Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
Microsoft has observed a surge in attacks using the ACR Stealer malware to steal browser-stored passwords, authentication tokens, and sensitive documents from its enterprise customers.
Between late April and mid-June, the threat actor used the ClickFix social-engineering method, WebDAV servers, and the MSHTA (Microsoft HTML Application Host) utility to deliver the info-stealing payload.
ACR Stealer is a malware-as-a-service (MaaS) operation believed to be a rebranding of the Amatera Stealer malware.
While there are multiple delivery methods for the malware, Microsoft highlights two intrusion chains as the most prevalent for ACR Stealer.
The first campaign starts with a ClickFix lure that executes a command to run a malicious DLL from a remote WebDAV share using rundll32.exe.
Threat actors abusing WebDAV is a common tactic, seen in past attacks delivering Bumblebee and Voldemort malware.
In a report this week, Microsoft says that the threat actor typically uses a GUID-based directory structure and filenames in the WebDAV path to mimic legitimate resources (for example, google.ct) and blend the activity with expected network traffic.
After establishing communication with the command-and-control (C2) infrastructure, “a heavily obfuscated PowerShell script” is executed to launch a malware installer and establish persistence.
The routine installs a bundled Python loader, creates a scheduled task masked as a software update, manipulates timestamps, clears PowerShell history, and injects the final payload into a system process for in-memory execution.
Some variants use public blockchain services as dead-drop resolvers to obtain updated payload locations or C2 addresses, a popular technique also known as “EtherHiding.”
For the second delivery chain, the threat actor uses ClickFix to launch MSHTA, which retrieves malicious content from the attacker’s server and executes an obfuscated PowerShell downloader.
The malware then extracts an encrypted payload concealed inside a publicly hosted steganographic JPEG image and executes it directly in memory.
Despite the differences, the objective remains stealing sensitive data:
All data is collected and then archived in preparation to be exfiltrated to the attacker.

“These two campaigns represent some of the most prevalent ACR Stealer delivery campaigns observed by Defender Experts; however, they do not represent the full range of delivery methods used by this malware family,” Microsoft warns, noting that additional execution chains are very likely to exist.
As a general defense rule against ClickFix attacks, users should avoid copying and executing instructions in command interpreters, especially when they claim to fix an error or to verify that they are human.
Microsoft recommends that organizations reduce exposure to web-based delivery chains by enforcing filters, blocking low-reputation or new domains, and restricting access to online resources that are not required for business operations.
Application control rules can restrict launching content from a remote resource using tools like PowerShell, Python, mshta.exe, or rundll32.exe, especially from user-writeable paths.
Microsoft’s report provides a larger list of recommended mitigations along with a set of indicators of compromise specific for the observed ACR Stealer activity.
Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
It’s pretty clear that EVs and software defined vehicles (SDVs) go hand-in-hand these days, and while Tesla paved the way with the Model 3 back in 2017, Rivian, Lucid, and Chinese manufacturers quickly followed. The legacy car manufacturers are taking a while longer to get on board, but are finally catching up. Companies like Hyundai Motor Group, General Motors, BMW, and Mercedes-Benz are starting to launch full SDVs.
SDVs are cars with functions and features that are primarily enabled through software and can improve over time via over-the-air (OTA) software updates. I’m not just talking about updating navigation or infotainment, here. Thanks to their zonal architecture, full SDVs use a holistic approach to software updates where every hardware module can be updated OTA, which enables diagnostics and even recalls without a dealer visit.
The cynical view is that SDVs allow greedy car manufacturers to extract revenue from customers via needless subscriptions, but that’s short-term thinking. When done right, there are many benefits to SDVs. Companies like Rivian and Tesla issue free monthly OTA updates to fix bugs and add new features to their EVs, to the delight of their customers, while only charging an optional subscription for higher data connectivity and ADAS tiers.
What happens when you extend SDVs beyond EVs to hybrid and combustion vehicles? A few weeks back, I visited Mercedes’ factory near Tuscaloosa, AL, where the company manufactures most of its global SUVs, to get a first look at the refreshed GLE and GLS SUVs. Beyond more powerful engines and the usual mid-cycle cosmetic upgrades inside and out, these SUVs are Mercedes’ first hybrid and combustion SDVs. Well, almost.
Unlike their predecessors, the 2027 GLE and GLS run the company’s MB.OS across all four domains — infotainment, automated driving, body & comfort, and driving & charging — just like Mercedes’ first full SDVs, the all-electric CLA and GLC. Previously, MB.OS was only implemented for navigation and infotainment, like in the current E-Class sedan and wagon. As such, those cars weren’t SDVs. But there’s a catch.
Mercedes notes, however, that “while all of these vehicles leverage MB.OS principles and a domain-oriented software architecture, the underlying hardware, communication systems, software capabilities, and OTA deployment approaches vary by vehicle platform.” As such, the refreshed GLE and GLS, while only partial SDVs, are closer to full SDVs than any other hybrid or combustion car before them.
The 2027 GLE and GLS feature Mercedes’ pillar-to-pillar Superscreen as standard, which consists of three 12.3-inch displays (driver, center, and passenger) behind a single glass surface, and includes a selfie camera for video calls (when stopped) and for selfies, naturally. Video calls require apps like Zoom, which you can download from Mercedes’ own app store. A 3D instrument display and head-up display are available as an option.
Like the all-electric CLA and GLC, the refreshed GLE and GLS feature a generative AI-powered voice assistant which uses OpenAI’s ChatGPT4o, Microsoft Bing Search, and Google Cloud’s Automotive AI Agent (for navigation) — depending on context. The MBUX Virtual Assistant can handle a whole range of natural language requests, from adjusting the climate and music to navigation and even general knowledge queries.
