Blogroll

In a very non-shocking development, it turns out Nintendo is doing just fine.

The company updated its official hardware sales tracking page this week to reflect that the Switch 2 console has sold 10.36 million units as of Sept. 30. For reference, the Wii U (easily Nintendo's biggest failure of this century) sold 13.56 million units in its entire lifetime. That console was on the market for four years, while the Switch 2 has been on the market since June. These sales numbers don't even reflect the month of October, during which Pokémon Legends: Z-A probably shifted at least a few Switch 2 units, despite also being available on the OG Switch. We already know that game has sold a lot of copies.

Gamers may remember that the Switch 2 was incredibly difficult to find in stock in the weeks after its June launch, but it's been much more widely available since late July.

SEE ALSO: 'Hyrule Warriors: Age of Imprisonment' is fine. It's also the most disappointing Switch 2 exclusive.

Of course, there's also an entire holiday season coming up, featuring releases like Hyrule Warriors: Age of Imprisonment, Kirby Air Riders, and Metroid Prime 4. There's an outside chance that the Switch 2 outdoes the Wii U's lifetime sales by the end of 2025.

Again, none of this is particularly surprising, despite some negative discourse from people on YouTube and message boards surrounding the console's high price (by Nintendo standards) in tough economic conditions. The first Switch was a massive success, and the Switch 2 is a new version of that, so of course it's doing well. Nintendo also provided sales numbers for some of the console's early exclusives: Mario Kart World has sold 9.57 million units, and Donkey Kong Bananza has sold 3.49 million units.

All of this is to say that Nintendo probably understands its own business better than angry YouTubers.

YouTuber Enderman ran a tech YouTube channel with more than 350,000 subscribers, and he knew his channel was about to be terminated before it happened.

Why? Because one of his smaller channels was banned by YouTube just days before. On YouTube, creators can't just create an alternate channel to get around a ban. YouTube will know what other accounts a user has and ban that channel, too.

This Tweet is currently unavailable. It might be loading or has been removed.

What is bizarre, however, is the reason Enderman's channels were terminated in the first place. According to Enderman, YouTube sent him a notification when his first channel was terminated. YouTube claimed Enderman's channel had connections to a non-English language YouTube channel that had previously been terminated itself for receiving three or more copyright strikes.

Again, that makes sense, knowing what we know about how YouTube enforces its policies on terminated channels. But Enderman says he has nothing to do with that non-English channel and knew nothing of it before this whole issue came up. The Japanese-language channel in Enderman's screenshot, 椛のスターレイル遊び, translates roughly as "Momiji plays Honkai: Star Rail Adventures," a reference to a Japanese role-playing game.

This Tweet is currently unavailable. It might be loading or has been removed.

And, it appears Enderman isn't the only one.

Over the past few days, numerous YouTube creators with large channels and hundreds of thousands of subscribers have shared that their accounts have been mysteriously terminated by YouTube. Mashable has come across at least half a dozen large channels that have received a similar notification, all of which tie their ban back to the same non-Honkai: Star Rail Adventures YouTube channel.

This Tweet is currently unavailable. It might be loading or has been removed.

Scratchit Gaming, with more than 402,000 subscribers, shared on social media that their YouTube channel was banned due to an alleged connection to the Japanese channel. Another channel, known as 4096, with around half a million subscribers, also says it was terminated for the same reason.

This Tweet is currently unavailable. It might be loading or has been removed.

However, over the past few weeks, it appears even more large channels have also been terminated, with YouTube stating it was due to "spam, deceptive practices, and scam policy."

While these YouTubers have yet to get an answer from YouTube, Enderman is blaming YouTube's new reliance on AI for moderation and policy adherence. In a video posted to his channel before it was banned, Enderman questioned why YouTube was allowing such "drastic measures like channel termination" to be decided by AI without a human reviewing the process first.

Other YouTubers are also blaming AI and the platform's appeals process, which they believe is also powered by AI.

Earlier this year, YouTube shared information about its new AI-powered moderation for video ads on its platform. 

"While human reviewers are still used for some videos, YouTube has invested heavily in automated systems using LLM technology to review ad content," Mashable's Timothy Beck Werth reported at the time. And according to a YouTube policy page, the company uses a combination of automated and human review for non-advertising content.

