TL;DR
A former Wisk Aero software manager is suing the Boeing subsidiary, alleging she was fired for flagging cuts to FAA-required testing.
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs with stealthy, custom-developed credential-stealing code.
The malware is delivered in two stages. The first is distributed in a disk image that masquerades as Maccy, a clipboard manager for Macs. It’s compiled as AppleScript that is notable for the way it delivers the second stage. The malware is named PamStealer because the Rust-written infostealer uses the Pluggable Authentication Modules interface built into macOS to validate the target’s login password before sending it to an attacker-controlled server.
The use of both disk image and AppleScript is common in malware for Macs. More unusual is the way PamStealer combines them to gain stealth. When the AppleScript is double-clicked, it’s opened in the macOS Script Editor, where the malicious functionality is buried deep within the file.
“Rather than relying on shell commands such as curl or zsh, the AppleScript executes a self-contained JavaScript for Automation (JXA) downloader that retrieves and stages the payload using native Objective-C APIs,” researchers from Jamf, a security firm for macOS users, wrote. “Combined with a Rust-based second stage and a password capture workflow that validates credentials locally through PAM, the result is a quieter execution chain than we typically observe in commodity macOS stealers.”
When a user, expecting to install a trustworthy clipboard manager, encounters the disk image, they’re prompted to press Command-R immediately after double-clicking it. This command executes malicious code inside the AppleScript directly. It also allows the execution to bypass com.apple.quarantine, a macOS attribute that provides warnings and restrictions when executable files have been downloaded from the Internet.
As Jamf explained:
PamStealer combines a recently emerging delivery surface with a less familiar payload. While the clickable .scpt and Script Editor lure build on tradecraft that is already gaining adoption across the macOS threat landscape, the malware distinguishes itself through a self-contained JXA dropper, a Rust-based second stage, and a password capture workflow that validates credentials locally through PAM before harvesting them. That second stage puts considerable effort into staying hidden, masquerading as Finder, encrypting its command-and-control traffic, and holding back prompts like the Full Disk Access request for as long as forty minutes so its activity does not line up with launch. Together, these behaviors illustrate how commodity macOS stealers continue to evolve, adopting quieter execution chains and native implementations that reduce traditional detection opportunities while remaining compatible with standard macOS features.
The first stage puts its payload inside an app bundle that impersonates real components built into macOS. The component changes from sample to sample of the malware. Finder.app under com.apple.finder.core or com.apple.finder.monitor, and a Software Update.app under com.apple.security.daemon, are two examples. In either case, they run hidden. They also display macOS’s genuine Finder.icns as its icon.
An anonymous reader quotes a report from TechCrunch: WhatsApp this week started rolling out username reservations ahead of the broader launch planned later this year. The feature — which lets people find and message each other by handle instead of phone number — is already raising impersonation concerns, drawing scrutiny from security experts and regulators in India, the app’s largest market, with more than 500 million users. The rollout marks a shift in how people identify one another on WhatsApp. Instead of relying on phone numbers as the primary identifier, users will increasingly interact through platform-managed usernames, a change that Meta says improves privacy but that critics argue could create new opportunities for impersonation.
[…] Asked about how it protects against impersonation, Meta told TechCrunch it reserves usernames for public figures, government entities, and “some variations” of those names so only the legitimate owner can claim them. The company did not explain, however, how it decides which lookalike usernames get proactively reserved and which don’t. The concerns have already reached regulators in India, where cyber fraud schemes frequently exploit messaging platforms to impersonate police, banks, and government officials. […] Rachel Tobac, chief executive of SocialProof Security, called usernames a net privacy gain because they reduce the need to share phone numbers, which can expose users to SIM-swap attacks, phishing, and account takeovers. Still, she said, lookalike usernames still create opportunities for impersonation. “Ultimately, usernames are a great idea to avoid leaking your phone number to folks you don’t know, but it’s important to verify identity with the username function too,” Tobac told TechCrunch. Her advice for most users: Pick a username that isn’t easily guessable, so it’s harder for attackers to find you, message you cold, or harass and spam you.