Mercedes’ MB.Drive Assist Pro, the company’s NVIDIA-powered point-to-point level 2+ advanced driver assistance system (ADAS), which launched on the all-electric CLA and GLC, is coming to the 2027 GLE and GLS, first in China, then in the US later this year. This ADAS is similar to Tesla’s ill-named full self-driving (FSD), but in addition to using ten cameras, it also uses five radar sensors and twelve ultrasonic sensors.
In all, the refreshed GLE and GLS show that drivetrain variations aside, it’s possible for all-electric, hybrid, and combustion vehicles to reach parity as SDVs when it comes to infotainment, navigation, comfort, and ADAS. Let’s hope that Mercedes fully embraces this exciting new technology and follows in Rivian and Tesla’s footsteps by releasing free monthly OTA updates to fix bugs and add new features to these new SDVs.
What’s even more important is that SDVs are starting to extend beyond EVs and luxury cars. Manufacturers like Hyundai Motor Group are launching more affordable hybrid and combustion vehicles that are SDVs. The zonal architecture used by SDVs makes cars inherently less expensive to manufacture since it requires fewer hardware modules and much simpler wiring harnesses (less copper means less cost and less weight).
The South Korean Grandeur sedan and Europe-bound IONIQ 3 SUV are Hyundai’s first proper SDVs. Both cars run the company’s new Android Automotive-based Pleos Connect navigation and infotainment platform, and include Hyundai’s App Market and large language model (LLM)-powered Gleo AI voice assistant. Pleos Connect, the App Market, and Gleo AI will also be coming to Hyundai Motor Group’s future Kia and Genesis cars.
…while I believe that the future is all-electric, hybrid and combustion vehicles will be sticking around a little while longer
Right now, most of the affordable full SDVs being developed outside of China are EVs. Ford is working on its Universal Electric Vehicle (UEV) SDV platform which will initially underpin an all-electric small truck priced around $30,000. Volkswagen’s upcoming ID.1 city car, destined for Europe and priced below €20,000, is the company’s first SDV. Its zonal architecture and software stack are a direct result of VW’s partnership with Rivian.
Hopefully, these new EV-first platforms can also be adapted to manufacture more affordable hybrid and combustion SDVs. Because while I believe that the future is all-electric, hybrid and combustion vehicles will be sticking around a little while longer, at least here in the US. And considering the cost and feature benefits of SDVs, it would be a shame if manufacturers didn’t deploy this technology across all their upcoming vehicles.
Between 2018 and 2024, I owned two Tesla Model 3s, so I was able to enjoy the benefits of SDVs firsthand. There’s something utterly wonderful about finding an OTA software update waiting in your car every month, ready to deliver new functionality for free. Rivian aside, I have missed this on every other EV I’ve driven since, and because of this positive experience, I will forever associate SDVs with EVs.
But as Mercedes has shown with the refreshed GLE and GLS SUVs, the benefits of SDVs also extend to hybrid and combustion vehicles. SDVs allow the company to provide a consistent and modern user experience across its entire lineup, regardless of drivetrain. Not to mention, SDVs reduce costs and complexity for all manufacturers. As such, I’m looking forward to SDVs becoming the norm for more cars going forward.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
Kini is very reliable. I tested it in a drawer and a cabinet, and it always alerted me when they were opened. It also keeps a log with times listed. While alerts go via the cloud, maker Kinisium says it doesn’t collect data, and you can turn off logging entirely if you prefer. Kini also has a Stasis mode, so you can reverse it and have it alert you when there has been no movement for a set period. This makes it a versatile monitoring device, and you could use this mode to ensure an elderly relative opens their medicine cabinet each day or check what time your dog walker opened a door. Kini is also compatible with IFTTT for automation, and there’s even a webhook integration that can send notifications to a custom URL.
There are loads of other motion sensors that can alert you to motion or presence in an area or room and trigger lighting, but the right one for you depends on your current smart-home setup.
I really like the Eve Motion Sensor, but if you want it to trigger alerts, you need a smart-home hub, and you must set up an automation. It’s a reliable sensor that works indoors or out. I tested it with a Google Home system.
The Aqara FP2 Presence Sensor ($83) has many features, including zonal and multiple person detection, and is compatible with all the major smart-home ecosystems, though it’s not always very accurate at identifying the number of people in the room. The more affordable Aqara FP300 ($50) is a good enough presence detector for most folks and can also track light, temperature, and humidity.
The Switchbot Presence Sensor ($30) is the most affordable sensor I tested and has a similar feature set, but you will need a Switchbot hub if you want alerts, and there’s a lag between it detecting and alerting.
The Philips Hue Outdoor Motion Sensor is excellent, but only if you already have a Hue setup, because it needs a Hue Bridge to connect to. I installed the sensor in my backyard and tested it with the Bridge Pro. It reliably detects people with few false positives. I configured my outdoor sensor to turn on a backyard light strip (not Hue) after sunset and send me a notification when triggered between specific hours (midnight and 6 am) using Google Gemini.
There’s also a Philips Hue Indoor Motion Sensor and a Contact Sensor ($40) for doors and windows. Both are very reliable and can be configured to trigger alerts.
As an interesting alternative to dedicated motion sensors, you can also use some smart lights for detect presence and motion indoors.
Wiz SpaceSense
If you have a few Wiz lights, you can try SpaceSense, which uses Wi-Fi to detect motion in rooms. I wasn’t that impressed when I tried SpaceSense, but how effectively it works depends on how many Wiz lights you have and where they are located. I was also testing it as a way to automatically turn lights on, and there’s some lag that limits its usefulness on that score. But as a security alert that can tell you when there’s motion in your home when you’re away, it could be very useful. If you already have Wiz lights, you may as well try it, as it doesn’t require a subscription.
Philips Hue MotionAware
Signify is the parent company of Wiz and Philips Hue, and MotionAware is very similar to SpaceSense, but it uses Zigbee, rather than Wi-Fi. Again, how well it works depends on the number of Philips Hue lights you have and their layout. Unfortunately, it does require a subscription if you want to receive alerts. MotionAware can trigger lights at no extra cost, but if you want motion alerts, you must pay $1 per month or $10 for the year. It is also included in Hue Secure subscriptions from $4 per month.