"When our systems have a high degree of confidence that content is violative, they may make an automated decision. However, in the majority of cases, our automated systems will simply flag content to a trained human reviewer for evaluation before any action is taken."

Mashable has reached out to YouTube for more information and will update this piece when we hear back.

Want to upgrade your smart TV experience before the holidays? The excellent Google TV Streamer 4K is currently 25% off at Amazon and Best Buy—at $75, this is the best Google TV Streamer 4K deal to date.

For a long time, I overlooked Jellyfin's music streaming capabilities. Occasionally, I used the first-party Jellyfin app to listen, but the experience just felt limited and clunky, especially compared to the convenience I was used on Spotify and other music streaming apps. It turns out, I just hadn't been using the right app.

If you’ve been following tech news, you’ve probably seen AMD step on a rake. The company announced it was pulling game-ready driver support for its RDNA 1 and 2 GPUs by putting them in "maintenance mode."

Online dating as a lesbian can be a joyous experience, but it can also involve having your space invaded by straight people or seeing your ex-girlfriends (and your ex-girlfriends' ex-girlfriends) show up in your feed over and over.

Over the decades, queer women have turned to personal ads, roaming bars, and word of mouth to find love. These days, it's not too different. From trying to find a date on WLW TikTok to entrapranureal lesbians creating new apps just for them, LGBTQ women are down to get creative to find their special someone.

Thankfully, in 2025, there are both niche and general apps where queer women can find a partner — whether for one night or for life. Which ones are the best dating apps for lesbians? We tested the most popular dating sites and apps and got some insight from our Dating & Relationships writers to find out.

How to find the best dating apps for lesbians Niche lesbian dating apps aren't your only option for finding love. Credit: Stacey Zhu / Mashable

Mainstream dating apps attract the most users — including queer users. That means niche lesbian dating apps aren't your only options for finding love. These days, Hinge, Bumble, OkCupid, and even eharmony all have clear filters to help you match with people of the same gender (or any gender at all), as well as filters that acknowledge the existence of non-traditional relationships (like polyamory). Especially if you don't live in a densely populated area, going for the more popular dating apps over lesbian dating sites can often lead to more results.

With that said, there is one dating app lesbian women should try. HER is an app by and for queer women, and it's grown to have a strong user base. According to its website, the app has more than 15 million registered users worldwide. The app also emphasizes finding community and making friends, in addition to dating, providing you with numerous ways to connect with other queer women and non-binary users.

Check out our guide below for the full rundown of our recommendations and dating app reviews.

On Monday, Microsoft Detection and Response Team (DART) researchers warned that an OpenAI API was being abused as a backdoor for malware. The researchers concluded that bad actors were using the novel backdoor to conduct long-term espionage operations.

Specifically, Microsoft's cybersecurity researchers discovered that cybercriminals were taking advantage of the OpenAI Assistants API, a clever way to hide their illicit activities, according to Bleeping Computer.

"Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a [command-and-control] channel as a way to stealthily communicate and orchestrate malicious activities within the compromised environment. To do this, a component of the backdoor uses the OpenAI Assistants API as a storage or relay mechanism to fetch commands, which the malware then runs," the researchers wrote in a Microsoft Incident Response published on Nov. 3.

Read on to find out how the exploit worked and how to guard against it.

How bad actors exploited the OpenAI Assistants API

In July, the researchers say they discovered a new backdoor within OpenAI's Assistants API while investigating a "sophisticated security incident." They named the backdoor SesameOp. (Cybersecurity researchers often give catchy names to new strains of malware or cybersecurity exploits.)

The Assistants API is a developer tool that lets OpenAI's enterprise clients build AI assistants within their own apps. Essentially, it brings OpenAI tools like ChatGPT and Code Interpreter into other third-party apps. We should also note that this system is set to be replaced by OpenAI's Responses API.

The DART researchers found that the covert backdoor enabled threat actors to manage compromised devices undetected, using the Assistants API to piggyback malicious commands and encrypted data. While the incident response is short on specifics, the backdoor allowed the bad actors to harvest data for "espionage-type purposes." By using the OpenAI API, the cybercriminals were able to mask their activities.

"This threat does not represent a vulnerability or misconfiguration, but rather a way to misuse built-in capabilities of the OpenAI Assistants API," the researchers concluded.

