Technology

• Phishing emails carrying PDF attachments are on the rise, report warns
• Check Point highlights how hackers love PDFs for customization
• Social engineering attacks using PDFs are also on the rise

At least one in every five phishing emails carries a .PDF attachment, researchers are saying, warning that the popular file format is being increasingly used in social engineering attacks.

A new report from Check Point Research claims PDF-based attacks now account for 22% of all malicious email attachments, making them particularly concerning for businesses sharing large quantities of these files every day.

In earlier years, many of the attacks relied on JavaScript or other dynamic content being embedded within the files. While this approach is still seen in the wild, it has become less common, since JavaScript-based attacks tend to be “noisy” and easier to detect by security solutions.

Email remains one of the most popular attack vectors out there, with more than two-thirds (68%) of cyberattacks beginning this way.

Monitor your credit score with TransUnion starting at $29.95/month

TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.

Preferred partner (What does this mean?)View Deal

Customizing the link

Today, cybercriminals are pivoting towards a simpler, more effective approach, Check Point says - social engineering.

Generally speaking, the attacks don’t differ much from your usual phishing email. The PDF attachment would serve as a launch pad, often carrying a link that would redirect a person to a malicious landing page or a website hosting malware.

That way, the malicious links are hidden from security filters, making sure the files are received straight to the inbox.

Furthermore, placing the link in a PDF gives the attackers full control - they can change the text, the image, or any other aspect of the link, making it more trustworthy.

The files are often designed to mimic trusted brands like Amazon, DocuSign, or Acrobat Reader.

“Even though these attacks involve human interaction (the victim must click the link), this is often an advantage for attackers, as sandboxes and automated detection systems struggle with tasks that require human decision-making,” Check Point concluded.

You might also like

• Private API keys and passwords found in AI training dataset - nearly 12,000 details leaked
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

• Google has updated NotebookLM once more
• It can now search the web and find sources for you
• It's easier than ever to create an AI podcast

Google has updated NotebookLM, its handy learning tool and AI podcast creator, so that it’s easier than ever to add sources. Now you can “search on the web” for sources of information that it turns into an AI podcast, mind map, or which it can answer questions about.

NotebookLM is designed to help you learn anything by breaking down large volumes of information into easily accessible reports and podcasts.

It doesn’t take a genius, however, to realize that its podcasts are so good they could easily replace real podcast hosts talking about literally any subject, and that’s where the new feature from Google leaves me in a bit of a moral quandary.

State your sources

Since I run a tai chi podcast I decided to try out the new feature by asking NotebookLM to see what sources it would find on the subject of tai chi, and I was quite surprised at the articles it found.

There were some academic articles on tai chi in there, as I'd expect, along with articles from various tai chi websites, but also a Reddit discussion offering various perspectives on tai chi’s spirituality, and a YouTube video.

NotebookLM takes all these sources and produces various media for you, including an Audio Overview (it’s basically a podcast) that takes a deep dive into your subject.

It made me ponder whether all those article writers and Reddit commentators were happy that I was using their thoughts as fuel for an AI-generated podcast.

Credit where it's due

It’s not like Google has added any new abilities to NotebookLM – you could always add any source you wanted – but at least you had to add it manually.

Making it actively scour the web to find a curated list of sources for you, without really asking the permission of any of these sources, then turning them into other types of media, does feel a little bit questionable.

If you are using NotebookLM purely as intended - i.e., to learn about a subject I don’t see a problem, but if those AI podcasts that are based on other people’s work, for example, get used in other ways, perhaps as income-generating podcasts, then that doesn’t always feel justified.

You might also like

• How to use NotebookLM, Google’s new AI audio generator that lets you make a stunningly real AI podcast without a mic
• A powerful new AI tool is coming to Chromebooks to vastly increase productivity
• From ChatGPT to NotebookLM, these are the 10 best free AI productivity tools to help you get things done

Commentary: How else will you use the Joy-Cons' cool new mouse feature?

NASA's James Webb Space Telescope captured a glimpse of the asteroid that had a chance of impacting Earth three months ago.

• Businesses still haven't stopped using easily crackable passwords
• Germany, the US, and China suffer the most password breaches
• 123456, password, and qwerty are still being used in 2025

Many businesses are still using weak passwords that can be cracked in less than a second in the event of a brute force attack to secure their accounts, new research from one of the best password managers, NordPass, has found.

Passwords such as ‘123456’, ‘secret’, and even ‘password’ are being used by thousands of businesses across the world, resulting in easy picking for hackers.

The research also found Germany was top in the world for password breaches, with 582,067 incidents, closely followed by the US with 502,435, and China at 448,375.

The password is ‘password’

NordPass’ research used a 2.5 terabyte database compiled from numerous publicly available data sets, including some from the dark web that covered 11 industries.

For enterprise, the most common password in the database was ‘123456789’ with 378,182 uses, followed by the much easier to remember ‘123456’ with 356,341 uses, and just to round it all out ‘12345678’ comes in third with 145,688 uses.

Small and medium businesses don’t fare much better, with ‘123456’ topping the list for both with a total of 852,861 across both business sizes. Other classic passwords such as ‘qwerty123’, ‘abc123’, and ‘iloveyou’ also appear on the list, taking less than one second to crack.

Interestingly, the 28th most used password in NordPass’ dataset was ‘TimeLord12’, possibly suggesting that an IT worker with a love for Peter Capaldi’s work as the twelfth Doctor in Doctor Who was in charge of creating over 30,447 accounts that were later exposed.

NordPass also found many users who didn’t use the most common passwords would often use their own email address as their password, making it fairly easy for an attacker to crack their accounts. Names were also a common inclusion in the database, suggesting that employees were using their own names as a password.

(Image credit: Passwork)

If you’ve seen your password somewhere in this article or in NordPass’ research, it might be time to change it to something more secure, lest you be responsible for a breach.

In order to better protect corporate accounts, businesses should put in place password creation rules that make it harder to use simple passwords that can be easily cracked. NordPass also offers a business password manager tier to help businesses generate and store passwords securely.

Businesses should also implement two-factor authentication when signing in to accounts to help verify that the person accessing the account is a legitimate user, and not a crook with stolen credentials. Businesses can also switch over to using passkeys, which use secure authentication to log in without the need to remember complex passwords.

You might also like

• These are the best password managers for families
• Take a look at our guide to the best parental control apps
• Google is going to let you transfer your passkeys to a new phone

Remember last week, when Netflix added HDR10+ support in a move that looked like great news for Samsung TV owners? Well, I assumed that this would be an instant win for the best Samsung TVs across the board, but it seems that's not the case – and Samsung is surprisingly cagey about which of its existing TVs will see the benefit, and when.

Samsung released a statement saying that all of its 2025 TVs, including the Samsung S95F OLED TV, will support Netflix's HDR10+ implementation, as will its 2024 and 2025 HDR computer monitors – but no one owns the 2025 TVs yet, so what about current TVs?

Samsung says there will be "support for additional models in the future", but hasn't offered any further information so far. I've asked Samsung if it's able to share any more specific information for users of these TVs, and will update if I hear back.

My guess is that Samsung will actually bring support fairly broadly, and fairly quickly – but this cagey announcement feels like dropping the ball just seconds away from a touchdown.

The Samsung S95D, our TV of the Year 2024, may or may not get Netflix's HDR10+ support… (Image credit: Future)

HDR10+ is a more advanced kind of HDR, with scene-by-scene metadata, like Dolby Vision. In theory, it can help TVs better 'tone map' the levels of HDR brightness onto the capabilities of the TV's screen, meaning more detail is retained in the brightest and darkest areas of the image, even if your TV isn't great at going especially bright or dark.

Samsung's TVs support HDR10+, and don't support Dolby Vision – it's the only maker of the best TVs that has rejected Dolby's HDR format. And this has been a frustration, because Dolby Vision HDR is the advanced format used by most of the best streaming services.

The lack of Dolby Vision is the big complaint we hear from people when we post about Samsung TVs, and having HDR10+ support on the biggest streamers (Prime Video also supports it) helps mitigate that – so I would've expected Samsung to embrace this instantly. In fact, I just assumed Samsung would have everything prepped in advance for it, given how tied the company is to HDR10+ as a format.

