Looking for the most recent Mini Crossword answer? Click here for today’s Mini Crossword hints, as well as our daily answers and hints for The New York Times Wordle, Strands, Connections and Connections: Sports Edition puzzles.
Need some help with today’s Mini Crossword? I thought 1-Across and 5-Across were a bit tricky. Read on for all the answers. And if you could use some hints and guidance for daily solving, check out our Mini Crossword tips.
If you’re looking for today’s Wordle, Connections, Connections: Sports Edition and Strands answers, you can visit CNET’s NYT puzzle hints page.
Read more: Tips and Tricks for Solving The New York Times Mini Crossword
Let’s get to those Mini Crossword clues and answers.
The completed NYT Mini Crossword puzzle for May 29, 2026.
1A clue: “Whatcha ___?”
Answer: DOIN
5A clue: “Whatcha ___?”
Answer: UPTO
6A clue: Ecosystem that includes the bristlemouth, the most common vertebrate on Earth (roughly 1 quadrillion organisms)
Answer: OCEAN
7A clue: Marx who wrote “Das Kapital”
Answer: KARL
8A clue: Period at a hotel
Answer: STAY
1D clue: Old gold coin of Europe
Answer: DUCAT
2D clue: Performance at Milan’s La Scala or Naples’s Teatro di San Carlo
Answer: OPERA
3D clue: Home to Milan and Naples
Answer: ITALY
4D clue: Prefix with starter or smoker
Answer: NON
6D clue: Approves
Answer: OKS
Dutch authorities have taken offline a massive botnet of 17 million devices and seized more than 200 servers at a local provider that supported the operation.
The action was carried out following an investigation from the Police in collaboration with the country’s cybersecurity agency, the National Cyber Security Centre (NCSC).
According to the authorities, the seized servers controlled “computers, tablets, and smartphones to carry out cyberattacks.”
Botnets are networks of compromised devices used for illegal activities such as distributed denial-of-service (DDoS) attacks, malicious traffic proxying, or cryptocurrency mining.
“The investigation revealed that the botnet consisted of at least 17 million infected devices and that the 200 servers used to host the infrastructure were located in the Netherlands,” the NCSC said.
“ The police subsequently seized several botnet servers from a hosting provider for investigation purposes. The hosting provider took the botnet offline because it was being used for criminal activities.”
Although the authorities did not name the botnet, local media reported that it was linked to a service called Asocks, which advertises itself as a “universal proxy service” with 7 million IP addresses, 150 locations, and 100,000 clients.
The platform offers corporate, residential, and mobile proxies for monthly subscriptions between $5 and $15, with discounts for bulk purchases.
Although such services often comprise IPs that voluntarily donate bandwidth by using a specialized client in exchange for a fee, NCSC’s action indicates that the owners of the devices that were part of the botnet did not knowingly participate in supporting cybercrime operations.
BleepingComputer has contacted Asocks with a request for a comment on the allegations, but we have not received a response by publication time.
To protect networking devices from botnet infections, ensure the default credentials have been changed to something unique and strong, the latest firmware update has been applied, and remote administration panels are disabled when not needed.
Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.
This guide covers the 6 surfaces you actually need to validate.
The cable news channel has accused the AI company of “massive copyright infringement.”
CNN has joined the growing ranks of media companies suing Perplexity for copyright infringement. The cable news network has accused the AI search company of “massive copyright infringement” that includes wrongfully scraping its website and copying more than 17,000 pieces of its content.
The lawsuit, which was filed Thursday, claims that the AI company “unlawfully crawls, scrapes, copies, and distributes CNN’s content from CNN Digital Platforms and third-party platforms.” It also accuses the AI tools of reproducing “verbatim copies” of its articles, including paywalled stories, in query responses to users. Perplexity’s AI tools allegedly have incorrectly attributed “hallucinated” content to CNN, which the company says in the suit violates its trademark.
“CNN’s lawsuit stands for the proposition that Perplexity, a company valued at tens of billions of dollars, should not be able to steal from entities that create the original content Perplexity exploits,” a CNN spokesperson said in a statement to the outlet. “The public rely on high quality news journalism reported by human beings to understand their world, which is frequently dangerous and expensive to produce. Commercial operators can and must pay to make use of it.”
CNN is far from the first media company to sue Perplexity for scraping content without permission. The New York Times, Chicago Tribune, Reddit, Merriam-Webster, Encyclopedia Britannica and Nikkei have also filed lawsuits against the company. “You can’t copyright facts,” Perplexity’s Chief Communications Officer Jesse Dwyer said in a statement to CNN.
Interestingly, it seems that Perplexity was at one point trying to strike a deal with CNN that would have allowed it to use some of the network’s content. According to the lawsuit, the two companies were in negotiations last year that would have made paywalled CNN content available to Perplexity’s paid subscribers. The deal ultimately fell through, but Perplexity continued to use CNN’s name and content in its products despite warnings from the TV network’s legal team. Perplexity never responded, the lawsuit says.
The reboot of the classic Xbox series is now coming out in February 2027.
Fable, a reboot of the Xbox fantasy RPG series developed by Playground Games, has been delayed. The game’s release date is shifting from fall 2026 to February 2027 “so it can have the dedicated moment it deserves,” according to a post from Xbox on X. The new release date will give developers more time to polish the game before it comes out, while also moving it out of the blast radius of Grand Theft Auto VI, which is scheduled for release on November 19.
