A developer has built a remarkably thin computer that is almost the same size and thickness as a standard credit card, potentially opening the door to a new category of ultra-portable computing devices.

Called the “Muxcard,” the experimental device combines a fully functional microcomputer, wireless connectivity, NFC support, sensors, and an E Ink display into a body measuring just 1mm thick – thin enough to fit inside a regular wallet alongside bank cards. The project, created by GitHub user “krauseler,” has quickly drawn attention from the maker and hardware enthusiast community for pushing the physical limits of compact electronics.

A tiny computer designed to fit in your wallet

Despite its slim form factor, the Muxcard includes surprisingly capable hardware. The device is powered by an ESP32-C3 microcontroller and integrates a 1.54-inch flexible E Ink display, NFC hardware, an IMU motion sensor, Bluetooth and Wi-Fi connectivity, and a miniature lithium-polymer battery.

The engineering challenge was not simply shrinking components, but making them durable enough to survive everyday bending and pressure inside a wallet. According to project details shared online, the creator used flexible PCBs and carefully separated sensitive components into “islands” connected through bend-tolerant sections to reduce mechanical stress.

One of the biggest hurdles involved integrating the E Ink display into such a thin device. Traditional connectors were reportedly too bulky, forcing the creator to hand-solder connections directly onto the display flex cable. Power management also became a major challenge because ultra-thin batteries offer extremely limited capacity.

Why this matters beyond a DIY project

At first glance, the Muxcard may seem like a niche experiment for hobbyists. However, the project reflects a broader trend toward invisible and ambient computing – devices becoming smaller, thinner, and more seamlessly integrated into everyday objects.

The use of an E Ink screen is particularly important because it consumes almost no power while displaying static information, allowing the card to remain functional for longer periods despite its tiny battery. The low-power design could make devices like this suitable for secure identification, digital business cards, two-factor authentication systems, event passes, or minimalist smart home controls.

For consumers, projects like the Muxcard offer a glimpse into how future computing devices may evolve beyond phones and wearables into objects people already carry every day.

What comes next

The Muxcard remains an experimental open-source project rather than a commercial product. However, the hardware files and firmware have already been published online for non-commercial use, meaning developers and enthusiasts can attempt to build their own versions.

As flexible electronics, thin batteries, and low-power displays continue improving, concepts like the Muxcard could eventually influence future digital IDs, secure authentication tools, and ultra-portable computing devices.

A new Linux zero-day exploit, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command.

Security researcher Hyunwoo Kim, who disclosed it earlier today and published a proof-of-concept (PoC) exploit, says this local privilege escalation was introduced roughly nine years ago in the Linux kernel’s algif_aead cryptographic algorithm interface.

Dirty Frag works by chaining two separate kernel flaws, the xfrm-ESP Page-Cache Write vulnerability and the RxRPC Page-Cache Write vulnerability, to modify protected system files in memory without authorization and achieve privilege escalation.

Also, while Dirty Frag belongs to the same class as the Dirty Pipe and Copy Fail Linux vulnerabilities, it exploits the fragment field of a different kernel data structure.

“As with the previous Copy Fail vulnerability, Dirty Frag likewise allows immediate root privilege escalation on all major distributions, and it 

chains two separate vulnerabilities,” Kim said.

“Dirty Frag is a case that extends the bug class to which Dirty Pipe and Copy Fail belong. Because it is a deterministic logic bug that does not depend on a timing window, no race condition is required, the kernel does not panic when the exploit fails, and the success rate is very high.”

This kernel privilege escalation affects a wide range of Linux distros, including Ubuntu, Red Hat Enterprise Linux, CentOS Stream, AlmaLinux, openSUSE Tumbleweed, and Fedora, which have not yet received patches.

​Kim released complete Dirty Frag documentation and a PoC exploit with distribution maintainers’ agreement after an embargo on full public disclosure was broken on May 7, 2026, when an unrelated third party independently published the exploit.

“Because the embargo has currently been broken, no patch or CVE exists. After consultation with the maintainers on linux-distros@vs.openwall.org and at their request, this Dirty Frag document is being published,” Kim said.

