Technology

• NordVPN has just released a new Linux VPN app with a full graphical user interface (GUI)
• A GUI Linux VPN app makes privacy more accessible for Linux users, thanks to rich visual elements
• To install the new GUI version, users need to modify the command of the previous Linux app

NordVPN has just unveiled a long-awaited upgrade for all Linux users – a full graphical user interface (GUI) for its VPN client.

The updated Linux VPN app makes privacy more accessible for the Linux community, thanks to rich visual elements that promise to ease the use of advanced features.

"This launch is a natural progression of our mission to make cybersecurity accessible and seamless for everyone. Whether you’re a seasoned Linux user or new to the OS, we believe this GUI will enhance your NordVPN experience," said NordVPN's CTO, Marijus Briedis.

TechRadar needs you! We want to know what you think about the world of VPNs. Whether you're a novice or a VPN pro, we want to hear your thoughts. Don't worry, though, your responses are completely anonymous, and it takes less than a minute to complete!

To take part, click the link below: https://futurenet.questionpro.eu/tr-vpn

NordVPN new GUI Linux VPN

Briedis explains that the new GUI brings the simplicity of other NordVPN applications to Linux for the first time, all while preserving the reliability, speed, and security users expect from one of the best VPN providers on the market.

This means that everyone using a Linux distro or Linux desktop device can now enjoy all the features offered by NordVPN, including Threat Protection, Double VPN, and a kill switch, within a couple of clicks – no matter if you're a VPN pro or beginner.

NordVPN's GUI Linux VPN isn't a brand new application, the provider explains, but a significant upgrade of its seasoned CLI-based software.

It's important to keep in mind, though, that at the time of writing, NordVPN's Meshnet and some other features remain accessible only via the CLI-based version, which continues to be supported in full.

The GUI for NordVPN Linux app comes with both dark and light modes, so that you can choose the version that suits you best. (Image credit: Nord Security)

"Linux users are an incredibly important part of our community, and we’re thrilled to make their experience even better," said Briedis.

The new GUI version of the NordVPN Linux app also comes with support for post-quantum encryption – an upgrade the company released last October – and its latest censorship-resistant protocol, NordWhisper.

NordVPN joins other popular providers offering a full GUI for their VPN client. These include Surfshark, which launched its GUI Linux VPN in 2022, ExpressVPN, offering this feature since March this year, and Private Internet Access (PIA).

How to upgrade to NordVPN GUI Linux app

NordVPN promises a quick installation that should be familiar to everyone who has installed the CLI version before. The steps are the same, in fact, except for one adjustment.

You now need to specify the command to install the GUI version by typing this in the terminal: sh <(wget -qO - https://downloads.nordcdn.com/apps/linux/install.sh) -p nordvpn-gui

While the GUI is now available through DEB and RPM packages, the provider ensures that a Snap version is coming soon.

You might also like

• A worrying stealthy Linux security bug could put your systems at risk
• Windscribe CEO speaks out against global threats to no-log VPNs
• Is the future of censorship-resistant VPNs, no VPNs?

• Hiking app AllTrails has just released a new subscription tier with AI features
• We asked AllTrails' Chief Technology Officer how AllTrails reconciles AI's environmental impact with the app's mission statement to help people enjoy the outdoors
• He says AllTrails takes steps to reduce energy cost and maximize efficiency when deploying AI features

Earlier this week we reported that hiking app AllTrails had launched a new subscription tier: Peak, a more expensive subscription plan which makes use of AI tools to enhance your outdoor experience.

These tools include a Community Heatmap, a common feature on the best fitness apps such as AllTrails and contemporaries like Strava. The Heatmap shows where other users are often hiking, allowing you to sort trails by popularity.

Other features include Outdoor Lens, which uses your phone's camera to identify plants, insects, and landmarks, and Trail Conditions, which provides up-to-date information on not just weather, but ground conditions, snowpack, and even mosquito activity on different parts of your trail.

The AllTrails Peak subscription tier costs $79.99 / £79.99 (around AU$125) per year, likely due to the cost of the AI being used.

It's well known that AI is an energy-intensive technology – one of the most popular statistics bandied about is that ChatGPT-4 uses the equivalent of 519ml of water, slightly more than an average bottle, per 100-word email generated. This stat comes from the University of California, Riverside, in a study produced in collaboration with the Washington Post.

AI doesn't, therefore, appear to be an environmentally friendly technology to use at the moment, due to its energy and cooling requirements. AllTrails, however, says it's dedicated to preserving the great outdoors that its users love; the company is partnered with the Leave No Trace and One Tree Planted nonprofits, and contributes 1% of its annual revenue to environmental organizations.

When I spoke to AllTrails' Chief Technology Officer, James Graham, about the new subscription tiers, I also asked him if AllTrails' use of AI was at odds with the company's environmental messaging.

Being careful about AI

(Image credit: AlLTrails)

"Great question. That's something we think about with every feature we build," Graham told me.

"Our data scientists take time to build features like this more efficiently... We think about the size of the model, and for many of our features, we don’t need to use the largest, highest-intensity model possible, so we don’t always use the top-of-the-line model which consumes the most energy. We’re very deliberate with how we use it."

AllTrails, it seems, tries to mitigate the impact of AI's power consumption and enormous cooling requirements by using smaller, more efficient models specifically developed to implement its features with minimal impact. But Graham also thinks that as AI evolves, its demands will decrease, telling me, "As new technology comes out, we’re already seeing the energy cost of using AI is going down, and we believe that trend will continue,"

While the energy demands for each individual instance of AI use may decrease, the increasing overall usage of AI could offset these savings. A January 2025 MIT report states that data centers already account for 1-2% of global energy usage: by 2030, this could reportedly reach up to 21% due to the demands placed on AI.

If more developers used smaller models and more energy-efficient processes we might avert this dire prediction. However, while the AI tools used by AllTrails look impressive, and are designed to spur more people to spend more time outside, which can be to the benefit of environmental causes, concerns will persist about AI's wider usage, and what it really means to 'leave no trace'.

You might also like

• The rise in fitness tech subscriptions is a sign that one day we'll own nothing
• Top 6 smartwatches still to launch in 2025
• Whoop subscribers can now get a free upgrade to the latest devices – after a huge user backlash

It's almost time to look up again. A new trailer for James Gunn's Superman movie will be released very soon, and I couldn't be more excited to see more of one of this year's most anticipated new movies.

As confirmed by Gunn on social media (see below), the DC Universe (DCU) film's official trailer will make its debut this Wednesday (May 14). The new teaser is expected to be shown during Warner Bros' Upfronts 2025 presentation first before being released online immediately after.

A post shared by James Gunn (@jamesgunn)

A photo posted by on

Story spoilers notwithstanding, there's plenty of new footage that Gunn could tease in Superman's next trailer. The DCU Chapter One flick reportedly has a runtime of around two and a half hours, so we should be treated to lots of new shots to pore over and theorize about.

Ahead of its release, here are three things I want to see, plus something I think should be avoided in Superman's official trailer.

