Technology

Josh Holloway takes the wheel.

• Researchers from ETH Zurich found a way around Spectre mitigations on Intel
• The chipmaker released microcode patch
• ARM and AMD chips are not affected this time

Spectre, a series of chip vulnerabilities affecting pretty much all processors today, doesn’t seem to go away, despite multiple vendor efforts to contain and remedy the flaws.

Recently, security researchers at ETH Zurich published a new paper, claiming to have found a way around the protections released by Intel.

Sandro Rüegge, Johannes Wikner, and Kaveh Razavi, the researchers behind the paper, named the vulnerabilities Branch Prediction Race Conditions (BPRC), and claim it only works on Intel’s products (all Intel CPUs since the 9th generation - Coffee Lake Refresh - as well as other chips dating back to the 7th generation Kaby Lake ones). AMD and ARM seem to have dodged this bullet, at least for now.

TechRadar Pro readers can get 60% off Premium Plans at RoboForm now!

New users can take advantage of RoboForm’s exclusive deal and get 60% off the Premium Plan. With this deal, you can get unlimited password storage, one-click login & autofill, password sharing, two-factor authentication for added protection, cloud backup, and emergency access for trusted contacts. To claim this deal, visit this link and sign up for the Premium Plan to lock in this huge discount.

Preferred partner (What does this mean?)View Deal

Slow updates

Spectre and Meltdown were two enormous vulnerabilities that were first spotted in 2018, and which were so severe that they had most OEMs scrambling for a fix. Some fixes were so poorly implemented that they bricked entire devices, while others were “just” slowing the computers down.

At one point, Intel introduced Indirect Brach Restricted Speculation (IBRS/eIBRS), Indirect Branch Predictor Barrier (IBPB), as two techniques to control speculation and mitigate the risk.

This is apparently where the new flaw lies. Branch predictions update slowly and asynchronously (in the background, not instantly). This delay creates a race condition, which means that the CPU is still updating its internal branch prediction data from earlier code while switching to a different privilege level (from user mode to kernel mode, for example).

This timing means that predictions from user code can be mislabeled as coming from kernel mode, allowing the attacker to inject their own predictions. As a result, threat actors could pull sensitive data such as passwords, from the vulnerable device.

Intel has released a microcode update to address the flaw, The Register reports. The chipmaker's advisory, issued Tuesday, labeled the vulnerability as CVE-2024-45332.

Via The Register

You might also like

• Intel and AMD chips are under attack from a new generation of Spectre threats
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

• Nvidia RTX 5060 partner GPUs have been spotted on Best Buy ahead of launch
• Models from Asus and PNY were spotted before being removed
• The highest price for an overclocked RTX 5060 was $409

Nvidia's RTX 5060 is set for launch on May 19, just before one of the biggest tech events in the world, Computex 2025, begins on May 20. However, it looks like we might have an early insight into the pricing of the 8GB GPU.

As reported by Wccftech, Asus TUF and Prime RTX 5060 GPUs were spotted on Best Buy (by popular leaker @momomo_us on X) ahead of launch. Most interestingly, the Asus TUF RTX 5060 OC Edition was listed for $409, which is close to the RTX 5070's $549 launch price.

This comes after one of rival AMD's Radeon RX 9060 XT partner cards was leaked in a listing on a Swiss retailer, with a high price tag for a low-end GPU. However, it's important to note that this price is more than likely just a placeholder for now - at least that's what we hope.

On the other hand, that might not be the case for the Nvidia GPUs. The other Asus RTX 5060 listings (which were as low as $339.99) are representative of pricing that is expected for a budget GPU, and are also consistent with the $409 price for the overclocked model (since most OC GPUs are sold at higher prices).

It's also worth noting that PNY's overclocked RTX 5060 was also spotted on Best Buy, at $299.99, which might be a more reasonable proposition for gamers on a budget.

These listings (which have now been removed) may very well be inaccurate with placeholder prices, but it would be hard to see retail pricing be much lower. Having said that, we’d also not like to see a price higher than $299.99 for a graphics card using 8GB of VRAM in 2025.

(Image credit: Future / John Loeffler) Just like the Acer Nitro Radeon RX 9060 XT listings, this will be dead on arrival if true

I hate to sound like a broken record, but 8GB of VRAM isn't sufficient for gaming in 2025, and there's enough evidence out there to prove this; from poorly optimized ports, VRAM-hungry titles, and more games like Assassin's Creed Shadows forcing RTGI (Ray-Traced Global Illumination), frame rates and smoothness just aren't up to par on 8GB graphics cards.

Computex 2025 and the RTX 5060's launch are now only days away, so it's still early days. However, I'm willing to believe that Team Green's partner cards on this occasion will be priced at absurd levels - especially when you consider the terrible state of the GPU market.

I can almost guarantee that if any RTX 5060 GPU (including AMD's RX 9060 XT 8GB) launches at $409 or above, it's not going to sell well regardless of consumer desperation. That's not me being harsh or targeting either Team Red or Team Green; that's just the reality.

Gamers need more powerful hardware to run newly-released, graphically-demanding games, and if they still have to spend that much for a weaker GPU that’s going to make too many compromises to play modern games compared to the likes of an RTX 5070 Ti or RTX 5080, then I can imagine there are going to be a lot of angry PC gamers...

You may also like...

• Nvidia’s gaming GPUs could still get pricier despite tariffs truce, new report claims – here’s why
• The Nvidia Shield is getting 120fps cloud gaming support, but with a big catch
• Nvidia’s RTX 5060 GPU looks to be imminent, but it could get a very frosty reception

• The Nothing Phone 3 will have "premium materials" and "major performance upgrades"
• It's said to be the company's first true flagship phone
• However, it will also cost a lot more than previous models

Nothing has so far found smartphone success with eye-catching but affordable handsets that target the low-end and mid-range markets, but with the Nothing Phone 3, the company is taking a gamble on something more premium.

In a video shown during the latest Android Show, Nothing’s CEO Carl Pei revealed that the Nothing Phone 3 is coming this summer (likely meaning sometime between June and August), and that it will have “premium materials, major performance upgrades, and software that really levels things up.”

These will apparently combine to make this Nothing’s “first true flagship smartphone”. That all sounds promising, but unsurprisingly it'll come at a cost, with Pei adding that the Nothing Phone 3 will cost around £800.

A flagship phone with flagship competition

Converted, that’s roughly $1,060 / AU$1,640, but price conversions are rarely accurate. Given that the Nothing Phone 2 launched for $599 / £579 / AU$1,049, we’d think the US price of the Nothing Phone 3 would be similar to the UK price – so probably $800 or just over. In Australia, it’s harder to predict, but maybe around AU$1,350.

That would put the Nothing Phone 3 in a similar price bracket to the Samsung Galaxy S25, the iPhone 16, and the Google Pixel 9, so it would have far more high-profile competition than previous Nothing handsets.

It'll be interesting, then, to see whether the Nothing Phone 3 will offer enough to justify that price, and whether buyers will give it a chance over bigger names. We should find out soon, but in the meantime – or if you’re not in the market for a premium phone – there’s always the more mid-range Nothing Phone 3a and Nothing Phone 3a Pro.

You might also like

• Best Android phones: top performing and most affordable
• Nothing Phone 3a Pro review: the best bargain smartphone
• Nothing Phone 2 review: exactly what it looks like, flashy and new

Previously an add-on service, the new and improved scam and deepfake detecting features are also expanding beyond AI-powered devices.

The cutting-edge animated anthology is back.

Universities are already under immense pressure from financial constraints, regulatory requirements, and accountability demands—the last thing they need is a cyberattack. Unfortunately, the standard approach to document management has left many of them more vulnerable than ever. With AI making cyberattacks more prolific and effective, a single misplaced document could have devastating consequences. And that’s just the tip of the iceberg.

Why? Cybercriminals know that universities often lack robust cybersecurity measures. In fact, in 2024, a staggering 97% of universities experienced a cyber-attack, leading to financial losses, reputational damage, and disruptions to academic activities. In other words, attackers know where universities are most vulnerable—and they’re exploiting those weaknesses like never before.

This article will explore how poor document management practices exacerbate these risks, how modern solutions can reduce cyber threats, and the critical steps universities must take to protect themselves.

When you don’t get with the times

Many universities operate with woefully out-of-date IT systems. It’s not uncommon for staff to bypass the whole system and work with reams of paper on their desks. In fact, a new report from the Higher Education Policy Institute says that universities need “an army” of IT staff to keep systems from crumbling under their own weight. Not only is this a burden on staff, but it increases cyber risk.

That same report says that document management is one of the most significant failure points.

Consider this: internal servers are unreliable, so staff turn to alternative solutions. Personal email accounts become makeshift storage because institutional servers can’t be trusted. Physical documents, though tangible, are easily misplaced or lost in transit—exposing confidential data and creating GDPR compliance risks. Whether it’s application forms, research papers, or emails, without proper security measures, every document is a potential vulnerability.

Unsurprisingly, humans are often the weakest link. A hastily scribbled password on a sticky note, a list of student names and addresses that falls out of a plastic binder, or a shared drive that is open to anyone with a link — all represent a way into university servers for enterprising cybercriminals. Think about it: when thousands of students and faculty members are sending documents to and from, it’s essential that this is underpinned by good security systems.

Another growing headache for universities is shadow AI. When employees struggle with outdated systems while managing increasing workloads, they turn to any tool that boosts efficiency—even if it’s unsanctioned or unsafe. Take the professor using ChatGPT to assess one of hundreds of essays. Hidden within a student essay might be personally identifiable information (PII). Meanwhile, freely available open source large language models (LLMs), such as China’s DeepSeek, have been altered to contain malicious code implanted before download.

And once cyber criminals have access to a university server, they can observe, explore and map the network and its users. Undetected and free to roam, they can seek out and obtain login credentials that gives them access to other parts of the network. They may also set up backdoors so that they can regain access once they’ve enacted their plan.

Document management can’t be overlooked

With risks like these—and with AI and machine learning becoming more advanced and widespread—cybercriminals have more tools than ever to target universities. AI tools not only lower the technological barrier for attackers, enabling even less-skilled individuals to craft convincing phishing emails or automate malicious code generation, but it also facilitates deepfake audio and video, as well as adaptive malware designed to evade detection.

More importantly, it accelerates the attack cycle. And cybercriminals know that universities are often poorly equipped to handle a barrage of attacks. According to the UK Government’s 2024 Cyber Security Breaches Survey, around 60% of UK universities had suffered a cyber breach in the past year—more than the typical large business—and this was due to inadequate cyber strategies.

Proper document management systems can mitigate many of these risks. These tools store and manage documents through a central, cloud-based server, providing a secure environment for sensitive information. They also facilitate the digitization of physical documents, making them easier to manage. By automatically generating metadata for stored content, they enhance searchability and prepare information for responsible AI and automation. Most importantly, they enforce access rights, maintain audit trails, and support regulatory compliance, reducing the risk of data breaches.

In other words, they ensure the right person has the right access to the right documents and the right time. Some modern document management tools have AI built in, making it easier to analyze and extract insights from university data. Additionally, having AI tools within a secure environment helps reduce the risk of Shadow AI.

Universities of the future

Document management systems help universities prepare for the future. Data indexing and classification are essential for AI and automation. However, these processes are only as effective as the data they are built upon—making it crucial to establish a strong foundation for growth.

Employees also appreciate having technology that works. Cumbersome document management systems can be a drain on efficiency, impacting productivity and distracting students and staff from meaningful work. With a well-implemented document management system, staff can begin automating processes—such as student onboarding—allowing them to focus on what truly matters, engaging with students and ensuring they settle in.