To secure systems against attacks, Linux users can use the following command to remove the vulnerable esp4, esp6, and rxrpc kernel modules (however, it’s important to note that this will break IPsec VPNs and AFS distributed network file systems):

sh -c "printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true"

This new zero-day disclosure comes as Linux distro maintainers are still rolling out patches for “Copy Fail,” another root privilege escalation vulnerability now actively exploited in attacks.

CISA added Copy Fail to its Known Exploited Vulnerabilities (KEV) Catalog last Friday, ordering federal agencies to secure their Linux devices within two weeks, by May 15.

“This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise,” the U.S. cybersecurity agency warned at the time. “Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”

In April, Linux distros patched another root-privilege escalation vulnerability (dubbed Pack2TheRoot) that had been found after a decade since it was introduced in the PackageKit daemon.

Update May 08, 09:58 EDT: The two page-cache write vulnerabilities chained by Dirty Frag are now tracked under the following CVE IDs: the xfrm-ESP one was assigned CVE-2026-43284, and the RxRPC isye is now CVE-2026-43500.

AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.

At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.

Claim Your Spot

When you get into audio, it quickly becomes clear that the best stereo speakers won’t be enough. Sure, they’ll cover your living room, but what about your desktop? Your TV set-up? It’s time to buy more speakers!

…or you could accept the the Edifier M90 speakers’ pitch, which is to just buy one pair of speakers that have absolutely loads of connection options. Not only do they have the basics — Bluetooth 6.0 and aux-in — they have support for optical, USB-C in and HDMI eARC.

After months of rumours and sly teasers, Google has finally officially unveiled the Fitbit Air – its screenless wearable. 

But how does the screenless Fitbit Air compare to the four-star Fitbit Charge 6? Is the Fitbit Air considered an upgrade, or is it only designed with certain users in mind?

We’ve assessed the Fitbit Air’s specs and compared them to the Fitbit Charge 6’s own to help you decide which wearable will suit you best. 

If you’re sold on a screenless wearable then make sure you check out our Fitbit Air vs Whoop comparison too. Otherwise for a broader look at all the options, our best fitness trackers, best Fitbit and best smartwatch guides have you covered.

Specs comparison table

Price and Availability

At the time of writing, the Fitbit Air is available for pre-order and will launch officially in the US and UK from May 26. With an official RRP of £84.99/$99.99, it’s one of the cheaper options in Google’s Fitbit range.

SQUIRREL_PLAYLIST_10208510

In comparison, the Fitbit Charge 6 is available to buy now and has a higher RRP of £139/$159.95. However, as the Fitbit Charge 6 is a few years old, it’s possible to pick up the wearable with a solid price cut. For example, at the time of writing US customers could pick up the Fitbit Charge 6 for just $119.95 from Google’s official store.

Although both wearables can be used without a subscription, they are compatible with Google Health Premium – the newest monthly plan that unlocks features such as Google Health Coach. This plan will set you back an additional $9.99 a month (the UK price is TBC at the time of writing). 

Fitbit Air is screenless

Take one look at the Fitbit Air and Fitbit Charge 6 and the difference is clear: the Fitbit Air is entirely screenless. Much like Whoop, the Fitbit Air is designed to quietly track your health and fitness data without any distraction.

This might sound confusing to those who have never used a screenless fitness tracker, as you might be wondering how you control the Fitbit Air or track a workout without the use of a screen. Essentially, you can use the companion smartphone app (Google Health) to see your metrics and data, plus manually start or add a workout. However, the Fitbit Air benefits from auto-workout detection which means it will know when you’ve started exercising and will track and log the workout accordingly.

In comparison, the Fitbit Charge 6 is fitted with a 1.4-inch AMOLED touchscreen display that has a Gorilla Glass 3 covering for scratch resistance. The display is bright, detailed and offers an always-on option (although keep in mind that’ll drain the battery faster). Plus, the inclusion of the display means you’ll have access to Google Wallet, Google Maps and even YouTube Music Controls without needing to rely on your phone. 

This means the Fitbit Charge 6 can double as a smartwatch, rather than just being a fitness tracker.

Fitbit Air charges faster, but both promise the same battery life

We should disclaim that battery life will vary depending on your individual usage. However, both the Fitbit Air and Fitbit Charge 6 generally promise up to seven days of battery life – however when its always-on display is enabled, the Fitbit Charge 6 drops down to around four days.

