SP-Life

SP Lover's notes

SSPAI Morning Brief: Google Launches AI Skills in Chrome as WordPress Security Breach and SEO Crackdown Intensify

,

少数派编辑部

Morning Brief

  1. Bambu Lab X2D officially released
  2. Microsoft raises prices across the entire Surface lineup again
  3. Sony unveils the Inzone M10S II gaming monitor and new audio accessories
  4. Samsung announces 2026 Micro RGB TV lineup
  5. Blackmagic releases DaVinci Resolve 21 with support for still photo editing
  6. Google Chrome introduces Skills feature
  7. Google announces crackdown on back button hijacking
  8. Numerous WordPress plugins found with backdoor injections
  9. Kingsoft Antivirus and 360 Security Guard exposed for critical kernel driver vulnerabilities
  10. News Worth a Quick Look

Bambu Lab X2D officially released

On April 14, Bambu Lab officially unveiled the X2D. The Bambu Lab X2D features a lighter and more efficient dual-nozzle mechanical structure, along with dual air-intake cooling, active chamber temperature control, and Bambu Lab’s self-developed permanent magnet synchronous servo motor system. These upgrades significantly improve the stability of high-flow extrusion, resulting in more stable overhangs and smoother bridging for complex structures, while also ensuring the strength and flatness of large engineering models. Prints made with Bambu Lab’s basic PLA and PETG materials using the X2D have received UL 2904 indoor air quality certification. The printer also supports AI-powered pre-print inspection and real-time monitoring during printing.

The standalone X2D is priced at RMB 3,999, while the multi-color combo is priced at RMB 5,499, with eligibility for national subsidies. Source

Microsoft raises prices across the entire Surface lineup again

On April 15, Microsoft announced price increases for its Surface laptops and tablets. The adjustment is driven by rising costs associated with increased demand for memory and related components due to generative AI. The starting price of the 15-inch Surface Laptop 7 has increased from last year’s adjusted price of $1,500 to $1,600 (it was originally priced at $1,300 at launch in 2024). The top-tier configuration, featuring a Snapdragon X Elite processor, 64GB of RAM, and a 1TB SSD, now costs $3,650. The Surface Pro lineup has also been adjusted: the 12-inch version’s starting price has risen from $800 to $1,050, while the 13-inch version has increased from its launch price of $1,000 to $1,500. Source

Sony unveils the Inzone M10S II gaming monitor and new audio accessories

On April 15, Sony announced the Inzone M10S II gaming monitor along with a lineup of audio peripherals. The Inzone M10S II features a 24.5-inch LG fourth-generation Tandem WOLED panel, supporting a 540Hz refresh rate at 2K resolution, or an ultra-fast 720Hz mode when resolution is lowered to 720p. It offers a response time as low as 0.02ms, and includes a new motion blur reduction algorithm with integrated Black Frame Insertion (BFI), strong anti-glare performance, and an adjustable stand with a tilt range from -5 to 35 degrees.

The Inzone H6 Air open-back wired headset is developed based on the MDR-MV1 reference headphones, weighs 199 grams, and comes with a USB-C adapter supporting virtual 7.1 surround sound and 360-degree spatial audio. Sony also introduced a Glass Purple version of its Inzone true wireless earbuds and Fnatic co-branded accessories. The Inzone H6 Air is priced at $200, while the M10S II monitor is priced at $1,100, with availability expected later this year. Source

Samsung announces 2026 Micro RGB TV lineup

On April 14, Samsung unveiled its 2026 Micro RGB TV series, including the R95H and R85H product lines. The entire lineup uses 4K Micro RGB display technology, featuring minimized color bleed and enhanced color accuracy through red, green, and blue LEDs. It is equipped with a dedicated AI processor for color calibration and motion compensation, and supports the HDR10+ Advanced standard co-developed by Samsung. The high-end R95H models feature anti-reflection technology and a 165Hz refresh rate, while the R85H models support up to 144Hz. The series includes Dolby Atmos audio, Q-Symphony technology (supporting pairing with up to five audio devices), and an integrated Art Store.

In terms of pricing, the R85H series starts at $1,600, with the 85-inch model priced at $4,000. The R95H series starts at $3,200 for the 65-inch version and $6,500 for the 85-inch model, with a 100-inch version expected later this year. Source

Blackmagic releases DaVinci Resolve 21 with support for still photo editing

On April 13, Blackmagic Design released a major update to DaVinci Resolve 21, introducing a dedicated Photo page designed for still image editing, supporting node-based color grading workflows and DaVinci control panels. The new version also deeply integrates AI features, including IntelliSearch for identifying faces and specific objects, CineFocus for simulating bokeh and focus reconfiguration, and a suite of facial enhancement tools such as Face Reshaper, Face Age Transformer, and Blemish Removal. Additional upgrades include a keyframing system supporting four-point Bézier curves, the Krokodove library with over 70 new graphics tools, support for OGraf HTML and Lottie animations, as well as Fairlight audio track folding and audio-driven Animator modifiers. On the technical side, it updates to USD SDK 25.11, adds support for gaze-based rendering for Apple Immersive, and ensures compatibility with Meta Quest and YouTube VR formats.

The DaVinci Resolve 21 public beta is now available for free download on the official website. Source

Google Chrome introduces Skills feature

On April 15, Google announced the rollout of a new Skills feature in the desktop version of Chrome. This feature allows users to save frequently used Gemini prompts as reusable shortcuts across sessions. When logged in, users can type a slash (/) or click the plus button to instantly run custom prompts or presets from the official Skills repository. The execution process supports cross-tab data access, while actions such as writing to calendars or sending messages still require a secondary security confirmation. The feature is now being rolled out for free to Chrome users whose language is set to U.S. English and who have Gemini enabled. Source

Google announces crackdown on back button hijacking

Google announced that starting June 15, it will officially classify back button hijacking as a malicious behavior and launch a targeted crackdown. Back button hijacking manipulates browser history so that when users click the back button, they are unable to return to the previous page (typically search results) and are instead redirected to content recommendation pages, pop-ups, or specific social feeds, artificially boosting page views. To address such behavior—which disrupts user expectations and leads to inconsistent search experiences—Google stated it will deploy both automated and manual anti-abuse measures. Violating sites will face significant ranking penalties. Affected websites and developers using third-party ad libraries or plugins with such logic must complete rectifications before the June 15 deadline. Source

Numerous WordPress plugins found with backdoor injections

On April 14, dozens of plugins developed by WordPress plugin vendor Essential Plugin were found to contain backdoor code, leading to their large-scale removal. According to sources, these plugins had accumulated over 400,000 installations and affected more than 20,000 active WordPress sites. The compromised plugins originated from a malicious acquisition last year, after which backdoor code was inserted following a change in ownership. The code remained dormant in deployed instances for several months before being activated earlier this month. All affected plugins have now been permanently removed from the official WordPress directory, and users are advised to immediately check and uninstall any related components manually. Source

Kingsoft Antivirus and 360 Security Guard exposed for critical kernel driver vulnerabilities

On April 13, security researcher Patrick Saif (@weezerOSINT) revealed via social media that two major antivirus software products—Kingsoft Antivirus and 360 Security Guard—contain critical vulnerabilities in their kernel drivers. In Kingsoft Antivirus, the kdhacker64_ev.sys driver allocates only half the required buffer size when processing user input, allowing 1,160 bytes of data to be written into a 584-byte space, directly causing a 512-byte kernel pool overflow. Because the driver carries a valid EV signature, attackers can exploit this vulnerability to gain full control of the system.

In 360 Security Guard, the DsArk64.sys driver allows a 4-byte process ID to be passed via an IOCTL interface and then calls ZwTerminateProcess at Ring 0 to forcibly terminate any process, even bypassing the Protected Process Light (PPL) mechanism. More critically, its kernel read/write functionality uses AES-128-CBC encryption with the decryption key hardcoded in the .data section of the binary, and the same key is used across all versions. The driver has also passed WHQL certification.

Both vulnerabilities have been submitted to the LOLDrivers database but have not yet been assigned CVE identifiers and are not included in the HVCI blocklist. Exploitation of these flaws allows attackers to escalate privileges from a standard user to SYSTEM level, bypass KASLR, steal kernel credentials, and even modify kernel callback tables to conceal malicious activity. Given that the drivers carry EV or WHQL signatures, attackers can load malicious extensions without needing to install software on the target machine. Source

News Worth a Quick Look

  • The Motorola Razr 70 Ultra is rumored to continue using the Snapdragon 8 Elite chip from the previous generation, with the only major upgrade being an increase in battery capacity from 4700 mAh to 5000 mAh. Source
  • Google announced that it will integrate a Rust-based DNS resolver component into the modem of the Pixel 10 series. This approach aims to address frequent remote code execution (RCE) vulnerabilities found in Exynos modems by replacing legacy parsing logic with 371KB of high-performance, non-garbage-collected memory-safe code embedded within existing C/C++ firmware. Source
  • On April 15, Google officially released the Gemini desktop app for Windows 10 and later. It supports launching via the Alt + Space shortcut, integrates an AI mode capable of retrieving web information, and enables deep search across local files, installed applications, and Google Drive data. It also includes screen-based search powered by Google Lens. The Gemini app for Windows is now available globally, with the initial version supporting English only. Source
  • Chicago-based music enthusiast Aadam Jacobs has donated over 10,000 rare live performance tapes—recorded since the 1980s—to the nonprofit digital library Internet Archive for digitization. The collection includes a 1989 Nirvana performance as well as unreleased recordings from influential artists such as Sonic Youth, R.E.M., Phish, Liz Phair, Pavement, and Neutral Milk Hotel, along with numerous punk bands. The digitization process is handled by volunteers including Brian Emerick, who convert analog recordings using vintage cassette decks, followed by professional audio restoration, track identification, and tagging. Around 2,500 tapes have already been processed and are now available for free streaming on the Internet Archive. Source
  • Multiple international media outlets report that the live-action film The Legend of Zelda has completed filming and is scheduled for theatrical release on May 7, 2027. Source
Tags: , , , , ,

Original Link

Leave a Reply