Imagine a world where admissions teams no longer struggle with managing electronic signatures or distributing onboarding documentation. Lecturers, too, can automate aspects of grading and reduce time spent on document management, allowing them to prioritize teaching.

As AI and machine learning become more developed, universities will more clearly recognize the ROI of implementing a document management system, because they have the foundations on which to build. Content management systems are also good because staff can drive their own automation workflows through APIs and low-code applications — by leveraging ready-made templates and automation solutions from community- and vendor-driven marketplaces. This goes a long way in helping universities navigate the pressures they face today.

Of course, implementing a document management system requires an initial investment. However, these systems improve over time, and the reputational and financial risks associated with a serious cyberattack can be significantly reduced. Ultimately, universities can fund these improvements by reallocating savings from reduced manual processes and avoiding the costly consequences of a data breach.

The time to update was yesterday

Universities can no longer afford to ignore document management, especially as competitors modernize and make better use of artificial intelligence and machine learning. These threats will only grow over time. By addressing these issues now, universities can save on costs, boost employee and student morale, and refocus on what truly matters: education.

We've compiled a list of the best OCR software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• id Software's Doom: The Dark Ages is facing crashing issues on handheld gaming PCs
• The issue appears to stem from outdated drivers on AMD Ryzen Z1-powered handhelds like the Asus ROG Ally
• It seems that neither AMD nor id Software are reponsible, but rather the handheld PC vendors like Asus and Lenovo

The long wait for id Software's Doom: The Dark Ages is finally over, as the Premium Edition, providing two days of early access, is now available - but if you're using any AMD-powered handheld gaming PC, it's probably best to steer clear for now.

As reported by our friends over at PC Gamer, Doom: The Dark Ages is unplayable on handheld gaming PCs, notably those using AMD's Ryzen Z1 chips, due to constant crashes. This is evident in the video provided by PC Gamer, which sees the game crash in a matter of seconds due to an AMD driver failure.

I can corroborate the same crashing issues; while booting into the game's campaign was all fine (on my Asus ROG Ally Z1 Extreme), it didn't take any longer than 10 seconds for the game to come to a crashing halt. This would result in either a black screen, with the game still audible in the background, or worse, artificating - however, the blame seemingly isn't on id Software and its new title.

(Image credit: ID Software)

Since the game requires the latest AMD Adrenalin 25.5.1 graphics driver - which is the first prompt shown upon startup - the crashes are to be expected on these handhelds. And that points directly towards the issue; the Asus ROG Ally and the Lenovo Legion Go that use AMD's Ryzen Z1 Extreme processors are more often than not running on outdated graphics drivers.

This lack of driver support from Asus and Lenovo has been an ongoing issue since the launch of these handhelds, resulting in games that either can't be played at all, or suffer from frequent crashes, as they require newer drivers to function well.

I've seen this occur with games like Call of Duty: Black Ops 6 and The Last of Us Part 2 – the former tends to have driver crashes in the game's 'Zombies' mode, and the results can't be replicated on a desktop gaming PC that has access to the latest drivers. It's leaving some handheld gamers without a solution, as sideloading (manually installing newer drivers) doesn't always work - and can easily result in 'Code 43' errors, which I encountered numerous times.

This is one of the main reasons why my Asus ROG Ally is collecting dust

It's bad enough that Microsoft's Windows 11 and other applications like Armoury Crate have numerous bugs and slow responsiveness; throwing in the lack of driver support from handheld PC vendors literally stops users from playing certain games.

You could also argue that Doom: The Dark Ages is technically not even released yet (since it's early access), but these issues don't appear to stem from the PC port. This is a support issue, and one quick look at the latest graphics driver available on Asus' ROG Ally support page will show you that the latest driver at the time of writing was in February earlier this year.

I'm lucky enough to have a powerhouse gaming PC to dive into games with ease, but for those who bought a Ryzen Z1-powered handheld to be their primary gaming device this just isn't good enough. Sure, nothing is perfect, but devices that cost a lot should at the very least be supported in the long run.

You may also like...

• Grand Theft Auto 6 is the first truly ‘next-gen’ console game I’ve seen and the only one that’ll make me ditch my gaming PC for months
• Forget the Nintendo Switch 2 – MSI’s surprise new Steam Deck rival could be the handheld gaming device to get without costing a fortune
• Intel’s latest boasts about its integrated graphics makes me less excited for the Nintendo Switch 2 - and more hyped for the MSI Claw 8 AI+

• The final scene of Andor season 2 was planned from the very beginning
• Two members of the Star Wars show's cast have known how it would end for years
• Its final shot will make fans look at sequel film Rogue One in a new light

Diego Luna and Adria Arjona have revealed how long they've known about Andor season 2's incredibly bittersweet final scene.

Speaking to TechRadar ahead of season 2's launch in late April, the pair admitted that it's been a long time since they were first told about the Star Wars series' last scene.

In fact, it sounds like Luna and Arjona have been aware of its ending since development began on Andor's first season, so it's a secret they've had to keep for many years. And, as Arjona told me, holding onto that information for so long hasn't been easy.

Full spoilers immediately follow for Andor season 2 episode 12 and Rogue One: A Star Wars Story.

Hang on... is that Cassian's child?! (Image credit: Lucasfilm/Disney+)

The final scene of Andor season 2 – and, with the Disney+ show ending after two seasons, the last one we'll ever see – reveals that Cassian and Bix, the characters that Luna and Arjona portray, have become parents.

After we watch Cassian and his android bestie K-2SO fly off to meet Galactic Empire informant Tivik on the Ring of Kafrene – a scene that directly leads into the events of 2016's Rogue One film – we're reunited with Bix on Mina-Rau. Viewers will remember this Outer Rim world as the place that Bix, Brasso, Wilmon, and B-2EMO fled to after Andor season 1's finale.

