Looking for the most recent Mini Crossword answer? Click here for today’s Mini Crossword hints, as well as our daily answers and hints for The New York Times Wordle, Strands, Connections and Connections: Sports Edition puzzles.

Need some help with today’s Mini Crossword? It’s a long one. Read on for all the answers. And if you could use some hints and guidance for daily solving, check out our Mini Crossword tips.

If you’re looking for today’s Wordle, Connections, Connections: Sports Edition and Strands answers, you can visit CNET’s NYT puzzle hints page.

Read more: Tips and Tricks for Solving The New York Times Mini Crossword

Let’s get to those Mini Crossword clues and answers.

Mini across clues and answers

1A clue: Person who likes things totally authentic, or not at all
Answer: PURIST

7A clue: ChatGPT’s company
Answer: OPENAI

8A clue: Chance for one’s kids to watch shows, perhaps
Answer: TVTIME

9A clue: Not in the closet
Answer: OUT

10A clue: Video game with falling pieces
Answer: TETRIS

13A clue: Dance fad of the mid-2010s that was paired with the “Whip”
Answer: NAENAE

14A clue: Wrestle
Answer: TUSSLE

Mini down clues and answers

1D clue: Collection of poker bets
Answer: POT

2D clue: Likes : Facebook :: ___ : Reddit
Answer: UPVOTES

3D clue: Tax filings
Answer: RETURNS

4D clue: The “A,” “O” or “C” of A.O.C.
Answer: INITIAL

5D clue: ___ Altman, C.E.O. of 7-Across
Answer: SAM

6D clue: Item of attire that might have a Windsor knot
Answer: TIE

10D clue: Explosive compound, for short
Answer: TNT

11D clue: Water, in French
Answer: EAU

12D clue: Notice
Answer: SEE

Mathieu Stern spotted an oddity one afternoon at a French flea market. Inside a simple blue canister sat a compact Foth 50 millimeter f 2.5 lens from the late 1920s. Three euros later it was his. The optic had come from a Foth Derby folding camera built for 127 roll film, a model once positioned as a rival to early Leica designs. It even showed up in a few motion pictures from that period, including work tied to Alfred Hitchcock.

Mathieu considered rehousing this lens in his Sony FX3 movie camera, which has a quite thorough 4K full frame sensor. The problem was that the lens itself lacked both aperture control and a proper focusing system, which had been missing for years and had long ago vanished. Early experimentation involved using a bizarre elcoid adapter with an added bit of aperture stuck just behind the elements, and while this should have given Mathieu plenty of light control in theory, it ended up introducing heavy vignetting in practice, simply because the lens barrel was a little too narrow to accommodate the setup comfortably.

Sale

Xtra Muse, Vlogging Camera with 1” CMOS & 4K/120fps Videos, Pocket Camera with 3-Axis Gimbal Stabilizer…

• Cinematic-Style Footage – Experience the power of Xtra Muse’s 1-inch CMOS sensor, capable of recording breathtaking 4K resolution videos at 120fps…
• Ultra-Steady Shooting – No more shaky videos! Xtra Muse’s advanced 3-axis gimbal camera stabilizer ensures exceptional smoothness. Enjoy smooth…
• Effortless Framing – Enjoy Xtra Muse’s expansive 2-inch touch screen, and switch between horizontal and vertical shooting effortlessly.

He then tried another approach, using a Fotodiox macro adapter developed for use with Sony E-mount cameras. This useful piece of equipment contains a built-in helicoid for focus adjustments, as well as a clever drop-in slot for accepting neutral density filters when necessary. This combination resolved both the exposure and focusing difficulties in one step. On bright days, the filters helped keep objects from blowing out, and the helicoid allowed him to dial in sharp focus down to 30 cms or even 20 cms when he ventured into macro photography.

Once he had the lens fitted and balanced, he could truly put the camera through its paces. He began framing everyday scenes and letting the vintage lens do its thing. Sharpness was rather amazing in the center of the frame and across the sensor, but as you approached the edges, the image softened in a gradual, fluid manner that naturally leads the attention to the topic. Out-of-focus highlights become a gentle swirl rather than the overly convoluted jumble that is so common with current optics. Uncoated glass parts disperse incoming light somewhat, giving bright regions a subtle, warm glow that feels alive rather than cold and sterile.

The low light clips were really impressive. The fast f2.5 aperture, along with the FX3 sensor, handled low-light circumstances with ease, without injecting any unwanted high ISO noise into the image. The color reproduction was beautiful and deep, similar to what you’d expect when discussing archival footage. Mathieu equated the experience to having a window into the past while continuously filming the present. He processed the clip in Adobe Premiere Pro and added a few of his bespoke LUT packs to adjust the tones somewhat. The final clips have a distinct flavor that makes modern zoom lenses appear drab in contrast. People watching the results frequently pause and repeat key sections to have a better look at how the light falls and how backgrounds fade away.
[Source]

Apple retailers are embroiled in a MacBook Pro price war this weekend, offering a $200 discount on the 1TB M5 14-inch model with an upgrade to 24GB of memory.

You can pick up the 1TB 14-inch MacBook Pro with 24GB of RAM for $1,699 at Amazon and B&H Photo. This reflects a $200 discount off MSRP.

Buy M5/24GB/1TB MacBook Pro for $1,699

Apple recently made an update to make 1TB of storage standard in the MacBook Pro range, eliminating the 512GB SSD option. This model has a bump up to 24GB of memory, which is 8GB more than the standard 16GB found in the entry model.

According to our M5 MacBook Pro Price Guide, Amazon and B&H’s $200 discount delivers the lowest price for the upgraded spec (model number MDE34LL/A).

You can also save on the 2026 MacBook Pro with an M5 Pro or M5 Max chip, which was released in March, with both 14-inch and 16-inch configs marked down. A highlight of the best MacBook Pro deals available today can be found below, with a full rundown of offers in our MacBook Pro Price Guide.

14-inch MacBook Pro M5 deals

14-inch MacBook Pro M5 Pro and M5 Max sale

• M5 Pro, 15C CPU, 16C GPU, 24GB, 1TB, Standard Display: $1,986.50 ($213 off)
• M5 Pro, 15C CPU, 16C GPU, 24GB, 2TB, Standard Display: $2,397 ($203 off)
• M5 Pro, 18C CPU, 20C GPU, 24GB, 2TB, Standard Display: $2,639.99 ($160 off)
• M5 Max, 18C CPU, 32C GPU, 36GB, 2TB, Standard Display: $3,359 ($240 off)

16-inch MacBook Pro M5 Pro and M5 Max discounts

• M5 Pro, 18C CPU, 20C GPU, 24GB, 1TB, Standard Display: $2,549 ($150 off)
• M5 Pro, 18C CPU, 20C GPU, 48GB, 1TB, Standard Display: $2,899 ($200 off)
• M5 Max, 18C CPU, 32C GPU, 36GB, 2TB, Standard Display: $3,699 ($200 off)
• M5 Max, 18C CPU, 40C GPU, 48GB, 2TB, Standard Display: $4,199 ($200 off)

Anthropic created the Model Context Protocol as the open standard for AI agent-to-tool communication. OpenAI adopted it in March 2025. Google DeepMind followed. Anthropic donated MCP to the Linux Foundation in December 2025. Downloads crossed 150 million. Then four researchers at OX Security found an architectural problem that affects all of them.

MCP’s STDIO transport, the default for connecting an AI agent to a local tool, executes any operating system command it receives. No sanitization. No execution boundary between configuration and command. A malicious command returns an error after the command has already run. The developer toolchain raises no flag.

OX Security researchers Moshe Siman Tov Bustan, Mustafa Naamnih, Nir Zadok and Roni Bar scanned the ecosystem and found 7,000 servers on public IPs with STDIO transport active — and estimate 200,000 total vulnerable instances extrapolated from that ratio. They confirmed arbitrary command execution on six live production platforms with paying customers. The research produced more than 10 CVEs rated high or critical across LiteLLM, LangFlow, Flowise, Windsurf, Langchain-Chatchat, Bisheng, DocsGPT, GPT Researcher, Agent Zero, LettaAI and others.

Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster University, independently told Infosecurity Magazine the research exposed “a shocking gap in the security of foundational AI infrastructure.”

Anthropic confirmed the behavior is by design and declined to modify the protocol — characterizing STDIO’s execution model as a secure default and input sanitization as the developer’s responsibility. That characterization comes from OX; the only word Anthropic explicitly stated on the record is “expected.” Anthropic has not issued a standalone public statement and did not respond to VentureBeat’s request for comment.

OX says expecting 200,000 developers to sanitize inputs correctly is the problem. Anthropic’s strongest technical counter: sanitizing STDIO would either break the transport or move the payload one layer down. Both positions are technically coherent. The question is what to do while that debate plays out.

Every major outlet covered the disclosure. None built the prescriptive product-by-product audit a security director needs to triage her own MCP deployments. This piece does.

Five questions determine whether your MCP deployments are exposed, whether your patches hold, and what to do Monday morning.

Am I exposed?

If your teams deployed any MCP-connected AI agent using the default STDIO transport, yes. The insecurity is not a coding bug in any single product. It is a design default in Anthropic’s MCP specification that propagated into every official language SDK: Python, TypeScript, Java, and Rust. Every downstream project that trusted the protocol inherited it.

OX identified four exploitation families. Unauthenticated command injection through AI framework web interfaces, demonstrated against LangFlow and LiteLLM. Hardening bypasses in tools that implemented command allowlists, demonstrated against Flowise and Upsonic, where OX bypassed the allowlist through argument injection (npx -c). Zero-click prompt injection in AI coding IDEs, where malicious HTML modifies local MCP configuration files. Windsurf (CVE-2026-30615) was the only IDE where exploitation required zero user interaction, though Cursor, Claude Code, and Gemini-CLI are all vulnerable to the broader family. And malicious package distribution through MCP registries, where OX submitted a benign proof-of-concept to 11 registries, and nine accepted it without security review.

Carter Rees, VP of AI and Machine Learning at Reputation and member of the Utah AI Commission, told VentureBeat the framing needs to change entirely. “MCP stdio is a privileged execution surface, not a connector. Enterprise teams should treat it like production shell access. Deny by default, allowlist, sandbox and stop assuming downstream input validation will hold at scale,” Rees said.

The IDE family deserves particular attention because it hits developer workstations, not servers. A developer who visits an attacker-controlled website can trigger a modification to their local MCP configuration file — and in Windsurf’s case, the change executes immediately with no approval prompt. Cursor, Claude Code and Gemini-CLI require some form of user interaction, but if the UI presents a configuration change without surfacing the execution consequence, clicking ‘approve’ does not constitute informed consent.

Did my vendor patch?

Some did. Some partially. Some have not confirmed. The matrix below maps each affected product against the exploitation family, patch state, and the gap that remains. The critical column is “Protocol fix?” Every row says no.

Does the flaw survive the patch?

Yes. Every product-level patch in the matrix addresses the specific entry point in that product. None of them changes the MCP protocol’s STDIO behavior. A security director who patches LiteLLM today and configures a new MCP STDIO server tomorrow will inherit the same insecure default on the new server. The patches are necessary. They are not sufficient.

This was predictable. When VentureBeat first reported on MCP’s security flaws in January, Merritt Baer, chief security officer at Enkrypt AI and former deputy CISO at AWS, warned: “MCP is shipping with the same mistake we’ve seen in every major protocol rollout: insecure defaults. If we don’t build authentication and least privilege in from day one, we’ll be cleaning up breaches for the next decade.” The Cloud Security Alliance independently confirmed OX’s findings in a separate research note and recommended organizations treat MCP-connected infrastructure as an active, unpatched threat. The defaults did not change. The attack surface grew.

Rees argued that Anthropic’s position, while internally consistent, does not survive contact with enterprise reality. “It stops being a developer mistake and starts being a distributed failure mode when the same class of failure reproduces across that many independent implementations,” he told VentureBeat. “Guidance is not an architectural control. Relying on thousands of downstream implementers to consistently interpret a trust boundary is a known anti-pattern in enterprise security.”

Anthropic updated its SECURITY.md file nine days after OX’s initial contact in January 2026 to note that STDIO adapters should be used with caution, but made no architectural changes. The researchers’ assessment of that update: “This change didn’t fix anything.”

Rees took a more measured view. “It’s worth giving Anthropic credit where it’s due,” he told VentureBeat. “After the disclosure, they updated their security guidance to recommend caution with stdio adapters. That’s a meaningful step even if researchers argue it falls short of a protocol-level fix.”

What changed at the protocol level?

Nothing architectural. Anthropic has not implemented manifest-only execution, a command allowlist in the official SDKs, or any other protocol-level mitigation. OX recommended all three. The SECURITY.md guidance update was the only change. OX’s research began in November 2025 and included more than 30 responsible disclosure processes across the ecosystem before the April 15 publication.

The disagreement is substantive. Anthropic’s architectural argument deserves its full weight. STDIO is a local subprocess transport designed to launch processes on the machine that configured it. The trust boundary, in Anthropic’s model, sits with whoever controls the configuration file. If you can write to the MCP config, you are by definition someone authorized to execute commands on that machine. Under that logic, what looks like command injection is a feature working as intended. Restricting what STDIO can launch at the protocol level would either break the transport’s core function, since its purpose is to launch arbitrary local processes, or displace the attack surface into the launched process itself. The unopinionated-standard argument is also defensible: a universal protocol that hard-codes execution constraints stops being universal. OX’s counter, from their advisory: “Shifting responsibility to implementers does not transfer the risk. It just obscures who created it.”

Do not wait for a protocol-level fix. Treat every MCP STDIO configuration as an untrusted input surface, regardless of which product it sits inside.

Monday morning remediation sequence

Enumerate. Identify every MCP server deployment across dev, staging, and production. Search for MCP configuration files (mcp.json, mcp_config.json) in developer home directories and IDE config paths (~/.cursor/, ~/.codeium/windsurf/, ~/.config/claude-code/). List running processes that match MCP server binaries. Flag any using STDIO transport with public IP accessibility. OX found 7,000 on public IPs. Your environment may have instances you do not know about.

Patch. Pin every affected product to its patched release. LiteLLM v1.83.7-stable includes the fix for CVE-2026-30623. DocsGPT, Flowise, and Bisheng have also shipped fixes. Windsurf and Langchain-Chatchat remain in reported state as of May 1, 2026. Cursor was patched against an earlier related disclosure (CVE-2025-54136) but inherits the same protocol default. Check each vendor’s advisory in the morning you execute this step.

Sandbox. Isolate every MCP-enabled service from the host operating system. Never give a server full disk access or shell execution privileges. The Flowise/Upsonic allowlist bypass proves that restricting commands alone is not enough.

Audit registries. Review every MCP server installed from a third-party registry. Nine of 11 registries accepted OX’s proof-of-concept without a security review. Use registries with documented submission review processes. Remove any MCP server whose origin you cannot verify.

Treat STDIO config as untrusted. This step survives every future patch and every future product. The protocol-level default has not changed. Every STDIO server definition is a command execution surface. Treat it the same way you treat user input to a database query: assume it is hostile until validated.

Your exposure cannot wait for a protocol fix

Anthropic and OX Security disagree on where the responsibility for securing MCP’s STDIO transport belongs. That disagreement will not be resolved this week. What can be resolved this week is whether your MCP deployments are enumerated, patched, sandboxed, and treated as the untrusted execution surfaces they are.

As Rees put it: “The core question here is architectural policy, not exploit payloads.” Baer warned in January that insecure defaults would produce exactly this outcome. OX documented 200,000 servers running with a configuration field that doubles as an execution surface. The protocol’s designer says it is working as intended. Your Monday morning question is not who is right. It is which of your servers are exposed.

OpenAI is ready to target free users of its services with advertisements around the web, based on what it knows about them.

On Thursday, OpenAI sent an email to users laying out major changes to the AI company’s privacy policy in the US. “We’ll now use cookies to promote OpenAI products and services on other websites,” reads the email sent on April 30. “This does not impact your conversations in ChatGPT. Your conversations with ChatGPT are private and are not shared with marketing partners.” Cookies store information in users’ browsers as they explore the web.

Chats with the bot aren’t shared with third parties. Even so, details OpenAI collects as users interact with its services may soon be used to market those same services, like ChatGPT, outside the platform. This appears to be targeted at converting free users (WIRED found that marketing settings were “on” by default) and seeing how effective its ads are at conversions.

The move comes as OpenAI looks to expand its own advertising network inside ChatGPT. The company started rolling out ads at the bottom of ChatGPT outputs for US users in February. Competitors including Google are exploring how ads can be woven into the user experience of generative AI tools and features.

“Nothing about our policy of not sharing people’s conversations or other private user content with advertisers has changed,” says OpenAI spokesperson Taya Christianson. “Like many companies, OpenAI works with select marketing partners to help people learn about our products on third-party websites and apps, and we updated our privacy policy to clarify how this works. We do not share your conversations with these marketing partners. To make OpenAI marketing efforts more relevant and measure their effectiveness, we may share limited identifiers, such as cookie IDs or device IDs, and users can opt out at any time in settings.”

To help you better understand what recently changed, WIRED compared the new privacy policy to a previous version saved from OpenAI’s website earlier this month. The biggest change revolves around how your data is shared for marketing purposes.

