A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet.
CVE-2025-29635 allows an attacker to execute arbitrary commands on remote devices by sending a POST request to a vulnerable endpoint, triggering remote command execution (RCE).
Akamai’s SIRT, which detected the Mirai campaign in March 2026, reports that, although the flaw was first disclosed 13 months ago by security researchers Wang Jinshuai and Zhao Jiangting, this is the first time in-the-wild active exploitation has been observed.
“The Akamai SIRT discovered active exploitation attempts of the D-Link command injection vulnerability CVE-2025-29635 in our global network of honeypots in early March 2026,” reads Akamai’s report.
“This vulnerability exists in D-Link DIR-823X series routers in firmware versions 240126 and 24082, and allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to the /goform/set_prohibiting endpoint via the corresponding function, which can trigger remote command execution.”
The researchers who discovered the flaw briefly published a proof-of-concept (PoC) exploit on GitHub, but later retracted it.
Akamai’s observations show attackers are sending POST requests that change directories across writable paths, download a shell script (dlink.sh) from an external IP, and execute it.
The script installs a Mirai-based malware named “tuxnokill,” which supports multiple architectures.
In terms of capabilities, it features Mirai’s standard distributed denial-of-service (DDoS) attack repertoire, including TCP SYN/ACK/STOMP, UDP floods, and HTTP null.
Akamai has also found that the threat actor behind this campaign also exploits CVE-2023-1389, impacting TP-Link routers, and a separate RCE flaw in ZTE ZXV10 H108L routers. The same attack pattern was observed across all of them, leading to the deployment of a Mirai payload.
The impacted devices reached end of life (EoL) in November 2024, so it’s likely the latest firmware available for the model does not address CVE-2025-29635. D-Link does not make exceptions when active exploitation is detected, so it’s unlikely the vendor will provide a fixing patch now.
BleepingComputer has contacted D-Link with questions about the reported activity and the status of the fix, and we will update this post as soon as we hear back.
Meanwhile, users of routers that have reached EoL are recommended to upgrade to a newer model that enjoys active support with frequent security fixes, disable remote administration portals if not needed, change default admin passwords, and monitor for unexpected configuration changes.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
An anonymous reader quotes a report from Reuters: The Gates Foundation opened an external review earlier this year into its engagement with the late financier and convicted sex offender Jeffrey Epstein, the philanthropic group said on Tuesday. The foundation has been mired in controversy due to Chairman Bill Gates’ association with Epstein. A release of emails in January by the U.S. Justice Department also showed communication between Epstein and the Gates Foundation’s staff.
“Early this year, Gates Foundation CEO Mark Suzman commissioned an external review to assess past foundation engagement with Epstein, and our current policies for vetting and developing new philanthropic partnerships,” the foundation said in a statement. “That review is underway, and we expect the board and management will receive an update this summer,” it added. The Wall Street Journal, which first reported the news earlier on Tuesday, said Suzman told staff in a memo, “this is a challenging time for our organization in many ways, but it also highlights the critical importance of taking the tough actions now.” The WSJ also reports that the Gates Foundation will eliminate up to 500 jobs, or about 20% of its staff, by 2030. It said the foundation has a 2026 budget of about $9 billion, but plans to cap operating expenses at $1.25 billion.
Further reading: The Bill Gates-Epstein Bombshell – and What Most People Get Wrong
Self-driving cars promised a future where you sit back, relax, and glide past the gridlock while the car handles everything. A new study from the University of Texas at Arlington has some bad news for that fantasy. According to research, widespread adoption of autonomous vehicles could actually make traffic significantly worse.
Professors Stephen Mattingly and Farah Naz conducted a meta-analysis on how self-driving cars could affect vehicle miles traveled (VMT). Their findings showed an average 5.95% increase in vehicle miles traveled. Non-shared autonomous vehicles pushed that figure even higher, to nearly 7%.
“The rise of AVs could make commuting more convenient, but it may also lead to more pick-up and drop-off activity, more empty vehicle trips, and new costs.”
The logic is simple. When your car can drop you off and drive itself home, or cruise around looking for rides, roads get busier. As Dr. Mattingly put it, “Where will commuters send their car when they don’t need it?” Will it be sent to a parking lot, sent to try to find other riders, or sent home?”