1. Speak up

Let's hear the likes of Lois Lane (left) talk in the next trailer (Image credit: Warner Bros. Pictures/DC Studios)

The first trailer for Gunn's Superman movie, which arrived last December, was full of great moments. However, aside from a couple of lines uttered by David Corenswet, who plays Clark Kent/the titular Kryptonian, we didn't hear any of the film's other cast members speak.

Superman's next teaser should rectify this. Its initial batch of footage was also about setting up the tone and vibe that Gunn is aiming for with his latest feature flick.

With that firmly established now, it's time that we heard what the likes of Rachel Brosnahan's Lois Lane and Nicholas Hoult's Lex Luthor sound like, including whether they've imbued their takes on these iconic characters with accents we might not have expected.

Update: since this article went live, a 15-second teaser for Superman's next trailer contains a brief clip of Hoult's Luthor speaking. All he says is "Super...man" but, hey, it's something to tide us over until tomorrow!

2. Less Superman, more Clark Kent

How much of Superman's everyday life will we see in his latest big-screen outing? (Image credit: Warner Bros. Pictures)

Surprising no one, the first Superman teaser trailer largely comprised clips of Clark Kent performing superhero acts. We all want to see the eponymous hero doing good, after all.

That said, some of the best Superman stories, literary or otherwise, have explored his civilian life as much as his heroic deeds. So, I'd like to see the film's next round of footage show us more of Clark's life outside of his superhero exploits.

The first trailer suggested Gunn will lean into that everyday aspect of the character, including Clark's day job as a roving reporter for the Daily Planet newspaper and spending time at home with his adoptive human parents. However, it's unclear how much of his civilian life will be examined in Superman, so some new footage of this wouldn't go amiss in its next trailer.

3. Justice for the Justice League International

Metamorpho is one of many supporting characters who'll appear in Superman (Image credit: Warner Bros. Pictures)

Ahead of the first trailer's release, we'd seen how some of Supes' fellow heroes would look in this flick. Indeed, leaked images of Edi Gathegi's Mister Terrific last June were followed by first-look snaps of Isabela Merced's Hawkgirl and Nathan Fillion's Hal Jordan/Green Lantern a week or so later.

Superman's inaugural trailer, though, was pretty light on giving us better looks at these characters and another superpowered being in Anthony Carrigan's Metamorpho. In fact, apart from a couple of blink and you'll miss it shots, they were largely absent from said trailer.

With this quartet set to play supporting roles – we're not sure how much they'll appear, mind you – in Superman, it would be nice if the movie's next trailer showed more of them in action and/or conversing with the Man of Steel himself. I certainly expect there to be some melodrama between this corporately managed super-team and Supes, so give us a taste of what that'll look like, please, Mister Gunn.

4. More Krypto

Who's a good boy!? Yes, you are! (Image credit: DC Studios)

Season 1 of Creature Commandos might have been the first DCU project to be released, but Superman is being positioned as the project that officially kickstarts the DCU when it's released this July.

Gunn and company are labeling the build-up to the film's release as the 'Summer of Superman', too. But, while the Son of Krypton is the movie's lead, there's no denying that he was (and likely will continue to be) upstaged by his boisterous canine companion Krypto between now and launch day.

We've known that Krypto would appear in Superman since leaked images of Mister Terrific tracking him down surfaced in July 2024. Krypto has won everyone's hearts since then, with Kent's most loyal friend stealing the show in Superman's first trailer and latest clip that revealed a jaw-dropping look at the Fortress of Solitude.

Clearly, Krypto is one of Superman's most marketable assets, so it makes sense to put him front and center of any and all promotional materials ahead of the film's release. I fully expect, then, to see more of the unruly, overexcitable pup when trailer #2 drops online.

5. No rehashed footage

Please don't show us clips that we've seen previously... (Image credit: DC Studios/Warner Bros. Pictures)

As I mentioned earlier, Superman will seemingly clock in at around 150 minutes when it flies into theaters in less than two months' time. Sure, its runtime could change between now and then as Gunn locks in its final cut, but let's not worry ourselves about that right now.

If one of the best superhero movies (potentially, anyway) of 2025 is that long, its latest trailer is a prime opportunity to show us plenty of new, non-spoiler-filled footage. It's my hope, then, that trailer #2 won't contain any prior clips or sequences we've seen in its predecessor or other marketing materials.

That said, I expect a shot or two will be reused from the first trailer. It's a rarity for new teasers to be made up of completely new footage we haven't seen before, but it would make for a refreshing change if Superman's latest trailer didn't rehash footage from its forebear. You've got plenty of footage at your disposal, Mister Gunn, so use it!

Superman takes flight in theaters worldwide on Friday, July 11.

You might also like

• New Superman cast rumor links Guardians of the Galaxy star with big cameo role in James Gunn's DCU film
• Creature Commandos star Frank Grillo reveals why Rick Flag Sr will be 'on a mission' for justice in James Gunn's Superman movie and Peacemaker season 2
• James Gunn's DCU got a major update in February – here are 6 key takeaways from the latest press event, including some big Batman news

• LayerX says enterprises are using tens of extensions daily
• Many are built by anonymous individuals
• Some have extensive permissions, putting sensitive data at risk

Browser extensions are increasing the attack surface, putting employees and businesses at risk. This is according to the 2025 Enterprise Browser Extension Security Report, a new paper published by LayerX, a cybersecurity company specializing in securing web browsing for enterprises.

The document was drafted by combining data from public extension marketplaces and real-world enterprise usage telemetry, LayerX said.

The improvements extensions bring to everyday browsing are undeniable, LayerX said, describing them as “ubiquitous”. Virtually all enterprises (99%) have at least one installed, and more than half of analyzed organizations (52%) are running more than ten extensions.

TechRadar Pro readers can get 60% off Premium Plans at RoboForm now!

New users can take advantage of RoboForm’s exclusive deal and get 60% off the Premium Plan. With this deal, you can get unlimited password storage, one-click login & autofill, password sharing, two-factor authentication for added protection, cloud backup, and emergency access for trusted contacts. To claim this deal, visit this link and sign up for the Premium Plan to lock in this huge discount.

Preferred partner (What does this mean?)View Deal

Extensions add risk

Extensions are pieces of software that add features or functionality to web browsers. These can be anything from blocking ads, managing passwords, to enhancing productivity. They can be built by both companies and independent (and anonymous!) developers, and can be found in browser-specific stores like the Chrome Web Store or Firefox Add-ons site.

However, the researchers also claim they are dangerous, since 53% of installed extensions in enterprise environments have ‘high’ or ‘critical’ risk permissions, allowing access to sensitive data. Also, more than 20% of enterprise employees are now using GenAI extensions, more than half (58%) of which also have ‘high’ or ‘critical’ permissions.

Trouble is further compounded by the fact that the identity of the extension’s developer is, in many cases, unknown. More than half (54%) of extensions are published anonymously, and 79% of publishers have only released one extension, “making trust assessment extremely challenging”. Finally, 51% of extensions haven’t received an update in more than a year, while 26% are sideloaded, bypassing security vetting.