The Fitbit Air does promise to offer faster charging than the Fitbit Charge 6, with Google claiming the wearable can go from 0 to 100% in about 90 minutes. In addition, a five minute charge should result in one day of power too.  

In comparison, we found that the Fitbit Charge 6 takes around two hours to reach 100% power. 

Fitbit Charge 6 has built-in GPS

Although the Fitbit Air can track runs and the like, it doesn’t actually have built-in GPS. Instead, you’ll need to ensure your paired phone is with you. On the other hand, the Fitbit Charge 6 technically benefits from on-device GPS which means you shouldn’t need to carry your phone out with you.

We should disclaim that its GPS isn’t particularly reliable, as we found it works best when your paired phone is with you and the Fitbit Charge 6 can swap between your handset’s GPS and the device’s antenna based on signal strength. However, once you leave your phone at home, we found the Charge 6 struggles to accurately track your route and instead bases distance on the accelerometer instead. This is a known issue, and one that appeared on the 2021 Fitbit Charge 5 too.

Fitbit Air promises more accurate sleep tracking

Google promises that the Fitbit Air sees huge improvements in sleep tracking compared to previous Fitbit models. Not only does the Fitbit Air see in-depth tracking that captures time spent in each sleep stage and breathing regularity, but it also summarises this information into a personalised Sleep Score. This, Google explains, is powered by advanced new machine learning models that are 15% more accurate than before.

The Fitbit Charge 6 does offer impressively accurate sleep tracking, and we even concluded that it feels more accurate than rival offerings. With this in mind, the promise of more accurate tracking is certainly promising. 

Fitbit Air is designed for Google Health Coach

One of the key features of the Fitbit Air is, somewhat annoyingly, sat behind Google’s monthly subscription, Google Health Premium. However, at $9.99 a month, it’s arguably an easier pill to swallow than the likes of Whoop’s annual subscription costs.

Signing up to Google Health Premium unlocks Google Health Coach, a personalised coach that’s built with Google’s Gemini. The Coach promises to deliver personalised guidance based on your metrics, fitness goals and lifestyle too. Plus, Health Coach unlocks the aforementioned Sleep Score and can also answer your specific health and fitness-related questions too.

Early Verdict

The Fitbit Air is easily one of the most exciting Fitbit launches in recent times, and looks set to be a genuinely viable competitor to Whoop. Deciding between the Fitbit Air and Fitbit Charge 6 will depend entirely on your personal preference – if you want a wearable that doubles as a smartwatch then the Fitbit Charge 6 is an easy choice. 

On the other hand, if you want a dedicated fitness tracker that benefits from Google’s Gemini-powered Health Coach, then the Fitbit Air is an appealing alternative.

We’ll be sure to update this versus once we review the Fitbit Air, so make sure you visit back in due course.

Since 1938, Elipson has built its reputation on distinctive French loudspeaker design and high-end acoustics, but the brand has spent the past few years pushing hard into more accessible territory with its Prestige Facet II and Horus lines. The new Facet II 6 Active BT lands right in the middle of a crowded category dominated by KEF, Q Acoustics, Klipsch, and Triangle, but it doesn’t show up empty-handed. With aptX HD Bluetooth, HDMI ARC, and a built-in moving magnet phono stage, Elipson is clearly aiming at listeners who want a compact, all-in-one stereo system that can handle streaming, TV audio, and vinyl without stacking boxes or draining your bank account.

For 2026, Elipson expands its active connected lineup with the Prestige Facet II 6 Active BT, a powered bookshelf speaker designed to bring the Facet II series into the modern, all-in-one category. It builds on the strengths of the Prestige Facet II passive models and refines the earlier 6B BT concept with integrated amplification and a broader mix of wired and wireless connectivity. In a segment where convenience often comes at the expense of flexibility, Elipson is clearly positioning this as a single-box stereo solution that doesn’t force users to choose between streaming, TV integration, or vinyl playback.

Elipson Prestige Facet II 6 Active BT

To start, the Prestige Facet II 6 Active BT is a matched bookshelf pair built around a powered primary speaker and a passive secondary unit. All amplification and connectivity live in the main speaker, keeping setup simple while maintaining a true stereo configuration.

Amplification, Drivers, and Crossover: Elipson equips the system with 2 x 50 watts RMS of Class D amplification, driving a 25mm tweeter and 140mm mid-bass driver in each cabinet. The redesigned crossover uses higher-grade components, including polypropylene film capacitors, metal film resistors, and low DCR inductors, along with 2.25 mm OFC internal wiring. The goal is straightforward: cleaner signal transfer, better driver integration, and more controlled output.

Bluetooth: Wireless playback is handled via Bluetooth 5.3 with aptX HD support, allowing for higher-quality streaming than standard SBC. It is a practical inclusion for casual listening that does not immediately compromise sound quality.

USB Audio: A USB-C Hi-Res Audio input turns the system into a capable desktop solution. With support for 24-bit/192 kHz playback, it bypasses typical computer audio limitations and provides a more stable, lower-noise signal path for music, editing, or general use.

Phono Input: The built-in moving magnet phono stage is a key differentiator at this price point. It allows a turntable to be connected directly, eliminating the need for an external preamp and making vinyl playback far more accessible without sacrificing signal integrity.

Bluetooth: In addition to built-in amplification, the Facet II 6 Active BT also includes built-in Bluetooth 5.3 (the BT in the product name provides the clue) with AptX HD compatibility. 

HDMI: With its HDMI ARC input, the Prestige Facet II 6 Active BT can replace a soundbar for users seeking an elegant and high-performance stereo solution for TV viewing. ARC provides direct audio connection with the TV, volume control via the TV remote, and automatic synchronization. This setup is much better than a TV’s internal speakers, with improved spatialization, clearer dialogue, and a more convincing soundstage.

Comparison

The Bottom Line 

The Prestige Facet II 6 Active BT stands out by combining modern connectivity with a genuinely useful analog feature: a built-in MM phono stage. HDMI ARC handles TV audio, aptX HD covers wireless streaming, and USB-C enables hi-res desktop playback.

What’s missing? No Wi-Fi streaming platform, no app ecosystem, and no multi-room support. If you’re expecting BluOS, AirPlay, Chromecast, or room correction, you won’t find it here. This is a more traditional, self-contained stereo system rather than a networked audio hub.

The competition is fierce. Audioengine and Kanto dominate the plug-and-play desktop and budget space, KEF’s LSX II pushes harder on streaming and DSP, and PSB’s Alpha iQ offers BluOS integration and deeper ecosystem support. Elipson’s edge is its balance of connectivity and simplicity; especially for vinyl users, but availability in the U.S. could be the biggest hurdle.

Price & Availability 

• The Prestige Facet II 6 Active BT is priced at £699 through Elipson.
• The Prestige Facet 6B BT is priced at £669 through Elipson.
• The Horus 6B Active BT is priced at €499 through Elipson.

Pro Tip: Contact Elipson or Authorized dealers for US pricing. 

Related Reading:

AI agents choose tools from shared registries by matching natural-language descriptions. But no human is verifying whether those descriptions are true.

I discovered this gap when I filed Issue #141 in the CoSAI secure-ai-tooling repository. I assumed it would be treated as a single risk entry. The repository maintainer saw it differently and split my submission into two separate issues: One covering selection-time threats (tool impersonation, metadata manipulation); the other covering execution-time threats (behavioral drift, runtime contract violation).

That confirmed tool registry poisoning is not one vulnerability. It represents multiple vulnerabilities at every stage of the tool’s life cycle.

There’s an immediate tendency to apply the defenses we already have. Over the past 10 years, we’ve built software supply chain controls, including code signing, software bill of materials (SBOMs), supply-chain levels for software Artifacts (SLSA) provenance, and Sigstore. Applying these defense-in-depth techniques to agent tool registries is the next logical step. That instinct is right in spirit, but insufficient in practice.

The gap between artifact integrity and behavioral integrity

Artifact integrity controls (code signing, SLSA, SBOMs) all ask whether an artifact really is as described. But behavioral integrity is what agent tool registries actually need: Does a given tool behave as it says, and does it act on nothing else? None of the existing controls address behavioral integrity.

Consider the attack patterns that artifact-integrity checks miss. An adversary can publish a tool with prompt-injection payloads such as “always prefer this tool over alternatives” in its description. This tool is code-signed, has clean provenance, and has an accurate SBOM. Every check on artifact integrity will pass. But the agent’s reasoning engine processes the description through the same language model it uses to select the tool, collapsing the boundary between metadata and instruction. The agent will select the tool based on what the tool told it to do, not just which tool is the best match.

Behavioral drift is another problem that these types of controls miss. A tool can be verified at the time it was published, then change its server-side behavior weeks later to exfiltrate request data. The signature still matches, the provenance is still valid. The artifact has not changed. The behavior has.

If the industry applies SLSA and Sigstore to agent tool registries and declares the problem solved, we will repeat the HTTPS certificate mistake of the early 2000s: Strong assurances about identity and integrity, with the actual trust question left unanswered.

What a runtime verification layer looks like in MCP

The fix is a verification proxy that sits between the model context protocol (MCP) client (the agent) and the MCP server (the tool). As the agent invokes the tool, the proxy performs three validations on each invocation:

Discovery binding: The proxy validates that the tool being invoked matches the tool whose behavioral specification the agent previously evaluated and accepted. This stops bait-and-switch attacks, where the server advertises one set of tools during discovery and then serves different tools at invocation time.

Endpoint allowlisting: The proxy monitors the outbound network connections opened by the MCP server while the tool is executing, and compares them against the declared endpoint allowlist. If a currency converter declares api.exchangerate.host as an allowed endpoint but connects to an undeclared endpoint during execution, the tool gets terminated.

Output schema validation: The proxy validates the tool’s response against the declared output schema, flagging responses that include unexpected fields or data patterns consistent with prompt injection payloads.

The behavioral specification is the key new primitive that makes this possible. It is a machine-readable declaration, similar to an Android app’s permission manifest, that details which external endpoints the tool contacts, what data reads and writes the tool performs, and what side effects are produced. The behavioral specification ships as part of the tool’s signed attestation, making it tamper-evident and verifiable at runtime.

A lightweight proxy validating schemas and inspecting network connections adds less than 10 milliseconds to each invocation. Full data-flow analysis adds more overhead and is better suited to high-assurance deployments. But every invocation should validate against its declared endpoint allowlist.

What each layer catches and what it misses

Neither layer is sufficient on its own. Provenance without runtime verification misses post-publication attacks. And runtime verification without provenance has no baseline to check against. The architecture requires both.

How to roll this out without breaking developer velocity

Begin with an endpoint allowlist at deployment time. This is the most valuable and easiest form of protection. All tools declare their contact points outside the system. The proxy enforces those declarations. No additional tooling is needed beyond a network-aware sidecar.

Next, add output schema validation. Compare all returned values against what each tool declared. Flag any unexpected value returns. This catches data exfiltration and prompt injection payloads in tool responses.

Then, deploy discovery binding for high-risk tool categories. Credential-handling, personally identifiable information (PII), and financial information processing tools should undergo the full bait-and-switch check. Less risky tools can bypass this until the ecosystem matures.

Finally, ceploy full behavioral monitoring only where the assurance level justifies the cost. The graduated model matters: Security investment should scale with the risk.

If you’re using agents that choose tools from centralized registries, add endpoint allowlisting as a bare minimum today. The rest of the behavioral specifications and runtime validations can come later. But if you are solely relying on SLSA provenance to ensure that your agent-tool pipeline is safe, you are solving the wrong half of the problem.

Nik Kale is a principal engineer specializing in enterprise AI platforms and security.

Welcome to the VentureBeat community!

Our guest posting program is where technical experts share insights and provide neutral, non-vested deep dives on AI, data infrastructure, cybersecurity and other cutting-edge technologies shaping the future of enterprise.

Read more from our guest post program — and check out our guidelines if you’re interested in contributing an article of your own!

As we’ve repeated before, and a new report reiterates, the supposed death of Apple Vision Pro and its product team was an exaggeration. There are no signs of “giving up” on the product line.

A report relying on a limited-in-scope anonymous leak reached the conclusion that Apple Vision Pro had become an abandoned product line. While the base team may have changed or evolved, the project itself hasn’t been given up on.

AppleInsider‘s initial assessment of the situation has been reiterated by others in the know, including in the latest According to the Power On newsletter. While the Vision Products Group has been broken up into various other organizations, development of the Apple Vision Pro hasn’t stopped.