But that's been changing over time, and Netflix supporting HDR10+ felt like a key shift to offer all Samsung TVs an instant boost… but only once Samsung supports it.

When Samsung confirms that it's supporting the Netflix update on more TVs, we'll let you know straight away, Samsung TV owners.

You might also like…

• I saw Sony's new top-end OLED TV in action, and it could take image refinement to a new level, for cheaper than the A95L
• I tested Samsung's new top mini-LED 4K TV, and the Glare-Free screen tech makes a big difference
• Forget Samsung's new modular OLED panels – if this tech works on TVs we could get giant OLED TVs at half the price

Travel back in time with X-Arcade's Arcade2TV-XR physical arcade controller for virtual reality in this retro blast from the past that includes games like Pinball FX VR and Arcade Ranger.

The Department of Education said it is inviting public feedback on ways to improve these programs.

• JetKVM is a tiny KVM over IP product for full remote control of any computer
• It raised over $4 million in crowdfunding from more than 30,000 backers
• Device includes USB-C, Ethernet, HDMI Mini and RJ11 extension for add-ons

Plenty of crowdfunded campaigns fail to draw enough pledges to turn a project into reality, but that isn’t the case with JetKVM, a $69 next-generation open source KVM over IP device that can control any computer remotely.

It was successfully funded on Kickstarter on December 3, 2024, smashing its $50,000 goal with a whopping $4,370,767 in pledges from an impressive 31,598 backers.

Although the campaign has now ended, you can still become a late backer, and the good news is, you shouldn’t have long to wait to receive the product, as JetKVM is expected to begin shipping in April 2025.

Rare RJ11 extension port

The small hardware device gives you full remote access to a computer’s screen, keyboard, and mouse, just like a physical KVM switch, but over the internet.

It connects to the target machine’s HDMI port to capture video, and to a USB port to emulate input devices. Once set up, you can control the machine from anywhere using a web browser. This is especially useful for headless systems, unresponsive machines, or remote BIOS access.

The device runs a Linux system based on Buildroot, powered by a RockChip RV1106G3 (ARM Cortex-A7, 1.0GHz) with built-in H.264 and H.265 encoding. It includes 256MB of DDR3L RAM, 16GB of eMMC storage, Ethernet, USB-C, HDMI Mini, and a unique RJ11 extension port.

The creators say JetKVM streams 1080p video at 60FPS with 30–60ms latency. Remote access is handled via JetKVM Cloud using WebRTC for encrypted peer-to-peer connections. A 1.69-inch touchscreen shows status and local controls, and the software, written in Go, is fully open source and modifiable via SSH.

Power can be supplied via USB-C, RJ11, or pin header. The RJ11 port, which we're big fans of, supports hardware extensions like sensors, ATX power control, or serial console access.

Even though JetKVM has been successfully financed, and then some, we’d be remiss if we didn’t offer our customary crowdfunding warning: delays happen, features can change, and delivery isn’t always guaranteed, so please bear that in mind.

You might also like

• These are the best laptop docking stations you can get right now
• A remote KVM with a free permanent VPN service has just launched
• One of the world's largest business monitors has a no-touch KVM switch

It still comes down to money.

In June 2024, the Biden administration announced that the download, update, licensing and resale of Kaspersky software would be banned from July 20 2024.

The justification was that because Kaspersky is headquartered in Moscow, the Russian government could force the company to hand over access to its systems and disrupt all of the computers it is installed on.

Kaspersky has frequently denied having any connection to the Russian government, but the US has determined that that simply isn't good enough.

Bitdefender Total Security is a top-notch security suite that offers comprehensive protection against various online threats for all your devices (Windows, macOS, Android, and iOS).View Deal

What does it mean for me?

Kaspersky has been a household name for antivirus in the US, with a pre-ban market share of around 35%.

After the ban Kaspersky offloaded its customers the Pango Group, which promptly installed UltraAV as a replacement service which caused quite a stir.

If you were using Kaspersky antivirus, you will have been asked if you wanted to switch to UltraAV. However, none of the major antivirus testing labs have released any scores for UltraAV, and customer feedback and online postings suggest that the software is less than ideal.

Those who chose to forgo the UltraAV update will have been left to continue using Kaspersky - and if that includes you - your device is at serious risk.