This isn’t the first time the reboot has been delayed, and as Microsoft notes in its announcement post, the back half of the year is particularly stacked with big releases like Call of Duty: Modern Warfare 4, Control Resonant and the aforementioned Grand Theft Auto VI. Moving to 2027 rather than duking it out with those more hotly anticipated titles could give Fable more time to shine. It does make a long development cycle even longer than it was before, though. The Fable reboot was originally announced in 2020, and Microsoft didn’t share proper gameplay footage of the game until January of this year. That means from announcement to release, Fable will have taken seven years to make, and that’s likely not taking into account work that went into the project ahead of its original announcement.
This is year is packed with incredible games for XBOX players to enjoy, from Halo: Campaign Evolved, Gears of War: E-Day and Call of Duty Modern Warfare 4 to Control Resonant, Star Wars: Galactic Racer and Grand Theft Auto VI. In order to plan our game launches through the… pic.twitter.com/eNXiA9ebn4
— XBOX (@XBOX) May 29, 2026
During its earlier 2026 showcase, Microsoft demoed Fable‘s detailed character creator and ambitious approach to simulating NPCs. The company also shared that the game would be available on PlayStation 5, alongside Xbox Series X/S, PC via Steam and Xbox and Game Pass Ultimate. While Fable won’t be available this year, Microsoft says it will show off “a major new look“ at the game during its Xbox Games Showcase on June 7.
You have probably experienced the following scenario yourself. A website suddenly stops loading, a login page times out, or an online service becomes unreachable at the worst possible moment. Sometimes the cause is not an internal outage, but a Distributed Denial-of-Service (DDoS) attack designed to overwhelm the service from the outside.
DDoS attacks have long been one of the simplest ways to disrupt an online service:flooding it with enough traffic, exhausting its infrastructure, and making it unreachable without breaking into the target’s systems. Now more than ever DDoS is being packaged, branded, and sold with the language of a mature online service, and the impact is well recorded in the real world.
Cloudflare reported blocking a 7.3 Tbps attack in 2025 and later said it mitigated a 31.4 Tbps attack in its Q4 2025 DDoS report. Microsoft also said Azure mitigated a 15.72 Tbps attack in October 2025, attributing the activity to the Aisuru botnet.
Behind those incidents, underground sellers are competing over the same buyers with an increasingly polished pitch. Recent underground activity analyzed by Flare researchers describe attack panels, API access, monthly plans, reseller options, customer support, botnet-backed capacity, game-server methods, and Cloudflare bypass claims.
A comparison of two datasets of DDoS-related underground activity from the first five months of 2023 and the first five months of 2026, shows how quickly that offer has changed. What once appeared more frequently as scripts, tutorials, leaked tools, and scattered forum posts is now more often presented as a repeatable product that is easier to buy and operate.
A DDoS attack attempts to overwhelm a website, application, network, or server with traffic from many sources at once. Some attacks target network capacity, while others focus on application layer resources such as login pages and APIs. The objective is usually simple: make the service unavailable, unstable, or expensive to operate.
DDoS-as-a-service lowers the barrier further. Instead of building infrastructure, an attacker can pay for access to a web panel, choose a target, select a duration, and rely on someone else’s botnet, proxy network, or third-party attack infrastructure.
Flare researchers searched for DDoS-related underground activity from two periods in time. The first was the fivefirst months of 2023 and the second was the first five months of 2026. The team cleaned the data, curated it and found some important insights.
| Topic | 2023 | 2026 | Change |
|---|---|---|---|
| Volume of records | 4,403 | 4,964 | Slight increase |
| High-signal DDoS service ads | 38 | 364 | ~10x increase |
| Unique ad clusters | 31 | 123 | ~4x increase |
| Unique actors | 15 | 41 | ~3x increase |
| Sources observed | 22 | 43 | ~2x increase |
An important disclaimer, in this research we focused on distributed DoS. There’s another category, which is denial of service.
Technically it is a bit different in the way a server is targeted, but the goal is the same. In this research we only focused on DDoS offerings and did our best to exclude the DoS offerings.
DDoS-as-a-service platforms are openly advertised across dark web forums and cybercrime communities — the same sources Flare monitors continuously.
Flare tracks underground marketplaces, botnet infrastructure chatter, and threat actor activity across thousands of dark web sources, so your security team sees emerging threats before they impact your operations.
The topics in the posts from 2023 are more diverse. Many offerings revolved around scripts, leaked tools, tutorials, or generic “botnet service” advertisements.
One repeated type of post from 2023 (as seen in the screenshot below) promoted a “Botnet Service L7 – L4” and claimed Layer 3, Layer 4, and Layer 7 capability, optional API access, automatic payments, high attack slots, game-server targeting, and bypasses for Cloudflare-related protections. The same advertising text appeared across multiple sources and actors, suggesting copying, reselling, or recycling marketing.
While the post from 2023 was focused about the services, more recent posts from 2026 are focused around the price and the offering they give.
An advertisement of “SatelliteStress” described the service as an IP stresser with a user-friendly panel, API access, game-server support, and monthly plans starting at €20. The same post claimed the service was “100% botnet-powered” and did not rely on downstream APIs, a positioning meant to distinguish it from resellers that depend on another provider’s infrastructure.