To mitigate the threat, enterprises should audit all browser extensions, categorize them to understand their risk profiles, and enumerate and analyze their permissions “meticulously,” LayerX suggested. They should also perform comprehensive risk assessments and enforce adaptive, risk-based security policies.

Via BleepingComputer

You might also like

• US deportation airline GlobalX website defaced by hackers, data stolen
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

• The new owner of VPNSecure has cancelled all ongoing lifetime subscriptions, provoking a backlash among existing customers
• All lifetime deal accounts have been deactivated as of April 28, 2025, "to continue providing a secure and high-quality experience for all users"
• It isn't clear who's currently operating VPNSecure at the time of writing

Does a lifetime VPN subscription really last forever? Those purchased by VPNSecure users certainly didn't live up to their promise.

The new owner of the virtual private network (VPN) provider recently decided to cancel all ongoing lifetime VPN subscriptions, provoking backlash among existing customers.

VPNSecure deactivated all Lifetime Deal accounts on April 28, 2025. It did so, "to continue providing a secure and high-quality experience for all users," the provider explains in an email shared by an impacted account holder on Reddit, who claimed to have received it the day the account stopped working.

TechRadar needs you! We want to know what you think about the world of VPNs. Whether you're a novice or a VPN pro, we want to hear your thoughts. Don't worry, though, your responses are completely anonymous, and it takes less than five minutes to complete!

To take part, click the link below: https://futurenet.questionpro.eu/tr-vpn

The VPNSecure saga

As we can understand from the aforementioned email and public responses that the provider shared on Trustpilot, VPNSecure changed ownership in May 2023.

As part of the transaction, the new company acquired the technology, the domain name, and the customer database – "but not the liabilities," the provider reiterates in almost all the communications seen by TechRadar.

"Unfortunately, the previous owner did not disclose that thousands of Lifetime Deals (LTDs) had been sold through platforms like StackSocial," reads the VPNSecure email, adding that the team discovered this only months after the acquisition.

Interestingly, while a wave of angry customers inundated the provider's Trustpilot page with bad reviews since April 28 (the day VPNSecure allegedly axed all LTDs), some customers began lamenting that their lifetime VPN subscription stopped working way before that.

TechRadar could see that the first of such complaints goes back to May 2023, when VPN Secure changed ownership. The new owner, however, replied to this and other comments only starting from April 28. See image below:

(Image credit: Future)

Another opaque point of the story concerns the current ownership of VPNSecure.

TechRadar contacted InfiniteQuant Ltd, the company listed at the bottom of the VPNSecure website at the time of writing. The firm, however, replied by saying that it has no affiliation with VPNSecure. It said to have filed a formal complaint with the VPN provider, but has not received a response.

Ars Technica, which first reported on the news, also received a similar response with the company pointing out that InfiniteQuant Ltd (the supposedly VPNSecure owner, based in the Bahamas) isn't the same company as InfiniteQuant Capital Ltd, based in the British Virgin Islands.

We contacted the VPNSecure team by email, but we are still waiting for a response at the time of publication.

What we do know, though, is that VPNSecure appears not to have offered any refunds so far, but only one-time exclusive deals on other VPN plans to those affected.

If you're looking for an alternative VPN choice, I strongly recommend checking our best VPN page, with today's top recommendation being NordVPN. Proton VPN is also a great alternative if you aren't ready to give your money to another VPN company, as it offers a reliable free VPN service, too.

You might also like

• Proton promises price drop after US ruling against Apple
• Windscribe CEO speaks out against global threats to no-log VPNs
• Curious about VPNs? We want to hear from you

Nothing has just announced that it's partnering with British hi-fi institution KEF on new audio products that are "the next step in expanding Nothing’s audio journey," according to Andrew Freshwater, Head of Smart Products Marketing at Nothing. The new products are due "later this year."

This kind of partnership between electronics manufacturers and hi-fi firms has a long history, and is littered with plenty of disappointments as well as successes.

I was never sure we got that much from LG and Meridian Audio working together, and Belkin's collaboration with Devialet (arguably not really a hi-fi company, but still) never produced anything I liked. But TCL's work with Onkyo on TV speakers was successful (and the company is now partnering with Bang & Olufsen), while the tie-in between Philips TVs and Bowers & Wilkins produced some stunning results.

(Panasonic's long history of delivering sound tuned by Technics in its products doesn't count; it's cheating if you own the hi-fi company in question.)

I'm optimistic about this collaboration, though, because Nothing has shown itself to be a lot more serious about good audio quality in the last year or so, and KEF has a history of making headphones that sound very fine, but couldn't compete on smart features.

(Image credit: Future)

We were blown away by how good the sound in the Nothing Ear (a) is for the price, and we still rate them as being among the best earbuds around today, with a five-star score.

And the slightly more expensive Nothing Ear are crammed with smart features that work well, and are a strong value. If Nothing is thinking of going higher-end with new earbuds – or perhaps competing with the best over-ear headphones – KEF's a good partner to help ensure the sound is up to standard, while Nothing provides the features.

Not that KEF has a terrible record in smart features – the wireless KEF LSX II LT speakers got a cool five stars in our review.

Let's get fantastical

I also wouldn't be surprised at all if Nothing gets into the world of the best Bluetooth speakers, which could be a real hit if they keep the company's cool see-through aesthetic – and KEF's experience with loudspeakers would obviously be a massive benefit.

Although this is perhaps unlikely for a launch late in the year, since companies generally try to get Bluetooth speakers launched ready for spring/summer in the northern hemisphere.

However, my dream product from this collaboration would be an affordable wireless speaker design that includes KEF's Uni-Q driver. This speaker design puts a tweeter speaker right in the center of the larger woofer dynamic driver, with the idea being that this helps to perfectly align their sound for one unified outcome with big dynamic range. It also gives KEF's speaker their awesome, simple looks.

The KEF Uni-Q driver (Image credit: Future)

I strongly suspect that either KEF would like to keep Uni-Q to itself, or that it would be too expensive to implement – or both.

My money is on KEF doing sound tuning and design advice for Nothing's own designs – but that could be enough to make a big impact. The Nothing Ear (a) already kicked Sony off its perch as the king of value earbuds for us.

Is there something coming for Sony's more premium headphones next, or JBL's portable speakers? Or both – Nothing's statement says that there are "several acoustically co-developed products already in progress".

You might also like…

• AirPods with tiny AI cameras tipped to come in 2027, but that raises a question of what model they'll be in
• Samsung's next pair of affordable Galaxy earbuds could come with a battery boost
• Sennheiser's new AirPods-like open earbuds get official pricing – and they're a bargain, unless you live in the US

• Organisations are spending more on cybersecurity, but that doesn't mean they're confident
• 67% of firms experienced a data security breach in the last 24 months
• Almost a third suffered a breach of data as a result

Most companies (67%) have experienced a data breach in the last 24 months, despite an increase in spending, new research from Pentera shows, with 24% experiencing a breach in the last 12 months, and 43% in the last 12 months.

