From Judi Dench’s very naughty tea with Kenneth Branagh to the Peep Show Bake Off special – including Olivia Colman! – here’s your definitive guide to the best holiday viewing. Bring it on

***

Continue reading...

© Composite: Guardian Design

© Composite: Guardian Design

© Composite: Guardian Design

He’ll soon be going back on the hunt for bent coppers – but not before a wild revenge tale of divorcees going rogue. The star talks feeling inferior to Meera Syal, his life in the US and why he’s thrilled to be typecast

While we embark on the inhumanly long wait for the new season of Line of Duty, which starts shooting in January, you’ll see Martin Compston – the show’s hero and true north – a number of times. Twice as you’ve never seen him before, and once, in Red Eye, in the form that you’ve come to know and love him: brisk and taciturn, brave and speedy, the man you’d trust to save the world while the dopes all around him can’t even see it needs saving.

But first, The Revenge Club, in which he is a revelation. The setting is a support group for divorcees, a ragtag gang united by nothing but the fact that they’ve been summarily dismissed by their spouses. “There’s no other reason for these characters to be in each other’s lives,” Compston says from his home in Las Vegas (more on that later – much more). “They’re all desperate and lonely and in dire need of companionship. They’re all, in their own ways, broken, which makes for this explosive mix.”

Continue reading...

© Photograph: Gaumont/Paramout Global

© Photograph: Gaumont/Paramout Global

© Photograph: Gaumont/Paramout Global

Two matches is not an adequate window in which to judge a manager. Nonetheless, these are worrying times for Wilfried Nancy and Celtic. Seriously worrying, in truth.

Back-to-back losses since the Frenchman’s arrival would be bad enough without the rampant manner in which Roma ensured six points from six in visits to Glasgow during this season’s Europa League. What a canter this proved from minute one.

Continue reading...

© Photograph: Ian MacNicol/Getty Images

© Photograph: Ian MacNicol/Getty Images

© Photograph: Ian MacNicol/Getty Images

The reboot brought a parade of new and aged-up faces, multiple returns of Toadie and a violent siege at Harold’s. But in the end Ramsay Street faces death by freeway

Forty years ago, some plucky kids with broad accents rode their bikes around a quintessentially Australian cul-de-sac, lined with postwar houses that could have been any of ours. A catchy tune promised that, if we were there for one another, we could become good friends with the people next door. But now it’s over.

Neighbours has a habit of ending. After it was axed in 1985 by its first Australian broadcaster, Channel Seven, the network even destroyed the sets to make sure it was truly gone. We have, more than once, grieved the end of a community so tightknit that the school principal is also your estranged dad’s ex-wife’s former fake-son-in-law’s surrogate mother.

Continue reading...

© Photograph: Jane Zhang/Amazon Freevee

© Photograph: Jane Zhang/Amazon Freevee

© Photograph: Jane Zhang/Amazon Freevee

Howlingly funny comedy, jaw-dropping documentaries and astonishing drama … it’s been another fantastic year of TV. Our countdown of the very best kicks off here
• More on the best culture of 2025

***

Continue reading...

© Composite: Guardian Design/NETFLIX/HBO

© Composite: Guardian Design/NETFLIX/HBO

© Composite: Guardian Design/NETFLIX/HBO

Roderick Gadson showed no remorse after beating a man to death. A new film, The Alabama Solution, shows how the case lays bare a culture of violence the state has long failed to control

The most dramatic moment in the deposition came when Roderick Gadson, an Alabama prison guard, was questioned under oath about an incident in which he and other officers used such devastating force against a prisoner that the man had to be airlifted to hospital to treat his injuries.

Gadson was shown a photograph of the man, Steven Davis. He was lying in an ICU bed breathing through a tube, his cadaverous face bruised and covered with blood, his eyes black and sunken.

Continue reading...

© Photograph: HBO

© Photograph: HBO

© Photograph: HBO

A nationwide cybersecurity incident involving the OnSolve CodeRED mass notification network has placed Monroe County, Georgia residents at risk, prompting local officials to warn the public and begin transitioning to a new emergency alert system. The Monroe County cyberattack, which officials emphasize did not originate locally, has compromised personal information belonging to users enrolled in the county’s emergency alert service.  In its formal notification, Monroe County Emergency Management Agency (EMA) informed residents that a nationwide data breach affecting all OnSolve CodeRED customers had been confirmed. The county stated, “This has been an issue nationwide,” stressing that the breach stemmed from an attack on the vendor system rather than any action by Monroe County personnel. According to the county, the incident was attributed to “an organized cybercriminal group that has victimized our platform and our customers.” 

Compromised Monroe County’s User Data

The cyberattack on Monroe County users occurred within the broader CodeRED environment, which supports emergency alerts issued across the United States. Once the breach was discovered, OnSolve immediately discontinued its CodeRED service nationwide and shifted resources to a new platform known as Crisis24 CodeRED. Officials said the intrusion was contained within the original system and did not spread to other networks.  According to OnSolve’s assessment, the compromised data includes names, addresses, email addresses, phone numbers, and passwords associated with CodeRED user accounts. County officials urged residents who use the same password for multiple accounts to change those passwords immediately to reduce the risk of further exposure.  Enrollment timing also affects the extent of data loss. Monroe County explained that residents who signed up for CodeRED before March 31, 2025, will have their information migrated to the new Crisis24 CodeRED platform. However, all data added after March 31, 2025, was lost during the incident, meaning those users will need to re-enroll once the new system becomes fully operational. The county noted that it is working closely with Crisis24 staff to expedite the setup of the replacement alert service. 

