Blog

  • A post-starburst pathway for the formation of massive galaxies and black holes at z > 6

    A post-starburst pathway for the formation of massive galaxies and black holes at z > 6

  • Rigby, J. et al. The science performance of JWST as characterized in commissioning. Publ. Astron. Soc. Pac. 135, 048001 (2023).

    ADS 

    Google Scholar 

  • Kennicutt, R. C. & Evans, N. J. Star formation in the Milky Way and nearby galaxies. Annu. Rev. Astron. Astrophys. 50, 531–608 (2012).

    ADS 

    Google Scholar 

  • Carnall, A. C., McLure, R. J., Dunlop, J. S. & Davé, R. Inferring the star formation histories of massive quiescent galaxies with BAGPIPES: evidence for multiple quenching mechanisms. Mon. Not. R. Astron. Soc. 480, 4379–4401 (2018).

    ADS 

    Google Scholar 

  • Carnall, A. C. et al. The VANDELS survey: the star-formation histories of massive quiescent galaxies at 1.0 < z < 1.3. Mon. Not. R. Astron. Soc. 490, 417–439 (2019).

    ADS 

    Google Scholar 

  • Kroupa, P. On the variation of the initial mass function. Mon. Not. R. Astron. Soc. 322, 231–246 (2001).

    ADS 

    Google Scholar 

  • Leja, J., Carnall, A. C., Johnson, B. D., Conroy, C. & Speagle, J. S. How to measure galaxy star formation histories. II. Nonparametric models. Astrophys. J. 876, 3 (2019).

    ADS 

    Google Scholar 

  • Pacifici, C. et al. The evolution of star formation histories of quiescent galaxies. Astrophys. J. 832, 79 (2016).

    ADS 

    Google Scholar 

  • Carnall, A. C. et al. A massive quiescent galaxy at redshift 4.658. Nature 619, 716–719 (2023).

    ADS 

    Google Scholar 

  • de Graaff, A. et al. Efficient formation of a massive quiescent galaxy at redshift 4.9. Nat. Astron. 9, 280–292 (2025).

    Google Scholar 

  • Weibel, A. et al. RUBIES reveals a massive quiescent galaxy at z = 7.3. Astrophys. J. 983, 11 (2025).

    Google Scholar 

  • Maiolino, R. et al. A small and vigorous black hole in the early Universe. Nature 627, 59–63 (2024).

    ADS 

    Google Scholar 

  • Goulding, A. D. et al. UNCOVER: the growth of the first massive black holes from JWST/NIRSpec-spectroscopic redshift confirmation of an X-ray luminous AGN at z = 10.1. Astrophys. J. Lett. 955, L24 (2023).

    ADS 

    Google Scholar 

  • Zhang, H. et al. TRINITY IV: predictions for supermassive black holes at z  6. Mon. Not. R. Astron. Soc. 531, 4974–4989 (2024).

    Google Scholar 

  • Scoggins, M. T. & Haiman, Z. Diagnosing the massive-seed pathway to high-redshift black holes: statistics of the evolving black hole to host galaxy mass ratio. Mon. Not. R. Astron. Soc. 531, 4584–4597 (2024).

    ADS 

    Google Scholar 

  • Li, W., Inayoshi, K., Onoue, M. & Toyouchi, D. The assembly of black hole mass and luminosity functions of high-redshift quasars via multiple accretion episodes. Astrophys. J. 950, 85 (2023).

    ADS 

    Google Scholar 

  • Davies, F. B., Hennawi, J. F. & Eilers, A.-C. Evidence for low radiative efficiency or highly obscured growth of z > 7 quasars. Astrophys. J. Lett. 884, L19 (2019).

    ADS 

    Google Scholar 

  • Eilers, A.-C. et al. EIGER VI. The correlation function, host halo mass and duty cycle of luminous quasars at z > 6. Astrophys. J. 974, 275 (2024).

    Google Scholar 

  • Davies, R. I. et al. A close look at star formation around active galactic nuclei. Astrophys. J. 671, 1388–1412 (2007).

    ADS 

    Google Scholar 

  • Wild, V., Heckman, T. & Charlot, S. Timing the starburst-AGN connection. Mon. Not. R. Astron. Soc. 405, 933–947 (2010).

    ADS 

    Google Scholar 

  • Maiolino, R. et al. JADES: the diverse population of infant black holes at 4 < z < 11: merging, tiny, poor, but mighty. Astron. Astrophys. 691, A145 (2024).

    Google Scholar 

  • Lupi, A., Quadri, G., Volonteri, M., Colpi, M. & Regan, J. A. Sustained super-Eddington accretion in high-redshift quasars. Astron. Astrophys. 686, A256 (2024).

    ADS 

    Google Scholar 

  • Tanaka, M. et al. Stellar velocity dispersion of a massive quenching galaxy at z = 4.01. Astrophys. J. Lett. 885, L34 (2019).

    ADS 

    Google Scholar 

  • Looser, T. J. et al. A recently quenched galaxy 700 million years after the Big Bang. Nature 629, 53–57 (2024).

    ADS 

    Google Scholar 

  • Kormendy, J. & Ho, L. C. Coevolution (or not) of supermassive black holes and host galaxies. Annu. Rev. Astron. Astrophys. 51, 511–653 (2013).

    ADS 

    Google Scholar 

  • Ito, K. et al. COSMOS2020: ubiquitous AGN activity of massive quiescent galaxies at 0 < z < 5 revealed by X-ray and radio stacking. Astrophys. J. 929, 53 (2022).

    ADS 

    Google Scholar 

  • Belli, S. et al. Star formation shut down by multiphase gas outflow in a galaxy at a redshift of 2.45. Nature 630, 54–58 (2024).

    ADS 

    Google Scholar 

  • D’Eugenio, F. et al. A fast-rotator post-starburst galaxy quenched by supermassive black-hole feedback at z = 3. Nat. Astron. 8, 1443–1456 (2024).

    Google Scholar 

  • Arita, J. et al. Subaru high-z exploration of low-luminosity quasars (SHELLQs). XVIII. The dark matter halo mass of quasars at z ~ 6. Astrophys. J. 954, 210 (2023).

    ADS 

    Google Scholar 

  • Decarli, R. et al. An ALMA [C ii] survey of 27 quasars at z > 5.94. Astrophys. J. 854, 97 (2018).

    ADS 

    Google Scholar 

  • Walter, F. et al. ALMA 200 pc imaging of a z ~ 7 quasar reveals a compact, disk-like host galaxy. Astrophys. J. 927, 21 (2022).

    ADS 

    Google Scholar 

  • Matsuoka, Y. et al. Subaru high-z exploration of low-luminosity quasars (SHELLQs). I. Discovery of 15 quasars and bright galaxies at 5.7 < z < 6.9. Astrophys. J. 828, 26 (2016).

    ADS 

    Google Scholar 

  • Matsuoka, Y. et al. Subaru high-z exploration of low-luminosity quasars (SHELLQs). X. Discovery of 35 quasars and luminous galaxies at 5.7 ≤ z ≤ 7.0. Astrophys. J. 883, 183 (2019).

    ADS 

    Google Scholar 

  • Aihara, H. et al. The Hyper Suprime-Cam SSP Survey: overview and survey design. Publ. Astron. Soc. Jpn 70, S4 (2018).

    Google Scholar 

  • Ding, X. et al. Detection of stellar light from quasar host galaxies at redshifts above 6. Nature 621, 51–55 (2023).