You might consider a modular security system. We like the Simplisafe system, which offers a base station, keypad, and a range of sensors. You can also find modular systems from security stalwarts like ADT and Vivint, and security camera makers like Eufy and Arlo.
The Department of Justice says that federal employees can now download TikTok on their government devices, according to Reuters.
A 2022 law banned federal employees from using the short-form video app on those devices, but the DOJ reportedly says the law no longer applies, thanks to a deal transferring ownership of TikTok’s U.S. operations to a joint venture backed by Oracle, Silver Lake, and MGX. (Oracle serves as the security partner for the new joint venture, while previous owner ByteDance retains a 19.9% stake.)
The DOJ memo reportedly says President Donald Trump has cleared “employees of Executive Branch agencies” to “download TikTok onto their official devices, subject to the agency’s discretion and consistent with all applicable workplace policies.”
Following the ban focused on government employees and devices, the app was banned more broadly across the United States. But just as the law took effect early last year, the app only went down briefly before Trump repeatedly delayed the move and urged service providers to restore access.
Kylian Mbappe is set to face Real Madrid team-mate Jude Bellingham as France take on England in the FIFA World Cup 2026 third place play-off in Miami — and you can live stream the game around the world for free.
Les Bleus were many people’s favourites to win the tournament, but a deeply disappointing 2-0 defeat by Spain in the semi-finals ended their hopes of lifting the World Cup for a third time. While a bronze medal would feel like scant consolation, France will nonetheless be motivated to triumph. Manager Didier Deschamps ends a hugely successful 14-year spell in charge of Les Bleus after this game and he will be keen to finish on a high, while captain Mbappe heads into the last weekend of the tournament level on eight goals with Lionel Messi in the race for the Golden Boot.
England’s semi-final defeat was even more crushing than their opponents’, as they conceded twice late on to lose 2-1 to bitter rivals Argentina. It means the Three Lions’ years of hurt will stretch beyond 60 after they fell short yet again, having reached at least the semi-finals in four of the past five major tournaments. England beat Norway in Miami in the quarter-finals seven days ago, and if they triumph here again it would represent their best showing at a World Cup other than when they lifted the trophy in 1966, having lost their previous two third-place games in 1990 and 2018.
So, read on as we show you exactly how to watch France vs England for free from anywhere in the FIFA World Cup 2026.
France vs England is available to watch for free in multiple countries, including the UK, Australia, Brazil, Belgium, Ireland, Netherlands, Switzerland and Turkey.
Abroad? Can’t access your free stream? Unblock your free World Cup stream with Norton VPN — more on that below.
It’s the World Cup, and if you’re traveling, you might discover your usual France vs England stream is suddenly unavailable due to geo-restrictions.
Don’t worry, that’s exactly where a VPN can help. A virtual private network lets you connect to servers around the world so you can securely access your usual World Cup coverage as if you were back home.
We recommend Norton VPN. Here’s why:
US viewers can watch France vs England on Fox (English commentary) or Telemundo (Spanish commentary).
Fox and Telemundo are available on cord-cutters like YouTube TV (free trial), Hulu+Live TV, Sling (select markets), Fubo or DirecTV.
Those looking for a streaming service instead can watch France vs England on Fox One (3-day free trial). Telemundo is also available via Peacock ($10.99/month).
Visiting the US from the UK? You can still watch your World Cup stream for free thanks to Norton VPN (try for 60 days).
UK customers are in luck as they can stream France vs England for free on BBC One. Live coverage is also available via BBC iPlayer.
You require a TV license and a valid UK postcode for an account (e.g. SE1 7PB).
Norton VPN can unlock your stream if you’re abroad today.
France vs England will be shown for free in Australia on SBS On Demand.
The streaming platform has every game of the tournament for free, making it the perfect place for your World Cup viewing.
Traveling for work or on holiday? A VPN like Norton VPN can help unlock your free stream.
In Canada, TSN will be broadcasting France vs England.
You can live stream via the TSN+ streaming platform, which costs CA$8 per month or CA$80 per year.
Outside of Canada? Use Norton VPN whilst you’re traveling away from home to unlock your stream.
In New Zealand, France vs England will be broadcast on TVNZ+.
While some World Cup games are free on TVNZ+, this match requires the tournament pass (NZ$44.95).
France vs England kicks off at 10pm BST / 5pm ET on Saturday, July 18. That’s 7am AEST on Sunday, July 19 in Australia.
France
Goalkeepers: Mike Maignan (AC Milan), Robin Risser (Lens), Brice Samba (Rennes).
Defenders: Lucas Digne (Aston Villa), Malo Gusto (Chelsea), Lucas Hernandez (Paris St-Germain), Theo Hernandez (Al Hilal), Ibrahima Konate (Liverpool), Maxence Lacroix (Crystal Palace), Jules Kounde (Barcelona), William Saliba (Arsenal), Dayot Upamenaco (Bayern Munich).
Midfielders: N’Golo Kante (Fenerbache), Manu Kone (Roma), Adrien Rabiot (AC Milan), Aurelien Tchouameni (Real Madrid), Warren Zaire-Emery (Paris St-Germain).
Forwards: Maghnes Akliouche (Monaco), Bradley Barcola (Paris St-Germain), Rayan Cherki (Man City), Ousmane Dembele (Paris St-Germain), Desire Doue (Paris St-Germain), Michael Olise (Bayern Munich), Kylian Mbappe (Real Madrid), Jean-Phillipe Mateta (Crystal Palace), Marcus Thuram (Inter Milan).
England
Goalkeepers: Dean Henderson (Crystal Palace), Jordan Pickford (Everton), James Trafford (Manchester City).