Courtesy of Reece Rogers

Data Usage Now Includes Third-Party Promotions

In the Disclosure of Personal Data section, OpenAI expanded the paragraph detailing how it discloses personal data. OpenAI now says it may share “limited information” with partners to promote services like ChatGPT and Codex off of OpenAI’s platforms.

The company details this change in a new help page. It says it might send identifiers, such as users’ email addresses or cookie IDs, to advertising platforms. That way, OpenAI can check whether users have taken specific actions—like signing up for its Codex tool after they get shown an ad for it on Instagram.

Users can opt out of this kind of tracking by going to Settings > Data Controls > Marketing Privacy on the ChatGPT site. WIRED tested two free accounts and found that those settings were on by default. The two paying accounts WIRED checked, one Plus and the other Enterprise, did not have it on by default.

Old Privacy Policy

We disclose your Personal Data in the following circumstances:

Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we disclose Personal Data to vendors and service providers, including providers of hosting services, customer service vendors, cloud services, content delivery services, support and safety services, email communication software, web analytics services, payment and transaction processors, search and shopping providers, marketing service providers, and information technology providers. We also work with service providers who help us with age and identity verification, and you can learn more here⁠. Based on our instructions, these parties will access, process, or store Personal Data only in the course of performing their duties to us.

New Privacy Policy

We disclose your Personal Data in the following circumstances:

Vendors, Service Providers, and Marketing Partners: To assist us in meeting business operations needs and to perform certain services and functions, we disclose Personal Data to vendors, service providers, and marketing partners, including providers of hosting services, customer service vendors, cloud services, content delivery services, support and safety services, email communication software, web analytics services, payment and transaction processors, search and shopping providers, and information technology providers. We also work with service providers who help us with age and identity verification, and you can learn more here⁠⁠. When we work with Service Providers, these parties will access, process, or store Personal Data based on our instructions and only in the course of performing their duties to us. We also share limited information with select marketing partners who are not service providers in order to promote our products and services on third-party properties and help us assess the effectiveness of those efforts. Some of these partners may receive information through cookies and similar technologies. Learn more about these practices and the choices available to you here⁠.

Assurance About ‘Sensitive Personal Data’ Removed in Error

OpenAI categorizes many different types of information as a user’s “Personal Data,” including birth dates, payment information, and any prompts a user might have written. In its privacy policies, it doesn’t explain which types of this data it considers “sensitive,” but OpenAI does promise that it doesn’t use this information to infer characteristics about consumers.

A sentence regarding “sensitive Personal Data” was briefly absent from the Privacy Policy on Friday as WIRED accessed the updated document. When WIRED reached out to OpenAI for comment, the company claimed this removal was an error and added a similar sentence back, in a different paragraph.

Looking for the most recent regular Connections answers? Click here for today’s Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle and Strands puzzles.

Today’s Connections: Sports Edition features a mix of difficulty. If you’re struggling with today’s puzzle but still want to solve it, read on for hints and the answers.

Connections: Sports Edition is published by The Athletic, the subscription-based sports journalism site owned by The Times. It doesn’t appear in the NYT Games app, but it does in The Athletic’s own app. Or you can play it for free online.

Read more: NYT Connections: Sports Edition Puzzle Comes Out of Beta

Hints for today’s Connections: Sports Edition groups

Here are four hints for the groupings in today’s Connections: Sports Edition puzzle, ranked from the easiest yellow group to the tough (and sometimes bizarre) purple group.

Yellow group hint: Steel City sports.

Green group hint: Baseball info.

Blue group hint: She shoots, she scores!

Purple group hint: Giddy up!

Answers for today’s Connections: Sports Edition groups

Yellow group: A Pittsburgh athlete.

Green group: Seen on an MLB scorebug.

Blue group: Teams in the PWHL playoffs.

Purple group: Horse racing Triple Crown winners.

Read more: Wordle Cheat Sheet: Here Are the Most Popular Letters Used in English Words

What are today’s Connections: Sports Edition answers?

The yellow words in today’s Connections

The theme is a Pittsburgh athlete. The four answers are Panther, Penguin, Pirate and Steeler.

The green words in today’s Connections

The theme is seen on an MLB scorebug. The four answers are count, inning, outs and score.

The blue words in today’s Connections

The theme is teams in the PWHL playoffs. The four answers are Charge, Fleet, Frost and Victoire.

The purple words in today’s Connections

The theme is horse racing Triple Crown winners. The four answers are Affirmed, Citation, Justify and Whirlaway.