During these breaches, the most common disruption suffered was unplanned downtime, with 36% of breached organizations impacted. Many firms also suffered a breach of data (30%) and financial loss (28%), showing just how damaging security breaches can be.

Of those who disclosed the impacts of the breach, a shocking 76% reported an impact on the confidentiality, integrity, and/or availability of their data - with only 24% reporting no significant impact.

Save up to 68% on identity theft protection for Techradar readers

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)View Deal

Low confidence

Confidence in cyber support for the private sector is low, with only 14% confident in their government’s cybersecurity support - with 64% of CISOs reporting that the government is giving aid to protect the private sector, but it’s not enough.

US enterprises spent an average of $187,000 annually on penetration testing, or ‘pentesting’, simulating cyberattacks against their own systems to test for vulnerabilities - this amounts to just over 10% of the total IT security budgets, but over 50% of CISOs say they will increase this in 2025.

Changes to company infrastructure, like added users, new configurations, and permission updates, are happening at a much faster rate than security validation, with 96% of US enterprises report making such changes “on at least a quarterly basis, yet only 30% are pentesting at the same frequency,” the report suggests.

“The pace of change in enterprise environments has made traditional testing methods unsustainable,” said Jason Mar-Tang, Field CISO at Pentera.

“96% of organizations are making changes to their IT environment at least quarterly. Without automation and technology-driven validation, it's nearly impossible to keep up. The report’s findings reinforce the need for scalable security validation strategies that meet the speed and complexity of today’s environments.”

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for best antivirus software
• Most businesses can't fill cyber roles leaving huge gaps in defense

• Last week, Anonymous defaced GlobalX's website
• The hacktivists said GlobalX was targeted for deporting illegal aliens
• The company now reported the breach to the SEC

GlobalX, an American airline involved in the Trump administration’s deportation of illegal aliens from the US into El Salvador, Venezuela, and elsewhere, confirmed suffering a cyberattack earlier this month.

In a new 8-K form filed with the US Securities and Exchange Commission (SEC), GlobalX said it “learned of unauthorized activity within its computer networks and systems supporting portions of its business applications,” on May 5, 2025. The company responded by activating its incident response protocol and bringing in third-party cybersecurity experts to assist with containment and mitigation. It also started investigating the nature and scope of the incident, and “took actions” to contain and isolate the affected servers. The police were notified, as well.

GlobalX says it’s currently still investigating the attack, but believes that none of its operations were disrupted or otherwise negatively impacted. The company does not expect the incident to have a material effect, it concluded.

Save up to 68% on identity theft protection for Techradar readers

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)View Deal

Anon strikes

Last week, 404 Media reported that GlobalX was attacked by hacktivists Anonymous, who defaced the company’s homepage and allegedly stole sensitive data. They left a message on the homepage, saying they “decided to enforce the Judge’s order since you and your sycophant staff ignore lawful orders that go against your fascist plans.”

They were referring to multiple court rulings which confirmed that some of those on the flights should not have been deported to El Salvador, and which ordered the Trump administration to bring those people back.

As for the stolen files, the media reported that Anonymous apparently grabbed flight records and passenger manifests for all customers, illegal immigrants included. This was not confirmed, though.

The group shared the information with some members of the media on their own initiative, 404 Media added, also saying that the info could be used to provide “granular insight into who exactly has been deported on GlobalX flights, when, and to where.”

Via The Register

You might also like

• US deportation airline GlobalX website defaced by hackers, data stolen
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

When the first Open Source Security and Risk Analysis (OSSRA) report was published in 2015, the software landscape looked very different. Security teams were just beginning to grasp the implications of open source vulnerabilities, spurred by high-profile ones like the Heartbleed bug in OpenSSL which hit the front pages in 2014.

Developers, meanwhile, were continuing to use more and more open source to accelerate innovation, often without formal processes or visibility in place while their employers were just catching on and trying to get their arms around the issue.

A decade later, and really since the beginning, the OSSRA report has become a widely referenced benchmark for understanding how open source is used, where risks emerge, and how the industry is evolving. The 2025 edition marks its 10th anniversary with a deep dive into thousands of codebases across industries, highlighting trends reflecting progress and persistent challenges.

Open source: from niche to norm

One of the most dramatic shifts revealed by a decade of data is just how central open source has become to modern software development. As of 2015, the portion of open source code in the average audited application had grown to 35 percent. That number has since doubled to 70%. While the percentage has plateaued in recent years, the volume of open source components used has surged along with application complexity.

Ten years ago, a typical application might contain around 100 open source components. This year’s figure has climbed to 981 per codebase on average, an almost tenfold increase. This reflects in part the rise of package managers like NPM and PyPI, which make it easier to import third-party code, a fundamental change in how software is assembled.

The average application now includes hundreds of dependencies, direct and indirect (where one open source component utilizes another) each with its own potential for vulnerabilities, outdated versions, or licensing complications. This increased complexity has made open source management a central issue for development and security teams alike.

License compliance: some progress, some gaps

Early OSSRA reports showed a greater prevalence of license compliance issues, as few organizations were set up to effectively manage the legal obligations associated with open source use. In 2015, three-quarters of audited codebases included license conflicts, situations where software was used in ways that violated open source license terms.

That figure has improved, now standing at 56%, indicating more corporate awareness and policies and better oversight and tooling. The shift to cloud and SaaS delivery models has also played a role, sidestepping some distribution-triggered license requirements. SaaS applications are not immune from license conflicts but the risk is less. Yet compliance remains a challenge, particularly for organizations without robust governance processes.

Notably, the 2025 report finds that 30% of applications include code with no clear license or any explicit permission for use. Copyright law says that using software in any way requires the permissions afforded by a license and most lawyers caution against using unlicensed code.

Misuse of third-party code can lead to significant legal exposure, and often becomes a discussion point during M&A due diligence as acquirers assess their target’s code vis a vis their own corporate policies and standards.

Vulnerabilities: volume Is outpacing control

While license issues remain a concern, security continues to dominate headlines, and OSSRA data shows how open source contributes to the risk. In 2015, 67% of applications contained at least one known open source vulnerability. A decade later, that number has ramped to 86%. Even more striking is the average number of vulnerabilities per application, which has increased from 22 to 154. Part of this can be explained by the ballooning size of codebases, but the report demonstrates that organizations still struggle to manage known risks effectively.

One key challenge for companies incorporating open source into the code estate is to keep up with the latest version as patches. The 2025 OSSRA shows that 90% of codebases contain components that are more than four years out of date. This lag gives attackers a wide window of opportunity, as many of these components are known to be exploitable and patches, in most cases, already exist. In the well-publicized Equifax breach, they were only a few months behind, applying a security patch to Apache Struts, but that was enough for a hacker to purloin the personal information of over 100 million people.

There has been some progress. A decade ago, the average vulnerability found in code was five years old. That number has dropped to 2.8 years, indicating faster response times and better awareness. However, that’s still a lifetime with respect to application security and given the scale and complexity of today’s software, the overall risk surface has grown.