Defenders: Dan Burn (Newcastle United), Trevoh Chalobah (Chelsea), Marc Guehi (Manchester City), Reece James (Chelsea), Ezri Konsa (Aston Villa), Nico O’Reilly (Manchester City), Jarell Quansah (Bayer Leverkusen), Djed Spence (Tottenham Hotspur), John Stones (Manchester City).
Midfielders: Elliot Anderson (Nottingham Forest), Jude Bellingham (Real Madrid), Eberechi Eze (Arsenal), Jordan Henderson (Brentford), Kobbie Mainoo (Manchester United), Declan Rice (Arsenal), Morgan Rogers (Aston Villa).
Forwards: Anthony Gordon (Barcelona), Harry Kane (Bayern Munich), Noni Madueke (Arsenal), Marcus Rashford (Manchester United), Bukayo Saka (Arsenal), Ivan Toney (Al-Ahli), Ollie Watkins (Aston Villa).
|
Stage |
France |
England |
|
Group stage |
Group I: 1st, 9 points |
Group L: 1st, 7 points |
|
Last 32 |
Beat Sweden (3-0) |
Beat DR Congo (2-1) |
|
Last 16 |
Beat Paraguay (1-0) |
Beat Mexico (3-2) |
|
Quarter-finals |
Beat Morocco (2-0) |
Beat Norway (2-1 AET) |
|
Semi-finals |
Lost to Spain (2-0) |
Lost to Argentina (2-1) |
The temperature in Miami on Saturday is forecast to be around 86F (30C) at kick-off, although it is expected to feel like 88F (31C).
The humidity level is expected to range from 66-69 per cent during the game, which is considered high.
Of course, most broadcasters have streaming services that you can access through mobile apps or via your phone’s browser.
You can also stay up-to-date with all of the key World Cup moments on the official social media channels on X/Twitter (@FIFAWorldCup), Instagram (@FIFAWorldCup), TikTok (@FIFAWorldCup) and YouTube (@FIFA).
We test and review VPN services in the context of legal recreational uses. For example: 1. Accessing a service from another country (subject to the terms and conditions of that service). 2. Protecting your online security and strengthening your online privacy when abroad. We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.
Hours of San Francisco Police Department drone video footage exposed on the open web illustrates a new era of incredibly granular—and consequential—urban surveillance. Meanwhile, the San Francisco City Attorney’s Office sent cease-and-desist letters to Apple and Google this week demanding that the tech giants delete 13 AI nudifying “face-swap” apps from their app stores that are almost exclusively used to target women and girls.
Since WIRED first reported in June about Meta’s NameTag face-recognition system, company executives have made opaque and conflicting comments about whether the feature even exists. We took a step back to lay out both the claims and the facts about the very real system.
In a speech on Thursday, President Donald Trump continued to push unsubstantiated and thoroughly debunked claims about interference in the 2020 US election. He even promised massive revelations in a trove of documents posted to the White House website, but the files did not prove his assertions—and in some cases actually contradicted Trump’s claims.
As adoption of AI tools rapidly expands and their capabilities increase, the tech giant Anthropic continued a push to get US states to regulate AI. Speaking about AI transparency requirements in California and New York from last year, Anthropic’s head of US state and local government relations, Cesar Fernandez, told WIRED this week, “The transparency-focused safety bills of 2025 were a really important start, but as the capabilities of AI systems continue to advance quickly—the policy responses need to match.”
And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.
The astrology-themed period tracker Stardust sends users’ reproductive health details—birth control type, pregnancy status, moods, and symptoms as specific as tender breasts and stomach cramps—to a data firm not named in its privacy policy, according to the BBC, which first reported a Mozilla Foundation audit of six popular trackers produced in partnership with Harvard’s Berkman Klein Center.
Stardust scored 2 out of 10, the worst of the group. Mozilla researcher Shoshana Wodinsky found the app pings third-party trackers from the moment it opens, before a user enters anything; the instant she logged a symptom, the details went to analytics firm RudderStack alongside a persistent user ID, with no in-app way to shut the sharing off. RudderStack is built to route data onward to destinations Mozilla couldn’t observe. Stardust also hands Facebook an ad identifier that ties in-app behavior to the platform’s existing profiles. The company told TechCrunch it has never received a legal demand for user data.
Euki, a nonprofit-run tracker, earned a perfect 10: no account required, health data never leaves the phone, and users can set a PIN, schedule automatic deletion, or pull up a decoy screen if someone forces the phone open. Its one soft spot is an in-app browser for educational pages that loads the usual web trackers, but it also resets identifiers between visits.
Russia’s FSB has long had a reputation for highly sophisticated cyberespionage, leaving disruptive cyberattacks to its fellow hackers in the country’s GRU military intelligence agency. But sanctions from the EU and UK this week, along with an advisory from the US Cybersecurity and Infrastructure Security Agency, the FBI, and the NSA, pinned a cyberattack against the Polish electric grid on Center 16 of the FSB, a rare example of the Kremlin agency carrying out a cyberattack that nearly caused outages in the country’s electric and water utilities. The attack, which the Polish government has said came “very close” to causing a blackout, was initially attributed by cybersecurity firms Dragos and ESET to Sandworm, also known as Unit 74455 of the GRU, a more usual suspect in infrastructure hacking given its active role in Russia’s long-running cyberwar against Ukraine. But the Polish computer emergency response team at the time disputed that finding and tied the attack to the FSB, a conclusion now supported by a wide consensus of Western governments. The incident suggests that the FSB may be taking on some of the reckless, highly aggressive tendencies—and targeting—of its GRU coworkers.
For years, the Russian cybersecurity firm Kaspersky has been alleged to have ties to the Russian government, including by US officials who banned use of the company’s products within the US government and eventually by all American customers. Yet overt evidence of those connections has been scarce. Now Reuters reports that Denis Obrezko, a Russian man facing hacking charges in Boston and an alleged member of a hacker group known as Void Blizzard or Laundry Bear, spent two years working at Kaspersky. His stint at the company took place just before he joined another cybersecurity company, Yutek-NN, where he allegedly took part in the group’s hacking campaign that stole data and communications from numerous NATO governments and at least 11 US companies, according to US prosecutors. Prior to Kaspersky, Obrevko also allegedly worked at the FSB, neatly bookending his time at the company with apparent work for Russia’s intelligence services.
