drivers
5Hz – 30kHz frequency response
111dB sensitivity
Fundamentally, all of the stuff I’ve talked about in the design section constitutes the way Meze Audio has decided to suspend a driver over each of the listener’s ears. And it’s the driver technology deployed in the Strada that explains just how they can be so much more affordable than their very similar-looking Liric II siblings.
Advertisement
Unlike the super-elaborate planar magnetic driver technology fitted to the Liric II, the Strada use the much more common dynamic driver technology. Although this is not the same as saying there’s nothing interesting, or complex, about what’s going on here.
Advertisement
Image Credit (Trusted Reviews)
Each STRADA earcup features a 50mm dynamic driver that’s based closely on the driver found in the company’s (very similarly priced) 109 PRO open-back over-ear model. For its use in a closed-back design, though, Meze Audio has naturally given it quite a going-over…
The W-shaped dome is made of cellulose composite reinforced with carbon-fibre – which means it’s both durable and lightweight, and should be able to reduce many of the resonances that can lead to distortion.
The torus that surrounds the dome is of beryllium-coated semicrystalline polymer – the beryllium coating increases both the durability and the stiffness of the driver without weighing it down and compromising transient response. Carefully positioned grooves on the torus also contribute to the intended effect.
Image Credit (Trusted Reviews)
Finally, a copper-zinc alloy stabiliser is positioned around the membrane to absorb vibration and further reduce distortion.
This arrangement, says Meze Audio, delivers a frequency response of 5Hz – 30kHz, which is deeply impressive if anything like accurate. Impedance of 4ohms is nothing to worry about, but a sensitivity rating of 111dB (SPL/mW @ 1kHz) means a fairly pokey DAC or digital audio player is probably in order if you’re going to hear the STRADA at their optimum.
Advertisement
Advertisement
Sound Quality
Presentation is commendably open fopr a closed-back design
Articulate, detailed and engaging sound
Prioritise refinement at all costs
The first thing it’s important to note about the Meze Audio Strada, even before you have begun listening to them, is that it’s fairly important to sit still. Bumping or knocking the connecting cable will cause noise to be transmitted – that’s the case, to a lesser or greater extent, with most wired headphones, but it’s more pronounced here than is the norm.
But once you’re sitting comfortably and not fidgeting, there’s an awful lot to enjoy about the way these headphones sound. No matter if you’re listening to a big-standard Spotify stream of Highwayman by The New Eves or a full-fat 24-bit/48kHz FLAC file of Ora Cogan’s Cowgirl, these are eloquent and informative headphones, and are more than capable of revealing and contextualising even the finest details in order to let you know you’re getting the complete sonic picture.
Image Credit (Trusted Reviews)
Where soundstaging is concerned, they’re considerably more open, more spacious and more expansive than is the closed-back norm. They can do intimate and direct well, of course – but when it comes to opening up a recording and putting meaningful space between every element of it, the Strada are more reminiscent of open-backed alternatives.
This ability to give elbow-room to each participant doesn’t come at the expense of togetherness or singularity, either – recordings are presented as a unified whole.
When it comes to frequency response and tonality, the Meze Audio are quite carefully neutral; and not about to stick their oar in too obviously. Detail levels are high at every stage, and though they can dig a long way down and hit respectably hard while they’re at it, the Strada give bass sounds plenty of texture and variation – and they control the attack of low-end information so well that rhythmic expression is never less than naturalistic.
Advertisement
Advertisement
Image Credit (Trusted Reviews)
The opposite end of the frequency range is similarly detailed, and there’s sufficient substance to balance out the polite amount of bite and shine the headphones summon when describing treble sounds. In between, the midrange communicates in the most positive way, and voices are as expressive of attitude as they are of tone or timbre. The frequency range is described even-handedly, with no suggestion of understatement or over-emphasis at any stage.
There’s a fair amount of dynamic headroom available for when a recording shifts through the gears, and the distance the Strada can put between hushed and heartfelt and furiously angry is quite considerable. In combination with the attention they pay to the dynamic of harmonic variation and to transient response, it makes for a vivid and convincing sound.
Image Credit (Trusted Reviews)
It’s really only when they’re asked to deal with content that’s in some way rough around the edges, or that prioritises posture and attack over good taste, that the Meze Audio are found even slightly wanting.
Fundamentally, they’re a grown-up and quite refined listen – and this position works well almost all of the time. But when asked to play music that ignores refinement and instead prefers snottiness, the Meze Audio’s desire to bring order to bear where none is supposed to exist results in something of a stand-off.
Advertisement
Should you buy it?
You want more than a hint of the typically spacious open-backed sound from a closed-back design
Advertisement
Small heads need not apply
Advertisement
You’re blessed with a head that’s smaller than average
Final Thoughts
I’ve been very well-disposed to pretty much every Meze Audio product I’ve come into contact with – and I’ve listened to plenty.