Am I at risk if I keep using Kaspersky?

Yes. The ban prohibited new updates for the Kaspersky software, meaning that the software won't be able to protect against any new malware or threats that have emerged since the ban in June 2024.

Antivirus providers release frequent updates to their software to keep your device protected from existing malware, as well as '0-day' exploits or fresh vulnerabilities that are being actively exploited. Without these updates, devices can succumb to infection and attacks that other devices would be protected against.

As an additional point of concern, if you used Kaspersky on a Windows device it is likely that Windows Defender Antivirus was put into passive mode, preventing it from offering its full level of protection. If you were using Kaspersky, or still are, I would highly recommend checking to see if your Windows Defender Antivirus is still in passive mode, and switch it to active.

What should I do?

First things first, check to see if your device manufacturers default antivirus is updated and turned on.

Now that you have some level of protection, have a think about if you consider default protection enough.

For many devices, the default antivirus program will offer a fairly decent level of protection against malware, but will lack a lot of the other security tools that have almost become a necessity in the digital world.

Take a look at my comprehensive guide to the best antivirus, and have a look through the features you think would be best for you.

Many services include a VPN to help encrypt your internet traffic at is heads from your device to its destination, preventing crooks from intercepting it in transit.

Others will have a parental control app that will help you block adult content from being viewed on your children's devices, as well as setting screen-time limits to help them focus on their homework or chores.

Password managers are also a very handy tool to help keep your online accounts secure. If you don't use an authenticator app, you account is only as secure as your password. Antivirus alone won't stop a hacker from guessing your username and password.

Do I need to bother with antivirus in 2025?

As a security expert, my answer is 100% yes. I've seen first hand how quickly new threats and vulnerabilities can emerge, and the damage they can have not only on devices but also livelihoods.

If an attacker gains access to your computer files, they can potentially steal sensitive files and data that can help them commit identity theft or credit fraud. Even if you don't want to splash out on a premium service, you can always turn to the best free antivirus to provide a good level of protection to all your devices.

• Read more: How to choose the best antivirus for you

The Trump Administration is reportedly changing rules to the $42.5 billion BEAD Program to favor Elon Musk’s Starlink.

D&D can be played entirely in the theater of the mind, but why do that when you can have a load of gear to make it even better?

• Nintendo confirms that the Switch 2 features Nvidia DLSS and ray-tracing
• It didn't share which games will support the tech
• Nvidia has also revealed that the Switch 2 is powered by a custom Nvidia processor

Nintendo has confirmed that the Switch 2 will feature Nvidia DLSS (Deep Learning Super Sampling) and ray tracing.

During a roundtable Q&A in New York following the big Nintendo Switch 2 Direct yesterday (via IGN), Nintendo revealed that the new console will utilize the technology, but refrained from sharing which version and which Switch 2 games will support it.

"We use DLSS upscaling technology and that's something that we need to use as we develop games," said Takuhiro Dohta, senior director of the Programming Management Group Entertainment Planning & Development Department, at Nintendo’s Entertainment Planning & Development Division.

"And when it comes to the hardware, it is able to output to a TV at a max of 4K. Whether the software developer is going to use that as a native resolution or get it to upscale is something that the software developer can choose. I think it opens up a lot of options for the software developer to choose from."

When asked about the Switch 2's GPU, Dohta did confirm that it allows ray tracing but was cagey on the details, saying, "As with DLSS, I believe this provides yet another option for the software developer to use and a tool for them."

Although Nintendo wasn't able to share any details on the GPU itself, Nvidia has since released a blog post confirming that the Switch 2 is powered by a custom Nvidia processor featuring an NVIDIA GPU, along with dedicated RT Cores and Tensor Cores for "stunning visuals and AI-driven enhancements."

Thanks to the new tech, this allows the Switch 2 to run in 4K in docked mode and 120 frames per second (fps), which we learned yesterday when the specs were revealed.

The Nintendo Switch 2 will launch on June 5, 2025, and will cost $449.99 / £395.99, with preorders scheduled to open on April 8.

TechRadar Gaming attended an exclusive hands-on preview and spent four hours testing out the Nintendo Switch 2.