How to guard against the SesameOp backdoor

Along with an in-depth technical analysis of the threat, Microsoft researchers provided a list of recommendations to mitigate the impact of the exploit.

You can read the full list of recommendations in the Microsoft Incident Response. Some suggestions include "Audit and review firewalls and web server logs frequently," and "Review and configure your perimeter firewall and proxy settings to limit unauthorized access to services, including connections through non-standard ports."

Because the OpenAI Assistants API is set to be deprecated next year anyway, developers may also want to go ahead and migrate to the Responses API that replaces it. OpenAI has a migration guide on its website.

Disclosure: Ziff Davis, Mashable’s parent company, in April filed a lawsuit against OpenAI, alleging it infringed Ziff Davis copyrights in training and operating its AI systems.

When most people talk about controller mods, they’re usually referring to first-party gamepads. I wanted to take a different route and see what was possible with my GameSir Cyclone 2. After some digging, I found a couple of 3D-printable mods that looked promising, so I decided to try them out.

TL;DR: Live stream PSG vs. Bayern Munich in the Champions League for free on Virgin Media Player. Access this free streaming platform from anywhere in the world with ExpressVPN.

The Champions League regularly showcases massive matchups between the best sides from the continent, but that doesn't make PSG vs. Bayern Munich any less exciting. Both teams are top of their domestic leagues and have won every game in this competition, so we're expecting a fascinating contest between two entertaining sides stacked with stars.

If you want to watch PSG vs. Bayern Munich in the Champions League from anywhere in the world, we have all the information you need.

When is PSG vs. Bayern Munich?

PSG vs. Bayern Munich in the Champions League kicks off at 8 p.m. GMT on Nov. 4. This fixture takes place at the Parc des Princes.

How to watch PSG vs. Bayern Munich for free

PSG vs. Bayern Munich is available to live stream for free on Virgin Media Player.

Virgin Media Player is geo-restricted to Ireland, but anyone can access this free streaming platform with a VPN. These tools can hide your real IP address (digital location) and connect you to a secure server in Ireland, meaning you can unblock Virgin Media Player to stream the Champions League for free from anywhere in the world.

Live stream PSG vs. Bayern Munich for free by following these simple steps:

1. Subscribe to a streaming-friendly VPN (like ExpressVPN)

2. Download the app to your device of choice (the best VPNs have apps for Windows, Mac, iOS, Android, Linux, and more)

3. Open up the app and connect to a server in Ireland

4. Visit Virgin Media Player

5. Watch PSG vs. Bayern Munich for free from anywhere in the world

Opens in a new window Credit: ExpressVPN ExpressVPN (1-Month Plan) $12.95 only at ExpressVPN (with money-back guarantee) Get Deal

The best VPNs for streaming are not free, but most do offer free-trials or money-back guarantees. By leveraging these offers, you can access free live streams of the Champions League without actually spending anything. This obviously isn't a long-term solution, but it does give you enough time to stream PSG vs. Bayern Munich (plus more Champions League fixtures) before recovering your investment.

What is the best VPN for Virgin Media Player?

ExpressVPN is the best choice for bypassing geo-restrictions to stream live sport on Virgin Media Player, for a number of reasons:

• Servers in 105 countries including Ireland

• Easy-to-use app available on all major devices including iPhone, Android, Windows, Mac, and more

• Strict no-logging policy so your data is secure

• Fast connection speeds free from throttling

• Up to eight simultaneous connections

• 30-day money-back guarantee

A one-year subscription to ExpressVPN is on sale for $99.95 and includes an extra three months for free — 49% off for a limited time. This plan includes a year of free unlimited cloud backup and a generous 30-day money-back guarantee. Alternatively, you can get a one-month plan for just $12.95 (with money-back guarantee).

Live stream PSG vs. Bayern Munich in the Champions League for free with ExpressVPN.

Mirrorless cameras have, in many ways, unseated digital SLRs as the must-have photo and video tools for the modern era. Many of us picked them for their superior video features, or just because we wanted smaller and lighter camera rigs.

TL;DR: Live stream Liverpool vs. Real Madrid in the Champions League for free with a 30-day trial of Amazon Prime. Access this free live stream from anywhere in the world with ExpressVPN.