To put it succinctly, the research shows that robotaxis are already causing an increase in vehicle miles traveled, and once their adoption becomes universal, it will put extreme pressure on existing infrastructure. But that’s in the future; if current news reports are anything to go by, the robotaxis are already causing havoc on roads.
For example, Waymo launched in Nashville on April 7, 2026, and within five days, people were posting viral videos of its robotaxis freezing at intersections and driving into restricted zones. In December 2025, a San Francisco power outage left dozens of Waymo vehicles frozen at intersections city-wide.
It’s not only a US-specific issue. Just a few weeks back, dozens of Baidu robotaxis simultaneously stopped on elevated highways in Wuhan, China, stranding passengers mid-traffic for over an hour.
These are just a few examples. Dozens of similar incidents have occurred over the past few months, where robotaxis have gotten stuck for various reasons and caused traffic jams.
This is happening while robotaxis are still largely in trial mode. Multiply this by a factor of a hundred or even a thousand, and it’s easy to imagine how much worse traffic could become in the future.
Dr. Naz summed it up well: “AVs are not inherently good or bad. Their impacts will depend heavily on how they are deployed and governed.” Without smart policy ahead of mass adoption, the self-driving dream risks handing us a shinier, more expensive traffic jam.
If we are to pay that price, autonomous vehicles must clearly demonstrate that they are safer and more reliable than human drivers, which they have failed to do till now.
Hyundai is recalling 294,128 Hyundai and Genesis vehicles in the U.S. over a front seatbelt problem that could become dangerous in a crash, even if the belt appears to work normally in day-to-day driving. The recall is listed by the National Highway Traffic Safety Administration (NHTSA) as 26V218, and Hyundai’s internal campaign numbers are 298-032G. This is yet another major Hyundai seatbelt-related recall in less than a year, which involved over half a million Palisade SUVs. This time, the problem seems to be with the snap-on clip at the base of the front seatbelts, which prevents the seatbelts from being fully secured to the seat frame.
Hyundai estimates that only 1% of the recalled population may actually have the defect. However, the concerning part is that this is not necessarily a problem a driver would notice before a crash. The seatbelt may still buckle, retract, and feel normal, but if the lower anchor is not secured correctly, it may not restrain the driver or front passenger as intended during impact.
So far, the Korean automaker claims it is aware of six U.S. reports connected to the condition, with no known crashes, injuries, or fatalities. That last part is good news, but not assuring enough to ignore the recall; a seatbelt only has to fail once for the consequences to become severe.
The largest population affected by this recall involves Hyundai’s latest Santa Fe lineup. Hyundai says 158,001 gas-powered Santa Fe SUVs from the 2024-2026 model years are included, along with 95,268 Santa Fe Hybrid SUVs from 2024-2026 model years. The recall also includes 35,149 Hyundai Ioniq 6 sedans from 2023-2025 and 5,710 Genesis G90 sedans from 2023-2026.
Owners will need to bring their vehicles to a Hyundai dealer or a Genesis retailer for inspection, where technicians will inspect the front seat belt anchors and add a reinforcement insert on the snap-on lower anchor. If the anchor or seatbelt assembly cannot be repaired with the new insert, the dealers will replace the entire seatbelt assembly itself.
The work will be performed free of charge, even if the vehicle is no longer covered by Hyundai’s new vehicle limited warranty, and Hyundai says it will reimburse owners who already paid out of pocket for repairs related to this recall condition. The official filing does not include a “do not drive” or “park outside” warning, but owners should still check their VINs as soon as possible. To find out if your particular Hyundai is a part of this recall, look up your vehicle’s VIN against Hyundai’s official recall lookup page, or use NHTSA’s VIN search.
alternative_right writes: A new technology has been proposed that could fundamentally solve the issue of smartphones overheating during high-spec gaming or extended video streaming. Researchers at KAIST have discovered the principle of processing signals using the minute vibrations of magnets (spin waves) instead of electrons. This method significantly reduces heat generation and power consumption while enabling instantaneous frequency switching within the several GHz range. This breakthrough is expected to pave the way for smart devices with less heat and longer battery life, as well as ultra-low-power, high-speed computing. Professor Kab-Jin Kim from the Department of Physics said: “This study is a case that proves we can implement and control the nonlinear dynamics of magnons — the principle of information processing using magnetic vibrations — in actual nano-devices, which had previously only been proposed in theory. It will serve as an important foundation for the development of a new information processing paradigm using spin waves instead of electrons.”