Obrevko has pleaded not guilty to the hacking charges. Kaspersky responded in a statement to Reuters that “the offenses charged cannot be related to the individual’s role or responsibilities during the employment at Kaspersky.”
In an incident that will induce anxiety in anyone responsible for assessing suspicious network activity, DHS officials ruled—twice—that signs of a hacker breach in its data-sharing Homeland Security Information Network platform were false positives when they were, in fact, signs of a very real intrusion. HSIN, used for sharing unclassified data between state, local, and federal agencies, as well as foreign partners, was breached by hackers two months ago, according to reporting from Nextgov/FCW. Analysts at the Federal Emergency Management Agency spotted signs of hacker activity in mid-May—altering files and code, hijacking a legitimate web server, and deleting logs of their behavior—but the findings were dismissed as a false positive.
In the weeks that followed, the hackers returned, were again detected, and were again dismissed as a mirage. It’s not clear why the signs of the breach were misjudged, but the incidents may represent federal analysts’ increasing challenges in detecting “living off the land” hacking techniques that use legitimate features of networks to access target assets on a network rather than planting more easily spotted malware. While the HSIN houses only unclassified data, the information is “highly sensitive,” Senate Intelligence Committee vice chair Mark Warner said in a statement following the report of the breach, and “its exposure risks national security.”
The AI music startup Suno scraped millions of songs, lyrics, and podcasts from YouTube Music, Deezer, Genius, and a string of stock-audio libraries to train its models, according to 404 Media, which reviewed internal data provided by a hacker who breached the company. The intrusion also exposed account information for hundreds of thousands of customers, including emails, phone numbers, and Stripe payment records.
Dataset notes in source code apparently from 2023 and 2024 tally 113,879 hours of YouTube Music audio alone, plus tens of thousands more from Pond5, Deezer, and other libraries—decades of music in total. Other files show Suno routing its YouTube scraping through Bright Data proxies and using PodcastIndex to target roughly 1 million hours of podcasts. The hacker, who goes by ellie.191, says they broke in by compromising an employee with the Shai-Hulud worm.
The files seemingly corroborate the record industry’s central allegation that Suno pulled songs directly from YouTube. The company, which argues that its training qualifies as fair use and settled with Warner Music Group last November, said the breach involved outdated code and no sensitive personal information—though customers whose data appeared in a sample shared with 404 Media said they were never notified.
The original lawsuit was filed in 2023 and claimed Twitter hosted thousands of cases of copyright infringement.
A three-years-long legal battle between X and major music publishers has quietly come to an end. In court documents filed by both X and a group of music publishers, both sides opted to dismiss their opposing lawsuits while not disclosing the terms of the settlement (via Reuters).
The feud began in 2023 when a group of music publishers led by the National Music Publishers Association (NMPA) sued the social media platform, which was still known as Twitter at the time. The $250 million lawsuit claimed that Twitter allowed for rampant cases of copyright infringement from its users, while also not doing anything to stop it. Notably, Twitter was one of the only major social media platforms that didn’t have a licensing agreement with music publishers.
In response, Twitter, now known as X, countered with its own lawsuit nearly three years later, claiming that these music publishers engaged in anticompetitive practices that would force the platform to license their songs for higher rates. Even before the latest agreement to dismiss both suits, X requested as recently as last month that the court dismiss the case claiming it shouldn’t be held responsible for user piracy.
So far, neither side has offered any explanation for the dismissals. However, court documents show that X and the music publishers requested to dismiss both suits “with prejudice,” so that they’re permanently dismissed and won’t be refiled. We’ve reached out to NMPA for comment and will update the story if we hear back.
Why you can trust TechRadar
We spend hours testing every product or service we review, so you can be sure you’re buying the best. Find out more about how we test.
On first impressions, the Laifen T1 Pro wows. Open the box and you’re greeted with Apple-inspired packaging, while the shaver itself immediately looks the part. Its CNC-machined unibody aluminium body looks and feels genuinely premium and, if you’re used to cheaper shavers like the Philips OneBlade – my usual razor – it’s impossible not to grin at the magnetically attached shaving head, which somehow manages to feel genuinely futuristic.
Modern conveniences like USB-C charging, an aeroplane mode to stop the power button being pressed in your bag while travelling and IPX7 waterproofing all add to the premium feel. Based on the spec sheet and those first impressions, you’d be forgiven for thinking the Laifen T1 Pro was one of the best electric shavers on the market.
The problem is that, with a shaver, the only thing that really matters is the shave itself, and that’s where the Laifen T1 Po disappoints. I shave twice a week and have fairly coarse stubble, and despite repeated attempts the T1 Pro simply couldn’t deliver a comfortable shave and often snagged on my hairs, which was painful and left me with patchy stubble. You have to limit your expectations a bit with single-blade razors, but I’ve been getting an effective shave with my Philips OneBlade for years, and often I found myself reaching for it to finish up and get the hairs that survived the T1 Pro’s efforts.
This leaves the Laifen T1 Pro in an awkward position. It’s beautifully designed and genuinely pleasant to use in every respect until it comes to shaving, but if I have to reach for a second razor to finish the job, the premium build and thoughtful features become little more than a nice distraction. I’d love to see Laifen revisit the shaving head in a future model because the engineering elsewhere is genuinely impressive, but as it stands I can’t recommend the T1 Pro.
