As a smart home reviewer, I love the connected home. My house is full of connected devices, from thermostats to ovens to lighting and robots (lawnmowers and vacuum cleaners). They all make my life easier and better, but even I’m a little shaken by the latest hack.
As reported by The Verge, Sammy Azdoufal accidentally hacked almost 7000 DJI Romo vacuum cleaners, gaining full remote control of them. Azdoufal used the AI-powered Claude Code to reverse engineer DJI’s protocols, so that he could remote control is robot with a PS5 controller.
But his remote control app ended up talking to the entire install base of DJI Romo vacuum cleaners. At this point, every robot could be remotely controlled and camera feeds could be viewed, bypassing the PIN lock that’s in place.
The flaw was due to the token used. Azdoufal extracted the token used to access his device, but this also gave him access to every other device. The security issue was reported to DJI, and has now been closed, but this incident should be seen as a warning shot across the bows.
Advertisement
Problems are likely to get worse
There have been hacks in the past. According to Kaspersky, several Ecovacs robot vacuum cleaners were hacked into, with video feeds activated, racial slurs emitted from the integrated speakers, and a pet chased around.
Advertisement
That attack was entirely malicious; the scary thing about the DJI situation is that Azdoufal was just trying to remote control his own vacuum cleaner. And, in this case, Claude Code helped with the token access that opened up DJI’s systems.
AI in the hands of people deliberately trying to break into systems makes for very scary reading. Vibe coding makes it easy to generate complex code with a few prompts and to modify and experiment with different approaches quickly. The potential for AI being used to create lots of malicious code seems almost limitless.
Advertisement
With the kinds of devices that we have now, limiting exposure is almost impossible. Smart devices work through cloud connections because it makes them easier to set up and easier to control.
In the case of robot vacuum cleaners, the cameras aren’t just a nice accessory to see what’s going on; they’re an essential part of how the system works, used for additional navigation aid, and to spot and avoid obstacles. You can’t just cover up these cameras for privacy, as you’ll hamstring the product.
Nor can you disconnect them from the internet and cloud services without losing advanced control, map editing and remote control.
It’s not just about privacy
Although the DJI Romo hack has a privacy element to it, via remote camera viewing, there are other dangers. One hacked device can be used as a springboard to get into other devices.
Advertisement
Advertisement
In the case of robots, there are other threats. A remote controlled robot could be used to bash into a table and smash a vase. Potentially, a hacked robot could be made to throw itself down stairs.
And what about other smart devices? I can turn my oven on remotely, which is useful for setting it before I get home, so I can cook immediately. A hacked system would mean that someone else could do the same, and rack up a huge energy bill. Likewise, a smart heater could be turned on to maximum, costing a fortune in electricity.
It all sounds far-fetched until the day it isn’t.
Advertisement
Should local modes be an option?
The other issue that we’ve seen from smart devices that rely on a cloud connection is that they can be bricked when a company goes bust or, as with Belkin WeMo devices, a product line is discontinued
Perhaps it’s time for many smart devices to come with a mandatory local mode, where they’d only respond to commands from a device on the same network via an established, secure connection.
Advertisement
That way, a device could be managed from home, regardless of the status of the cloud connection. That would be good in the event of a cloud outage, but also good in the event a company went bust.
Advertisement
Things like firmware updates could be checked for via the app and applied manually when required.
Sure, remote features wouldn’t work, so this wouldn’t be good for security cameras, but for many smart devices, the security-conscious person may well take the downsides for more peace of mind.
The number of ransomware victims paying threat actors has dropped to 28% last year, an all-time low, despite a significant increase in the number of claimed attacks.
A downward payment trend has been observed for the past four consecutive years by the blockchain intelligence platform Chainalysis.
At the moment, the total of on-chain ransomware payments in 2025 stands at $820 million, but the company notes that “the 2025 total is likely to approach or exceed $900 million as we attribute more events and payments.”
Chainalysis reports a relative stability in the total number of payments, despite a 50% increase of ransomware attacks year-over-year.
Advertisement
In 2024, the payment rate recorded by Chainalysis was more than double, at 62.8%, while in 2022, it was at 78.9%.
Data leak events (bars) and payment rate (line) Source: Chainalysis
Data from Chainalysis also aligns with previous reports by Coveware, which showed a steady decline in victim payment rates throughout 2025.
According to the blockchain company, some of the factors that influenced the ransomware economy include improved incident response, regulatory scrutiny, international law enforcement actions, and market fragmentation.
Current Chainalysis data shows that while aggregate revenue from ransomware activity declined, the median ransom payment rose significantly, up 368% from $12,738 in 2024 to $59,556 in 2025.
This indicates that ransomware victims pay larger amounts for the hope that cybercriminals will delete the stolen data and not sell it to other threat actors or trade it.
Advertisement
Payment amounts graph Source: Chainalysis
In 2025, the analysts observed 85 active extortion groups, far higher compared to previous years, when the ransomware space was dominated by a small number of threat groups and RaaS platforms.
A few high-impact incidents Chainalysis highlights in its report include the attack at Jaguar Land Rover, which inflicted an estimated $2.5 billion in damages, the Marks & Spencer breach by the Scattered Spider threat group, and the DaVita Inc. ransomware breach that exposed 2.7 million patient records.
For another year, the most targeted country was the United States, followed by Canada, Germany, and the U.K., showing threat actors’ preference for concentrating their efforts in developed economies.
Targeted countries and industries Source: Chainalysis
Initial access brokers (IABs), hackers who sell access to compromised endpoints to ransomware operators, reportedly made $14 million in 2025, roughly the same as last year. This is only 1.7% of the total ransomware revenue last year, though initial access is a key enabler.
Analysis shows that spikes in IAB payment inflows are followed by increases in ransomware payments and victim leak posts roughly 30 days later, suggesting IAB activity can act as a leading indicator.
The average price for network access declined from approximately $1,427 in Q1 2023 to just $439 in Q1 2026, indicating that automation, AI-assisted tooling, and oversupply from info-stealer logs have shaped the industry.
Advertisement
Chainalysis says that although ransom payments declined last year, the scale, sophistication, and real-world impact of ransomware attacks continued to grow, impacting organizations of all sizes and backgrounds globally.
The researchers believe ransomware is going through a phase of adaptation, rather than losing the fight, evolving tactics to extract more value from an ever-decreasing number of consenting victims.
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
While Honor has already made plenty of product announcements, with tablets, foldables and more, its most interesting device at MWC 2026 is the Robot Phone — and maybe the humanoid robot that came alongside it.
After briefly showing off a model at CES, Honor isn’t quite ready to launch its Robot Phone. However, we got more specs, tech demos and a closer look following the company’s MWC press event in Barcelona. The Robot Phone is currently set to launch later this year.
Image by Mat Smith for Engadget
Honor has put a lot of effort into ensuring its camera gimbal is highly mobile, to the point of creating a tiny personal robot that is, dare I say, adorable? The Robot Phone’s pop-up camera can cock its head, shake to say no, nod to agree, and even “flip” – or at least rotate 360 degrees. According to Honor’s presentation, it can even bop along to songs. A spokesperson told me that it’s got five songs in its repertoire, so it’s not clear whether they’re programmed for these kind of demos, or will be a feature of the final retail device.
Another demo here at MWC showed how you could make the Robot Phone “sleep” by covering its gimbal eye, though it’s odd that the camera is still exposed rather than folded away. My main concern with the Robot Phone is the robustness and durability of its robotic mechanisms. We’ve lived through several waves of smartphones that attempted much simpler mechanical camera functions and the threat of dust or heavy-handed users can’t be ignored.
Advertisement
Image by Mat Smith for Engadget
The company says it’s taken what it learned from foldables, regarding high-performance materials and simulation accuracy, and applied it to shrinking the camera module. On stage, Honor CEO James Li revealed what he calls the industry’s smallest micro motor, much smaller than a 1-euro coin and, he added, 70 percent smaller than existing micro motors.
As this component has been reduced substantially, the Robot Phone’s gimbal will be the industry’s smallest 4-degrees-of-freedom gimbal system. That’s a spec – we finally got a spec! It’ll also offer three-axis stabilization in this tiny camera package, with the primary camera using a 200-megapixel sensor.
The fold-away panel that the primary camera tucks into also reveals more typical cameras, so you’re not forced to use the gimbal if you don’t need it. Still, that’s one very thick camera unit:
Image by Mat Smith for Engadget
Honor has already started building out camera modes and features, with a Super Steady Video mode that enhances stability while swinging the Robot Phone around to capture video. AI Object Tracking will apparently intelligently follow subjects, while AI SpinShot supports intelligent 90-degree and 180-degree rotational movement for more cinematic transitions. We’ve seen these sorts of pre-programmed movements and functions in full-size phone gimbals and action cams. If Honor can nail it in such a tiny form, it’ll be impressive.
Advertisement
Other specifications during Honor’s press event were sparse, although the company announced a collaboration with ARRI Image Science to bring its cinematic smarts to the Robot Phone’s gimbal camera.
In a press release, Honor’s Li said the collaboration would bring ARRI’s “cinematic standards and professional workflows” into mobile imaging. It’s apparently the first time elements of ARRI Image Science are being integrated into a consumer device. Dr. Benedikt von Lindeiner, VP at ARRI, said the goal is to bring a true cinematic aesthetic, such as “natural color, gentle highlight roll-off, and a sense of depth,” to shooting with an Honor smartphone.
Image by Mat Smith
Honor also made a humanoid robot companion for its Robot Phone. The bot took to the stage alongside the Robot Phone, danced alongside human dancers, did a backflip and shook hands with CEO James Li. It didn’t say a thing, but fortunately, during some on-the-rails banter between the robot, Robot Phone and Honor’s CEO, the Robot Phone was particularly chatty.
Like the many humanoid robots we’ve reported on and seen in person, Honor hopes to put it to work in both industrial and domestic settings, pitching it as a central part of the company’s multi-million-dollar push into AI. For now, it’s being called Honor Robot.
MWC 2026 officially gets underway on March 2 and will continue through March 5, but the announcements are already coming ahead of its start. We can always count on the annual tech event to bring tons of new phones, laptops and tablets, and we’re expecting to see some robots and other gadgets too — plus plenty of AI news, of course. In addition to the announcements, MWC is our chance to get hands-on time with some of the most interesting new devices, like the Xiaomi 17 Ultra and Honor’s Robot Phone.
Engadget’s Mat Smith is on the ground in Barcelona, and we’ll be updating this story as the week goes on to keep you in the loop on everything that caught our attention. Keep checking back here for the latest MWC news.
Honor
The Robot Phone. (Image by Mat Smith for Engadget)
Honor teased its Robot Phone this past fall and we just finally got a proper look at it at MWC. And it’s pretty freakin’ cute. The phone is equipped with a camera that’s mounted on a highly mobile 4-degrees-of-freedom gimbal, which tucks away into a compartment on the back when it’s not in use (making for a pretty beefy camera bump). In a demo at MWC, the camera, which behaves like a little robot head, bobbed along to music and showed off some of its gesture skills, like cocking its “head” and nodding in agreement.
Honor didn’t reveal too much spec-wise, but the company says the primary camera uses a 200-megapixel sensor. The gimbal will offer three-axis stabilization, which will be coupled with camera modes such as Super Steady Video and AI Object Tracking. The Robot Phone isn’t quite ready for release at the moment, but the company says it will launch later this year.
Advertisement
Be sure to check out Mat Smith’s writeup on the Robot Phone for a more in-depth look.
Honor’s humanoid robot. (Image by Mat Smith for Engadget) (Image by Mat Smith)
It’s not a humanoid robot reveal without some backflips and a choreographed dance performance. Honor introduced its robot at MWC with all the spectacle we’ve come to expect (though the bot didn’t do any talking). It’s simply called the Honor Robot, and the company has plans for it to be used in both industrial and domestic settings.
Honor Magic V6 (Honor)
The Robot Phone isn’t the only phone Honor showed off at MWC. The company also announced its Magic V6 smartphone, which it says is the thinnest phone in its category, measuring 8.75mm folded and 4.0mm open in the white colorway. The other three colors — black, gold and red — are slightly thicker, at 9mm folded and 4.1mm open.
Not too much has changed from the V5, though, which only came out in August 2025. It does however have the Snapdragon 8 Elite Gen 5, with 16GB RAM and 512 GB storage. As for the cameras, there are two 50-megapixel lenses and a 64-megapixel telephoto, plus a 20-megapixel f/2.2 selfie lens on the cover and internal display.
Advertisement
The international version of the Magic V6 will have a 6660mAh battery with 25 percent silicon content, while the version sold only in China will boast a battery with a rated capacity of more than 7000mAh and 32 percent silicon content. Honor hasn’t yet shared details about pricing and availability.
Honor MagicPad (Honor)
Ahead of MWC, Honor also announced what it claims is the thinnest Android tablet in the world: the 4.8mm thick MagicPad 4. We’re expecting to hear more about this at Honor’s press conference on Sunday, but so far we know it features a 12.3-inch 165Hz OLED display and weighs just 450g. It comes with up to 16GB of RAM and 512GB of storage, and is powered by Qualcomm’s Snapdragon 8 Gen 5 chipset. The thinness doesn’t count the camera bump, Honor notes. The MagicPad 4 has 13MP rear and 9MP front cameras. It also boasts spatial audio, with eight speakers.
Just as the display is slightly smaller than the previous MagicPad, the MagicPad 4 has a smaller battery at 10100 mAh. It comes with a 66W fast charger. The MagicPad 4 will run Honor’s MagicOS 10. We don’t yet know how much it will cost, but we’ll update this after Honor’s press conference (where we’re also expecting to see the company’s robot) with any new details.
Xiaomi x Leica
Mat Smith for Engadget
Xiaomi kicked off MWC this year by announcing the global launch of its 17 Ultra smartphone, which debuted first in China back in December. It’s unclear if the phone will ever come to the US, but it’s now rolling out in Europe. Xiaomi teamed up again with Leica to make a photography-focused smartphone, and the 17 Ultra sports a 1-inch 50-megapixel camera sensor with a f/1.67 lens, a telephoto setup with a 200MP 1/1.4-inch sensor, and a 50MP ultrawide camera. There’s also a manual zoom ring around the camera.
Advertisement
Check out our hands on for our first impressions of what it’s like shooting with the Xiaomi 17 Ultra. And there’s more to it than just the camera. The 17 Ultra has a 6.9-inch OLED 120 Hz display that peaks at 3,500 nits of brightness, and a 6000mAh silicon-carbon battery. The Xiaomi 17 Ultra starts at £1,299 (roughly $1,750).
Leica also announced a new phone made in partnership with Xiaomi at MWC. It looks a whole lot like Xiaomi’s 17 Ultra, but isn’t the 17 Ultra, exactly.
Leica Leitzphone by Xiaomi hands-on at MWC 2026 (Image by Mat Smith for Engadget)
Like the 17 Ultra, Leica’s Leitzphone by Xiaomi has a 1-inch camera sensor and physical controls for zoom and other settings, using a mechanical ring around the camera unit. It features a Leica-designed intuitive camera interface with the option to show just the essentials when you’re shooting, hiding all the modes and labels. There’s a monochrome shooting mode and Leica filters.
The Leica branding is splashed all over it in design and wallpapers, but it’s otherwise pretty similar to the 17 Ultra, with the same specs. Like the 17 Ultra, it has a Snapdragon 8 Elite Gen 5 chip and a 6.9-inch 120Hz display. This one’s priced at €1,999 (roughly $2,362).
Advertisement
The Xiaomi Pad 8 Pro (Xiaomi)
In addition to the 17 Ultra, Xiaomi announced two new tablets at MWC this year: the Xiaomi Pad 8 and Xiaomi Pad 8 Pro. There’s nothing revolutionary here, but they’re lightweight and thin, with both being 5.75mm thick and weighing 485g, and have a 9200mAh battery. The Pro model is powered by a Snapdragon 8 Elite chip, while the regular Pad 8 uses the Snapdragon 8s Gen 4 chipset.
Xiaomi also unveiled a new 5000mAh powerbank, the UltraThin Magnetic Power Bank 5000 15W. The 6mm thick power bank comes in three colors with an aluminum alloy shell: orange, silver and charcoal gray. Along with that, the company introduced the Xiaomi Tag, its own take on the Bluetooth item tracker. The Xiaomi Tag has a built-in hanging loop so it can be attached directly to a keyring, and the company says it will work with both Apple Find My and Google’s Find Hub for Android.
Tecno
Tecno
We can always expect to see some wild phone concepts at MWC, and this year we’re starting with one from Tecno. The company unveiled a modular concept smartphone design that can be as thin as 4.9mm in its base configuration. There’d be 10 modules to choose from based on the announcement, including various camera lenses, a gaming attachment and a power bank, relying on magnets to keep it all together — or Modular Magnetic Interconnection Technology, as Tecno is calling it.
A number of Apple Store locations in the United Arab Emirates have temporarily closed, in line with government recommendations as Middle East tensions rise.
Apple Al Maryah Island
Joint strikes on Iran by the United States and Israel has led to an escalation of tensions in the Middle East, including the death of Iranian leader Ayatollah Ali Khamenei. Following the initial strikes and retaliation by Iran, as well as the threat of future incidents, Apple has moved to close its stores in the United Arab Emirates. The UAE’s Ministry of Human Resources and Emiratisation has made a recommendation to private sector companies in the country. The advisement seeks to minimize the number of workers in open areas, excluding anyone in essential roles requiring physical attendance. Continue Reading on AppleInsider | Discuss on our Forums
In a lengthy post on Truth Social on February 27, President Trump ordered all federal agencies to “immediately cease all use of Anthropic’s technology” following strong disagreements between the Department of Defense and the AI company. A few hours later, the US conducted a major air attack on Iran with the help of Anthropic’s AI tools, according to a report from The Wall Street Journal.
The president noted in his post that there would be a “six-month phase-out period for agencies like the Department of War who are using Anthropic’s products,” so federal agencies are still expected to eventually move away from using Claude or other Anthropic tech. It’s also not the first time that the US used Anthropic’s AI for a major military operation, as the WSJpreviously reported that Claude was used in the capture of the now-removed Venezuelan president Nicolás Maduro.
Moving forward, the Department of Defense may begin transitioning towards other AI options, especially after reaching deals with both xAI and OpenAI to use their models within the federal agency’s network. However, the WSJ reported that it would take months to replace Anthropic’s Claude with other AI models.
Although Honda is known for legendary sports cars like the Honda Civic Type-R and the Honda NSX, it didn’t get its start with four-wheeled vehicles. Founder Soichiro Honda began the business with a motorized bicycle in 1947, meaning it has been making motorcycles for nearly 80 years now. While the company started in Japan, it has since expanded worldwide, building bikes in various countries around the world, including Vietnam, Pakistan, Indonesia, and China, and more.
Even as Honda is churning out motorcycles from these factories, it has been busy developing new models to launch in 2026. It has announced several available models across multiple categories, including adventure bikes, scooters, and dirt bikes for the model year. So, if you’re looking to get a new motorcycle, you can definitely find a Honda bike that fits your taste or needs.
Advertisement
Given that, we decided to pick out some of the coolest Honda motorcycles we expect to hit the showrooms this year. We included the MSRP of each of these models, giving you a rough idea of how much you’ll have to spend to get these two-wheelers into your garage.
Advertisement
XR150L
The XR150L is one of the cheapest motorcycles you can buy in 2026, but that doesn’t mean that you’re not getting much out of it. This dual-sport motorcycle straddles the best of both worlds — a capable bike that can handle off-road trails and a comfortable motorcycle that’s good for stop-and-go riding along city streets. Honda designed it to be simple and rugged, aiming to make it an affordable and reliable option for beginners, commuters, and lighter or smaller dual-sport fans.
This motorcycle is powered by a 149cc air-cooled single-cylinder engine mated to a five-speed manual transmission. This is then supported by a steel frame, ensuring it can withstand the rigors of off-road driving, while its conventional fork suspension and single rear shock help maintain comfort on both dirt and pavement. You also get a large 19-inch wheel up front and a 17-inch wheel in the back, helping you maintain control over rough terrain and poorly maintained infrastructure while still offering stability as you cruise through city streets and mountain roads.
More importantly, you don’t have to spend an arm and a leg just to get this bike. The XR150L starts at $3,399 (plus a $300 destination charge), making it one of the most affordable ways you can get mobility through town and country.
Advertisement
Dax 125
The Super Cub is one of the most reliable Honda motorcycles you can buy, but it looks pretty vanilla and is designed to cater to everyone. If you want the same reliability but desire something more distinctive, then you should look at the Dax 125. This model has been derived from the popular Super Cub through the CT series, but it comes with modern features that make riding easier. Aside from that, it’s designed with old-school charm in mind, making it stand out from the crowd.
Even though it only features a small 124cc engine with a four-speed semi-automatic transmission, it is still capable of cruising up to 55 mph, even with two passengers on board (depending on their weight, of course). You also don’t have to worry about shifting, as its centrifugal clutch design means that you don’t need a clutch lever to engage or shift gears — just choose the gear you want with the left foot lever and it will operate automatically and smoothly as you get going.
Advertisement
The Dax 125 costs at least $4,199, and you’ll have to shell out an extra $300 for the destination charge. But if you’re after its iconic looks and design, this premium is worth paying for.
Advertisement
Monkey
You might be thrown off by the name Monkey, but it’s one of Honda’s most recognizable minibikes thanks to its retro appearance. The model just received a facelift for 2026 — while it still kept the original styling its fans know and love, the company added several modern features, like all-LED headlights and taillights, plus a full-LCD circular display for its speedometer and odometer.
This little retro bike isn’t the fastest one on the market with its tiny 124cc single-cylinder engine paired with a five-speed manual transmission. But that is no issue because this isn’t designed for speed. It’s a commuter bike that is happiest puttering around town, enjoying life. Though it’s not meant to go very fast, it still comes with front-wheel ABS for safety, and even with 12-inch wheels, it’s still a pretty nimble bike. The Monkey has a tiny 1.5-gallon gas tank, but with an EPA rating of 162.6 MPG, one full tank could potentially last you several days inside the city.
One downside to the Monkey is that it’s a bit pricey for its small stature, coming in at $4,399 with a $300 destination charge. But if you want a motorcycle that looks good, is easy to ride, and fits easily in the back of your pickup truck, then this retro bike is definitely worth every penny.
Advertisement
CB500 Hornet/CBR500R
After focusing on smaller motorcycles, we’re now looking at the big boys of Honda’s motorcycle lineup, starting with the CB500 Hornet. This is Honda’s entry-level streetfighter, which originally hit the market in 2013. This bike comes with a 471cc two-cylinder engine mated to a six-speed manual transmission. Its engine performance is slowed by dual-disc brakes up front and a single-disc brake at the rear, both equipped with ABS for safety and maneuverability.
If you find the CB500 Hornet the perfect fit for your riding style, but desire more performance, consider the CBR500R instead. This sports bike has practically the same specifications, but it’s tuned for a sportier ride and a more aggressive riding position at the expense of a little bit of comfort. The differences between these two models are similar to what makes the CB650 and CBR650 different. The CB model is a naked street bike for day-to-day use, while the CBR is designed for more spirited riding
Advertisement
As one might expect, the sportier bike costs a bit more. The CB500 Hornet starts at $5,899 while the CBR500R costs $6,399, meaning you have to pay as $500 premium for the latter. Since these motorcycles are also larger than the previous models we’ve mentioned, they have a $600 destination charge.
Advertisement
NX500
While naked bikes are great for day-to-day commutes and sports bikes deliver speed and exhilaration, if you prefer taking the long way round on both dirt and pavement, Honda is continuing the NX500 for the 2026 model year. This adventure bike was first released in 2013 as the CB500X, but Honda renamed it in 2024 to set it apart from the CB500 family and give it its own distinct personality.
