Technology

• Xiaomi unveils Super Xiao AI
• The AI assistant looks incredibly similar to Apple Intelligence
• This wouldn't be the first time Xiaomi has taken inspiration from Apple

Xiaomi has unveiled its next-generation AI assistant, Super Xiao AI, and it looks... very familiar.

The upgraded AI voice assistant is "thoughtful and capable" of handling more complex tasks than the previous version of Xiao AI, Xiaomi says. The new voice assistant also looks incredibly similar to Apple Intelligence; it could almost be a direct clone of the Cupertino giant's own AI feature suite.

When typing text into Super Xiao AI, you'll immediately see the similarities with Apple Intelligence's Type to Siri feature – even the shape of the text box and logo placement are the same. One user on X also demonstrated the similarities between Super Xiao AI and Apple Intelligence's Writing Tools.

so xiaomi’s new “xiaoai” intelligence just released...does this look familiar? lol pic.twitter.com/A1moE3NvnqNovember 13, 2024

Judging by the above, Xiaomi's AI Writing feature is a borderline copy/paste job of Apple's UI; it even includes the new ability to enter prompts to direct the AI writing tool, just like the new update to Writing Tools in iOS 18.2.

Super Xiao AI is part of a wider software update coming to the best Xiaomi phones running HyperOS 2, including the Xiaomi 15 and Xiaomi 14.

Not the first time

Xiaomi HyperOS in action (Image credit: GSMArena)

This isn't the first time the Chinese company has taken inspiration from its North American competition. Xiaomi's MIUI operating system looked incredibly similar to Apple's Control Center design iOS 17, and the company even adopted similar UI elements in the MIUI Camera app and Settings.

It's not a surprise to see brands copy Apple's gorgeous UI design, but Xiaomi's approach is so blatantly obvious that it can often take away from the company's excellent products. While I've heard many tech journalists rave about Xiaomi smartphones (we ourselves described the Xiaomi 14 Ultra, for instance, as the "king of the camera phones"), as an iPhone user, I'm more familiar with the company's attempts to clone iOS than I am with Xiaomi devices.

To quote Oscar Wilde, "Imitation is the sincerest form of flattery that mediocrity can pay to greatness." But why does a company that is so far above mediocrity continue to imitate? Super Xiao AI might end up trumping Apple Intelligence as the best AI voice assistant, but it will be hard for the AI model to ever get rid of its tag as an Apple clone.

You might also like...

• Apple Intelligence "changed my life" says Tim Cook
• iPhone 16 Pro review
• I've used Apple Intelligence Writing Tools and it supercharges the Notes app

This handy power station is lightweight, practical and under $100 at Amazon right now.

Generative AI may transform video game design, but the first playable title is just bizarre and fascinating.

• Android Home Screen icon shapes could soon be customizable
• The change has been spotted in the latest Android 15 beta
• Android did previously have this option back in Android 11

While Android 15 has now been officially pushed out – to Pixel phones, at least – there will be plenty more updates coming to the operating system over the next few months, and it looks as though an old customization feature could be making a return.

As spotted by tipster Nail Sadykov (via Android Authority), the latest Android 15 beta includes a hidden option to adjust the shape of the home screen icons from the standard circles. It's a design tweak that's not been available since back in Android 11.

It looks as though there are six different icon shapes to pick from, including the standard circle and square shapes, as well as a star-like shape. The customization doesn't actually work right now, but the relevant screens can be enabled.

This is no guarantee that the feature will ever see the light of day, but it's definitely something Google is considering. The option was previously banished with the arrival of Android 12 in 2021, as the customization settings were simplified.

Keep on customizing

iOS 18 is now more customizable than ever (Image credit: Apple)

Android has always been the mobile OS of choice for those who like tinkering with layouts and interfaces. You can even install an alternative launcher like Nova or Niagara if you want to reskin the entire look of the software.

In recent years though, iOS has been catching up: iOS 18 includes options for breaking away from the traditional home screen grid layout, and lets you tint the colors of the home screen icons to match the wallpaper. Perhaps Google has realized it needs to up its game.

There's plenty more that's new in the latest Android 15 beta, as outlined in the Android Authority report: we can look forward to improvements to the Do Not Disturb feature, as well as a native Linux Terminal app that will please the true Android enthusiasts.

As for when we'll see it appear for everyone, that's not clear. Pixel owners should get the update soon-ish – Android 16 is apparently only seven months away – but Samsung Galaxy phones aren't getting the Android 15-based One UI 7 before next year.

You Might Also Like

• Android 15 makes indoor navigation easier
• 5 new Android 15 features worth trying
• Android 16 is going to turn up early, Google says

More than 7 out of 10 of the most visited websites share your personal data with third parties – even when you explicitly withdraw your consent.

This is the worrying finding from the 2024 State of Website Privacy Report by privacy solution provider Privado.ai. After looking at the 100 most visited websites in the US and Europe, experts found that around 75% aren't compliant with current privacy regulations enforced across the regions.

These alarming low rates of non-compliance show how privacy laws alone aren't enough to protect your privacy. Using one of the best VPN apps and other privacy software remains the best bet you have to take back agency over your data.

Most US and European websites are at risk of privacy violations

Experts scanned the 100 most visited websites in the US and Europe in September 2024 to verify consent compliance with the California Privacy Rights Act (CPRA) and General Data Protection Regulation (GDPR) respectively. To do so, they used Privado.ai's automated consent monitoring technology.

The team was especially surprised to see that 74% of European websites analyzed didn't honor opt-in consent as required by GDPR. US websites rank for a very similar rate of non-compliance, with 76% not respecting opt-out consent as required by CPRA. For both regions, experts note, the majority (99%) of non-compliance "was due to data sharing with advertising third parties without proper consent via a network request."

Despite these similar results, as the graph below shows, US websites are three times more at risk of breaching privacy laws than those in Europe. Roughly half of the websites in the report were media publications, alongside e-commerce, lifestyle, healthcare, finance, technology, and government sites.

The average of non-compliant websites is three times higher in the US compared to the one in Europe. (Image credit: Privado.ai)

According to Privado CEO Vaibhav Antil, the reason for such high non-compliance rates lies in how marketing technology constantly changes on websites.

"With modern privacy laws now in place, websites have added cookie banners in an attempt to comply, but the banners are usually misconfigured," he said. "Privacy teams need continuous consent testing on websites to ensure compliance."

Unsurprisingly, privacy fines are also rapidly increasing in both regions. Europe is especially leading the way in targeting increasingly larger fines on companies violating the GDPR, rising from $77.5 million in 2019 to $2.1 billion in 2023.

"In the US, there were almost no privacy fines before 2022, and now there is one every month," experts wrote, adding that with the CPRA amendment to the California Consumer Privacy Act (CCPA) going into effect in February 2024, "privacy fines from California are expected to pick up even further."

Saying that, bigger and bigger fines alone often fail to make a concrete change. A researcher at Proton, for instance, found that after only a week into 2024, Big Tech earned enough to pay off all 2023 GDPR fines.

How to take back control on your privacy online

These results clearly show how consent pop-ups aren't enough to protect your privacy online, with many websites struggling to comply with current data protection laws. Your information looks very likely to be breached, time and time again if you don't equip yourself with some extra help.

This is why using a virtual private network (VPN) is still crucial to boost your anonymity when browsing the web, even in countries where strict privacy laws are in place. A VPN encrypts your internet connection to prevent third-party access while spoofing your real IP address location for extra privacy.

Do you know?

(Image credit: Future)

Black Friday is the time of year to subscribe to a new VPN service as some of the top providers axe their pricing during the biggest shopping season. Check out our Black Friday VPN deals hub to get the most out of today's sales before it's too late.

Opt for a VPN with built-in web tracker-blocker tools – most providers offer this extra protection nowadays. Today TechRadar's top pick, NordVPN, recently upgraded its Threat Protection tool to ensure it's effective in malware and phishing protection.

I also recommend switching to a more secure web browser. The likes of Brave, Opera, and Mozilla Firefox are known to be more privacy-focused, and they come with both a built-in VPN and ad-blocker software.

Tor Browser is the best choice to boost your privacy even further as it acts like both a browser and a VPN at the same time – and it's completely free to use. Beware, though, that its three layers of encryption protection may slow down your connection.

Lastly, you might want to consider a data removal service, like Incogni, to help you exercise your right to be forgotten, as per privacy laws. These services send requests to data brokers for you asking to delete all the data they already have on you.

• New Zerocam app lands on Android promising 'natural photography'
• App calls itself an 'anti-AI' camera app that removes 'artificial effects'
• The app needs a subscription for full access and unlimited photos

A new Android app called Zerocam has just launched to give photographers a more natural alternative to the over-processed snaps that many phones shoot by default.

Zerocam is already available on iOS but has now come out of beta for Android. The app has a simple, stripped-down interface and shoots in the raw format – an option that is already available in many other camera apps.

However, like Halide's Process Zero feature (which is iOS-only), Zerocam differentiates itself from other apps in its treatment of that raw photo. If left untouched, the raw file will look flat and lifeless, so Zerocam applies a custom-made LUT (Look Up Table), which is similar to a preset or filter. This promises to be much less heavy-handed than the computational processing most phones apply automatically.

Instead of an oversharpened or overprocessed shot, Zerocam told us its aim is to produce more subtle shots like those from "small pocket digital cameras." The app also applies noise reduction and lens corrections to achieve that look.

The downside is that you'll need to pay a subscription to fully unlock Zerocam and shoot unlimited photos – $0.99 / month or $10.99 a year. So you'll need to weigh whether its simplicity is worth the automation of tweaks you can achieve manually in some of the best camera apps.

Analysis: Cook according to taste

The Halide app's Process Zero mode (above) has a similar, stripped-down philosophy to Zerocam, but is iOS-only. (Image credit: Lux Camera)

Rather than being 'anti-AI,' apps like Zerocam are really more anti-computational photography. Since the Google Pixel 4, computational processing has revolutionized the best camera phones and taken them to new heights – but for many, it now goes too far and produces unrealistic, flat photos that fall apart when you crop into them.

There are ways to get simpler, more camera-like photos from your phone, but this usually involves shooting in the raw format and manually editing your snap to taste using apps like Snapseed or Lightroom. Apps like Zerocam and Halide's Process Zero feature are here to fill that gap, albeit at a price.

It's a similar trend to the one that's seen the return of film cameras – rather than trying to mask the limitations of smaller, cheaper cameras; these apps encourage users to embrace the physical drawbacks of smaller sensors and take snaps like the cameras of the past.

Whether you prefer that or the incredible processing skills of the best Android phones is a matter of taste, and there's no correct answer. But computational photography certainly isn't going anywhere, so it's good to have alternative options – even if they do, unfortunately, come with a subscription sting.

You might also like

• Best camera apps 2022: the finest photo-taking apps for iPhone and Android
• Android camera apps could soon get a big upgrade for photo pros
• I review cameras for a living – and this app has made me a better photographer

Netvue's Birdfy will bring all the birds to your yard for under $150.

• Experts found six malicious apps built for macOS
• The Apple IDs used to sign the apps have been revoked
• The malware was likely just an experiment

North Korean state-sponsored threat actors have been seen targeting macOS users with fake games and crypto tracking apps built with Flutter.

Cybersecurity researchers at Jamf recently found several apps on VirusTotal which seemed completely benign, yet connected to servers in North Korea, which was deemed “stage one” malware functionality.

There are two particularly interesting details about this malware. First - it was created with Flutter, an open source user interface (UI) software development kit created by Google. It allows developers to build natively compiled applications for mobile (iOS and Android), web, and desktop (Windows, macOS, Linux) from a single codebase.

Six malicious apps

One of the apps was called 'New Updates in Crypto Exchange (2024-08-28).app', and others were labeled in a similar manner. Yet, when opened, they ran open-source minesweeper games and similar.

Flutter, which uses the Dart programming language, provides obfuscation to the malicious code by design, the researchers said. Therefore, the malware was not that easy to spot (hence appearing as benign in VirusTotal).

The second interesting detail is that the apps were signed and notarized by a legitimate Apple developer ID, which means that at some point, they passed Apple’s security checks.

Jamf found a total of six apps, five of which were signed by a working Apple developer ID. It has been revoked in the meantime.

Yet, the researchers believe that the apps were never meant to be a part of an actual hacking campaign, and that they only served as an experiment.

“The malware discovered in this blog shows strong signs that it is likely testing for greater weaponization,” they added. “This could perhaps be an attempt to see if a properly signed app with malicious code obscured within a dylib could get approved by Apple’s notarization server, as well as slide under the radar of antivirus vendors.”

Via BleepingComputer

You might also like

• D-Link routers are being hacked to steal customer passwords — but it says there is no patch
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

Want to ditch streaming and buy MP3s and FLAC files instead? Here are the top places to buy music you can keep forever.

If Apple's rumored iPhone-friendly home camera arrives in 2026, here are the features it's likely to bring for HomeKit users.

• Stellar Blade developer Shift Up is targeting a 2025 PC release per earnings report
• It is expected to outsell the original PS5 version
• The growth of Steam and success of Black Myth: Wukong as listed as contributing factors

Developer Shift Up has stated that a PC release of recent action-adventure title Stellar Blade is being considered for 2025.

The information comes from the company’s most recent earnings report, specifically its Q&A section. In response to a question about the “expected date of platform expansion” for the game, the developer said that “the release is being considered within 2025”.

Shift Up also expects that the PC version will outperform the original PlayStation version: “considering recent trends such as Steam’s expanding market share in the AAA game sector”. The huge success of Black Myth: Wukong, a soulslike from Chinese developer Game Science that sold 18 million copies within two weeks, is also listed as a contributing factor.

“We expect the performance on PC to exceed that on consoles,” the studio said. In response to another question, some interesting information was also shared about the potential future of the Stellar Blade franchise. Shift Up stated that it plans “to maintain the IP’s popularity” until the PC release by continuing to release “content patches and updates” such as the long-awaited Nier: Automata DLC.

We were big fans of Stellar Blade when it first released for PS5 on April 26 this year, awarding it a glowing four and a half stars. Our Stellar Blade review praised its deep combat system, which offers a wide range of possible moves, in addition to the stunning set pieces and top-notch environmental design.

Stellar Blade is one of the currently confirmed PS5 Pro games, offering special enhancements on the platform. PS5 Pro owners can experience two additional graphics modes: Pro and Pro Max. While Pro runs at a buttery-smooth 60 fps, Pro Max offers 4K resolution at around 50 fps. We’ll have to wait and see what kind of performance players will be able to squeeze out of any potential PC version.

You might also like

• Sony executive says PS5 Pro pre-orders are “performing slightly stronger" than pre-orders for the PS4 Pro
• Sony CEO says the company started working on the PS5 Pro well before the PS5 launch, "it was another five-year project for us"
• PS5 Pro vs PS5: comparing specs, design, dimensions, features, and more

The sooner you open one of these CDs, the more you stand to earn.

• 90% of enterprise data is unstructured, but AI could help manage this
• Box AI Studio and Box Apps are coming in 2025
• A new Box Enterprise Advanced subscription also arrives

Top cloud storage provider Box has announced a suite of new AI features to help enterprises manage their content better as part of the company’s journey from a file-sharing platform to one that offers intelligent content management.

The new Box AI Studio and Box Apps are designed to change the way large companies interact with unstructured data, which is estimated to account for around 90% of all enterprise data.

To top it all off, the company also announced the introduction of Box Enterprise Advanced, which packages the Box Intelligent Content Management platform into a single offering for the company’s biggest customers.

Box wants to tackle unstructured data

“Innovation in LLMs has transformed our ability to more easily structure that data, freeing it from data silos and connecting it with business processes," noted Box CEO Aaron Levie.

From January 2025, Box AI Studio will enable enterprises to have more customization over how they apply AI to their content by creating tailored Box AI agents with their preferred AI model from Box’s list of providers.

With Box AI Studio, admins can create, test and deploy agents to enhance workflows, switch between different models with ease and develop custom prompts for specific tasks.

The second of two new product offerings, Box Apps, is now available in beta. Its primary function is a no-code tool for building applications for content-centric processes, like contract management and invoice processing. The company envisions the tool being used by HR, marketing, legal, accounting and sales teams, where administrative work hinders worker productivity.

As Box begins to reach more enterprise customers with generative AI functionalities, it also pledged to helping them adhere to regulatory and compliance obligations with Box Archive.

Apart from handling long-term content preservation, it also promises to be a useful tool for those recovering content from ransomware attacks, which are on the rise.

The announcements culminate in the launch of the Enterprise Advanced subscription, which includes Box AI Studio, Box AI Apps, Box Forms, Box Doc Gen, Box Archive, 500GB file uploads and enhanced developer tools with a higher API allocation. The new plan will also be available in January 2025.

You might also like

• We’ve listed the best cloud backup tools
• Keep sight of your data with the best file managers
• Box Hubs wants to make sure all your workers get the right info just when they need it

It doesn’t officially arrive until November 29, but the Black Friday deals have already begun.

Amazon is reportedly shuttering its free platform, so what happens now?

Formula 1 racing is the pinnacle of precision and efficiency. As we gear up towards the global finale, this season’s races have shown us that securing pole position is not just about the driver’s skill or the car's performance but also about the efficiency of the pitstop team. This high-stakes, carefully executed process provides invaluable lessons for tech teams operating in today’s rapid and demanding business landscape.

In Formula 1, every second lost in the pitstop is a second lost on the track. Similarly, fast-paced tech teams must prioritise efficiency and quick decision-making. In critical situations where reducing time to market is essential, this can significantly impact a product’s success or failure. By adopting the pit crew's approach—emphasizing precision and coordinated teamwork—tech teams can drive their projects toward success.

Enhancing team coordination and efficiency

Pitstop crews are highly coordinated, with each member having a clearly defined role that contributes to a seamless operation. Similarly, across nuanced and complex tech projects, it’s paramount that team members have clearly defined roles. When each member understands their specific contributions, teams can avoid costly overlaps and gaps.

For example, during a software development project, clear role definition helps in delineating responsibilities for front-end developers, back-end developers, and UI/UX designers. This allows teams to work in parallel without waiting on each other’s tasks, much like a pit crew where tire changers, refuelers, and mechanics work without interference.

Building trust and empowerment within teams

In high-pressure environments like Formula 1 and product development, trust among team members is essential. Teams that trust each other’s expertise and ability to execute can operate more fluidly and make decisions faster. Creating a culture where team members feel empowered to think independently can enhance this trust and improve overall performance.

One way to build this in a tech environment is through regular team-building activities that not only boost morale but also help in forming personal bonds that translate into professional trust. Additionally, encouraging open communication and sharing of ideas without fear of criticism can foster an inclusive and collaborative atmosphere.

Leveraging technology to boost performance

Just as F1 teams use technology and data to cut down pit stop times, tech teams can use modern methodologies to enhance their operational efficiency. For instance, adopting lean principles can help teams identify waste in their processes and eliminate it, thus speeding up the development cycle without sacrificing quality.

Moreover, leveraging robust software and project management tools can streamline coordination and oversight of complex projects. For example, cloud-based project management platforms enable real-time tracking of progress, resource allocation, and deadline management. These help maintain a bird's-eye view of the project landscape, allowing team leaders to keep the project moving swiftly and efficiently.

Leadership that maintains direction

The role of a pit crew chief is crucial as they oversee the entire operation, making sure everyone is synchronized and performing at their best under pressure. Similarly, tech team leaders must maintain composure and provide clear direction during critical phases of product launches or when unexpected challenges arise.

An effective project leader, like an F1 crew chief, must be able to assess situations quickly and guide their team through effective decision-making processes, ensuring every member remains on track. This might involve pivoting project directions in response to test feedback or market changes, ensuring the product remains competitive and meets user needs.

Vision-driven execution and continuous improvement

A clear, compelling vision is crucial for driving teams toward success. In F1, the vision is clear—optimise each stop to win the race. In tech, the vision might be to innovate continually and lead the market in user-centric products. Leaders must keep this vision clear and integrate it into all aspects of project management and team culture.

Continuously improving based on feedback loops—from users, stakeholders, and team members—can help tech teams adapt and excel. This is similar to how pit crews analyze every second of their operations to refine and speed up their processes for future races.

By embracing the efficiency, teamwork, and strategic planning of Formula 1 pit crews, tech teams can achieve greater productivity and push the boundaries of what they can deliver in their competitive fields. This strategic approach not only speeds up development cycles but also builds a strong foundation for sustained success and growth.

We've featured the best business intelligence platform.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

It’s been clear, over the past few years, that the UK’s public sector has faced significant financial struggles – grappling with issues ranging from deteriorating infrastructure to the immense operational and financial pressures on the NHS. Chancellor Rachel Reeves revealed a £22 billion “black hole” in public finances this year, and this doesn’t necessarily come as a huge surprise.

This challenge is so stark, that the Local Government Association has found that nearly one in five local councils are likely to be facing bankruptcy by March 2025 – with the County Councils Network forecasting a £54 billion funding shortfall facing England’s local councils over the next five years.

The day-to-day running of these buildings is economically demanding, especially in a climate of decreasing funding and inflation of energy costs, which alone are adding over £95 million to the total council spending bills in 2023/24.

Technology, however, can offer hope. New modelling from Vodafone UK and WPI Strategy shows how 5G-powered digital technologies could reduce energy bills and improve energy efficiency, when applied to public buildings like hospitals, schools, and leisure centers.

The research found that technologies like digital twins – virtual models of buildings – enable engineers to remotely monitor and optimize building performance, quickly identifying maintenance needs and opportunities for cost and energy efficiencies. The Internet of Things (IoT) enables communication between devices, whilst smart sensors installed across public buildings can enhance data collection and analysis.

Collectively, these technologies have the potential to reduce carbon emissions by 1.43 million tons of CO2e annually when installed across the public estate. To put this into context, that’s the equivalent annual electricity usage of almost 300,000 homes – more than every house in a city as large as Leeds.

Implementing these technologies could reduce UK energy bills massively, saving £580 million of public money annually.

These technologies already exist, but they will have much greater potential on a 5G Standalone (SA) network. As opposed to the current 5G network, which only uses upgraded technology in its masts and also partly relies on 4G technology, 5G SA is a fully upgraded network in all its components – from radio, to access, transport and core – that solely uses 5G technology.

Driving efficiencies in NHS hospitals

On average, 47,000 people visit hospitals every day – given their size, the volume of technology used and the high demand for their services, they are expensive to run. However, by deploying digital twin technology powered by 5G, they could save a total of £219.7 million every year.

Digital twin technology would enable engineers and hospital management to study the running and energy usage of hospital buildings remotely and in detail to identify where they can drive energy and cost efficiencies.

These digital twins can also help hospital management better understand patient capacity, with sensors on beds powered by IoT allowing staff to work out which beds are free and where, even as they move around the hospital.

Protecting our leisure centers

The cost of keeping leisure center pools heated has meant that more than 1,000 pools have closed since 2010 and a further 1,500 are at risk of shutting soon, which is a concerning trend. These sites not only offer health and wellbeing for many, they act as hubs that are so vital to local communities. Worryingly, people believe these centers are the second public building most at risk of closure due to struggling finances, according to recent polling by Vodafone.

However, seamlessly connected devices through a 5G SA network and IoT could save leisure centers up to £72.1 million per year – allowing managers to monitor temperature, lighting and water quality in real-time, through interconnected sensors and smart meters. This will allow optimal swimming conditions to be maintained whilst not wasting energy on heating and lighting.

Helping leisure centers to not only reduce their carbon footprint but also save much-needed funds means that other resources and facilities could be upgraded.

School’s out, lights out

The size of schools, matched with the fact that not all classrooms are always in use (with long periods of inactivity on weekends and during holidays) means that energy and water efficiency can be a challenge in schools.

With 5G-enabled sensors, they could save up to £94 million per year. These can offer 24/7 monitoring of heating, ventilation, lighting and plumbing systems, which helps facilities managers identify minor issues before they turn into major problems; and allows them to control heating and cooling systems according to class and holiday schedules.

The 5G SA network means that these sensors can process this data at a much faster rate – increasing the efficiency of maintenance operations and saving time, energy and money.

When will we see this in action?

It is clear the Government is acutely aware of the need to drive cost efficiencies wherever possible in the public estate – but not everyone realizes just how helpful technology can be in making this happen. In fact, 66% of people in our survey said they’re not aware of the impact technology can have on buildings seeking to reduce energy use, which inevitably leads to financial savings.

Our research shows that 5G-powered technologies across public buildings could deliver annual savings of £580 million and a carbon saving of 17% in the public estate – going a long way to contribute to our new Government’s goals.

This is why significant digital infrastructure investment is essential to ensure the successful rollout of 5G SA across the UK. Only then will we be able to provide the 5G SA connectivity that critical areas like schools and hospitals need to drive these efficiencies.

As such, we need to continue to think innovatively and collaborate with each other – only then will we be able to fill the “black hole” in our public finances, reinvest in new public sector, and generate economic benefits for the UK as whole.

We've featured the best green web hosting.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Get your hands on a Fire TV Stick for as little as $18 in this sale.

• Security researchers find critical flaws in modems reaching End of Life
• D-Link says it won't patch them, and recommends upgrading the hardware
• There are some 60,000 vulnerable devices out there

Older D-Link routers are potentially vulnerable to more than one critical security issue which could allow threat actors to take over the devices. However, since they have reached end-of-life status (EoL), the company says it will not be releasing any patches, and advises users to replace the endpoints with newer models.

The news comes shortly after we reported multiple D-Link NAS endpoints were found vulnerable to CVE-2024-10914, a command injection flaw with a 9.2 severity score - however the company again said it wouldn’t be issuing a fix, since the affected devices have all reached EoL.

Now, security researcher Chaio-Lin Yu (Steven Meow) found three bugs plaguing the D-Link DSL6740C modem. One is tracked as CVE-2024-11068, has a severity score of 9.8, and allows threat actors to change passwords through privileged API access. The other two are CVE-2024-11067, and CVE-2024-11066, and are a path traversal flaw and a remote code execution (RCE) flaw, with 7.5 and 7.2 scores, respectively.

Tens of thousands of vulnerable endpoints

Roughly 60,000 vulnerable devices are currently connected to the internet, the majority being located in Taiwan. The model isn’t even available in the US, BleepingComputer states, since it reached EoL almost a year ago. With that in mind, D-Link said it wouldn’t be addressing the flaw, and suggests "retiring and replacing D-Link devices that have reached EOL/EOS."

The same model is also vulnerable to four additional high-severity command injection flaws, the publication states, citing information from the Taiwanese computer and response center (TWCERTCC). These flaws are tracked as CVE-2024-11062, CVE-2024-11063, CVE-2024-11064, and CVE-2024-11065.

Users who are unable to replace their routers at the moment are advised to at least restrict remote access, and set secure access passwords, to minimize the chance of compromise. This would be a wise move since routers are one of the most targeted endpoints out there.

You might also like

• D-Link routers are being hacked to steal customer passwords — but it says there is no patch
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

Here are the best disc golf discs that we've tested in the field.