Data-driven decisions

OSSRA’s impact lies in making these patterns visible. Before its first publication, discussions around open source use were largely theoretical and anecdotal. The report continues to raise eyebrows over how much open source is being used. It has helped shift the conversation from “What problems could using open source cause?” to “Wow, how do we effectively manage this?”

That shift has only grown more urgent with the rising focus on software supply chains and increased regulatory scrutiny. Open source is no longer a few obscure pieces of an application; it is the very foundation. And while tools and awareness have improved, many organizations are still playing catch-up when it comes to continuous monitoring, patching, and licensing oversight.

Looking ahead: AI, automation, and a more complex landscape

As the software ecosystem and development processes evolve, the next decade of OSSRA reports will likely track a new set of challenges. Use of package managers will continue to allow development teams to build ever larger, more complex systems. The increasing use of generative AI in software development too will escalate and introduce new forms of open source integration. Developers are already incorporating code suggestions from AI assistants, many of which are trained on public codebases, mostly open source and which raise questions of copyright and licensing.

At the same time, open source large language models are being embedded into applications, raising fresh questions about attribution, governance, and security.

Meanwhile, AI-powered tools may offer hope, helping developers and security teams to manage software development in general and specifically identify and remediate vulnerabilities faster.

The common thread? Complexity. Whether it’s AI-generated code, containerized environments, or sprawling dependency trees, managing open source effectively demands deliberate attention. As part of software due diligence in an M&A transaction, a one-time audit by a trusted third party fits the bill. For an organization to comprehensively manage open sources risks in its own software, demands ongoing diligence, transparency, and a recognition that open source, while free to use, comes with real responsibilities.

Ten years of OSSRA data paints a clear picture: open source is indispensable but far from risk-free. Security and legal risks remain widespread and thus requires managing those issues to be a core part of modern software development. As the ecosystem grows in size and complexity, the OSSRA and reports like it are more essential than ever in helping organizations benchmark their practices and plan and evolve their defenses.

We've featured the best online cybersecurity course.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The credits would stay around for 2025 but expire at the end of the year if the proposal becomes law.

• The S1 II is the first Lumix camera with a partially stacked sensor
• Its design is identical to that of the pricier Lumix S1R II
• It's been announced alongside Lumix S1 IIE and new 24-60mm F2.8 lens

Panasonic has unveiled a trio of new products, headlined by the Lumix S1 II full-frame mirrorless camera, a video powerhouse that delivers a raft of upgrades over the Lumix S5 II / Lumix S5 IIX, which we currently rate as the best video camera for most people.

Chief among those upgrades is a 24.1MP partially stacked sensor – it's the first of its kind for Lumix, but likely the same sensor chip as found in the Nikon Z6 III, and should deliver the speediest performance for any Lumix camera to date.

The upshot includes 4K and 6K video recording up to 60fps from the full sensor area (open gate), a new 5.1K option, ProRes Raw internal recording, a Dynamic Range Boost mode, plus 70fps burst shooting with the option for 1.5 seconds pre-capture.

Panasonic also says the Lumix S1 II's autofocus speed is 1.6x faster than the Lumix S5 II, plus it debuts an Urban Sports autofocus mode, which should recognise the likes of parkour and freestyle football – I'll start doing my warmups now.

The Lumix S1 II, which could feature in our best video cameras guide. (Image credit: Panasonic)

Design-wise, Panasonic has utilized the Lumix S1R II body, meaning the Lumix S1 II features a 5.76m-dot EVF, 1.84m-dot vari-angle touchscreen, and a durable body with generous handgrip – it's probably the best Lumix design to date for prosumers.

The Lumix S1 II body is yours for $2,899 / £2,899 – that's a fraction cheaper than the Lumix S1 R II, but costlier than the Nikon Z6 III – and it's set to be available from June.

The supporting cast features the cheaper Lumix S1 IIE – which again has a Lumix S1R II skin, but inside is the regular 24MP full-frame sensor like in the Lumix S5 II – plus a lightweight L-mount 24-60mm F2.8 lens that's much lighter and cheaper than the pro 24-70mm F2.8 lens.

The Lumix S1 IIE body costs $2,499 / £2,399, while the lens is £899 in the UK. We've yet to see Australia pricing for all of the above, plus US pricing for the lens.

Did Lumix just get expensive?

Panasonic's line of full-frame cameras just got a little more crowded with the launch of the S1 II and S1 IIE – and pricier.

There's natural separation between the new cameras and the Lumix S1R II with its higher-resolution 47MP sensor, despite an identical design, while the compact Lumix S9 is an altogether different proposition.

The Lumix S1 II series are two more 24MP cameras that make the S5 series look somewhat redundant, even if latter is now a more cost-effective option.

That said, while there's enough going for the pricer S1 II with its partially stacked sensor, the 'E' variant mostly packs S5 II tech into a S1R II body, plus it costs a fair whack more. I'm struggling to see a case for it.

The new 24-60mm F2.8 lens, meanwhile, looks like a smart addition to the L-mount, balancing superbly with the latest Lumix full-frame cameras, as I discovered during a hands-on session ahead of launch. It's also much cheaper than the pro 24-70mm F2.8.

(Image credit: Panasonic)

I have a lot of experience with the Lumix S5 II cameras – they're highly functional video-first hybrids. The Lumix S1 II takes things up a notch, and will likely join our list of the best video cameras.

However, the price increase this time around feels uncharacteristically steep for Lumix, a brand I historically think of as a budget choice, especially compared to Sony and Canon. That budget mantle could well be claimed by Nikon now – its Nikon Z6 III feels fairly similar to the Lumix S1 II, and is cheaper, and should give cost-conscious filmmakers pause for thought.

I'm currently testing the Lumix S1 II, and there's no doubt that it's a powerful hybrid mirrorless camera with a comprehensive suite of video recording modes, top-drawer 8EV in-body image stabilization and crop-less electronic stabilization, plus the handy Lumix Lab app, which just got an update. I'll share more thoughts from my real-world testing soon.

You might also like

• Panasonic Lumix S9 review – small, simple, powerful, flawed
• Best full-frame mirrorless camera 2025: top options from Canon, Sony, Nikon, and more
• Panasonic Lumix S5 II vs S5 IIX – key differences explained

• SteelSeries has revealed a limited-edition 'Glorange' variant of its Arctis Gamebuds
• They come in a bright, translucent orange
• They will launch on May 13, 2025, and cost $159.99 / £159.99 and will only be available directly from SteelSeries while supplies last

Gaming accessory brand SteelSeries has unveiled an 'ultra-limited-edition' of one of its very best products: the Arctis Gamebuds.

The new 'Glorange' variant comes in a, well, 'Glorange' colorway - a translucent, almost glowing orange shade. It's bright and attractive and definitely stands out compared to the existing white and black variants.