The Champions League is back with another round of exciting group stage fixtures, but Liverpool vs. Real Madrid might be the best of the bunch. Liverpool finally secured a Premier League victory at the weekend after four successive defeats, so perhaps that terrible run of form is behind them. Either way, it doesn't get much tougher than a visit from Real Madrid.

If you want to watch Liverpool vs. Real Madrid in the Champions League for free from anywhere in the world, we have all the information you need.

When is Liverpool vs. Real Madrid?

Liverpool vs. Real Madrid in the Champions League kicks off at 8 p.m. GMT on Nov. 4. This fixture takes place at Anfield.

How to watch Liverpool vs. Real Madrid for free

Liverpool vs. Real Madrid in the Champions League is available to live stream on Prime Video in the UK, but you don't need to be subscribed to Amazon Prime to watch this fixture. Instead, you can watch Liverpool vs. Real Madrid for free with a 30-day trial of Amazon Prime.

If you're abroad for this fixture, you might need to use a VPN to watch the Champions League for free on Prime Video. This process is straightforward:

1. Sign up for a 30-day Amazon Prime trial (if you're not already a member)

2. Subscribe to a streaming-friendly VPN (like ExpressVPN)

3. Download the app to your device of choice (the best VPNs have apps for Windows, Mac, iOS, Android, Linux, and more)

4. Open up the app and connect to a server in the UK

5. Live stream Liverpool vs. Real Madrid for free on Prime Video

Opens in a new window Credit: ExpressVPN ExpressVPN (1-Month Plan) $12.95 only at ExpressVPN (with money-back guarantee) Get Deal

The best VPNs for streaming are not free, but most do offer free-trials or money-back guarantees. By leveraging these offers, you can watch Liverpool vs. Real Madrid on Prime Video without committing with your cash. This isn't a long-term solution, but it does give you enough time to stream select Champions League fixtures before recovering your investment.

What is the best VPN for Prime Video?

ExpressVPN is the best choice for bypassing geo-restrictions to stream live sport on Prime Video, for a number of reasons:

• Servers in 105 countries including the UK

• Easy-to-use app available on all major devices including iPhone, Android, Windows, Mac, and more

• Strict no-logging policy so your data is secure

• Fast connection speeds free from throttling

• Up to eight simultaneous connections

• 30-day money-back guarantee

A one-year subscription to ExpressVPN is on sale for $99.95 and includes an extra three months for free — 49% off for a limited time. This plan also includes a year of free unlimited cloud backup and a generous 30-day money-back guarantee. Alternatively, you can get a one-month plan for $12.95 (with money-back guarantee).

Watch Liverpool vs. Real Madrid in the Champions League for free with ExpressVPN.

WhatsApp is releasing a dedicated, full-featured app for the Apple Watch. This app will not be just another notification sender; it will connect with your WhatsApp and let you use features without needing to switch back to your iPhone.

This isn’t the Murano you remember from ten years ago. Nissan has given it its first major update since 2016, and it’s ready to shake off its old reputation. Even the previous Murano held up as a dependable family SUV, but it was starting to lag behind the flashier competition.

SAVE $25: The Amazon Fire TV Stick 4K Max streaming device is on sale for $34.99 with code 4KMAX at Amazon, down from the normal price of $59.99. That's a 42% discount.

Opens in a new window Credit: Amazon Amazon Fire TV Stick 4K Max streaming device $34.99 at Amazon
$59.99 Save $25 use code 4KMAX at checkout Get Deal

The November chill has set in almost everywhere in the U.S. Even if you're still seeing nice daytime highs, the evening lows are likely dipping into territory where it feels nice to be cozy inside. If your ideal fall and winter nights involve streaming your favorite shows and movies, there's a deal from Amazon that can improve the experience.

As of Nov. 4, the Amazon Fire TV Stick 4K Max streaming device is on sale for $34.99 with code 4KMAX marked down from the standard price of $59.99. That's a 42% discount that shaves $25 off the price.

Not all smart TVs stay smart. Older models can get laggy and have trouble loading apps like they used to. Try opening that keyboard and typing in a password and you'll get the gist. If that's the case with your current TV but it's not time to upgrade yet, adding a streaming device can make a world of difference.