The Laifen T1 Pro launched in September 2025. Listing prices vary but are consistent with other premium shavers. In the US it’s currently selling for around $129, in the UK it’s £149 and in Australia it’s $239. However, it doesn’t come with a case, cleaning materials or anything else so it may feel steep in comparison
The Laifen T1 Pro makes an excellent first impression. Unlike the plastic-bodied shavers that dominate the market, the T1 Pro is built around a CNC-machined unibody aluminium chassis that immediately feels more like a premium gadget than a bathroom appliance. The fit and finish are excellent, while the magnetically-attached shaving head snaps satisfyingly into place and makes cleaning refreshingly simple.
Laifen has also packed in plenty of thoughtful features. USB-C charging means one less proprietary cable to keep track of, an airplane mode prevents the power button from being accidentally pressed in your luggage, and the IPX7 waterproof rating means you can use the shaver wet or dry before simply rinsing it under the tap to clean it up.
The compact dimensions work in the T1 Pro’s favour. It’s comfortable to hold despite the lack of any rubberized grip, and the aluminum body never felt slippery during my testing, even during a heatwave when I was, perhaps a little sweatier than I’d like to admit. Its low weight, just 3.3oz / 93g, makes it easy to use precise movements in the tricky areas like the jawline and around the mouth — areas that can be difficult with larger, clunkier, shavers.
It’s a minor thing, but I found myself squeaking with joy each time I opened the little cap at the bottom of the razor to reveal the USB-C charging port. It’s a small thing, but the cap fits so neatly in and comes away so delicately it sparks joy every time I charged it.
In many ways, the T1 Pro feels like the product of a company obsessed with industrial design. From the premium materials to the magnetic shaving head and clean, minimalist aesthetic, there’s very little to criticize about the hardware itself.
Ultimately, the Laifen T1 Pro lives or dies by the quality of its shave, and that’s where it struggles. I have fairly coarse facial hair and typically shave twice a week, which proved to be a challenge the T1 Pro never really overcame.
Rather than cutting cleanly through my stubble, the shaver frequently pulled at beard hairs, making each shave less comfortable than it should have been. It also struggled to achieve an even finish. Even after several passes, I was often left with patches of missed stubble that required further attention. The trimmer head was more prone to this snagging, but the shaver head didn’t eliminate the problem and also left my skin irritated.
The T1 Pro’s light weight makes it easier to use, but its small size means covering your face takes longer than with a larger foil shaver. As a result, multiple passes quickly became the norm, and each additional pass increased the likelihood of the shaver snagging on thicker patches of hair.
I repeatedly found myself reaching for another razor to finish the job. Not only did it clean up the areas the T1 Pro had missed, but it also did so more comfortably. That’s difficult to overlook given the T1 Pro’s premium price.
The 120-minute battery life is excellent and should last most people several weeks between charges.
Unfortunately, The Laifen T1 Pro looks and feels like a premium electric shaver, but in my experience it simply doesn’t deliver the shave the design promises, which makes it impossible to travel with because I also have to toss a second razor into my bag.
|
Attribute |
Notes |
Score |
|---|---|---|
|
Value |
A disappointing shave that is often painful. |
2/5 |
|
Design |
Beautifully designed with some thoughtful choices. |
4/5 |
|
Performance |
A premium price backed up by the design but not the shave. |
1/5 |
First reviewed July 2026
Sometimes you see a project and immediately, before going into the details, your mind throws up the old refrain: “coulda used a 555” — well, [Hulk] actually agrees when it comes to his ESP32-based, 3D printed roulette wheel. The first version did use a 555, but then feature creep kicked in and the final project ended up with an ESP32 instead. We’ve all been there.
The roulette wheel circuit is retained from the 555 version, with the ESP32 providing clock pulses instead of the venerable oscillator chip — it uses a pair of decade counters to create the chase effect of the LED around the wheel. With a handsome printed enclosure, [Hulk] could have stopped there, but then he’d have to keep track of scoring and the like manually like some kind of dark age peasant. It’s the 21st century, we have computers to to that for us!
Now, even though the ESP32 is still driving the LED chase via the decade counters, it can keep track of where the “ball” of light lands, and reports that via WiFi or serial. While it would have been an option to run the whole game on the ESP32. [Hulk] just has those values put into an SQL database on a server, which also runs the game front-end via PHP. The resulting web page lets two players make their bets and track their wins and losses over time. You can see that in action in the video embedded below.
Overkill? Sure, but we suspect [Hulk] already had the equipment and experience to make this the fastest way to get a playable game. There are easy ways to serve web content from an ESP32, but the easiest tool to use is always the one in your back pocket, right?
JK Rowling has spoken about how she wrote the first Harry Potter book while she was employed at Amnesty International and how much that experience influenced her writing, and how she learned “the power of human empathy” from working there. Rowling was also, you’ll recall, one of the high profile signers of the infamous Harper’s Letter on “open debate.”
Now she’s threatening to bankrupt Amnesty International for expressing an opinion about Beira’s Place, a “women only” charity Rowling created.
Amnesty International UK had released a report, expressing its well-supported opinion about so-called “anti-rights actors,” specifically calling out a number of groups that it believed, through their statements or actions, sought to “restrict human rights by undermining human rights protections in law and practice.” It had a section on “anti-gender” efforts by some groups which have targeted trans rights and pointed out that:
“Human rights are interconnected and mutually reinforcing. When the rights of one group are restricted, protections for others can also be weakened, even where the effects are not immediately visible.”
This should be a fairly non-controversial statement. But, the report named a number of organizations that it deemed to be “gender critical,” which are, in effect, organizations that have — through their words or actions — done damage to trans rights in particular, and the wider LGBTQ+ space.
No matter your stance on any of this, expressing an opinion about an organization should be seen as part of their free speech and… what’s the term Rowling used in the Harper’s letter? Right, “open debate.”
But, no, not here. One of the organizations that Amnesty mentioned was Beira’s Place, which Rowling helped create as an organization to provide support for female victims of sexual violence. However, aligned with Rowling’s transphobic views and campaigning, the organization proudly insists that it is for “women only.” Beira’s Place and the constant verbiage surrounding it about being for “women only” have certainly contributed to the sense that it is another part of Rowling’s transphobic mission to diminish and deny rights of transgender women.
To look at Rowling’s X feed, for example, is to witness a near never-ending stream of gleefully obnoxious and petty attacks on trans people who speak up for their own rights. I’d post examples, but I’d rather not give any more attention to that sort of hateful messaging.
Thus it’s entirely reasonable to have and express the opinion that Beira’s Place and other operations that refuse to recognize the rights of trans women (and trans men) are “anti-rights.” I mean, literally part of Beira’s Place’s messaging to the world has been its anti-trans stance.
After all, as the statement above notes, when you deny rights to one group, you are weakening rights for all. And, look, even if you somehow agree with Rowling, if you actually believed in free speech and “open debate” you should at least support Amnesty UK in expressing their opinion that being anti-trans is being anti-rights.
But Rowling seems to absolutely loathe any actual “open debate” regarding her views towards the trans community. Thus, she spoke out angrily about the Amnesty report, leading to a media fury, and causing the organization to pull it down. She has also demanded an apology and threatened to sue the organization:
Lawyers acting for the centre have threatened Amnesty with court action unless it permanently withdraws the report, publicly apologises to the blacklisted groups and commissions an external investigation into how it came to be published.
The letter said: “The [Amnesty] report has wrongly labelled all associated with Beira’s Place, including those accessing support as anti-rights bigots who are seeking to weaken human rights.
“This is a shocking way to describe those who are seeking help to overcome the trauma of sexual violence. There is no basis for these allegations, and our client, with the support of its founder JK Rowling, will not sit back and allow the reputation of Beira’s Place or those who access its support to be tarnished in this way.”
And to make it clear she seeks to burden Amnesty UK with as many costly lawsuits as possible, she’s offering to fund other organizations that wish to sue Amnesty International UK over this report.

That’s her tweeting:
Should any of the women’s organisations targeted by Amnesty UK’s recent ‘anti-rights’ blacklist wish to take legal action, applications can be made to the JK Rowling Women’s Fund.
So much for free speech and open debate, huh?
Rowling has a right to express her own bigotry and hateful views. But Amnesty International and anyone else should also be able to express their opinion that by her words and her deeds she is doing real harm to the rights of trans people worldwide. But Rowling is making every effort to shut that down.
I am sure that Rowling and her supporters will claim, ridiculously, that because she views Beira’s Place and her other anti-trans activism as “pro-women’s rights” that it is somehow defamatory to call it anti-rights. But that’s why it’s a protected opinion. Whether or not one’s views and actions are pro or anti-rights is, inherently, an opinion.
My opinion is that Rowling is a hateful, angry woman who has done tremendous harm to some of the most marginalized people in the world for no reason at all, and her wink wink nod nod “I’m just supporting women’s rights” bullshit as cover for that is both craven and pathetic. She has contributed to a hateful, anti-rights movement that has put millions of people at greater risk. That she is now seeking to effectively silence and potentially destroy the organization that she, herself, claims was so valuable in getting her to understand the value of human empathy is a particularly sad statement on where her life has taken her.
Meanwhile, I’m still waiting for literally any of her Harper’s Letter co-signers to call out her attacks on the organization’s speech, and threats to their existence for expressing an opinion she doesn’t like. Apparently, that kind of “open debate” is too much?
Filed Under: defamation, free speech, human rights, jk rowling, lgbtq, terfs, trans rights
Companies: amnesty international, beira’s place
The Honda Prologue, you may have heard, is officially dead — a decision the company confirmed to TechCrunch, removing the last all-electric vehicle from the automaker’s U.S. portfolio. The Prologue’s departure signals more than Honda’s EV backpedaling. It also illustrates a broader EV industry retreat from the U.S. market (in stark contrast to the rest of the world).
The demise of the Honda Prologue got us thinking: What other EVs have left the U.S., and why?
The end of the $7,500 federal tax credit had an outsized effect on EV sales in the United States. But there are other reasons behind the winnowing choices, including tariffs, changing consumer tastes, costs, company priorities, and regulatory action. According to data published in July by Kelley Blue Book and Cox Automotive, 247,226 EVs were sold in the second quarter or about 5.8% of the total market. While EV sales grew between the first and second quarters of 2026, they are still down from the same period last year (and before that tax credit ended in fall 2025).
Still Americans are still buying EVs, and there are new EVs entering the U.S. market — the Rivian R2 is one example. And there are signs of a slow recovery. Fourth quarter 2025 sales were 36% lower than the same period in 2024. This year that gap has narrowed, albeit still below sales figures from the previous year. For example, EV sales in Q2 were 20.5% lower than the same period in 2025.
Even with a recovery underway, automakers are pulling the plug on many EV modes. Here are those ones that have left or are leaving. TechCrunch will periodically update this list of EVs that have left, or are leaving, the U.S. market in 2026.

Ah, Afeela we never even knew ya.
The Afeela got its start as the Vision S, a prototype announced by Sony in 2020 at the Consumer Electronics and that ended up being one of the big, surprising reveals of the annual tech trade show. Honda entered the picture in 2022 when the two Japanese conglomerates announced a joint venture; they showed off an Afeela-branded prototype the following year.
In the months and years that followed, there was constant barrage of updates about the Afeela, which seemed to be everywhere, and yet nowhere. It was even displayed at TechCrunch Disrupt one year.
The Afeela, despite the marketing blitz, never made it into production. In March 2026, the joint venture gave up on the two Afeela-branded EVs. The move followed Honda’s decision, announced just a two weeks before, to cancel three EVs planned for the U.S. market.

It was just a couple of years ago that Honda declared its EV ambitions with its O Series, including a mid-sized SUV prototype that debuted at the CES 2025 tech trade show and its futuristic Saloon and Space-Hub concepts the year before. The SUV, which was slated for production at Honda’s “EV Hub” factory in Ohio, was supposed to debut in North America in the first half of 2026.
Honda stopped development of the Acura RDX, Honda O sedan and SUV in March 2026 as part of a major overhaul of the company’s EV plans. The company blamed U.S. tariffs and Chinese competition for the decision.
There was also chatter at the time that Honda was planning to stop production of the Prologue, but there was no official announcement until July 16 when CarBuzz was the first to report that the Prologue program was ending. TechCrunch confirmed with Honda that the Prologue was going out of production.
The death of the Series 0 is difficult to measure since it never went into production. The Prologue represented more grounded goals than the O Series, and one that actually went into production and sold to U.S. consumers. The Prologue was a product of a partnership with General Motors — it is built at GM’s Ramos Assembly Plant in Mexico — and closely related to the Chevrolet Blazer EV. And it did OK for awhile, selling roughly 33,000 units in 2024 and 39,000 in 2025, before the tax credit ended and sales went into a free fall.

The Korean automaker has actually done quite well selling EVs to Americans. But it has made a few changes based on changing economics. In March, the company said it would no longer sell the Hyundai Ioniq 6 in the U.S., a decision that was likely tied to tariffs. The Ioniq 6 is made in South Korean and imported to the U.S., while its Ioniq 5 and Ioniq 9 models are assembled at its Georgia factory.
The company has said it will continue to import its more expensive, lower volume N-model of the Ioniq 6.
Nissan decided last year it would not produce a 2026 model year of its all-electric Ariya SUV for the U.S. market. And it doesn’t appear to be returning. Nissan first unveiled the Ariya in 2020 and planned to start selling it in Japan the following year.
The Ariya was the first all-electric to come out of Nissan since the early EV pioneer introduced the Leaf hatchback a decade ago.

Swedish EV maker Polestar, owned by Chinese automotive giant Geely, has been forced to leave U.S. over the country’s ban on Chinese-connected vehicle technology. Polestar needed specific authorization from the U.S. Department of Commerce to continue importing and selling its vehicles in the United States.
Without it, Polestar has been effectively banned from the United States. The company said it would continue selling its existing stock of Polestar 3 and Polestar 4 vehicles in the U.S., and that it will “continue to support customers, including providing access to its service network.” The Polestar 3 was assembled at a factory in South Carolina and in Chengdu, China.
Volvo Cars, Polestar’s sibling company that is also owned by Geely, did receive the authorization.

Tesla announced in January that it would end production of the Model S sedan and Model X SUV to make way for what the company views is the future. And it’s not a traditional electric sedan or SUV. In Tesla’s view, the future is AI, autonomy, and robots. It’s worth noting that sales of the S and X have fallen steadily over the years as consumers turned to its high volume and cheaper vehicles, the Model 3 and Model Y.
The last Model S and X vehicles rolled off the assembly line this spring. The company recently removed the assembly lines for the S and X at its Fremont, California factory to make room for production of its Optimus robots.

Volkswagen has pulled back on the ID. 4 electric SUV and the ID Buzz.
In April, Volkswagen said it would no longer produce the ID.4 at its U.S. factory in Chattanooga, Tennessee in a shift to high-volume vehicles like its upcoming gas-powered Atlas SUV. The company said, at the time, U.S. customers will be able to buy the ID.4 until the current inventory runs out. VW said it expects U.S. inventory to last into 2027.
To be clear, Volkswagen has said the ID Buzz is merely on a hiatus and will return in 2027. But there is no 2026 model.
There are, however self-driving versions of the ID buzz currently being tested in the United States. Volkswagen subsidiary MOIA America and Uber started testing autonomous microbuses in Los Angeles in April in preparation for a robotaxi service that is supposed to launch in late 2026. When the service initially launches there the vehicles will have himan safety operators.

Volvo decided in March that it would pull its subcompact EX30 and EX30 Cross Country variant from the U.S. market. The company said at the time that production for the U.S. would end sfter the summer. The EX30 had a promising start. It recieved a lot of attention prior to it official entry into the U.S. in 2025, and it was the company’s more affordable EV option.
Volvo does plan to continue selling the larger, all-electric EX60 and EX90 SUVs in the United States.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
London Mayor Sadiq Khan handed a peerage by Keir Starmer alongside 15 other Labour figures… just days before the PM leaves No10
Weekend Open Thread – Corporette.com
The House | The City of London can help the new chancellor deliver growth in every postcode
CFTC blocks Kalshi from unwinding Michigan trades after court order
Young campaigners urge incoming PM to act on outdoor junk food ads
Nvidia Stock Slips After Big Tuesday Rally as Huang Confirms Vera Rubin Chip Is Now in Production Today
Ripple Payments Joins MiCA With 14 Firms, Does It Mean Anything For XRP?
Disney’s Most Ambitious Failed Star Wars Attraction Is Coming to SDCC
Ripple wins EU-wide access as ESMA adds it to MiCA register
Palantir Shares Rise After Expanded Nvidia Partnership and Fresh Analyst Upgrades Ahead of Earnings Day
Get Your ESP32 Sunny Side Up With This Solar Dev Board
XRP BOMBSHELL… XRP OMBOARDED FOR TRANSACTIONS!!!
Injective Submits SEC Transfer-Agent Registration to Onchain Ownership Records
Dark Secrets Emerge When Jailbreaking LLMs
Registration is now open for March for Men with Kev 2026
New Cornerback Enters Vikings Trade Rumor Mill
Money | Class 12 Economics | CBSE Board Exam 2026-27
Banco Bilbao Vizcaya Argentaria, S.A. (BBVA) Discusses Global Macro Environment and Economic Outlook for Core Markets Transcript
Cloudflare Precursor Watches Your Mouse and Keyboard To Decide If You Are Human
Durham County Council to send out electoral registration emails
You must be logged in to post a comment Login