[…] The Mozilla Foundation said the introduction of usernames is likely to bring new tradeoffs. “Increased scams and impersonation from fake handles are potentially a big one,” it told TechCrunch. “Checking a phone number can be a useful verification tool, but these harms are also permitted by the platform’s fundamental design choices.” Mozilla also flagged a broader interoperability question — one worth logging if you’re building on top of, or competing with, Meta’s ecosystem. While letting users claim their existing Facebook and Instagram usernames may cut down on impersonation, it also shows how easily Meta can stitch identity together across its own apps, even as users still can’t take that identity, or their contacts, to a rival platform. For now, WhatsApp says it is taking a gradual approach to the rollout. “We’re taking our time and listening to feedback so that when it rolls out later this year we get it right,” the company said in its FAQ.
An anonymous reader quotes a report from The Guardian: Researchers who tracked more than 90,000 people over a decade found that sitting or lying down while awake for more than 30 minutes in one period each day was associated with an increased risk of cancer death. The risk increases for every additional hour of continuous inactivity, the findings suggest. However, the researchers also found breaking up periods of sedentary behavior longer than 30 minutes with bursts of physical activity could help reduce the risk. Getting up every half-hour, even for a short walk around the office, could do wonders for your health, they said.
[…] The findings, published in Plos Medicine, focused on the health effects of prolonged sedentary behavior on a daily basis. […] The team analyzed data from wearable devices worn by more than 91,000 UK Biobank participants, who were followed for an average of 12 years. The findings suggest prolonged inactivity lasting more than 30 minutes was associated with cancer risks. Each additional hour of prolonged inactivity every day was associated with a 10% increase in risk of cancer death. However, replacing long spells of inactivity with movement appeared to reduce that risk. Substituting one hour of sedentary behavior each day with light physical activity, such as ironing or washing up, was associated with a 12% lower risk of cancer death.
Replacing 30 minutes of inactivity each day with 30 minutes of moderate physical activity, such as walking at an average pace, was associated with an 8% lower risk. The risk was 22% lower when five minutes of inactivity was replaced with five minutes of vigorous physical activity each day, the study suggested. There were limitations to the research, including the fact that the researchers performed a statistical analysis of an observational study, so could not prove causation.
“Legally, we have to say this is a direct parody of Alex Jones and all this bullshit, until we’re allowed to take over all his stuff,” Collins tells WIRED. “But until then, we’re having a lot of fun.” Jones’ attorneys did not return requests for comment from him; messages to Infowars email accounts were returned as undeliverable.
Lawson calls the seizure of the Infowars name “karmic justice” for the Sandy Hook families, who have yet to receive any settlement money from Jones. The Onion plans to initially give $100,000 from merch sales directly to the families, Collins told the Associated Press.
The Infowars parody also meets business and cultural needs, Lawson explains.
“We kind of realized at some point we need some satirical product that is natively internet satire,” Lawson says. “But the problem is the internet is so hard to satirize because there is no one internet. In order to make satire, you need a shared understanding of some medium that you break.”
When Collins conceived of the stunt acquisition of Infowars, they began to see it as an opportunity to target one all-too-common digital format: “These blowhard assholes who have a million listeners [and] will say and do anything to make a buck,” Lawson says. “It’s these podcasters, they’re the thing you can satirize, the Joe Rogans and the Alex Joneses.”
The idea, Collins says, is to ridicule the conspiracist internet brain rot that has infected the entire social media ecosystem. “It allows us to like break down how fucking stupid everything is and how people talk now,” he explains. “People are just constantly trying to find the big secret thing that is running the world, but in reality, the big secret thing that’s running the world is right fucking in front of us, it’s the big grafty fucking asshole government that we live under the thumb of.”