    ADS 

    Google Scholar 

  • Brammer, G. msaexp: NIRSpec analysis tools (0.6.17). Zenodo https://doi.org/10.5281/zenodo.8319596 (2023).

  • Ding, X. et al. The mass relations between supermassive black holes and their host galaxies at 1 < z < 2 HST-WFC3. Astrophys. J. 888, 37 (2020).

    ADS 

    Google Scholar 

  • Birrer, S. et al. Lenstronomy II: a gravitational lensing software ecosystem. J. Open Source Softw. 6, 3283 (2021).

    ADS 

    Google Scholar 

  • Li, J. et al. Synchronized coevolution between supermassive black holes and galaxies over the last seven billion years as revealed by Hyper Suprime-Cam. Astrophys. J. 922, 142 (2021).

    ADS 

    Google Scholar 

  • Tanaka, T. S. et al. The MBHM* relation up to z ~ 2 through decomposition of COSMOS-Web NIRCam images. Astrophys. J. 979, 215 (2025).

    Google Scholar 

  • Ito, K. et al. Size–stellar mass relation and morphology of quiescent galaxies at z ≥ 3 in public JWST fields. Astrophys. J. 964, 192 (2024).

    ADS 

    Google Scholar 

  • Ding, X. et al. SHELLQs-JWST unveils the host galaxies of twelve quasars at z > 6. Preprint at https://arxiv.org/abs/2505.03876 (2025).

  • Fu, Y. QSOFITMORE: a Python package for fitting UV-optical spectra of quasars. Zenodo https://doi.org/10.5281/zenodo.5810042 (2021).

  • Selsing, J., Fynbo, J. P. U., Christensen, L. & Krogager, J.-K. An X-Shooter composite of bright 1 < z < 2 quasars from UV to infrared. Astron. Astrophys. 585, A87 (2016).

    ADS 

    Google Scholar 

  • Goto, T. et al. Hδ-strong galaxies in the Sloan Digital Sky Survey. I. The catalog. Publ. Astron. Soc. Jpn 55, 771–787 (2003).

    ADS 

    Google Scholar 

  • Wu, P.-F. Ejective feedback as a quenching mechanism in the first 1.5 billion years of the Universe: detection of neutral gas outflow in a z = 4 recently quenched galaxy. Astrophys. J. 978, 131 (2025).

    Google Scholar 

  • Curtis-Lake, E. et al. Spectroscopic confirmation of four metal-poor galaxies at z = 10.3–13.2. Nat. Astron. 7, 622–632 (2023).

    ADS 

    Google Scholar 

  • Inayoshi, K. & Maiolino, R. Extremely dense gas around little red dots and high-redshift AGNs: a non-stellar origin of the Balmer break and absorption features. Astrophys. J. Lett. 980, L27 (2025).

    Google Scholar 

  • Bruzual, G. & Charlot, S. Stellar population synthesis at the resolution of 2003. Mon. Not. R. Astron. Soc. 344, 1000–1028 (2003).

    ADS 

    Google Scholar 

  • Chevallard, J. & Charlot, S. Modelling and interpreting spectral energy distributions of galaxies with BEAGLE. Mon. Not. R. Astron. Soc. 462, 1415–1443 (2016).

    ADS 

    Google Scholar 

  • Falcón-Barroso, J. et al. An updated MILES stellar library and stellar population models. Astron. Astrophys. 532, A95 (2011).

    Google Scholar 

  • Calzetti, D. et al. The dust content and opacity of actively star-forming galaxies. Astrophys. J. 533, 682–695 (2000).

    ADS 

    Google Scholar 

  • Nakajima, K. et al. JWST census for the mass-metallicity star formation relations at z = 4–10 with self-consistent flux calibration and proper metallicity calibrators. Astrophys. J. Suppl. Ser. 269, 33 (2023).

    ADS 

    Google Scholar 

  • Greene, J. E. & Ho, L. C. Measuring stellar velocity dispersions in active galaxies. Astrophys. J. 641, 117–132 (2006).

    ADS 

    Google Scholar 

  • Cappellari, M. Full spectrum fitting with photometry in PPXF: stellar population versus dynamical masses, non-parametric star formation history and metallicity for 3200 LEGA-C galaxies at redshift z ≈ 0.8. Mon. Not. R. Astron. Soc. 526, 3273–3300 (2023).

    ADS 

    Google Scholar 

  • Conroy, C., Gunn, J. E. & White, M. The propagation of uncertainties in stellar population synthesis modeling. I. The relevance of uncertain aspects of stellar evolution and the initial mass function to the derived physical properties of galaxies. Astrophys. J. 699, 486–506 (2009).

    ADS 

    Google Scholar 

  • Conroy, C. & Gunn, J. E. The propagation of uncertainties in stellar population synthesis modeling. III. Model calibration, comparison, and evaluation. Astrophys. J. 712, 833–857 (2010).

    ADS 

    Google Scholar 

  • Matsuoka, Y. et al. Subaru high-z exploration of low-luminosity quasars (SHELLQs). V. Quasar luminosity function and contribution to cosmic reionization at z = 6. Astrophys. J. 869, 150 (2018).

    ADS 

    Google Scholar 

  • Eracleous, M., Lewis, K. T. & Flohic, H. M. L. G. Double-peaked emission lines as a probe of the broad-line regions of active galactic nuclei. New Astron. Rev. 53, 133–139 (2009).

    ADS 

    Google Scholar 

  • Ward, C. et al. Panic at the ISCO: time-varying double-peaked broad lines from evolving accretion disks are common among optically variable AGNs. Astrophys. J. 961, 172 (2024).

    ADS 

    Google Scholar 

  • Chen, K. & Halpern, J. P. Structure of line-emitting accretion disks in active galactic nuclei: ARP 102B. Astrophys. J. 344, 115 (1989).

    ADS 

    Google Scholar 

  • Luo, B. et al. Discovery of the most distant double-peaked emitter at z = 1.369. Astrophys. J. 695, 1227–1232 (2009).

    ADS 

    Google Scholar 

  • Strateva, I. V. et al. Double-peaked low-ionization emission lines in active galactic nuclei. Astron. J. 126, 1720–1749 (2003).

    ADS 

    Google Scholar 

  • Xu, D. & Komossa, S. Narrow double-peaked emission lines of SDSS J131642.90+175332.5: signature of a single or a binary AGN in a merger, jet-cloud interaction, or unusual narrow-line region geometry. Astrophys. J. Lett. 705, L20–L24 (2009).

    ADS 

    Google Scholar 

  • Smith, K. L. et al. A search for binary active galactic nuclei: double-peaked [O iii] AGNs in the Sloan Digital Sky Survey. Astrophys. J. 716, 866–877 (2010).

    ADS 

    Google Scholar 

  • Übler, H. et al. GA-NIFS: JWST discovers an offset AGN 740 million years after the big bang. Mon. Not. R. Astron. Soc. 531, 355–365 (2024).

    ADS 

    Google Scholar 

  • Bischetti, M. et al. The WISSH quasars project. I. Powerful ionised outflows in hyper-luminous quasars. Astron. Astrophys. 598, A122 (2017).

    Google Scholar 

  • Marshall, M. A. et al. GA-NIFS: black hole and host galaxy properties of two z 6.8 quasars from the NIRSpec IFU. Astron. Astrophys. 678, A191 (2023).

    Google Scholar 

  • Yang, J. et al. A spectroscopic survey of biased halos in the reionization era (ASPIRE): a first look at the rest-frame optical spectra of z > 6.5 quasars using JWST. Astrophys. J. Lett. 951, L5 (2023).