But despite all of the very many things that I find admirable about the Strada, I cannot help but wonder why the company seems to think that people with smaller heads don’t have the money or the inclination to get into ownership of high-achieving headphones.
On a good day I’m six feet tall, and the size of my head is reasonably proportionate – but these headphones must be adjusted to their smallest fitting if they’re going to work for me. It’s a strange state of affairs…
Advertisement
How We Test
I connected the STRADA directly to an iBasso DX340 digital audio player using their 4.4mm-terminated cable. I used the same cable to connect to an iFi iDSD Diablo 2 headphone amp/DAC which was, in turn, connected to an Apple MacBook Pro.
I also connected them to an Eversolo DAC-Z10 pre-amp/DAC using a 6.3mm adapter on the 3.5mm cable – this gave access to a system including a Rega Apollo CD player, an Arcam ST25 network streamer and a Technics SL-1300G turntable.
Tested for several days
Tested with real world use
FAQs
Is there a choice of finishes?
No, the wood-and-dark-green you see in the pictures is the only finish available
Can I upgrade the cables?
Advertisement
Yes – it uses a standard 3.5mm connection at each earcup. An upgrade on the cable Meze Audio supplies won’t come cheap, though…
KitchenAid is giving its classic stand mixer a thoughtful refresh, as the new Artisan Plus adds three practical upgrades aimed at making everyday baking a little smoother.
At the top of the list is a built-in LED bowl light, which automatically switches on when the tilt-head is lowered. It’s a small but useful addition, as it allows you to keep an eye on texture or consistency without stopping mid-mix.
In addition, KitchenAid has introduced precision speed control and a soft-start function. The latter gradually ramps up mixing speed to avoid the all-too-familiar flour explosion. At the same time, the refined controls give you a bit more accuracy when working with delicate ingredients.
Those changes build on what’s already a well-established formula. The Artisan Plus keeps the familiar tilt-head design but adds a double-flex edge beater that scrapes the bowl as it mixes. It also comes with a secure-fit pouring shield and stainless steel accessories, although existing attachments still work here too. As a result, long-time KitchenAid users won’t need to start from scratch.
Advertisement
Advertisement
There’s also a bit more flexibility in how you use it day to day. The mixer offers 11 speeds, including a new half-fold setting designed for gently combining lighter mixtures, preventing you from knocking the air out of them.
Design-wise, KitchenAid hasn’t strayed far from what made the mixer iconic in the first place. You’ll still get that classic silhouette, now paired with 15 colour options including exclusive finishes like a fetching Sun Dried Tomato, Wild Blueberry and Feather Pink.
It’s a relatively modest update on paper, but that’s arguably the point. Rather than reinventing the mixer, KitchenAid is refining it, adding small, genuinely useful features while keeping the core experience intact.
The Artisan Plus Stand Mixer is available now for $600. This positions it as the brand’s most premium take on a design that’s already stood the test of time.
Google is finally doing the thing Gmail users have been begging for years, which is letting them change the actual username in their Gmail address. This is no longer just an early rollout, as Google says the feature is now available for all Google Account users in the US. So it’s still a limited release, […]
Geely, the Chinese automotive giant that owns Volvo, has just unveiled the Boyue EREV in China with a limited-time price of 107,900 Yuan, or roughly about $14,900. This price is worth noting, considering it’s not a stripped-down city car, but an extended-range SUV. It further highlights the value gulf between China and the US looks even wider.
Geely
This isn’t some tiny -range compromise either. Geely says the Boyue EREV offers up to 375 km of CLTC electric range and as much as 1,525 km of combined range, depending on the variant. It uses a 1.5 liter range extender, a 160kW electric motor, and either a 28.3 kWh or 50.4 kWh LFP battery pack. The larger battery also supports 3C fast charging, which claims to hit 80% charge from 30% in just about 15 minutes.
What else does it offer?
The Boyue EREV also doesn’t cut corners for the price, offering a 14.6-inch central display, an 8.8-inch instrument cluster, Flyme Auto, and support for both Carlink and Huawei HiCar. Keeping up with other high-tech Chinese EVs, you also get 50W wireless charging, an optional 16-speaker audio, an optional HUD, and L2-level driver assistance. It is also a real family SUV too, measuring 4,680mm long with a 2,778mm wheelbase.
Volvo’s parent company Geely unveiled the Boyue EREV SUVGeely
Why this is such a big deal
The bigger story here is not just Geely’s new SUV. It is what this kind of product says about the market split. Reuters reported earlier this week on Geely’s broader importance to Volvo as the Swedish brand navigates a tough car market. It also underlines just how central the Chinese parent has become. And despite US buyers wanting to buy Chinese EVs, they remain largely shut out of this kind of value.
