Space & Science

The Copernicus Sentinel-2 mission captures a spectacular geological wonder in the Sahara Desert of Mauritania: the Richat Structure.This giant feature looks out from a sea of golden sand in the Adrar Region of northern Mauritania. Once thought to be the site of a meteor impact, the Richat Structure is now believed to have been caused by a process of uplift of a large dome of molten rock that, once at the surface, was shaped by wind, sand and water erosion. Geologists agree that the structure is at least 100 million years old. The layered formation consists of a series of concentric rings and resembles a bull’s eye from space, so is also known as the eye of the Sahara or the eye of Africa.The Richat Structure, 50 km in diameter, is easier to observe from space than from the ground, and has been a familiar landmark for astronauts since the earliest manned missions.In this comparison, we can see two views captured in September 2025: the image on the left is in natural colour, while the image on the right is a false-colour combination which highlights specific features.This remarkable formation exposes layers of sedimentary rock in different places, depending on the rates of erosion on the varying rock types. This can be better appreciated in the false-colour image. The more erosion-resistant quartzite sandstones appear in shades of red and pink and form the outer rings and high ridges internally, with valleys of less-resistant rock between them visible as darker areas. The central rings of the eye are about 80 m tall, with rocks older than those forming the outer rings.In the image on the left, the dark area surrounding the eye is part of the Adrar plateau of sedimentary rock standing some 200 m above the surrounding desert sands, which in turn are part of the Erg Ouarane, an immense sand expanse stretching hundreds of kilometres to Mali.Sand is also clearly visible encroaching into the structure’s southern side. Here, individual trees and bushes can be spotted as tiny dots, which are visible in purple in the false-colour image, following a dry riverbed structure.

In northeastern Africa, within the driest part of the Sahara, dark rocky outcrops rise above pale desert sands. Several of these formations, including Jabal Arakanū, display striking ring-shaped structures.  

Jabal Arkanū (also spelled Arkenu) lies in southeastern Libya, near the border with Egypt. Several other massifs are clustered nearby, including Jabal Al Awaynat (or Uweinat), located about 20 kilometers (12 miles) to the southeast. Roughly 90 kilometers to the west are the similarly named Arkenu structures. These circular features were once thought to have formed by meteorite impacts, but later fieldwork suggested they resulted from terrestrial geological processes.   

Arkanū’s ring-shaped structures also have an earthly origin. They are thought to have formed as magma rose toward the surface and intruded into the surrounding rock. Repeated intrusion events produced a series of overlapping rings, their centers roughly aligned toward the southwest. The resulting ring complex—composed of igneous basalt and granite—is bordered to the north by a hat-shaped formation made of sandstone, limestone, and quartz layers. 

This photograph, taken by an astronaut aboard the International Space Station on September 13, 2025, shows the massif casting long shadows across the desert. The ridges stand nearly 1,400 meters above sea level, or about 800 meters above the surrounding sandy plains. Notice several outwash fans of boulders, gravel, and sand spreading from the mountain’s base toward the bordering longitudinal dunes.   

Two wadis, or typically dry riverbeds, wind through the structure. However, water is scarce in this part of the Sahara. Past research using data from NASA and JAXA’s now-completed Tropical Rainfall Measuring Mission (TRMM) indicated that southeastern Libya, along with adjacent regions of Egypt and northern Sudan, receives only about 1 to 5 millimeters of rain per year. Slightly higher accumulations, around 5 to 10 millimeters per year, occur near Jabal Arkanū and neighboring massifs, suggesting a modest orographic effect from the mountains.  

Astronaut photograph ISS073-E-698446 was acquired on September 13, 2025, with a Nikon Z9 digital camera using a focal length of 800 millimeters. It is provided by the ISS Crew Earth Observations Facility and the Earth Science and Remote Sensing Unit, Johnson Space Center. The image was taken by a member of the Expedition 73 crew. The image has been cropped and enhanced to improve contrast, and lens artifacts have been removed. The International Space Station Program supports the laboratory as part of the ISS National Lab to help astronauts take pictures of Earth that will be of the greatest value to scientists and the public, and to make those images freely available on the Internet. Additional images taken by astronauts and cosmonauts can be viewed at the NASA/JSC Gateway to Astronaut Photography of Earth. Story by Kathryn Hansen.  

Afkareen, M. M., et al. (2022) Lineament Mapping of Jabal Arkenu in Southern Libya. The Scientific Journal of University of Benghazi, 35(1). 

Alghariani, M. (2020) Applications of Remote Sensing for Exploration of Mineral Deposits and Gold in Jabal Arkenu. Fourth International Conference on Geospatial Technologies Libya GeoTec4 in Tripoli – Libya. 

Cigolini, C., et al. (2012)

NEWYou can now listen to Fox News articles!
Android users have been dealing with a steady rise in financial malware for years. Threats like Hydra, Anatsa and Octo have shown how attackers can take over a phone, read everything on the screen and drain accounts before you even notice anything wrong. Security updates have helped slow some of these strains, but malware authors keep adapting with new tricks. The latest variant spotted in circulation is one of the most capable yet. It can silence your phone, take screenshots of banking apps, read clipboard entries, and even automate crypto wallet transactions. This threat is now known as Android BankBot YNRK, and it is far more advanced than typical mobile malware.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletterHow the malware infiltrates devicesHOW ANDROID MALWARE LETS THIEVES ACCESS YOUR ATM CASH Android banking malware is getting harder to spot as attackers use new tricks to take over phones and drain accounts. (Thomas Trutschel/Photothek via Getty Images)BankBot YNRK hides inside fake Android apps that appear legitimate when installed. In the samples analyzed by researchers at Cyfirma, the attackers used apps that impersonated official digital ID tools. Once installed, the malware begins profiling the device by collecting details such as brand, model and installed apps. It checks whether the device is an emulator to avoid automated security analysis. It also maps known models to screen resolutions, which helps it tailor its behavior to specific phones.To blend in, the malware can disguise itself as Google News. It does this by changing its app name and icon, then loading the real news.google.com site inside a WebView. While the victim believes the app is genuine, the malware quietly runs its background services.One of its first actions is to mute audio and notification alerts. This prevents victims from hearing incoming messages, alarms or calls that could signal unusual account activity. It then requests access to Accessibility Services. If granted, this allows the malware to interact with the device interface just like a user. From that point onward, it can press buttons, scroll through screens and read everything displayed on the device.BankBot YNRK also adds itself as a Device Administrator app. This makes it harder to remove and helps it restart itself after a reboot. To maintain long-term access, it schedules recurring background jobs that relaunch the malware every few seconds as long as the phone is connected to the internet.What does the malware stealOnce the malware receives commands from its remote server, it gains near-complete control of the phone. It sends device information and installed app lists to the attackers, then receives a list of financial apps it should target. This list includes major banking apps used in Vietnam, Malaysia, Indonesia and India, along with several global cryptocurrency wallets.With Accessibility permissions enabled, the malware can read everything shown on the screen. It captures UI metadata such as text, view IDs and button positions. This helps it reconstruct a simplified version of any app’s interface. Using this data, it can enter login details, swipe through menus or confirm transfers. It can also set text inside fields, install or remove apps, take photos, send SMS, turn call forwarding on and open banking apps in the background while the screen appears inactive.In cryptocurrency wallets, the malware acts like an automated bot. It can open apps such as Exodus or MetaMask, read balances and seed phrases, dismiss biometric prompts, and carry out transactions. Because all actions happen through Accessibility, the attacker never needs your passwords or PINs. Anything visible on the screen is enough.The malware also monitors the clipboard, so if users copy OTPs, account numbers or crypto keys, the data is immediately sent to the attackers. With call forwarding enabled, incoming bank verification calls can be silently redirected. All of these actions happen within seconds of the malware activating. BankBot YNRK hides inside fake apps that look legitimate, then disguises itself as Google News while it runs in the background. (AP Photo/Don Ryan, File)7 steps you can take to stay safe from banking malwareBanking trojans are getting harder to spot, but a few simple habits can reduce the chances of your phone getting compromised. Here are 7 practical steps that help you stay protected. FBI WARNS OVER 1 MILLION ANDROID DEVICES HIJACKED BY MALWARE1) Install strong antivirus softwareStrong antivirus software helps catch trouble early by spotting suspicious behavior before it harms your Android device or exposes your data. It checks apps as you install them, alerts you to risky permissions and blocks known malware threats. Many top antivirus options also scan links and messages for danger, which adds an important layer of protection when scams move fast.The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com2) Use a data-removal service to shrink your digital footprintData brokers quietly collect and sell your personal details, which helps scammers target you with more convincing attacks. A reputable data-removal service can find and delete your information from dozens of sites so that criminals have less to work with. This reduces spam, phishing attempts and the chances of ending up on a malware attack list.While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.comGet a free scan to find out if your personal information is already out on the web: Cyberguy.com3) Install apps only from trusted sourcesAvoid downloading APKs from random websites, forwarded messages or social media posts. Most banking malware spreads through sideloaded apps that look official but contain hidden code. The Play Store is not perfect, but it offers scanning, app verification and regular take-downs that greatly reduce the risk of installing infected apps.4) Keep your device and apps updatedSystem updates often patch security issues that attackers exploit to bypass protections. Updating your apps is just as important, since outdated versions may contain weaknesses. Turn on automatic updates so that your device stays protected without you having to check manually.5) Use a strong password managerA password manager helps you create long, unique passwords for every account. It also saves you from typing passwords directly into apps, which reduces the chance of malware capturing them from your clipboard or keystrokes. If one password gets exposed, the rest of your accounts remain safe.Next, see if your email has been exposed in past breaches. Our No. 1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.  Once active, the malware can read your screen, steal financial data, automate crypto transfers and intercept OTPs within seconds. (Kurt “CyberGuy” Knutsson)Check out the best expert-reviewed password managers of 2025 at Cyberguy.com6) Enable two-factor authentication wherever possible2FA adds a confirmation step through an OTP, authenticator app or hardware key. Even if attackers steal your login details, they still need this second step to get in. It cannot stop malware that takes over your device, but it significantly limits how far an attacker can go with stolen credentials.GOOGLE ISSUES WARNING ON FAKE VPN APPS7) Review app permissions and installed apps regularlyMalware often abuses permissions such as Accessibility or Device Admin because they allow deep control over your phone. Check your settings to see which apps have these permissions and remove anything that looks unfamiliar. Also, look through your installed apps and uninstall any tool or service you do not remember adding. Regular reviews help you spot threats early before they can steal data.Kurt’s key takeawayBankBot YNRK is one of the most capable Android banking threats discovered recently. It combines device profiling, strong persistence, UI automation and data theft to gain full control over a victim’s financial apps. Because much of its activity relies on Accessibility permissions, a single tap from the user can give attackers complete access. Staying safe means avoiding unofficial APKs, reviewing installed apps regularly and being cautious of any sudden request to enable special permissions.Do you think Android phone makers like Samsung or Google are doing enough to protect you from malware? Let us know by writing to us at Cyberguy.comCLICK HERE TO DOWNLOAD THE FOX NEWS APPSign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletterCopyright 2025 CyberGuy.com.  All rights reserved.

Watch the replay of the press conference held at the conclusion of ESA’s Ministerial Council 2025 (CM25) in Bremen, Germany. ESA Director General Josef Aschbacher, as well as the hosting minister and the CM25 chair, present the outcome of this high-level meeting that took place on 26 and 27 November. Download the press conference slides 

Embed code

Agency

27/11/2025
6100 views
35 likes

The largest contributions in the history of the European Space Agency, €22.1 bn, have been approved at its Council meeting at Ministerial level in Bremen, Germany. 

Ministers and high-level representatives from the 23 Member States, Associate Members and Cooperating States confirmed support for key science, exploration and technology programmes alongside a significant increase in the budget of space applications – Earth observation, navigation and telecommunications. These three elements are also fundamental to the European Resilience from Space initiative, a joint response to critical space needs in security and resilience.

“This is a great success for Europe, and a really important moment for our autonomy and leadership in science and innovation. I’m grateful for the hard work and careful thought that has gone into the delivery of the new subscriptions from the Member States, amounting to a 32% increase, or 17% increase if corrected for inflation, on ESA’s 2022 Ministerial Council,” said ESA Director General Josef Aschbacher.“In the face of a challenging geopolitical situation all the States contributing to the ESA budget, and indeed the European Commission, have put their faith in ESA to keep delivering programmes that will support European leadership in space, and help stretch our capabilities on Earth, in orbit, and into deep space. While we celebrated 50 years of achievements this year, the work is only beginning.”This year’s Ministerial Council was the first stage of the implementation of ESA’s Strategy 2040, setting the course for European space ambitions and defining the objectives that must be met to achieve long-term goals for Europe’s activities in space and in applications on Earth.