Besides Heidecker, the livestreams will include other familiar faces and voices. Tim Robinson of I Think You Should Leave and The Chair Company calls in as “Tim from Ohio” in the premiere episode, leading to a debate as to whether Bozo the Clown was actually several different people. Fictional newscaster Jim Haggerty (Brad Holbrook) returns as well, having abandoned his anchor job at the Onion News Network to spout paranoid crackpot views while advertising products like “Hog Water.”
And a delirious opening theme is provided by comedian-musician Nick Lutsko, who has frequently gone viral with tunes mocking Jones and other right-wing personalities. This song is immediately derailed when Lutsko’s idea for a cartoon “Infowars Elf” mascot is rejected by corporate higher-ups—but he keeps forcing the character back into the theme anyway.
“This is very much like, an ‘Avengers, assemble’ sort of thing for everybody who’s been making fun of these assholes for years,” Collins says. “I do think if [this cast] had been direct foils all along to Trumpism that we probably wouldn’t have Trumpism.” Adds Lawson, “I do worry about democracy, and I think that satire is the answer to that, being able to point out the things that we look around and say, ‘This isn’t right.’”
![]()
M5Stack’s PaperS3 was originally built for smart home controls, electronic labels, and educational tools. But YouTuber Wenting Channel recently detailed how he turned the old dev board into a 60Hz E-ink Game Boy, its paper-like display an unexpectedly good match for the handheld’s graphical capabilities.
Read Entire Article
Source link
GameSir has given its Pocket Taco mobile controller a fresh coat of paint with a new Voltage Purple colourway just a few months after the accessory first launched.
The new version swaps the original retro grey finish for a translucent purple shell. This design feels like a nod to classic handheld consoles.
Unlike the Kickstarter-exclusive Atomic Purple edition, which paired its transparent casing with matching purple buttons, the new model mixes the see-through design with mostly black buttons. As a result, it offers a slightly more understated look.
Aside from the cosmetic refresh, everything else remains the same. The Pocket Taco is still one of the more unusual mobile controllers around, thanks to its vertical design. Rather than stretching around your phone in landscape mode like the GameSir G8 Plus, it folds around a smartphone held upright. This turns it into a compact vertical gaming handheld that’s best for portrait games and emulators.
The controller connects over Bluetooth and packs a 600mAh battery that will last through extended gaming sessions. It also features membrane D-pad and ABXY buttons, inline triggers and bumpers. In addition, it uses silicone pads to help protect your phone while it’s attached.
GameSir has also included a few practical touches. The controller automatically powers on when unfolded and switches itself off when closed. Meanwhile, a cut-out at the bottom lets you plug in a charging cable without removing your phone. Button remapping is available through the GameSir app, and there’s also a keyboard mode for broader compatibility across mobile apps and games.
The Voltage Purple model is available now through GameSir’s website and Amazon for $34.99. Meanwhile, the original retro grey version has dropped to $29.99 on GameSir’s own store.
Amazon’s long-awaited answer to SpaceX’s Starlink is finally nearing liftoff. According to an exclusive report from Reuters, the company plans to begin offering its Leo satellite internet service later this year, after its latest rocket launch pushed the constellation to 394 satellites in orbit.
The milestone came after Amazon’s latest mission deployed 29 additional satellites aboard a United Launch Alliance (ULA) Atlas V rocket. According to Chris Weber, vice president of Amazon Leo (formerly known as Project Kuiper), there’s still work to do before the satellites reach their final operating positions. Still, Amazon has now completed enough launches to begin its initial rollout this year.
Amazon hasn’t revealed which countries or regions will receive service first. However, Reuters reports that coverage is expected to begin near the Earth’s north and south poles before gradually expanding toward the equator as more satellites are added to the network. Eventually, Leo aims to deploy more than 3,200 satellites to provide global broadband coverage.
Unlike traditional satellite internet services that rely on a handful of satellites positioned far above Earth, Low Earth Orbit (LEO) constellations place thousands of satellites much closer to the planet. That significantly reduces latency while improving speeds, making the technology far more practical for everything from streaming and video calls to online gaming and remote work.

That’s exactly the market Amazon wants to tap into. Like Starlink, the company plans to sell internet service to households using dedicated user terminals, while also targeting businesses, governments, and industries such as airlines. With Starlink already operating roughly 10,000 satellites, Amazon still has plenty of catching up to do. But having another major player enter the LEO internet race could ultimately mean more competition, better coverage, and potentially lower prices for customers in the years ahead.
A former Wisk Aero software manager is suing the Boeing subsidiary, alleging she was fired for flagging cuts to FAA-required testing.
A former software manager at Wisk Aero, Boeing’s autonomous air taxi subsidiary, has filed a lawsuit alleging she was fired after raising internal safety concerns about reduced software testing, the Seattle Times first reported. Briahna O’Neill filed the suit in Santa Clara Superior Court, claiming wrongful termination and discrimination. According to the complaint, O’Neill submitted two internal safety reports alleging that company executives pushed engineers to cut FAA-required software testing in order to meet a 2025 test flight deadline.
O’Neill says she was terminated in March 2025, weeks after filing her second internal complaint. Wisk said it cannot comment on ongoing litigation, and Boeing declined to comment on the matter. The allegations have not been proven in court, and the case is in its early stages.
Wisk was founded in 2019 as a joint venture between Boeing and Kitty Hawk, the air taxi company backed by Google co-founder Larry Page, and is now a wholly owned Boeing subsidiary. The company is developing a fully autonomous electric air taxi designed to fly without any pilot on board, supervised remotely by a single operator overseeing up to three aircraft at once. That approach sets it apart from competitors like Joby Aviation, which uses a piloted model and is the furthest along in the FAA certification process.
Wisk’s Generation 6 aircraft completed its first flight in December 2025, and a second prototype flew in May 2026, doubling its test fleet. The company is one of eight selected for the FAA’s eVTOL Integration Pilot Program, which launched in March 2026 and allows supervised commercial testing across 26 states over a three-year period. Wisk is preparing for operations in Texas as part of that programme.
The lawsuit lands at a difficult moment for Boeing’s broader safety reputation. The company has faced 32 whistleblower complaints filed with OSHA since 2020, according to federal records, and a Senate subcommittee has held hearings on what it described as Boeing’s “broken safety culture.” Corporate retaliation against employees who raise concerns has become a recurring theme across the tech and aerospace industries, with legal actions multiplying in recent years.
Whether O’Neill’s allegations hold up in court remains to be seen, but for Wisk the timing is particularly sensitive. The company is asking the FAA to certify the first fully autonomous passenger aircraft in the United States, a process that depends entirely on regulators’ confidence that its software systems meet the highest safety standards. A lawsuit alleging that those same software testing requirements were deliberately weakened to hit an internal deadline raises exactly the kind of question the FAA will need to answer before any certification is granted.
Last month, SpaceX began making lobbying filings in support of phone unlocking rules making it easier to switch your phone between wireless providers. You might recall that the Biden FCC was on the cusp of installing such rules before the Trump administration, hand in hand with giant telecoms, dismantled them (Trump’s FCC will have to decide whether they love Verizon/AT&T/T-Mobile or Elon Musk more).
SpaceX’s push now makes a little more sense with the company saying it is “considering” launching a Starlink retail product and could eventually build its own terrestrial US mobile network:
“The company’s president and chief operating officer, Gwynne Shotwell, told investors during a recent IPO roadshow that the group was considering launching a Starlink retail product and could build its own terrestrial US mobile network, according to four people familiar with the matter.”
To be clear, I think a lot of this is simply more bullshit to justify the insane SpaceX IPO valuation. But the fact SpaceX has lobbied for phone unlocking rules suggests there is at least some kernel of real curiosity about an actual plan.
