Oamenii de știință au capturat specia necunoscută de pește-melc la o adâncime de peste 27.000 de picioare, ca parte a unei expediții în tranșee în largul coastei Japoniei.

---

Sursa: CNN

Navigând la o adâncime de 8.336 de metri (peste 27.000 de picioare) chiar deasupra fundului mării, un pește-melc tânăr a devenit cel mai adânc pește filmat vreodată de oamenii de știință în timpul unei sonde în abisul din nordul Oceanului Pacific.

---

Sursa: CNN

window.CNN.contentModel.leadingMediaType = ‘gallery’; window.CNN.contentModel.isVideoCollection = false; function imageLoadError(img) { const fallbackImage = ‘/media/sites/cnn/cnn-fallback-image.jpg’; img.removeAttribute(‘onerror’); img.src = fallbackImage; let element = img.previousElementSibling; while (element && element.tagName === ‘SOURCE’) { element.srcset = fallbackImage; element = element.previousElementSibling; } } A baby-faced McIlroy looked primed to claim his first major title at The Masters in 2011. The 21-year-old teed off with a commanding four-shot final day lead in Augusta and, despite a shaky start, he still led by one at the turn. Yet a skewed drive into the trees at the 10th tee sparked a catastrophic collapse for the Northern Irishman, who dropped six shots over the next three holes to finish the day tied for 15th. Look through the gallery to see more of the biggest meltdowns in the history of golf. Andrew Redington/Getty Images North America/Getty Images Sam Snead, US Open (1947) With seven major championships and 82 PGA Tour victories, Snead won pretty much everything there was to win across his legendary career — except the US Open. A four-time runner up at the event, the American came within inches of capturing the elusive title in 1947. Having led Lew Worsham by two shots in an 18-hole playoff with three to play, Snead was pegged back heading into the final hole before missing his putt from inside three feet to lose. St. Louis Post-Dispatch/AP Arnold Palmer, US Open (1966) Even “The King” wasn’t immune to a meltdown. Carrying a seven-shot lead into the back nine of the 1966 US Open, Palmer looked to be strolling towards an eighth career major in San Francisco, only to bogey five of the next seven holes as Billy Casper roared back to force an 18-hole playoff. The nightmare then repeated itself for Palmer, who started strong before dropping four shots across a three-hole stretch to lose out by four strokes to Casper. Bettmann Archive/Getty Images Ed Sneed, The Masters (1979) He wasn’t related to Sam Snead, but Ed Sneed saw a major slip away in similarly catastrophic circumstances at The Masters in 1979. Three up with three to play, Sneed slumped to a trio of bogeys to fall into a sudden-death playoff at Augusta — the first time the format had been used. Debutant Fuzzy Zoeller went on to clinch a one-stroke victory over Sneed and Tom Watson. While Watson would finish his career with eight major titles, including two Masters victories, 1979 would cruelly be the closest Sneed ever got to tasting major glory. Augusta National/Getty Images Scott Hoch, The Masters (1989) Based on the distance Hoch had to putt to win the 1989 Masters, Nick Faldo had two feet in the grave. Locked in a sudden-death playoff at Augusta’s 10th hole, Faldo could only find the bunker with his approach, leaving Hoch with two bites at a 25-foot putt to win. The American’s first effort took him to within two feet of glory, only for his second to roll agonizingly around the lip of the hole. In response, an exasperated Hoch launched his putter skyward. When Faldo birdied at the subsequent hole, Hoch’s hopes of a first major win similarly went up in the air. Augusta National/Getty Images Mark Calcavecchia, Ryder Cup (1991) A traumatic meltdown with a happy ending, Calcavecchia was inconsolable after a collapse that he believed had cost his American team the 1991 Ryder Cup at Kiawah Island. Four up with four holes to play against Colin Montgomerie, the 1989 Open champion looked to be cruising to a crucial point, only to lose all four remaining holes as his Scottish opponent secured a vital half-point for Team Europe. A horrified Calcavecchia looked set to be the scapegoat of a bad-blooded tournament later dubbed “The War on the Shore,” but Germany’s Bernhard Langer spared his blushes by missing his six-foot putt that would have retained the Cup for Europe, sealing a 14 ½ – 13 ½ win for the US. Augusta National/Getty Images Greg Norman, The Masters (1996) Nicknamed “The Great White Shark,” Norman saw defeat snatched from the jaws of victory at The Masters in 1996. Having led all three rounds and carrying a six-shot lead over Nick Faldo into the final round, the Australian still had a healthy four-stroke lead over the Englishman with 11 to play at Augusta. Faldo didn’t even have to make a birdie to surge into a two-shot lead just four holes later, as Norman sunk with three straight bogeys and a double bogey. Norman bit back with two birdies over the next three holes, but his fate was sealed with another double bogey at the 16th, as Faldo cruised to his sixth major with a five-shot cushion. David Cannon/Allsport/Getty Images Jean Van De Velde, British Open (1999) A meltdown in equal parts memorable and heart-breaking, Van De Velde’s 18th hole tailspin at the 1999 British Open is one of the most famous implosions in sporting history. Having arrived at Carnoustie in Scotland as the world No. 152, Van De Velde teed off for the last time with a three-shot cushion; even a double bogey would have been enough to crown him as only the second Frenchman to lift the famous Claret Jug. What followed was the golfing equivalent of an anxiety dream, as the 33-year-old skewed his drive, hit his second shot bouncing off a grandstand into the rough, and then watched in horror as his third effort plopped into the Barry Burn. Pictures of Van De Velde — still smiling — stood ankle deep in the water weighing his options have since become the defining images of the tournament as the Frenchman, despite sinking his triple-bogey putt to force a playoff, saw his dreams of a first major usurped by Scotsman Paul Lawrie. David Cannon/Getty Images Europe/Getty Images Lorena Ochoa, US Women’s Open (2005) Ochoa secured a top-four finish at the 2005 US Women’s Open. A good display, no? Not when you led at the final hole. The Mexican arrived at the par-four 18th tee at three-under, the score of subsequent winner Birdie Kim, only to skew her opening drive into the water. The 23-year-old eventually tapped in for seven and a triple bogey, finishing the day four shots adrift of the South Korean first-time winner. Ochoa would never get as close to winning the major, but was victorious at the Women’s British Open in 2007 and the Chevron Championship in 2008. Harry How/Getty Images Phil Mickelson, US Open (2006) The US Open remains the only major Mickelson is yet to win, though not for the want of trying. A record-six-time runner-up at the tournament, “Lefty” has never come as close to breaking his duck as he did at Winged Foot in 2006 when, approaching the final hole, he just needed to make par to secure a third consecutive major win. Mickelson subsequently hit a hospitality tent and a tree en route to carding a double bogey which handed victory to Australian Geoff Ogilvy. “I just can’t believe I did that. I’m such an idiot,” Mickelson later told reporters. Ezra Shaw / Getty Images Tom Watson, British Open (2009) A five-time Open champion, Watson was a closing par away from making it six and becoming — at 59-years-old — the oldest major winner in golf history, at Turnberry, Scotland, in 2009. To this day, the American believes he hit the “perfect” approach to the 18th green, only for strong winds to whisk his shot past the flag and into long grass. Watson rallied to bogey the hole, but was comprehensively defeated by compatriot Stewart Cink in the subsequent playoff. Warren Little / Getty Images Dustin Johnson, US Open (2010) A US Open champion in 2016, Johnson would come to have happy memories of the major — eventually. The 2010 edition of the tournament at Pebble Beach left a distinctly sour taste in the American’s mouth, as Johnson saw his three-shot final day lead evaporate with a disastrous triple bogey at the second hole, from which he never recovered. A double bogey at the following hole was followed by six more across a birdie-less final round, as Johnson finished five shots adrift of Northern Ireland’s first-time major winner Graeme McDowell. Donald Miralle/Getty Images Jason Dufner, PGA Championship (2011) Bogey free after 14 holes, Dufner was a steady finish away from a first major and PGA Tour win at the 2011 PGA Championship in Atlanta. Yet after finding the water from the 15th tee, the American quickly saw his commanding five-stroke lead sink, bogeying three straight holes as rookie Keegan Bradley — who had triple-bogeyed the 15th — fired back-to-back birdies to force a playoff. Bradley completed his comeback to crush his compatriot’s dreams, but Dufner would exorcise his demons with triumph at the 2013 PGA Championship in New York. Andrew Redington / Getty Images Adam Scott, British Open (2012) When Ernie Els returned to the Royal Lytham and St. Annes clubhouse on the final day of the 2012 British Open, it looked highly unlikely the South African would be back out to lift his second Claret Jug. Yet one Scott capitulation later, “The Big Easy” was doing exactly that, as the long-time Australian leader closed with four straight bogeys to squander a four-shot lead and lose by a single stroke. Harry How / Getty Images Jordan Spieth, The Masters (2016) “Buddy, it seems like we’re collapsing,” Jordan Spieth told his caddy. Having looked unstoppable in the defense of his 2015 Masters title, five shots clear at the 10th tee, the 22-year-old was spiraling towards an implosion of apocalyptic proportions. Back-to-back bogeys precluded an eye-watering quadruple bogey at the short 12th hole, opening the door for Danny Willett to capitalize and clinch his first major. To rub salt into the wounds, a devastated Spieth had to help the victorious Englishman into his new green jacket at the Augusta winner’s ceremony. Jim Watson / AFP via Getty Images Lexi Thompson, US Women’s Open (2021) The 2021 US Women’s Open provided stories both heart-warming and heart-breaking. Teenager Yuka Saso became the first Filipino player to win a golf major after conquering Japan’s Nasa Hataoka in a playoff, yet neither player had looked to have a shot at victory a short while earlier. Thompson had led by four strokes at the turn, but a back-nine collapse saw her dreams of finally capturing an elusive second major crushed. A par at the final hole would have been enough to put the American into the playoff, but an agonizing missed putt [pictured] epitomized her painful afternoon in San Francisco. Sean M. Haffey / Getty Images Mito Pereira, PGA Championship (2022) One hole. That’s how close Mito Pereira was to a first major on his maiden PGA Championship outing in 2022. The world No. 100’s fairy-tale story became a horror movie at Southern Hills Country Club in Tulsa as Pereira, leading by a shot, struck his tee drive into the water at the 18th hole. His eventual double bogey meant he missed out on the subsequent playoff, with Justin Thomas besting compatriot Will Zalatoris to lift his second career major. Christian Petersen / Getty Images