The Amazon Fire TV Stick 4K Max is a nice addition to an older TV, helping out with loading apps quickly and starting your shows without a wild amount of buffering time. Plus, this model can connect to WiFi 6, should you home be equipped. It has 16GB of storage so you'll be able to download all your favorite apps.

SEE ALSO: The 75-inch LG Class 90 Series QNED 4K TV is down to an all-time low price at Amazon

Another neat feature on the Fire TV Stick 4K Max is its use of the Fire TV Ambient Experience. This allows you to display over 2,000 pieces of museum-quality art and photography while you're not watching TV. You can also add in widgets like your calendar, the weather, or a to-do list to help keep your day running smoothly.

Instead of dealing with a slow-to-load TV, upgrade to the Fire TV Stick 4K Max while it's on sale for $34.99 at Amazon. Be sure to use code 4KMAX at checkout to snag this sale price.

SAVE $49.01: As of Nov. 4, get the Apple Watch SE 3 for $199.99 at Amazon, down from its usual price of $249. That's a discount of 20% and the lowest price we've seen.

Opens in a new window Credit: Amazon Apple Watch SE 3 $199.99 at Amazon
$249 Save $49.01   Get Deal

If you're in the market for a new smartwatch, now's definitely the time to start looking. With Black Friday deals on their way, you'll be able to save big on some seriously great options. For example, right now you can snag the Apple Watch SE 3 for its lowest price ever, which is no small discount.

As of Nov. 4, get the Apple Watch SE 3 for $199.99 at Amazon, down from its usual price of $249. That's $49.01 off and a discount of 20%. It's also the lowest price we've seen.

SEE ALSO: The 7 best smartwatches of 2025 include some surprises

The Apple Watch SE 3 just debuted in September, so it's one of the newer models you can get. It comes packing an S10 chip with an always-on display, and boasts a lengthy battery life. Apple claims you can get up to 18 hours per charge, plus you'll be able to charge up enough to get 8 hours of battery in just 15 minutes.

There's a number of smartwatch capabilities you'll get with this model as well, even though it's technically one of the more affordable, more "basic" Apple Watches out there: vitals, sleep, workout metrics, and much more, all at your fingertrips, with automatic heart rate alerts if you have a low heart rate or irregular rhythm.

Of course, you get the full suite of smart comms options as well, like texting, calling, using Siri, GPS, and listening to music if you prefer, straight from your watch. It's a great option for tracking your vitals and workouts as well as keeping in touch.

So if you're ready to buy into the Apple Watch hype, now's the time to do it, especially since you save some serious cash with this deal.

It looks like Apple finally has a plan for its long-awaited Siri overhaul. According to reporting from Bloomberg’s Mark Gurman, the company’s next-generation digital assistant will be powered by Google’s Gemini AI.

In Gurman’s latest Power On newsletter, he confirmed that the upgraded Siri will run a custom Gemini model hosted on Apple’s private cloud compute servers. This setup will enable Siri to answer more personalized questions by drawing on on-device data and generating context-aware responses.

SEE ALSO: Gemini will soon give you a second to think before it stops listening to you

The new Siri, per Bloomberg, is built around three main components: a query planner, a knowledge search system, and a summarizer. The Gemini models running on Apple’s servers will handle the planning and summarization processes.

Gurman notes that Apple is betting big on this new Siri upgrade, relying heavily on Gemini’s power and Google’s experience in search. But users shouldn’t expect Siri to suddenly become an Android clone. Instead, Apple is using Gemini as the backbone for smarter, faster responses while keeping the overall experience tightly integrated into its own ecosystem.

If Gurman’s reporting holds true, the revamped Siri is expected to debut as soon as next spring with the iOS 26.4 update. Fingers crossed it actually shows up on schedule.

Building a smart home that relies on a local server rather than the cloud is a great way to avoid relying on remote servers and having your setup fall over when the internet isn’t working. But what happens if your server is the problem?

Introduction

Code agents are AI systems that can generate high-quality code and work smoothly with code interpreters. These capabilities help streamline complex software development workflows, which has led to their widespread adoption.