Vendor Response, FAQ Details, and System Transition 

Although the breach occurred entirely within a third-party vendor system, Monroe County EMA acknowledged that the incident is likely to cause worry within the community. Officials pledged ongoing communication, stating they will share any additional updates provided by OnSolve.  OnSolve also released a detailed FAQ explaining the breach. The vendor reported that personal contact information “may be published” as a result of the attack, but said forensic analysis indicates no impact on municipal systems beyond emergency alerts. According to the provider, the newly launched Crisis24 CodeRED platform resides in a separate, non-compromised environment and has undergone a comprehensive security audit, including external penetration testing and system hardening.  The company stated that the cybersecurity incident was detected in November and that it acted quickly to secure the affected systems, launch an investigation, and engage outside experts. The original OnSolve CodeRED platform has since been permanently decommissioned. 

No Evidence of Identity Theft, but Rising Cyber Risks Cited 

Despite concerns surrounding the Monroe County cyberattack, officials report no evidence that the compromised data has been used for identity theft or fraud. They noted that the breach reflects a broader rise in cyber intrusions nationwide, highlighting the need for stronger threat monitoring and rapid detection.   As the county works to restore its emergency alert system, officials reiterated their commitment to transparency and continued oversight. The growing frequency of attacks also stresses why organizations increasingly rely on independent threat-intelligence providers such as Cyble, whose research regularly tracks new vulnerabilities and cybercriminal activity across global networks.  To better understand how organizations can strengthen their defenses against incidents like the Monroe County cyberattack, security teams can request a guided demonstration of Cyble’s AI-native threat-intelligence capabilities. A personalized demo provides a practical look at how Cyble identifies exposures, tracks threat actors, and supports faster response decisions. 

Learn how to choose the right virtual data room for your startup with pricing models, key features, cost factors, and tips to secure the best VDR deal.

The post How to Choose the Right Virtual Data Room for Your Startup appeared first on Security Boulevard.

A judge queried lawyers about whether a breakup made sense during closing arguments on how to fix the tech giant’s dominance in online advertising.

© Kelsey McClellan for The New York Times

Under the plan, the company will dissolve and its owners, members of the Sackler family, will pay as much as $7 billion of their personal fortune to states, localities, tribes and others harmed in the opioid crisis.

© George Frey/Reuters

The US Treasury Sanctions Burma armed group and several related companies for their alleged involvement in cyber scam centers targeting American citizens. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced the designations as part of a broader effort to combat organized crime, human trafficking, and cybercriminal activities operating out of Southeast Asia. According to the Treasury Department, OFAC has sanctioned the Democratic Karen Benevolent Army (DKBA), a Burmese armed group, and four of its senior leaders for supporting cyber scam centers in Burma. These operations reportedly defraud Americans through fraudulent investment schemes.

US Treasury Sanctions Burma: OFAC Targets Armed Group and Associated Firms

The agency also designated Trans Asia International Holding Group Thailand Company Limited, Troth Star Company Limited, and Thai national Chamu Sawang, citing links to Chinese organized crime networks. These entities were found to be working with the DKBA and other armed groups to establish and expand scam compounds in the region. Under Secretary of the Treasury for Terrorism and Financial Intelligence John K. Hurley stated, “criminal networks operating out of Burma are stealing billions of dollars from hardworking Americans through online scams.” He emphasized that such activities not only exploit victims financially but also contribute to Burma’s civil conflict by funding armed organizations.

Scam Center Strike Force Established

In coordination with agencies including the Federal Bureau of Investigation (FBI), U.S. Secret Service (USSS), and Department of Justice, a new Scam Center Strike Force has been launched to counter cyber scams originating from Burma, Cambodia, and Laos. This task force will focus on investigating and disrupting the most harmful Southeast Asian scam centers, while also supporting U.S. victims through education and restitution programs. The initiative aims to combine law enforcement, financial action, and diplomatic efforts to curb illicit online operations. [caption id="attachment_106706" align="aligncenter" width="432"] Source: Department of the Treasury’s Office of Foreign Assets Control (OFAC)[/caption]

An Ongoing Effort to Protect Victims

The US Treasury Sanctions Burma action builds on previous measures targeting illicit actors in the region. Earlier in 2025, the Karen National Army (KNA) and several related companies were sanctioned for their roles in human trafficking and cyber scam activities. Additional designations in Cambodia and Burma followed, targeting groups such as the Prince Group and Huione Group for operating scam compounds and laundering proceeds from virtual currency investment scams. According to government reports, Americans lost over $10 billion in 2024 to Southeast Asia-based cyber scam operations, marking a 66 percent increase from the previous year.