Image 1 of 3

(Image credit: SteelSeries)Image 2 of 3

(Image credit: SteelSeries)Image 3 of 3

(Image credit: SteelSeries)

I'm a big fan of translucent audio gear, relying on a 'Transparent Red' pair of Beats Solo Buds for most of my portable audio needs, which I mainly picked up because of the small size and cool translucent case.

In terms of features, the 'Glorange' SteelSeries Arctis Gamebuds seem to be identical to the existing PlayStation version. They're compatible with PS5, Nintendo Switch, PC, and mobile, with an expansive selection of adjustable EQ presets selectable via the compatible Arctis app.

This includes more than 200 game-specific presets tailored towards a wide range of titles. This is on top of full spatial audio support (including Tempest 3D audio on PS5) and active noise cancellation.

The buds offer a battery life of more than 10 hours, plus an additional 30 hours via the charging case, plus fast-charging for three hours of play from just fifteen minutes of charge.

We rated these earbuds extremely highly in our SteelSeries Arctis Gamebuds review, where they scored a formidable four and a half out of five stars. We praised the model's superb audio quality, ergonomic design, premium build, and excellent companion app.

They currently rank as the very best gaming earbuds overall in our eyes, so they are definitely the model to pick if you're after a pair.

There is a bit of a catch if you're a fan of 'Glorange', however, as this limited-edition version could be quite hard to get your hands on. They will launch on May 13, 2025, and cost $159.99 / £159.99, but will apparently only be available in very, very limited quantities via the SteelSeries website - when they're gone, they're gone.

You might also like...

• Best PS5 headsets in 2024 - hear better on PlayStation 5
• PS5 Pro specs: how powerful the new PlayStation 5 console is, and how it compares to the PS5
• PS5 Pro vs PS5: comparing specs, design, dimensions, features, and more

Looking for a different day?

A new NYT Strands puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Tuesday's puzzle instead then click here: NYT Strands hints and answers for Tuesday, May 13 (game #436).

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #437) - hint #1 - today's theme What is the theme of today's NYT Strands?

• Today's NYT Strands theme is… Boogie woogie woogie

NYT Strands today (game #437) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• MACE
• NOSE
• FOES
• MOON
• TIDES
• FEUD

NYT Strands today (game #437) - hint #3 - spangram letters How many letters are in today's spangram?

• Spangram has 9 letters

NYT Strands today (game #437) - hint #4 - spangram position What are two sides of the board that today's spangram touches?

First side: top, 4th column

Last side: bottom, 4th column

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #437) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #437, are…

• HUSTLE
• MACARENA
• FOOTLOOSE
• WOBBLE
• LOCOMOTION
• SPANGRAM: LINE DANCE

• My rating: Moderate
• My score: 1 hint

There was no doubt that today’s theme was dance-based, with the spangram narrowing the search down even further – not that I have heard of WOBBLE.

As someone with appalling co-ordination, I live in fear of the LINE DANCE. They are much easier to avoid these days. But when I was younger any kind of family event would involve everyone being corralled onto the dancefloor to perform the Cha-Cha Slide or Superman.

My favorite group dance was to The Gap Band’s Oops Upside Your Head and if memory serves it included everyone crouching down and pretending to row a canoe.

None of this horror can compare to 1990s Spanish language hit MACARENA, a terrifying ear worm that was popular with children who years later realized they were performing a fun dance to a song about adultery.

How did you do today? Let me know in the comments below.

Yesterday's NYT Strands answers (Tuesday, May 13, game #436)

• LAST
• ENDURE
• SURVIVE
• ABIDE
• PERSIST
• PERSEVERE
• SPANGRAM: STAY STRONG

What is NYT Strands?

Strands is the NYT's not-so-new-any-more word game, following Wordle and Connections. It's now a fully fledged member of the NYT's games stable that has been running for a year and which can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.

Looking for a different day?

A new NYT Connections puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Tuesday's puzzle instead then click here: NYT Connections hints and answers for Tuesday, May 13 (game #702).

Good morning! Let's play Connections, the NYT's clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need Connections hints.

What should you do once you've finished? Why, play some more word games of course. I've also got daily Strands hints and answers and Quordle hints and answers articles if you need help for those too, while Marc's Wordle today page covers the original viral word game.

SPOILER WARNING: Information about NYT Connections today is below, so don't read on if you don't want to know the answers.

NYT Connections today (game #703) - today's words

(Image credit: New York Times)

Today's NYT Connections words are…

• BABE
• PSYCHE
• DRAW
• NEO
• MNEMONIC
• BOLT
• KNEE
• WICK
• TED
• HYPER
• PULL
• GNOME
• KILO
• DUMBO
• META
• SUCK

NYT Connections today (game #703) - hint #1 - group hints

What are some clues for today's NYT Connections groups?

• YELLOW: Soak it in 
• GREEN: Start of words in ancient language
• BLUE: Anthropomorphic movie stars
• PURPLE: Can’t hear the first letter

Need more clues?

We're firmly in spoiler territory now, but read on if you want to know what the four theme answers are for today's NYT Connections puzzles…

NYT Connections today (game #703) - hint #2 - group answers

What are the answers for today's NYT Connections groups?

• YELLOW: ABSORB USING CAPILLARY ACTION 
• GREEN: GREEK PREFIXES 
• BLUE: TITULAR TALKING ANIMALS OF FILM 
• PURPLE: STARTING WITH SILENT LETTERS 

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Connections today (game #703) - the answers

(Image credit: New York Times)

The answers to today's Connections, game #703, are…

• YELLOW: ABSORB USING CAPILLARY ACTION DRAW, PULL, SUCK, WICK
• GREEN: GREEK PREFIXES HYPER, KILO, META, NEO
• BLUE: TITULAR TALKING ANIMALS OF FILM BABE, BOLT, DUMBO, TED
• PURPLE: STARTING WITH SILENT LETTERS GNOME, KNEE, MNEMONIC, PSYCHE

• My rating: Moderate
• My score: Perfect

Despite making no mistakes I was unsure about every group today.

With TITULAR TALKING ANIMALS OF FILM I thought that NEO sounded like that could be a character too and was uncertain if potty-mouthed TED belonged in such child-friendly company.

For ABSORB USING CAPILLARY ACTION it was suction I had in mind and picked WICK as a total guess. And for GREEK PREFIXES, I thought we were looking for tech companies but still managed to get it right somehow.

I may have got the group STARTING WITH SILENT LETTERS, but I wasn’t looking for verbal commonalities – maybe I should think of a MNEMONIC to help me to remember to look for wordplay next time.

How did you do today? Let me know in the comments below.

Yesterday's NYT Connections answers (Tuesday, May 13, game #702)

• YELLOW: PLACES TO SHOP BAZAAR, FAIR, MARKET, OUTLET
• GREEN: KINDS OF PIZZA HAWAIIAN, PLAIN, SUPREME, VEGGIE
• BLUE: ENDING WITH COLORS EVERGREEN, INFRARED, MARIGOLD, QUICKSILVER
• PURPLE: ____ CLEANER BATHROOM, DRY, PIPE, VACUUM

What is NYT Connections?

