Every new car sold in the European Union will soon include anti-speeding technology known as intelligent speed assistance, or ISA. The EU regulation (part of the broader General Vehicle Safety Regulation) goes into effect today, and states that all new models and types of cars introduced to the European market must include an ISA system. The policy doesn’t apply to any new cars that are in showrooms today — at least, not yet. By July 2024, every new car sold in the EU must have a built-in anti-speeding system.

“The roll out of ISA is a huge step forward for road safety and has the potential to dramatically reduce road traffic injuries and fatalities. Car manufacturers now have the opportunity to maximise the potential ISA presents for creating safer roads for all,” said the European Commission in a press release.

For those unfamiliar with ISA, the term describes a whole raft of systems that can detect road speed limits via front-mounted cameras, GPS data or both. Depending on the specific ISA and how it's configured by the driver, the technology can provide reminder feedback about the speed limit, automatically adjust cruise control to match the road's speed or even reduce power to the motor to slow speeding vehicles.

Many drivers in Europe are already using ISA-equipped vehicles, and major automakers such as Honda, Ford, Jeep and Mercedes-Benz sell certain models with these systems in the European market. According to a projection by the EU-funded PROSPER, a scenario such as this one, where ISA becomes mandated, could result in between 26 and 50 percent fewer fatalities.

As Autocar notes, ISA technology still isn’t perfect. During one test, the ISA system was occasionally “slow to respond” and at one point set the speed limit at 60 mph while driving through a quiet English village.

Attorney General Merrick B. Garland has revealed that the United States secretly removed malware from computer networks around the world over the past few weeks to pre-empt Russian cyberattacks. As The New York Times reports, Garland's announcement comes shortly after the White House warned companies that Russia could attack critical infrastructure in the country, such as financial institutions and the electric grid. Apparently, the malware the US removed enabled the intelligence arm of the Russian military called the GRU to create botnets out of the infected computer networks. 

According to the Justice Department, the malware was designed to infect firewalls and made the compromised networks part of a botnet called Cyclops Blink. It's controlled by Sandworm, a notorious group that the US government had previously connected to the GRU. Cyclops Blink is Sandworm's latest known botnet, and it only came to light back in February. It's still unclear what Russia was planning to do with the hijacked computers, but botnets are typically used to perform large-scale Distributed Denial of Service (DDoS) attacks, as well as to send spam and to compromise sensitive information. 

In its press release, the DOJ said the FBI notified owners of infected devices in the US before Cyclops Blink was identified in February 23rd. It also notified companies outside the country through local law enforcement partners. However, US authorities didn't want to wait to find out what the botnet would be used for. 

The Justice Department and the FBI obtained secret court orders in the US and secured the help of governments worldwide to quietly remove the malware from infected devices. Those court orders even gave them the power to remotely remove the malware from American companies' networks without their knowledge. After the feds disinfected the compromised machines, they also closed the external management ports Sandworm was using for access.

Over the past months, the Biden administration has been exposing as much intelligence on Russia as possible without giving away its actions to catch Putin off guard. This disclosure is just its latest effort to send a message to the Russian president. The fact that Sandworm infiltrated networks around the world to create a botnet just shows, however, that there's a cyber warfare going on that might end up affecting countries other than Ukraine. If you'll recall, a major cyberattack took down Ukraine's government websites before the Russian invasion of the country began. Ukraine's government, as well as US and UK authorities, blamed the attacks on the GRU.

If you’re playing through Elden Ring on PC, you may want to disable the game’s online functionality for the time being. According to a Reddit report spotted by Eurogamer, some malicious individuals have found a hack that can send PC players into an endless death loop.

You can see the exploit in action in a video posted by Elden Ring Update on Twitter. A hacker will invade your game and use a specific ability that forces Elden Ring to crash. When you reload your save, your character will repeatedly fall to their death. Elden Ring is a big game, and some players have reported losing as much as 100 hours of gameplay in this way.

If all of this sounds familiar, it’s because FromSoftware was recently forced to disable Dark Souls 3’s multiplayer features after a hacker identified a vulnerability within the game that allowed them to execute code remotely. The studio has been working to address the issue since February.

FromSoftware and Bandai Namco have yet to comment on the exploit. We’ll update this article when they say something on the matter. In the meantime, your best bet is to play offline. Failing that, you’ll want to regularly backup your save in case someone uses the exploit on one of your characters. In the worst-case scenario, it’s possible to salvage a save, but the process isn't easy. You need to press Alt F4 before your character dies, and then quickly fast travel to a Site of Grace when you reload the game.  

Gran Turismo 7's dependence on an internet connection is coming back to haunt the developers. Eurogamernotes players are review bombing the PlayStation racing sim on Metacritic after Polyphony Digital and Sony extended maintenance beyond 24 hours to deal with the faulty 1.07 patch. As you need online access to play the core GT mode, some gamers are furious — the average Metacritic user review score sat at 3.6 as of this writing.

This isn't the only gripe. Some players are less than thrilled with the presence of microtransactions in Gran Turismo 7, and have accused the creators of making it harder to obtain new cars and upgrades without spending real money. Other players have asked for full refunds.

It's not clear when GT7 will go back online. Polyphony said only that it would provide a completion time "as soon as possible." We've asked Sony for comment. It's safe to presume the producers will want to restore service quickly, though. While the review bombing will only do limited damage to a well-known game that has already been available for weeks, it won't look good if one of the PlayStation 5's marquee games isn't even playable during the weekend.

Almost five years since it released its first security camera, Wyze is putting the device out to pasture. The company says it will retire Wyze Cam v1 on February 1st, because the camera is unable to support a required security update.

Wyze told customers in an email that they'll still be able to use the camera after the end of this month, but it won't "sell, improve or maintain" it as of February 1st. The company added that "your continued use of the Wyze Cam v1 after February 1, 2022 carries increased risk, is discouraged by Wyze and is entirely at your own risk," though it didn't offer more details.

As a thank you for buying its first product, Wyze offered customers a coupon for $3 off their next camera. The Wyze Cam v3 typically costs $36.

Earlier this month, Wyze announced a pay-what-you-want plan for its cameras. Users will need to opt into the new Cam Plus Lite service (which they don't need to pay for) or the Cam Plus plan to retain access to cloud storage features as of February 15th. It's unclear whether this change played a role in the decision to retire Wyze Cam v1. 

Engadget has contacted Wyze for comment. 

Thanks, Scott!

Disney+ will come to more parts of the world this summer. On Wednesday, Disney announced the streaming service will expand to 42 additional countries and 11 new territories in the second half of the year. The full list is below, but some of the more notable places where the platform will arrive include South Africa and Poland. Disney didn’t say exactly when it plans to launch the service in each country and territory, nor did it share details on regional pricing. Expect those to come at a later date. 

Disney+ is currently available in 64 countries globally, including the US, UK and Canada. The announcement of an imminent expansion comes after Disney added fewer than expected subscribers during its final fiscal quarter of 2021. Some analysts had predicted the company would add as many as 9.4 million new paying users before the end of the year, but the company instead managed to attract a more modest 2.1 million subscribers. Despite missing Wall Street estimates, Disney said at the time it was still confident it could secure 230 million users before the end of 2024. At the end of 2021, the service had 118 million subscribers globally. 

Here's the full list of countries where the service is expanding to this summer: Albania, Algeria, Andorra, Bahrain, Bosnia and Herzegovina, Bulgaria, Croatia, Czech Republic, Egypt, Estonia, Greece, Hungary, Iraq, Israel, Jordan, Kosovo, Kuwait, Latvia, Lebanon, Libya, Liechtenstein, Lithuania, Malta, Montenegro, Morocco, North Macedonia, Oman, Palestine, Poland, Qatar, Romania, San Marino, Saudi Arabia, Serbia, Slovakia, Slovenia, South Africa, Tunisia, Turkey, United Arab Emirates, Vatican City and Yemen.

As for territories, the list is as follows: Faroe Islands, French Polynesia, French Southern Territories, St. Pierre and Miquelon Overseas Collective, Åland Islands, Sint Maarten, Svalbard & Jan Mayen, British Indian Ocean Territory, Gibraltar, Pitcairn Islands and St. Helena.

Google researchers have described NSO Group's zero-click exploit used to hack Apple devices as "incredible and terrifying," Wired has reported. Project Zero researchers called it "one of the most technically sophisticated exploits we've ever seen" that's on par with attacks from elite nation-state spies. 

The Project Zero team said it obtained one of NSO's Pegasus exploits from Citizen Lab, which managed to capture it via a targeted Saudi activist. It also worked with Apple's Security Engineering and Architecture (SEAR) group on the technical analysis.

NSO's original exploit required the user to click on a link, but the latest, most sophisticated exploits require no click at all. Called ForcedEntry, it takes advantage of the way iMessage interprets files like GIFs to open a malicious PDF file with no action required from the victim. It does so by using old code from the 1990s used to process text in scanner images.

Once inside a device, the malware can set up its own virtualized environment and run javascript-like code, with no need to connect to an outside server. From there, it gives an attacker access to a victim's passwords, microphone, audio and more. The exploit is extremely hard to detect and is "a weapon against which there is no defense," Project Zero researchers said.

Apple recently filed a lawsuit against the group to "hold it accountable" for governments using it to spy on iOS users. Apple alleged that targets are often activists, journalists and other critics of regimes that routinely suppress political dissent. It also accused NSO of "flagrant violations" of federal- and state-level laws in the US. Last month, the US Department of Commerce added NSO Group to its "entity list", essentially banning it for use in the US.

A UK appeals court has reversed a previous ruling that Wikileaks founder shouldn't be extradited to the US due to mental health concerns, the Associated Press has reported. The decision opens the door for Assange to be extradited to the US, where he'd face charges of espionage over Wikileaks' publication of government documents. 

Lower court Judge Vanessa Baraitser originally ruled that the US criminal justice system presented a risk to Assange's physical wellbeing. "The overall impression is of a depressed and sometimes despairing man, who is genuinely fearful about his future," the judge ruled in January. "For all of these reasons I find that Mr. Assange’s risk of committing suicide, if an extradition order were to be made, to be substantial."

In its appeal, however, the US government argued that Assange had no history of "serious and enduring mental illness" that would suggest any risk of self-harm. US lawyers also told British judges that if they extradited Assange, he could serve his US prison sentence in his home country of Australia. 

The High Court in London decided that those assurances were enough to guarantee Assange would be treated humanely. The final decision for his extradition is now in the hands of the UK home secretary, though Assange has the option of appealing. Assange's camp has argued that his work constitutes journalism and so his extradition would be a violation of press freedom.

The US government indicted Assange on 17 espionage charges along with one charge of computer misuse over Wikileaks' publication of leaked military and diplomatic documents. The maximum penalty is 175 years in prison, though US lawyers said "the longest sentence ever imposed for this offense is 63 months." Assange was denied bail for risk of flight and is being held at London’s high-security Belmarsh Prison.