Cyber Scams and Human Trafficking Links

Investigations revealed that many individuals working in scam centers are victims of human trafficking, coerced into online fraud through threats and violence. Some compounds, including Tai Chang and KK Park in Burma’s Karen State, are known hubs for cyber scams. The DKBA reportedly provides protection for these compounds while also participating in violent acts against trafficked workers. These scam networks often use messaging apps and fake investment platforms to deceive Americans. Victims are manipulated into transferring funds to scam-controlled accounts under the guise of legitimate investments.

Sanctions and Legal Implications

Following today’s actions, all property and interests of the designated individuals and entities within the United States are now blocked. The sanctions prohibit any U.S. person from engaging in transactions involving these blocked parties. Violations of OFAC regulations could lead to civil or criminal penalties. The US Treasury Sanctions Burma initiative underscores the United States’ continued commitment to disrupting global cyber scam operations, holding organized crime networks accountable, and safeguarding victims of human trafficking and financial exploitation.

After a colorful display overnight, the northern U.S., parts of Canada and Britain could see the aurora Wednesday night.

© Andy Dossett/Examiner-Enterprise, via USA Today, via Reuters

Vidar Stealer 2.0 has been released, and the updated infostealer claims to offer improved performance with advanced credential stealing and evasion abilities, features that will necessitate even greater vigilance on the part of security teams. Vidar is already one of the top infostealers, and the recent decline of Lumma will likely make the infostealer even more active in the coming months.

Vidar Stealer 2.0: Rewritten for More Efficient Credential Theft

A Vidar developer who goes by "Loadbaks" announced the release of Vidar Stealer 2.0 on underground forums earlier this month. Loadbaks claimed that rewriting the software in C “gave a huge increase in stability and speed" by eliminating C++ dependencies and runtime overhead. In a new technical analysis of the malware, Trend Micro Threats Analyst Junestherry Dela Cruz said the new version is built on “a complete transition from C++ to a pure C implementation” for greater performance and efficiency. Vidar 2.0 introduces “a range of concerning features, including advanced anti-analysis measures, multithreaded data theft capabilities, and sophisticated methods for extracting browser credentials,” Dela Cruz said. “With a consistent price point of US$300, it offers attackers powerful tools that are both cost-effective and efficient.” Throughout its seven-year history, Vidar has distanced itself from competitors like Raccoon and RedLine by adding support for new features and earning a reputation for reliable support, the threat researcher said. The latest version adds even more distance between Vidar and competitors.

Multithreaded Architecture Means Faster Theft, Less Detection Time

The malware’s multithreaded architecture allows for more efficient use of multi-core processors. The Vidar developer claims that performing data collection tasks in parallel threads greatly speeds up data collection and exfiltration. Dela Cruz said Trend’s analysis shows that the malware employs “an advanced multi-threading system that automatically adjusts its performance based on the victim's computer specifications. It scales its operations by creating more worker threads on powerful systems and fewer threads on weaker machines, ensuring optimal performance without overwhelming the target system. This approach allows the malware to steal data from multiple sources simultaneously - such as browsers, cryptocurrency wallets, and files - rather than processing them one at a time.” In addition to stealing from multiple sources simultaneously, the parallel processing feature also reduces the time the malware needs to remain active on the system, “making it harder for security software to detect and stop the theft operation,” Dela Cruz said.

Vidar 2.0 Claims to Bypass Chrome AppBound Security

Loadbaks, the Vidar developer, also claimed that Vidar 2.0 has “unique” methods for bypassing Chrome's AppBound encryption that prevents credential extraction by binding encryption keys to specific applications. Dela Cruz said binary analysis shows that Vidar 2.0 “implements comprehensive browser credential extraction capabilities targeting both traditional browser storage methods and Chrome's latest security protections across multiple browser platforms.” The malware uses a tiered approach that includes “systematic enumeration of browser profiles” and attempts to extract encryption keys from Local State files using standard DPAPI decryption, the researcher said. Vidar 2.0 can also launch browsers with debugging enabled and inject malicious code into running browser processes via shellcode or reflective DLL injection. “The injected payload extracts encryption keys directly from browser memory, then communicates the stolen keys back to the main malware process via named pipes to avoid disk artifacts,” Dela Cruz wrote. “This approach can bypass Chrome's AppBound encryption protections by stealing keys from active memory rather than attempting to decrypt them from storage.”

Polymorphic Builder Boosts Evasion Techniques

Vidar 2.0 also claims to include an automatic polymorphic builder “so every build is now unique," Loadbaks said, with distinct binary signatures that make static detection more difficult. Dela Cruz said the updated malware “employs heavy use of control flow flattening, implementing complex switch-case structures with numeric state machines that can make reverse engineering more difficult. This obfuscation method transforms the natural program flow into a series of state transitions controlled by switch statements, effectively obscuring the original program logic.” The researcher said the control flow flattening technique has also been seen in Lumma samples, “suggesting the adoption of similar obfuscation frameworks within the information stealer ecosystem.” “The malware's technical capabilities, proven developer track record since 2018, and competitive pricing position it as a likely successor to Lumma Stealer's dominant market position,” Dela Cruz concluded.