However, this progress also introduces critical safety and security risks. Existing static safety benchmarks and red-teaming methods—in which security researchers simulate real-world attacks to identify security vulnerabilities—often fall short when evaluating code agents. They may fail to detect emerging real-world risks, such as the combined effects of multiple jailbreak tools. In the context of code, effective red-teaming requires more than simply checking whether the target code agent rejects unsafe requests. Instead, the agent must generate and execute correct code that performs the intended risky functionality, making it essential to evaluate execution behaviors beyond static code analysis. 

To address these challenges, researchers from the University of Chicago, University of Illinois Urbana–Champaign, VirtueAI, the UK AI Safety Institute, University of Oxford, UC Berkeley, and Microsoft Research recently proposed RedCodeAgent, the first fully automated and adaptive red-teaming agent designed specifically to evaluate the safety of large language model (LLM)-based code agents.

Comprehensive experimental results demonstrate the effectiveness and efficiency of RedCodeAgent across (1) diverse Common Weakness Enumeration (CWE) vulnerabilities and malware types, (2) multiple programming languages—including Python, C, C++, and Java—and (3) a wide range of code agents, such as OpenCodeInterpreter, ReAct, MetaGPT, and commercial agents like Cursor and Codeium. RedCodeAgent also uncovers common vulnerabilities across agents such as generating and executing unsafe code, exposes variations in red-teaming difficulty across goals, identifies frequently triggered attack tools, and detects previously unknown vulnerabilities that all other baseline methods overlook. 

Framework for automatic red-teaming against code agents Figure 1: Illustration of RedCodeAgent on automatic red-teaming against a target code agent 

As shown in Figure 1, RedCodeAgent is equipped with a memory module that accumulates successful attack experiences, enabling the system to continuously learn and adapt its attack strategies. After learning from the previous experiences, RedCodeAgent further leverages a tailored toolbox that combines representative red-teaming tools with a specialized code substitution module, enabling realistic and diverse code-specific attack simulations through function calling. Based on the target agent’s responses across multiple interactive trials, RedCodeAgent optimizes its strategies, systematically probing for weaknesses and vulnerabilities in real time. 

In the evaluation phase, RedCodeAgent integrates simulated sandbox environments to enable code execution and assess the impact of the resulting behaviors. This sandbox-based evaluation ensures a more robust assessment of harmful behaviors and addresses the potential biases of previous static methods that rely solely on “LLM-as-a-judge” evaluations.

A case study is shown in Figure 2. Initially, RedCodeAgent discovers that the request was rejected, then RedCodeAgent calls the Greedy Coordinate Gradient (GCG) algorithm to bypass the safety guardrail. After the second request was rejected by the code agent, RedCodeAgent invoked both Code Substitution and GCG to optimize the prompt. Ultimately, RedCodeAgent successfully combined the suggestion from Code Substitution (i.e., using pathlib) with the adversarial suffix generated by GCG, making the target code agent delete the specified file.

Figure2. A case study of RedCodeAgent calling different tools to successfully attack the target code agent Insights from RedCodeAgent 

Experiments on diverse benchmarks show that RedCodeAgent achieves both a higher attack success rate (ASR) and a lower rejection rate, revealing several key findings outlined below.

Using traditional jailbreak methods alone does not necessarily improve ASR on code agents

The optimized prompts generated by GCG, AmpleGCG, Advprompter, and AutoDAN do not always achieve a higher ASR compared with static prompts with no jailbreak, as shown in Figure 3. This is likely due to the difference between code-specific tasks and general malicious request tasks in LLM safety. In the context of code, it is not enough for the target code agent to simply avoid rejecting the request; the target code agent must also generate and execute code that performs the intended function. Previous jailbreak methods do not guarantee this outcome. However, RedCodeAgent ensures that the input prompt has a clear functional objective (e.g., deleting specific sensitive files). RedCodeAgent can dynamically adjust based on evaluation feedback, continually optimizing to achieve the specified objectives.

Figure 3：RedCodeAgent achieves the highest ASR compared with other methods RedCodeAgent exhibits adaptive tool utilization 

RedCodeAgent can dynamically adjust its tool usage based on task difficulty. Figure 4 shows that the tool calling combination is different for different tasks. For simpler tasks, where the baseline static test cases already achieve a high ASR, RedCodeAgent spends little time invoking additional tools, demonstrating its efficiency. For more challenging tasks, where the baseline static test cases in RedCode-Exec achieve a lower ASR,we observe that RedCodeAgent spends more time using advanced tools like GCG and Advprompter to optimize the prompt for a successful attack. As a result, the average time spent on invoking different tools varies across tasks, indicating that RedCodeAgent adapts its strategy depending on the specific task. 

