Breaking AI & Tech News Analyzed

The UK's Competition and Markets Authority (CMA) has initiated investigations into five companies, including Autotrader and Just Eat, due to concerns about their handling of online reviews. The CMA is examining whether these companies have failed to adequately address fake and misleading reviews on their platforms. The investigations focus on several key issues: Autotrader and Feefo are being looked into for potentially excluding one-star reviews from being published; Dignity is under scrutiny for allegedly asking staff to write positive reviews; Just Eat is being investigated for possibly inflating star ratings; and Pasta Evangelists is accused of offering discounts in exchange for five-star reviews. CMA Chief Executive Sarah Cardell emphasized the importance of genuine reviews, stating, 'Fake reviews strike at the heart of consumer trust – with many of us worrying about misleading content when looking at reviews online.' The CMA has not yet reached any conclusions but aims to ensure that companies comply with UK consumer law. The investigations bring the total number of businesses under review to 14. If the CMA finds that a company has broken the law, it can enforce changes and impose fines of up to 10% of global turnover. The UK consumer body Which? has highlighted that 89% of people rely on reviews when making purchasing decisions, underscoring the significance of this issue. The CMA's new powers under the Digital Markets, Competition and Consumers Act allow it to address unfair practices related to online reviews without needing to go to court. This crackdown is part of a broader effort to protect consumers and maintain trust in online marketplaces.

The reintroduction of beavers in Dorset has shown promising results, with the animals building a 35-metre dam and creating a deep, wildlife-rich pool. By coppicing trees, they have allowed more light in and improved habitats for plants, insects, amphibians, birds, and bats.Trail cameras have captured footage of an otter fishing in the pond, as well as a barn owl hunting there. Volunteers have spotted birds including redpolls and water rails. The cameras also captured footage of two of the beavers mating, indicating they have settled in their new home and that there could be kits this summer.Despite some hitches, including the death of a male beaver and the relocation of a female, the western pair of beavers has been busy doing their engineering work. The National Trust, which is in charge of the project, said it was thrilled with the progress, highlighting the astonishing effect on the ecosystem in a relatively short time.Gen Crisford, the National Trust's wetlands project officer, said setbacks were inevitable but expressed hope for a 'happy ever after moment' with the western pair. The project allows for the release of 10 to 25 adult beavers, with the next release expected to take place this autumn.

The US and Israel are intensifying their military campaign against Iran, with Senator Marco Rubio stating that the operation is expected to conclude in 'weeks, not months'. The conflict escalated with a surprise strike on 28 February that killed Iran's supreme leader, Ali Khamenei.Despite Iran's defiance and denial of negotiations, the US and Israel continue to target Iran's nuclear facilities and military sites. Israel's defence minister, Israel Katz, warned that attacks against Iran will 'escalate and expand' to additional targets and areas that assist the regime in building and operating weapons against Israeli citizens.The conflict has significant economic implications, with the Strait of Hormuz, a strategic waterway through which a fifth of the world's oil is usually shipped, being a key point of contention. The US has ordered thousands of marines and elite airborne troops to the region, possibly in preparation for a military effort to forcibly reopen the waterway.Iran has threatened to attack Saudi Arabia's Red Sea port of Yanbu and the Fujairah oil complex in the United Arab Emirates if a ground invasion takes place. The US president, Donald Trump, has issued an ultimatum to Iran, demanding that it allow free passage of shipping through the strait by 6 April or face the destruction of its energy plants.The conflict has resulted in significant casualties, with over 1,900 people killed and 20,000 injured in Iran, and 19 people killed in Israel. The humanitarian crisis in Lebanon has worsened, with a fifth of the population displaced and nearly 1,100 people killed.The G7 foreign ministers have reiterated the need for safe and toll-free freedom of navigation in the Strait of Hormuz and called for an immediate cessation of attacks against civilians and civilian infrastructure.