EU reckons it could assert trust and authenticity by removing AI-generated content
The bloc is also drafting a code of practice to protect citizens
Blocking AI altogether might not be the best move, though
The European Union is reportedly considering a ban on AI-generated images and videos – otherwise known as deepfakes – in official communications.
According to new Politico reporting, with ongoing geopolitical tensions rising, elections running their courses and further public announcements, it’s believed the focus would be to protect trust in government messaging.
It’s unclear whether the rule would ban AI-generated content that mimics official people or places, or whether it would apply to all images and videos in political communications.
Article continues below
Advertisement
EU considers a ban on AI deepfakes
As it stands, politicians and policymakers are already voicing concerns over AI’s impact on democracy, with many worried fake content could undermine authentic news.
However, a blanket ban might not be truly effective. While fully banning deepfakes suggests all EU communications are legitimate, it doesn’t stamp out deepfakes appearing on third-party platforms (particularly social media). A further seal of approval to verify the authenticity of any EU communications could also help on this front – but that’s not included within current proposals.
Advertisement
There are also calls for AI-generated content to be labelled more clearly as policymakers see the technology as a growing disinformation threat, particularly in global politics.
Separately, Europe is also looking to control the harmful uses of generative AI. The bloc’s AI Office has already started to draft a code of practice, which independent experts will continue to build on.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
As for the proposed ban, though, the rules are still being shaped and will need to be agreed before becoming law.
Advertisement
However, some experts have criticized Europe for being so harsh in the rules it set out that it could risk falling behind other nations. “Responsible use beats abstinence,” OECD advisor Walter Pasquarelli wrote (via Politico).
We spend hours testing every product or service we review, so you can be sure you’re buying the best. Find out more about how we test.
Samsung Galaxy Book6 Pro: Two-minute review
The Samsung Galaxy Book6 Pro is a laptop in the ultrabook class, featuring a sublime design that keeps bulk to a minimum.
I was immediately struck by the svelteness of the unit. The clean lines and rounded corners only add to its minimalist chic, as does the steely grey colorway.
Advertisement
It looks and feels every bit as premium as any of our current best laptops. All materials are smooth to the touch, while the metal base is solid. The metal lid isn’t quite as stable as those on some other laptops I’ve tested, but it’s perfectly sufficient for normal use, and the hinge operates very well.
The price you pay for such solidity, though, is that the Galaxy Book6 Pro isn’t exactly light. I tested the 16-inch model, so I wasn’t expecting a featherweight unit, but it’s worth mentioning all the same. At least its thin profile makes it more portable than it otherwise would be.
The Book6 Pro’s all-round performance is excellent. It can handle all kinds of tasks without missing a beat, and I was also amazed by its gaming performance, despite the lack of dedicated GPU. It was able to run AAA titles at respectable graphical settings in perfectly playable states.
Advertisement
(Image credit: Future)
Note that you can feel some heat on the keyboard, with fan noise apparent, even when the laptop is under moderate stress. Thankfully, the noise is relatively hushed, and not likely to cause much disruption.
However, it was the 16-inch 3K AMOLED display of my review unit that really caught the eye. It’s as bright, sharp, and rich as you could wish for, while touchscreen functionality is also great. Unlike the majority of laptops screens, the rounded corners of the frame here add to the display’s appeal, while the super-thin bezel ensures that none of the copious real estate goes to waste.
Sign up for breaking news, reviews, opinion, top tech deals, and more.
The keys on the Galaxy Book6 Pro are a little heavier than you might expect, which can lead to presses failing to register, at least in my experience. The layout is also a little cramped — and it’s a shame that on a laptop of this size, Samsung has chosen to omit a number pad and most navigation keys.
Advertisement
I have fewer complaints about the touchpad, though. Its large size and incredibly smooth surface make navigation a cinch. Also, it mostly avoids encroaching on wrist space when typing; only on a few brief occasions did I accidentally trigger cursor movement.
Battery life is adequate, if not spectacular. It lasted 14 hours in our movie playback test, which is under an hour of that achieved by the Asus Zenbook S 16 and the Apple MacBook Air 15-inch (M4), but an hour more than the Dell 16 Plus.
The Galaxy Book6 Pro is certainly a costly proposition, but when you consider all that it offers, its value becomes more apparent. It’s similarly priced to the aforementioned Zenbook, a close rival in many ways, and more expensive than the Dell 16 Plus. Nevertheless, it’s difficult for either of these alternatives to surpass the sheer quality and glorious display of Samsung’s super-slender machine.
