A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela.
The malware was uploaded to a publicly available platform in mid-December from a machine in Venezuela and has been analyzed by researchers at Kaspersky.
Before the cripling stage, the attacker relies on two batch scripts that prepare the system for the final payload by weakening defenses and obstructing normal operations.
According to the researchers, the Lotus data-wiping malware is designed to completely destroy compromised systems by overwriting physical drives and eliminating recovery options.
“The wiper removes recovery mechanisms, overwrites the content of physical drives, and systematically deletes files across affected volumes, ultimately leaving the system in an unrecoverable state,” Kaspersky says in a report today.
Given the timing, the observed activity aligns with geopolitical tensions in the region, which culminated this year on January 3 with the capture of Venezuela’s then-president, Nicolás Maduro.
Around mid-December 2025, the state-owned oil company Petróleos de Venezuela (PDVSA) suffered a cyberattack that disabled its delivery systems. The organization blamed the United States for the incident.
It should be noted that there is no public evidence indicating that PDVSA’s systems were wiped in the attack or details about the nature of the attack.
Kaspersky’s report notes that the attacks begin with the execution of a batch script (OhSyncNow.bat) that disables the Windows ‘UI0Detect’ service, and performs an XML file check to coordinate execution across domain-joined systems.
A second-stage script (notesreg.bat) is executed when certain conditions are met. It enumerates users, disables accounts via password changes, logs off active sessions, disables all network interfaces, and deactivates cached logins.
The malicious code then enumerates drives and runs ‘diskpart clean all’ to overwrite them with zeros. It also uses ‘robocopy’ to overwrite directory contents, Kaspersky found.
In the next phase, it calculates the free space and uses ‘fsutil’ to create a file that fills the disk, making it harder to restore the wiped data.
After preparing the environment for data destruction and performing some wiping actions itself, the batch script decrypts and executes the Lotus wiper as the final payload.
The Lotus wiper operates at a lower level, interacting with disks via IOCTL calls, retrieving the disk geometry, clearing USN journal entries, wiping restore points, and overwriting physical sectors, not just logical volumes.
The malware performs multiple actions, summarized as follows:
Kaspersky suggests that system administrators should monitor for NETLOGON share changes, UI0Detect manipulation, mass account changes, and disabling of network interfaces, which are all precursor activities.
They say that unexpected usage of ‘diskpart,’ ‘robocopy,’ and ‘fsutil’ is also a red flag.
A general recommendation against wipers and ransomware is to maintain regular offline backups whose restorability is frequently validated.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
ZoomInfo beat Q1 earnings but cut full-year revenue guidance by 62 million dollars, announced a 600-job restructuring (20 per cent of headcount), and lost 29 per cent of its stock price as AI-native competitors reprice B2B sales intelligence.
TL;DR
ZoomInfo beat its first-quarter earnings estimates, cut its full-year revenue guidance by 62 million dollars, announced a restructuring that will eliminate 600 jobs, and lost 29 per cent of its stock price in a single trading session. The company reported 310.2 million dollars in revenue, up 1.5 per cent year over year. Adjusted earnings per share came in at 28 cents, beating estimates by nearly nine per cent. None of it mattered. Investors looked at the guidance cut, the 20 per cent headcount reduction, and the 90 per cent net revenue retention rate, and sold.
The stock closed at 4.32 dollars. In November 2021, it traded at 77.35 dollars. ZoomInfo’s market capitalisation has fallen from approximately 25 billion dollars at its peak to under two billion. The company that defined business-to-business sales intelligence is now worth four per cent of what it was three and a half years ago.
First-quarter GAAP revenue was 310.2 million dollars. Adjusted operating income was 109.7 million dollars, a 35 per cent margin. GAAP operating income was 57.9 million dollars, a 19 per cent margin. Cash flow from operations was 114.7 million dollars. Unlevered free cash flow was 119.7 million dollars.
The company closed the quarter with 1,900 customers paying more than 100,000 dollars in annual contract value, up 32 year over year but down 21 from the prior quarter. The net revenue retention rate was 90 per cent. That number compresses the entire story into a single metric. A retention rate below 100 per cent means existing customers are spending less than they did a year ago. At 90 per cent, ZoomInfo is losing ten cents of every dollar of existing revenue annually through downgrades and churn.
Beneath the headline figures, the balance sheet tells a more detailed story. Long-term debt stands at 1.32 billion dollars against 171 million dollars in cash. Unearned revenue, the backlog of contracted but unrecognised revenue, was 479 million dollars. Research and development spending fell 18 per cent year over year to 42.1 million dollars, while cost of service rose 15 per cent to 43.5 million dollars. Interest expense climbed 38 per cent to 13.5 million dollars. Capital expenditure jumped 63 per cent to 24.1 million dollars. Bad debt provisions rose 37 per cent to 5.9 million dollars.
The company recorded 4 million dollars in asset impairments and lease abandonment charges that did not exist a year ago. Restructuring expenses in the income statement were 10 million dollars, nearly double the prior year’s 5.4 million. A litigation settlement cost 3.7 million dollars, up from 900,000 dollars. Goodwill remained unchanged at 1.69 billion dollars, a legacy of the 2019 merger that created ZoomInfo Technologies from DiscoverOrg’s acquisition of the original ZoomInfo.
ZoomInfo repurchased 13.1 million shares at an average price of 6.91 dollars, spending 90.5 million dollars. The buyback consumed more cash than the company’s GAAP operating income for the quarter. When a company spends more on repurchasing its own stock than it earns from operations, it is making a statement about what it believes its shares are worth. Investors, who sent the stock below five dollars, disagreed.
The full-year revenue forecast was cut from 1.247 to 1.267 billion dollars to 1.185 to 1.205 billion dollars. At the midpoint, that is a reduction of approximately 62 million dollars, or five per cent. Prior adjusted operating income guidance of 456 to 466 million dollars was lowered to 437 to 447 million dollars. Unlevered free cash flow guidance fell from 435 to 465 million dollars to 400 to 420 million dollars, a 40 million dollar cut at the midpoint.
Adjusted earnings per share guidance was maintained at 1.10 to 1.12 dollars, but only because the share count dropped from 325 million to 315 million through buybacks. The earnings-per-share number held steady because the denominator shrank, not because the numerator improved.
Second-quarter guidance of 300 to 303 million dollars implies a sequential decline from the first quarter and a year-over-year decrease of approximately 1.7 per cent. The pattern is a company whose upmarket business is growing modestly while its downmarket base erodes. The downmarket segment declined 10 per cent for a second consecutive quarter. Management has stated its goal is to reach an 80/20 split between upmarket and downmarket revenue, effectively accepting that the smaller customer segment will continue to shrink.
CEO Henry Schuck framed the strategy around data and AI: “In a world that is increasingly driven by AI and intelligent automation, ZoomInfo data and our go-to-market context is the ultimate competitive advantage.” The argument is that ZoomInfo’s database of more than 100 million companies and 500 million contacts, combined with billions of intent signals, is the durable asset. The market’s response suggests doubt about whether data alone justifies a premium subscription when AI-native alternatives are assembling the same insights at a fraction of the cost.
On 5 May, ZoomInfo’s board approved the 2026 Restructuring Programme. The company will eliminate approximately 600 positions globally, roughly 20 per cent of its ending first-quarter headcount. Approximately one quarter of the impacted roles will be reallocated to other locations, resulting in a net reduction of around 450 positions. Three hundred and forty employees in the United States, India, and the United Kingdom were notified immediately, primarily in go-to-market and general and administrative functions.
The company will close its entire Israel site by the end of 2026, transferring operations to the United States, Canada, Ireland, and India. Pre-tax restructuring charges are estimated at 45 to 60 million dollars, primarily cash-based, with the majority recognised in the second and third quarters. The programme is expected to deliver 60 million dollars in annual run-rate operating expense savings.
Schuck’s internal email to employees described the restructuring as a plan to simplify operations, accelerate the move upmarket, and reduce resources allocated to the downmarket segment. He noted that the industry is moving toward consumption-based pricing and that the company’s largest enterprise customers are asking for a “deeper, forward-deployed engineering motion.” The savings will be redirected toward the platform, product roadmap, and customer-facing engineering capacity. Impacted employees receive cash severance, some equity acceleration, and subsidised medical premiums in the United States.
The scale of the restructuring is a signal. A company that cuts 20 per cent of its workforce is not fine-tuning. It is reorganising around a thesis that its current structure was built for a market that no longer exists. The 60 million dollars in annual savings is nearly equal to the 62 million dollar revenue guidance cut. ZoomInfo is not just reducing costs. It is trading a revenue line it believes is structurally declining for operating leverage it believes will sustain margins through the transition.
ZoomInfo’s competitive landscape has fragmented. Apollo.io offers a database of more than 275 million contacts with built-in sequencing for 49 dollars per user per month. Clay orchestrates data enrichment across more than 100 providers using waterfall logic, pulling the best available information from ZoomInfo, Apollo, and dozens of other sources automatically. The sales technology stack in 2026 increasingly treats contact databases as interchangeable inputs rather than differentiated platforms.
AI-native enterprise spending surged 94 per cent year over year while traditional SaaS growth cooled to eight per cent. Approximately 285 billion dollars in market capitalisation was erased from software-as-a-service companies in a single 48-hour window earlier this year. The repricing is not unique to ZoomInfo, but ZoomInfo is more exposed than most because its core product, a database of business contacts and company information, is the category most directly threatened by AI agents that can assemble the same data on the fly.
Every SaaS company is building AI features, and ZoomInfo is no exception. Its Copilot product, launched in early 2024, reached 250 million dollars in annual contract value within 18 months. Copilot uses AI to recommend next-best actions, generate outreach, and monitor buyer signals. The product has been the company’s most successful launch. But it also raises the question that haunts every legacy SaaS platform building an AI layer: if the AI is the value, what is the database worth on its own?