The Indian Premier League (IPL) is set to resume, bringing with it a mix of lucrative opportunities and controversy. England's Jos Buttler is among those looking to make an impact, having struggled with form at the recent T20 World Cup. Buttler, who plays for Gujarat Titans, is England's most successful export to the IPL, with seven hundreds in 121 games for three different teams.Buttler's teammate Kevin Pietersen has shared his own experiences of playing in the IPL, revealing that the league saved his career by allowing him to build lasting relationships. Pietersen, who played 36 IPL matches, expressed his joy at the riches enjoyed by modern players, saying, "If you got paid $50m tomorrow to go and play cricket in Saudi Arabia, I'd be so happy for you."The IPL has also been marred by controversy, including political tensions between India and Pakistan. The tournament's impact extends beyond the field, with 12 England players set to participate. However, the event is also overshadowed by the tragic crowd crush at the Chinnaswamy Stadium in Bengaluru last June, which resulted in 11 deaths.In related news, Royal Challengers Bengaluru (RCB) has been sold for £1.33 billion to a consortium featuring private equity group Blackstone. The team will begin the season against Sunrisers Hyderabad on Saturday, with Buttler and his teammates aiming to make a strong impression.

Lloyds Banking Group has suffered a significant data breach, exposing personal information of nearly 500,000 customers. The incident occurred due to an IT glitch in its mobile banking apps, which allowed some users to view others' account details, national insurance numbers, and payment references. The glitch, caused by a software defect introduced during an IT update on March 12, potentially affected up to 447,936 customers. Approximately 114,182 people ended up clicking into transactions that revealed sensitive information. Lloyds reported the incident to the Financial Conduct Authority and the Information Commissioner's Office within the required 72 hours. The bank has assured that there is currently no evidence of misuse or malicious activity. The incident raises concerns about customer protections in the digital banking era, especially as banks continue to close branches and push users towards online services. Lloyds has paid £139,000 to compensate 3,625 customers for distress and inconvenience, although no financial losses were reported. The Treasury committee chair, Meg Hillier, emphasized the trade-off between convenience and security in modern banking, stating that consumers must understand the risks associated with online interactions. Lloyds will provide further updates on the incident to the committee in April and September, and is committed to addressing its responsibilities towards affected customers.

The Coruna and DarkSword Threat For years, the prevailing narrative among iPhone security experts was that breaking through Apple's defenses was a rare, high-barrier event requiring significant resources. However, recent investigations by Google, iVerify, and Lookout have shattered this assumption. Researchers have documented broad-scale hacking campaigns utilizing two specific tools, Coruna and DarkSword, which have been used to target victims globally who are not running the latest software updates. Attack Vectors: Hackers are compromising legitimate websites and creating fake pages to deliver spyware. Key Actors: Involvement of Russian spies and Chinese cybercriminals. Tool Availability: The source code for these tools has leaked online, allowing anyone to launch attacks against older iPhones. The Two-Tier iPhone Security Landscape The discovery of Coruna and DarkSword highlights a critical data point in the current security ecosystem: the existence of two distinct classes of iPhone users. This bifurcation is driven by the introduction of Memory Integrity Enforcement in iOS 26, a feature designed to prevent memory corruption bugs—the very vulnerabilities exploited by DarkSword. Class A (Secure): Users on the latest iPhone 17 models running iOS 26 are protected by memory-safe code and Lockdown Mode, making them resistant to these specific memory-based hacks. Class B (Vulnerable): Users running iOS 18 or older versions remain exposed to memory corruption attacks, as these older systems lack the new safety enforcement layers. Challenging the 'Rare Hack' Myth The widespread use of these leaked tools suggests that spyware attacks are becoming more common and less exclusive. This shift is fueled by a thriving "second-hand" market for exploits, where brokers resell vulnerabilities before they are patched. Experts argue that the rarity of iPhone hacks has been overstated simply because they are rarely documented. As noted by Patrick Wardle, the baseline capability for such attacks is now accessible to a wider range of actors, moving beyond state-sponsored actors to include cybercriminals. The End of the 'Rare Hack' Era The future of mobile security appears to be one of continuous escalation. With the code for Coruna and DarkSword now public, the barrier to entry for launching attacks against older devices has lowered significantly. This indicates that memory-based exploits will continue to plague lagging users, and the market for exploit development will likely expand as brokers seek to monetize vulnerabilities before updates are applied.

North Korean leader Kim Jong Un and Belarusian President Alexander Lukashenko have signed a friendship treaty aimed at deepening ties between their countries. Both leaders are close allies of Russian President Vladimir Putin.The treaty was signed on Thursday during Lukashenko's two-day trip to Pyongyang. He told Kim that relations between their countries were entering a 'fundamentally new stage', according to the Belarusian state news agency Belta.Lukashenko emphasized the need for independent countries to cooperate closely in today's global transformation, where global powers often ignore and violate international law. Kim expressed opposition to undue pressure on Belarus from the West.The North Korean leader gave Lukashenko a lavish welcome, including a white-horsed cavalry, flag-waving children, and a 21-cannon salute. Both nations have backed Russia's war in Ukraine.Kim has reportedly provided Moscow with ammunition and sent soldiers to help Russia expel Ukrainian forces from its western region of Kursk in 2024. Lukashenko allowed Belarus to be used as a launchpad for Russia's invasion in February 2022 and has agreed to allow Russian tactical nuclear missiles on its territory.The Belarusian leader, in power since 1994, is politically and economically dependent on Putin. North Korea and Belarus conduct a small volume of trade but share long experience of surviving under international sanctions. North Korea has been sanctioned due to its nuclear and ballistic missile programs, and Belarus over its human rights record and backing for Putin in Ukraine.

The Dual Threat: Coruna and DarkSwordSecurity researchers have identified two distinct but equally dangerous hacking toolkits, Coruna and DarkSword, that have leaked onto the open web. These advanced exploit kits, capable of breaking into iPhones and iPads, were originally developed for high-level government surveillance but are now available for anyone to download.Coruna: Targets iOS 13 through 17.2.1. Linked to Trenchant, a unit within U.S. defense contractor L3Harris, and previously used in Operation Triangulation against Russian targets.DarkSword: Targets iOS 18.4 and 18.7. Leaked on GitHub, making it "plug-and-play" for cybercriminals.The Scale of VulnerabilityThe scale of this exposure is staggering. According to Apple's statistics, nearly one-in-three iPhone and iPad users are still not running the latest software. With over 2.5 billion active devices globally, this implies hundreds of millions of users are susceptible to these attacks.DarkSword is particularly concerning because it targets newer devices running iOS 18.4 and 18.7. Researchers have already tested the leaked code, successfully hacking their own devices to demonstrate the ease of use.From State-Sponsored Espionage to Public ExploitationThis leak marks a dangerous shift in the cybersecurity landscape. Historically, sophisticated tools like Coruna were the domain of state-sponsored actors targeting specific regions, such as the Uyghurs in China or activists in Hong Kong.However, the release of DarkSword represents a move toward indiscriminate cybercrime. The tool is written in web languages like HTML and JavaScript, allowing attackers to launch attacks simply by hosting a malicious website. Victims in China, Malaysia, Turkey, Saudi Arabia, and Ukraine have already been targeted.The Future of Zero-Day WeaponizationThe leak of these tools mirrors the infamous 2017 WannaCry ransomware attack, which was fueled by leaked NSA exploits. Once powerful zero-day vulnerabilities are released into the wild, they are nearly impossible to fully contain.Experts recommend immediate action: users must update to iOS 18.7.6 or iOS 26.3.1. For high-risk individuals, enabling Lockdown Mode remains the most effective defense, as there is currently no public evidence of hackers bypassing its protections.

Tractor FC from Iran is set to travel to Saudi Arabia for a crucial playoff match against Shabab Al-Ahli of Dubai. The winner of this match will advance to the Asian Champions League Elite quarterfinals to face Buriram United of Thailand. The Asian Football Confederation (AFC) recently conducted the draw for the quarterfinal pairings. This comes after the western zone playoffs were postponed due to the ongoing conflict in the Middle East and have been rescheduled for April 13-14 in Jeddah, Saudi Arabia. The Saudi city of Jeddah will also host the tournament quarterfinals, semifinals, and final from April 16 to 25. The AFC is hopeful that the situation in the region will calm down, allowing the matches to proceed as planned. “We all want to play matches as soon as possible. So, hopefully we’re able to finish fixtures in April as we have planned,” said AFC general secretary Windsor John. “We’re hoping that things will calm down very soon.” Other notable matches include Vissel Kobe (Japan) facing the winner of the playoff between Al-Hilal (Saudi Arabia) and Al-Sadd (United Arab Emirates). Defending champions Al-Ahli Saudi will play Al-Duhail (Qatar) for a spot in the quarterfinals against Johor Darul Ta’zim (Malaysia). The AFC Champions League Two and AFC Challenge League quarterfinals have also been postponed and will be played on April 19 and 22 at centralized venues yet to be announced. Cristiano Ronaldo’s Al-Nassr is among the teams competing in the Asian Champions League Two.