The findings have been published in the journal Nature Communications.
NASA’s next eye into the cosmos is due to leave our planet later this year. The agency says it’s targeting an early September launch for the Nancy Grace Roman Space Telescope. Roman (for short) has a field of view 100 times larger than Hubble’s.
The September date is the earliest possible launch for Roman. NASA says it will go up (aboard a SpaceX Falcon Heavy rocket) no later than May 2027.
The Nancy Grace Roman Space Telescope, named after NASA’s first chief astronomer and “mother” of Hubble, was introduced in 2016. (Back then, it was known as the Wide Field Infrared Survey Telescope, or WFIRST.) The telescope’s mirror is roughly the same size as Hubble’s, but it can capture sections of the sky at least 100 times larger than its predecessor.
NASA
“Roman will work in tandem with NASA observatories such as the James Webb Space Telescope and Chandra X-ray Observatory, which are designed to zoom in on rare transient objects once they’ve been identified, but seldom if ever discover them,” Julie McEnery, Roman’s senior project scientist, said in 2023. “Roman’s much larger field of view will reveal many such objects that were previously unknown. And since we’ve never had an observatory like this scanning the cosmos before, we could even find entirely new classes of objects and events.”
After leaving our atmosphere, Roman will set course for a vantage point nearly 1 million miles from Earth. There, it will rely on a pair of instruments to study space. The first is a 300.8-megapixel camera that captures light from visible to near-infrared. There’s also a high-contrast coronagraph that will allow it to capture exoplanets that would otherwise be blocked by starlight.
Roman’s mission: “to settle essential questions in the areas of dark energy, exoplanets and astrophysics.” Despite decades of study, astronomers know surprisingly little about dark energy, which makes up about 68 percent of the universe’s contents. And while scientific discoveries are cool and all, you’ll be pleased to know that Roman is also sure to beam back more dazzling pictures of our cosmos.
If you wanted to record yourself playing on a GameCube, you could use a VCR to capture the video output on tape. But there is a more interesting way to do it—which is precisely what [jiinurppa] built GameCube bot for.
The concept is simple—GameCube bot is a small device that captures controller inputs and records them to an SD card. It can then play them back on command, allowing it to recreate gameplay as it happened the first time right on the console. A Raspberry Pi Pico is the brains of the operation, which is able to intercept signals from a standard GameCube controller. It’s paired with the aforementioned SD storage as well as an ST7735 display for showing status information. The device records in the DTM (Dolphin TAS Movie) format, which can be played back on the device when hooked up to a GameCube console, or in emulators like Dolphin itself.
[jiinurppa] notes that the device isn’t accurate enough to use for tool-assisted speed runs. Most notably, small errors in optical drive reads can lead to desyncs compared to the original machine state that make frame-accurate replays impossible. Still, it’s a neat build that can be useful for capturing game play and later analysis.
We’ve explored the world of Tool Assisted Speedruns before, though this device isn’t directly applicable to that world. Video after the break.
A group of third grade students gather around a board game on a Wednesday afternoon in a Charleston classroom, grabbing game pieces, discussing potential moves and reading out playing cards. The games are not Monopoly, Sorry, or any others of yore – they’re focused on identifying, and boosting, students’ strengths and weaknesses.
It’s part of a shift in school districts’ gifted and talented programs. While many programs focused on a small group of high achieving students, instructors across the nation are now focusing more on inclusion, using data to help them zero in on students’ talents, a method that has the potential of capturing more students for advanced instruction.
For Vanessa Hill, the gifted education coordinator for Amphitheater Public School District in Tucson, Arizona, focusing on strengths and weaknesses helps to solve what she sees as a universal problem with gifted identification.