16-inch 2,880 x 1,800 (WQXGA+), Dynamic AMOLED 2X, Anti-Reflective, touchscreen
16-inch 2,880 x 1,800 (WQXGA+), Dynamic AMOLED 2X, Anti-Reflective, touchscreen
Advertisement
Ports and Connectivity
2 x USB-C (Thunderbolt 4), 1 x USB-A 3.2, 1 x HDMI 2.1, 1 x 3.5mm combo audio; Wi-Fi 7, Bluetooth 5.4
2 x USB-C (Thunderbolt 4), 1x USB-A 3.2, 1 x HDMI 2.1, 1 x 3.5mm combo audio; Wi-Fi 7, Bluetooth 5.4
Battery
Advertisement
78Wh
78Wh
Dimensions
14.1 x 9.8 x 0.5 inches (357 x 248 x 12mm)
Advertisement
14.1 x 9.8 x 0.5 inches (357 x 248 x 12mm)
Weight
3.51lbs / 1.59kg
3.51lbs / 1.59kg
Advertisement
Samsung Galaxy Book6 Pro review: Price & availability
(Image credit: Future)
Starts from $1,899.99 / £1,699
Available now
Expensive, but in line with some others
Pricing for the Galaxy Book6 Pro starts from $1,899.99 / £1,699 (about AU$2,740; pricing and availability for Australia is TBC at the time of writing), with the models available now. It can be configured with 16GB or 32GB of RAM, and 256GB, 512GB, or 1TB of storage. There are two Intel Core Ultra CPUs to choose from, the 7 356H and the X7 358H — the latter of which is reserved for the top-tier model. A variant with the Ultra 5 325 is coming soon.
The Galaxy Book6 Pro is an expensive laptop, then — although this isn’t too surprising, given its design and spec. The base model is similarly in price to the Asus Zenbook S 16, which also features a 3K OLED display, but 24GB instead of 16GB of RAM.
However, if you’re in the market for a large laptop that still offers plenty of quality for less, there’s the Dell 16 Plus. The base model is significantly cheaper than the Galaxy Book6 Pro’s, but it still arrives with an Intel Core Ultra 7 chip, 16GB of RAM, and 1TB of storage. Its resolution is lower, but only slightly.
Advertisement
Samsung Galaxy Book6 Pro review: Design
(Image credit: Future)
Incredibly thin
Solid metal enclosure
Quite heavy
In line with many of Samsung’s mobile devices, the Galaxy Book6 Pro is a sleek, premium-looking machine. The dark grey colorway is also very fetching and somehow adds more interest than your typical monochromatic designs.
Every contour is completely flat, while the corners, which are more rounded than most, give the design a softer appearance. Even the underside of the laptop is free of the fuss , with just four discreet rubber feet in each corner.
What’s more, the Galaxy Book6 Pro’s build quality is exceptional. The all-metal chassis is supremely strong, and while the lid isn’t as stable as some other models when open, it stays put under normal usage. The hinge for it is satisfyingly smooth, too. The bezel around the display is incredibly thin, which is always great to see, but the lack of a physical privacy shutter for the webcam, not so much.
The keys are more solidly planted than those of other laptop keyboards, and they also feature backlighting — which, in my opinion, is pretty much an essential feature.
Best of all, though, is just how thin the Galaxy Book6 Pro is. It’s reminiscent of the MacBook Air M1, since it thins out towards the front end. Given my review unit was the 16-inch model, I wasn’t too surprised by its weighty feel, but this does somewhat negate the utility of that slender form when it comes to portability. Still, it certainly makes it easier to slide in and out of a bag.
Advertisement
Samsung Galaxy Book6 Pro review: Performance
(Image credit: Future)
Surprisingly capable graphical performance
Superb display
Keys are a little heavy
Samsung Galaxy Book6 Pro benchmarks
3DMark: Night Raid: 46,524; Fire Strike: 13,987; Steel Nomad: 1,413; Solar Bay: 28,816; Solar Bay Unlimited: 29,056; Solar Bay Extreme: 4,270; Solar Bay Extreme Unlimited: 4,300 Geekbench 6.5: Multicore: 16,837; Single-core: 2,880 Cinebench R23: Multi Core: 16,250; Cinebench R24: Single Core: 121; Multi Core: 995 Crossmark: Overall: 2,125; Productivity: 1,906; Creativity: 2,567; Responsiveness: 1,670 Passmark Overall: 9,831.3; CPU: 36,603.9; 2D Graphics: 889.8; 3D Graphics: 9,241.2; Memory: 4,155.5; Disk: 43,906.2 BlackMagicDisk: Read: 4,369MB/s; Write: 3,371MB/s HandBrake 4K to 1080p: 85fps Total War: Warhammer III: 1080p, Medium: 76fps Total War: Warhammer III: 1800p, Ultra: 22fps Battery Life (TechRadar movie test): 14 hours and 52 seconds
The general performance of the Galaxy Book6 Pro is very good. It handles basic browsing and productivity tasks, as well as 4K streaming, with ease.
What surprised was just how well it handled games. Despite lacking a dedicated GPU, it managed to run Cyberpunk 2077 with the Ray Tracing: Ultra preset selected, without succumbing to disruptive slowdowns or stuttering. Intel’s XeSS Super Resolution 2.0 (in Auto mode) and Frame Generation were both enabled during my sessions.