Empowering Europe to lead in space science

Ministers and high-level representatives gather for ESA’s Ministerial Council

Appropriately, in its 50th anniversary year, ESA has re-committed to science. The Member States have guaranteed an historic increase of 3.5% per year beyond inflation that will enable some of the most imaginative missions in our history and bolster European scientific leadership. The first step will be to deliver the missions described by the Cosmic Vision long-term plan – including LISA and NewAthena. But the next great leap for science will be enabled by technology development for missions under the Voyage 2050 plan, most notably the ambitious plan to search for life on Enceladus with the large-class mission ‘L4’ to Saturn and its moon, Enceladus. This mission requires immediate technology development to reach the south pole of Enceladus under ideal illumination.

Boosting European security and resilience

The European Resilience from Space initiative has been introduced to help support dual-use capacity for Europe. Initial funding will go towards a system giving access to high- temporal and spatial resolution satellite images – through pooling and sharing of resources and building a network to fill gaps in observations. This will be supported by new navigation services from low Earth orbit and by secure connectivity. The clear mandate for use of space applications for non-aggressive defence purposes signifies an historic change for ESA. It was decided at CM25 that subscriptions will remain open until next year to allow participating states to accommodate the new programme.

ESA technology at the heart of all missions

The technology to support this programme and ESA’s other innovative missions will be developed using a substantially strengthened budget for technology enablers, critical components, digitalisation and emerging technologies. Non-dependence in technology is key to advancing Europe’s ambitions in space, alongside its guaranteed access to space.A range of key activities in the European space ecosystem will be strengthened:

Europe’s launchers Ariane 6 and Vega-C will continue to lead the way to space. ESA will continue to support the evolution of the European launch market, and the development of new transport to orbit including the European Launcher Challenge.

Europe’s markets for space hardware and space data will be developed with the continuation of successful commercialisation programmes. ESA will continue to drive private investment, boost innovation and strengthen SMEs and new entrants to the space industry. A budget of €3.6 bn is agreed towards co-funded projects, expected to attract substantial private funding.

Europe’s lead in Earth observation will be maintained with the preparation of the second generation of Copernicus satellites (specifically the Sentinel-2 Next Generation and Sentinel-3 Next Generation Optical missions). Under FutureEO, ESA will develop and operate world-class Earth science missions, prepare future operational Copernicus and meteorological missions, and support the use of data for Earth Action.

Advancing exploration capabilities

ESA Member States have confirmed their commitment to exploration, with robust plans to enhance international partnerships. The Rosalind Franklin mission to land a rover on Mars is funded towards a launch date in 2028, while ESA will prepare missions to the Moon, the most important being the Argonaut lander. ESA will work on de-risking a range of other technologies to support European presence in low Earth orbit and beyond in the coming decades. Meanwhile, ESA and its Member States have agreed to implement short-term actions to guarantee European astronauts’ access to the International Space Station until its planned end of exploitation in 2030. The development of the LEO cargo return service was also confirmed at CM25 including two demonstration missions aiming at docking to the ISS. An interim meeting at Ministerial level is planned before CM28 to adjust to changes anticipated in international cooperation.

Defenders of the Earth

Three important missions account for the majority of funding in space safety and security: Ramses, Rise and Vigil. The Ramses mission, to be built on a tight schedule to intercept the asteroid Apophis on its close encounter with Earth in 2029 is funded, and will help to prepare for future potentially hazardous asteroids. The Vigil space weather mission, originally endorsed by CM22, will continue to implementation with the spacecraft expected to undergo preliminary design review early next year. To reduce waste in space in the future, the testing of on-orbit servicing will be funded through Rise, a partnership with industry.The SAGA spacecraft – a demonstration mission for quantum communication – will move to construction and implementation. The Moonlight programme which envisages lunar communications and navigations services will continue development.