“Something I’ve been thinking deeply about that tends to be a universal problem is that gifted identification does not match the metrics of your district,” says Vanessa Hill, the gifted education coordinator for Amphitheater Public School District in Tucson, Arizona. “I’m constantly thinking of that, so our demographics can get closer. This new tactic is about exposure to critical thinking and reasoning – what does that look like, how to reason through a problem?”
Re-assessing the methods and ultimately changing the definition of “gifted” comes as some question the value of standardized tests and a push-and-pull to diversify programs.
The gifted and talented programs run the gamut of names and acronyms depending on the district, including advanced learning program, TAG (talented and gifted), LEAP (Learning Enrichment Alternative Program) or REACH (Realizing Excellence through Academic and Creative Help), among others.
Regardless of the name, the program has undergone several major shifts over the last few decades. Schools previously often only selectively tested students, often at the behest of involved parents or by a teacher recommendation. That brought a large amount of inequity in the programs, with many moving to a universal screening practice. Some states, including Washington and Missouri, made it a state mandate to test all students while in elementary school. The screening practice itself evolved from an IQ test to aptitude and ability tests, though how accurate those are is up for debate.
“Society is really unequal along socioeconomic and racial and ethnic lines, and these tests are just reflecting that,” says Scott Peters, director of research consulting at NWEA, a nonprofit education assessment organization. “You can change tests all day long, but at the end of the day, you can’t give some kids three years of $40,000-a-year preschool and also wonder why this kid that’s never been to school until first grade doesn’t do as well.”
Often, schools’ gifted and talented programs do not represent their overall school population and instead skew heavily toward white and Asian students. Zohran Mamdani, the widely-watched mayor of New York City, made it part of his platform to phase out gifted and talented programs because of the inequity.
“Ultimately, my administration would aim to make sure that every child receives a high-quality early education that nurtures their curiosity and learning,” he said in a 2025 statement to the New York Times.
There is no silver bullet test that accounts for inequality and a child’s upbringing, although Peters said when factors such as income, race and other equity gaps are controlled in tests, most inequities disappear.
“This isn’t a factor of, ‘Oh, there are students of color scoring high, but they’re still not getting in,’” he says. “It’s that there’s not enough students of color scoring high because of that larger societal inequality issue.”
Because of the often-skewed gifted and talented population, schools are shifting toward “talent development” with all students, versus focusing on strengthening some students’ already solid skills.
“Because of the baggage of the past, we’re moving toward a new perspective where we’re identifying the strengths of students — whether academic, social or emotional — versus people for a program,” says Kristen Seward, clinical professor in gifted, talented and creative studies at Purdue University. “And I think this twist in how we approach education as gifted researchers is going to benefit everybody.”
Developing talent for gifted programs, much like the name itself, varies depending on the district. Seward says many teachers have enriched curriculums, which enhance things like vocabulary, science and social studies — topics that have been put on the back burner over the years in favor of standardized testing. Teachers are trained to spot students’ strengths and respond to those, which in turn, helps with students’ weaknesses.
For example, if a student has a strong vocabulary but struggles in math, the teacher might focus on math vocabulary during math class to put the lesson on a level the child understands.
Photo credit/Vanessa Hill
“I don’t want it to turn into a thing where the teacher is the gate, and if they don’t open the gate, then the students don’t get identified – which has been a problem,” Seward says. “We have to train teachers to be talent scouts, presenting the enriched curriculum. Hopefully it’s not something additional, but something they’d naturally do in their role.”
Elizabeth McLaurin Uptegrove, now the assistant academic director in Charleston County School District, created a “strength or stretch” system that involves the games the students played in the aforementioned classroom. When Uptegrove first arrived in Charleston’s school district, South Carolina used to require all second grade students be tested for the gifted and talented program. But after that year, selection changed to a nomination system.
“Which sounds elitist, and it is,” she says, adding white, affluent children were three times more likely to be in the programs.
She pushed for universal testing again for all fourth grade students, which yielded three times as many students identified as gifted, jumping from 40 fourth graders to 150 across the district. Several schools across the country have adopted similar strength-or-stretch systems.