Golf's biggest meltdowns

Prev Next

Editor’s Note: This story was originally published in April 2023.

CNN  — 

Slumped on his club, head buried in his arm, Rory McIlroy looked on the verge of tears.

The then-21-year-old had just watched his ball sink into the waters of Rae’s Creek at Augusta National and with it, his dream of winning The Masters, a dream that had looked so tantalizingly close mere hours earlier.

As a four-time major winner and one of the most decorated names in the sport’s history, few players would turn down the chance to swap places with McIlroy heading into Augusta this week.

Yet on Sunday afternoon of April 10, 2011, not a golfer in the world would have wished to be in the Northern Irishman’s shoes.

Flying

A fresh-faced, mop-headed McIlroy had touched down in Georgia for the first major of the season with a reputation as the leading light of the next generation of stars.

An excellent 2010 had marked his best season since turning pro three years earlier, highlighted by a first PGA Tour win at the Quail Hollow Championship and a crucial contribution to Team Europe’s triumph at the Ryder Cup.

Yet despite a pair of impressive top-three finishes at the Open and PGA Championship respectively, a disappointing missed cut at The Masters – his first at a major – served as ominous foreshadowing.

McIlroy shot 74 and 77 to fall four strokes short of the cut line at seven-over par, a performance that concerned him enough to take a brief sabbatical from competition.

McIlroy (L) races England’s Ian Poulter (R) during the Par 3 Contest prior to the 2011 Masters. Harry How / Getty Images

But one year on in 2011, any lingering Masters demons looked to have been exorcised as McIlroy flew round the Augusta fairways.

Having opened with a bogey-free seven-under 65 – the first time he had ever shot in the 60s at the major – McIlroy pulled ahead from Spanish first round co-leader Alvaro Quirós with a second round 69.

It sent him into the weekend holding a two-shot cushion over Australia’s Jason Day, with Tiger Woods a further stroke behind and back in the hunt for a 15th major after a surging second round 66.