New ESA activities in Member States

ESA has signed letters of intent with a view to preparing new centres to be hosted in two Member States. A letter of intent has been signed with Poland to examine the possibility of hosting a new centre specialising in security and dual-use/multi-use applications. Meanwhile, a letter of intent between Norway and ESA will allow both sides to evaluate the establishment of an ESA Arctic Space Centre in Tromsø.Two Resolutions were approved during the Ministerial: the Resolution on Elevating the Future of Europe through Space; and the Resolution on the Level of Resources for the Agency’s Mandatory Activities for 2026-2030.

Like
Thank you for liking
You have already liked this page, you can only like it once!

NASA astronaut Chris Williams, accompanied by Roscosmos cosmonauts Sergey Kud-Sverchkov and Sergei Mikaev, safely arrived at the International Space Station on Thursday, expanding the orbiting laboratory’s crew to 10 for the next two weeks.
The trio launched aboard the Soyuz MS-28 spacecraft at 4:27 a.m. EST (2:27 p.m. Baikonur time) from the Baikonur Cosmodrome in Kazakhstan. After a three-hour, two-orbit journey, the spacecraft docked at 7:34 a.m. to the space station’s Rassvet module.
Following hatch opening, expected about 10:10 a.m., the new arrivals will be welcomed by the Expedition 73 crew, including NASA astronauts Mike Fincke, Zena Cardman, and Jonny Kim; JAXA (Japan Aerospace Exploration Agency) astronaut Kimiya Yui; and Roscosmos cosmonauts Sergey Ryzhikov, Alexey Zubritsky, and Oleg Platonov.
NASA’s live coverage of hatch opening begins at 9:50 a.m. on NASA+, Amazon Prime, and YouTube. Learn how to watch NASA content through a variety of platforms, including social media.
During his stay aboard the space station, Williams will conduct scientific research and technology demonstrations aimed at advancing human space exploration and benefiting life on Earth. He will help install and test a new modular workout system for long-duration missions, support experiments to improve cryogenic fuel efficiency and grow semiconductor crystals in space, as well as assist NASA in designing new re-entry safety protocols to protect crews during future missions.
Expedition 74 is scheduled to begin on Monday, Dec. 8, following the departure of Kim, Ryzhikov, and Zubritsky, as they conclude an eight-month science mission aboard the orbital outpost.
Watch the change of command ceremony at 10:25 a.m. on Sunday, Dec. 7, as station leadership transfers from Ryzhikov to Fincke, live on NASA+.
Learn more about International Space Station, crews, research, and operations at:
https://www.nasa.gov/station
-end-
Jimi RussellHeadquarters, Washington202-358-1100james.j.russell@nasa.gov
Sandra Jones / Joseph ZakrzewskiJohnson Space Center, Houston281-483-5111sandra.p.jones@nasa.gov / joseph.a.zakrzewski@nasa.gov

Engineers traced the problem to a manufacturing defect in an insulator on the solid rocket motor, and telemetry data from all four boosters on the following flight in August exhibited “spot-on” performance, according to Bruno. But officials decided to recover the spent expendable motor casings from the Atlantic Ocean for inspections to confirm there were no other surprises or close calls.
The hangup delaying the next Vulcan launches isn’t in rocket production. ULA has hardware for multiple Vulcan rockets in storage at Cape Canaveral Space Force Station, Florida.
Instead, one key reason for Vulcan’s past delays has been the rocket’s performance, particularly its solid rocket boosters. It isn’t clear whether the latest delays are related to the readiness of the Space Force’s GSSAP satellites (the next GPS satellite to fly on Vulcan has been available for launch since 2022), the inspections of Vulcan’s solid rocket motors, or something else.

Vulcan booster cores in storage at Cape Canaveral Space Force Station, Florida.

Credit:

United Launch Alliance

A Space Systems Command spokesperson told Ars that “appropriate actions are being executed to ensure a successful USSF-87 mission … The teams analyze all hardware as well as available data from previous missions to evaluate space flight worthiness of future missions.”
The spokesperson did not provide a specific answer to a question from Ars about inspections on the solid rocket motors from the most recent Vulcan flight.
ULA’s outfitting of a new rocket assembly hangar and a second mobile launch platform for the Vulcan rocket at Cape Canaveral has also seen delays. With so many launches in its backlog, ULA needs capacity to stack and prepare at least two rockets in different buildings at the same time. Eventually, the company’s goal is to launch at an average clip of twice per month.
On Monday, ground crews at Cape Canaveral moved the second Vulcan launch platform to the company’s launch pad for fit checks and “initial technical testing.” This is a good sign that the company is moving closer to ramping up the Vulcan launch cadence, but it’s now clear it won’t happen this year.
Vulcan’s slow launch rate since its first flight in January 2024 is not unusual for new rockets. It took 28 months for SpaceX’s Falcon 9 and ULA’s Atlas V to reach their fourth flight, a timeline that the Vulcan vehicle will reach in May 2026.
The Delta IV rocket from ULA flew its fourth mission 25 months after debuting in 2002. Europe’s Ariane 6 rocket reached its fourth flight in 16 months, but it shares more in common with its predecessor than the others. SpaceX’s Starship also had a faster ramp-up, with its fourth test flight coming less than 14 months after the first.

NEWYou can now listen to Fox News articles!
Attackers have a new tool that targets Microsoft 365 users at a massive scale. Security researchers say a phishing platform called Quantum Route Redirect, or QRR, is behind a growing wave of fake login pages hosted on nearly 1,000 domains. These pages look real enough to fool many users while also slipping past some automated scanners.QRR runs realistic email lures that mimic DocuSign requests, payment notices, voicemail alerts or QR-code prompts. Each message routes victims to a fake Microsoft 365 login page built to harvest usernames and passwords. The kit often lives on parked or compromised legitimate domains that add a false sense of safety for anyone who clicks.Researchers tracked QRR in 90 countries. About 76% of attacks hit US users. That scale makes QRR one of the largest phishing operations active right now.WINDOWS 10 USERS FACE RANSOMWARE NIGHTMARE AS MICROSOFT SUPPORT ENDS IN 2025 WORLDWIDESign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter. Attackers use fake Microsoft security alerts to trick people into entering their Microsoft 365 passwords. (Chona Kasinger/Bloomberg via Getty Images)A fast follow to other major Microsoft credential attacksQRR appeared soon after Microsoft disrupted a major phishing network known as RaccoonO365. That service sold ready-made Microsoft login copies used to steal more than 5,000 sets of credentials, including accounts tied to over 20 US healthcare organizations. Subscribers paid as little as $12 a day to send thousands of phishing emails.Microsoft’s Digital Crimes Unit later shut down 338 related websites and identified Joshua Ogundipe from Nigeria as the operator. Investigators tied him to the phishing code and a crypto wallet that earned more than $100,000. Microsoft and Health-ISAC have since filed a lawsuit in New York that accuses him of multiple cybercrime violations.Other recent examples include kits like VoidProxy, Darcula, Morphing Meerkat and Tycoon2FA. QRR builds on these tools with automation, bot filtering and a dashboard that helps attackers run large campaigns fast.What makes QRR so effectiveQRR uses about 1,000 domains. Many are real sites that were parked or compromised, which helps the pages pass as legitimate. The URLs also follow a predictable pattern that can look normal to users at a glance.The kit includes automated filtering that detects bots. It sends scanners to harmless pages and sends real people to the credential-harvesting site. Attackers can manage campaigns inside a control panel that logs traffic and activity. These features let them scale up quickly without technical skill.Security analysts say organizations can no longer depend on URL scanning alone. Layered defenses and behavioral analysis have become essential for spotting threats that use domain rotation and automated evasion.Microsoft was contacted by CyberGuy for comment but did not have anything to add at this time.HACKERS FIND A WAY AROUND BUILT-IN WINDOWS PROTECTIONSWhy this matters for Microsoft 365 usersWhen attackers get your Microsoft 365 login, they can see your email, grab files and even send new phishing messages that look like they came from you. That can create a chain reaction that spreads fast. This is why the steps below all work together to block these threats before they turn into something bigger.Steps to stay safe from QRR and other Microsoft 365 phishing attacksUse these simple actions to shrink the risk from fake Microsoft 365 pages and look-alike emails.1) Check the sender before you clickTake a second to look at who the email is really from. A slight misspelling, an unexpected attachment or wording that feels off is a big clue the message may be fake. 2) Hover over links firstBefore you open any link, hover your mouse over it to preview the URL. If it does not lead to the official Microsoft login page or looks odd in any way, skip it.3) Turn on multifactor authentication (MFA)MFA adds an extra layer adds an extra layer that makes it much harder for attackers to break in even if they have your password. Use options like app-based codes or hardware keys so phishing kits cannot bypass them.4) Use a data removal serviceAttackers often gather personal details from data broker sites to craft convincing phishing emails. A trusted data removal service scrubs your information from these sites, which cuts down on targeted scams and makes it harder for criminals to tailor fake Microsoft alerts that look real.While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. QRR hides its phishing pages across nearly 1,000 domains, making the fake login screens look convincing at first glance. (Microsoft)Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.5) Update your browser and appsKeep everything on your device up to date. Updates seal off security holes that attackers often rely on when building phishing kits like QRR.6) Never click unknown links and use strong antivirus softwareIf you need to visit a sensitive site, type the address into your browser instead of tapping a link. Strong antivirus tools also help by warning you about fake websites and blocking scripts that phishing kits use to steal login details.The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.MICROSOFT SOUNDS ALARM AS HACKERS TURN TEAMS PLATFORM INTO ‘REAL-WORLD DANGERS’ FOR USERS7) Use advanced spam filteringMost email providers offer stronger filtering settings that block risky messages before they reach you. Turn on the highest level your account allows to keep more fake Microsoft alerts out of your inbox.8) Watch for login alertsTurn on Microsoft account sign-in notifications so you get an alert anytime someone tries to access your account. To do this, sign in to your Microsoft account online, open Security, choose Advanced security options and switch on Sign-in alerts for any suspicious activity. Strong sign-in alerts and phishing-resistant MFA help block these scams before criminals can take over your account.  (Drew Angerer/Getty Images)Kurt’s key takeawaysQRR is a reminder of how quickly scammers change their tactics. Tools like this make it easy for criminals to send huge waves of fake Microsoft emails that look real at first glance. The good news is that a few smart habits can put you a step ahead. When you add stronger sign-in protection, turn on alerts and stay aware of the newest tricks, you make it much harder for attackers to sneak in.Do you think most people can tell the difference between a real Microsoft login page and a fake one, or have phishing kits become too convincing? Let us know by writing to us at Cyberguy.com.CLICK HERE TO DOWNLOAD THE FOX NEWS APPSign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.Copyright 2025 CyberGuy.com.  All rights reserved.  

If you add in nuclear, then the US has reached a grid that is 40 percent emissions-free over the first nine months of 2025. That’s up only 1 percent compared to the same period the year prior. And because coal emits more carbon than natural gas, it’s likely the US will see a net increase in electricity-related emissions this year.
If you would like to have a reason to feel somewhat more optimistic, however, the EIA used the new data to release an analysis of the state of the grid in California, where the production from utility-scale solar has nearly doubled over the last five years, thanks in part to another 17 percent increase so far in 2024.
Through 2023, it was tough to discern any impact of that solar production on the rest of the grid, in part due to increased demand. But since then, natural gas use has dropped considerably (it’s down by 17 percent so far in 2025), placing it at risk of being displaced by solar as the largest source of electricity in California as early as next year. This displacement is happening even as California’s total consumption jumped by 8 percent so far in 2025 compared to the same period last year.

Massive solar growth plus batteries means less natural gas on California’s grid.

Credit:

US EIA

The massive growth in solar has also led to overproduction of power in the spring and autumn, when heating/cooling demands are lowest. That, in turn, has led to a surge in battery construction to absorb the cheap power and sell it back after the Sun sets. The impact of batteries was nearly impossible to discern as recently as 2023, but data from May and June of 2025 shows batteries pulling in lots of power at mid-day, and using it in the early evening to completely offset what would otherwise be an enormous surge in the use of natural gas.
Not every state has the sorts of solar resources available to California. But the economics of solar power suggest that other states are likely to experience this sort of growth in the coming years. And, while the Trump administration has been openly hostile to solar power from the moment it took office, so far there is no sign of that hostility at the grid level.