As illustrated in the screenshot below, Areshun, which is another post that offers a “Premium DDoS Service” with Layer 4 and Layer 7 attacks, monitoring, API integration, custom plans, 24/7 support, and promotional discount codes is also pinpointed on specific service and its price.
Another similar example is of “RebirthStress”, which is similarly marketed as a botnet-powered IP and web stressing device, a free Layer 7 hub, more than 400 slots, reselling suitability, and plans starting at $15 per month.
If you go over these posts, one-by-one and make the comparison, you see a distinct trend. The post in 2026 is more focused on a product, the sellers are competing one against another on customers. They package everything nicely, offer shiny features: ease of use, fully automated, full support, privacy promised, reselling capacity, and reliability.
The technical details have not disappeared, they became part of the sale pitch. In 2026 ads more commonly bundle Layer 4 and Layer 7 claims (means the service support both network-level attacks and application-layer attacks) words such as “panel,” “API,” “slots,” “bypass,” “monitoring,” “uptime,” and “support.”
One THORCC-related advertisement claimed more than 7,000 active Layer 4 bots and promoted bandwidth analytics and attack-vector statistics. Another Russian and English post presented “professional stress testing” while claiming Cloudflare and DDoS-Guard bypasses, high concurrency, and long attack durations.
Sellers are possibly exaggerating about their capabilities. However, the consistency of their marketing language remains important intelligence.
It shows what buyers are being encouraged to value beyond raw traffic volume, including web panels, automation, bypass claims, and the ability to launch or resell attacks with minimal effort.
The pricing of a DDoS attack in 2026 is very cheap. We’ve seen the following offers:
There are some more expensive offerings. An actor named “SamuraiDD” advertised attacks starting at $100 per day (see in the screenshot below).
Another actor named “POWERDDOS” used a tiered model of $5 tests, $100 per day for “weak” target, $200 per day for “medium” target, and $500 per day for “strong” or protected targets.
Lastly, we’ve also seen some “premium” offerings which included infrastructure-style targeting, including a DDoS botnet attack network advertised for $2,000.
The pattern shows a market segmented by buyer type. Cheap tests and short attacks for low-skill users, daily pricing for one-off disruption, private negotiation for longer campaigns, and higher-value infrastructure or reseller-style offers for more serious customers.
Public reporting on the booter economy (a paid DDoS-for-hire service that lets users launch attacks through someone else’s infrastructure) also aligns with this low-cost access model, with Akamai noting that some DDoS booter services can cost less than $25 per month and may offer limited trials.
DDoS-as-a-service is no longer only about traffic volume. The market is dropping down the entry bar, enabling easier purchase, easier operation, and easier to resell. What matters is not only how powerful an attack is, but how easy it is to launch an attack through a panel, various plans, full support, API access, and rented infrastructure.
This lowers the barrier for several types of actors. Low-skill users can buy short, cheap attacks. More serious customers can negotiate longer or higher-volume campaigns. Resellers can help expand the reach of the original service. As a result, defenders should not assume that disruptive DDoS activity requires a sophisticated attacker behind the keyboard.
In the near future, this market will likely continue moving toward more polished service models. As clearer pricing tiers, more automation, stronger reseller programs, and heavier branding around “bypass” capabilities and attack reliability.
Sponsored and written by Flare.
Steeper discounts have resulted in the lowest prices ever on numerous M5 Pro and M5 Max 14-inch MacBook Pro configurations, with every model on sale.
Whether you’re looking for the standard M5 Pro 14-inch MacBook Pro that’s marked down to $1,999 at Amazon and B&H, or if you’d like to maximize your savings with Expercom’s record-breaking $1,300 markdown on a loaded M5 Max spec, there are a variety of deals to choose from this weekend.
A comprehensive rundown of the offers can be found in our 14-inch MacBook Pro M5 Pro and M5 Max Price Guide, with a few highlights below:
14-inch MacBook Pro M5 Pro and M5 Max deals
Astell&Kern is bringing the A&ultima SP4000T Vacuum Tube DAP and Clarus In-Ear Monitor to High End Vienna 2026, and the timing feels right. The Vienna show opens June 4 at the Austria Center, just as wired IEMs are enjoying one of their strongest runs in years. CanJam NYC 2026 made that hard to miss, with in-ear monitors and portable audio electronics pulling heavy traffic from listeners who have not surrendered the 4.4mm balanced cable to the Bluetooth empire just yet.
A&K has earned some goodwill from us recently. The A&ultima SP3000T showed that a tube-equipped DAP could be more than a glowing party trick, while the SP3000 impressed with its resolution, timbre, and natural presentation. The SP4000T and Clarus now give Astell&Kern an opportunity to show whether its next portable flagship pairing can deliver the kind of wired listening experience that has personal audio buzzing again.
The A&ultima SP4000T gives Astell&Kern a new flagship tube DAP by combining modern digital audio processing with a more traditional analog output stage. The headline feature is its use of four RAYTHEON JAN6418 MIL-Spec vintage vacuum tubes in a quad configuration, making it the first portable digital audio player to use that tube arrangement. It is the kind of spec that will get the portable audio crowd leaning forward, assuming they have not already spent the rent money on cables and IEMs.
The SP4000T uses an independent dual tube structure with four tubes in total, divided between the left and right channels. That type of channel separated tube design is more commonly associated with home audio tube amplifiers than portable digital audio players.
Each tube is measured for noise and gain characteristics before matching. Astell&Kern says the tube section is isolated through independent modular flexible PCBs and a multi layered internal architecture, which is important in a portable design where noise, heat, vibration, and consistency are all factors.
The SP4000T also introduces Triple Tube Mode, which Astell&Kern describes as a first for the DAP category. Combined with the company’s T Series Signature Triple AMP Mode and adjustable Tube Current settings, the player offers up to 54 possible sound combinations.
Astell&Kern offers three tube modes on the SP4000T. Triode Mode is intended to emphasize harmonic richness, warmth, and a more rounded presentation. Pentode Mode is designed for higher output and stronger dynamic impact while retaining tube character. Ultra Linear Mode sits between the two, balancing the tonal weight of Triode Mode with the control and drive of Pentode Mode.
The larger goal is to combine Astell&Kern’s TERATON ALPHA platform, quad vacuum tube architecture, and OP AMP design in a portable player that can deliver high resolution digital playback with adjustable analog tube character.
The SP4000T gives listeners three amplifier options. OP AMP Mode uses the player’s solid state output stage and is intended to deliver lower noise, stronger control, and a more direct presentation. TUBE AMP Mode routes playback through the vacuum tube section for listeners who prefer a warmer tonal balance and a more spacious presentation.
HYBRID AMP Mode blends the OP AMP and tube stages across five selectable levels, allowing users to adjust how much tube character is added to the signal. The goal is to give listeners more control over the SP4000T’s output character without requiring external hardware or EQ.
The SP4000T introduces an upgraded 5-stage second-generation Anti-Microphonic Architecture (up from the previous 4-stage design) to suppress microphonic noise (noise generated in vacuum tubes from even the most minor external vibrations).
The SP4000T runs Android 15 and includes Google Play Store support, giving users broader access to streaming apps than earlier closed-platform DAPs. To preserve playback quality, Astell&Kern uses its ADP, or Astell&Kern Direct Path, technology to bypass Android’s standard sample rate conversion. That allows compatible streaming services to deliver lossless, bit-perfect playback through the player rather than being forced through Android’s normal audio path.
The SP4000T also introduces Astell&Kern’s first dual Wi-Fi antenna design. The goal is faster and more stable wireless streaming and downloads, especially on 5GHz networks. According to Astell&Kern’s internal testing, the new design can deliver up to twice the 5GHz download speed of previous models, although real-world performance will still depend on network conditions, router quality, and distance from the access point.
The SP4000T uses a discrete circuit architecture that separates digital and analog signal processing. Its DAC section is built around dual AKM AK4499EX DACs and dedicated AK4191EQ processors for each channel, a layout intended to reduce noise and preserve signal integrity across the playback chain.
Based on Astell&Kern’s SP4000 platform, the SP4000T also includes High Driving Mode, which uses a parallel OP AMP configuration to increase output capability and improve control with more demanding IEMs and headphones.
Astell&Kern’s ESA, or Enhanced Signal Alignment, technology is included to improve timing accuracy across the frequency range. The goal is cleaner imaging, better clarity, and a more stable soundstage. The SP4000T also includes DAR, or Digital Audio Remaster, which applies upsampling to PCM and DSD files with the aim of improving perceived detail and harmonic texture.
Additional internal refinements include Any Layer HDI PCB technology and a 99.9% pure copper shield, both used to reduce signal loss, noise, and electromagnetic interference inside the player.
The SP4000T includes 256GB of internal storage, with microSD expansion up to 1.5TB. It supports native playback up to 32-bit/768kHz PCM and DSD512, giving it the file compatibility expected from Astell&Kern’s flagship DAP lineup.
The player uses a 6-inch Full HD touchscreen and supports dual-band Wi-Fi, DLNA networking, USB audio output, and USB DAC operation with Mac and Windows computers.
Bluetooth support includes aptX Adaptive and LDAC, giving users higher-quality wireless options when a cable is not practical. BT Sink mode also allows the SP4000T to receive Bluetooth audio from an external device, such as a smartphone, and function as a portable Bluetooth DAC.
Other usability features include ReplayGain, AK File Drop for wireless file transfers, USB PD 3.0 fast charging, and customizable battery protection settings.
For extended listening comfort, the SP4000T includes advanced Crossfeed controls that recreate a more speaker-like listening experience through headphones, allowing users to fine-tune spatial presentation and reduce listening fatigue over long sessions.
The SP4000T is packaged with a premium leather “Cognac’ colored case crafted using ‘MINERVA’ leather from ‘BADALASSI CARLO‘, a renowned leather workshop located in the San Miniato district of Florence, Italy.
Two additional premium leather cases will be available for the SP4000T. A black case, crafted from soft cowhide by GRUPPO MASTROTTO, delivers an exceptionally soft touch, with a uniform surface quality and a distinctively vibrant Italian colouration. An olive-coloured case, crafted from premium vegetable-tanned leather by BADALASSI CARLO, is crafted through a proprietary tanning and dyeing process. Both cases feature a standing mechanism on the back to provide greater convenience in use.
In addition to the SP4000T, Astell&Kern will show its Clarus IEMs for the first time at High End Vienna 2026.
Clarus is the fourth model in Astell&Kern’s IEM series, developed around the company’s goal of delivering a transparent, low distortion presentation for high resolution portable listening.
The Clarus uses a new 9-driver Tribrid architecture. Each side combines dynamic, balanced armature, and MEMS drivers, with each driver assigned to its own frequency range rather than being asked to cover too much of the spectrum. The shells are crafted from premium grade 6061-T6 aluminum, a material chosen for its rigidity, durability, and ability to support a more stable acoustic structure.
The technical goal is a more controlled full range presentation, with bass handled by the dynamic driver, midrange and treble detail managed by the BA drivers, and the most delicate high frequency information reproduced by the MEMS drivers. In theory, that division of labor should help Clarus deliver stronger separation, cleaner imaging, and a more open sense of space without forcing one driver type to do all of the heavy lifting.
The SP4000T is not the first DAP to use vacuum tubes, and Cayin’s N8iii is an important reminder that Astell&Kern is not operating in an empty lane. What makes the SP4000T different is the combination of four Raytheon JAN6418 MIL-Spec tubes in a quad configuration, three selectable tube modes, hybrid amp control, Android 15 with Google Play Store support, and A&K’s flagship DAC and processing platform in one portable player.
It is too early to judge the sound, but Astell&Kern did not build its reputation in the DAP category by making timid moves. The SP4000T looks like a deliberate attempt to bridge high resolution digital playback with adjustable analog tube character. The real question is whether analog focused listeners will hear this as meaningful engineering or another very expensive pocket-sized argument for staying up too late with IEMs.
The Astell&Kern SP4000T and Clarus will make their global debut at the High End Show, 4–7 June at booth HX4, M04, Austria Center Vienna.
Pricing and availability for the SP4000T in Stainless Steel and Copper editions will be announced shortly.
Clarus will be available for demo in the Astell&Kern booth at High End Vienna 2026. Pricing, availability, and further details will be confirmed in due course.
Apple products are not cheap, that’s no secret. Only perhaps a select few, like the MacBook Neo, the Mac Mini, and the AirPods 4 could be considered budget or midrange in their respective product categories. For deal-hunters, there’s also a surprisingly good Certified Refurbished program that rigorously tests and resells used products with warranties, free delivery, and even trade-in options. But if that’s not good enough, you can always buy used. A number of Apple products are totally worth grabbing off the secondhand market — even when saving money isn’t the primary objective.
We want to look at Apple products you could buy today and still be plenty happy with. We say that with the caveat that this does not always mean you can use them as-is; be prepared for the possibility of battery replacements, repairs, OS updates or limitations, and, if nothing else, compromises that naturally come with aging tech. Having said that, these five products surprise us by getting the job done in 2026 despite being made by a company that tries every tactic to get you to upgrade.
Apple may have discontinued the iPod lineup after the iPod Touch, but it can’t totally kill something so iconic. Younger generations are seeing the magic of “vintage” tech, particularly iPods, and buying them in droves anywhere they can, particularly the iPod Classic. Aside from the audio jack-only listening experience and the nostalgia, an iPod can still hold its own today; 30-160 GB of storage is plenty for your music, it supports high bitrate AAC, MP3, and Apple lossless file formats, and it was originally rated for 36 hours of music listening.
Despite the increasing scarcity of these devices, you can find working pre-owned and new sealed units on eBay in the $100 to $500 range. Assuming everything else is functional, the only thing you’d really need to do is replace the battery. Apple has long since discontinued service for these iPod Classic models, but iFixit says you can replace the aging battery. We recommend sending it to an expert if you’re not confident doing it yourself.
You have two choices when buying an iPod Classic: using it vanilla, as Apple intended, or modding it. Some would swear by the former since it adds a lot of intentionality to the experience (e.g., you have to manually add songs over the wire with, yes, iTunes), and thus it’s more meaningful. Taking the latter route, however, gives you all the benefits of the iPod Classic form factor plus modern conveniences like Bluetooth, USB-C, modern SSD storage, and customizable operating systems. Really, you can change so much that the iPod starts to feel like a Ship of Theseus. The wheel, the screen, the front plate, even the case can be swapped.
It’s not uncommon for people to rock a MacBook a decade old. Apple’s vintage category still supports MacBooks dating back to around 2012, meaning occasional security updates and limited repair support. Compare that to Windows laptops, which seem to need life support to function around year 3 (in my experience). If you need a computer to do the basic stuff like web surfing and checking emails, buy a used MacBook.
Definitely replace the battery if possible. For example, the MacBook Air 13-inch from 2017 has a moderately challenging (10 to 20 minutes) battery replacement, according to iFixit. We’d highly recommend avoiding certain Mac models entirely, such as those that had the infamous butterfly keyboard. The next question you have to ask yourself is what you’re going to do with the OS, assuming this is a MacBook that is no longer getting security updates. For most people, we’d recommend using something like OpenCore Legacy Patcher, which can bring supported models up to date with the latest version of macOS.
If that doesn’t work — or you’re a bit more adventurous — installing Linux on an old MacBook is almost always an option. YouTuber Action Retro shows the installation of Ubuntu on a MacBook Pro from 2011 and gets a buttery-smooth, usable experience, especially after replacing the hard drive with a modern SSD. Linux gives your MacBook another lease on life since Linux distributions are known to support hardware for decades, including security patches and support for the latest version of modern apps. And if you don’t like Ubuntu, you can always try macOS-like Linux distributions such as elementary OS.