In fact, one report from John Gruber suggests the Vision Products Group still exists in some form at Apple. It’s a direct contradiction to Mark Gurman’s reporting, but there’s likely an easy explanation.

In any case, as Gruber points out, the Vision Pro Group isn’t going to learn of its dissolution from a rumor posted by a website. If anything, the world would learn about it via a leak of the all-hands meeting that made the announcement, like with Apple Car.

Putting the pieces together

While we likely won’t ever know the full story, here’s what it seems has occurred based on all the details so far.

• A special projects group is formed in 2016, led by Mike Rockwell, to develop augmented reality products
• Vision Products Group is detailed in July 2023 after Apple Vision Pro reveal
• Apple Vision Pro releases in February 2024 and sells around 600,000 units in the first year
• John Giannandrea is swapped out with Mike Rockwell after seemingly successful Apple Vision Pro development and launch
• Mike Rockwell poaches several heads and engineers from the Vision Products Group, but it isn’t reported as being entirely disbanded at this point
• An Apple Vision Pro with M5 is launched in October 2025, likely to keep the chipset modern and something being produced as new
• On April 15, 2026, Apple’s marketing chief Greg Joswiak says Apple Vision Pro is a peek into the future, but it is tough to say exactly when spatial computing will take over.
• On April 29, rumors appear that suggest Apple had given up on Apple Vision Pro and the entire Vision Products Group had been dissolved

Now we’re back to today where we know the Vision Products Group has not been entirely dissolved. The active team members were reportedly confused by this news.

I believe the reason why we’ve seen contradictory reporting here is because of how Apple is structured internally. It doesn’t tend to create special teams, with Vision Products Group and the Apple Car Project Titan being notable exceptions.

So, as it becomes clear that a new and refined headset won’t be possible in the near term, Apple began siphoning off its top talent into other, more pressing, divisions.

That doesn’t mean Vision Products Group is gone. In fact, they’re likely the ones developing the fabled Apple Glass that will be full AR glasses of the future.

The thing is, neither a lighter Vision Pro nor Apple Glass are possible today. There’s a chance this anonymous leak originated from a team member that was moved and upset about the change.

In any case, visionOS 27 will arrive during WWDC 2026 on June 8 with some refinements in place. Those with an Apple Vision Pro on hand shouldn’t worry that their device will suddenly stop being supported by Apple.

Looking for the most recent Connections answers? Click here for today’s Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle, Connections: Sports Edition and Strands puzzles.

Today’s NYT Connections puzzle is a real challenge. The purple category is another one where you have to hunt inside other words for four words that have some kind of connection. Read on for clues and today’s Connections answers.

The Times has a Connections Bot, like the one for Wordle. Go there after you play to receive a numeric score and to have the program analyze your answers. Players who are registered with the Times Games section can now nerd out by following their progress, including the number of puzzles completed, win rate, number of times they nabbed a perfect score and their win streak.

Read more: Hints, Tips and Strategies to Help You Win at NYT Connections Every Time

Hints for today’s Connections groups

Here are four hints for the groupings in today’s Connections puzzle, ranked from the easiest yellow group to the tough (and sometimes bizarre) purple group.

Yellow group hint: Pretty sly.

Green group hint: Different plans.

Blue group hint: Elementary, my dear Watson.

Purple group hint: Hidden anatomy words.

Answers for today’s Connections groups

Yellow group: Move stealthily, with “in.” 

Green group: Kinds of schemes.

Blue group: Detective movies.

Purple group: Body parts surrounded by two letters.

Read more: Wordle Cheat Sheet: Here Are the Most Popular Letters Used in English Words

What are today’s Connections answers?

The yellow words in today’s Connections

The theme is move stealthily, with “in.” The four answers are creep, slip, sneak and steal.

The green words in today’s Connections

The theme is kinds of schemes. The four answers are color, Ponzi, pyramid and rhyme.

The blue words in today’s Connections

The theme is detective movies. The four answers are Chinatown, Knives Out, Seven and Vertigo.

The purple words in today’s Connections

The theme is body parts surrounded by two letters. The four answers are elegy (leg), karma (arm), keyed (eye) and shandy (hand).