One major problem for SpaceX and Starlink is that Starlink is already too congested to handle the traffic they currently deal with. They’re already struggling under the load of 10 million low-Earth orbit (LEO) satellite users; the idea, as proposed in their IPO prospectus, that they’ll very quickly surge to more than 300 million subscribers was already the stuff of fantasy.
But when it comes to building out a cellular network to reach that goal, they simply don’t have the spectrum for this kind of thing:
“New Street Research estimates that the three US mobile network operators have a total of about 1,020MHz of spectrum, while SpaceX has just 65MHz.”
Building out telecom networks is a massive, costly, and expensive chore. Even when you own a government. Directly threatening AT&T and Verizon — some of the most politically powerful companies in the country — wouldn’t be a cake walk, even for Musk. And while Musk clearly has influence at the FCC (remember that time he got Brendan Carr to launch a fake investigation to acquire more spectrum?), turning Starlink into a full wireless/cellular/satellite carrier would be very slow and very expensive.
So if you were a logic-driven investor you’d likely and correctly view this as a costly money pit with no returns anywhere on the horizon. The only real way to make it work would be to acquire somebody like T-Mobile, which would cost billions, take years to integrate, and face all sorts of operational and political challenges — especially if the economy is going to break (further) or control of Congress shifts.
So while a Starlink jump into wireless is certainly possible, I think it’s more likely that this is just putting a toe in the water in a way that might help them extract more favorable terms from their existing cellular partners (they currently offer an “out of range” option via T-Mobile). It’s also likely more IPO fluffing by people who know U.S. journalists and investors no longer truly inhabit operational reality.
Filed Under: cellular, competition, congestion, elon musk, fcc, phone unlocking, satellite, telecom, wireless
Companies: spacex, starlink
The MYNT3D 3D Printing Pen is a handheld creative tool that allows users to draw in three dimensions using heated plastic filament. Instead of printing from a machine, this pen lets you manually create 3D objects by extruding melted plastic that quickly hardens. It uses FDM technology similar to 3D printers and is designed for applications like crafting, prototyping, and artistic modeling. The kit includes the pen, PLA filament, and a power adapter, making it ready to use out of the box. Its main features include adjustable temperature control, allowing precise material handling for different effects and variable speed control for smoother, more accurate drawing. It also has an OLED display for monitoring settings and a slim, ergonomic design for comfortable use during extended sessions. It’s on sale for $40.
Note: The Techdirt Deals Store is powered and curated by StackSocial. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
Filed Under: daily deal
Weekend Open Thread: Staud – Corporette.com
The House | Manchesterism won’t survive the painful trade-offs unless it gets citizens on board
Strategy authorizes up to $1.25B in Bitcoin sales under new capital plan
Asia stock markets slide as tech shares slump
MAJOR BITCOIN & MARKET UPDATE!!!! (MUST WATCH ASAP!!!)
Anonymous researcher drops 0-day ‘exploitarium’ repo
Coinbase, Circle Deepen Crypto Stock Losses Despite Resilient S&P 500
Australia treasurer says alleged access of prime minister’s bank data ’incredibly concerning’
Kraken's xStocks Opens Bending Spoons IPO Registration to EEA Retail
FIH Pro League: India defeat Pakistan 7-1, register biggest win of campaign | Other Sports News
Bluekit phishing kit adopts browser-in-the-middle for login theft
Tether (USDT) Passes Ether in Market Cap as ETH Drops Toward $1.5K
Hyperliquid Named on Singapore MAS Investor Alert Register
Russian hackers now target Signal backup recovery keys
RTX holders must register wallets before token distribution begins
Broncos roster: OL Ben Powers (No. 74) entering final year of contract
The AI boom won’t burst all at once. It will pop in ‘rolling bubbles’: Macquarie
Claude Code turned every engineer into three. Now companies need more product thinkers
SpaceX Called a Market Top Signal Just 2 Weeks After Its $86 Billion IPO
Silicon Valley paid to kill AI regulation, now it wants the rules back
You must be logged in to post a comment Login