NYT Connections is one of several increasingly popular word games made by the New York Times. It challenges you to find groups of four items that share something in common, and each group has a different difficulty level: green is easy, yellow a little harder, blue often quite tough and purple usually very difficult.

On the plus side, you don't technically need to solve the final one, as you'll be able to answer that one by a process of elimination. What's more, you can make up to four mistakes, which gives you a little bit of breathing room.

It's a little more involved than something like Wordle, however, and there are plenty of opportunities for the game to trip you up with tricks. For instance, watch out for homophones and other word games that could disguise the answers.

It's playable for free via the NYT Games site on desktop or mobile.

Looking for a different day?

A new Quordle puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Tuesday's puzzle instead then click here: Quordle hints and answers for Tuesday, May 13 (game #1205).

Quordle was one of the original Wordle alternatives and is still going strong now more than 1,100 games later. It offers a genuine challenge, though, so read on if you need some Quordle hints today – or scroll down further for the answers.

Enjoy playing word games? You can also check out my NYT Connections today and NYT Strands today pages for hints and answers for those puzzles, while Marc's Wordle today column covers the original viral word game.

SPOILER WARNING: Information about Quordle today is below, so don't read on if you don't want to know the answers.

Quordle today (game #1206) - hint #1 - Vowels How many different vowels are in Quordle today?

• The number of different vowels in Quordle today is 4*.

* Note that by vowel we mean the five standard vowels (A, E, I, O, U), not Y (which is sometimes counted as a vowel too).

Quordle today (game #1206) - hint #2 - repeated letters Do any of today's Quordle answers contain repeated letters?

• The number of Quordle answers containing a repeated letter today is 1.

Quordle today (game #1206) - hint #3 - uncommon letters Do the letters Q, Z, X or J appear in Quordle today?

• No. None of Q, Z, X or J appear among today's Quordle answers.

Quordle today (game #1206 - hint #4 - starting letters (1) Do any of today's Quordle puzzles start with the same letter?

• The number of today's Quordle answers starting with the same letter is 2.

If you just want to know the answers at this stage, simply scroll down. If you're not ready yet then here's one more clue to make things a lot easier:

Quordle today (game #1206) - hint #5 - starting letters (2) What letters do today's Quordle answers start with?

• F

• M

• P

• M

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

Quordle today (game #1206) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle, game #1206, are…

• FAVOR
• METER
• PICKY
• MAKER

Today’s Quordle posed an extra challenge for players who use British English rather than American English, with a word that's spelled differently depending on where you’re based in the world – FAVOR, which is FAVOUR in the UK.

Sometimes trying to think American can trip you up, but today it was a wild gamble, rather than second-guessing US spelling, that led to my error of entering RAZOR instead of FAVOR. Sometimes hunches about rare letters pay off, some days it’s better to go for the more obvious choice.

How did you do today? Let me know in the comments below.

Daily Sequence today (game #1206) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle Daily Sequence, game #1206, are…

• ROBOT
• LABEL
• GREAT
• LEVER

Quordle answers: The past 20

• Quordle #1205, Tuesday, 13 May: SCENT, AGAPE, POLAR, YEARN
• Quordle #1204, Monday, 12 May: ROYAL, ARGUE, BUNCH, READY
• Quordle #1203, Sunday, 11 May: QUASH, MUNCH, ALTER, UNDUE
• Quordle #1202, Saturday, 10 May: RELIC, BADGE, CHAMP, SATIN
• Quordle #1201, Friday, 9 May: MINUS, CRIME, NOSEY, SLAIN
• Quordle #1200, Thursday, 8 May: ELUDE, GREET, POPPY, ELITE
• Quordle #1199, Wednesday, 7 May: QUOTH, TRUNK, BESET, NAIVE
• Quordle #1198, Tuesday, 6 May: UNITE, SOGGY, FILET, PORCH
• Quordle #1197, Monday, 5 May: WREAK, COWER, STEAD, QUEUE
• Quordle #1196, Sunday, 4 May: PINCH, SMOKE, SCARY, CANNY
• Quordle #1195, Saturday, 3 May: PLUSH, VERGE, WROTE, CONDO
• Quordle #1194, Friday, 2 May: CAUSE, RISEN, MACAW, SMELT
• Quordle #1193, Thursday, 1 May: IDIOM, EXILE, SPOOF, DRAPE
• Quordle #1192, Wednesday, 30 April: BATON, TORSO, ANNEX, DROWN
• Quordle #1191, Tuesday, 29 April: HOVER, HENCE, OCTAL, COPSE
• Quordle #1190, Monday, 28 April: JAUNT, ALLOW, FRUIT, BURNT
• Quordle #1189, Sunday, 27 April: PRIOR, YOUTH, CREDO, CHIDE
• Quordle #1188, Saturday, 26 April: LINGO, LOCUS, THROW, CLICK
• Quordle #1187, Friday, 25 April: SHALT, WRATH, MAMBO, HUMPH
• Quordle #1186, Thursday, 24 April: CHOKE, COLOR, FRAME, CAIRN

It’s the final of a world sporting competition. A lot is at stake, including the need for highly reliable and scalable connectivity to provide the most enjoyable experience for attendees and viewers watching on televisions and other devices.

How do you ensure that you can deliver on that? Digital twins.

As a real-time virtual replica of a physical environment, digital twins can provide the ultimate testing ground to iron out connectivity issues long before any actual event gets underway.

Pre-event network planning and simulation, including crowd behavior, test connectivity scenarios, issue detection, and identifying ‘dead’ zones where no data can be up or downloaded, is possible by harnessing a digital twin that is connected to real data streams from sensors, networks, and devices.

With such utility, digital twins are emerging as a key decision support system to guide autonomous networks, reduce the risk of failures and improve outcomes in service operations. As the industry group, TM Forum, said recently: “Digital twin networks can help CSPs better understand the timeframes, processes and resources required for autonomous network implementation, risk of service interruption and reduce much of the uncertainty about the impact of AN use cases on the network.” (TM Forum, 2025)

Introducing the service digital twin

Though network digital twins at the domain level have been around for a while, emerging standards are ushering in the exploration of service digital twins.

These are cross-domain and provide holistic models for understanding impacts on service performance, identifying potential issues due to changes in network behavior, and optimizing efficiency in operations. They offer a simulation environment for planning and operating networks while having a comprehensive view of network entities and their states, traffic, and interactions.

Digital twins also boost business agility and enhance customer engagement by enabling operators to be more agile in responding to market demands. They can also be used to optimize operational processes, thereby lowering costs and managing risk.

Increasing autonomy in operations – is there a catch?

Automation as a concept is not new in operations, but the evolution towards autonomous networks takes automation and AI to the next level.

AI in operations is about learning by leveraging data from different sources, analyzing what happened in the past to predict what might happen in the future, and using this in a preventative way to ensure that services never fail. While AI can predict the network behavior, it doesn’t predict the impact it will have on operations.