Palantir’s earnings arrived in the middle of an AI software sell-off that tested whether any enterprise software company could sustain its valuation against the expectation that AI will compress margins across the industry. ZoomInfo’s answer is a company earning 35 per cent adjusted operating margins while its revenue flatlines, its debt exceeds its cash by a factor of eight, and its stock trades at a fraction of its historical value. The margins are real. The growth is not.
SaaStock, the ten-year-old SaaS conference brand, retired its name and relaunched as Shift AI, a rebrand that its founder described as a response to the post-SaaS era. Seventy per cent of enterprises now demand usage-based or outcome-based contracts. Per-seat adoption has dropped from 21 per cent to 15 per cent of SaaS companies in the past twelve months. Schuck’s own internal email acknowledged the shift toward consumption-based pricing. The conference that celebrated the model ZoomInfo was built on has concluded that the model no longer defines the market.
The case that SaaS is not dead rests on the argument that AI features are additive rather than substitutive, that enterprises will pay more for software enhanced by AI rather than replacing the software with AI entirely. ZoomInfo’s Copilot is evidence for this argument. Its 250 million dollar ACV demonstrates that customers will pay for AI capabilities layered on top of a trusted data platform.
The case against ZoomInfo is that the data platform itself is becoming a commodity. When Clay can waterfall across a hundred data providers and an AI agent can research a prospect in seconds by crawling the open web, the value of a proprietary database diminishes with every improvement in the models that can replicate its output. The retention rate of 90 per cent suggests customers are already making this calculation, spending less each year as cheaper alternatives capture the margin.
Schuck built ZoomInfo from a bootstrapped data company into a platform that peaked at 25 billion dollars in market value. The company still generates more than 100 million dollars in quarterly free cash flow. It is not failing. It is restructuring around a bet that its upmarket enterprise customers and its AI layer will sustain the business while the downmarket base, the segment that made ZoomInfo ubiquitous, erodes. The beat did not matter. The guidance did. The 600 jobs did. The stock at 4.32 dollars is the market’s verdict on what a database is worth in the age of AI agents.
Bonus coupons are driving M5 MacBook Air prices lower this week, with both 13-inch and 15-inch models marked down, including configs with 24GB of RAM and 1TB of storage.
B&H’s MacBook Air sale delivers bonus discounts in the form of in-cart coupons on top of already reduced prices. With both 13-inch and 15-inch models on sale, now is a great time to pick up a thin-and-light notebook that’s was just released and is equipped with Apple’s M5 chip.
Save up to $180 on M5 MacBook Airs
The B&H deals above beat Amazon’s prices for the same systems, but you can find even more discounts in our 13-inch MacBook Air M5 Price Guide and 15-inch MacBook Air M5 Price Guide.
If you’d like to learn more about the M5 release, check out our hands-on M5 MacBook Air review.
For years, security experts warned that AI would eventually give hackers a dangerous new edge. That moment has arrived.
Google’s Threat Intelligence Group has published a report confirming that a criminal hacking group used an AI model to discover a zero-day vulnerability and nearly pulled off a mass cyberattack. Google says it caught and stopped the attack before the hackers could deploy the attack at scale.
The exploit targeted a popular open-source web-based system administration tool, the kind businesses use to remotely manage servers, employee accounts, and security settings.
Had it gone undetected, it would have let hackers bypass two-factor authentication, which is often the last line of defense protecting accounts.
The attackers planned to deploy it in a mass exploitation event targeting multiple organizations at once. Google alerted the tool’s developer in time for a patch to be issued before any damage was done.
The company declined to name the hacking group, the specific software targeted, or which AI model was used, but confirmed it was not Google’s own Gemini.
According to Google, groups linked to China and North Korea have also shown significant interest in using AI tools like OpenClaw for vulnerability discovery.
The Google attack is alarming, but it’s far from isolated. Georgia Tech researchers recently uncovered VillainNet, a hidden backdoor that embeds itself inside self-driving car’s AI and works 99% of the time when triggered.
Meanwhile, a Korean research team showed that AI models can be reverse-engineered remotely using a small antenna through walls, no system access needed. Recently, a group of Discord users bypassed access controls to reach Anthropic’s restricted Mythos model through a third-party vendor environment.
On the defense side, a growing discipline called AI pentesting is emerging to stress-test how language models behave when exposed to adversarial inputs, but the field is still in its early stages.
As part of a push to ensure as many Australians as possible are connected to fast, reliable internet, for the last few years NBN Co has been offering homes that currently connect to the fixed-line network via older copper-based technologies – such as fibre to the node (FTTN) and fibre to the curb (FTTC) – the opportunity to upgrade to superior fibre to the premises (FTTP) technology for free.
Up until now, the FTTP upgrade has been entirely optional for eligible premises, with the only caveat being that would-be upgraders need to sign up for one of the fastest NBN plans through a supporting internet service provider (ISP). However, from July 1, 2026 that latter requirement is being scrapped for certain premises – and the upgrade itself will no longer be optional..
If you’ve been holding out on enacting the upgrade, then your hand may soon be forced, as NBN Co has announced a new Targeted Upgrade program that it says will require 130,000 specific homes and businesses to upgrade from copper-based services to full-fibre technology. The program is currently scheduled to start midway through 2027.
NBN Co says the premises identified to receive the upgrade will start being sent official notifications from July 2027. If your home or business is one of those identified for the program, then there’s no real downside to taking it up – optical fibre NBN connections support massively faster speeds and are generally more reliable than older legacy technologies.
What’s more, in the official press release, NBN Co has made it clear that it plans to eventually disconnect all copper services at the premises the program targets, saying “the first suspensions of legacy copper services where a fibre upgrade order has not been placed are not expected to occur until January 2028.”
In short, if you don’t take up the free upgrade to full fibre, then you’ll eventually be left without a fixed-line internet connection. Reminders will be sent at six months before disconnection, three months before and 30 days before. If you ignore all of them, then your service will ultimately be suspended.
NBN Co adds that safeguards will be in place, however, including “the option to extend or defer before a service is suspended, and case‑managed support, particularly for customers who need additional assistance.”
If you know your home currently connects via FTTN or FTTC technology, then now’s a good time to begin preparing for the upgrade. Even if your home isn’t one of the initial 130,000 selected, it likely will be eventually.
Whether you’re on the list or not, if you connect via a legacy copper tech then there’s a good chance your home is already eligible for an upgrade. If what’s holding you back is uncertainty about what provider to pick, I’ve selected a few of my favourite NBN plans below that make the most of the superior full-fibre technology.
In fact, now’s actually a great time to consider switching your NBN provider, as the yearly price hike is also around the corner, and you can almost always find a better deal if you shop around.
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares.
This technique, created by Kim Dvash of Israel Aerospace Industries, abuses the Windows ‘CreateFileW‘ API and file-sharing modes to prevent other users and applications from opening files while handles remain active.
The GhostLock technique abuses the ‘dwShareMode’ parameter in the CreateFileW() function, which specifies the type of access other processes have to a file while it is opened.
When a file is opened with ‘dwShareMode = 0`, Windows grants the process exclusive access to the file, preventing other users or applications from opening it.
For example, the following code will open the finance.xlsx file in exclusive mode, preventing any other process from accessing it.
HANDLE hFile = CreateFileW(
L"\\\\server\\share\\finance.xlsx",
GENERIC_READ,
0,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL
);
When attempting to do so, Windows will display the following ‘STATUS_SHARING_VIOLATION’ error instead.
The researcher has published a GhostLock tool on GitHub that automates this attack by recursively opening a large number of files on SMB shares. While these file handles are open, new attempts to access the files will fail with sharing violations.
The tool can be run by “standard” domain users, and does not need any elevated privileges to lock files.
This is further compounded if an attacker launches the attack from multiple compromised devices simultaneously, while continuously reacquiring file handles as previous processes are terminated.
However, once the associated SMB session is terminated, the GhostLock processes are killed, or the affected system is rebooted, Windows automatically closes the handles, and access to the files is restored.
Dvash told BleepingComputer that the technique should be viewed primarily as a disruption attack rather than a destructive one, like ransomware.
“Yes, the impact is disruption-based, not destructive. The parallel to ransomware is the operational downtime window, not data loss,” Dvash told BleepingComputer.
While this attack is more akin to a denial-of-service technique, it could be useful as a decoy during intrusions.
Attackers could use widespread file-access disruptions to overwhelm IT staff while conducting data theft, lateral movement, or other malicious activity elsewhere in the environment.
The researcher says that many security products and behavioral detection systems focus on detecting mass file writes or encryption operations. GhostLock primarily generates large numbers of legitimate file open requests, making it less likely to be detected.
“The only observable that reliably identifies this attack is the per-session open-file count with ShareAccess = 0 at the file server layer — a metric that lives inside storage platform management interfaces, not in Windows event logs, not in EDR telemetry, not in network flow data,” explains Dvash.
The researcher has shared SIEM queries and an NDR detection rule in the GhostLock whitepaper that IT teams and defenders can use as a template for detections.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
For years, Google has been accused of harvesting data from Android phones without users’ consent. Following a California lawsuit that was settled for $314 million last year, a new settlement could mean payouts for another 100 million people.
A class action lawsuit alleging “Google caused Android mobile devices to transfer a variety of information to Google without users’ permission, consuming users’ cellular data,” is nearing its end. The two sides in Taylor v. Google LLC (PDF) have agreed to a settlement and have begun resolving it.
Without admitting fault, Google agreed to a preliminary settlement in January, committing to pay $135 million in damages. The settlement website is now live.
The final approval hearing won’t occur until June 23, when the court will hear objections and consider whether Google’s settlement is fair. After that, the court will decide whether to approve the $135 million settlement.
In the meantime, if you qualify and want to be paid as part of the settlement, you can select your preferred payment method on the official website. There, you can find information on speaking at the June 23 court hearing and on how to exclude yourself or write to the court to object by May 29.
As part of the settlement, Google will update its Google Play terms of service to clarify that certain data transfers do occur passively even when you’re not using your Android device, and that cellular data may be relied upon when not connected to Wi-Fi. This can’t always be disabled, but users will be asked to consent to it when setting up their device.
Google will also fully stop collecting data when its “allow background data usage” option is toggled off.
In order to join the Taylor v. Google LLC settlement, you must meet four qualifications:
To set your payment information on the official settlement website, you’ll need a Notice ID and Confirmation Code, which the settlement administrators mailed or emailed to eligible claimants.
The final approval hearing is on June 23, so you can add your payment method until then. The hearing’s date and time may change, and any updates will be posted on the settlement website.
To set your payment method, you’ll need a Notice ID and Confirmation Code from a settlement notification email or letter.
If you choose to do nothing and are eligible, you will still be issued a settlement payment, but not selecting a payment method might increase your risk of not getting paid.
Even if you didn’t receive a notification letter or email, you still might be eligible for a payout from Google. To find out, you can call the toll-free information number at 1-844-655-4255 or email info@FederalCellularClassAction.com. You can also mail a letter requesting more information to: Federal Cellular Class Action, 1650 Arch Street, Suite 2210, Philadelphia, PA 19103.
Watch this: Your Phone is Disgusting: Let’s Fix That
It’s not currently known exactly how much each settlement class member will receive, but the maximum is $100. Payments will be distributed after final court approval and after the resolution of any appeals.
After all administrative, tax and attorney costs are paid, the settlement administrator will attempt to pay each member an equal amount. If any funds remain after payments are sent, and it’s economically feasible, they will be redistributed to members who were previously and successfully paid. If it’s not economically feasible, the funds will go to an organization approved by the court.
Google has updated Gemini for Home so that it no longer acts like a strict parent when you ask it for cocktail recipes. In the past, you may have encountered a message that says “I cannot provide recipes for alcoholic beverages” when you ask the AI assistant for a margarita recipe on Google smart home devices, such as the Nest Hub. Now, Google has updated its safeguards to prevent adult users from encountering filters meant for younger ones.
Adults will “now experience improved availability for general queries, including recipes for age-gated beverages,” the company said in the Google Home support page. If Gemini still isn’t responding when you ask it for instructions on how to make a cocktail, you may have to check you Parental Control settings and your Gemini for Home response filter settings in the Google Home app.
You’ll now also be able to tell Google more easily whether you’re satisfied with Gemini’s responses. On smart displays, you’ll see thumbs-up and thumbs-down buttons following most voice interactions. The company says your responses will help it figure out what it needs to improve.
In addition, Google has enabled faster and more personalized Gemini responses. For instance, if you tell it that your nanny’s name is “Alice,” it will search for a familiar face in your security cam footage if you ask it if your nanny or Alice has arrived. You’ll also be able to ask it for a quick recap on what happened while you were away by telling Gemini to give you a “Home Brief.” Finally, Gemini now acts faster if you ask it to set alarms for you, reducing wait times and the need to repeat your commands.
Photo credit: WSJ
Colin Angle, the co-founder who transformed the humble vacuum into a household staple, left iRobot in 2024 to pursue a new business, Familiar Machines & Magic. His most recent creation, Familiar, a four-legged companion, adds a unique element to living rooms. The prototypes, Daphne and Winston, are about the size of a bulldog. They have soft artificial fur to give them a cuddly appearance, and a touch sensitive layer underneath to detect how people interact with them. Their huge, round bear-cub ears and doe eyes draw them up for a conversation.
These things move using 23 separate joints, allowing them to bob their heads, tilt those little ears, adjust their gaze, and wag a small tail. They travel through the house at a slow pace, following you from room to room and plopping down when they think you’re close. People can touch them on the head or take them up for a squeeze, and the object will respond in a way that makes them feel alive, even if they do not say anything. They simply kind of… sound like they’re purring or emitting small chirps that change on the spot.
All of this is thanks to onboard cameras and microphones that detect tone of voice, posture, and everyday routine. It everything happens on the device, thanks to a small AI that has been trained to understand social cues. They remember what you do every day, notice when you appear off, and change their behavior over time to maintain everything feeling natural and seamless. They’re doing all of this without sending any video or audio clips, unless you choose to provide a small clip or two to help the developers figure out what to fix.
Angle and his team drew on their extensive experience at Disney, Boston Dynamics, and MIT. They blended some of the low-cost strategies they discovered while working on the original Roomba with fresh motion and sound design ideas that have emerged since then. So, what do we get? A robot that does not attempt to walk like a person or do anything other than be a good pet. Familiar keeps low to the earth and simply existing.
In terms of money, expect to spend between $50 and $100 each month for the luxury of having one of these things around. When you consider the cost of food and vet visits for the real thing, it’s not much different than what you’d pay in pet expenditures. Sales aren’t expected to begin until 2027, so don’t get too excited just yet. For now the prototypes serve as proof that everyday homes can welcome a machine built first for company instead of chores.
Between 2000 and 2002 the Fisher Price Pixter was sold to children as an educational handheld toy with a touch screen that enabled drawing and listening to music in addition to cartridge-based games and more. It was followed up by multiple new iterations of the system, but as an ecosystem didn’t last beyond 2007. This has left much of the system in obscurity, with people like [Dmitry] doing their best to reverse-engineer, dump and document what they can, such as recently for the entire range of Pixter devices and most of the games.
One of the reasons why [Dmitri] got interested in the second-generation Pixter Color originally was as a potential PalmOS porting target, which gives somewhat of an idea of how these devices were meant to be used.
With absolutely no remaining known official documentation on how to develop software for the hardware reverse-engineering posed somewhat of a challenge. Fortunately this was made somewhat easier by the Pixter Color using the ARM-based LH7541, but worse by just how much of a minimal ARM7 implementation the SoC is. This was meant to go into a cheap-ish kid’s toy after all.
Where things got wild was that the firmware implements a 16-bit stack-based virtual machine, possibly due to initially having selected a completely different SoC. From here things get even crazier with how audio output is implemented, with [Dmitry] descending into a long-winded rant on this and all the weird things encountered during reverse-engineering.
After the Color Pixter its Multimedia sibling with slightly better SoC was also reverse-engineered, as well as the Classic device that started it all. This particular device uses an 8-bit VM, but a black-blob 6502 processor, which is rather astounding for a 2000-era device, but then again it was meant to be a toy.
In addition to getting a lot of reverse-engineering woes off his chest, [Dmitri] also details how he reverse-engineered and dumped the cartridges, as well as writing emulators to ensure that the Pixter legacy will endure, for better or worse.
Top image: Pixter with opened case. (Credit: Raimond Spekking, Wikimedia)
Why you can trust TechRadar
We spend hours testing every product or service we review, so you can be sure you’re buying the best. Find out more about how we test.
This past week or so, I haven’t been able to stop thinking about Saros. Housemarque’s intense roguelite third-person shooter is a tremendous refinement of its previous work, Returnal (a game I feel is one of this console generation’s best). Yet its harrowing, cosmic horror-influenced narrative elevates it to something especially memorable.
Review info
Platform reviewed: PS5
Available on: PS5
Release date: April 30, 2026
If you’re familiar with Returnal, it probably doesn’t come as a surprise that Housemarque has once again deployed the Torment Nexus for Saros’s doomed spacefarers, and the concept of its protagonist being forced into a seemingly eternal cyclical hell is very much present here. That said, Saros is decidedly more manageable than its predecessor, featuring gameplay and progression systems that allow for a more forgiving experience overall.
Don’t get me wrong, though; Saros is still a tough PS5 game. Strip away all its new systems, and I’d say it’s about on par with Returnal in terms of difficulty. Enemies hit hard, and bosses demand keen focus when it comes to learning and dodging their bullet patterns. You’re going to die a lot in Saros, but given I reached the true ending in a tidy 20 hours, it’s a good bit friendlier to the average player.
A skill tree packed with permanent upgrades — alongside a very clever modifier system unlocked early on — ensures that protagonist Arjun grows steelier with each run. Furthermore, checkpoints placed at the start of each biome mean that, unlike Returnal, you don’t have to play through the whole thing in one flawless run. That alone condenses runs from Returnal’s 2-3 hours to a far more manageable 30 or so minutes, depending on what you’re looking to achieve on each run.
And like its predecessor, Saros is polished to a mirror sheen. Arjun’s movements are fast and snappily responsive. Color-coded bullet patterns instantly communicate the approach you need for each enemy. Weapons are varied and often creative in design and their sub-weapon functionality. And those haptics and adaptive triggers? Simply the best I’ve ever experienced and reminded me that, for all its faults, the DualSense is still capable of wowing me after all these years.
All in all, Saros is very much another slam dunk from a studio that has mastered the art of blending arcade-like trappings with AAA production values. It’s not quite perfect; I wish there were more post-game activities (and no daily challenge system yet, a la Returnal), and there are very (and I do mean very) occasional performance dips on base PS5 hardware. But there’s nothing that puts a serious dent in what I’m sure will be a game of the year frontrunner for many who seek Saros’s yellow shores.
Saros puts you in the role of Arjun Devraj, portrayed by actor Rahul Kohli. Arjun is a member of Echelon IV, a team sent by megacorporation Soltari to the planet Carcosa. Their purpose is twofold: to continue the extraction of a valuable resource called Lucenite, as well as to uncover what happened to the previous three Echelon teams that have made no contact with Soltari since planetfall months ago.
It’s not long before the truths of Carcosa are laid bare. In a phenomenon unique to the planet, it undergoes regular eclipse phases that rapidly advance time. Oh, and people who look directly at the eclipse are driven mad. This is all spelled out pretty early on through collectable audio and text logs left behind by prior Echelon expedition teams. From there, the madness only increases at a rate of knots.
If you’re familiar with Returnal, then you’ll know that there was more to its protagonist, Selene, than met the eye. It’s a similar case with Arjun in Saros. I won’t spoil the finer details here, but there’s still an element of his trauma seemingly manifesting itself in the form of Carcosa’s horrors.
That said, I find Carcosa to be a tremendously compelling setting. Housemarque certainly isn’t shy about its horror inspirations here. Namely, the stunning H.R. Giger-esque architecture left behind by the planet’s former inhabitants, and The King in Yellow, a collection of short stories that revolve around a stage play of the same name, which causes all of its readers to go inexplicably mad. It’s rather on the nose with the latter, actually, but it all serves to create an aggressive brand of horror here that pairs beautifully with Saros’s fast-paced third-person shooting.
Saros, at its heart, is a third-person shooter with roguelite elements. There’s no trudging movement speed or ducking behind cover here, though. Arjun’s default run speed would be enough to set off a highway speed camera, and he can dodge, jump, and air dash on a dime to quickly reposition or blink through incoming projectiles.
It’s a game with myriad arcade sensibilities. Enemies’ primary method of attack is intricate bullet patterns reminiscent of danmaku shoot-em-ups like DoDonpachi Resurrection or Ikaruga. Okay, Saros never gets as intimidatingly screen-filling as that, but I think it does take some inspiration, especially from that latter title.
Best bit
I love Saros for many of the same reasons I did Returnal, but the new Carcosan Modifier system is brilliant to play around with. This is where you can add a bit (or a lot) of extra bite to the game’s difficulty, or give yourself a bit more favor depending on your preferences.
A new addition to Saros is Arjun’s Soltari Shield. Bound to R1 by default, holding the button down produces a protective globe around Arjun that absorbs projectiles, converting them into ammunition for his currently equipped power weapon. As a result, Saros directly encourages you to get stuck into the line of fire. You’ll need to watch out here, though; only blue projectiles can be absorbed without penalty. You can absorb yellow projectiles, but they’ll cause corruption, eating into your maximum health until cleansed with power weapon usage. Red projectiles, meanwhile, cannot be absorbed or even dodged through.
There’s plenty of weapon variety in Saros. From powerful revolvers and close-range shotguns to energy crossbows and auto-targeting smart rifles. You’ll need to use power weapons in tandem with these to deal devastating damage and effectively turn dire situations in your favor. Some are great for immediate single-target damage, while others excel at crowd control, spreading damage-over-time projectiles around the room.
One thing I adore about Saros’s weapons is that they all come fitted with an alternate fire module. By holding down L2 about halfway, your weapon’s behaviour changes. These typically consume more energy, but can do things like turn your shotgun into a grenade launcher, or your energy crossbow beams into a single concentrated blast. My favorite weapon comes a bit later in the game, though; a chakram launcher that embeds blades into enemies, spinning inside them to deal damage when you activate its alt fire. It’s so awesome.
As I said at the top, Saros has a similar difficulty curve to Returnal, but it’s much less mean. Early on, you’ll unlock the ‘Armor Matrix’, a massive skill tree that improves stats and offers various perks (such as a ‘second chance’, allowing you to get back up once when you die) when you pump collectible Lucenite currency into it. A secondary resource, Halcyon, can also be gathered to unlock particularly potent enhancements.
You’ll typically be faced with a boss at the end of a biome. Levels can take around 20-30 minutes per run, depending on how much optional exploration you undertake, and beating a boss will unlock a checkpoint for you to return to upon death. These checkpoints can be teleported to from your home base of the Passage, letting you begin a run from your most recent one, or for returning to older areas for side collectibles like audio logs and Halcyon.
This is probably the main thing that makes Saros a much more manageable beast compared to its predecessor. Returnal (outside of its split halfway through the game) demanded a full run every time. Dying to a late-game boss there often meant 2-3 hours of lost progress. Saros is far more forgiving in this regard, making it a far more accessible game for those who were put off by Returnal’s difficulty and the time investment it demanded.
Fear not if you’re after a meatier challenge in Saros, though. After a few early biomes, you’ll unlock Carcosan Modifiers at your base. This system presents you with a range of modifiers to make your life on Carcosa both easier and more difficult. You can give yourself stronger firepower and better defenses, but you’ll have to balance that out with detrimental modifiers, like the loss of your second chance or more aggressive enemies.
Easy modifiers decrease the number on the scale, while hard ones increase it. There is no upper limit to this, either; you’re free to pack on as many modifiers as you choose, so long as the scale doesn’t dip too far in the easier direction. In short, if you want to bring all the modifiers that make your life easier, you are required to pile up the ones that increase the game’s challenge. It’s a really smart way of increasing difficulty and adds tons of flavor to runs once you have a good grasp on the game.
I found Saros to be a deeply enjoyable game, then, and I didn’t find its additional safeguards and progression systems made it any less when compared to Returnal. But one area where I think Saros surpasses its prequel is in presentation.
It’s one of the most visually stunning games put out by a PlayStation Studios team to date. Biomes are vast and varied, ranging from chalk-like canyons and underground mines to dilapidated docks and swampy marshlands. Draw distance is also remarkable, and you can often see entire levels span out when you look out over a vista. You can even spot landmarks from areas further in the game off in the distance. It’s awe-inspiring stuff.
I would also strongly, strongly recommend bolstering your experience with a pair of headphones. Sound design in Saros feels tailor-made for the PS5’s Tempest 3D audio. Roaring winds and distant alien screams fill the soundstage, while gunshots and explosions all sound satisfyingly chunky. The soundtrack is also a massive highlight for me, blending chaotic synths with wailing electric guitars.
Once again, Housemarque has really put the DualSense Wireless Controller through its paces. The novelty of its haptic feedback and adaptive triggers has long worn off for me, but Saros really surprised me with its usage of these. Things like the pattering of rain and feedback from power weapons echo through the controller’s vibrations accurately and immersively. And the usage of those adaptive triggers to open up secondary fire options is a brilliant touch, as it was in Returnal, too.
To close out, I really have very few complaints from my time with Saros. The game largely holds an impressive 60fps (frames per second) on base PS5, but there was the very occasional slight chug in busier, enemy-filled rooms. It’s never anything game-breaking, though.
Beyond that, I’d really like to see more postgame activities come to Saros. Returning to older areas for collectibles is fun, but it’s currently lacking anything like leaderboards or Returnal’s daily challenge runs. That game did eventually receive a chunky free expansion with new story elements, so I’d love to see the same thing happen again in Saros. Right now, I’ve just been left wanting more, which is hardly a bad thing.
Like most contemporary PlayStation Studios titles, Saros has plenty of accommodating options for gamers of all stripes. Up front, you can disable the Carcosan Modifier limiter if you desire an easier experience, and there’s no penalty or trophy-gating for doing so. Full button remapping is also supported.
There are plenty of colorblind options, too, to the point where you can even change the default color of different projectile types. Meanwhile, subtitle options are robust. You can change their size, color, and background opacity.
Audio options are especially broad. A dialogue priority slider ensures spoken lines aren’t drowned out by other audio sources, and you can fine-tune bass, treble, and the lower and higher ends of dynamic range. There’s even an average loudness setting if you’re hard of hearing or don’t have access to speakers or a surround sound system.
I reached Saros’s true ending in 20 hours of play. In addition to the main campaign, I spent plenty of time gathering optional collectibles and collecting currencies to build up the Armor Matrix skill tree.
I played with a DualSense Wireless Controller on a base PS5, often pairing my play time with the RIG R5 Spear Pro HS gaming headset for more immersive audio. My display of choice is the LG CX OLED TV.
I went into this review with extensive playtime in Housemarque’s previous games, most notably Returnal. It was one of my favorite games in the year it came out, so I was excited and plenty prepared to take on the horrors of Saros using Returnal as one of my frames of reference.
First reviewed April-May 2026
HarrisX Poll Found 52% of Registered Voters Support the CLARITY Act
Weekend Open Thread: Marianne Dress
Upbit adds B3 Korean won pair as Base token gains Korea access
NCP car park operator enters administration putting 340 UK sites at risk of closure
Coffee Break: Travel Steam Iron
Auto Enthusiast Carves Functional Two-Stroke Engine from Solid Metal
What to expect when you’re expecting a budget
Politics Home Article | Starmer Enters The Danger Zone
What to Know Before Buying a Curling Wand or Curling Iron
Ignore market noise, India’s long-term story intact, say D-Street bulls Ramesh Damani and Sunil Singhania
UAE Free Zone Deploys Blockchain IDs to Verify Registered Firms
GM Agrees To Pay $12.75 Million To Settle California Lawsuit Over Misuse Of Customers’ Driving Data
BlackRock CEO Larry Fink Discusses a New Asset Class
Sarah Paulson Called Out For Met Gala ‘Hypocrisy’
Robinhood says Wall Street is building onchain
NBA playoff winners and losers: Austin Reaves is not loving Lakers vs. Thunder matchup, but Chet Holmgren is
Bold and Beautiful Early Spoilers May 11-15: Steffy Revolted & Liam Overjoyed!
General Hospital: Ric & Ava Bombshell – Ric’s Massive Secret Exposed!
Apple and Samsung are dominating smartphone sales so thoroughly that only one other company makes the top 10
The Best Work Pants for Women in 2026
You must be logged in to post a comment Login