Meanwhile, in season 2 episode 9 we learn that Bix made the heart-breaking decision to leave Cassian so he could focus on helping the burgeoning Rebel Alliance topple the Empire. It's pleasing, then, that we're reunited with Arjona's fan-favorite character one final time before one of the best Disney+ shows ends.

Bix's difficult decision to leave Cassian in season 2 episode 9 makes complete sense now (Image credit: Lucasfilm/Disney+)

What many fans might not have anticipated, though, is that Bix was pregnant when she left Cassian. Season 2's final scene not only confirms this because, well, Bix is cradling their child when we're reunited with her, but it also appears old enough for months to have passed since she gave birth. Each three-episode arc in season 2 takes place a year after their forebear, which is why Bix is a mom when we meet her again.

It's a big reveal, the bittersweetness of which is three-fold. For one, it's clear that Bix made the incredibly tough decision to leave Cassian to keep their baby safe. Then there's the fact that, if Cassian had learned that Bix was pregnant, he would have given up his role in the embryonic rebellion to enjoy a peaceful family life with Bix and his newborn.

The most tear-jerking part of all of this, though, is that Cassian never learns he's become a father. After helping the Rebel Alliance to acquire the Death Star plans on Scarif in Rogue One, Cassian dies when the Empire's now-operational, planet-killing superweapon destroys Scarif, i.e. the planet he and numerous other rebel fighters are unable to flee after the successfully steal the Death Star's blueprints.

#andor #AndorSeason2 #andorspoilers cassian died for a sunrise he never got to see. pic.twitter.com/QxTpUZX5CRMay 14, 2025

Armed with the knowledge that Cassian is survived by Bix and a child he didn't know he had, fans won't view Rogue One in the same light ever again. That's something Luna teased at length in the lead-up to season 2's arrival and, following episode 12's release, now we know why he was so insistent on Rogue One being a completely different viewing experience once everyone had finished watching Andor on one of the world's best streaming services.

"I knew [how season 2 would end]," Luna, who also serves as an executive producer on Andor, told me.

"From the beginning, we knew what the ending was going to be and we were always aiming for it. We all knew where we were going from the outset and, with this being a prequel to Rogue One, we understood the assignment. I think that's what makes this show different – we had an ending in mind, we stuck to it, and I hope it makes people re-watch Rogue One in with an entirely new perspective."

We knew what the ending was going to be and we were always aiming for it

Andor actor Diego Luna

As for Arjona's worries about slipping up and revealing Andor's official ending ahead of time, she said: "He [showrunner Tony Gilroy] told me pretty early on during season one's development. It was a big secret to keep and I'm not very good at keeping them – I get a little overexcited! But, I kept this one because it's so important to the story we wanted to tell.

"Tony gave me a very good idea of what season two's story was going to be when I initially signed onto the project," Arjona added. "Then, when he was writing season two, he told me it was going to end with that shot.

"Most showrunners or just people in the industry, they'll tell you something to get you sign up to something and then not follow through on that promise. But, everything Tony told me is exactly what happened and I'm very grateful for his honesty."

Andor seasons 1 and 2 are out now in their entirety on Disney+.

You might also like

• 'This episode shows you what people are willing to risk': Diego Luna and Star Wars: Andor's cast break down season 2's heart-shattering eighth chapter
• 'Everything I could have hoped for': Andor star Genevieve O'Reilly reveals why Mon Mothma's famous speech in the Star Wars show meant so much to her
• Read about all of the new Star Wars movies and shows that are in development

As a family tech expert, I’ve seen social media and tech companies do some pretty incredible things. But Google’s plan to roll out Gemini, its AI chatbot, to users under 13, is wild. They gave notice to parents in an email, but it felt much more like a warning than a warm invitation.

So, why are they doing this? No one’s really sure, although Google is simply just joining Instagram, Snapchat, and a whole host of other platforms in the race to bring AI to nearly every facet of our lives.

Children, though, are much more vulnerable than adults — especially when it comes to online interactions. Here are my top 5 concerns about Google’s recent and reckless decision in opening up Gemini to kids 13 and under.

1. It’s teaching kids to outsource thinking and creativity from a very early age

Young kids need to be practicing writing, drawing, and critically thinking with their own minds — not using scraped words and images dredged up from the depths of the internet.

Chat GPT is already proving to be a breeding ground for cheating and shortcuts in schools. Giving younger kids instant access to Gemini will only accelerate this introduction to cutting corners when it comes to learning and being creative.

2. Misinformation is rife on the platform

When an AI platform like Gemini provides completely wrong information, it’s called a “hallucination.” That’s a quaint way of saying “making things up that are total nonsense.”

Google even says in its FAQs about Gemini in the Family Link app that “[Hallucinations are] a strange term, but it basically just means that Gemini sometimes gets things wrong or says things that aren’t true. [They] can sound real, and Gemini might even say them confidently.”

For adults, these types of errors may be easy to recognize and ignore, like saying that the capital of France is Cairo. But for kids, they may not know when to double-check a simple answer — let alone something complicated or nuanced. This sort of defeats the purpose of having Gemini help with homework for children.

3. Inappropriate content can present dangers to kids

Gemini can also act as a chatbot “friend” for kids, which presents multiple dangers. Other similar chatbots have been blamed for exposure to sexual content and even one child’s suicide.

Of course, Google has stated that the Gemini for kids will have safeguards, but there’s never a guarantee that inappropriate things won’t slip through the cracks — especially when these AI platforms regularly hallucinate.

Fortunately, apps like Bark can monitor your child’s saved photos, videos, and even text messages for inappropriate content they may save or share from Gemini.

4. Personal info that’s shared can be hacked

Sharing personal information — from sensitive emotional states to home addresses to personal photos — with an AI platform is vulnerable because everything can be hacked. If someone were to gain access to your child’s Gemini chats, it could be stressful and even dangerous.

Hate speech and bias can be conveyed in Gemini responses

The way AI platforms like Gemini work is by scraping the totality of the internet for similar information — information that was written by other humans.

That means that human biases and viewpoints can be presented by Gemini as truth, which we now know isn’t even always true.

Because AI platforms provide answers based on information that humans created, it can mirror prejudices that exist in the data it’s fed with. This can include harmful positions about marginalized groups.

Final word

At the end of the day, technology is just another tool that can make our lives easier, but it’s just that — a tool, not a necessity.

Even though calculators are used every day in advanced math, kids still learn how to count, add, subtract, multiply, and divide the old-school way in elementary school.

The same should go with AI platforms like Gemini when it comes to writing, thinking, and being creative.

Checkout our comprehensive list of the best AI tools.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Here are the answers for The New York Times Mini Crossword for May 14.

The modern IT landscape is growing more complex every day. It’s predicted that more than $5.61 trillion will be spent on IT this year as companies continually expand their estates.

This perpetual growth means that keeping track of everything within the IT infrastructure is becoming increasingly challenging and many organizations operate with significant blind spots in their networks.

This gives rise to the ‘unknown unknowns’ – devices that are unmonitored and unmanaged but can still access critical corporate assets. These are the most dangerous kinds of security gaps, creating vulnerabilities that cannot be closed because they are not even on the radar.

It’s time to get past any assumption that “what you can’t see won’t hurt you” – cyber attackers are specifically hunting for the hidden vulnerabilities that organizations overlook.

The problem with traditional IT asset management

These security gaps aren’t typically the result of a lack of effort or investment, but a natural byproduct of IT and security teams either not having the right tools or not using their tools effectively. Some teams discover 15-30% more devices that were totally off their radar even though they have been conducting manual audits regularly.

Much of this false sense of security is the result of traditional tools that aren’t capable of seeing the big picture. Many agent-based scanners and on-premises security tools only give a narrow view and fail to detect all assets on the network. A device might appear to be secure through the metrics of one tool but actually lack critical controls when linked with other data across the system.

This is exacerbated by highly fragmented IT landscapes. Siloed teams and disconnected tools make it impossible to achieve a unified approach to security. Each team might believe they have control of what they can see, but their data doesn’t align. Without an easy way to correlate and compare data and processes, the dots won’t be connected.

Inefficient, manual-heavy processes also limit teams to conducting periodic audits. With IT environments evolving on a daily basis, these audits are outdated the moment they’re completed.

Why these gaps are the biggest security risks

The cracks in security visibility can appear in multiple forms. One of the most common issues is employees accessing corporate systems via unmanaged devices. This is particularly prevalent when Bring Your Own Device (BYOD) policies are combined with flexible working but without the controls to back it up. Many people are still accessing corporate data using home laptops that are completely outside of the IT department’s control. This situation means ignoring a threat sitting right on your network.

We also often find networks containing dormant or misconfigured assets that appear to be safe and compliant on the surface. Our data finds around 10% of devices lack essential cybersecurity controls, and 20% aren’t properly configured. In the worst case scenario, controls aren’t functioning at all.

Audit reports may also indicate that a system is offline, but it is actually still communicating with corporate networks and, therefore, still an active security risk.

These unseen and unsecured devices are highly vulnerable to cyberattacks, providing an opportunity for threat actors to gain a foothold in the network without triggering any security alerts. Compromising an unmonitored personal machine offers a cybercriminal an easy path in, enabling them to access sensitive information on the network and exploit channels like email for Account Takeover (ATO) attacks.

How organizations can close the visibility gap

If an organization doesn’t know an asset exists, it has no chance of securing it. So how do teams start finding and accounting for these dangerous unknown unknowns?

The first step is to equip IT and security teams with the right tools, along with the expertise and processes to use them. We often find companies have invested heavily in a full suite of solutions, but many of them aren’t being used effectively or may be unnecessary for the company’s needs.

This means that, even with these investments, they may not have a clear picture of the security health of their estate. It’s not about frequency, it’s about approach. To reliably find and close these gaps, security teams need both a complete view of their entire network and everything accessing it, and the assurance that this picture is completely accurate and up to date.

A Cyber Asset Attack Surface Management (CAASM) strategy is central to achieving this visibility and control. This takes a highly automated approach to asset discovery, building a list based on what is actually connected to the network and accessing systems, rather than an outdated inventory.

Once a clear and accurate picture of all assets has been established, it’s possible to start delving into how secure each device is. This means establishing if the right security controls are installed, whether they are actually functional, and if they have been properly configured. Proper validation is essential – it’s never enough to just assume controls are working.

From here, it’s crucial to keep up continuous, real-time monitoring for all assets. Again, automation is key as manually correlating IT asset data is impossible at scale. Automated tools can compare access logs with IT inventories in real-time and flag inconsistencies.

It’s also important to move away from device discovery alone and account for application access patterns. Security teams should have a clear view of what devices are accessing key applications and data so that they can spot anomalies such as access attempts from devices outside the managed asset list.

Eliminating the blind spots for good

Security frameworks like Cyber Essentials, ISO 27001 and NIST CSF can provide a good starting point for prioritizing security needs and improving visibility. However, organizations need to foster a culture where unidentified assets are proactively identified and secured. Even a single unmanaged device can open the door to a major breach, so detecting them must be embedded into daily operations, not treated as an annual or quarterly audit task.

The reality is that many organizations are unaware of the extent of their IT blind spots and have a chance of closing the gaps with their current capabilities. If you don’t have full visibility, you’re making security decisions based on incomplete data. It’s like locking your front door while leaving the windows wide open – and then pulling the blinds down so you can’t see the issue.

Check out the best IT asset management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• SaaS sector lags behind others in sustainability awareness and industry
• Digital emissions are growing fast and AI is accelerating the environmental impact
• EcoSend runs entirely on renewable energy and serverless digital infrastructure accountability

Sustainability isn’t a word most people associate with SaaS. Unlike sectors that rely heavily on physical infrastructure or global logistics, the software industry often escapes scrutiny when it comes to environmental impact.

With the carbon cost of digital activity rising, especially in the era of AI, that’s starting to change.

Since launching just over two years ago, EcoSend, an email marketing platform, has run entirely on renewable energy and serverless infrastructure. I spoke with the James Gill, the company’s founder and CEO, to understand what’s holding SaaS back from being truly sustainable, and what it will take for the industry to lead, not lag, in building a greener digital future.

What does being sustainable mean to an online business like yours? How do you gauge/monitor your sustainability?

At EcoSend, sustainability isn’t just a buzzword or an afterthought. It is baked into our very DNA as a company.

Since we launched EcoSend just over two years ago, we have run our platform on fully renewable energy and the latest ‘serverless’ technology. Being ‘sustainable’ means that our planet has to be at the heart of every decision we make, and every corner of our product. Historically, SaaS businesses have avoided the level of scrutiny around sustainability which other industries have been exposed to.

Companies operating in hardware, transportation, supply chains etc have started adapting to more sustainable practices as a result of this scrutiny. We strongly believe that SaaS companies should adapt in the same manner, to actively lead us all towards a better future, rather than continuing to lag behind.

To help us monitor our commitment to sustainability, we don’t just rely on internal processes, but external accreditation and reporting. We are certified by ‘Green Small Business’, as well as members of the Good Business Charter, Pledge 1%, and Terra Carta. In addition to this, we are currently in the process of certifying as a B Corp.

As a SaaS provider, what are the biggest obstacles you've encountered in your journey towards being more eco-friendly?

One of the greatest challenges we face is common to many businesses working in the sustainability space, and that is a lack of awareness. Few people are aware of the carbon cost of our digital activities, and yet if ‘The Internet’ were a country, it would be the fourth most polluting nation in the world.

Taking email specifically, over 360 billion emails are sent per day according to research by Statista. Each email can have a carbon cost of up to 26g. Yet few marketers are aware of the environmental impact of their campaigns. While many of us can understand the impact of boiling a kettle, the impact of digital activities like sending an email seems harder to wrap one’s head around.

So the first challenge is raising awareness. Secondary to that challenge is motivating change.

It is one thing for a company to be aware of the environmental impact of their online activity, but to motivate them to migrate their email service provider, data and campaigns is another.

We dedicate a lot of effort to making migration as easy as possible for companies, to help remove the inertia associated with changing software. This includes custom import tools and dedicated onboarding sessions with our support team to facilitate the process for companies who are keen to make the switch.

In an ideal world, what would it take to get publishers like us to report more on ecological credentials of SaaS providers?

I believe a starting place would be better awareness of the scale of the challenge. Digital emissions often sit behind reporting on other high-emission activities, such as air travel. But the ‘invisibility’ of digital emissions should not mask its scale nor its impact.

With the recent, meteoric rise in AI, the impact of digital emissions will only continue to grow and be more keenly felt.

The ‘carrot’ motivation to SaaS companies to improve their sustainability credentials will only get us so far. But increased coverage by publishers in the digital sustainability sector will lead to increased regulation across the ecological credentials of SaaS companies. This will play an additional ‘stick’ factor in motivating companies to change to better practices and reporting. Both are required in order to facilitate change.

EcoSend has sustainability built at its core as its USP. How different is the make-up of your audience compared to your peers?

We are fortunate to work with hundreds of dedicated B Corps, charities, and purpose-driven organizations, for whom the concepts of sustainability and holistic capitalism are ingrained in their core ethos.

Our clients are ambitious and determined to grow profitably, but the key difference is that this growth never comes at the expense of people or the planet.

Whether they are entrepreneurs, SMEs, or large corporations; we learn so much from our client’s efforts to drive forward digital sustainability, and we’re delighted to support them in their mission.

AI has been hailed as the solution to the sustainability conundrum and the destroyer of forests. What's your take on this?

The rise of AI presents both threat and opportunity. The deciding factor will be in how AI is deployed. ChatGPT is currently estimated to use around 39.98 Million kWh per day. That’s more than the annual energy consumption of over 100 nations.

Frivolous usage of AI will only hurtle us further down a path we shouldn’t be on. That said, if we can consciously harness AI, we can use it to create a better future. Whether it’s automating complex ESG reports, evaluating the sustainability credentials of a large supply chain, or increasing the efficiency of corporations’ admin tasks; there is scope for AI to serve us, rather than contribute to our demise.

If the use of AI is both limited and conscious, then I believe it can be a solution to the sustainability challenge. Unfortunately, current trends seem to show the opposite is the case.

Where do you go from here? How do you get even more sustainable?

We are currently in the process of certifying as a B Corp. The process to apply and maintain B Corp certification will ensure our company is held to B Corp’s high standards for ethical and sustainable business practices. Through this application, we will hold ourselves publicly accountable to ensure we ‘walk the walk’ of sustainability, ethics, and community across our company, software platform, and supply chain.

Beyond our B Corp application, we regularly review how to improve our sustainability credentials. These reviews have prompted us to take a more active role in our local community, through volunteering at food banks and conservation sites across London.

One example of ways we have evolved - we have always sent a gift to our Enterprise clients every Christmas. We switching from sending hampers to instead sending donations to Beam - an organization that supports people experiencing homelessness in the UK to find stable work and accommodation. We have so far sponsored over 50 clients via our partnership.

In addition, we recently added a new tree-planting partner to our ecosystem to improve the monitoring and reporting of where our clients’ trees are planted.

While we are proud of what we’re doing, we know the world needs more - more from us, and more from all businesses. We are excited to push ourselves to do ever more to protect our home planet and inspire others to follow.

You might also like

• These are the best email providers you can use right now
• SaaS or DaaS? The pros and cons of using emerging data services
• Enhancing SaaS app security: Best practices for cloud protection

• Jessica Jones is making a comeback in Daredevil: Born Again season two
• Krysten Ritter has confirmed she's returning as the character she introduced on Netflix in 2015
• Ritter alluded to "much more in store" for the character

Talking about Daredevil: Born Again season two alongside Charlie Cox at the Disney Upfront presentation, Krysten Ritter has officially announced her return as Jessica Jones.

According to Variety, Ritter said, “It’s so great to be back… I’m so excited to bring back this iconic character, and without giving too much away, there is much more in store for Jessica Jones. This is going to be an incredible season!”

When Netflix canceled its Marvel TV series, and Disney Plus resurrecting some of the characters, it was probably just a matter of time before the Defenders found a new home.

Charlie Cox's Daredevil was the first – returning as "a really good lawyer" in 2021's Spider-Man: No Way Home, Vincent D’Onofrio's Kingpin appeared in Hawkeye and everyone was delighted to see the reintroduction of Jon Bernthal's The Punisher in season one of Daredevil: Born Again.

And now, it’s exciting to know that Ritter’s Jessica Jones will continue the fight alongside Daredevil after The Defenders ended on Netflix.

That said, we don’t know exactly what her role is going to be in season two. It could well be a small one, but Ritter hinting that there’s “much more in store” for her character lends gravity to this announcement. And, as we saw in The Defenders, the two characters align well, so it makes sense for the two to pair up again.

The nine-episode first season wrapped up in April on Disney Plus and we’re yet to find out when the second season will release – but here's everything we know about Daredevil: Born Again season two.

Why Jessica Jones' return is a smart move for Disney

(Image credit: Netflix)

While I'm excited to see the return of Jessica Jones, it also makes sense from a financial standpoint for Disney because it might well be cheaper. A series centered on a grounded investigator with super strength – but not Hulk-level strength – should be much cheaper to make than the stunt-heavy Daredevil.

Sure, Disney doesn't necessarily need to pinch pennies; however, Andor – which will complete its second and final season this week – was originally slated for four or five seasons and I find it hard to believe its reported $645 million cost had nothing to do with it.

I am, of course, speculating and we really don't know what the future holds for Jessica Jones, but Ritter is a great actor, and I personally rank Jessica Jones just behind The Punisher. Even my parents, who wouldn’t touch a Marvel movie with a 10-foot pole, enjoyed the latter when it was on Netflix.

If Disney can take lesser-known characters like Jessica Jones, get good actors to play them and create grittier, realistic stories with some superpowers sprinkled in, it could be a successful show that might cost closer to $100 million. Unlike The Acolyte, which despite a promising premise, suffered from weak writing and performances that held it back.

We don’t yet know if Mike Colter (Luke Cage) or Finn Jones (Iron Fist) will join the MCU in the future. I'd be interested to see how they'd play in these new-look series – but, for now, I’m excited to see my favorite alcohol-loving, super-strong detective back in action. Teaming up with Daredevil is just a bonus.

You might also like...

• Amazon confirms surprise December launch window for Fallout season 2 and renews the popular Prime Video show for a third season
• The Bear season 4 and Alien: Earth release dates have been revealed, and it's worth keeping your Hulu subscription for
• When is Captain America: Brave New World going to be released on Disney+?

Stop counting sleep without counting coins; CNET's sleep experts have assembled the best budget-friendly mattresses that will punch above their price class in quality.

• ChatGPT’s Deep Research feature can now export reports as PDFs
• The PDFs come complete with tables, images, and citations
• This update makes it easier to archive, share, and even reuse ChatGPT’s research in other tools

I've spent a lot of time experimenting with ChatGPT’s Deep Research feature, and I've produced all kinds of strange (though comprehensive) reports. There's always been a notable gap in its functionality, though, until now. OpenAI has augmented the Deep Research feature with the ability to export your reports as fully formatted PDFs. No more ChatGPT links or screenshots necessary to share what I've learned about the Lake George monster.

It's a small interface upgrade, but one that feels like it should have been built into Deep Research from the beginning. Here’s how it works. You make your Deep Research report or pull up one from a while ago, then click on the share icon at the top of the page. You'll see that the usual 'share link' button now has a companion 'download as PDF' button. One click and your report will be a fully formed, citation-rich PDF in your downloads folder.

This export option isn't universally available at the moment. You'll need a subscription to ChatGPT Plus, Team, or Pro. Enterprise and Education users don’t have it yet, but OpenAI said it’s coming soon. That's good, as students and professionals are among those I would bet would use Deep Research the most.

Deep PDF

You can now export your deep research reports as well-formatted PDFs—complete with tables, images, linked citations, and sources.Just click the share icon and select 'Download as PDF.' It works for both new and past reports. pic.twitter.com/kecIR4tEneMay 12, 2025

With downloadable PDFs, you can finally do all the things you’d expect to do with your research. That might mean putting it with other research projects, sharing it with teammates, or just attaching it to an email as part of a bet you're going to win.

So yes, this is just a PDF button. But it’s a PDF button that fixes what used to be one of ChatGPT’s more frustrating aspects. Now, with downloadable PDFs, you can finally do all the things you’d expect to do with your research: archive it, share it with teammates, attach it to an email, or even – this is my new favorite – upload it to another AI.

Yes, really. With the PDF in hand, I popped it into Gemini’s NotebookLM, Google’s own experimental research assistant. Suddenly, the AI was summarizing my Deep Research report, making flashcards, and suggesting related reading. Then I tried uploading the same PDF into a podcast tool and got an AI-generated episode script out of it. Which means, in a roundabout way, ChatGPT just became a content pipeline. One that exports research and lets other tools remix it into whatever format you need.

And that’s a huge deal.

Because the more AI tools we use, the more we’re going to need bridges between them. OpenAI doesn’t need to be the everything app, but it does need to be interoperable. Giving users a PDF option is low-hanging fruit, sure, but it’s also the kind of fruit that lets you bake an entirely new pie. It makes Deep Research portable. It gives it legs. It means I don’t have to keep 14 tabs open just to reference a well-organized write-up on the history of Japanese vending machines.

Of course, OpenAI’s implementation still has quirks. It’s a little confusing that the “Download as PDF” option isn’t in the main chat share menu. Most people will assume it’s not there unless they know where to click. And for a company whose whole pitch is about reducing friction and increasing clarity, burying this behind a second share icon feels oddly off-brand. Still, I’ll take “slightly hidden but fully functional” over “completely missing” any day.

More importantly, this change signals something else: OpenAI is listening. Maybe not always quickly. Maybe not always intuitively. But enough people have clearly asked for this (or screamed about it on Reddit) that it finally happened. And in a product landscape where most updates feel like AI models arguing over who’s better at summarizing Aristotle, it’s refreshing to get a feature that solves a real-world problem.

You might also like

• I test AI agents for a living and these are the 5 reasons you should let tools like ChatGPT Deep Research get things done for you
• I pitted ChatGPT Deep Research against Gemini Deep Research - here's how Google's free tool compares to OpenAI's paid offering
• I tried Deep Research on ChatGPT, and it’s like a super smart but slightly absent-minded librarian from a children’s book

Hints and answers for the NYT Connections: Sports Edition puzzle, No. 233, for May 14.

The new owner of VPNSecure says it didn't know about the lifetime deals when it bought the VPN provider two years ago.

Walmart Plus Assist members who order deliveries from stores need to keep an eye on their basket totals. The retailer has brought back an old fee for some orders.

The new Samsung Galaxy S25 Edge combines some of Samsung's best technology from its leading flagship phones and adds some new wrinkles to deliver an exciting new Android smartphone that is already widely known as one of the slimmest handsets on the market.

It doesn't have a new chip, but the one it has, the Qualcomm Snapdragon 8 Elite for Galaxy, is the best you can possibly get for Android. It lacks a telephoto lens, but includes the equivalent of Samsung's best 200MP camera. It's a mostly uncompromising smartphone that promises virtually every feature you could find on the more expensive Galaxy S25 Ultra (save the S Pen).

But what you're paying $1,099.99 / £1,099 / AU$1,849 for is an incredibly svelte titanium frame, one that feels thin and, at just 163 grams, exceptionally light. Even though I know the specs - 5.8mm – I struggled to find a way to put that measurement in perspective.

That's why I brought a small collection of quarters to my first hands-on experience with the Samsung Galaxy S25 Edge. I think a stack of quarters next to Samsung's newest Galaxy S phone helps contextualize these thickness claims.

Is it as thin as a stack of six quarters? What about five? And how does that compare to other phones, even classic thin handsets of a bygone era?

That's the thing about thinness. It seems to go in and out of fashion. Sometimes we prefer zaftig for, say, the battery benefits it offers, and other times, we grow weary of carrying all that extra weight and dream of paper-thin phones.

Thin phones, though, have their risks.

The arc of time bends

(Image credit: Getty Images)

When we think back to the icon of handset thinness, the iPhone 6 Plus, many of us also less than fondly remember bendgate. That was when Apple built a 6.9mm thick iPhone that could not stand up to a butt, or at least withstand being squeezed between a butt and a hard surface like a chair or concrete ledge.

A year later, Apple followed that up with the 7.1mm iPhone 6s and, after that, the iPhone 7, which featured a reinforced, higher-grade aluminum. That ended Bendgate and, for a time, our desire for ultra-thin phones.

Now, though, they're back. Apple is reportedly prepping an iPhone 17 Air that might surpass even the S25 Edge in thinness. Samsung, though, has the edge, working on thin phones even before the S25 Edge release.

Company execs told me that Samsung's work on its folding line has well prepared it for building this slim handset. Unfolded, the Galaxy Z Fold 6 is just 5.6mm thick. Yes, even thinner than the S25 Edge.

If you're wondering why the S25 Edge is a couple of millimeters thicker than the Z Fold, remember that Samsung can split that device's 4,200 mAh battery between the two halves. Samsung had to fit the S25 Edge's 3,900 mAh battery into a single 5.8mm panel.

Could this little slice of technology heaven lead to another "bendgate"? I doubt it.

The flat titanium band surrounding the S25 Edge's body is far more rigid and less bendable than the all curved aluminum body of the iPhone 6 Plus. Also, Samsung is using the brand-new Gorilla Glass Ceramic 2 on the display to further strengthen the phone.

It was with all this in mind that I pulled out my stack of quarters and got to work measuring true thinness based on a coin scale.

Image 1 of 4

(Image credit: Lance Ulanoff / Future)Image 2 of 4

(Image credit: Lance Ulanoff / Future)Image 3 of 4

(Image credit: Lance Ulanoff / Future)Image 4 of 4

(Image credit: Lance Ulanoff / Future)

• Classic iPhone 6s (7.1mm): 4 quarters
• iPhone 16 Pro Max (8.25mm): 5 quarters
• Samsung Galaxy S25 Ultra (8,2mm) 5 quarters
• Samsung Galaxy S25 Edge (5.8mm): 3 quarters

While this isn't an exact science, the modern US quarter has reliably remained at 1.75mm thickness since at least the 1930s. Still, my results make sense when you compare the actual thickness of each phone in millimeters. The S25 Edge is the clear leader.

My tiny experiment proves that in the most physical sense, the Samsung Galaxy S25 Edge is one of the thinnest phones on the market. Sure, it might not seem like much of a test. But, hey, what else was I going to do with this stack of quarters?

For now, I suggest you head to a Samsung retailer to at least touch the super-thin Galaxy S25 Edge for yourself. Quarters are optional.

You might also like

• Hands on: I spent time with the Galaxy S25 Edge and it's ...
• Samsung Galaxy S25 Edge: price, design, cameras, and ...
• I didn't think I'd care about the Samsung Galaxy S25 Edge