Advertisement
Of course, the Galaxy Book6 Pro isn’t going to dethrone the best gaming laptops, and the keyboard layout can feel a little cramped when in the typical WSAD position; but it’s impressive, nonetheless.
Some heat was noticeable all over the keyboard during such intensive tasks, no doubt a corollary of that ultra-thin design — but, thankfully, the temperatures remained well within comfortable bounds. Some fan noise did become apparent, even under moderate workloads, but I didn’t find this too disturbing.
(Image credit: Future)
The AMOLED display is every bit as sumptuous as you’d expect it to be. The 3K resolution is satisfyingly crisp, while colors are vibrant and the contrast expectedly deep. The touchscreen functions well, too, responding quickly and accurately to my finger inputs.
I was also fond of the bezel’s rounded corners, which soften the frame and make on-screen content appear neater somehow. It’s a small touch that I wish more laptop displays featured; the best MacBooks have it, but only in the top corners, not the bottom as well.
Advertisement
The keys are nicely damped, but still display relatively shallow travel. However, they’re heavier than others, which resulted in some of my presses failing to register, requiring more force than I’m accustomed to producing. This may be an adjustment you’ll need to make as well, if you’re someone with a light touch.
While the layout is comfortably spaced for typing, it’s a shame there’s no number pad and only a few navigation keys (Insert/ Prt Sc and Delete) on the Galaxy Book6 Pro, given the 16-inch real estate of my unit.
The touchpad on the 16-inch model of the Book6 Pro is large, which is great for navigation. Despite this, there’s also enough room on the sides for resting your wrists while you type. There were times when the cursor moved as a result of my palms coming into contact with the pad, but this wasn’t frequent or long-lasting enough to cause a problem.
Advertisement
Samsung Galaxy Book6 Pro review: Battery life
(Image credit: Future)
Middling longevity
Quick to charge
The Galaxy Book6 Pro offers an average battery life. When I ran a movie on a continuous loop, it lasted 14 hours. This is well below Samsung’s claimed figure of up to 30 hours. However, it’s only an hour less than what the Asus Zenbook S 16 and the Apple MacBook Air 15-inch (M4) managed.
However, it lasted over an hour more than the Dell 16 Plus. It’s also quick to charge, taking about two hours to go from empty to full.
Should I buy the Samsung Galaxy Book6 Pro?
Swipe to scroll horizontally
Row 0 – Cell 0
Notes
Rating
Advertisement
Value
Super expensive, although the base model isn’t too bad for an ultrabook.
3.5 / 5
Design
Advertisement
It’s hard to find fault with the build quality and materials here. It’s exceptionally thin, but quite heavy.
4.5 / 5
Performance
The Galaxy Book6 Pro performs well, even on graphical tasks, while that huge OLED touchscreen display is truly stunning. The keys are a little heavy, though, and the layout of them is compromised.
Advertisement
4.5 / 5
Battery life
Decent, but nothing to write home about. Longevity is somewhere in the middle compared to its rivals.
3.5 / 5
Advertisement
Total
If your pockets are deep enough, you’re unlikely to be disappointed with how this laptop looks and performs.
4.5 / 5
Advertisement
Buy the Samsung Galaxy Book6 Pro if…
Don’t buy it if…
Samsung Galaxy Book6 Pro review: Also consider
How I tested the Samsung Galaxy Book6 Pro
(Image credit: Future)
Tested for several days
Ran our series of benchmarks
Plentiful laptop reviewing experience
I tested the Galaxy Book6 Pro for several days. I used it for all kinds of tasks, from general browsing and light productivity to 4K streaming and AAA gaming. I also ran our series of benchmark tests, designed to assess every aspect of a laptop’s performance.
I have plenty of experience reviewing computing devices of all kinds. I’ve tested numerous laptops, from budget offerings to top-tier gaming machines. I’ve also reviewed desktops, Chromebooks, and tablets.
Google released emergency updates to fix another Chrome zero-day vulnerability exploited in attacks, marking the fourth such security flaw patched since the start of the year.
“Google is aware that an exploit for CVE-2026-5281 exists in the wild,” Google said in a security advisory issued on Tuesday.
As detailed in the Chromium commit history, this vulnerability stems from a use-after-free weakness in Dawn, the underlying cross-platform implementation of the WebGPU standard used by the Chromium project.
Attackers can exploit this Dawn security flaw to trigger web browser crashes, data corruption, rendering issues, or other abnormal behavior.
Advertisement
While Google has found evidence that threat actors were exploiting this zero-day flaw in the wild, it did not share details about these incidents.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” the company noted.