You might also like...

• Here are the Nintendo Switch 2 launch games that you'll be able to pick up and play on June 5
• Furious fans hijack Nintendo Treehouse: Live stream with demands to 'drop the price'
• Nintendo confirms that certain Switch 2 game cards will just have a download key, but I don't think it's as bad as we first thought

• Apple has patented a new exercise-tracking prediction method
• It says the technology can capture body motion data and determine what exercise you are doing
• It could also count how many reps you've done, possibly paving the way for improved workout tracking or online class participation

While we've been hearing that Apple is preparing a pretty significant Health app upgrade for 2025, the company has also patented a new type of exercise tracking technology that could power improved workouts on many of the best iPhones in the future.

A new Apple patent published April 3 and seen by TechRadar, dubbed 'exercise tracking prediction method,' reveals Apple is exploring new technology for workout tracking. It pertains to "predicting and counting repetitions of physical activity" using captured image data of a body in motion.

Apple's patent aims to overcome some of the limitations of predicting and tracking the activity of a person in real-time.

To that effect, Apple's technology can take image capture data and predict what activity you're performing while it is in progress and potentially provide feedback on it.

That could be done using a camera on any type of electronic device, including a phone, tablet, computer, or even a wearable like an Apple Watch (which is tipped to get a camera one day). There are heavy shades of Peloton Guide here, but it looks like Apple is trying to take the tech one step further with more precise tracking.

Apple exploring this technology could point to a number of implementations and upgrades for users, notably around using Apple devices to track workouts in real-time or when participating in a more collective version of an online Apple Fitness Plus class.

Apple explores workout detection

(Image credit: Future)

The best Apple Watches, Apple's Health app, and devices like the iPhone excel in certain health and wellness tracking implementations; however, one obvious missing feature is driving workouts using rep counting and tracking.

Even the Amazfit Active 2, a $99 smartwatch we rate as one of the best cheap smartwatches on the market, has a built-in rep tracker for strength and conditioning workouts,

If Apple could crack workout and rep tracking, it would be a big boost to the company's health and wellness ambitions, and using its device cameras could be a key to gaining the upper hand.

Powerful features like LiDAR would be much more accurate than accelerometers when it comes to tracking form and reps in a workout participant, giving Apple potentially unparalleled accuracy in this regard.

(Image credit: Apple / USPTO)

Given how generally cumbersome and often antisocial filming in the gym can be, it seems like this sort of technology would lend itself more readily to use in the home.

I can definitely imagine a service like Apple Fitness+ leaning on workout tracking data to give users more clinical insight into their progress, tracking reps on screen in real-time during a workout.

While not mentioned here, there's also no reason to think this technology couldn't be developed further to deliver feedback and pointers on form and posture, too.

At this point, the technology is only an idea on paper. If Apple ever releases a feature like this, it will likely be a year or two away from consumers. So don't expect an Apple Watch Ultra 3 with a camera that can track your workouts.

More immediately, we know that Apple is planning a big blood pressure monitoring upgrade for the aforementioned Ultra 3 and the Apple Watch Series 11, both of which are expected later this year.

Latterly, rumors point to a new Health app overhaul, replete with an AI agent designed to replicate your Doctor, arriving as early as 2026.

You may also like

• An Apple a day? Your iPhone could soon have an AI Doctor thanks to a new iOS 19 Health app
• Using a smartwatch could be a game-changer for people with diabetes, new research suggests
• After 10 years of Apple Watch, the company reveals the one thing it got wrong about its users

• Tuta Mail filed a DMA complaint against Apple on April 2, 2025, for failing to enable Tuta among the default mail apps on iOS
• The encrypted email provider issued the complaint after allegedly waiting for months for a response from the Big Tech firm
• The complaint was withdrawn less than 24 hours later as Apple finally got in touch with Tuta's developers

Tuta Mail, an encrypted email service, filed a complaint against Apple on Wednesday, April 2, 2025. The action has been withdrawn, however, after less than 24 hours.

The German secure email provider decided to file a formal complaint against Apple for failing to enable its service among the default mail apps on iOS as required by the Digital Market Act. Tuta did so after allegedly waiting for months for a response to its request.