What makes this different from the CB500 Hornet is that Honda built this to be comfortable, not just as an urban cruiser, but also as a long-distance warrior. While it retains the same 471cc engine, six-speed manual transmission, and ABS brakes from the CB500 Hornet, the NX500 is taller, has a longer wheelbase, and a slightly greater fuel capacity, edging out the 4.5 gallons of the Hornet with a 4.7-gallon capacity. It also has a larger rake for better stability, especially at high speeds.
The NX500 starts at $6,899, with a destination charge of $600 — this makes it $1,000 more expensive than the CB500 Hornet and $500 pricier than the sporty CBR500R. But if you plan on going on long rides that will take you off the beaten trail, your body may thank you for spending that extra amount on this adventure bike.
Advertisement
SCL500
Some people love the retro looks of the Dax 125 and the Monkey, but find them too small. If you’re one of them, you should look in the SCL500. Just like the NX500, it has the same engine, transmission, and brakes as the CB500 Hornet and the CBR500R, but Honda built it with a scrambler-style body and frame. This gave it a natural, upright riding position that delivers an easy, comfortable ride for up to two people.
Despite its old-school aesthetics, this bike comes with several modern features for your convenience and safety. It comes standard with ABS brakes and LED lights, plus an LCD screen that displays crucial information, such as gear position and fuel consumption. More importantly, engine components are placed at an optimal position near the SCL500’s center of gravity, helping give the motorcycle a docile ride and making it perfect for both new riders and seasoned motorcyclists.
Advertisement
You can get the SCL500 starting at $6,999, but you’ll have to pay an extra $600 for the destination charge. This makes it the most expensive option among Honda’s 500-series bikes, but it’s also one of the most iconic.
Advertisement
CB650R/CBR650R E-Clutch
Experienced riders who find the Honda CB500 Hornet a bit too small may consider looking at the CB650R or CBR650R. These two models share the same powertrain — a 649cc four-cylinder engine with a six-speed manual transmission that utilizes Honda’s E-Clutch technology, which automates the clutch engagement on these motorcycles. But for the sport riders who enjoy more control over their shifts, these bikes still come with a manual clutch lever, allowing you to override the computer.
Since these bikes come with more powerful engines, Honda also equipped them with dual 310 mm discs with four-piston calipers at the front and a single 240 mm disc at the rear for added braking power. They also come standard with ABS, helping you maintain control during sudden stops and emergency braking. Both of these motorcycles are also equipped with LED headlights and a five-inch full-color TFT screen with a customizable display to suit your preferences.
Pricing for the naked street fighter CB650R starts at $8,699, while the fairing-equipped CBR650R is $500 more expensive at $9,199, with both models getting a $600 destination charge. These are more expensive than the entry-level Honda 500-series motorcycles, but you’re getting a larger four-cylinder engine that delivers more power in a middleweight sportbike.
Advertisement
NC750X DCT
This is the second adventure bike on our list of cool Honda motorcycles, delivering the best of both worlds for daily use and long-distance riding. The NC750X DCT comes with a more powerful 745cc parallel-twin engine and a six-speed dual-clutch transmission. This results in quick, seamless gear shifting that gives you a smooth ride, reducing the stress and fatigue caused by gear-change shock. It also uses throttle-by-wire control and offers four shifting schedules, allowing you to customize how easy or spirited the bike will respond to your throttle inputs.
The NC750X DCT also offers several electronic controls, allowing you to change the bike’s feel to your preference. There are five Riding Modes that adjust power levels, engine braking, and torque control — Sport, Rain, and Standard, plus two more customizable user modes. You can also manage rear-wheel traction with Honda Selectable Torque Control, or HSTC, through three different levels, or switch it off if you want full manual control.
Advertisement
You will have to shell out at least $9,499 to purchase this mid-range adventure bike. And when you add the $600 destination charge on the NC750X DCT, that means you’re paying over $10,000 for this motorcycle. This might seem like a pretty penny, but the performance and technology that this model offers do come at a cost.
Advertisement
Montesa Cota 4RT 260R/301RR
If dual-sport bikes aren’t enough to satisfy your desire for an off-road adventure, Honda is offering the Montesa Cota 4RT 260R and 301RR. These are hardcore trials bikes that are built with off-road performance in mind, so don’t expect creature comforts on these models. Honda consulted with FIM World Champion Toni Bou during the development of these models, helping them set the benchmark in their category.
The 2026 Montesa Cota 4RT comes in two flavors — the 260R with its 259cc engine and the 301RR with its larger 298cc engine. The former is designed for those who want a highly capable bike while still maintaining accessibility and affordability, while the latter is for competition-level performance. But whichever model you choose, you’re getting maximum mobility with its 26.7-inch seat height, as well as several protective barriers around the front-brake caliper, an aluminum skid plate with rubber protection under the engine, and a carbon fiber clutch guard. This allows it to absorb the punishment of the toughest trials while helping you stay agile with its low seat area.
Given that these are competition-focused bikes, they’re also priced accordingly. The 260R starts at $9,849, while the more powerful 301RR begins at $12,949. Each bike also demands a $600 delivery fee.
Advertisement
CB1000 Hornet SP
Literbikes are among the fastest street motorcycles available, with a majority of the most powerful Japanese sports motorcycles equipped with engines displacing around 1000 cc. However, unlike many supercars, you do not have to spend an arm and a leg for supercar performance. This is where the CB1000 Hornet SP comes in.
This naked street bike comes with a 1000cc liquid-cooled inline-four engine mated to a six-speed manual. All that power is managed by two 17-inch wheels, with the front equipped with dual 310mm disc brakes with four-piston Brembo calipers, while the back sports a single 240mm disc. Aside from that, they’re both equipped with ABS to ensure maneuverability and safety, especially in emergency stops.
Advertisement
You’ll also be spoiled for tech with the CB1000 Hornet SP, featuring a 5-inch full-color instrument display and Honda RoadSync. The latter lets you connect your phone to your motorcycle via Honda’s tech management app, letting you use your iOS or Android device for navigation and the option to make calls and listen to music via a Bluetooth helmet headset.
When you compare the CB1000 Hornet SP to some motorcycles on our list, you’ll find that it is quite pricey at $10,999 plus a $775 destination charge. You’ll be hard-pressed to find a sports car that offers the same kind of performance and adrenaline for the same price, making this 1000cc street bike your gateway to “budget” adrenaline.
Advertisement
NT1100 DCT
The NT1100 DCT is the first sport touring bike on our list. Now, these types of bikes are modeled after sport bikes for the speed they deliver, but offer much more in terms of comfort. This makes them ideal for high-speed long-distance riding that would be uncomfortable or impractical on a pure sportbike. Despite being built for the open road, Honda still managed to keep them agile for driving in tight city streets and remain comfortable and practical for your day-to-day needs.
Honda added several features to this motorcycle to make riding convenient. For example, its fairings envelope the rider, offering them protection from the wind and weather while cruising along the highway, and it also has a five-stage adjustable windscreen that you can change on the fly. It comes with two separate seats (unlike some smaller motorcycles that only come with a single, longer one), ensuring that both the rider and the passenger remain comfortable even on long rides.
If you want to get your hands on this bike, be prepared to spend at least $11,999, plus a $775 destination charge. This might seem like a lot, but you’re essentially getting two bikes in one with the NT1100 DCT.
Advertisement
Africa Twin
Honda claims the Africa Twin is the original adventure touring motorcycle and that this model is its offering for those who want to go anywhere on a two-wheeler. This bike is available in four trims, all of which are powered by a 1084cc liquid-cooled engine with either a six-speed manual or a six-speed DCT.
Advertisement
The base Africa Twin is ideal for riders who prefer a powerful dual-sport bike that they can take off-road, while the Africa Twin Adventure Sports ES is ideal for those who want a more comfortable ride and anticipate spending more time on the highways without sacrificing the motorcycle’s off-road capabilities. It includes less suspension travel than the base model. The ES also comes with Electronically Equipped Ride Adjustment (EERA), which allows the bike’s suspension to dynamically adjust to surface conditions.
The Africa Twin has a base price of $15,199, but you’ll have to shell out more if you want the higher trims. The most expensive variant with a DCT and the EERA will set you back $18,599, plus you’ll have to pay a $775 destination charge.
Advertisement
CBR1000RR-R Fireblade SP
If you want a motorbike that you can push to its limits on the race track but still bring you home at the end of the day, look no further than the CBR1000RR-R Fireblade SP. This is Honda’s flagship supersport model, and was built using Honda Racing’s experience developing MotoGP bikes.
While this has a similar 999.9cc inline-four engine as the other bikes we listed above, it uses special components that reduce friction and weight while increasing durability. It also features a throttle-by-wire system that delivers power in a linear manner, ensuring precise throttle inputs, as well as a plethora of electronic controls to help you manage the motorcycle.
As one would expect, this halo motorcycle comes at a price — the CBR1000RR-R Fireblade SP has a starting price of $28,999, with an additional $775 destination charge. Even though this is more than twice the price of most of the motorbikes in our list, you’re getting supercar performance in Honda’s premier street-legal sport bike.
A Ukrainian man has pleaded guilty to operating OnlyFake, an AI-powered website that generated and sold more than 10,000 photos of fake identification documents to customers worldwide.
27-year-old Yurii Nazarenko (also known as “John Wick,” “Tor Ford,” and “Uriel Septimberus”) admitted that his OnlyFake subscription-based platform used artificial intelligence to generate realistic-looking counterfeit passports, driver’s licenses, and Social Security cards.
“We rely on government issued IDs to combat terrorism, hijackings, fraud, money laundering, and a host of other crimes,” said U.S. Attorney Jay Clayton on Thursday. “OnlyFake’s manufacture of fraudulent IDs and other documents puts us all at risk and must be stopped.”
According to the indictment, Nazarenko’s OnlyFake platform allowed customers to generate fake digital versions of U.S. driver’s licenses for all 50 states and U.S. passports and passport cards, as well as digital versions of identification documents for roughly 56 other countries.
Advertisement
Customers could also customize the fake digital documents with personal details, opt for randomized information, and choose whether the finished product appeared as a scan or a tabletop photograph.
OnlyFake website (Department of Justice)
New York federal prosecutors said that the primary use of these fake digital documents was to circumvent Know Your Customer (KYC) verification requirements at banks and cryptocurrency exchanges, which are safeguards designed to prevent money laundering mandated under the Patriot Act.
Undercover FBI agents made multiple purchases from the OnlyFake website between May and June 2024, obtaining fake New York state IDs, U.S. passports, and a Social Security card.
OnlyFake only accepted cryptocurrency payments, and also offered bulk packages of up to 1,000 fake documents at a discount. Nazarenko further attempted to cover his tracks by routing cryptocurrency payments through multiple wallets and deleting emails after 404 Media reported on the site in February 2024.
“Yurii Nazarenko developed a website to produce more than 10,000 fake identification documents, earning hundreds of thousands of dollars from these illicit sales,” added FBI Assistant Director in Charge James C. Barnacle, Jr. “This platform offered its clients a myriad of criminal opportunities, including bypassing traditional regulations to launder money.”
Advertisement
Nazarenko was extradited from Romania in September 2025 and has agreed to forfeit $1.2 million. He is now facing a maximum sentence of 15 years in prison and is scheduled for sentencing on June 26, 2026.
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
The Marshals is a new Yellowstone spin-off airing on CBS (but don’t drop Paramount Plus — it’ll stream there too).
Luke Grimes reprises his role as Kayce Dutton in the Yellowstone sequel series. The former Navy SEAL joins an elite unit of US Marshals to bring range justice to Montana, according to a synopsis from CBS. In addition to Grimes, the show includes Yellowstone actors Gil Birmingham as Thomas Rainwater, Mo Brings Plenty as Mo and Brecken Merrill as Tate. Spencer Hudnut is the showrunner of Marshals — formerly known as Y: Marshals — and Taylor Sheridan is an executive producer.
Advertisement
When to watch the Marshals premiere on Paramount Plus
In addition to airing on CBS on Sunday, March 1, the premiere of Marshals will stream on Paramount Plus — and the subscription tier you have matters. You can watch the first episode live with Paramount Plus Premium, which includes your local CBS station. If you subscribe to Paramount Plus Essential, you can watch the premiere on demand the following Monday, but not live on Sunday.
Here’s a clear breakdown of how to watch the first four episodes of Marshals.
Episode 1, Piya Wiconi: Premieres on CBS/Paramount Plus Premium on March 1 at 8 p.m. ET/8 p.m. PT/7 p.m. CT. Streams on Paramount Plus Essential on March 2.
Episode 2, Zone of Death: Premieres on CBS/Paramount Plus Premium on March 8 at 8 p.m. ET/8 p.m. PT/7 p.m. CT. Streams on Paramount Plus Essential on March 9.
Episode 3, Road to Nowhere: Premieres on CBS/Paramount Plus Premium on March 15 at 8 p.m. ET/8 p.m. PT/7 p.m. CT. Streams on Paramount Plus Essential on March 16.
Episode 4, The Gathering Storm: Premieres on CBS/Paramount Plus Premium on March 22 at 8 p.m. ET/8 p.m. PT/7 p.m. CT. Streams on Paramount Plus Essential on March 23.
You can also watch CBS and the first episode of Marshals without cable with a live TV streaming service such as YouTube TV, Hulu Plus Live TV or the DirecTV MyNews skinny bundle. In addition to being a lower-cost option, Paramount Plus allows you to watch the other two Yellowstone spin-offs — the prequels 1883 and 1923.
After a price increase in early 2026, the ad-supported Essential version runs $9 per month or $90 per year, and the ad-free Premium version runs $14 per month or $140 per year. Paying more for Premium gives you downloads, the ability to watch more Showtime programming than Essential and — as mentioned — access to your live, local CBS station.
When security teams talk about attack surface, the conversation usually starts in familiar places. Servers, identity systems, VPN access, cloud workloads, maybe browsers. Those are visible. They show up in diagrams and asset inventories.
What gets less attention are the everyday tools people use to actually get work done.
PDF readers. Compression utilities. Remote access clients. Word processors. Spreadsheet tools. Email clients. Browsers. Screen sharing software. Update managers. The background software that quietly powers normal business activity.
Most organizations do not spend much time debating whether to deploy these. They are simply part of operating in a digital economy. Contracts arrive as PDFs. Finance works in spreadsheets. HR reviews resumes. IT supports users remotely. Executives live in email and browsers. These tools become part of the environment almost by default.
Advertisement
At Action1, where visibility into third-party software exposure across endpoints is a daily focus, these background tools consistently emerge as a defining part of the real-world attack surface.
That commonness is what makes them attractive targets from a threat actor’s perspective.
The value of being ordinary
From the outside, modern enterprises look different. Networks vary. Architectures change. Security stacks evolve. But, inside most environments, the same classes of applications appear again and again, and more often than not, the same software titles dominate the majority of installations.
It is difficult to function in modern business without an email client, document processing software, a browser, and tools for packaging, previewing, and sharing files. Using similar products is less about preference and more about compatibility.
Advertisement
Business depends on exchanging information in formats everyone else can use. Without those standards, we go back to the days of file-format wars, “I cannot open that, we use something else,” and lost time just trying to make data usable. That friction is why the industry standardized, and why the same major names still dominate.
Attackers pay attention to that.
Rather than predicting every custom application an organization might run, they look for overlap. If a vulnerability appears in a widely used PDF engine, spreadsheet parser, email preview component, or remote access utility, the chances it connects with something real are high. The exploit is aimed less at unique architecture and more at familiarity.
Most successful exploitation does not rely on exotic techniques. It relies on muscle memory. Users open PDFs, Word files, spreadsheets, and links all day long. Attackers are betting those actions feel routine enough that nobody hesitates.
Advertisement
That familiarity shapes how campaigns are built, and it should influence how defense strategies are planned.
Good thing Action1 does it for you, now on Linux too—alongside Windows, macOS, and third-party apps.
One platform. Zero infrastructure. Real-time visibility. Finally, patching that just works.
Many attacks historically looked like guesswork. An attacker might send a crafted email for Outlook, hoping the recipient uses Outlook. Or attach a weaponized spreadsheet, hoping Excel is present. Or send a malicious PDF, hoping the reader is vulnerable.
Advertisement
There is uncertainty in that approach. The exploit launches before the attacker truly knows what exists on the other end. This increases chances the attack will be detected before being effective, and it risks valuable exploit code to failure, where it may be detected, profiled, then henceforth scanned and detected.
What changes with common utilities is the probability curve.
Email clients, browsers, word processors, spreadsheets, PDF readers, and archive tools appear in most business environments because the work itself requires them. An attacker does not need perfect information to expect something compatible nearby.
Instead of treating exploitation as a one-off guess, attackers think in likelihood. They invest effort where overlap is largest. The more widespread the tool, the more attractive it becomes as an entry point.
Advertisement
That is why vulnerabilities in these utilities move quickly through exploit ecosystems. Once something works in a familiar toolchain, it scales. If one user relies on Outlook, Word, and Adobe, there is a good chance coworkers and business relations do as well for interoperability reasons.
Figure 1: Automated detection and remediation of critical vulnerabilities in third-party applications.
The standard business footprint in practice
These tools also travel together.
If an email clearly originated from Outlook, it already hints at part of the environment. Email workflows connect to document workflows. If Outlook is present, Word and Excel are often nearby.
Each utility reinforces the presence of others.
For attackers, that enables paths rather than isolated exploits. An issue in an email client connects to attachment handling, preview engines, document renderers, shared libraries, and integrations that tend to coexist on the same system.
Advertisement
Instead of targeting a single application, the attack surface starts to resemble the business footprint itself, the collection of tools people rely on every day.
When vulnerabilities appear in that footprint, they attract more attention because they fit naturally into how people already work.
Quiet signals and small leaks
Another part of the story is information people do not realize they share.
Documents often contain metadata. PDFs reference the engine that produced them. Spreadsheets carry formatting behavior tied to specific suites. Email headers expose client details. Browser traffic advertises user agents. File structures reveal habits and versions.
Advertisement
A single attachment, email, or shared document can quietly describe parts of the software stack behind it.
In isolation it does not look sensitive. Often it is not even visible. Over time it builds a picture of what tools are common, what standards they follow, and how files are processed.
What created it, what version, how recently, so when old software details show in current workflows, the software processing it is old. And old software often means years of exploit potential bottled up in one package. That is often what turns speculation into precision.
Those breadcrumbs help attackers shape payloads that align with what exists on the other side, increasing effectiveness while reducing noisy experimentation.
Advertisement
Why third-party software drifts
Most enterprises put real effort into operating system patching. Update pipelines are understood. Browsers update often. Mobile devices follow management policies. Systems start with baselines and are monitored.
Third-party utilities live differently.
Vendors ship different installers. Some auto-update. Some rely on users. Some get disabled by packaging systems. Some stay frozen because workflows depend on a version.
Over time, multiple builds of the same tool spread across endpoints. Some become stale. Some live for years with known vulnerabilities simply because they fell off the radar.
Advertisement
In Action1’s analysis of enterprise environments, it is common to find multiple versions of the same third-party application coexisting, some lagging years behind current security fixes. This fragmentation quietly accumulates exploit potential without triggering obvious alerts.
From a security view, that drift matters because attackers do not need new exploits. They benefit from whatever version still exists somewhere in the footprint. A five-year-old PDF reader quietly carries five years of cumulative exploit potential.
What feels like small technical debt widens the opportunity window for major exploitation.
Trust and everyday behavior
There is also a human side to these tools.
Advertisement
Email, documents, browsers, and archives feel like infrastructure. People trust them like desks and keyboards. Opening a PDF does not feel like running code. Previewing an email does not feel like execution. Extracting a file feels routine.
By the time behavior looks unusual, the initial interaction already happened in a place people rarely question. These actions occur thousands of times a day, which makes tracing a compromise back to a document, email, or user extremely difficult.
Figure 2: Secure, scalable patch management across Windows, macOS, and third-party apps, with compliance reporting and 200 forever-free endpoints.
Looking at the footprint, not just the platform
For leadership teams, the value here is perspective, not fear.
Security strategies often start with the platform layer, operating systems, networks, identity, cloud infrastructure. Those matter, but they do not tell the full story of how work actually happens.
Work happens in email clients, spreadsheets, PDFs, browsers, archive tools, and remote sessions. That is where files open, previews render, links get clicked, and data moves between people.
Advertisement
That makes them predictable.
That is why third-party patching often carries more risk weight than expected. The operating system may be tightly managed, while the tools on top quietly define real exposure.
Looking at the footprint is less about assuming weakness and more about understanding where everyday work intersects with real security concerns.
A quieter way to think about patching
Third-party patching often feels operational rather than strategic. Yet these utilities sit at the intersection of people, files, and execution.
Advertisement
They are ordinary, and that is exactly why they matter.
Not because every organization looks the same, but because they look similar enough that attackers design around that similarity.
When teams examine environments, the focus is usually infrastructure. There is also value in asking what the standard business suite looks like across endpoints, how it evolves, and how consistently it stays current.
Which tools are actually needed? Which are simply part of a default deploy? Which stay installed even when unused? Which stop getting updated because nobody notices them?
Advertisement
This is why, in practice, teams working with platforms like Action1 consistently see third-party patching deliver a greater reduction in real-world risk than many more visible security controls. Exploitation rarely hinges on a single overlooked vulnerability. It is enabled by years of accumulated drift across third-party applications that quietly fall out of date while remaining embedded in everyday workflows.
Those conditions exist long before an exploit is written or deployed. They shape the practical attack surface by defining which software actually executes, which files get opened, and which actions feel routine enough to avoid scrutiny.
Third-party software is not adjacent to the platform — it is part of how the platform operates, and it is often where exposure concentrates when everything else appears well-managed.
Action1is a founder-led company, brought to you by the original minds behind Netwrix. At the time of this writing, it is one of the fastest-growing private software companies in the US because organizations are recognizing that OS and third-party patching can no longer be treated as a secondary task.
Advertisement
Addressing modern risk requires continuous visibility into third-party software and the ability to remediate vulnerable applications across endpoints quickly and consistently. When teams evaluate modern patch management solutions, Action1 increasingly represents the option designed around that reality.
One of the problems with being a graffiti artist is that you have to carry around a different spray can for each color you intend to use. [Sandesh Manik] decided to solve this problem by building a rig that can produce a wider range of colors by mixing the paint from several cans at once. Check it out in the video below.
The project is called Spectrum. It uses four off-the-shelf spray paint cans—colored red, blue, yellow, and white—and mixes them to create a wider range of colors. All four cans are hooked up to a single output nozzle via a nest of tubing and a four-to-one tube manifold. Key to controlling the flow of paint is a custom device which [Sandesh] calls the “rotary pinch valve,” with one fitted to the feed line coming from each spray can. These valves use a motor-driven lever to pinch a plastic tube shut, allowing them to control the paint flow. This design keeps the mechanism and paint completely separate, which was important to stop paint from fouling the valves in short order. It also prevents backflow, which keeps the paint going towards the outlet and prevents ugly messes. By quickly actuating the valve, the paint flow from each can is modulated to mix various colors as desired.
The mixing valves are under the command of an Arduino Nano. The microcontroller reads a series of knobs to select the amount of each component color to mix, and displays relevant information on a screen. Then, when a pushbutton is pressed, the valves are actuated to spit out the right amount of each paint from the atomizer nozzle. [Sandesh] went so far as to include an advanced “gradient” mode, where a force-sensitive button allows the device to transition smoothly from one color to another depending on how hard the button is pushed.
Advertisement
It’s a neat concept which we’d love to see explored further, perhaps with a more traditional selection of CMYK paints rather than the more unusual red, yellow, blue, and white. We’ve also seen some fun spray paint projects before, like this neat wall-mount plotter. Video after the break.