Google has now fixed the zero-day for users in the Stable Desktop channel, with new versions rolling out to Windows, macOS (146.0.7680.177/178), and Linux users (146.0.7680.177). While Google says that this out-of-band update could take days or weeks to reach all users, it was immediately available when BleepingComputer checked for updates today.
If you don’t want to update the browser manually, you can also have it check for updates at the next launch and install them automatically.
Advertisement
This is the fourth actively exploited Chrome zero-day patched since the start of the year. The first (CVE-2026-2441) was an iterator invalidation bug in CSSFontFeatureValuesMap (Chrome’s implementation of CSS font feature values), which Google addressed in mid-February.
Google patched two other Chrome zero-day bugs exploited in attacks earlier this month: the first is an out-of-bounds write weakness in the Skia 2D graphics library (CVE-2026-3909), and the second is an inappropriate implementation vulnerability in the V8 JavaScript and WebAssembly engine (CVE-2026-3910).
In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by Google’s Threat Analysis Group (TAG), which is known for tracking and identifying zero-day exploits used in spyware attacks.
Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other.
This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.
MIT Technology Review discovered that startup R3 Bio has pitched an ethically and scientifically explosive long-term vision beyond its public work on non-sentient monkey “organ sacks”: creating human “brainless clones” or replacement bodies for organs as part of an extreme life-extension agenda. From the report: Imagine it like this: a baby version of yourself with only enough of a brain structure to be alive in case you ever need a new kidney or liver. Or, alternatively, he has speculated, you might one day get your brain placed into a younger clone. That could be a way to gain a second lifespan through a still hypothetical procedure known as a body transplant.
The fuller context of R3’s proposals, as well as activities of another stealth startup with related goals, have not previously been reported. They’ve been kept secret by a circle of extreme life-extension proponents who fear that their plans for immortality could be derailed by clickbait headlines and public backlash. And that’s because the idea can sound like something straight from a creepy science fiction film. One person who heard R3’s clone presentation, and spoke on the condition of anonymity, was left reeling by its implications and shaken by [R3 founder John Schloendorn’s] enthusiastic delivery. The briefing, this person said, was like a “close encounter of the third kind” with “Dr. Strangelove.” […]
MIT Technology Review found no evidence that R3 has cloned anyone, or even any animal bigger than a rodent. What we did find were documents, additional meeting agendas, and other sources outlining a technical road map for what R3 called “body replacement cloning” in a 2023 letter to supporters. That road map involved improvements to the cloning process and genetic wiring diagrams for how to create animals without complete brains. A main purpose of the fundraising, investors say, was to support efforts to try these techniques in monkeys from a base in the Caribbean. That offered a path to a nearer-term business plan for more ethical medical experiments and toxicology testing — if the company could develop what it now calls monkey “organ sacks.” However, this work would clearly inform any possible human version.
As if endless scrolling wasn’t bad enough already, TikTok has now quietly added a hidden emoji game inside DMs. The mini-game is live right now and works in both one-on-one messages and group chats. It means the app now has one more little trick to keep users hanging around even when they are technically done watching videos.
And honestly, it is exactly the kind of feature you would expect from a platform that has mastered years of mastering the art of making “just five more minutes” turn into an hour.
Nadeem Sarwar / Digital Trends
What’s the game, and why you should be wary
The game kicks off when you send a single emoji in a chat. If you tap on this emoji, your chosen emoji becomes part of the game itself, floating across the screen to give you a speed boost as you try to bounce upward across a stack of alligators.
The goal is to climb as high as possible while avoiding skeleton alligators, with some of these disappearing after one landing. So it’s all about quick reactions and enough chaos to make you give it another try. TikTok also shows both your score and your opponent’s high score in the top-right corner. So this basically turns it into a lightweight little competition instead of just a throwaway gimmick.
TikTokUnsplash
It is very on-brand
TikTok told TechCrunch that it launched the Easter egg to make messaging more fun and add a playful competitive element to DMs. This isn’t the first time we’re seeing something like this. Instagram added its own hidden emoji DM game two years ago, and Meta has also been experimenting with games inside Threads chats.
On paper, this is just a harmless little DM mini-game. But in practice, it is one more engagement hook dropped into a platform that was already very good at monopolizing attention.
Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a cross-platform remote access trojan. The malicious releases target macOS, Windows, and Linux. They were live on the npm registry for roughly three hours before removal.
Axios gets more than 100 million downloads per week. Wiz reports it sits in approximately 80% of cloud and code environments, touching everything from React front-ends to CI/CD pipelines to serverless functions. Huntress detected the first infections 89 seconds after the malicious package went live and confirmed at least 135 compromised systems among its customers during the exposure window.
This is the third major npm supply chain compromise in seven months. Every one exploited maintainer credentials. This time, the target had adopted every defense the security community recommended.
One credential, two branches, 39 minutes
The attacker took over the npm account of @jasonsaayman, a lead axios maintainer, changed the account email to an anonymous ProtonMail address, and published the poisoned packages through npm’s command-line interface. That bypassed the project’s GitHub Actions CI/CD pipeline entirely.
Advertisement
The attacker never touched the Axios source code. Instead, both release branches received a single new dependency: plain-crypto-js@4.2.1. No part of the codebase imports it. The package exists solely to run a postinstall script that drops a cross-platform RAT onto the developer’s machine.
The staging was precise. Eighteen hours before the axios releases, the attacker published a clean version of plain-crypto-js under a separate npm account to build publishing history and dodge new-package scanner alerts. Then came the weaponized 4.2.1. Both release branches hit within 39 minutes. Three platform-specific payloads were pre-built. The malware erases itself after execution and swaps in a clean package.json to frustrate forensic inspection.
StepSecurity, which identified the compromise alongside Socket, called it among the most operationally sophisticated supply chain attacks ever documented against a top-10 npm package.
The defense that existed on paper
Axios did the right things. Legitimate 1.x releases shipped through GitHub Actions using npm‘s OIDC Trusted Publisher mechanism, which cryptographically ties every publish to a verified CI/CD workflow. The project carried SLSA provenance attestations. By every modern measure, the security stack looked solid.
Advertisement
None of it mattered. Huntress dug into the publish workflow and found the gap. The project still passed NPM_TOKEN as an environment variable right alongside the OIDC credentials. When both are present, npm defaults to the token. The long-lived classic token was the real authentication method for every publish, regardless of how OIDC was configured. The attacker never had to defeat OIDC. They walked around it. A legacy token sat there as a parallel auth path, and npm‘s own hierarchy silently preferred it.
“From my experience at AWS, it’s very common for old auth mechanisms to linger,” said Merritt Baer, CSO at Enkrypt AI and former Deputy CISO at AWS, in an exclusive interview with VentureBeat. “Modern controls get deployed, but if legacy tokens or keys aren’t retired, the system quietly favors them. Just like we saw with SolarWinds, where legacy scripts bypassed newer monitoring.”
The maintainer posted on GitHub after discovering the compromise: “I’m trying to get support to understand how this even happened. I have 2FA / MFA on practically everything I interact with.”
Endor Labs documented the forensic difference. Legitimate axios@1.14.0 showed OIDC provenance, a trusted publisher record, and a gitHead linking to a specific commit. Malicious axios@1.14.1 had none. Any tool checking provenance would have flagged the gap instantly. But provenance verification is opt-in. No registry gate rejected the package.
Advertisement
Three attacks, seven months, same root cause
Three npm supply chain compromises in seven months. Every one started with a stolen maintainer credential.
Then in January 2026, Koi Security’s PackageGate research dropped six zero-day vulnerabilities across npm, pnpm, vlt, and Bun that punched through the very defenses the ecosystem adopted after Shai-Hulud. Lockfile integrity and script-blocking both failed under specific conditions. Three of the four package managers patched within weeks. npm closed the report.
Now axios. A stolen long-lived token published a RAT through both release branches despite OIDC, SLSA, and every post-Shai-Hulud hardening measure in place.
Advertisement
npm shipped real reforms after Shai-Hulud. Creation of new classic tokens got deprecated, though pre-existing ones survived until a hard revocation deadline. FIDO 2FA became mandatory, granular access tokens were capped at seven days for publishing, and trusted publishing via OIDC gave projects a cryptographic alternative to stored credentials. Taken together, those changes hardened everything downstream of the maintainer account. What they didn’t change was the account itself. The credential remained the single point of failure.
“Credential compromise is the recurring theme across npm breaches,” Baer said. “This isn’t just a weak password problem. It’s structural. Without ephemeral credentials, enforced MFA, or isolated build and signing environments, maintainer access remains the weak link.”
Not enforced. npm runs postinstall by default. pnpm blocks by default; npm does not
postinstall remains primary malware vector in every major npm attack since 2024
Lock dependency versions
Lockfile enforcement via npmci
Advertisement
Effective only if lockfile committed before compromise. Caret ranges auto-resolved
Caret ranges are npm default. Most projects auto-resolve to latest minor
What to do now at your enterprise
SOC leaders whose organizations run Node.js should treat this as an active incident until they confirm clean systems. The three-hour exposure window fell during peak development hours across Asia-Pacific time zones, and any CI/CD pipeline that ran npm install overnight could have pulled the compromised version automatically.
“The first priority is impact assessment: which builds and downstream consumers ingested the compromised package?” Baer said. “Then containment, patching, and finally, transparent reporting to leadership. What happened, what’s exposed, and what controls will prevent a repeat. Lessons from log4j and event-stream show speed and clarity matter as much as the fix itself.”
Advertisement
Check exposure. Search lockfiles and CI logs for axios@1.14.1, axios@0.30.4, or plain-crypto-js. Pin to axios@1.14.0 or axios@0.30.3.
Assume compromise if hit. Rebuild affected machines from a known-good state. Rotate every accessible credential: npm tokens, AWS keys, SSH keys, cloud credentials, CI/CD secrets, .env values.
Check for RAT artifacts. /Library/Caches/com.apple.act.mond on macOS. %PROGRAMDATA%\wt.exe on Windows. /tmp/ld.py on Linux. If found, preform a full rebuild.
Harden going forward. Enforce npm ci --ignore-scripts in CI/CD. Require lockfile-only installs. Reject packages missing provenance from projects that previously had it. Audit whether legacy tokens coexist with OIDC in your own publishing workflows.
The credential gap nobody closed
Three attacks in seven months. Each different in execution, identical in root cause. npm’s security model still treats individual maintainer accounts as the ultimate trust anchor. Those accounts remain vulnerable to credential hijacking, no matter how many layers get added downstream.
“AI spots risky packages, audits legacy auth, and speeds SOC response,” Baer said. “But humans still control maintainer credentials. We mitigate risk. We don’t eliminate it.”
Mandatory provenance attestation, where manual CLI publishing is disabled entirely, would have caught this attack before it reached the registry. So would mandatory multi-party signing, where no single maintainer can push a release alone. Neither is enforced today. npm has signaled that disabling tokens by default when trusted publishing is enabled is on the roadmap. Until it ships, every project running OIDC alongside a legacy token has the same blind spot axios had.
The axios maintainer did what the community asked. A legacy token nobody realized was still active and undermined all of it.
‘By supporting the emergence of Bull, we are choosing strategic independence,’ said France’s minister delegate for artificial intelligence and digital affairs.
France has completed its acquisition of 100pc of the capital of supercomputer maker Bull from Atos Group, in a deal that marks a “major step forward for French and European technological sovereignty”.
The acquisition, the completion of which was announced yesterday (31 March), is expected to boost France and Europe’s tech sovereignty particularly in the areas of high‑performance computing, AI and quantum technologies, according to the French state and Bull. The French state is now the sole shareholder of Bull.
“The revival of Bull as an independent company supported by the French state marks a decisive step in our history,” said Emmanuel Le Roux, CEO of Bull. “With a long‑term strategic shareholder, we are strengthening our position as a trusted industrial partner across the entire value chain of high‑performance computing, quantum computing and artificial intelligence.”
Advertisement
The deal to acquire Bull from Atos Group was first agreed in July of last year, when France agreed to pay an enterprise value of up to €404m for the company.
Bull, which is headquartered in Bezons, France, designs and manufactures supercomputers and high‑performance servers, as well as enterprise servers, software solutions, AI use cases and innovations in quantum computing.
“The supercomputers produced there meet the most demanding needs of national defence, industry and fundamental research, and are also essential for training and deploying artificial intelligence models,” read yesterday’s announcement. “They are recognised for their performance and energy efficiency – two decisive criteria for training large AI models.”
The computing company has been in operation for nearly a century, having been founded in 1931. The company was acquired by Atos Group in 2014, when it became the organisation’s advanced computing business.
Advertisement
Europe’s sovereignty push
The completion of France’s purchase of Bull comes amid a wider push for tech sovereignty in Europe in recent times – particularly in the wake of recent transatlantic tensions with the current US administration.
France, along with Germany, have been prominent figureheads in the push for European digital sovereignty, with both countries taking centre stage at last November’s Summit on European Digital Sovereignty to propose a number of initiatives – including the launch of a joint taskforce on European digital sovereignty led by the two nations.
Sovereignty efforts have seen milestones achieved in Europe’s supercomputing space in particular.
Jupiter joined existing supercomputers in the EuroHPC network – namely, MareNostrum in Spain, Leonardo in Italy, Lumi in Finland, Discoverer in Bulgaria, MeluXina in Luxembourg, Vega in Slovenia, Karolina in Czechia and Deucalion in Portugal – together conducting billions of calculations per second.
A month later, the European High Performance Computing Joint Undertaking (EuroHPC JU) signed a procurement contract with Eviden for the delivery of Alice Recoque, a new European exascale supercomputer (named after the late pioneering French computer scientist) to be located in France.
“The state’s entry into Bull’s share capital marks a decisive step for our digital sovereignty,” said Anne Le Hénanff, France’s minister delegate for artificial intelligence and digital affairs. “At a time when artificial intelligence and quantum technologies are profoundly reshaping technological balances, France is equipping itself with a leading industrial player in high‑performance computing.
“By supporting the emergence of Bull, we are choosing strategic independence. It is a strong signal: that of a country that invests, that protects its expertise, and that is determined to remain sovereign in the technologies that will shape the world of tomorrow.”
Advertisement
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
You must be logged in to post a comment Login