And yet the 21-year-old leader looked perfectly at ease with having a target on his back. Even after a tentative start to the third round, McIlroy rallied with three birdies across the closing six holes to stretch his lead to four strokes heading into Sunday.

McIlroy drives from the 16th tee during his second round. Andrew Redington / Getty Images

The youngster was out on his own ahead of a bunched chasing pack comprising Day, Ángel Cabrera, K.J. Choi and Charl Schwartzel. After 54 holes, McIlroy had shot just three bogeys.

“It’s a great position to be in … I’m finally feeling comfortable on this golf course,” McIlroy told reporters.

“I’m not getting ahead of myself, I know how leads can dwindle away very quickly. I have to go out there, not take anything for granted and go out and play as hard as I’ve played the last three days. If I can do that, hopefully things will go my way.

“We’ll see what happens tomorrow because four shots on this golf course isn’t that much.”

McIlroy finished his third round with a four shot lead. Timothy A. Clary / AFP via Getty Images

Falling

The truth can hurt, and McIlroy was about to prove his assessment of Augusta to be true in the most excruciating way imaginable.

His fourth bogey of the week arrived immediately. Having admitted to expecting some nerves at the first tee, McIlroy sparked a booming opening drive down the fairway, only to miss his putt from five feet.

Three consecutive pars steadied the ship, but Schwartzel had the wind in his sails. A blistering birdie, par, eagle start had seen him draw level at the summit after his third hole.

A subsequent bogey from the South African slowed his charge, as McIlroy clung onto a one-shot lead at the turn from Schwartzel, Cabrera, Choi, and a rampaging Woods, who shot five birdies and an eagle across the front nine to send Augusta into a frenzy.

Despite his dwindling advantage and the raucous Tiger-mania din ahead of him, McIlroy had responded well to another bogey at the 5th hole, draining a brilliant 20-foot putt at the 7th to restore his lead.

The fist pump that followed marked the high-water point of McIlroy’s round, as a sliding start accelerated into full-blown free-fall at the par-four 10th hole.

His tee shot went careening into a tree, ricocheting to settle between the white cabins that separate the main course from the adjacent par-three course. It offered viewers a glimpse at a part of Augusta rarely seen on broadcast, followed by pictures of McIlroy anxiously peering out from behind a tree to track his follow-up shot.

McIlroy watches his shot after his initial drive from the 10th tee put him close to Augusta’s cabins. Andrew Redington / Getty Images

Though his initial escape was successful, yet another collision with a tree and a two-putt on the green saw a stunned McIlroy eventually tap in for a triple bogey. Having led the field one hole and seven shots earlier, he arrived at the 11th tee in seventh.

By the time his tee drive at the 13th plopped into the creek, all thoughts of who might be the recipient of the green jacket had long-since switched away from the anguished youngster. It had taken him seven putts to navigate the previous two greens, as a bogey and a double bogey dropped him to five-under – the score he had held after just 11 holes of the tournament.

Mercifully, the last five holes passed without major incident. A missed putt for birdie from five feet at the final hole summed up McIlroy’s day, though he was given a rousing reception as he left the green.

Sunday at the Masters natpkg_00005015.jpg video

Related video Sunday at the Masters

Mere minutes earlier, the same crowd had erupted as Schwartzel sunk his fourth consecutive birdie to seal his first major title. After starting the day four shots adrift of McIlroy, the South African finished 10 shots ahead of him, and two ahead of second-placed Australian duo Jason Day and Adam Scott.

McIlroy’s eight-over 80 marked the highest score of the round. Having headlined the leaderboard for most of the week, he finished tied-15th.

McIroy was applauded off the 18th green by the Augusta crowd after finishing his final round. Robyn Beck / AFP via Getty Images

Bounce-back

Tears would flow during a phone call with his parents the following morning, but at his press conference, McIlroy was upbeat.

“I’m very disappointed at the minute, and I’m sure I will be for the next few days, but I’ll get over it,” he said.

“I was leading this golf tournament with nine holes to go, and I just unraveled … It’s a Sunday at a major, what it can do.

“This is my first experience at it, and hopefully the next time I’m in this position I’ll be able to handle it a little better. I didn’t handle it particularly well today obviously, but it was a character-building day … I’ll come out stronger for it.”

Once again, McIlroy would be proven right.

Just eight weeks later in June, McIlroy rampaged to an eight-shot victory at the US Open. Records tumbled in his wake at Congressional, as he shot a tournament record 16-under 268 to become the youngest major winner since Tiger Woods at The Masters in 1997.

McIlroy celebrated a historic triumph at the US Open just two months after his Masters nightmare. Jim Watson / AFP via Getty Images

The historic victory kickstarted a golden era for McIlroy. After coasting to another eight-shot win at the PGA Championship in 2012, McIlroy became only the third golfer since 1934 to win three majors by the age of 25 with triumph at the 2014 Open Championship.

Before the year was out, he would add his fourth major title with another PGA Championship win.

And much of it was owed to that fateful afternoon at Augusta. In an interview with the BBC in 2015, McIlroy dubbed it “the most important day” of his career.

“If I had not had the whole unravelling, if I had just made a couple of bogeys coming down the stretch and lost by one, I would not have learned as much.

“Luckily, it did not take me long to get into a position like that again when I was leading a major and I was able to get over the line quite comfortably. It was a huge learning curve for me and I needed it, and thankfully I have been able to move on to bigger and better things.

“Looking back on what happened in 2011, it doesn’t seem as bad when you have four majors on your mantelpiece.”

A two-stroke victory at Royal Liverpool saw McIlroy clinch the Open Championship in 2014. Tom Pennington / Getty Images

The missing piece

McIlroy’s contentment came with a caveat: it would be “unthinkable” if he did not win The Masters in his career.

Yet as he prepares for his 15th appearance at Augusta National this week, a green jacket remains an elusive missing item from his wardrobe.

Despite seven top-10 finishes in his past 10 Masters outings, the trophy remains the only thing separating McIlroy from joining the ranks of golf immortals to have completed golf’s career grand slam of all four majors in the modern era: Gene Sarazen, Ben Hogan, Gary Player, Jack Nicklaus, and Tiger Woods.

The Masters is the only major title to elude McIlroy. Mike Mulholland / Getty Images

A runner-up finish to Scottie Scheffler last year marked McIlroy’s best finish at Augusta, yet arguably 2011 remains the closest he has ever been to victory. A slow start in 2022 meant McIlroy had begun Sunday’s deciding round 10 shots adrift of the American, who teed off for his final hole with a five-shot lead despite McIlroy’s brilliant 64 finish.

Rory McIlroy: I will win the Masters SPT_00000410.jpg video

Related video Rory McIlroy: I will win the Masters

At 33 years old, time is still on his side. Though 2022 extended his major drought to eight years, it featured arguably his best golf since that golden season in 2014.

And as McIlroy knows better than most, things can change quickly at Augusta National.

---

Sursa: CNN

window.CNN.contentModel.leadingMediaType = ‘video’; window.CNN.contentModel.isVideoCollection = false; CNN  — 

It is one of China’s most popular shopping apps, selling clothing, groceries and just about everything else under the sun to more than 750 million users a month.

But according to cybersecurity researchers, it can also bypass users’ cell phone security to monitor activities on other apps, check notifications, read private messages and change settings.

And once installed, it’s tough to remove.

While many apps collect vast troves of user data, sometimes without explicit consent, experts say e-commerce giant Pinduoduo has taken violations of privacy and data security to the next level.

In a detailed investigation, CNN spoke to half a dozen cybersecurity teams from Asia, Europe and the United States — as well as multiple former and current Pinduoduo employees — after receiving a tipoff.

Multiple experts identified the presence of malware on the Pinduoduo app that exploited vulnerabilities in Android operating systems. Company insiders said the exploits were utilized to spy on users and competitors, allegedly to boost sales.

“We haven’t seen a mainstream app like this trying to escalate their privileges to gain access to things that they’re not supposed to gain access to,” said Mikko Hyppönen, chief research officer at WithSecure, a Finnish cybersecurity firm.

“This is highly unusual, and it is pretty damning for Pinduoduo.”

This is highly unusual, and it is pretty damning for Pinduoduo.

Mikko Hyppönen, cybersecurity expert

Malware, short for malicious software, refers to any software developed to steal data or interfere with computer systems and mobile devices.

Evidence of sophisticated malware in the Pinduoduo app comes amid intense scrutiny of Chinese-developed apps like TikTok over concerns about data security.

Some American lawmakers are pushing for a national ban on the popular short-video app, whose CEO Shou Chew was grilled by Congress for five hours last week about its relations with the Chinese government.

The revelations are also likely to draw more attention to Pinduoduo’s international sister app, Temu, which is topping US download charts and fast expanding in other Western markets. Both are owned by Nasdaq-listed PDD, a multinational company with roots in China.

While Temu has not been implicated, Pinduoduo’s alleged actions risk casting a shadow over its sister app’s global expansion.

There is no evidence that Pinduoduo has handed data to the Chinese government. But as Beijing enjoys significant leverage over businesses under its jurisdiction, there are concerns from US lawmakers that any company operating in China could be forced to cooperate with a broad range of security activities.

Pinduoduo’s parent company PDD is listed on the Nasdaq in New York. Mike Segar/Reuters/File

The findings follow Google’s suspension of Pinduoduo from its Play Store in March, citing malware identified in versions of the app.

An ensuing report from Bloomberg said a Russian cybersecurity firm had also identified potential malware in the app.

Pinduoduo has previously rejected “the speculation and accusation that Pinduoduo app is malicious.”

CNN has contacted PDD multiple times over email and phone for comment, but has not received a response.

Rise to success

Pinduoduo, which boasts a user base that accounts for three quarters of China’s online population and a market value three times that of eBay (EBAY), wasn’t always an online shopping behemoth.

Founded in 2015 in Shanghai by Colin Huang, a former Google employee, the startup was fighting to establish itself in a market long dominated by e-commerce stalwarts Alibaba (BABA) and JD.com (JD).

It succeeded by offering steep discounts on friends-and-family group buying orders and focusing on lower-income rural areas.

Pinduoduo posted triple digit growth in monthly users until the end of 2018, the year it listed in New York. By the middle of 2020, though, the increase in monthly users had slowed to around 50% and would continue to decline, according to its earnings reports.

Colin Huang, a former Google employee, founded Pinduoduo in 2015 in Shanghai. He stepped down as CEO in 2020 and resigned as chairman the following year. VCG/VCG/Getty Images/File

It was in 2020, according to a current Pinduoduo employee, that the company set up a team of about 100 engineers and product managers to dig for vulnerabilities in Android phones, develop ways to exploit them — and turn that into profit.

According to the source, who requested anonymity for fear of reprisals, the company only targeted users in rural areas and smaller towns initially, while avoiding users in megacities such as Beijing and Shanghai.

“The goal was to reduce the risk of being exposed,” they said.

By collecting expansive data on user activities, the company was able to create a comprehensive portrait of users’ habits, interests and preferences, according to the source.

This allowed it to improve its machine learning model to offer more personalized push notifications and ads, attracting users to open the app and place orders, they said.

The team was disbanded in early March, the source added, after questions about their activities came to light.

PDD didn’t reply to CNN’s repeated requests for comment on the team.

What experts found

Approached by CNN, researchers from Tel Aviv-based cyber firm Check Point Research, Delaware-based app security startup Oversecured and Hyppönen’s WithSecure conducted independent analysis of the 6.49.0 version of the app, released on Chinese app stores in late February.

Google Play is not available in China, and Android users in the country download their apps from local stores. In March, when Google suspended Pinduoduo, it said it had found malware in off-Play versions of the app.

The researchers found code designed to achieve “privilege escalation”: a type of cyberattack that exploits a vulnerable operating system to gain a higher level of access to data than it’s supposed to have, according to experts.

“Our team has reverse engineered that code and we can confirm that it tries to escalate rights, tries to gain access to things normal apps wouldn’t be able to do on Android phones,” said Hyppönen.

In China, about three quarters of smartphone users are on the Android system. Luo Yunfei/China News Service/VCG/Getty Images

The app was able to continue running in the background and prevent itself from being uninstalled, which allowed it to boost its monthly active user rates, Hyppönen said. It also had the ability to spy on competitors by tracking activity on other shopping apps and getting information from them, he added.

Check Point Research additionally identified ways in which the app was able to evade scrutiny.

The app deployed a method that allowed it to push updates without an app store review process meant to detect malicious applications, the researchers said.

They also identified in some plug-ins the intent to obscure potentially malicious components by hiding them under legitimate file names, such as Google’s.

“Such a technique is widely used by malware developers that inject malicious code into applications that have legitimate functionality,” they said.

Android targeted

In China, about three quarters of smartphone users are on the Android system. Apple (AAPL)’s iPhone has 25% market share, according to Daniel Ives of Wedbush Securities.

Sergey Toshin, the founder of Oversecured, said Pinduoduo’s malware specifically targeted different Android-based operating systems, including those used by Samsung, Huawei, Xiaomi and Oppo.

CNN has reached out to these companies for comment.

Toshin described Pinduoduo as “the most dangerous malware” ever found among mainstream apps.

“I’ve never seen anything like this before. It’s like, super expansive,” he said.

Most phone manufacturers globally customize the core Android software, the Android Open Source Project (AOSP), to add unique features and applications to their own devices.

Toshin found Pinduoduo to have exploited about 50 Android system vulnerabilities. Most of the exploits were tailor made for customized parts known as the original equipment manufacturer (OEM) code, which tends to be audited less often than AOSP and is therefore more prone to vulnerabilities, he said.

Pinduoduo also exploited a number of AOSP vulnerabilities, including one which was flagged by Toshin to Google in February 2022. Google fixed the bug this March, he said.

I’ve never seen anything like this before. It’s like, super expansive.

Sergey Toshin, Android security expert

According to Toshin, the exploits allowed Pinduoduo access to users’ locations, contacts, calendars, notifications and photo albums without their consent. They were also able to change system settings and access users’ social network accounts and chats, he said.

Of the six teams CNN spoke to for this story, three did not conduct full examinations. But their primary reviews showed that Pinduoduo asked for a large number of permissions beyond the normal functions of a shopping app.

They included “potentially invasive permissions” such as “set wallpaper” and “download without notification,” said René Mayrhofer, head of the Institute of Networks and Security at the Johannes Kepler University Linz in Austria.

People using their phones on the Beijing subway in July 2022. Sheldon Cooper/SOPA Images/LightRocket/Getty Images

Disbanding the team

Suspicions about malware in Pinduoduo’s app were first raised in late February in a report by a Chinese cybersecurity firm called Dark Navy. Even though the analysis didn’t directly name the shopping giant, the report spread quickly among other researchers, who did name the company. Some of the analysts followed up with their own reports confirming the original findings.

Soon after, on March 5, Pinduoduo issued a new update of its app, version 6.50.0, which removed the exploits, according to two experts who CNN spoke to.

Two days after the update, Pinduoduo disbanded the team of engineers and product managers who had developed the exploits, according to the Pinduoduo source.

The next day, team members found themselves locked out of Pinduoduo’s bespoke workplace communication app, Knock, and lost access to files on the company’s internal network. Engineers also found their access to big data, data sheets and the log system revoked, the source said.

Most of the team were transferred to work at Temu. They were assigned to different departments at the subsidiary, with some working on marketing or developing push notifications, according to the source.

A core group of about 20 cybersecurity engineers who specialize in finding and exploiting vulnerabilities remain at Pinduoduo, they said.

Toshin of Oversecured, who looked into the update, said although the exploits were removed, the underlying code was still there and could be reactivated to carry out attacks.

Oversight failure

Pinduoduo has been able to grow its user base against a backdrop of the Chinese government’s regulatory clampdown on Big Tech that began in late 2020.

That year, the Ministry of Industry and Information Technology launched a sweeping crackdown on apps that illegally collect and use personal data.

In 2021, Beijing passed its first comprehensive data privacy legislation.

The Personal Information Protection Law stipulates that no party should illegally collect, process or transmit personal information. They’re also banned from exploiting internet-related security vulnerabilities or engaging in actions that endanger cybersecurity.

Pinduoduo’s apparent malware would be a violation of those laws, tech policy experts say, and should have been detected by the regulator.

“This would be embarrassing for the Ministry of Industry and Information Technology, because this is their job,” said Kendra Schaefer, a tech policy expert at Trivium China, a consultancy. “They’re supposed to check Pinduoduo, and the fact that they didn’t find (anything) is embarrassing for the regulator.”

The ministry has regularly published lists to name and shame apps found to have undermined user privacy or other rights. It also publishes a separate list of apps that are removed from app stores for failing to comply with regulations.

Pinduoduo did not appear on any of the lists.

They’re supposed to check Pinduoduo, and the fact that they didn’t find (anything) is embarrassing for the regulator.

Kendra Schaefer, tech policy expert

CNN has reached out to the Ministry of Industry and Information Technology and the Cyberspace Administration of China for comment.

On Chinese social media, some cybersecurity experts questioned why regulators haven’t taken any action.

“Probably none of our regulators can understand coding and programming, nor do they understand technology. You can’t even understand the malicious code when it’s shoved right in front of your face,” a cybersecurity expert with 1.8 million followers wrote last week in a viral post on Weibo, a Twitter-like platform.

The post was censored the next day.

CNN’s Kristie Lu Stout and Sean Lyngaas contributed reporting.

---

Sursa: CNN

Ce am acoperit aici

• O suspectă a fost reținută în legătură cu o explozie care a ucis un important blogger militar rus într-o cafenea din Sankt Petersburg, duminică.
• Finlanda va deveni oficial membră a alianței militare NATO în cadrul unei ceremonii care va avea loc marți la Bruxelles. Finlanda a depus o cerere comună de aderare alături de Suedia, la scurt timp după invazia Rusiei în Ucraina.
• Polonia a livrat Ucrainei „mai multe” avioane de vânătoare MiG-29. Președintele ucrainean Volodimir Zelenski este așteptat să viziteze Polonia miercuri.
• Reporterul Wall Street Journal, reținut la Moscova sub acuzația de „spionaj”, a depus apel împotriva arestării sale, potrivit știrilor de stat rusești. SUA au cerut „eliberarea imediată” a jurnalistului.
• Pe teren, estul Ucrainei continuă să se confrunte cu atacuri rusești neîncetate, bombardamentele ucigând cel puțin șase persoane în orașul Kostiantynivka.

---

Sursa: CNN

---

Sursa: CNN

Ce am acoperit aici

• Fostul președinte Donald Trump a sosit luni în New York, cu o zi înainte de momentul în care se așteaptă să se predea forțelor de ordine și să se confrunte cu peste 30 de acuzații penale într-un tribunal din Manhattan, în urma rechizitoriului istoric al marelui juriu de săptămâna trecută.
• Agențiile de știri nu vor avea voie să difuzeze punerea sub acuzare de marți, a decis un judecător luni seară.
• Echipa juridică a lui Trump a declarat că fostul președinte se va preda de bunăvoie și va încerca să conteste „fiecare problemă potențială” odată ce rechizitoriul va fi dezvăluit.
• Trump, care a promis că își va continua candidatura din 2024, este primul președinte actual sau fost din istoria SUA care s-a confruntat cu acuzații penale. Biroul procurorului districtual a investigat presupusul rol al lui Trump într-o schemă de plată a banilor pentru tăcere care a implicat-o pe vedeta de filme pentru adulți Stormy Daniels, care datează din alegerile prezidențiale din 2016.

---

Sursa: CNN

Tatăl sare de pe vasul de croazieră Disney pentru a-și salva fiica care a căzut peste bord

acum 18 oreDistribuieSalveazăMax MatzaBBC NewsDistribuieSalveazăUrmărește: Barca de salvare ajunge la tată și fiică după ce aceasta a căzut de pe vasul de croazieră

Un tată a sărit în ocean pentru a-și salva fiica după ce aceasta a căzut de pe puntea a patra a unui vas de croazieră Disney care călătorea din Bahamas în SUA duminică după-amiază, spun martorii.

Videoclipurile au arătat pasageri aclamând în timp ce cei doi erau trași pe un vas de salvare după ce, aparent, au stat pe apă timp de 10 minute.

Fata părea să fi căzut când tatăl ei i-a făcut o fotografie lângă o balustradă, au declarat martorii. O alertă de om la mare a fost transmisă pe navă, iar echipajul s-a grăbit să-i recupereze.

„Nava se mișca repede, atât de repede, încât e incredibil cât de repede oamenii deveneau puncte minuscule în mare, iar apoi îi pierdeai din vedere”, a spus pasagera Laura Amador.

„Căpitanul a încetinit nava și a întors-o, apoi au trimis o navă auxiliară cu oameni la bord pentru a-i recupera și i-am văzut salvându-i pe tată și fiică”, a declarat ea pentru CBS News, partenerul BBC din SUA.

Identitățile tatălui și fiicei nu au fost făcute publice. Mai multe instituții media din SUA o descriu pe fată ca fiind un copil.

Nava Disney Dream, cu o capacitate de 4.000 de persoane, se întorcea la Fort Lauderdale, Florida, după ce a navigat timp de patru zile în jurul Bahamaselor.

Disney a confirmat într-un comunicat că doi pasageri au fost salvați, dar a oferit puține detalii despre ce s-a întâmplat.

„Echipajul de la bordul navei Disney Dream a salvat rapid doi oaspeți din apă”, a declarat un purtător de cuvânt al Disney Cruise Line. „Îi felicităm pe membrii echipajului nostru pentru abilitățile lor excepționale și acțiunile prompte, care au asigurat întoarcerea în siguranță a ambilor oaspeți pe navă în câteva minute.”

„L-am privit, puteai vedea două lucruri mici… era o nebunie, era oribil”, a declarat pasagerul Gar Frantz pentru NBC News, descriind cum i-a văzut pe cei doi intrând în ocean și aproape dispărând la orizont.

Incidentul a avut loc în ultima zi a croazierei, iar nava s-a întors în portul din Florida ca de obicei.

Deși este rar ca pasagerii să cadă de pe navele de croazieră, salvările nu sunt adesea reușite atunci când se întâmplă acest lucru.

Conform unui raport al Asociației Internaționale a Liniilor de Croazieră din 2019, 25 de persoane au căzut peste bord în acel an de pe navele de croazieră și doar nouă au fost salvate din apă.

FloridaNave de croazierăBahamasStatele Unite ale Americii

---

Sursa: BBC News

‘Mi-au scos șrapnel din inimă’ – magneții care salvează vieți în Ucraina

acum 13 oreDistribuieSalveazăAnastasiya GribanovaBBC Ukrainian Service, KievScarlett BarterBBC World ServiceDistribuieSalveazăKevin McGregor / BBCSoldatul ucrainean Serhiy Melnyk ține în mână bucata de șrapnel care i-a fost odată înfiptă în inimă

Din buzunar, Serhiy Melnyk scoate un mic ciob ruginit, învelit frumos în hârtie.

Îl ridică. „Mi-a zgâriat rinichiul, mi-a străpuns plămânul și inima” spune soldatul ucrainean în șoaptă.

Urme de sânge uscat sunt încă vizibile pe șrapnelele provenite de la o dronă rusească care i s-au înfipt în inimă în timp ce lupta în estul Ucrainei.

„Nici măcar nu mi-am dat seama ce era la început – am crezut că pur și simplu mi-e lipsă de aer sub armura antiglonț”, spune el. „A trebuit să-mi extragă șrapnel din inimă.”

Odată cu creșterea numărului de războie cu drone în Ucraina, aceste răni devin din ce în ce mai frecvente. Dronele transportă adesea arme și materiale care se fragmentează și provoacă răni mai complexe cauzate de șrapnel.

Potrivit medicilor militari ucraineni, rănile din șrapnel reprezintă acum până la 80% din traumatismele de pe câmpul de luptă.

Netratată, rana lui Serhiy ar fi fost fatală.

„Fragmentul era ascuțit ca o lamă. Doctorii au spus că era o bucată mare și că am avut noroc să supraviețuiesc”, spune el gânditor.

Dar nu doar norocul l-a salvat, ci o nouă tehnologie medicală. Un extractor magnetic.

Kevin McGregor / BBCEchipa lui Serhiy Maksymenko a îndepărtat șrapnelul din inima lui Serhiy

<x27;Fac o mică incizie și introduc magnetul

Chirurgul cardiovascular Serhiy Maksymenko arată imagini cu fragmentul de metal prins în inima bătătoare a lui Serhiy înainte ca acesta să fie îndepărtat delicat de un dispozitiv subțire cu vârf magnetic.

„Nu trebuie să faceți tăieturi mari în inimă”, explică Dr. Maksymenko. „Fac doar o mică incizie, introduc magnetul și acesta scoate șrapnelul.”

În doar un an, echipa doctorului Maksymenko a efectuat peste 70 de operații cardiace cu succes cu ajutorul dispozitivului, care a schimbat fața medicinei de primă linie din Ucraina.

Dezvoltarea acestor extractoare a venit după ce medicii de primă linie au evidențiat nevoia urgentă de a avea o modalitate sigură, rapidă și minim invazivă de a îndepărta șrapnelul.

Oleh Bykov – care a lucrat ca avocat – a condus această dezvoltare. Din 2014, el sprijină armata ca voluntar. A întâlnit medici pe linia frontului și din conversațiile sale au fost create extractoarele magnetice.

Conceptul nu este nou. Magneții au fost folosiți pentru îndepărtarea metalului din răni încă din timpul Războiului Crimeii, în anii 1850. Dar echipa lui Oleh a modernizat abordarea, creând modele flexibile pentru chirurgia abdominală, microextractoare pentru lucrări delicate și instrumente de înaltă rezistență pentru oase.

Operațiile au devenit mai precise și mai puțin invazive. Magnetul poate fi plasat de-a lungul suprafeței unei răni pentru a extrage fragmente. Chirurgii fac apoi o mică incizie, iar piesa este îndepărtată.

Ținând în mână o unealtă subțire în formă de stilou, Oleh își demonstrează puterea ridicând un baros cu vârful magnetic.

Kevin McGregor / BBCMagneții sunt suficient de puternici pentru a ridica un baros.

Munca sa a fost lăudată de alți medici de război, inclusiv de David Nott, un veteran al zonelor de război din întreaga lume.

„În război, se dezvoltă lucruri la care nu s-ar fi gândit niciodată în viața civilă.” spune el.

Rănile prin fragmentare au crescut din cauza schimbării feței războiului și, deoarece durează mult timp pentru a fi găsite, el crede că acest dispozitiv ar putea schimba regulile jocului.

El spune că căutarea șrapnelelor la pacienți este ca „a căuta un ac într-un car cu fân” – nu are întotdeauna succes și întârzie tratamentul altor victime.

Căutarea manuală a fragmentelor poate fi periculoasă și necesită incizii mai mari, care pot provoca mai multe sângerări – „așa că a le putea găsi pur și simplu folosind un magnet este ingenios.”

Centrul cardiac DniproExtractorul magnetic care a îndepărtat șrapnelele din inima lui Serhiy

Ceea ce a început ca un instrument de teren a fost acum lansat în toată Ucraina, cu 3.000 de unități distribuite spitalelor și medicilor din prima linie, precum Andriy Alban, care spune că a ajuns să se bazeze pe acest dispozitiv.

El lucrează adesea sub foc, în tranșee sau în clinici improvizate în aer liber și uneori fără anestezie locală.

„Sarcina mea este să salvez vieți – să bandajez rănile și să evacuez soldații”, spune el.

Nu a existat nicio certificare oficială a extractorului magnetic.

Ministerul Sănătății din Ucraina afirmă că dispozitivele medicale trebuie să respecte pe deplin reglementările tehnice. Totuși, în cazuri excepționale, cum ar fi legea marțială sau starea de urgență, utilizarea dispozitivelor necertificate este permisă pentru a satisface nevoile armatei și ale forțelor de securitate.

În culmea războiului, nu există timp pentru birocrație, explică creierul Oleh. „Aceste dispozitive salvează vieți. Dacă cineva consideră că acțiunile mele sunt o crimă, îmi asum responsabilitatea. Sunt chiar pregătit să merg la închisoare dacă se ajunge la asta. Dar atunci toți medicii care folosesc aceste dispozitive ar trebui și ei închiși”, adaugă el pe jumătate în glumă.

David Nott este de acord că certificarea nu este o prioritate maximă deocamdată și consideră că dispozitivul s-ar putea dovedi util în alte zone de război, cum ar fi Gaza.

„În război, nu este cu adevărat necesar.” „Faci doar lucrurile importante pentru a salva vieți.”

Înapoi la Lviv, soția lui Serhiy, Iulia, este recunoscătoare că soțul ei a supraviețuit rănii.

„Vreau doar să-i laud pe cei care au inventat acest extractor”, spune ea cu lacrimi în ochi. „Datorită lor, soțul meu este în viață.”

Reportaj suplimentar de Jasmin Dyer și Kevin McGregor.

Război în UcrainaRusiaUcraina

---

Sursa: BBC News

How 'blood gold' is fuelling conflict in West Africa

13 hours agoShareSaveJacob BoswallBBC MonitoringShareSaveGetty Images

It has been a good year for gold. A host of turbulent events in the global economy has driven up prices for the glittery commodity to record highs in 2025.

In a world of tariffs and international conflict, gold appeals to investors as one of the few remaining stable assets. Everyone wants a piece of the action, from central banks to large institutions like hedge funds, and retail investors. But few know where their gold comes from, or much about the conflicts it may be fuelling in the countries where it is mined.

For the governments of West Africa's Sahel region, the stakes are even higher. Gold is a lifeline for the military juntas of Burkina Faso, Mali, and Niger, who are beleaguered by jihadist insurgencies, regional isolation, and the ravages of climate change.

"Because gold prices have been at a historic high… the military governments are hoping that they will be able to benefit directly," Beverly Ochieng, a senior researcher at global consultancy firm Control Risks, told the BBC.

Together, the three Sahel states produce around 230 tonnes of gold per year, according to the World Gold Council's estimates, or about $15bn (£11bn) at the current market rate.

A lack of records for artisanal and small-scale gold mining means that this figure is probably an underestimate.

The combined gold production in these three states surpasses any other country in Africa, making the Sahel region a major global contributor to the gold market.

The governments say that the proceeds from the lucrative sector are benefitting citizens through increased "sovereignty" – though Russian firms are increasing their stake in the industry at the expense of Western-owned firms.

For example, Mali's junta leader Gen Assimi Goïta laid the foundation stone last month for a gold refinery, in which a Russian conglomerate, the Yadran Group, will have a minority stake. The refinery will reportedly create 500 direct jobs and 2,000 indirect jobs.

Burkina Faso is also building its first-ever gold refinery, and has set up a state-owned mining company, requiring foreign firms to give it a 15% stake in their local operations and to transfer skills to Burkinabé people.

Fake AI media campaigns have even been launched to celebrate the country's charismatic 37-year-old military ruler Capt Ibrahim Traoré for commanding such an important revenue stream for the nation.

"Mining gold from deepest dirt. But souls are rich and true," croons an AI-generated Rihanna in one recent song, pouring her silky, auto-tuned praise on Capt Traoré.

The reality is very different, according to Ms Ochieng, who explained that Burkina Faso and its neighbours need quick cash to fund counterinsurgency campaigns.

In the case of Mali, much of this has been outsourced to Russian mercenaries, including the Wagner Group and its successor, Africa Corps, which falls under the command of Russia's defence ministry.

Africa Corps has been involved in military training in Burkina Faso, but the junta officially denies its presence.

RIA Novosti / Anadolu / Getty ImagesRussia's President Vladimir Putin and Burkina Faso's Ibrahim Traoré have built a strong relationship

Although public spending transparency in the countries is poor, the governments are thought to devote large portions of their budgets to national security.

Military spending in Mali trebled since 2010, amounting to 22% of the national budget by 2020.

The governments are fighting jihadist groups linked to al-Qaeda and Islamic State (IS).

But campaign group Human Rights Watch (HRW) has accused the Malian government and the Wagner Group of committing atrocities against civilians, including unlawful killings, summary executions, and torture.

It has documented similar atrocities by Burkina Faso's military and its allied militias.

For their services, the Wagner Group and now Africa Corps are often paid directly in gold or in mining concessions, according to Alex Vines of the London-based Chatham House think-tank.

"Very little [of the gold revenues] will trickle down to Malians and Burkinabés," he told the BBC, adding that in fact the armed insurgents themselves may be benefiting from gold.

Since the coup in Mali in 2021, brutal government tactics against communities suspected of harbouring or sympathising with jihadists have increased, pushing more civilians to join the very groups they are fighting.

Jamaat Nusrat al-Islam wal-Muslimin (JNIM), an al-Qaeda affiliate which is the most active jihadist group in the region, staged an unprecedented number of attacks targeting Burkina Faso military during the first half of 2025, a sign of the group's growing strength.

The armed groups are also literally cashing in on the increased global appetite for gold.

A large proportion of gold mining in the Sahel is from the artisanal and small-scale sector, which is often informal, meaning it takes place on unlicensed and undeclared sites away from government oversight, according to a 2023 report on gold mining in the Sahel by the United Nations Office on Drugs and Crime (UNODC).

Armed groups, including jihadist groups, and Sahel governments are in competition for control over many of these small-scale gold mines.

Gold provides an important revenue stream for militant groups, which appear to be expanding their territorial influence in both Mali and Burkina Faso.

The UNODC believes that most gold from this type of mining ends up in the United Arab Emirates (UAE), a global centre for gold refining and trading.

"You do see overlap of violent extremist groups moving onto artisanal production areas for control," said Dr Vines.

The global spike in gold prices may be prolonging and exacerbating conflict in the Sahel – but, unfortunately for the diggers in artisanal gold mines, it has not led to owners increasing their wages.

Afrikimages Agency / Universal Images Group / Getty ImagesAs jobs are scarce, many people work in the informal mining sector

One gold miner in Mali's northern Kidal region agreed to respond to written questions from the BBC on condition of anonymity, for fear of his safety.

He estimated that, on a "good day", he earns 10,000 to 20,000 CFA francs, or approximately $18 to $36 (£13 to £26).

The amount he is paid has not increased alongside global gold prices, he said.

"Prices went up, but the extra profit goes to mine owners… It's risky and uncertain, but for many of us, it's the only option," he added.

Dr Vines, who formerly worked as a blood diamond investigator for the UN, is concerned that gold has become Africa's new main conflict commodity.

He noted that gold has not received the same international attention as diamonds, which fuelled bloodshed in several African states throughout the 20th Century, especially during the 1990s.

Intervention by human rights groups and the UN led to the establishment of the Kimberley Process Certification Scheme in 2003, which did much to end the sale of so-called "blood diamonds" on the open market.

But attempts to crack down on "blood gold" have been less successful.

This is partly due to a lack of unified ethical standards. The London Bullion Market Association (LBMA), a major authority in the gold market, requires refiners to comply with standards based on guidelines set by a global body, the Organisation for Economic Co-operation and Development (OED).

The UAE's enforcement of these regulations has historically been patchy.

In 2021, the country announced its own standards for ethical gold mining – however, the framework remains voluntary. The issue of enforcement has caused tensions in the past between the Gulf state and the LBMA.

Tracing technology represents another hurdle.

"There is no 'DNA testing' for gold. With a lot of effort, you can trace diamonds before they get polished and cut… But I haven't seen ways of tracing the origins of a gold nugget," Dr Vines said.

Gold is smelted early on in the value chain, making it nearly impossible to trace and connect to potential conflict zones, he explained.

Dr Vines believes that it is likely that some blood gold from the Sahel ends up in UK markets.

"[Gold] gets smelted in [the] UAE, then goes onto the jewellery manufacturing industry, or into dentistry, or bullion. Some of it clearly comes into the UK. And once it is here, there is no way of testing what it is."

Another reason that it will be difficult to repeat the successes of the Kimberley process, according to Dr Vines, is because the certification system was not designed to deal with state governments.

"Kimberley was designed to deal with armed non-state actors in places like Sierra Leone and Liberia," he said.

For now, gold's importance for Sahel governments and the patchy enforcement of ethical gold standards mean that the commodity is likely to continue changing hands, regardless of its origin.

Unfortunately for some communities in the Sahel, that may mean paying for the trade in blood.

You may also be interested in:

• 'I thought I would die' – freed captive tells BBC of life in jihadist base
• Why Burkina Faso's junta leader has captured hearts and minds
• 'We are poisoning ourselves': Ghana gold rush sparks environmental disaster
• The region with more 'terror deaths' than rest of world combined

Getty Images/BBC

Go to BBCAfrica.com for more news from the African continent.

Follow us on Twitter @BBCAfrica, on Facebook at BBC Africa or on Instagram at bbcafrica

BBC Africa podcasts

Focus on Africa

This Is Africa

Burkina FasoSahel Islamist insurgencyMaliNigerAfricaGold

---

Sursa: BBC News