    ADS 

    Google Scholar 

  • Vestergaard, M. & Peterson, B. M. Determining central black hole masses in distant active galaxies and quasars. II. Improved optical and UV scaling relationships. Astrophys. J. 641, 689–709 (2006).

    ADS 

    Google Scholar 

  • Richards, G. T. et al. Spectral energy distributions and multiwavelength selection of type 1 quasars. Astrophys. J. Suppl. Ser. 166, 470–497 (2006).

    ADS 

    Google Scholar 

  • Greene, J. E. & Ho, L. C. Estimating black hole masses in active galaxies using the Hα emission line. Astrophys. J. 630, 122–129 (2005).

    ADS 

    Google Scholar 

  • Salmon, B. et al. The relation between star formation rate and stellar mass for galaxies at 3.5 ≤ z ≤ 6.5 in CANDELS. Astrophys. J. 799, 183 (2015).

    ADS 

    Google Scholar 

  • Izumi, T. et al. Subaru high-z exploration of low-luminosity quasars (SHELLQs). XIII. Large-scale feedback and star formation in a low-luminosity quasar at z = 7.07 on the local black hole to host mass relation. Astrophys. J. 914, 36 (2021).

    ADS 

    Google Scholar 

  • Schreiber, C. et al. Near infrared spectroscopy and star-formation histories of 3 ≤ z ≤ 4 quiescent galaxies. Astron. Astrophys. 618, A85 (2018).

    Google Scholar 

  • Valentino, F. et al. Quiescent galaxies 1.5 billion years after the Big Bang and their progenitors. Astrophys. J. 889, 93 (2020).

    ADS 

    Google Scholar 

  • Forrest, B. et al. The massive ancient galaxies at z > 3 near-infrared (MAGAZ3NE) survey: confirmation of extremely rapid star formation and quenching timescales for massive galaxies in the early Universe. Astrophys. J. 903, 47 (2020).

    ADS 

    Google Scholar 

  • Carnall, A. C. et al. The JWST EXCELS survey: too much, too young, too fast? Ultra-massive quiescent galaxies at 3 < z < 5. Mon. Not. R. Astron. Soc. 534, 325–348 (2024).

    Google Scholar 

  • Nanayakkara, T. et al. A population of faint, old, and massive quiescent galaxies at 3 < z < 4 revealed by JWST NIRSpec Spectroscopy. Sci. Rep. 14, 3724 (2024).

    ADS 

    Google Scholar 

  • Kakimoto, T. et al. A massive quiescent galaxy in a group environment at z = 4.53. Astrophys. J. 963, 49 (2024).

    ADS 

    Google Scholar 

  • Glazebrook, K. et al. A massive galaxy that formed its stars at z ≈ 11. Nature 628, 277–281 (2024).

    ADS 

    Google Scholar 

  • Wang, B. et al. RUBIES: evolved stellar populations with extended formation histories at z ~ 7–8 in candidate massive galaxies identified with JWST/NIRSpec. Astrophys. J. Lett. 969, L13 (2024).

    Google Scholar 

  • Kokorev, V. et al. Silencing the giant: evidence of active galactic nucleus feedback and quenching in a little red dot at z = 4.13. Astrophys. J. 975, 178 (2024).

    Google Scholar 

  • Labbe, I. et al. An unambiguous AGN and a Balmer break in an ultraluminous little red dot at z = 4.47 from ultradeep UNCOVER and all the little things spectroscopy. Preprint at https://arxiv.org/abs/2412.04557 (2024).

  • Stone, M. A., Lyu, J., Rieke, G. H. & Alberts, S. Detection of the low-stellar-mass host galaxy of a z = 6.25 quasar with JWST. Astrophys. J. 953, 180 (2023).

    ADS 

    Google Scholar 

  • Stone, M. A., Lyu, J., Rieke, G. H., Alberts, S. & Hainline, K. N. Undermassive host galaxies of five z ~ 6 luminous quasars detected with JWST. Astrophys. J. 964, 90 (2024).

    ADS 

    Google Scholar 

  • Yue, M. et al. EIGER. V. Characterizing the host galaxies of luminous quasars at z 6. Astrophys. J. 966, 176 (2024).

    ADS 

    Google Scholar 

  • Matsuoka, Y. et al. The Sloan Digital Sky Survey reverberation mapping project: post-starburst signatures in quasar host galaxies at z > 1. Astrophys. J. 811, 91 (2015).

    ADS 

    Google Scholar 

Continue Reading

  • Chinese launch startup unveils autonomous rocket recovery ship

    Chinese launch startup unveils autonomous rocket recovery ship

    HELSINKI — Chinese launch startup iSpace has launched the nation’s first rocket recovery ship, marking a major step toward offshore reusable rocket operations.

    To continue reading this article:

    Register now and get
    3 free articles every month.

    You’ll also receive our weekly SpaceNews This Week newsletter every Friday. Opt-out at any time.

    Sign in to an existing account

    Get unlimited access to
    SpaceNews.com now.

    As low as $5 per week*

    Cancel anytime. Sales tax may apply. No refunds. (*Billed quarterly)

    See all subscription options

    Andrew Jones covers China’s space industry for SpaceNews. Andrew has previously lived in China and reported from major space conferences there. Based in Helsinki, Finland, he has written for National Geographic, New Scientist, Smithsonian Magazine, Sky… More by Andrew Jones


    Continue Reading

  • Why you should care about the ATC verdict that condemns Senate, NA opposition leaders to jail – Pakistan

    Why you should care about the ATC verdict that condemns Senate, NA opposition leaders to jail – Pakistan

    The principles at play here rise above politics and into the realm of individual liberties and the rule of law, which once chipped away, leave every single one of us more vulnerable.

    The opposition has been convicted. Its leaders in both houses of Parliament have been sentenced to a decade in jail, along with over a hundred other members of their political party. They and seven other opposition parliamentarians have been removed from their elected offices. If you were to apply these words to any country on the planet, most people reading would immediately understand this to be a shameless power grab by an authoritarian status quo; the work of an insecure and dictatorial mindset that treats the will, dissent, and collective intelligence of its own people with ruthless contempt.

    But I am intentionally making no such statement here. For now, I’d like to focus instead on one simple, apolitical, and logical question — what did the judgment actually say?

    Even if you are not invested in law or politics, it is in your interest to keep an eye on how your judicial system treats others. Not just because that is how it could one day treat you, but because these judgments are representative of where we are as a country, to what extent our rights are enforced, and how we are viewed and treated by those in power.

    The convictions in this case, no. 832/ 2023, were delivered by the Anti-Terrorism Court Faisalabad in a 71-page judgment on July 31 written in language far too long and technical to appeal to the average citizen. But I read it, so you don’t have to, and the following aims to be an objective, open-minded analysis.

    The verdict

    Much about the heart of this document is unravelled in its opening paragraphs. Consider the language it uses to describe how the May 9 protests began: “On the asking of leadership of PTI, the mob became furious …”. This was presented not as an allegation, but as fact. And there is more at play here than the assumption that people can develop emotions purely because someone “asked” them to (the possibility that fully grown adults might hold their own opinions didn’t even warrant consideration here).

    A critical and complex legal question — to what extent can the leaders of a party be held responsible for the subsequent actions of its supporters, and how strong is the evidence for that link in this case — stood answered by the Judge before either side’s arguments were even addressed.

    Further down, the evidence presented by the prosecution consists overwhelmingly of social media content, speaking of piles of screenshot printouts and USBs filled with YouTube and TikTok videos purported to be inflammatory. This point would have been much stronger if the witnesses had quoted the specific words spoken by the accused which constituted incitement to violence. In the absence of this, we are expected to trust blindly. To be fair, there is some strong evidence on the record as well, such as photographs of damages and injuries, the recovery of destroyed items, and eyewitnesses to firing, destruction of property, and violence against police officers. This establishes that property damage and violence was indeed done by some people on the ground. But it does not address the question of whether this was specifically ordered or pre-planned as part of a conspiracy. To deal with this point, enter witness 19.

    The ‘witness’

    He is a sub-inspector who apparently narrated a story of “instigation and abetment” committed at Imran Khan’s Zaman Park residence during meetings on the 7th and 9th of May. This poses an obvious question — how did Mr Sub Inspector listen in to what was said at a high-level meeting between the former prime minister and his party leadership? In his own house? Twice?

    One of the attendees of this meeting, former federal minister Hammad Azhar has claimed that the sole evidence relied upon here was that an officer was hiding under a table. And another was behind the curtains.

    As ridiculous as that sounds, the story presented in the ATC’s judgment is even worse — absolutely nothing. We are explicitly told at paragraph 25 that two officers heard for themselves what was said during the Zaman Park meetings, but not a word as to how. They heard violent calls to anarchy, noted down the names of the 41 politicians in the room, and nominated all of them before the court. Simple.

    The next evidence of a conspiracy presented to us is the report of “a secret meeting” that took place at the Rose Hotel in the motorway rest area of Chakri on May 4. At paragraph 24, we are told that an Inspector was informed of this meeting and told everything that was said in it by “a secret source”. Whether there could be a more flimsy and vague recount of evidence in a criminal trial is difficult to imagine.

    On allegations of political victimisation

    The judgment acknowledged that the people accused of hatching the conspiracy claim political victimisation; that they are being brutally harassed by the legal system from multiple directions, and that it is all to punish their party affiliation and break them into submission. It noted that they all plead not guilty.

    And then it moved on to the 2023 film, ‘Money Back Guarantee’, starring Fawad Khan and Ayesha Omar. Fawad Chaudhry was busy attending the premiere, so he couldn’t have been at the conspiracy meeting. The rest of the accused apparently did not appear in court to present their defence. Whether it is more accurate to say did not or could not, I leave to you. But the priorities here appear clear.

    Later in the judgment, it does finally address the claims of political victimisation. At the end of paragraph 27, it states: “If it was the case as asserted by present accused persons of abetment and conspiracy then why the all [sic] prominent leaders of PTI were not dragged for alleged conspiracy and abetment …”. One struggles to find polite words to address an argument as weak as this one. But to put it simply, if you are actively locking up 100 members of the country’s largest opposition party, it is not enough to say, “at least I’m not arresting the rest of them”. Serious claims of victimisation like those made here ought to be addressed by a court in appropriate detail, and not in a single dismissive sentence.

    An ode to the Raj

    From this point onwards in the judgment, law takes a backseat, and we are taken on a journey through subcontinental history and moral philosophy. In a strangely counterintuitive point to bring up, it recalls in paragraph 28 that the sections of the penal code it is currently using to lock up the opposition were inserted by Lord Macaulay, a British coloniser, to lock up his opposition. It then goes on to compare May 9 with “the famous mutiny of 1857”, using colonial language for a historical event that we ordinarily refer to as the first war of independence, and reminding us that following this, “mass violation of these laws was seldom made by the masses in their own countries …”.

    One wonders why on Earth such a comparison would be inserted into a criminal law judgment, or whether its implications were truly understood. Is the ATC Faisalabad comparing PTI protestors to the brave freedom fighters of the subcontinent who revolted against their colonisers? Is it comparing itself or someone else to the British Raj? If not, what did it possibly gain, or what legal point did it strengthen by adding these thoughts?

    A short and sweet paragraph 29 asserts that the fact that a huge number of events took place on May 9, in almost all major cities, “shows that these events were organised and minutely and carefully planned with well thought out strategy and intentional design”. But to assume that the existence alone of mass protest is enough to prove its meticulous planning is in defiance of both history and logic.

    Did the massive and occasionally violent protests against the murder of George Floyd across all major cities of America have one mastermind meticulously planning them out? What about the uprising against Nicolae Ceaușescu in Romania? Or even, to use this judgment’s own example, the first war of independence in 1857? It is of course, not outside the realm of possibility that this or any protest could have a degree of planning involved behind the scenes that is not known to the public. But if this is to be proven in a court of law, and used to lock people up, it requires clear evidence. Not half-baked conjecture.

    The fault with the PTI

    In paragraph 31, the judgment goes into a broad and bizarrely philosophical critique of PTI as a political party — “the culture of nihilism was intentionally promoted with solipsistic approach and the workers were made to believe that they alone are laudable and all others are condemnable”. The word salad that continues for the next several lines is too long and verbose to reproduce here, but the paragraph ends with the conclusion that this political party has by virtue of its existence and beliefs, attacked all of humanity, civilisation, and “conscious human efforts, spread on centuaries, [sic] to create some practicable and effective political system”. His Lordship seems to have exercised great restraint by choosing not to declare PTI to be the real mastermind behind the asteroid that killed the dinosaurs.

    At this point, the question of “okay, but how is all of this relevant to a judicial order?” is so glaringly obvious that the very next paragraph seeks to address it: “Despite above discussion still the law requires sufficient proof for punishment of alleged offences and the convictions should be based on cogent and reliable evidence …”. Wonderful. On a side note, have you ever listened to a friend badmouth someone behind their back for hours on end, but they made sure to close it off with ‘but who am I to judge?’. That last line didn’t inspire a lot of confidence, did it?

    Guilty by presence

    Moving on to individual convictions, the judgment declares that everyone present during the allegedly conspiratorial meetings has been proved of abetment/instigation “beyond a shadow of doubt”. An Inspector adds that the presence of one gentleman, Makhdoom Zain Hussain Qureshi, could not be established at the meetings, and therefore he is acquitted.

    This creates yet another bizarre legal position. Even if one were to assume that conspiracies were indeed being hatched during these meetings (for which no solid evidence has been provided), how can presence alone, in the absence of any proof of contribution to conspiracy be deemed a sufficient indicator of guilt? What if a party member attended, listened quietly, left, and went home? Does the law truly envision a 10-year prison sentence for the crime of silence? If stepping foot in the room was enough for the ATC to determine “beyond a shadow of doubt” that one is guilty of conspiracy, what about the people serving tea and biscuits at meetings like these? Should they too be locked up for a decade each?

    Ultimately, through this judgment, the ATC Faisalabad has convicted 108 people and acquitted 77. The convicted maintain a right of appeal, but the Election Commission of Pakistan has been quick to disqualify all nine members of Parliament who were convicted, and their seats have been declared vacant. Vacant seats in Parliament are re-filled through by-elections. And this raises a new question — if the convictions are overturned in appeal, but a new MNA or MPA has already been elected on the vacated seat, who is to prevail?

    The good news is that all of this can (and if we are to maintain any shred of hope in our justice system, should) be overturned in appeal. But much damage has already been done. This judgment is as bad at the law as it is at grammar. It makes no efforts to conceal its biases, choosing instead to flaunt them wherever it can, diving deep into explicitly political questions of who the people of Pakistan should or should not support, and doing so with an embarrassingly weak understanding of history, political theory, and the fundamental rights of free movement and association.

    It is written in a style and tone that despite its inability to go two pages without a typo, assumes it knows better than you — consistently revealing a worldview that sees the people of Pakistan as easily influenced sheep, incapable of reaching their own opinions and undeserving of the freedoms inherent to a normal democracy. It treats its readers with contempt, and all but ensures that the feeling is mutual.

    These are all conclusions that should matter to every Pakistani. Regardless of political beliefs or associations. Whether you like the person who was convicted or not. If a top politician can be locked up under legal reasoning that is so weak that a child could see through it, so can you. The principles at play here rise above politics and into the realm of individual liberties and the rule of law, which once chipped away, leave every single one of us more vulnerable. Yet oftentimes, developments like these are reduced to the adversarial nature of political contention, where one side must support and the other must oppose. That is flawed.

    Once you read the judgment, you realise it’s not just some politicians whose future is being attacked. It’s yours.

    Continue Reading

  • CM Maryam orders probe into 13-year-old maid’s murder

    CM Maryam orders probe into 13-year-old maid’s murder

    Punjab Chief Minister Maryam Nawaz Sharif has taken strict notice of the alleged torture and murder of a 13-year-old domestic worker in Gujranwala and sought a report from the Regional Police Officer (RPO).

    Expressing heartfelt sympathy and condolences to the bereaved family, the chief minister directed authorities to arrest the suspects immediately and ensure the strictest possible legal action against them.

    “Those who inflict cruelty on an innocent child deserve no leniency, and justice will be provided to the family at all costs,” Maryam Nawaz said.


    Continue Reading

  • Lightcraft Technology Promises to “Fundamentally Change Filmmaking” with New Spark Platform

    Lightcraft Technology Promises to “Fundamentally Change Filmmaking” with New Spark Platform

    Lightcraft Technology, the company behind the Jetset virtual production tool which we reported (and shot a video interview) about before, has announced Spark, a browser-based filmmaking platform that the company claims will solve “some of Hollywood’s biggest issues.” The platform, scheduled for release in 2026, represents another entry in the increasingly crowded field of companies promising to revolutionize film production through AI integration.

    CEO Eliot Mack frames Spark as a solution to what he describes as filmmaking’s “traditional obstacles” – funding, approvals, location scouting, and scheduling. However, these challenges are fundamentally business and logistical issues that have persisted throughout Hollywood’s history, raising questions about whether a software platform can meaningfully address problems that are often rooted in industry economics and human relationships rather than technical limitations.

    Bold claims meet familiar challenges

    The company’s assertion that Spark will allow teams to “harness the power of AI, 3D and traditional filmmaking live in the browser” echoes similar promises made by numerous other platforms in recent years, as the film industry grapples with integrating artificial intelligence tools into established workflows.

    Sparks technical ambitions and market realities

    Spark’s four-component architecture attempts to cover the entire production pipeline through browser-based tools, each targeting specific industry pain points:

    Spark Shot positions itself as a “browser-based interactive scene assembly tool” that combines 3D scans, USD models, animation, audio, AI tools, and camera simulations. The company describes this as allowing filmmakers to “virtually pre-shoot” their films and iterate scenes in real-time through web browsers.

    Spark Live attempts to unify project communications by linking voice, video, chat, “push-to-talk,” and 3D interactions directly to specific shots or assets. While integrating with external platforms like Zoom, it also provides internal communication systems designed to keep distributed teams coordinated. The success of such platforms often depends on adoption across entire production teams – a significant hurdle in an industry where communication workflows are deeply embedded in existing practices.

    Spark Atlas is described as “the first artist-centric database” built on open-source systems, offering encrypted security for production elements from 3D files to EXR sequences. Its key differentiator appears to be script-parsing capability that connects every project element to associated scenes or dialogue. While centralized asset management is a genuine industry need, numerous existing solutions already address these challenges, raising questions about what makes Atlas sufficiently different to justify workflow migration.

    An existing solution that comes to mind which follows a similar approach is PRODUCER Maker Machina, which we’ve reported about several times before.

    Lightcraft didn’t supply us with more than one photo with their press release, so you’ll have to make due with their logo here 😉

    Spark Forge tackles post-production coordination through timeline-based interfaces that build on Jetset’s metadata and OpenTimelineIO exports. The system promises to automate traditionally labor-intensive VFX tasks including tracking, shot building, and compositing, while generating application-specific scripts for tools like Blender, Unreal Engine, Nuke, Maya, Fusion, and SynthEyes. The company claims it can process hundreds of “slap comps” in hours through its “shot factory” approach.

    While the technical specifications sound comprehensive, the film industry has seen numerous ambitious platforms struggle with the reality of production demands. The promise of replacing or supplementing industry-standard tools through browser-based alternatives faces the inherent limitations of web-based apps and the deeply entrenched workflows that have developed around desktop applications.

    Lightcraft’s claim that Spark Shot can transform shooting “from a massively expensive, once-in-a-lifetime endeavor, into something you can do anytime, anywhere” may oversimplify the complex factors that drive production costs, including talent, locations, equipment, and the fundamental creative process itself.

    AI integration without clear differentiation

    The company states that Spark can handle “as much or as little AI as needed for the project,” but provides limited specifics about how its AI implementation differs from existing tools already available to filmmakers. As AI features become increasingly common across creative software platforms, the competitive advantage of AI integration alone has diminished.

    The timing of Spark’s announcement coincides with ongoing industry debates about AI’s role in filmmaking, particularly around labor displacement concerns that have been central to recent strikes and negotiations.

    Who is the competition of Lightcraft Spark?

    Lightcraft enters a market that includes established players like Autodesk, Epic Games, and Adobe, as well as newer companies like Runway and Wonder Dynamics, all vying for filmmakers’ attention with AI-powered tools. The company’s track record with Jetset, provides some credibility, though success with one product doesn’t guarantee market acceptance of a broader platform.

    The browser-based approach could offer accessibility advantages for remote collaboration, particularly relevant in post-pandemic production environments. However, it also faces the challenge of convincing professionals to migrate from established desktop workflows to web-based alternatives.

    Preview at SIGGRAPH 2025 in Vancouver

    Lightcraft is currently demonstrating Spark at SIGGRAPH 2025, where industry professionals have their first opportunity to evaluate whether the platform’s capabilities match its ambitious marketing claims. The film industry has historically been cautious about adopting new technologies that promise to fundamentally alter established workflows.

    The company’s positioning of Spark as a tool for both major studios seeking cost savings and independent filmmakers looking to secure funding reflects an attempt to capture multiple market segments simultaneously – a strategy that often results in platforms that serve neither audience particularly well.

    With a 2026 release timeline, Lightcraft has given itself considerable runway to deliver on its promises. We’ll follow its development and will keep you posted.

    What’s your take on a platform like Lightcraft Spark? Would you use it for your productions? Let us know in the comments.


    Continue Reading

  • How the BJK Cup Finals work: Format, schedule and everything you need to know – BJK Cup – The World Cup of Tennis – billiejeankingcup.com

    How the BJK Cup Finals work: Format, schedule and everything you need to know – BJK Cup – The World Cup of Tennis – billiejeankingcup.com

    1. How the BJK Cup Finals work: Format, schedule and everything you need to know – BJK Cup – The World Cup of Tennis  billiejeankingcup.com
    2. Which teams have qualified for the 2025 BJK Cup Finals? – BJK Cup – The World Cup of Tennis  billiejeankingcup.com
    3. Tennis-Billie Jean King Cup finals to kick off on September 16  Freedom 96.9
    4. Get to know Shenzhen: BJK Cup Finals host city – BJK Cup – The World Cup of Tennis  billiejeankingcup.com

    Continue Reading

  • Erlang/OTP SSH Vulnerability Analysis and Exploits Observed in the Wild

    Erlang/OTP SSH Vulnerability Analysis and Exploits Observed in the Wild

    Executive Summary

    This article presents our observations of exploit attempts targeting CVE-2025-32433. This vulnerability allows unauthenticated remote code execution (RCE) in the Secure Shell (SSH) daemon (sshd) from certain versions of the Erlang programming language’s Open Telecom Platform (OTP).

    Erlang/OTP sshd is widely used in critical infrastructure and operational technology (OT) networks.With a CVSS score of 10.0, CVE-2025-32433 enables unauthenticated clients to execute commands by sending SSH connection protocol messages (codes >= 80) to open SSH ports, which should only be processed after successful authentication. Vulnerable versions include Erlang/OTP prior to OTP-27.3.3, OTP-26.2.5.11 and OTP-25.3.2.20.

    A patch is available in Erlang/OTP versions OTP-27.3.3, OTP-26.2.5.11, OTP-25.3.2.20 and later.

    We have reproduced, validated and analyzed this vulnerability to better understand its impact and provide detection strategies. We observed a significant increase in exploitation activity targeting this vulnerability from May 1-9, 2025, with 70% of our detections originating from firewalls protecting global operational technology (OT) networks.

    This analysis includes telemetry data showing geographic distribution and trends as well as the industries affected by this vulnerability.

    Palo Alto Networks customers are better protected from the threats discussed in this article through the following products and services:

    If you think you might have been compromised or have an urgent matter, contact the Unit 42 Incident Response team.

    Vulnerabilities Discussed CVE-2025-32433

    Details of the Vulnerability

    Erlang is a programming language designed for building concurrent systems where multiple connections are needed simultaneously. Its companion framework, the Open Telecom Platform (OTP), has long been trusted in critical infrastructure from telecommunications networks to financial systems.

    OT and 5G environments use Erlang/OTP due to its fault-tolerance and scalability for high availability systems with minimal downtime. Due to compliance and safety requirements, OT and 5G administrators tend to use Erlang/OTP’s native SSH implementation to remotely manage hosts, which makes CVE-2025-32433 a particular concern in these types of networks.

    At the heart of Erlang/OTP’s secure communication capabilities lies its native SSH implementation — responsible for encrypted connections, file transfers and most importantly, command execution. A flaw in this implementation would allow an attacker with network access to execute arbitrary code on vulnerable systems without requiring credentials, presenting a direct and severe risk to exposed assets.

    Analyzing global internet scanning data from Cortex Xpanse in April 2025, we saw vulnerable Erlang/OTP SSH services were widely exposed on the internet using different TCP ports. This included TCP port 2222, which is commonly used for communications with older industrial automation components and sometimes used by the Ethernet/IP implicit messaging protocol.

    CVE-2025-32433 is inferred from SSH versions tied to Erlang/OTP releases. This widespread exposure on industrial-specific ports indicates a significant global attack surface across OT networks. Analysis of affected industries demonstrates variance in the attacks.

    In our telemetry, we saw that the following industries were disproportionately affected, with over 85% of exploit attempts being triggered directly on their OT firewalls:

    • Healthcare
    • Agriculture
    • Media and entertainment
    • High technology

    Despite high OT reliance, utilities and energy, mining, and aerospace and defense showed no direct OT triggers for this specific threat.

    Sectors like professional and legal services primarily saw triggers on their IT networks. Industries such as manufacturing, wholesale and retail, and financial services experienced more balanced detection across both IT and OT, necessitating integrated defenses.

    Scope of Exploitation Attempts Targeting CVE-2025-32433

    Our telemetry confirms active exploitation attempts of CVE-2025-32433. Our sensors have detected exploit attempts targeting this vulnerability across multiple industries, with the earliest observation occurring on May 1, 2025.

    We identified several malicious payloads being delivered through CVE-2025-32433 exploit attempts. A commonly observed technique uses reverse shells to gain unauthorized remote access. Two examples seen in the wild include the following payloads.

    Payload 1

    File descriptors are used to create a TCP connection and bind it to a shell, allowing interactive command execution over the network, as shown in Figure 1.

    Figure 1. TCP connection creation.

    Payload 2

    Figure 2 shows a simpler variant that initiates a reverse shell using Bash’s interactive mode and redirects the shell’s input and output directly to a remote host at 146.103.40[.]203:6667. This port is commonly associated with remote control servers used for botnet communications.

    Screenshot of a TCP steam with network address and port details visible.
    Figure 2. Remote host redirect.

    Threat Infrastructure Insights

    Our investigation into DNS telemetry was driven by DNS-based indicators we discovered during our payload analysis of exploitation attempts targeting CVE-2025-32433. Several payloads contained commands attempting DNS lookups of long, randomly generated subdomains under dns.outbound.watchtowr[.]com:

    • execSinet:gethostbyname(“d0am3pi3pgl6h3t9mkp0qt3zn9p1izwso.dns.outbound.watchtowr[.]com”).Zsession
    • execSinet:gethostbyname(“d0a3qn23pglekp6ckgtge8xxfd14a8ouk.dns.outbound.watchtowr[.]com”).Zsession
    • execSinet:gethostbyname(“d09idt23pgl3db0en3dgeam6i45tpc6bg.dns.outbound.watchtowr[.]com”).Zsession

    These payloads also provide clear signs of Out-of-Band Application Security Testing (OAST). Specifically, DNS lookups to randomized subdomains under dns.outbound.watchtowr[.]com were triggered using gethostbyname() calls — a common tactic in blind RCE or exfiltration testing.

    These payloads are designed not to return results directly, but to validate execution via external DNS resolutions that the attacker monitors. This approach is widely used in stealthy campaigns, red team assessments and automated scanning frameworks.

    Scope of the Activity

    We conducted a multi-source analysis to understand how attackers attempt exploitation of CVE-2025-32433 in real-world environments. This analysis highlights the geographic distribution of vulnerable systems, exploit activity across key industry sectors and evolving trends over time.

    Exposure Surface Analysis

    Cortex Xpanse revealed 275 distinct hosts and 326 distinct Erlang/OTP services that were publicly routable on the internet between April 16 and May 9, 2025. The countries observed to host the most Erlang/OTP servers are the U.S., Brazil and France.

    Cortex Xpanse scans showed that Erlang/OTP services are widely exposed and vulnerable on industrial networks. Figure 3 below shows the services found on TCP ports like 830, 2022 and 22.

    Bar chart showing the distribution of observed Erlang/OTP server ports and their exposure status labeled as 'Vulnerable' or 'Not Vulnerable' in Cortex XPANSE. The columns included on the right detail the port numbers, SSH version, if they are vulnerable, and the number of hosts.
    Figure 3. Port and vulnerability exposure of Erlang/OTP services.

    The group of exposed ports includes TCP port 2222. This port is also sometimes used by Ethernet/IP implicit messaging, highlighting a direct bridge between IT-centric software vulnerabilities and the operational heart of industrial control systems.

    This overlap highlights the following:

    • Attack surface convergence
      The blurred boundary between IT and OT systems, where a software vulnerability in an IT-facing protocol such as Erlang/OTP, could share network space — or even ports — with industrial control system traffic.
    • Increased exploitability
      Attackers scanning for exploitable Erlang/OTP services could inadvertently or intentionally interact with exposed industrial control systems (ICS) devices, creating opportunities for pivoting into OT environments, especially where network segmentation is weak.

    Geographic Distribution of Exploit Attempts

    After the vulnerability was published on April 16, 2025, we began to detect exploit attempts from a few countries, as shown below in Figures 4 and 5. Figure 4 represents the total number of CVE-2025-32433 signatures triggered by all firewalls in a given country. Figure 5 represents signature triggers specifically from firewalls identified as being within OT networks.

    Heat map showing various countries colored in shades of teal to red, representing data with a scale from 1 to 2,693. Low instances are teal and high instances are red. The United States is entirely red. The only country with slight variation is Japan.
    Figure 4. All network victim geolocation.
    Heat map highlighting countries in varying shades of blue and red, indicating different data values ranging from 1 to 1,916. The Unite States is entirely red.
    Figure 5. OT network victim geolocation.

    Out of a total of 3,376 CVE-2025-32433 signatures triggered globally, 2,363 (approximately 70%) originated from firewalls protecting OT networks. While the figures might appear the same, South America and Scandinavia showed minimal or no OT-related exploit activity despite broader exploitation elsewhere — indicating either better segmentation, slower adoption of vulnerable stacks or detection gaps.

    Countries With High OT Correlation:

    • Japan: 99.74% of its CVE-2025-32433 signatures originated from OT networks
    • U.S.: Despite a lower percentage (71.15%) compared to Japan, the volume of signatures in the U.S. (1916 within OT) signifies a great number of potential incidents affecting American industrial systems
    • The Netherlands, Ireland, Brazil and Ecuador: For these countries, 100% of observed CVE-2025-32433 signature triggers occurred within OT environments
    • France: This country had a significant OT impact at 66.67% of observed signature triggers

    The disproportionate volume of CVE-2025-32433 exploit attempts observed in OT networks across countries like Japan, the U.S. and others reflects a combination of factors, not a singular cause.

    These regions often host highly connected, digitally mature industrial sectors that rely on complex IT/OT integrations where general-purpose components like Erlang/OTP could be embedded in operational environments.

    Exploit Distribution by Industry

    Almost 70% of the total number of signature triggers originated from firewalls protecting OT networks. Of the total number of firewalls that saw an exploit attempt, nearly 60% of the attempts were on firewalls within OT networks. Averaging out the number of exploit attempts per firewall, OT networks saw 160% more attempts per device than non-OT networks.

    This indicates:

    • A significant number of OT firewalls are exposed to the internet
    • Adversaries might have already breached edge security, compromised enterprise devices and established persistence
      • They could be launching this exploit attempt from within enterprise networks using lateral movement techniques, with the goal of accessing OT networks
    • Discrepancy in exploit attempts on OT networks could indicate the intention of malicious actors to infiltrate critical infrastructure

    This number could be anomalous because of the small sample size analyzed.

    An outsized majority of triggers originated in the education industry, both within all networks and OT networks, with 2,460 (72.7% of total) and 2,090 (88.4% of total) respectively, shown in Figure 6 below.

    Bar chart comparing the number of incidents in two categories, "All Industries" and "OT Industries", split into "Education" and "Remaining". "Education" incidents are significantly higher in "All Industries" compared to "OT Industries".
    Figure 6. CVE triggers by industry.

    The industry-level distribution of CVE-2025-32433 exploitation attempts underscores a critical shift in the operational threat landscape.

    We observed nearly 70% of exploit attempts within OT networks. Several sectors — including healthcare, high technology and education — showed a disproportionately high concentration of OT-specific activity.

    This challenges the traditional view that OT risk is confined to industrial control systems or manufacturing. At the same time, we should not interpret the absence of detections in the following OT-heavy sectors as safety:

    • Utilities and energy
    • Mining and aerospace
    • Defense

    We should instead see it as potential evidence of detection weakness or delayed targeting.

    These findings highlight that attackers are exploiting the realities of IT/OT convergence and are targeting operational systems wherever they exist.

    Temporal Trends in Exploitation

    Bar chart showing daily data from May 1st to May 9th 2025 with two categories: "Total" and "OT Only." The bars for "Total" are consistently higher than those for "OT Only." Color distinctions indicate different categories with blue for Total and red for OT Only.
    Figure 7. Trigger distribution by day.

    Analyzing the data we have for May 2025, peaks in total triggers often correlate with OT activity. Figure 7 shows the days with the highest total triggers (May 3, May 6, May 8, May 9) include the days with significant OT activity (May 3, May 8, May 9).

    Exploitation attempts of CVE-2025-32433 are not uniform or continuous — they appear in concentrated bursts that disproportionately impact OT environments. When activity spikes, it is frequently driven by OT-specific triggers, often accounting for over 80% of detections on peak days.

    The geographic, industrial and temporal footprint of CVE-2025-32433 exploit attempts highlights a strategic shift in attacker behavior toward operational environments across diverse sectors and regions. Exploits are not limited to traditionally defined industrial control systems. They appear in healthcare, education, high tech and other verticals — many of which host embedded OT systems not previously treated as high risk.

    Geographically, countries with mature digital infrastructure and strong industrial bases — such as Japan, the U.S. and Brazil — show high OT exposure, while sectors like utilities and mining show no detections despite high inherent risk. This suggests telemetry gaps, delayed targeting or underreporting. Combined, these patterns illustrate that modern OT threats do not follow legacy assumptions about where OT resides or how it is attacked.

    We have confirmed active exploitation attempts through payload telemetry, with disproportionate impact on OT networks across multiple industries. The use of stealthy reverse shells and DNS-based callbacks further indicates that attackers are employing evasive techniques.

    Mitigation Guidance

    The rapid surge in attack payloads suggests that threat actors have quickly adopted this exploit in active campaigns. This pattern underscores the urgency for organizations — particularly those in the targeted sectors and geographies outlined above — to improve protections.

    • Apply the latest security patches
    • Update intrusion prevention systems with the newest signatures
    • Closely monitor environments for signs of compromise

    The primary mitigation for this vulnerability is to upgrade Erlang/OTP to a patched version:

    • OTP 27.3.3 or later
    • OTP 26.2.5.11 or later
    • OTP 25.3.2.20 or later

    As a temporary workaround (if patching is not immediately possible), consider disabling the SSH server or using firewall rules to restrict access to trusted sources only (as suggested by NIST).

    Conclusion

    CVE-2025-32433 is a serious vulnerability resulting from improper state enforcement in the Erlang/OTP SSH daemon, which could potentially allow unauthenticated RCE. The failure to reject post-authentication messages before authentication completion creates a significant attack surface that is being exploited in the wild.

    Attackers are attempting to exploit the vulnerability in short, high-intensity bursts. These are disproportionately targeting OT networks and attempting to access exposed services over both IT and industrial ports. Early telemetry confirms that the threat extends far beyond traditional industrial sectors, impacting education, healthcare and high technology — underscoring the reality that critical OT assets now exist across a much broader digital surface area.

    Organizations must re-examine their exposure, enhance OT-specific visibility and treat CVE-2025-32433 not as an isolated issue, but as a case study in how general-purpose software flaws can rapidly escalate into operational threats.

    Palo Alto Networks Product Protections for CVE-2025-32433

    Palo Alto Networks customers are better protected from these threats by the products and services listed below.

    Cortex XDR and XSIAM are designed to prevent the execution of known malicious malware, and also prevent the execution of unknown malware using Behavioral Threat Protection.

    Cortex Xpanse has the ability to identify exposed devices on the public internet and escalate these findings to defenders. Customers can enable alerting on this risk by ensuring that the Attack Surface Rule is enabled. Identified findings can either be viewed in the Threat Response Center or in the incident view of Expander. These findings are also available for Cortex XSIAM customers who have purchased the ASM module.

    Next-Generation Firewall with the Advanced Threat Prevention subscription can help block activity associated with CVE-2025-32433 (Erlang OTP SSH Remote Code Execution Vulnerability) with the release of our threat prevention signature 96163.

    If you think you may have been compromised or have an urgent matter, get in touch with the Unit 42 Incident Response team or call:

    • North America: Toll Free: +1 (866) 486-4842 (866.4.UNIT42)
    • UK: +44.20.3743.3660
    • Europe and Middle East: +31.20.299.3130
    • Asia: +65.6983.8730
    • Japan: +81.50.1790.0200
    • Australia: +61.2.4062.7950
    • India: 00080005045107

    Palo Alto Networks has shared our findings with our fellow Cyber Threat Alliance (CTA) members. CTA members use this intelligence to rapidly deploy protections to their customers and to systematically disrupt malicious cyber actors. Learn more about the Cyber Threat Alliance.

    Indicators of Compromise

    • .dns.outbound.watchtowr[.]com
    • 194.165.16[.]71
    • 146.103.40[.]203

    Additional References

    Continue Reading

  • MSSQL Extension for VS Code 1.34.0 Deepens Copilot Agent Mode, Adds Colour‑Coded Connections

    MSSQL Extension for VS Code 1.34.0 Deepens Copilot Agent Mode, Adds Colour‑Coded Connections

    The Azure SQL team has released version 1.34.0 of the MSSQL extension for Visual Studio Code, a cross‑platform tool for developing against SQL Server, Azure SQL Database and SQL Database in Fabric. Carlos Robles, Principal Product Manager at Microsoft, explains that the update continues the extension’s goal of making SQL development conversational, visual and local by improving Copilot Agent mode, adding colour-coded connections, streamlining local container workflows and polishing the Schema Designer.

    The previous release introduced GitHub Copilot Agent mode, a chat‑based assistant that can perform database tasks. Version 1.34.0 deepens this integration. The agent can now change databases, list schemas, tables, views and functions, show connection details, list all databases on a server and run queries directly from the chat assistant. In this version, Copilot goes beyond code suggestions to execute secure database actions using natural language or built‑in tools. Each action (e.g., connect, disconnect, change database, list servers or run query) is surfaced through the Agent Tools panel and requires user confirmation. This secure confirmation workflow ensures that Copilot never runs database tasks without explicit approval.

    The update introduces colour-coded connections to help developers navigate multiple environments. Users can assign a custom colour to any saved connection profile and see it reflected in the VS Code status bar. Group‑based colouring allows teams to align on conventions, and the length of the colored indicator is configurable. This feature was contributed by a community member @bathetrade.

    Local SQL Server containers, introduced in v1.33, let developers spin up SQL Server 2025 containers without running Docker commands. Version 1.34 builds on this by allowing containers to be assigned to connection groups and providing more flexible profile management. A streamlined wizard helps developers create containers faster, and containers can be started, stopped, or deleted from the connection panel. The previous release’s highlights included automatic port conflict detection and support for specifying container names, hostnames and versions. Those capabilities remain in this version.

    Lastly, for the database schema designer, still in public preview, an update now displays foreign‑key icons correctly and refines filter behaviour so that table relationships are easier to understand.

    Developer reactions to the update are mixed. In the comment section of Microsoft’s blog, Matthew Arp expressed frustration that Microsoft had killed Azure Data Studio and argued that colour-coded connections are not a compelling replacement for the richer features of that desktop tool. On the Visual Studio Marketplace, several reviewers similarly criticised the extension’s feature gap with Azure Data Studio and reported issues. One user wrote that the gap is astonishing and said the extension is nearly non‑functional for his workflow. Some reviewers offered praise: Alberto Peralta Ramos noted that he prefers the VS Code SQL integration over SQL Server Management Studio and Mark Douglas said the extension does the job fine, even though he dislikes the new results UI and keeps using version 1.24.

    As with previous releases, the extension is open source under the MIT License and accepts contributions via GitHub. The extension has accumulated over 8 million installs and around 1.7k GitHub stars, indicating significant community interest.


    Continue Reading

  • World’s first artificial tongue ‘tastes and learns’ like a real human organ

    World’s first artificial tongue ‘tastes and learns’ like a real human organ

    Scientists have created the first artificial tongue that can sense and identify flavors entirely in liquid environments — mimicking how human taste buds work.

    The achievement, described July 15 in the journal PNAS, could lead to automated systems for food safety and early detection of diseases via chemical analysis, the researchers say.

    Continue Reading

  • Great white shark DNA study mystifies scientists

    Great white shark DNA study mystifies scientists

    Within each of our cells we have two kinds of DNA. We are most familiar with ‘nuclear DNA’, which is what most people mean when they talk about DNA. This DNA is inherited from both parents, and contains the code for almost everything we need to function.

    The other type of DNA is called ‘mitochondrial DNA’. As opposed to nuclear DNA, mitochondrial DNA is inherited only from the mother. This DNA is found inside special structures in our cells called mitochondria. Mitochondria generate energy from the food we eat, and mitochondrial DNA contains code that programmes them to do this.

    Scientists can use both nuclear and mitochondrial DNA to understand the evolutionary history of a species. They do this by looking, for example, at how similar DNA of the same type is between populations. If DNA between populations is very different, this suggests that the populations have not interbred much in the past. If it is very similar, this suggests that populations have interbred, and/or are currently interbreeding.

    Usually, both nuclear DNA and mitochondrial DNA tell the same evolutionary story. But sometimes, they tell opposing stories. This is called ‘mitonuclear discordance’.

    An example of mitonuclear discordance is where nuclear DNA is very similar between some populations, suggesting that those populations regularly interbreed, while mitochondrial DNA is very different between those populations, suggesting that those populations do not mix. This is a pattern seen in several shark species.

    For a long time, scientists thought that mitonuclear discordance in these shark species was due to a difference in mating behaviour between the sexes. Females tend to breed in the place they were born, while males tend to roam around and breed wherever they can. This means that nuclear DNA, inherited from both males and females, becomes well-mixed across populations, but mitochondrial DNA, which is inherited only from females, remains specific to each population.

    A recent study on great white sharks has thrown this theory up in the air, though.

    Differences between the nuclear and mitochondrial DNA of white sharks, once thought to be caused by their migration patterns, is likely caused by another — as of yet unknown — factor, say the researchers. Credit: Greg Skomal

    In the new study, the researchers first confirmed what previous research has found: that in great white sharks, nuclear DNA suggests some populations interbreed, while mitochondrial DNA suggests these populations do not mix much. Then, using state-of-the-art simulations, they tested the theory that this mitonuclear discordance is because females breed where they are born while males do not. They found no support for this theory.

    Female great white sharks do tend to breed where they are born, and males do tend to roam around, but this does not explain the opposing stories their DNA tells.

    Now that we know that the mating behaviour of the sexes is not the cause of mitonuclear discordance in great white sharks, the research team suggest we need to rethink this assumption across shark species.

    “We would like to dig more into the potential selective processes shaping the mitonuclear discordance,” lead author of the study, Romuald Laso-Jadarta, tells BBC Widlife. This would require more data, which means more wild great whites need to be sampled.

    Until that happens, there aren’t any other theories to really sink our teeth into. All we know is that something a bit fishy is going on with shark DNA, and more research needs to done to figure out why.

    Top image: great white shark. Credit: Getty

    More amazing wildlife stories from around the world

    Continue Reading