Another key element for autonomy is the use of GenAI, which brings in the capabilities to drive more system-led operations, like copilots and assistants, to make it easier to manage networks, auto-generating recommendations to aid decision-making and autonomously deriving resolution actions to fix issues.

While these enable higher levels of autonomy, some big questions still need to be answered around the control of autonomous network operations.

While humans are taken out of the loop to minimize errors, what is the risk of adding AI and GenAI into the loop? More reliance on intelligence coming from GenAI-powered agents carries the risk of potentially biased decisions, erroneous recommendations, or inconsistent outcomes.

Another big issue is AI maturity and how to ensure that the AI recommendations do not trigger adverse impacts on the network. With all these questions still open, there is a need to have a validation, or “watchdog” element, for autonomous networks.

Digital twins offer the solution

The simple answer lies in finding a mechanism to check the validity of recommendations, assessing the impact of actions on the network without directly impacting the network itself, and understanding the “what if” when services are created or fail, new actions are performed, or certain changes take place.

This is where digital twins come in by offering a simulation platform to accurately mimic the network, using intelligent models to assess the impact of network behavior, identify more efficient alternatives, and validate recommendations to achieve higher accuracy in network actions.

The digital twin can simulate various situations, derive the impact, and analyze what might happen to complement the capabilities brought by AI and GenAI. It can help to assess network resilience in different scenarios to identify capacity bottlenecks and manage dynamic service level agreement (SLA) definitions by considering the network behavior patterns to improve efficiency and optimize service delivery.

Most importantly, they offer a ‘production-network replica’ to validate insights, recommendations, and impacts on the network without having to use the network as the object of a trial-and-error experiment.

Real-world use cases of service digital twins

The service digital twin has several real-world applications, all of which contribute to achieving autonomous networks.

The first is service planning. A significant challenge in delivering cross-domain services is checking the availability of diverse resources across multiple domains and technologies. What makes it more complex is that failure in one area can lead to having to roll back the entire service operations, which can be costly, in terms of effort and financially.

Digital twins help predict service feasibility based on anticipated network behavior by leveraging AI-enabled prediction and service modeling capabilities.

Digital twins can also assist with service maintenance. By testing the twin with different data inputs and simulating varying network states and conditions, an environment identical to the real network is formed. This environment can be used to assess the impacts of network changes and maintenance actions on network services and even the end-user experience.

Finally, they can also assist with service operations.

As service digital twins model the service itself and hold a real-time replica of the service state and performance, they can be tested with various inputs to optimize service delivery and performance. This also means that AI-driven recommendations can be validated first on the digital twin before being applied to the network to check for adverse impacts. This is referred to as a “twin-first” approach.

Solving the autonomous networks puzzle

Digital twins are a key piece of the jigsaw puzzle of autonomous networks, which aims to drive network monetization, optimize customer experience, and enhance efficiency while controlling costs.

A “twin-first” approach allows operators to perform impact analysis and validate AI-driven actions before implementation, enhancing reliability and efficiency, and enabling zero-touch, zero-failure operations shaping the future of next-generation networks.

We've featured the best business smartphone.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

A standard for brain implants that would allow disabled people to control devices such as iPhones and the Apple Vision Pro could be available for developers this year.

• The Paper is expected to arrive on Peacock in September
• A first-look image of Domhnall Gleeson has also been released
• Oscar Nunez appears to be the only returning cast member from the original series

The Paper is Peacock's follow-up series to The Office, and we now known it's expected to arrive on one of the best streaming services in September 2025.

Considering The Office is such a comedy staple, this new series has some seriously big shoes to fill. That's not to say it won't work, but considering the disastrous Prime Video series The Office Australia, I am feeling a little nervous about what's to come.

While we don't have a trailer or a concrete release date, we do have the first look at Domhnall Gleeson (see above) standing on a desk with a very familiar face behind him. I recently reported that my favorite character from The Office was returning, and now we can see Oscar Nunez lurking in the background.

What do we know about The Paper?

The Paper is set in the same universe as The Office, and will once again be filmed in a mockumentary style. What connects the two shows is that it's the same documentary crew who followed Dunder Mifflin in the original series which, admittedly, is a fun way to go about it.

This documentary crew is hungry for more, and this time, they're focusing on a historic Toledo newspaper, The Truth Teller, and the publisher trying to revive it, so they've gone from a paper company to a newspaper – another nice connection.

In terms of casting, it appears Oscar Nunez is the only returning cast member. He'll be reprising his role as Oscar Sanchez, who has clearly changed jobs since we last saw him!

Joining him are Gleeson, Sabrina Impacciatore, Chelsea Frei, Melvin Gregg, Gbemisola Ikumelo, Alex Edelman, Ramona Young, and Tim Key, with an array of upcoming guest stars too.

I'll definitely be giving this one a go, I just hope it can reach the great heights of The Office, which I love dearly.

You might also like

• Loved The Office? I highly recommend Steve Carell's new midlife crisis comedy on Netflix
• Netflix is getting a new adult animation series by the BoJack Horseman creator and I'm counting down the days
• Ted Lasso fans are going to love this new Apple TV+ comedy by the looks of the trailer for Stick

Publishers will be able to choose from more than 100 voices across multiple languages to read their books.

• A security researcher discovered a major flaw in ASUS DriverHub
• The flaw allows users to run malicious code remotely
• A patch was already released

DriverHub, ASUS’ official driver management tool, was carrying a critical vulnerability that allowed threat actors to execute malicious code on affected devices, remotely. It was recently discovered, and a patch was released, so users are urged to apply it as soon as possible to mitigate potential risks.

ASUS DriverHub is a piece of software that automatically downloads and installs the latest drivers for ASUS devices including laptops, motherboards, and peripherals. Its goal is to keep the devices updated at all times, without needing too much manual intervention. According to BleepingComputer, DriverHub comes preinstalled on some devices, and constantly runs in the background (which makes sense if it is to keep software updated at all times).

Now, a security researcher with the alias MrBruh said that DriverHub suffered from poor validation of commands. This allowed him to chain together two vulnerabilities, now tracked as CVE-2025-3462, and CVE-2025-3463, and get the tool to run malicious software.

Save up to 68% on identity theft protection for Techradar readers

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)View Deal

Releasing the patch

He reported his findings on April 8, and ASUS came back with a patch ten days later, on April 18. Although, the company says the disruptive potential of the flaw is somewhat limited: "This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints," ASUS said, describing the CVE.

It still “strongly recommended” users apply the patch. "This update includes important security updates and ASUS strongly recommends that users update their ASUS DriverHub installation to the latest version," the company said in a security advisory.

"The latest Software Update can be accessed by opening ASUS DriverHub, then clicking the "Update Now" button." Ironically enough, the tool that handles all driver installs automatically needs to be patched - manually.

According to CyberInsider, the vulnerability window has been open for “an indeterminate period” but since there are no reports of abuse in the wild, it’s safe to assume that MrBruh was the first one to spot the bug.

Via BleepingComputer

You might also like

• Asus patches security flaw which could have bricked servers
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers