The iPhone 18 Pro is still a few months away, however a new leak suggests one of its biggest upgrades may already be taking shape.

According to respected Weibo leaker Setsuna Digital, Apple’s 2026 flagship is expected to receive a major camera upgrade.

Supply chain information reportedly points to noticeable hardware changes inside the phone. In addition, the leak backs up several earlier rumours. These suggest Apple is preparing a more substantial camera overhaul for the iPhone 18 Pro and iPhone 18 Pro Max that can could make the best camera phones around.

The biggest clue is the phone’s thickness. Recent dummy models have already suggested that Apple’s next Pro iPhones could be around 2mm thicker than their predecessors. Setsuna Digital now claims the camera system is the main reason why.

Exactly what’s changing remains unclear. Yet the leading theory is the addition of a variable aperture system. If accurate, it would give photographers greater control over depth of field and light intake. This change would bring the iPhone camera experience closer to dedicated cameras. It’s a feature that’s appeared on a handful of Android phones over the years, but Apple has yet to implement it on an iPhone.

Two years ago, Netflix dramatically let me down. As a massive anime fan, I tuned into the first season of their live-action Avatar: The Last Airbender remake and was horrifically disappointed within minutes. In fact, the most positive critique you could give it is that it was better than the live-action movies, which are widely considered to be garbage.

Why? The action was all there, but the heart of Aang’s story wasn’t. Spectacular VFX tried to cover up the hollow, mundane narrative underneath. In fact, to quote a fantastic jaw-dropping writer called Jasmine Valentine: “There’s little room to learn, with life-changing realizations made in a ridiculously short amount of time. If a tale can’t be paid its due diligence in a certain remit, should we even bother at all?”

New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices.

The CVE-2026-20245 vulnerability is a high-severity command injection flaw in Cisco Catalyst SD-WAN Manager (vManage), Controller (vSmart), and Validator (vBond) that allows authenticated attackers to execute arbitrary commands as root by uploading a crafted file.

Cisco said the vulnerability stemmed from insufficient validation of user-supplied input and could be exploited by authenticated attackers with local access to affected devices.

When Cisco disclosed the flaw earlier this month, the company warned that it had been exploited in a limited number of attacks but did not provide any details.

Cisco only stated that successful exploitation allowed attackers to gain root privileges and that some incidents involved unauthorized configuration changes being pushed to edge devices.

The company released security updates and urged customers to upgrade to fixed software versions, stating that no workarounds were available.

New exploitation details emerge

In a report published today, Mandiant revealed that CVE-2026-20245 was exploited as a privilege-escalation vulnerability after attackers had already gained access to targeted SD-WAN devices.

According to the researchers, the intrusion began with unauthorized SD-WAN peering connections observed on a service provider’s infrastructure.

Beginning in March 2026, the threat actor established new rogue peer connections and authenticated to affected SD-WAN Manager devices using the vmanage-admin account.

Mandiant believes the rogue peering may have been created by exploiting previously disclosed Cisco SD-WAN authentication bypass zero-days, CVE-2026-20127 and CVE-2026-20182, though the exact method remains unclear.

After gaining access, the attackers changed the default admin account password, logged in to the SD-WAN Manager web interface, and extracted configuration information for edge devices, controllers, and SD-WAN templates.

Mandiant says the attackers subsequently restored the admin account to its original password after completing their activity, likely to reduce detection.

The researchers say the attackers then exploited CVE-2026-20245 through a tenant-upload feature in the SD-WAN command-line interface by uploading a malicious CSV file named “evil_tenant.csv.”

“CVE-2026-20245, a vulnerability reported to Cisco by Mandiant, exists in the command-line interface (CLI) of Cisco Catalyst SD-WAN Controllers that could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system,” explains Mandiant.

Mandiant says the malicious payload first created backups of system configuration files, including /etc/passwd and /etc/shadow, before creating a new account named “troot” with root-level privileges.

The attackers then used the Linux “su” command to switch from the compromised administrative account to the newly created root account, giving them full control over the device.

Mandiant says the attackers heavily relied on anti-forensic tactics to evade detection.

This includes backing up configuration files before modifying them and then restoring them after exploitation. They also cleaned up traces of exploitation by deleting the malicious CSV payload, removing temporary files created during the attack, and erasing evidence of the rogue root account.

The researchers also observed the execution of a validation script to confirm that all traces of the compromise had been removed from the device. 

Mandiant says some rogue peering activity observed in March 2026 occurred on systems that were not vulnerable to any of the previously disclosed authentication-bypass flaws.

Cisco told the researchers that the breach did not involve CVE-2026-20182 and said it was possible the attackers used certificates stolen during a previous compromise to regain access to devices.

Mandiant has published indicators of compromise, attacker IP addresses, and guidance to help organizations determine whether they were compromised.

Organizations should collect diagnostic data from SD-WAN devices, check for signs of unauthorized peering connections, and upgrade to the latest software releases if they have not already done so.

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Zoox just released a new version of their autonomous robotaxi, and the vehicle retains its original no-nonsense purpose-built design, but with a few important modifications derived directly from real-world experience on the streets of Las Vegas, San Francisco, Austin, and Miami. More than half a million cyclists had already completed the route, and they had clearly made their stamp on the most recent round of changes.

The basic layout stays same; you still have the familiar boxy shape that allows you to move forward or in reverse. That design allows the large sliding doors to swing wide open on both sides, resulting in a perfectly symmetrical and comfortable cabin within. That cabin can accommodate four people, with two pairs of seats facing inwards, allowing you to either converse with your fellow passengers or relax on your own for a while.

Sale

Hiboy S2 Pro Electric Scooter, 500W Motor, 10″ Solid Tires, 25 Miles Range, 19 Mph Folding Commuter…

• Product Note: Max speed and range per charge vary based on several factors, including: rider weight, riding surface, incline, ambient temperature…
• Powerful Motor & Long Battery Life – The 500W powerful electric brushless hub motor allows for speeds up to 19mph. High capacity battery (36V/11.6AH…
• Upgrade Your Commuting – Hiboy S2 Pro Electric Scooters Front And Rear Wheel Equipped With 10-Inch Solid Tires And Rear Dual Shock Absorbers Provide…

Inside, you’ll see that the color scheme has lightened slightly, with the seats now a soft green and the floor and trim a subtle grey. It all gives the car a relaxed atmosphere and is intended to assist people remember things that would otherwise slip their memory. They’ve added extra cushioning and softer edges to the seats and headrests to make them more comfortable on all of the twists and turns, all in response to rider comments on how to make the car more comfortable for longer excursions.

Daily use has now become easier, with much larger cupholders to keep your drink from dripping everywhere. They’ve also added microscopic ridges to the phone tray to prevent your phone from sliding around when you’re on the road. The screen is also considerably brighter now, allowing you to swiftly glance over and see all of your flight information.

Outside, the reflectors have been updated, changing color to indicate which end of the car is in front. Handy for bikers, pedestrians, and emergency personnel who may need to know which direction your car is facing, plus they’ve added a mic and speaker to the door area so you can have a clearer conversation with anyone who needs to communicate with you when you stop.

However, the core technology remains unchanged, since all of the cameras, sensors, and other devices continue to provide a detailed picture of what is going on around you. Four-wheel steering is still beneficial for maneuvering through tight city streets, and the maximum speed remains around 75 mph, with the cabin seating up to four passengers as before.

Now, the primary focus is on getting this thing ready for production. The final design is complete, and they will produce 100 automobiles per week at the Hayward factory in California. If they keep up that pace, they should be able to produce around 10,000 units per year. The first replacement cars will arrive in existing fleets later this year, once all formalities (government approval) have been completed.
[Source]

A 21-year-old using the alias “Snoopy” was sentenced to 18 months in prison for his role in hacking DraftKings accounts in the November 2022 cyberattack.

In December 2025, the man, Nathan Austad of Minnesota, pleaded guilty to conspiracy to commit computer intrusion, admitting that he and co-conspirators compromised 60,000 DraftKings user accounts.

During the attack, the hackers added payment methods under their control to 1,600 accounts and stole $600,000.

DraftKings is a fantasy sports and sports betting platform where users can build teams of real-world athletes and compete for cash prizes based on their performance in actual sporting events.

In November 2022, DraftKings disclosed that hackers accessed customer accounts through credential stuffing attacks that exploited weak passwords or reused login credentials.

At the time, DraftKings reported that less than $300,000 had been stolen from affected customers. A month later, the company disclosed that 67,995 customer accounts had been compromised in the attack.

In May 2023, U.S. authorities charged Joseph Garrison for his role in the scheme, accusing him and his co-conspirators of selling access to hacked DraftKings accounts through online marketplaces such as the “Goat Shop.”

In January 2024, prosecutors charged additional suspects for the cyberattack, including Kamerin Stokes (“TheMFNPlug”) and Nathan Austad (“Snoopy”).

Austad reportedly operated his own shop where he sold access to stolen accounts and also used other platforms for the same purpose.

“AUSTAD directly controlled and profited from his own shop, which was named after the character Snoopy from the Peanuts comic strip,” the U.S. Department of Justice says.

The DoJ’s press release does not disclose the amount the hackers earned from selling access to the compromised accounts, but notes that Austad’s cryptocurrency accounts received approximately $465,000 in assets.

The U.S. DoJ also mentions direct messages that Austad sent to his co-conspirators, in which he openly admitted to perpetrating fraudulent activity and warned others to prepare.

Joseph Garrison received an 18-month imprisonment sentence in January 2024, while Kamerin Stokes received a 30-month sentence in April 2026.

In addition to the prison sentence, Austad received three years of supervised release and was ordered to pay $463,684 in forfeiture and $1,327,061 in restitution.

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper