ICYMI: New Runway Safety Measures Coming To An Airport Near You

The European Commission has published preliminary findings on Alphabet and how it could be preventing competition, according to an article from TechRepublic. The concerns relate to two issues: self-preferencing in Google Search and “steering rules” in Google Play; these issues were looked into as part of a non-compliance investigation opened in March 2024. The DMA bans self-preferencing, which is when a dominant platform favours its own products or services over those of competitors. The Commission believes the way Alphabet presents Google Search results may steer customers toward Google services, such as Shopping, Flights, or Hotels. Secondly, the Commission argues that the Play Store, Google’s mobile app marketplace, prevents app developers from directing consumers to alternative purchasing channels, such as their own website or third-party app stores. This limits their ability to offer better deals outside of Google’s platform. Google has made a series of changes in the last year to comply with the DMA, such as temporarily removing some Search Widgets and rejigging the layout of Search results, but the Commission has determined that these steps are insufficient.

More than 300 organizations in critical infrastructure, including the medical, tech, and manufacturing sectors, have been victimized by a ransomware threat known as Medusa — and with attacks escalating significantly in the first few months of 2025, the FBI and the Cybersecurity and Infrastructure Agency (CISA) are advising companies to take steps now to secure their systems, according to an article from Lifehacker. Medusa is a ransomware-as-a-service (RaaS) software that, when deployed successfully, encrypts your data along with a threat to release stolen information unless you comply with ransom demands. According to the CISA advisory, victims receive ransom notes requesting a response within 48 hours, or Medusa actors will reach out to them by phone or email. Victims are also listed on a data-leak website alongside a countdown timer and ransom demands with direct links to cryptocurrency wallets. Victims can pay $10,000 to add a day to the countdown—meanwhile, Medusa advertises the data for sale before the timer runs out. This “double extortion” approach forces payment to both decrypt locked files and prevent them from being released or sold (so even if you have a backup you can recover, you still face the threat of information being leaked). The Medusa ransomware was first identified in June 2021 and has since affected organizations across the medical, education, legal, insurance, technology, and manufacturing industries. According to the advisory, Medusa actors use common tricks like phishing campaigns and exploitation of unpatched software vulnerabilities to steal victims' credentials and gain access to their systems. While much of the Medusa threat mitigation happens at the organizational level, there are a few things you as an individual can do to protect your accounts and—by extension—the company you work for.

A United States District Court for the Northern District of California judge has signed off on a settlement agreement between HP and its customers, who sued the company for issuing firmware updates that prevented their printers from working with non-HP ink and toner, according to an article from ArsTechnica. In December 2020, Mobile Emergency Housing Corp. and a company called Performance Automotive & Tire Center filed a class-action complaint against HP [PDF], alleging that the company “wrongfully compels users of its printers to buy and use only HP ink and toner supplies by transmitting firmware updates without authorization to HP printers over the Internet that lock out its competitors’ ink and toner supply cartridges.” The complaint centered on a firmware update issued in November 2020; it sought a court ruling that HP’s actions broke the law, an injunction against the firmware updates, and monetary and punitive damages.

The Federal Aviation Administration is deploying runway safety technology upgrades at 74 air traffic control towers in the U.S., the agency announced on March 19, 2025, and according to an article from AV Web. The Runway Incursion Device (RID) is designed to assist air traffic controllers by providing real-time alerts when a runway is occupied or closed. With the ability to monitor up to eight runways simultaneously, the RID will replace various outdated systems currently in use at control towers, streamlining safety operations across the country. The RID is part of the FAA's fast-tracked surface safety portfolio, which also includes the Surface Awareness Initiative (SAI) and the Approach Runway Verification (ARV) system. All are designed to improve overall safety on the ground.

The EU suspects that Apple has breached the Digital Markets Act due to the company not allowing third-party hardware to connect with its platforms, according to an article from TechRepublic. Fines for noncompliance with the DMA can be up to 10% of the company’s total worldwide turnover, rising to 20% in cases of repeated infringement. Apple has been slapped with two sets of guidance on how to comply with the Commission’s interoperability requirements, relating to iOS connectivity features and the process for handling interoperability requests from developers, respectively. A spokesperson for Apple told TechRepublic: “Today’s decisions wrap us in red tape, slowing down Apple’s ability to innovate for users in Europe and forcing us to give away our new features for free to companies who don’t have to play by the same rules. It’s bad for our products and for our European users.”

A new manufacturing plant in the northeastern Alberta community of Elk Point is blending hemp and other additives into concrete to make lightweight building blocks resistant to weather, fire and mold, according to an article from the CBC. The company, called Asinikahtamwak — in Cree it means “works with rock” — operates from a 13,000-square-foot building on the south end of Elk Point, 215 kilometres northeast of Edmonton. The high-performance building blocks being made in Elk Point are the same size as traditional cinder blocks but weigh only half as much. Asinikahtamwak says other benefits include reduced noise transmission, better thermal insulation and reduced cracking.

A sophisticated supply chain hack targeting Oracle Cloud has exfiltrated a staggering 6 million records, according to an article from eSecurityPlanet. CloudSEK’s XVigil uncovered that threat actor “rose87168” began selling the stolen data on March 21. The breach, exploiting a vulnerability in Oracle’s cloud infrastructure, now endangers over 140,000 tenants and has raised serious questions about cloud security practices. The breach appears to be linked to a well-known vulnerability — CVE-2021-35587 — which affects Oracle Access Manager (OpenSSO Agent) in Oracle Fusion Middleware. According to FOFA data, the vulnerable endpoint, last updated on Sept. 27, 2014, allowed an unauthenticated attacker network access via HTTP. This easily exploitable flaw enabled a complete compromise of Oracle Access Manager, underscoring how outdated configurations and poor patch management can lead to large-scale security failures.

Microsoft is changing the look of the BSOD, according to an article from Lifehacker. The company announced the redesign in a Friday post on the Windows Insider blog. (The Windows Insider program allows software testers to try out new Windows features early before Microsoft launches them to the public.) In addition to a number of other new features and changes testers can try, there's the new BSOD, which Microsoft says is “more streamlined” and “better aligns with Windows 11 design principles,” while maintaining the same technical information you'd expect from the traditional blue screen. During testing, the new BSOD is actually green, but will be black when it is rolled out to the public.

Tory Hunt, the owner of credential leak website HaveIBeenPwned, is notifying thousands of subscribers after falling for a MailChimp phishing scam — in which approximately 16,000 credentials were compromised, according to an article from TechRadar. In a blog post, Hunt described the attack which led to the export of the credentials, in which he was emailed a fake ‘Sending Privileged Restricted’ notification, which encouraged him to review his account through an email link. When Hunt followed the link, he was taken to a page and asked to enter his credentials, which, he notes, did not auto-complete from 1Password (a tell-tale sign). Moments later, ‘the penny dropped’, Hunt says, as he realized his mistake.

New Android malware is using Microsoft’s .NET MAUI to fly under the radar in a new cybersecurity dust-up this week, according to an article from TechRepublic. Disguised as actual services such as banking and social media apps targeting Indian and Chinese-speaking users, the malware is designed to gain access to sensitive information. Cybersecurity experts with McAfee’s Mobile Research Team say that, while the threat is currently aimed at China and India, other cybercriminal groups could easily adopt the same method to target a broader audience.

An important focus of AI research is improving an AI system’s factualness and trustworthiness. Even though significant progress has been made in these areas, some AI experts are pessimistic that these issues will be solved in the near future. That is one of the main findings of a new report by The Association for the Advancement of Artificial Intelligence (AAAI), which includes insights from experts from various academic institutions (e.g., MIT, Harvard, and University of Oxford) and tech giants (e.g., Microsoft and IBM), according to an article from TechRepublic. The goal of the study was to define the current trends and the research challenges to make AI more capable and reliable so the technology can be safely used, wrote AAAI President Francesca Rossi. The report includes 17 topics related to AI research culled by a group of 24 “very diverse” and experienced AI researchers, along with 475 respondents from the AAAI community, she noted. Here are highlights from this AI research report.

If you're a gamer, beware a new malware that's pretending to be an ASUS utility, according to an article from Lifehacker. CoffeeLoader impersonates Armoury Crate, which manages ASUS and ROG software and peripherals, and infects your Windows machine with an infostealer that's nearly impossible to detect. According to an analysis by ZScaler, once on your system, the CoffeeLoader malware delivers the Rhadamanthys infostealer, which can extract credentials from applications like web browsers, email clients, crypto wallets, and even the password manager KeePass. CoffeeLoader then manages to evade most security tools on your device, including antivirus software and malware detectors, making it especially dangerous and difficult to catch. It does this in part by running on the graphics card (GPU), which security tools aren't as likely to scan, rather than your computer's CPU.

OpenAI has significantly leveled up the image generating capabilities of ChatGPT, as part of an update to the GPT-4o model introduced last May. The new and improved AI image generator is out now for all ChatGPT users, although free access does have limits, with higher limits also in place for the $20/month ChatGPT Plus plan, according to an article from Lifehacker. Still, that's an improvement over the initial launch on March 25, as free image generation was quickly pulled after release due to heavy server loads. It's not clear right now what the limits for free and Plus users are, although CEO Sam Altman had previously posted that the goal is to allow free users three images per day.

All enterprise users of Gmail can now easily apply end-to-end encryption to their emails, according to an article from TechRepublic. Prior to April 1, 2025, this was a luxury reserved for big businesses with significant IT resources, but Google recognises that email attacks are on the rise across the board. Starting April 1, 2025, Gmail users can send end-to-end encrypted emails to others within their organisation; in the coming weeks, they will also be able to send encrypted emails to Gmail inboxes outside their organisation, with support for all email inboxes expected later this year. To get early access for E2EE emails in Gmail, fill out Google’s Pre-General Availability Test Application. Emails sent with Gmail’s end-to-end encryption are extremely secure because only the sender has control over the encryption key, which is stored outside of Google’s infrastructure. Users can click the padlock by the Bcc button and press Turn On under the Additional Encryption’ option to apply it.

To celebrate 50 years of Microsoft, famous/infamous (depending on how you view him) co-founder of Microsoft Bill Gates is “gifting” the source code for Altair Basic to the world. You can view it here. There’s also a nice “write up” about his “philanthropic move” from the TechRepublic here. The code is presented on Gates Notes complete with a backstory involving its creation. If nothing else, it makes for some interesting reading. Now, if only he’d release the source code for MS-DOS, Win31, WinXP and several other long-gone stalwarts of computing history … well, that would be one helluva story! How monogamous is his gifting of the source code for a processor no longer created, no longer in use, no longer available, and no longer a factor in serious computing? While it may be the “coolest code he’s ever written,” (his words, not mine) it fails to provide anything new in this current age of computers, other than a nostalgic peek at computing history and the events leading up to it. It did, however, give Microsoft its first “sale,” and gave rise to the company we see today.

As part of ESA/Hubble’s 35th anniversary celebrations, a new image series is being shared to revisit stunning Hubble targets that were previously released, according to the ESA Hubble Telescope website. This image series combines new processing techniques with the latest data from Hubble to re-release these cosmic scenes for the public to enjoy. This new image showcases the dazzling young star cluster NGC 346. Although several images of NGC 346 have been released previously, this view includes new data and is the first to combine Hubble observations made at infrared, optical, and ultraviolet wavelengths into an intricately detailed view of this vibrant star-forming factory. NGC 346 is located in the Small Magellanic Cloud, a satellite galaxy of the Milky Way that lies 200 000 light-years away in the constellation Tucana. The Small Magellanic Cloud is less rich in elements heavier than helium — what astronomers call metals — than the Milky Way. This makes conditions in the galaxy similar to what existed in the early Universe. NGC 346 is home to more than 2500 newborn stars. The cluster’s most massive stars, which are many times more massive than our Sun, blaze with an intense blue light in this image. The glowing pink nebula and snakelike dark clouds are the remnant of the birthsite of the stars in the cluster.

On Thursday, 27 March, the European Space Agency (ESA) sent its last messages to the Gaia Spacecraft. They told Gaia to shut down its communication systems and central computer and said goodbye to this amazing space telescope, according to an article from The Conversation. Gaia was retired for a simple reason: after more than 11 years in space, it ran out of the cold gas propellant it needed to keep scanning the sky. The telescope did its last observation on 15 January 2025. The ESA team then performed testing for a few weeks, before telling Gaia to leave its home at a point in space called L2 and start orbiting the Sun away from Earth. Its main mission was to produce a detailed, three-dimensional map of our galaxy, the Milky Way. To do this, it measured the precise positions and motions of 1.46 billion objects in space. Gaia also measured brightnesses and variability and those data were used to provide temperatures, gravitational parameters, stellar types and more for millions of stars. One of the key pieces of information Gaia provided was the distance to millions of stars.

Is your home internet down? Need to connect your laptop on the go? With a few taps, you can turn your smartphone into a source of internet that laptops, tablets, and other phones can use. This article from PCMag walks you through how to turn your smartphone into a wireless access point to connect you to the internet for both iPhone and Android phones.

The world’s first light-based chip offers 50x speed, and 30x efficiency over silicon-based chips, according to an article from Interesting Engineering. Q.ANT achieved this breakthrough by integrating its patented photonic chip technology onto a TFLN base. The company claims its photonic AI chip offers a massive increase in processing speed and energy efficiency compared to traditional silicon-based chips. This could potentially revolutionize artificial intelligence (AI) data centers and high-performance computing (HPC).

Stargazers may soon get a rare, celestial treat. A star system 3,000 lightyears away is ready to go nova — and when it blows, it will be visible from Earth, according to an article from the New York Post. T Coronae Borealis, a.k.a. Blaze Star, only explodes once every 80 years, appearing as a new star in the night sky for around a week. The hydrogen from the red giant builds up around its partner, accumulating pressure and heat like air in a balloon — only when this balloon pops, it creates a thermonuclear explosion that can be seen across the galaxy. Out in space, the Blaze Star will shine thousands of times its original brightness, but to Earthlings it will appear as a new star in the sky about as bright as the North Star, known as Polaris.

A stunning discovery on Mars has revealed the longest organic molecules ever found on the planet—carbon chains that could resemble building blocks of life as we know it, according to an article from SciTechDaily. Preserved for billions of years in ancient Martian clay, these molecules were uncovered by NASA’s Curiosity rover and could point to a more chemically complex past on the Red Planet.

A team of scientists warns that long-term exposure to Martian dust could harm future astronauts’ lungs, thyroids, and more, according to an article from SciTechDaily. Packed with toxic compounds like silicates and perchlorates, the dust is small enough to bypass our body’s defenses and enter the bloodstream. Drawing on rover data and meteorite analysis, researchers say now is the time to develop filters, supplements, and preventive measures before humans ever set foot on the Red Planet.

Four rocky planets much smaller than Earth orbit Barnard’s Star, the next closest to ours after the three-star Alpha Centauri system. Barnard’s is the nearest single star, according to an article from NASA. Barnard’s Star, six light-years away, is notorious among astronomers for a history of false planet detections. But with the help of high-precision technology, the latest discovery — a family of four — appears to be solidly confirmed. The tiny size of the planets is also remarkable: Capturing evidence of small worlds at great distance is a tall order, even using state-of-the-art instruments and observational techniques. These planets orbit their red-dwarf star much too closely to be habitable. The closest planet’s “year” lasts a little more than two days; for the farthest planet, it is just shy of seven days. That likely makes them too hot to support life. Yet, their detection bodes well in the search for life beyond Earth. Scientists say small, rocky planets like ours are probably the best places to look for evidence of life as we know it. But so far they’ve been the most difficult to detect and characterize. High-precision radial velocity measurements, combined with more sharply focused techniques for extracting data, could open new windows into habitable, potentially life-bearing worlds.

A hormone-free male birth control pill is undergoing clinical testing for the first time ever, according to an article from ScienceAlert. The drug, called YCT-529, has performed incredibly well at limiting the production of sperm in mice and non-human primates, all while producing very few side effects. In male mice, the unique contraceptive kicks in within a month of use, reducing pregnancies in female mates by close to 100 percent. Male macaques require a higher dosage of YCT-529, but it also causes a rapid plummet in sperm count without severe side effects. Importantly, the animals soon regain their fertility when the medicine is stopped. The drug also causes no significant changes in three hormones important for sperm production: testosterone, FSH, or inhibin B.

Nitisinone, usually prescribed for metabolic disorders, kills mosquitoes when present in human blood, according to an article from Techno-Science.net. Researchers have explored a new approach to combat malaria using Nitisinone, a drug initially intended to treat rare metabolic diseases. This substance, by blocking an essential enzyme in mosquitoes, prevents them from digesting blood, leading to their rapid death. This discovery opens up prospects for a more sustainable and environmentally friendly method of controlling mosquito populations compared to traditional insecticides.

In a bid to tilt the cybersecurity battlefield in favor of defenders, Google has introduced Sec-Gemini v1, a new experimental AI model designed to help security teams identify threats, analyze incidents, and understand vulnerabilities faster and more accurately than before, according to an article from TechRepublic. Announced by the company’s cybersecurity research leads, Elie Burzstein and Marianna Tishchenko, Sec-Gemini v1 is the latest addition to Google’s growing family of Gemini-powered tools — but this time, it is laser-focused on cybersecurity.

If I told you that your TV watches everything you do in the name of data collection and advertising, it likely wouldn’t shock you, says an article from Lifehacker. It’s 2025, after all; we're used to a general lack of privacy. Still, it’s not cool, and it turns out you can stop it (even if your TV manufacturer has opted you into it). So, how do you stop your smart TV from tracking what you watch, so you can go back to the days of watching Netflix or playing video games in peace? You need to turn off ACR, short for automatic content recognition. It allows your smart TV to watch what you watch, identify what you watch, and use that information to both recommend new content and serve you more relevant ads. The article goes over how TV manufacturers “hide” the settings to turn ACR off. (I have this intrusive setting turned off on my smart TVs).

Google has released its April 2025 Android Security Bulletin, which includes patches for 62 vulnerabilities affecting Android devices, according to an article from Lifehacker. Two of the fixes address critical zero-day flaws that may have been exploited in “limited, targeted” attacks, according to Google. Zero-days are security vulnerabilities that are exploited before the software developer can identify the flaw and issue a patch. The security update for April includes fixes for a range of issues, many of which elevation of privilege flaws.

Microsoft has detected a zero-day vulnerability in the Windows Common Log File System (CLFS) being exploited in the wild to deploy ransomware, according to an article from TechRepublic. Target industries include IT, real estate, finance, software, and retail, with companies based in the US, Spain, Venezuela, and Saudi Arabia. The vulnerability, tracked as CVE-2025-29824 and rated “important,” is present in the CLFS kernel driver. It allows an attacker who already has standard user access to a system to escalate their local privileges. The individual can then use their privileged access for “widespread deployment and detonation of ransomware within an environment,” according to a blog post by the Microsoft Threat Intelligence Center.

Microsoft's April 2025 Patch Tuesday includes security updates for 134 flaws, including one actively exploited zero-day vulnerability, according to an article from Bleeping Computer. This Patch Tuesday also fixes eleven “Critical” vulnerabilities, all remote code execution vulnerabilities. The number of bugs in each vulnerability category is listed here: 49 Elevation of Privilege Vulnerabilities, 9 Security Feature Bypass Vulnerabilities, 31 Remote Code Execution Vulnerabilities, 17 Information Disclosure Vulnerabilities, 14 Denial of Service Vulnerabilities, and 3 Spoofing Vulnerabilities. The above numbers do not include Mariner flaws and 13 Microsoft Edge vulnerabilities fixed earlier this month. Things that make you glad to be a Linux user!

There's a lot of advice out there for proper password management: Each of your passwords should be strong and unique; use a secure manager to store your passwords; use two-factor authentication (2FA) to add an extra layer of security to your accounts, according to an article from Lifehacker. But there's another piece of advice that is held in the same regard as the others: Change your passwords often — perhaps once every three months. This habit is so emphasized, many companies and organizations will make you change your passwords multiple times a year in the name of security. The thing is, in all likelihood, this isn't actually doing anything to help your security. This idea that changing your passwords multiple times a year is a cornerstone of your security, might be ingrained in some of you. After all, it's not new advice. As PCMag examined, the practice goes back a long time: When security experts write about passwords, they often write about changing passwords, too. It's just the way the advice has been presented. But that's likely because it's anticipating and responding to bad security habits.

Google is hosting dozens of extensions in its Chrome Web Store that perform suspicious actions on the more than 4 million devices that have installed them and that their developers have taken pains to carefully conceal, according to an article from ArsTechnica. The extensions, which so far number at least 35, use the same code patterns, connect to some of the same servers, and require the same list of sensitive systems permissions, including the ability to interact with web traffic on all URLs visited, access cookies, manage browser tabs, and execute scripts.

Mobile applications are quietly attracting more and more malevolent attention — and for good reason, according to an article from TechNewsWorld. They contain a trove of private information about their users. In the iOS universe alone, 82.78%, or about 1.55 million apps, track private user data, according to the trends tracker Exploding Topics. Mobile apps have also proven to be particularly vulnerable attack surfaces for cybercriminals. “Invisible” points of ingress and egress inside mobile apps can be compromised before legacy security tools even detect a breach. Those points include API calls, background syncing, and push notifications.

Google is fixing a long-standing privacy issue that, for [twenty] years, enabled websites to determine users' browsing history through the previously visited links, according to an article from Bleeping Computer. The problem arises from allowing sites to style links as ':visited,' meaning showing them as another color instead of the default blue if a user had previously clicked on them. The system displays this color change regardless of which site they were on when they clicked the link, allowing other sites to potentially use creative scripts that leak the user's browsing history.

Astronomers announced Thursday that they had detected the most promising “hints” of potential life on a planet beyond our solar system, though other scientists expressed skepticism, according to an article from CBS News (and widely reported in multiple media outlets). There has been vigorous debate in scientific circles about whether the planet K2-18b, which is 124 light years away in the Leo constellation, could be an ocean world capable of hosting microbial life, at least. Using the James Webb Space Telescope, a British-U.S. team of researchers detected signs of two chemicals in the planet's atmosphere long considered to be “biosignatures” indicating extraterrestrial life. On Earth, the chemicals dimethyl sulfide (DMS) and dimethyl disulfide are produced only by life, mostly microscopic marine algae called phytoplankton.

A new court ruling could change the dominant role Google has held in the digital advertising market since the release of AdWords in late 2000, according to an article from TechRepublic. On April 17, U.S. District Judge Leonie Brinkema ruled that Google illegally monopolized two markets: one for publisher ad servers and one for online ad exchanges. Antitrust investigators were unable to prove a monopoly in the advertiser ad networks market. Brinkema said Google is guilty of “willfully acquiring and maintaining monopoly power,” adding that “this exclusionary conduct substantially harmed Google’s publisher customers, the competitive process, and, ultimately, consumers of information on the open web.”

In accordance with Executive Order 14176, Declassification of Records Concerning the Assassinations of President John F. Kennedy, Senator Robert F. Kennedy, and the Reverend Dr. Martin Luther King, Jr., on January 23, 2025, records relating to the assassination of Senator Robert F. Kennedy that have been released, and will be available on the (U.S.) National Archives website.

Earth rotates, the Sun rotates, the Milky Way rotates – and a new model suggests the entire Universe could be rotating, according to an article from ScienceAlert. If confirmed, it could ease a significant tension in cosmology. The Universe is expanding, but exactly how fast is a contentious question. Two different methods of measurement return two very different speeds – and as the measurements become more precise, each becomes more certain. This discrepancy is known as the Hubble tension, and it's reaching crisis levels in physics. So for a new study, physicists in Hungary and the US added a small rotation to a model of the Universe – and this mathematical massage seemed to quickly ease the tension. “Much to our surprise, we found that our model with rotation resolves the paradox without contradicting current astronomical measurements,” says István Szapudi, an astronomer at the University of Hawaii.

Patients suffering from Parkinson's disease may soon benefit from a powerful treatment option: stem-cell transplants, according to an article from NPR. In a pair of small studies designed primarily to test safety, two teams of researchers found that stem cells transplanted into the brains of Parkinson's patients began producing the chemical messenger dopamine and appeared to ease symptoms like tremor, researchers reported in the journal Nature. The results indicate that “now we have the potential to really, really halt this disease in its tracks,” says Dr. Mya Schiess, a neurology professor at UTHealth Houston who was not involved in either study. The Food and Drug Administration has cleared one of the stem-cell treatments for a Phase 3 study, the last hurdle before approval.