Figure 4: Average time cost for RedCodeAgent to invoke different tools or query the target code agent in successful cases for each risk scenario  RedCodeAgent discovers new vulnerabilities

In scenarios where other methods fail to find successful attack strategies, RedCodeAgent is able to discover new, feasible jailbreak approaches. Quantitatively, we find that RedCodeAgent is capable of discovering 82 (out of 27*30=810 cases in RedCode-Exec benchmark) unique vulnerabilities on the OpenCodeInterpreter code agent and 78 on the ReAct code agent. These are cases where all baseline methods fail to identify the vulnerability, but RedCodeAgent succeeds.

Summary

RedCodeAgent combines adaptive memory, specialized tools, and simulated execution environments to uncover real-world risks that static benchmarks may miss. It consistently outperforms leading jailbreak methods, achieving higher attack success rates and lower rejection rates, while remaining efficient and adaptable across diverse agents and programming languages.

Opens in a new tab

The post RedCodeAgent: Automatic red-teaming agent against diverse code agents appeared first on Microsoft Research.

Pick up your iPhone, folks, because it's time to download iOS 26.1.

Apple launched the newest iOS version on Monday, which means you can download it right now by going to the iPhone Settings app, hitting "General," then hitting "Software Update." The update, referred to as iOS 26.1, follows up on iOS 26 with a bunch of minor bug fixes and adjustments. However, there are also a handful of larger new features worth talking about.

SEE ALSO: Apple expects record sales for the holidays with potentially new product launches this month The biggest new iOS 26.1 features

Here are the most noteworthy changes in iOS 26.1.

Adjusting (but not turning off) Liquid Glass This Tweet is currently unavailable. It might be loading or has been removed.

Perhaps the most requested feature in iOS 26.1 is the ability to change how the new Liquid Glass user interface looks. After it was introduced in iOS 26, some people found that they didn't like Liquid Glass and wanted it turned off. Well, you can't turn it off, but you can make a small adjustment to it.

Specifically, there's a new Tinted Mode in the Settings app that might make Liquid Glass UI elements stand out a little better to your eyes. It's not quite the same as just allowing users to revert to the way things used to look, but it's a start.

No more accidental camera swipes

Another small but much needed change in iOS 26 is that you can go into the Settings app and turn off the ability to open the Camera app straight from the lock screen. You might read that and wonder why people would want to turn off something so eminently convenient. Well, the problem is that you activate the Camera app from the lock screen by swiping to the left, which is unfortunately very easy to do by accident.

I know I've opened my camera unintentionally this way far more times than I've ever done it on purpose. I'm probably not the only one.

Increased language support

Another nice thing is that Apple is adding more languages to various services that need them. First up is Live Translate via AirPods, which now supports the following languages:

• Chinese (Mandarin simplified and traditional)

• Korean

• Japanese

• Italian

Second, Apple Intelligence now supports a bunch of additional languages:

• Danish

• Norwegian

• Dutch

• Chinese (traditional)

• Portuguese

• Swedish

• Turkish

• Vietnamese

A new UI for alarms

When Apple launched iOS 26, one of the most noticeable changes for some of us came in the form of alarms. When an alarm goes off on iOS 26, you simply press a comically large button on-screen to dismiss it. This is simple to understand, but can sadly result in unintentionally dismissing an alarm. The new iOS 26.1 update changes this just a tiny bit.

By that, I mean you now have to swipe to the right to dismiss an alarm. Making it a more intentional action is probably for the best, but I'm going to miss the giant button.

Swipe to change songs in Music

Speaking of swiping, the last change we'll cover here is that you can now skip songs in Apple Music by doing a swipe motion. This one is comparatively smaller than the other changes, but hey, someone will get a lot of use out of it.

Motorola might catch more headlines for its Razr foldables, but the company also makes some of the best budget phones on the market. If you’re trying to save a buck, you don’t want to sacrifice too much, and Motorola is once again stepping up to the plate with the dependable Moto G and Moto G Play series.