Every year, Apple introduces the latest iteration in its M-Series lineup of MacBooks; it recently introduced the M5, M5 Pro, and M5 Max chips, with M6 slated for 2026. Thus, the pattern will probably continue. Except Apple made one big mistake: it created chips so good that people can’t find reasons to upgrade even years in the chip’s tenure. The original M1 MacBook Airs released in 2020 continue to perform smoothly and reliably now and, by all accounts, will probably continue to do so for years to come.
As proof, look at the surfeit of user reviews of M1 MacBook Airs in 2026 drawing the same conclusion: unless you’re a power user or professional in need of top-tier, bleeding-edge performance, this will get the job done. Even then, some professionals see no need to upgrade for the situations where it would matter. YouTuber Becca Farsace bought a used M1 MacBook Pro to edit videos, thinking she’d upgrade once she had spare cash. She loved it so much that she never did.
Case in point, if you’ve been eyeballing the latest M-Series MacBooks and you’re not interested in today’s prices, an older model is still a strong option. You’ll likely be astounded by how good it is, especially if you don’t need a ton of power. This is in steep contrast to Windows laptops, which — again, based on personal experience — would be in desperate need of Linux or the trash bin after six years. The only caveat is support longevity; it’s unclear how much longer Apple will support M1 MacBooks, with around eight years being a generous estimate. Once again, though, the “aging” M1 can always turn to OpenCore Legacy Patcher and Linux if Apple decides to leave behind such potent tech.
Fewer and fewer people upgrade their phones to the latest model, and that’s when talking about a daily driver device that needs to be snappy and reliable. A device you use much less frequently — like an iPad — has an even lower bar to clear. We’d guess most people only use iPads to do very lightweight productivity and entertainment tasks like web browsing and streaming, something you don’t need the latest iPad M5 for. Luckily, there’s little reason to buy current-gen iPads since older iPads are still great.
As an extreme example, take this 2015 iPad Pro we reviewed way back when. It’s 11 years old at the time of writing, but it still receives regular security updates, even though it has been thoroughly left behind feature-wise. Modern reviews of the device paint it in a positive light, though of course some aspects of the hardware show their age. Popular apps like YouTube and HBO Max still support iPadOS 16, and likely a good chunk of the apps you want to use do as well.
We’re not necessarily saying you should go out and buy the oldest supported iPad, but rather that you consider older options. To give an example, the iPad 7th generation released in 2019 sells for around $100 on eBay and supports up to iPadOS 17. That’s a nice discount compared to the newest iPad, which starts at $349. Granted, the battery replacement on this device is rated as “difficult” by iFixit, and there’s no telling how much longer apps will be supported on it, so you’ll have to decide for yourself if that discount is worth it.
EarPods seem to be officially over. These were Apple’s wired headphones before AirPods, which transitioned to Lightning and USB-C varieties once the headphone jack was gone and somehow survived the wireless explosion till recently. Major retailers have already stopped stocking them (some exceptions exist, like Best Buy and Amazon), but the fact that you can’t find them on Apple’s website says it all. And that’s a shame, because Apple EarPods still have promise for those who miss their headphone jacks.
These definitely aren’t the best earbuds or IEMs that you can buy, but at the roughly $20 price point they sell for, they still surprise with their simplicity and performance. Some people praise them even today. You’d have to deal with the annoying trade-off of not being able to charge your iPhone when they’re plugged in, sure, but you’d have a pair of wired earbuds that work with laptops, handheld game consoles, and anything else that has a spare USB-C port — or a headphone jack, if you get the 3.5mm model of EarPods.
All the benefits of wired earbuds apply: no batteries to charge, no easily dropped and lost AirPods, no Bluetooth connection woes, just hassle-free music and calls. Another area where EarPods hold their own is microphone quality. It’s astoundingly good even if you leave it dangling below your chin where it normally is, and gives the top-end AirPods Pro 3 a run for their money. I’d personally recommend grabbing a budget pair of IEMs near that $20 price point before EarPods, but if you find them, they’re more than worth the price of entry.
Authorities in the Netherlands said they dismantled a botnet that comprised more than 17 million devices and were managed by 200 servers in a joint operation by the police and the National Cyber Security Center.
The action, announced Thursday, came about after a security researcher reported the sprawling network to authorities. The host infrastructure was located in the Netherlands.
“The police then seized several botnet servers from a hosting provider for investigation,” the NCSC said. “The botnet was taken offline by the provider because it was used for criminal purposes.”
According to a report Thursday by the NL Times, the botnet was linked to ASOCKS, a Russia-based company that provides residential proxy services. These services cater to people and organizations who want to obscure their locations or identities by proxying their Internet traffic through third-party devices. Proxy services are often used for illicit or unethical purposes such as performing DDoS attacks, running botnet command-and-control servers, operating phishing operations, and scraping website content.
Ars was unable to independently confirm the NL Times report, but the claim checks out. Thursday’s NCSC post linked to a separate post that the nonprofit organization published a day earlier. That post, in turn, was updated to add a link to Thursday’s post. Wednesday’s post, headlined “Residential proxies and their major impact on digital security in the Netherlands,” warned: “Residential proxies are used to maintain anonymity and circumvent geographical restrictions. In this way, a Dutch organization can be attacked with Dutch proxies that have similarities with ‘regular’ traffic, making cybercrime mitigation more difficult.”
The web browser has been the default interface for accessing online information for decades, but AI search is starting to change that assumption. Tools like Microsoft Copilot already let users ask plain-language questions and receive direct answers, bypassing the traditional results page entirely.
NLWeb is Microsoft’s attempt to extend that shift down to the website level itself. Announced at Build 2025, it’s an open protocol that lets any web property respond to natural language queries without a search engine acting as an intermediary.
Whether Build 2026 marks a meaningful step forward for NLWeb’s adoption, or confirms that it’s still an experiment in search of a standard, is worth paying close attention to. Here’s what we know so far.
NLWeb stands for Natural Language Web. It’s an open-source project from Microsoft that allows any website to accept and respond to natural language queries, turning a standard web property into what Microsoft describes as an AI-powered app.
The project was conceived and built by R.V. Guha, who joined Microsoft as CVP and Technical Fellow. Guha’s background in web infrastructure matters here: he created RSS, RDF, and Schema.org, three formats that now underpin how structured content is shared and indexed across much of the web.
Microsoft introduced NLWeb at Build 2025 in May 2025 and drew a direct comparison to HTML’s role in making website creation accessible. That framing is ambitious, and worth holding lightly. HTML solved the problem of publishing content; NLWeb is attempting to solve how both humans and AI agents query that content once it’s published.
What distinguishes NLWeb from a standard chatbot widget is that every NLWeb endpoint also runs as a Model Context Protocol (MCP) server. MCP is an open standard that Anthropic originally developed in November 2024 for connecting AI systems to external data sources, and it has since gained widespread industry adoption. By building NLWeb on top of MCP, Microsoft is wiring website content directly into the broader ecosystem of AI agents.
Early adopters include Shopify, TripAdvisor, Eventbrite, O’Reilly Media, Hearst properties like Delish, Chicago Public Media, and Common Sense Media. The pattern across those names is clear: well-organized sites with structured catalogs of content, the kind that maps cleanly onto the web formats NLWeb depends on.
NLWeb sits on top of structured data that most websites already publish. It reads formats like Schema.org and RSS, which are in use across more than 100 million websites according to the project’s documentation, and adds a natural language layer on top of them using a large language model of the developer’s choice.
The protocol exposes two endpoints. The /ask endpoint handles natural language queries from human users via JSON over REST, returning structured Schema.org JSON responses. The /mcp endpoint implements an MCP server, allowing external AI agents to connect to the site and query its content programmatically on terms the publisher controls.
When a query arrives at /ask, NLWeb doesn’t hand it to a single LLM call. It breaks the query into multiple parallel processing steps: decontextualizing the query, retrieving relevant content from a vector database, and using the LLM to rank and generate the final response. This pattern of many focused model calls rather than one large prompt produces more consistent results than a single-pass approach.
The /ask endpoint also maintains chat history within a session, so follow-up questions can build on earlier ones without forcing the user to re-establish context. That’s a practical difference from keyword search, where each query starts from scratch regardless of what came before.
Because NLWeb is technology-agnostic, you’re not locked into any specific model, infrastructure provider, or operating system. The project’s GitHub repository provides a Python reference implementation and quickstart guides, with support for all major vector databases and LLM endpoints.
Build 2026 takes place June 2-3 at Fort Mason Center in San Francisco, marking a notable venue shift from the Seattle Convention Center that has hosted the conference for most of the past decade. Microsoft has described this year’s event as deliberately “no-fluff,” with a focus on technical depth over broad-audience announcements.
The session catalog spans over 90 entries organized across seven tracks: Agents and Apps, Azure AI Platform / Azure AI Foundry, GitHub and developer productivity, Microsoft Fabric, Responsible AI, Windows, and Working with Models. NLWeb is most directly connected to the Agents and Apps track, which is expected to cover MCP tooling updates given Microsoft’s ongoing investment in that protocol.
NLWeb was announced just over a year ago, which means Build 2026 is the first major conference where the protocol can be evaluated against documented real-world deployment rather than potential. Cloudflare added native NLWeb support via its AutoRAG infrastructure in early 2026, offering a managed deployment path rather than a manual integration, which is a signal that the ecosystem is beginning to solidify.
Microsoft joined the MCP Steering Committee at Build 2025 and contributed an updated authorization specification and the design of an MCP server registry service. Any further updates to MCP governance, agent discovery, or server orchestration at Build 2026 will have direct implications for NLWeb, given how tightly the two protocols are coupled.
The opening keynote from CEO Satya Nadella is where Microsoft typically frames its platform-level priorities. At Build 2025, Nadella characterized the event as marking “the age of AI agents.” Whether NLWeb receives dedicated keynote attention in 2026 or surfaces primarily through breakout sessions, it sits squarely within what the conference catalog describes as its central theme: moving AI agent development from announced to production-ready.
For developers building on the web, NLWeb creates practical pressure to audit how structured your site’s data actually is. The protocol performs best with content organized as lists of items: products, events, recipes, reviews. Sites with poor or missing semantic markup will get noticeably weaker results, because NLWeb’s retrieval layer depends on the Schema.org annotations many publishers have underinvested in.
But more importantly, NLWeb blurs the boundary between a website and an API. Running an NLWeb endpoint means your site becomes queryable by external AI agents, not just human visitors with a browser, which raises governance questions about which agents can access your content, at what rate, and on what terms.
On the tooling side, Microsoft has been expanding Azure AI Foundry and its MCP-related developer infrastructure, both of which are expected to feature at Build 2026. For developers who want to add NLWeb to an existing property today, the reference implementation on GitHub is the clearest starting point, with Cloudflare’s AutoRAG integration now offering a more managed path to deployment for teams that don’t want to handle the underlying infrastructure themselves.
A space-themed White House website that mocks immigrants and compares them to extraterrestrials claims Immigration and Customs Enforcement has arrested almost half a million people in nearly 12,000 cities and towns in the United States. In 715 of the locations listed, the site identifies at least one of the people arrested as being born in the United States. In 83 of the locations, every single arrestee is reported to be an American.
The White House unveiled the website, Aliens.gov, on Thursday after teasing the launch on X with a 10-second video captioned “They walk among us,” leading many users to suspect an announcement about UFOs—the subject of an ongoing Trump administration disclosure effort that produced two releases of declassified files earlier in May. The site turned out instead to be a piece of political theater aimed at dehumanizing immigrants and casting those the Trump administration has arrested as the secret extraterrestrial visitors of UFO conspiracy lore.
The site includes information about arrestees’ alleged criminal offenses for each location. People in 3,159 locations are accused of “Immigration.” In 1,082 locations—including Chicago and Minneapolis—at least one of the crimes supposedly committed by the arrestees is “Public Peace,” a category of convictions that includes unlawful assembly and disorderly conduct.
In more than one-fifth of the locations the site flags as the site of an arrest, no criminal charges are recorded. Puerto Rico, a US territory whose residents are American citizens, is mapped on the site as a separate jurisdiction; in one row, the site lists Puerto Rico itself among the foreign countries the arrestees came from.
In a statement provided post-publication, the White House said aliens.gov “pulls data directly from DHS, which initially included a handful of non-immigration HSI arrests,” adding that “this has been updated.” HSI, or Homeland Security Investigations, is a part of ICE. WIRED reviewed the updated data and found there were 270,214 fewer arrests listed.
The Trump administration has repeatedly claimed that ICE is going after the “worst of the worst,” but that framing has collapsed under the weight of ICE’s own data, pried loose by a range of government watchdog organizations, such as TRAC and the Deportation Data Project. An April report from the Deportation Data Project found that ICE arrests of people without any criminal convictions has skyrocketed compared to the six months prior to the start of the Trump administration. In October, ProPublica reported that immigration agents have held or detained more than 170 US citizens.
Some of the locations listed on Aliens.gov don’t appear to be cities or towns at all. One “neighborhood” in the dataset is an address in Ohio that corresponds to that of a state-run prison.
The website was originally registered by the Executive Office of the President in March, according to 404 Media. At the time, there was speculation that the website would host records about extraterrestrial life and UFOs, since President Trump had promised to release new information in a February Truth Social post. In anticipation, WIRED set up a script to monitor when the site went live.
One of the first things visitors to the site see is a counter labeled “encounters,” ostensibly indicating how many undocumented immigrants federal agents have arrested since Trump took office. The counter is fake. The starting number—3,129,580—is hand-typed into the website, and its upward motion is generated by a timer initiated by the visitor’s own browser, according to a WIRED analysis of the site’s code. The figure does not correspond to any enforcement total published by immigration authorities and is roughly seven times larger than the actual ICE arrest count since January 2025.
NYT Strands Answers May 24 2026 Revealed for Puzzle No. 812 Theme Summer Essentials
Bridgerton Season 5: Cast, Release Date And Everything We Know So Far
Robinhood crypto COO Tanya Denisova exits
Selena Gomez Reportedly Upset Over Benny Blanco’s Comments on Her ‘Terrible’ Diet
Microsoft’s quiet Claude Code retreat and the real cost of enterprise AI
Micron Crosses $1 Trillion Market Cap as AI Demand Reshapes Memory Sector
Israel says it has killed new Hamas military leader in Gaza City airstrikes
BTS Sells Out Four Las Vegas Shows at Allegiant Stadium for ARIRANG World Tour
The Samsung pay deal is the moment Korean unions changed register
Millions of AI agents imperiled by critical vulnerability in open source package
Westone Audio and Etymotic Acquired by Fidelity Collective in Major IEM Market Move
Waymo dominates autonomous vehicle registrations as Tesla trails behind
China assigns ID codes to 28,000+ humanoid robots
Nvidia (NVDA) CEO Calls on Super Micro to Strengthen Export Controls Amid Smuggling Probe
SpaceX’s $2 Trillion IPO: Why Tech Giants Nvidia (NVDA), Apple (AAPL), and Microsoft (MSFT) May Face Pressure
NASA taps Blue Origin to deliver lunar rovers for Moon Base initiative
Brian Armstrong Outlines Crypto Vision for the Future Financial System
‘Breaking Bad’ Star’s Easy-to-Binge 6-Part Crime Series Spin-Off Is Finally Heading to Free Streaming
Spain blocks prediction markets Polymarket Kalshi
Yatra Online, Inc. 2026 Q4 – Results – Earnings Call Presentation (NASDAQ:YTRA) 2026-05-25
You must be logged in to post a comment Login