But Uptegrove’s efforts go beyond identifying candidates for gifted programs through teacher observation: her game-based system uses data. With the aptitude test, there are verbal, quantitative and nonverbal subsections. The tests indicate if a child is low or high achieving in those areas. Then the children are placed in groups with those of similar abilities to play games that can enhance those skills.
Photo credit/Elizabeth McLaurin Uptegrove
“Typically a teacher is not very well-equipped to come up with activities or lessons that can actually reach their level of thinking ability and games do that really quickly, in a way that’s not as boring for children as a typical worksheet,” Uptegrove says. “That’s where the magic of the games comes in. We’re making rigorous, hard thinking almost irresistible so students are willing to do the activity for longer.”
Hill, the Arizona-based education coordinator, initially implemented Uptegrove’s game strategy across third grade classrooms in five schools: three Title 1 schools and two non-Title 1. She says the schools that have the strength or stretch program in place have higher passing rates of “proficient” or “highly proficient” scores than those who do not.
“To me, it’s the difference between being a passive learner and active learner; by being able to engage in the games, it’s more active learning,” Hill says. “You raise the exposure to critical thinking and are taught to apply those skills to any situation, whether it’s on an achievement test or on the playground with a friend.”
Both researchers and teachers acknowledge the “talent development” approach to gifted and talented programs is far from perfect. It is often costly, whether it is buying the games, instilling teacher training or taking out time from testing. Hill pointed to four schools within her district that are closing this year because of financial constraints.
“Ordering the games is no small cost; I feel so blessed it’s that level of importance that we will find the funds,” she says. “As far as critical thinking games, yes that was missing. It is a hole we were filling. I think that while the core curriculum is doing its best, it can oftentimes be a bit surface level.”
Uptegrove agrees, saying she believes the talent development method is becoming more popular, but “there’s a long way to go in belief and funding for it.”
Peters, who has long studied the best educational methods and practices, believes the shift in gifted and talented is a good step. But he has concerns about the larger moves needed for lasting impact.
“It’s easy to have a 30-minute gifted program; it’s hard to have a second through eighth grade math development pipeline involving everyone in the school,” he says. “And advanced learning isn’t enough of a priority for most schools.”
How powerful is AI? Enough that Anthropic, a leading AI company, announced earlier this month that its latest AI model, Claude Mythos Preview, would be available only to a limited number of businesses due to security concerns — at least for now.
Claude Mythos Preview was designed for general use, Anthropic says, but during testing, the company found it extremely effective at identifying vulnerabilities in the security systems of all types of software, creating potentially massive security concerns.
So far, Anthropic is sharing the Mythos Preview model with a handful of major tech companies and banks through a program called Project Glasswing, intended to give them an opportunity to shore up any existing security vulnerabilities and get ahead of potential hacking attempts that the model could identify.
To get a better sense of what Claude Mythos Preview represents and the potential threat it brings to online security, Today, Explained co-host Sean Rameswaram spoke with Hayden Field, senior AI reporter at The Verge.
Below is an excerpt of their conversation, edited for length and clarity. You can hear the full episode wherever you get podcasts — including Apple Podcasts, Pandora, and Spotify.
Mythos is [Anthropic’s] newest AI model that they designed to be a general-purpose AI model like any other. But what they realized when they were working on it was that it had these special skills that they didn’t really anticipate. It was really good at cybersecurity. It found high-stakes vulnerabilities in virtually every operating system.
That’s pretty bad if you are using that as a hacker. And to have a blueprint for a list of every big gap and insecurity and vulnerability on all these really, really high-profile systems, you’re going to be having a list of everything you could do to take those systems down or exploit data.
They realized that they better not release this to the general public because it could fall into the wrong hands. And they instead handpicked a select few organizations that are responsible for critical infrastructure to release it to so they could plug those gaps in their systems instead.
You’ve heard of many of the companies that currently have and are using Claude Mythos: Nvidia, JP Morgan Chase, Google, apparently a few dozen more that build or maintain critical software infrastructure. How does it actually work?
Since they built it as a general-purpose model, it probably works like any other model in that you’re using it and prompting it to flag all the vulnerabilities in your system.
Maybe you’re Google Chrome, and you’re looking for specific, niche parts of the browser that you think may have some vulnerabilities. You’re basically prompting the model to flag all these really high-profile gaps to you and your security, and then you’re taking that and plugging it up on your own.
A hacker would actually use it in the same way. If it fell into the wrong hands, they’d be like, “Yeah, tell me all the vulnerabilities here.” And then they’re going to take it off the platform and use that for something nefarious. So it’s basically about who is prompting the system and what their motives are.
It’s as easy as saying, “Hey, Claude, tell me how this banking system might be vulnerable.” And then Claude thinks about it for a minute, and it spits out a bunch of answers.
And do we know that the Googles and Nvidias of the world are actually using this technology?
Yes. Part of the reason that Anthropic released this is they wanted these organizations to report back on exactly how Mythos worked and what it did to plug up the vulnerabilities and the gaps in their system. It’s an information-sharing thing.
They’re letting these companies use it to test out how well it does to plug up all these high-profile gaps, and then they have to report back to Anthropic about how it worked.
How is Anthropic choosing who to share this technology with?
I actually asked them that. They’re essentially looking for cyber defenders or companies that a lot of people depend on, and that downstream it would be a huge issue if they got hacked in any way, shape, or form.
JP Morgan Chase is a great example. Anthropic has also offered this technology to the government.
Do Anthropic’s competitors have similar tools? Are they presumably working on similar tools?
OpenAI is apparently working on a similar tool. Anthropic itself has said this isn’t something that they deem they’ll be in the lead on for too long. They think labs anywhere in the world may release this technology in the next three months, six months, 12 months.
It seems like, sometime in the next 12 months, this is going to be out there. And so that’s why they wanted to release Mythos now, so that companies and banks could get ahead of all the hacks that may be coming down the line, when similar types of technology are released to the general public, maybe months from now.
If this is so dangerous and there’s so many potential risks, is anyone having a conversation about just not releasing tools like this and just sort of shutting it down, keeping it internal?
That is a really great question. I’m so glad you asked, because not enough people ask whether an AI system should actually be released or used for certain things. Right now, we’re seeing a lot of one-size-fits-all, throw-it-at-everything type of integration. And a lot of times AI is not the answer for things.
With this, though, people tend to agree that it is something that’s needed right now. AI is already out there helping cyberattackers really step up their attacks. And we’ve been seeing that intensify over the past year. People seem to agree that you need AI to fight AI cyberattacks, essentially.
It’s kind of like medieval fortresses, where you’re adding extra stones and building up the walls at the fortress higher because a war is coming. That’s the sense I get when I talk to these experts about this. They know it’s coming. It’s just, ‘Try to shore up your defenses now so that you’re best prepared.’
Business laptops are a niche that suits only a few, but if there were one laptop you could do every single job with, it’s the ExpertBook Ultra. This laptop debuts Intel’s Panther Lake processors in India, and they pack serious performance not only in the CPU but also in the graphics department, with the Taiwanese laptop maker claiming GPU performance similar to the RTX 4050 on the ExpertBook Ultra, which weighs less than 1kg. Here’s everything you need to know about it.
Asus is pitching the ExpertBook Ultra as its most premium business laptop yet, and it’s easy to see why. It features an ultra-light design starting at just 0.99 kg and is built using magnesium-aluminum alloy. We took the Ultra for a spin at the launch event, and it looked beautiful. The finish shimmers in sunlight, making the whole experience even more premium.
Open the lid, and you’re greeted by a beautiful 3K Tandem OLED display that nails the colors and delivers deep blacks. But that’s not actually the highlight. The highlight is the 1400-nit peak brightness in HDR mode, which keeps the display legible even in direct sunlight. The nano coating also keeps the panel smudge-free.
Under the hood lie Intel’s latest Core Ultra Series 3 processors, along with an integrated AI engine (NPU) to handle on-device AI workloads. While we are yet to test the performance of the ExpertBook Ultra, Asus’s demos have set expectations very high, as their benchmarks show the laptop topping the charts among other laptops. The processor can be coupled with up to 64GB of LPDDR5X RAM and 2TB of M.2 2280 NVMe PCIe 5.0 SSD.
Graphics are handled by the Intel Arc B390, which Asus says offers performance comparable to the RTX 4050. The company also ran a series of benchmarks comparing the two in a variety of games. The ExpertBook Ultra is run by a 70WHrs battery with a claimed all-day battery life of up to 26 hours.
Alongside the Ultra, ASUS has expanded its ExpertBook P series with new models like the P3 and P5, targeting a wider range of business users.
These laptops will deliver scalable performance and AI capabilities for professionals and small- to medium-sized businesses. ASUS says the goal is to provide flexibility across configurations while maintaining strong performance and reliability.
The ASUS ExpertBook Ultra is now available for pre-order on Flipkart, starting at ₹2,39,990. Pre-order offers include extended warranty, accidental damage protection, bank discounts, and bundled subscriptions. Meanwhile, the ExpertBook P3 starts at ₹94,990, while the P5 is expected to launch soon with a starting price of ₹2,14,990
Chinese coffee brand Luckin Coffee has been in Singapore for only three years, but it has established a strong foothold in the city-state. It expanded by 30 stores over the past year, bringing its total number of outlets here to 81.
This is despite offering its coffee at heavily discounted prices and reporting losses amounting to RMB¥47 million (S$8.8 million) in Singapore in 2024, all the more notable in the context of Singapore’s notoriously tough F&B landscape.
What, then, goes into the Chinese brand’s playbook for expanding in such a challenging market?
Luckin’s pricing power comes from a scale few café operators can match.
With over 30,000 stores globally—more than Starbucks—the company benefits from massive purchasing volumes that significantly reduce its cost per cup, enabling retail prices as low as S$4, and even promotional offers such as S$0.99 coffee for first-time users.
In 2024, Luckin Coffee signed its largest procurement deal in the brand’s history—a five-year agreement to purchase 240,000 tonnes of Brazilian coffee beans starting in 2025, valued at RMB¥10 billion (S$1.87 billion).
CEO Guo Jinyi has also claimed that the company accounted for 40% of China’s total coffee bean imports and 60% of Brazilian coffee bean imports into China in 2024. At this level of purchasing power, Luckin is likely able to secure significantly lower costs compared to most café operators.
Cost efficiencies also extend beyond coffee beans.
In 2025, low-value consumables such as packaging materials and straws cost the company just RMB¥210 million (S$39 million) across its entire 30,000 store network. This translates to roughly S$1,307.64 per store per year, or about S$3.58 per store per day.
Since 2021, Luckin has also reduced costs by cutting reliance on third-party suppliers and building more of its own production capabilities.
It has opened in-house intelligent roasting plants in Fujian and Jiangsu, which have an annual roasting capacity exceeding 45,000 tonnes.
In Aug 2024, Luckin also broke ground on an Innovation and Production Centre in Qingdao with a total investment of approximately RMB¥3 billion and an expected annual roasting capacity of 55,000 tonnes.
According to its 2025 annual report, another roasting facility is under construction in Fujian. Once all four are operational, total roasting capacity will far exceed the 155,000 tonnes per year target.
This vertical integration allows Luckin to control more of its supply chain in-house, reduce intermediary costs, and ultimately lower overall production expenses across its store network.
Ever struggled to find a seat at a Luckin Coffee outlet? That’s by design. Most Luckin stores are intentionally small to keep operating costs low.
Around 99% of its outlets are compact pick-up stores of 20–60 sqm, with limited or no seating. These stores are strategically located in office buildings, commercial districts, residential neighbourhoods, and university campuses, allowing the brand to expand rapidly while keeping rental and renovation costs low.
In fact, store pre-opening expenses accounted for just 0.2% of total operating expenses in 2025.
In Singapore, this format provides a clear advantage: smaller units mean cheaper leases compared to full-format cafés, which is especially crucial in a market where retail rents are notoriously high.
Beyond its physical footprint, Luckin’s digitalised operating model also enables a leaner cost structure. The company operates on an app-first system where customers order and pay entirely through its own platform.
This reduces reliance on cashier staff, lowers the risk of order errors, and allows for highly targeted in-app promotions and personalised marketing to users.
Besides its own app, Luckin Coffee is also available on third-party delivery platforms. According to its 2025 annual report, delivery orders doubled from 17.1% of total orders in 2024 to 34.7% in 2025 across its whole network, which shows that Luckin is extending its reach beyond its physical store footprint.
Even with lower set-up costs, opening 30 stores in Singapore within a single year might seem aggressive. However, it’s not as capital-intensive as it might appear for the coffee giant under its operating model.
In Singapore, many outlets are run with franchise partners. These partners pay upfront fees and take on much of the setup and operating costs themselves. This means each new store is not fully funded by Luckin, helping the brand scale more quickly with less direct capital outlay.
At the same time, any remaining losses in overseas markets are effectively absorbed by its much larger China business.
In financial year 2024, Luckin’s Singapore operations reported losses amounting to RMB¥47 million (S$8.8 million).
However, this is small in the context of the group.
In 2024, Luckin generated over RMB 34.5 billion (S$6.4 billion) in revenue overall, alongside approximately RMB¥3.5–3.9 billion (S$653-S$728 million) in operating profit driven primarily by its China business. Against that scale, Singapore’s losses are effectively marginal.
Singapore is not a profit centre for the group, but part of a longer-term international expansion strategy.
From America’s Starbucks to China’s Cotti Coffee, and even local coffee houses, the competition for market share amongst coffee brands in Singapore is nothing short of steep, as Singaporeans have so many options to choose from.
So what makes one choose Luckin over other specialty coffee shops and those at our local coffee shops?
While Luckin’s coffee doesn’t start from RMB 10 (S$1.87) per cup as it does in China, at S$4.80 for an Americano, it is still cheaper than many other café operators, including Starbucks, where prices start at around S$6.30.
This also does not account for the personalised discounts Luckin offers to users who order through its mobile app.
Luckin CEO Guo shared why Singapore was specifically chosen as the next big market for Luckin:
Singapore serves as a critical testing ground for building our brand, refining our operational systems, and understanding overseas business models.
The city-state serves as Luckin’s launchpad into Southeast Asian countries, where it shared that it will adopt a franchise model.
While individual 2025 figures for Luckin’s Singapore operations are not available and are grouped with those of Malaysia and the United States after further expansion, the coffee giant shows no signs of slowing down.
In China, the journey from loss-making in 2020 to an explosive market leader took Luckin roughly five years. In Singapore, a city-state of six million people with a coffee shop on nearly every corner, the competition is steep.
But for Luckin, the steep competition is precisely the point—if the model works here, it can work anywhere in Southeast Asia.
Featured Image Credit: Sentosa/ Tatler Asia
NWFL Suspends Two Players Over Post-Match Clash in Ado-Ekiti
Weekend Open Thread: Theodora Dress
Palestine barred from entering Canada for FIFA Congress
NBA Analyst Charles Barkley Chimes in on Ice Spice McDonald’s Fiasco
Powerball Result April 18, 2026: No Jackpot Winner in Powerball Draw: $75 Million Rolls Over
Auto Enthusiast Scores Running Tesla Model 3 for Two Grand and Turns It Into Bare-Bones Go-Kart
Zack Polanski demands ‘council homes not luxury flats for foreign investors’
Russia Pushes Bill to Criminalize Unregistered Crypto Services
Gary Stevenson delivers timely reminder to register to vote as deadline TODAY
Disabled people challenge government SEND proposals over segregation concerns
Making troops accountable for war crimes threatens US alliance, ex-SAS colonel warns
Rolls-Royce Voted UK’s Most Iconic Trade Mark as IPO Register Hits 150
Creo Medical agree sale of its manufacturing operation
Russia Introduces Bill To Criminalize Unregistered Crypto Services
Starmer handler McSweeney to be dragged from shadows by Foreign Affairs Committee
Zack Polanski responds to home secretary’s taser threat
Wings Over Scotland | How To Get Away With Crimes
Kelp DAO rsETH Bridge Hack Drains $292M as DeFi Losses Top $600M in Two Weeks
‘Iran is still a nuclear threat’
Cheaper Doritos and Lays helps PepsiCo win back struggling snackers
You must be logged in to post a comment Login