Yet, "after a journalist contacted Apple on the issue, Apple got in touch with us in a matter of hours," wrote Tuta's CEO Matthias Pfau on April 3 in an official announcement. "For this reason, we will withdraw the complaint to the EU, and Apple does not have to fear any consequences."

Why did Tuta issue the complaint?

The Digital Market Act, which came into force last year, has introduced new obligations for Big Tech companies to prevent them from abusing their dominant position in the market.

For Apple, this means, among other things, giving everyone using an iPhone or iPad the choice of picking a third-party service as their default email application.

To enable their users to do this, the app's developers need to follow the company's guidelines and submit a formal request. Tuta Mail was said to have done so on January 14, 2025, but there was no response.

The team tried to get in touch with Apple via emails and X posts throughout March without much success.

Apple launched alternative default mail apps with the iOS 14 release in 2020, four years before the DMA rules went into force. Apple's biggest competitors, Gmail and the popular encrypted service ProtonMail, are among the developers that have been successfully enabled as default mail apps since then.

Dear @Apple @tim_cook We'd like our users to be able to choose Tuta Mail as the default mail app on #iOSWe've contacted Apple devs as requested two months ago, sent a reminder, but so far - silence.Could you please connect us with the right people?#DefaultMailApp #AppleMarch 18, 2025

On April 2, Tuta then decided to file a formal DMA complaint against Apple for, as Pfau put it, "abusing its gatekeeping position against us."

Less than 24 hours later, Tuta confirmed to TechRadar that Apple finally got in contact with the team "after a Reuters journalist wanted to get to the bottom of the matter with Apple," Tuta's Press Officer Hanna Bozakov told us.

Nonetheless, this was enough for Tuta to decide to withdraw its complaint against the Big Tech giant.

"The main problem here is that Apple will get away with this behavior. We withdraw the complaint because it's pointless to keep it up, but next time, Apple can act in exactly the same way," said Bozakov.

"We would like to see large technology companies use their market power responsibly, behave correctly and fairly and not only take action when threatened with bad publicity."

Apple's response

TechRadar approached Apple for comment, and the company told us that Tuta's request was incomplete as it was missing the "mailto." This is a URL scheme that's needed for the correct function of default mail apps in iOS.

Apple also told TechRadar that the company reached out to Tuta's developers as quickly as possible to help them resolve the issue.

Bozakov confirmed the mistake but said the team was informed only today (April 3) about this. "I'm pretty certain we would still be waiting for a response had the journalist not contacted them," she added.

You might also like

• Tuta becomes the first quantum-resistant email service with new hybrid protocol
• Your passwords aren't the key to protecting your online identity, your email address is
• Apple fined over €150 million in France for discriminatory consent practices surrounding its ATT framework

• Kaspersky uncovers counterfeit Android smartphones preloaded with Triada malware
• The researchers speculate the supply chain might have been compromised
• More than $270,000 in crypto has already been stolen

Counterfeit versions of popular Android smartphones are being sold with malware pre-installed, experts have revealed.

Cybersecurity researchers Kaspersky have warned users about buying heavily discounted Android smartphones from shady online stores after it observed at least 2,600 victims, located mostly in Russia, who received their brand-new smartphones carrying the Triada Trojan.

“The new version of the malware is found in the firmware of infected Android devices,” reads the machine-translated announcement. “It is located in system framework, meaning a copy of Triada makes its way into every process on your smartphone.”

Monitor your credit score with TransUnion starting at $29.95/month

TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.

Preferred partner (What does this mean?)View Deal

Targeting journalists

The malware was said to have a wide range of functionalities and can give the attacker “almost unlimited possibilities” for controlling the compromised devices.

Among other things, Triada can steal user accounts in messengers and social networks, stealthily send messages on behalf of the victim, steal cryptocurrencies, monitor the victim’s browser activities, replace links, swap numbers during calls, monitor and intercept SMS messages, download and run apps, and block network connections.

Dmitry Kalinin, cybersecurity expert at Kaspersky Lab, said Triada remains “one of the most sophisticated and dangerous threats to Android,” but added that the researchers don’t really know how the devices got infected.

“It’s possible that one of the stages in the supply chain is compromised,” he said, “so the stores selling the devices may not even suspect that they’re selling Triada-infected devices.”

These thousands of victims have already suffered hundreds of thousands of dollars in losses, the researchers concluded.

Kaspersky claims around $270,000 in cryptocurrency was already siphoned out, suggesting that the number could be even greater since some of the transactions were made in difficult-to-trace Monero.

The best way to avoid this risk is to only buy smartphones from authorized sellers. Alternatively, users could reflash their device using a clean system image from Google.

Via BleepingComputer

You might also like

• Private API keys and passwords found in AI training dataset - nearly 12,000 details leaked
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

Windows 10 end of life is rapidly approaching, with updates ceasing on October 14 2025, and many are starting to make the switch to Windows 11.

But questions still remain. Do I really need to use the best antivirus with Windows 11?

Is Windows Defender good enough? Can I trust it to protect me from hackers especially when Windows is the most widely used operating system in the world? Let's find out.

Bitdefender Total Security is a top-notch security suite that offers comprehensive protection against various online threats for all your devices (Windows, macOS, Android, and iOS).View Deal

Should I upgrade?

In short, yes. Once Windows 10 reaches its end of life it will stop receiving critical updates such as new security patches that stop known vulnerabilities from being taken advantage of.

Considering Windows has a considerable market share for PC operating systems, it is a very lucrative target that cybercriminals are constantly trying to hit.

Let me put it this way - one of the main reasons the WannaCry ransomware attack in 2017 was so devastating was because many organizations were using Windows operating systems that were well past their end of life.

Even though Microsoft had released a patch that could have prevented the WannaCry ransomware from infecting their devices, some had chosen to turn off updates or were using outdated systems.

Additionally, if we follow the trend of Windows 10 which was released in 2015, Windows 11 will likely also receive updates for at least the next 10 years, making it a worthy update for those who haven't made the switch already. What's more, if you are already running Windows 10, you can upgrade to Windows 11 for free!

I understand that there are some purists out there who insist on using the operating system they are most familiar with - and I can sympathize.

I miss Windows Vista. But aesthetics aren't everything, and its never too late to learn something new.

How big of a target am I?

It's easy to think that you are not a target when it comes to this big digital world we all live in, but there are hundreds of ways a hacker might see value in targeting you.

For example, they could be looking to add your computer to a global botnet that they use to launch attacks on businesses without you even knowing.

Or they could be looking to steal your social media accounts to use in disinformation campaigns, or they just want to disrupt as many people as possible with their latest malware.

The Malwarebytes' State of Malware report places ransomware as the biggest threat in 2024 and attacks have grown 13% year-over-year.

In 2025 this trend is likely to continue, boosted by the increase of AI agents to distribute malware and help write phishing emails that are more convincing and harder to spot.

While cybercriminals have turned to targeting big companies with bigger budgets in order to make a living, small fries such as you and I are still viable targets for smaller, less advanced cybercriminal groups.

Lets not also forget that a cybercriminal could be looking to steal your identity, or commit credit fraud in your name using data they can steal from your computer. Some groups just want to cause disruption and make a name for themselves by hitting anyone and everyone.

Windows Defender Antivirus: is it enough?

Windows Defender Antivirus comes pre-installed as standard with Windows 11.

In numerous tests, Windows Defender Antivirus does a pretty good job of protecting against new malware threats including those distributed through the web and via email.

In AV-TEST's February 2025 testing, it managed to detect 100% of 0-day threats and widespread/prevalent threats discovered in the last 4 weeks. Not bad.

But, Windows Defender Antivirus is a very simple, barebones solution. Yes, it protect against malware, but it doesn't offer additional security features such as a VPN or dedicated parental controls.

So when people say "Windows Defender Antivirus is enough", what they mean is it is enough for malware-based threats, not everything else that could put your device or those who use it at risk.

For example, if you don't use a VPN while using a web browser, your internet traffic is likely unencrypted, meaning that anyone could intercept it and see what your are doing, or pull potentially sensitive information from your traffic.

Windows Defender Antivirus' feature set is gradually catching up to the features offered by many of the best antivirus providers, but it will likely always be one step behind in its offerings as a free service.

Is antivirus for Windows 11 worth it?

As a security expert who is constantly writing about new attack vectors, data theft, and service outages, it would seem that using a premium antivirus service is probably a good choice for a number of reasons.

Firstly, Windows Defender Antivirus only protects against your Windows machine, and doesn't offer any protection for the rest of your devices.

Many antivirus services offer compatibility across Apple, Android, Chromebook, Windows, and Linux, allowing you to protect all of your household devices under one umbrella.

But computer security doesn't just start and end with antivirus, as every single online account you use is also a potential target for a hacker.

That's why many services offer password managers as an included tool, providing you with passwords that would take billions of years to crack, autofill capabilities to help you log in faster, and in some cases an authenticator app to keep your accounts super secure.

And best of all, you don't even have to spend a penny to increase your protection. There are tons of great free antivirus apps that you can install on your Windows 11 device, and as an added bonus Windows Defender Antivirus can be put into passive mode to work alongside another third-party antivirus solution.

• Read more: How to choose the best antivirus for you

• It's the world's first sub-250g 'bi-copter' drone
• Created by ZZR, the makers of our favorite selfie drone, the HoverAir X1 Pro
• Promise of faster acceleration, unmatched agility and quieter flight

Following a soft reveal on the V-Copter website last month, Zero Zero Robotics has fully unveiled its V-Copter Falcon Mini drone on the product's crowd funding page.

It's the world's first sub-250g bi-copter drone – a radically different design to the best quad-copter DJI drones, and the supposed upside is faster acceleration, unmatched agility, plus quieter and longer flight.

We covered the V-Copter Falcon Mini after it appeared on the V-Copter website – it follows the beefier Falcon that largely flew under the radar, but weighs in under 250g which means it's more accessible to more people – and now we know the full specs and pricing.

The tantalizing $299 list price (around £270 / AU$550) sees the Falcon Mini rival DJI's Mini 4K and Mini 3 drones, plus the recent Potensic Atom 2, and if it delivers its promises, the 4K bi-copter offering could be the best pick for people wanting extended flight fun.

Image 1 of 4

(Image credit: Zero Zero Robotics)Image 2 of 4

(Image credit: Zero Zero Robotics)Image 3 of 4

(Image credit: Zero Zero Robotics)Image 4 of 4

(Image credit: Zero Zero Robotics) Could the V-Copter Falcon Mini disrupt the drone market?

Most of the best consumer drones are quad copters, but the Falcon Mini features just half the propellers, which sit in a v-shape above the drone's body.

This bi-copter design and propeller positioning enables a range of motion – the twin rotors can work independently, tilting in opposite directions for sharp turns and precise maneuvers, hence the 'unmatched agility'.

Another benefit of such a design is that the rotors can tilt downwards to optimize airflow and thrust for fast and powerful acceleration, within miliseconds of the drone being engaged. A Reverse Flight Kit debuts too, unleashing flight skills and tricks such as upside down flight and a 'reverse one foot spin' – file those under flight fun, rather than for aerial shots.

Flight stability is supposedly top drawer too, thanks to real-time flight adjustments and a 0.01 rotor angle precision. Together with a three-axis gimbal-stabilized camera, users should enjoy smooth 4K video footage, with 2.7K vertical video also possible.

The product is now available for backers on the V-Copter Falcon Mini crowdfunding page, with a limited number of early backers able to bag the drone for $199 (around £180 / AU$350), or for the full $299 price.

As always back at your own risk. However, we would say that Zero Zero Robotics' recent history is assuring – its recent HoverAir X1 Pro 'selfie' drone was put through crowd funding, and today is the best of its kind.

In fact, ZZR is doing drones differently; first was a selfie drone that DJI responded to with its recent Neo, now a bi-copter mini drone. For us, the competition ZZR is posing DJI, and more so its innovation, is most welcome.

The Falcon Mini is a drone we're really looking forward to testing – and of course, we'll share our experiences. Watch this space!

You might also like

• HoverAir X1 PRO review: the ultimate selfie drone
• I've spent hundreds of hours testing drones, and the Potensic Atom 2 is easily the best DJI alternative I've flown
• The best beginner drones for 2025: top flying cameras for new pilots

Fierce London rivals face off at Stamford Bridge.