TechRadar News

• Zimperium research finds SMishing campaign leveraging carefully crafted PDF files
• The campaign is impersonating the USPS
• The goal of the campaign is to steal login credentials

Corporate email accounts may be under the watchful eye of different security solutions, but mobile devices aren’t enjoying the same level of protection, experts have warned, as criminals are devising advanced, complex mobile phishing attacks to steal valuable login credentials.

Cybersecurity researchers at Zimperium recently discovered a new campaign using a unique obfuscation technique - they would first build a PDF file, mimicking the United States Postal Service (USPS). The file’s structure is quite complex, the researchers said, as it has a header, body, cross-reference table, and a trailer. The link, which leads to a malicious landing page, is embedded without using the standard /URI tag, which makes detection and forensics somewhat more difficult.

The uniqueness of the attack is seen in the URL, which comes with an embedded XObject. This allows the crooks to turn it into a clickable button.

SMS messages and PDF files

The attack starts with an SMS message, instead of an email. This way, the threat actors are able to bypass any email security protections set up, but also presents two unique challenges: one - they need to know their victims’ phone numbers, and two - sending SMS messages in bulk is not as cheap, easy, or private, as sending emails.

In the SMS message, the attackers impersonate the USPS and, in the usual scamming fashion, warn the victims about a parcel. They share the link to the PDF, which then leads to a malicious landing page, where victims end up sharing their login credentials. This information is ultimately encrypted and relayed to the attacker-owned C2 server.

This campaign highlights the fact phishing attacks can happen anywhere, not just in email, and that businesses need to expand their training sessions to cover virtually all communications platforms in use today.

You might also like

• Text spammers are getting creative and trying to play on your emotional needs – don't fall for it
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

• Nvidia’s RTX 5070 Ti is supposedly going on sale on February 20
• This is purportedly info gleaned directly from Nvidia by a tech site
• That date does align with some past rumors, making it seem more likely

Nvidia’s RTX 5070 Ti could be out on February 20, or that’s the latest talk coming from the rumor mill, taken with the usual pinch of seasoning as ever.

VideoCardz has the scoop on this one, with the tech site informing us that this is word from Nvidia itself, courtesy of the latest info on review embargoes from Team Green.

Obviously this must still be regarded as a rumor, but the theory is that reviews of the RTX 5070 Ti graphics cards that are pitched at MSRP ($749 in the US, or £749 / AU$1,109) will arrive on February 19, and those above the MSRP level will follow the next day, with the GPUs all on shelves on that same day, February 20.

There’s an important point to note about the RTX 5070 Ti, and that’s the fact that this graphics card won’t have a Founders Edition from Nvidia, unlike all the other GeForce Blackwell models that have been announced so far.

In other words, only third-party RTX 5070 Ti graphics cards (from the likes of Asus, Gigabyte, MSI, PNY and Zotac) will be available to buy.

According to VideoCardz, Nvidia originally intended to launch these RTX 5070 Ti models on February 14, but that date was put back due to the Chinese New Year (and presumably stock concerns therein).

All that Nvidia has officially said is that the RTX 5070 models, both the vanilla and Ti graphics cards, are going to be out in February 2025.

(Image credit: Shutterstock / DC Studio) Reinforcing past rumors, and worries around RTX 5070 timing

It’s no surprise to hear that Nvidia is planning to unleash the RTX 5070 Ti later in February, as this is something we’ve caught wind of before. Previously, there was some speculation about a mid-to-late February release, before a retailer actually listed a February 20 launch date, as aired here.

It’s also not surprising that the RTX 5070 Ti could turn up later next month, given the rumors we’ve been hearing about stock shortages – and there’s been a lot of that chat floating around. Such a weight, in fact, that it’s becoming easier and easier to believe that Nvidia will have issues here (and it’s not like this hasn’t happened before).

So, the hope with the RTX 5070 Ti is that, unlike the rumors around the RTX 5080, we’ll actually get a decent amount of graphics cards that are priced at the MSRP (or at least very close to it).

The difference with the RTX 5070 Ti is that, as noted above, there isn’t a Founders Edition in place underlining the MSRP. So, you’d hope Nvidia will be pushing to ensure that its card making partners are going to have a suitable selection of 5070 Ti models at that MSRP, otherwise, well, setting that recommended pricing level starts to look a bit pointless (if everyone’s ignoring it).

Moving from the hope, to the fear with the RTX 5070 Ti, this is that stock is going to sell out lightning-quick, as we get the first semi-affordable – a relative term, of course – Blackwell GPU actually available to buy. In particular, those graphics cards at the MSRP may disappear in the blink of a ray-traced eye, and we may be waiting for some time before stock levels get beefed up a bit (given the inevitable price scalping, too).

The other question is if the RTX 5070 Ti is due on February 20, where does that leave the RTX 5070? To be fair, in theory the vanilla card could be close behind, and as it’s grabbing more interest than the 5070 Ti currently – as gamers are not convinced the 5070 Ti will provide a convincing uplift over the 4070 Ti – that may pull the focus from the Ti model in short order.

This is all guesswork naturally, certainly the talk around the RTX 5070 Ti looking like a less robust next-gen upgrade – that’s mostly based on a few Nvidia performance graphs, the GPU’s specs, and drawing parallels based on how the RTX 5090 panned out relative to its predecessor – and so these are notions we should not get carried away with.

There are also some rumors that the RTX 5070 might be delayed to March 2025, though, and if there’s anything to that particular smouldering fire – with no mention of this GPU from Nvidia yet, apparently – the RTX 5070 Ti might be the only option on the Blackwell mid-range table for a little while. All as AMD looks to get into the game with its RX 9070 models in March, although those GPUs have faced plenty of controversy of their own.

Indeed, I’m not sure I can ever remember a pre-launch period for GPUs that has been so thick with rumors and oddities, than this current run-up to Blackwell and RDNA 4.

You might also like...

• Rumor has it AMD’s feeling the heat from Nvidia’s RTX 5000 GPU launch prices – but a decision on RX 9070 pricing must be made soon
• The end of the Nvidia RTX 4000 series is nigh – with the RTX 4070 expected to sell out in weeks
• Nvidia releases stats that prove DLSS and Frame Generation are here to stay - sorry, angry gamers

There’s nothing like a bit of comparative advertising to spice up Flagship Android Launch Season, and Chinese mobile maker Honor seems determined to play chief mischief-maker.

After apologizing to Samsung Galaxy Z Fold 6 owners who may have felt “let down” by their “chunky” folding phone last year, the company has again taken aim at Samsung by highlighting five key hardware and software features supposedly missing from the Galaxy S25 Ultra.

The jab comes as part of a new social campaign that sees Samsung – or ‘Sam’ – gifted with accessories designed to “enhance” the Galaxy S25 Ultra. These include a zoom lens, a power bank, and a ring light. The implication here is that Honor’s new flagship phone, the Honor Magic 7 Pro, boasts better zoom capabilities, battery life, portrait capture technology, and other key features versus Samsung’s latest device. Meow.

In a press release accompanying the new campaign, Honor details these supposedly superior features in writing:

• Magic Portal for Seamless App Access: Magic Portal enables quick access to over 150+ third-party apps with a simple circle gesture, streamlining tasks across search, transportation, entertainment, shopping, and office tools.
• AI Super Zoom for Richer Details: Leveraging cloud AI, Honor's AI Super Zoom delivers superior image quality for long-distance shots beyond 30x, capturing far clearer and more detailed photos compared to Samsung’s Space Zoom.
• Stunning Portraits and Fast Capture: Featuring the industry’s first on-device portrait large model, the Magic 7 Pro delivers striking portrait details with AI Enhanced Portrait and Harcourt Portrait. Its HD Super Burst and AI Motion Sensing further solidify Honor's leadership in fast capture technology.
• Unmatched Durability and Charging: The Magic 7 Pro boasts IP68 and IP69 water and dust resistance, 100W wired SuperCharge, and 80W wireless SuperCharge. It also features the industry’s first dual 3D biometric security system with 3D Ultrasonic Fingerprint Unlocking and 3D To Face Locking.

Jeez, talk about confidence.

Seeing as the Galaxy S25 Ultra only launched a matter of days ago, we haven’t yet put the phone through its paces, and as such, we’re not in a position to say whether Honor is being too big for its boots here.

We do, however, know that features like AI Super Zoom, Harcourt Portrait, and Magic Portal are unique to the Magic 7 Pro and more of the best Honor phones, so we can understand Honor’s eagerness to highlight them in some playful marketing.

Image 1 of 2

The Honor Magic 7 Pro hit shelves in January (Image credit: Future)Image 2 of 2

The Samsung Galaxy S25 Ultra was announced at Galaxy Unpacked (Image credit: Future)

Indeed, we described Honor’s latest flagship as “an outstanding phone that impresses in almost every area” in our Honor Magic 7 Pro review, and it’s true that Honor’s proprietary smartphone software has come on leaps and bounds in recent years (see its Deepfake Detection feature).

That said, the Samsung Galaxy S25 Ultra is certainly no slouch – and we don’t need to have completed our full review process to tell you that.

In our hands-on Samsung Galaxy S25 Ultra review, we described Samsung’s latest flagship as potentially “the most complete AI-ready mobile package on the market,” so we look forward to pitting the Galaxy S25 Ultra against the Honor Magic 7 Pro and more of the best Android phones very soon.

You might also like

• Samsung Galaxy S25 Edge: latest news, rumors, and everything we know so far
• Samsung Galaxy Unpacked – Galaxy S25 Ultra, S25 Edge, and 9 things we learned
• Samsung just teased a tri-fold folding phone at Galaxy Unpacked 2025

• AI company has released a design of a keyboard dock for smartphones
• With a beige color scheme and a pseudo-mechanical keyboard, it has a strong 1980s feel to it
• It is expected to cost less than $250 and will appeal to those looking for a Psion 5MX replacement

Amber.Page, an AI startup for writers, has teased a new keyboard case that transforms an iPhone into a portable, laptop-like writing device.

Shared by company founder Justin Mitchell on Threads, the renders of what he’s calling the AmberDeck show a clamshell-style design reminiscent of retro tech, like a mini Tandy TRS-80 Model 100 or the Psion 5MX. The latter had a similar design with what was widely considered one of the best keyboards ever made for a device of its size.

The device offers a minimalist setup for drafting articles, editing text, and even tackling writer’s block with the support of the startup’s AI-powered writing assistant.

Mitchell wrote, “Been cooking on some hardware for Amber over the holiday break. Always wanted a clamshell iPhone keyboard for focused writing on the go, so I made one.”

The case isn’t intended as a permanent enclosure for your phone; rather, it serves as a docking station, turning your device into a focused typing tool with a high-travel pseudo-mechanical keyboard that features a compact 60% layout. Yanko Design says when docked, you won’t be able to use your phone for usual tasks such as accessing the camera or making calls, but if you're focused on writing that will be a good thing.

A work in progress

Mitchell wrote, “Been cooking on some hardware for Amber over the holiday break. Always wanted a clamshell iPhone keyboard for focused writing on the go, so I made one.”

The case isn’t intended as a permanent enclosure for your phone; rather, it serves as a docking station, turning your device into a focused typing tool with a high-travel pseudo-mechanical keyboard that features a compact 60% layout. Yanko Design says when docked, you won’t be able to use your phone for usual tasks such as accessing the camera or making calls, but if you're focused on writing that will be a good thing.

The clamshell case includes an adjustable hinge for screen positioning and a charging port for the keyboard itself. Yanko Design notes the case doesn’t appear to support pass-through charging for the phone, and the keyboard lacks backlighting, which will limit its usability in low-light settings. That said, this is still only a prototype, so things could change.

Indeed, in another thread, Mitchell has updated the design based on feedback and suggestions from his social media followers, including changes made to improve functionality and compatibility. In the updated design, the hinge is centered and features a dual-action mechanism, allowing the case to lay completely flat thanks to an internal gap inside the top shell.

The arrow keys have been reconfigured to a standard layout, with the shift key moved to the right and enlarged for a more intuitive typing experience. A gap has been added around the faceplate, making it easy to pop off and customize or swap as needed. To accommodate a wider range of devices, including Android phones, the inset on the inside has been squared off for better versatility. Additionally, the lip of the case has been moved to the top.

Mitchell has suggested the AmberDeck could sell for under $250, and while these early renders are just a preview, the case could potentially appeal to writers, journalists, and editors looking to turn their phones into compact writing devices that can be used anywhere.

You might also like

• These are the best free writing apps you can get right now
• And these are the best AI writing tools available
• The modular smartphone returns, sort of, via a Chinese vendor

• Some gamers are queueing up ahead of RTX 5090's launch
• The jury is out on whether these are scalpers or not
• Shortages for the RTX 5090 have been anticipated

The hype for Nvidia’s upcoming flagship graphics card, the GeForce RTX 5090, continues as we get closer to the release date. And it seems that gamers are also excited, as lines have already started to form ahead of its launch.

Several sources, including a report from IGN and the r/Microcenter subreddit, have confirmed through photographic evidence that tents have been pitched in front of retailers, securing places in line well before the card goes on sale – including a brick-and-mortar ​​Micro Center in Tustin, CA.

Even a Redditor is claiming to be one of the campers, though they insist that the RTX 5090 will be “for our own use” and not for reselling purposes. They also state that everyone “in line at the moment” is “very nice and respectful.”

Regardless of whether we’re seeing scalpers attempting to profit off the next new tech toy or genuine gamers excited for the RTX 5090, it’s always fascinating watching just how far people are willing to go to get their hands on something coveted.

Possible RTX 5090 shortages and more

One of the biggest obstacles to getting one of the best graphics cards will most likely be the shortages. MSI reports that RTX 5090 supply will be limited at launch, which suggests a chip shortage on Nvidia's end. Another source, IT Home (translated from Chinese), states the possible shortage “stems from miscommunication between Nvidia and partners, plus the 'Spring Festival' (Chinese New Year) affecting factory opening times.”

It seems that there are some measures to ease this issue in physical retail locations at least. Micro Center’s website states that it’ll use a ‘voucher system’ on the launch day, with customers receiving a voucher on a first-come, first-served basis before the store opens at 9am EST / 6am PST. This will at least ensure that said customers will have access to at least one of the graphics cards, though it doesn’t guarantee which one they’ll get.

But if you’re trying to track down your own flagship card, you can check out our live guide on where to buy the Nvidia RTX 5090. You can also read our review of the card, which awards it four and a half stars, citing its best-in-market performance, excellent dual-slot design, remarkable DLSS 4, PCIe 5.0 GPU, and 8K gaming capabilities.

Hopefully, whatever shortages are set to happen will abate in short order, or else the situation could turn dire thanks to scalpers, upcoming tariffs affecting the US, and anything else. But if all else fails, it might be simply best to wait it out, especially since the RTX 4000-series is more than powerful enough for the best gaming PCs.

You might also like...

• Nvidia RTX 5090 8K performance has blown me away already
• Nvidia RTX 5090 vs RTX 4090: we put Nvidia's best graphics cards head-to-head
• Scalpers are salivating right now - MSI suggests RTX 5090 supply will be tight due to Nvidia's shortage

• After DeepSeek’s surge in popularity, Nvidia is commenting on the AI newcomer
• Nvidia calls DeepSeek an ‘excellent AI advancement’
• Nvidia hints that its GPUs are still critically important

If you hadn’t heard the fuss about DeepSeek over the weekend, there is a good chance you'll at least have heard the term by now. It rose to fame because it provided a genuine competitor to ChatGPT at a fraction of the price, and it has caused turmoil in the stock market, seeing tech share prices plummet. Nvidia in particular suffered a record-breaking $600 billion share price drop, the largest share price drop in history.

Released by a Chinese startup of the same name, DeepSeek is a free AI chatbot with ambitions to take on the likes of OpenAI’s ChatGPT. There are also new models with some multimodal capabilities, mainly in image creation and analysis. It has taken the AI world by storm and is still the number one app in Apple’s App Store in the United States and the United Kingdom.

The app and website proved popular, with DeepSeek experiencing an outage and a reported ‘malicious attack’ the same day it rose to fame.

While Sam Altman, OpenAI’s chief executive, responded, we also heard from Nvidia, arguably the global leader in AI chips, which has risen in prominence as the AI wave has continued to grow.

In an emailed statement to TechRadar, Nvidia wrote, “DeepSeek is an excellent AI advancement and a perfect example of Test Time Scaling. DeepSeek’s work illustrates how new models can be created using that technique, leveraging widely-available models and compute that is fully export control compliant. Inference requires significant numbers of NVIDIA GPUs and high-performance networking. We now have three scaling laws: pre-training and post-training, which continue, and new test-time scaling.”

(Image credit: Adobe Stock)

It's certainly strong, calling DeepSeek “an excellent AI advancement,” which speaks to the performance of DeepSeek’s R1 model. It also confirms what we knew: new models can be established using existing models and chips rather than creating entirely new ones.

Nvidia clearly wants to remain a key part, noting that this type of rollout requires a lot of Nvidia GPUs and plays off the fact that DeepSeek used China-specific Nvidia GPUS. Reading between the lines, it also hints that DeepSeek will need more of its chips … at some point.

DeepSeek claims it used an innovative new training process to develop its LLMs using trial and error to self-improve. You could say it trained its LLMs in the same way that humans learn, by receiving feedback based on their actions. It also utilized an MoE (Mixture-of-Experts) architecture, meaning it activate only a small fraction of its parameters at any given time, significantly reducing the computational cost, making it more efficient.

Sam Altman also praised DeepSeek’s R1 model, “particularly around what they're able to deliver for the price.” He reiterated that OpenAI will “obviously deliver much better models,” but he welcomed the competition. Nvidia seems to be keeping its future cards closer to its chest.

It’s still a waiting game of sorts to see when DeepSeek AI will turn back on new sign-ups and get back to full performance, but if you’re curious about its staying power, read my colleague Lance Ulanoff’s – TechRadar’s Editor-at-Large – thoughts on its chances of sticking around in the United States. As well as our hands-on of DeepSeek AI versus ChatGPT from John-Anthony Disotto, one of TechRadar’s AI experts.

You might also like

• DeepSeek is the new AI chatbot that has the world talking – I pitted it against ChatGPT to see which is best
• iOS 18.3 is here with a major change to how you enable Apple Intelligence
• Don't get too attached to DeepSeek – it'll never survive in the US
• OpenAI's Sam Altman calls DeepSeek 'impressive' but promises to launch 'much better models' soon

• Baldur's Gate 3 Patch 8 accidentally went live on PS5 causing some issues
• Patch 8 has since been rolled back and may cause issues for PS5 players
• Larian Studios states players should perform a full reinstallation of their game to solve the problem

Larian Studios has offered a quick fix for Baldur's Gate 3 players on PlayStation 5 who were affected by the unintentional release of Patch 8.

Yesterday, the highly-anticipated update, which doesn't have a launch date just yet, was accidentally pushed live on PS5 ahead of the release of the Patch 8 stress test, which seemed to confuse a lot of players.

"No, the Patch 8 stress test hasn’t yet begun," Larian clarified on social media at the time. "Yes, PS5 players do currently have access to Patch 8. While we work with our partners to understand what’s going on, please note that any new saves made while on Patch 8 will not be compatible with Patch 7. How’s your Monday going?"

The update was swiftly rolled back, however, this may have caused some compatibility issues for those on PS5 who were affected, especially if they are using mods. It could render their save game unplayable or corrupted.

Thankfully, Larian has shared an easy solution to hopefully get players back on track

"Our partners have confirmed that some regions mistakenly received the Patch 8 build as an update to their live game version, in preparation for the Patch 8 stress test," the studio said in a new blog post. "This version of Patch 8 is not supported, and you may experience compatibility issues with save games and mods.

"You can return to the Patch 7 game version by uninstalling and reinstalling your Baldur’s Gate 3 game."

According to Larian, if users have version 01.800.000 or 4.1.1.6583053 in the corner of their main menu, then this is the Patch 8 version and is unsupported. Anything below that number should be the correct Patch 7.

The blog post also notes that if you still have Patch 8 installed, then multiplayer will be inaccessible, there will be trouble with mods, and any new saves made on Patch 8 will be incompatible with the Patch 7 version of the game.

For the latter, this means players will need to "create a new save or override an existing save while on Patch 8" as they "won’t be able to continue using this save if you revert to Patch 7".

Patch 8 was revealed in November 2024 and will introduce all-new features to Baldur's Gate 3, including photo mode, cross-play, and 12 new subclasses.

You might also like...

• Best RPGs 2024 - top role-playing games for PC and consoles
• The WWE 2K25 release date is here, with Roman Reigns revealed as cover star
• Assassin's Creed Shadows will be censored in Japan due to its gory combat

• We've got our first proper look at Samsung's Project Moohan
• MKBHD has shown us Android XR fetaures too
• Gemini looks like it would be awesome on AR glasses

Thanks to a video on his YouTube channel, MKBHD, Marques Brownlee has given us our best look yet at Samsung and Google’s VR headset prototype Project Moohan – and the Android XR platform as a whole. It does some exciting stuff, but there’s some important questions (*cough* price *cough*) that we still need answered.

Starting with the hardware, and we got to see some key headset design details – though bear in mind that this design of this prototype might not match that of the consumer version set to launch later this year. As it stands, though, similarities with the Apple Vision Pro go beyond the device’s silhouette.

There’s no over-the-head strap, but rather a single Meta Quest Pro-like adjustable strap round the back. Brownlee says that this, combined with the differently shaped facial interface, means that it's comfortable without one (unlike the Vision Pro).

Just like Apple’s headset, the device relies on an external battery pack. One difference here is you can connect the USB-C cable into either the official battery or any battery pack you choose (although there may be risks if you use an unofficial pack). I was expecting this subtle design upgrade; it allows you to decide if you want a sleeker pack or a bulkier battery with a much longer battery life, based on your needs.

Speaking of the Meta Quest Pro, Moohan borrows its optional light blockers. These add-ons allow you to block out light for a more immersive VR experience. Alternatively, you can take them off to see more of your actual surroundings – ideal for mixed reality, as you have a better connection with the real world.

On that topic, the mixed reality quality looked solid, though it’s hard to say too much on it as Brownlee appeared to be in a very bright room (an ideal environment for MR) and as I’ve seen first-hand with the Meta Quest 3 headsets, the recording of your passthrough cameras is higher quality than what the wearer experiences. So we’ll have to test it first hand to understand how good it is for mixed reality.

Lastly, we learnt Project Moohan lacks your typical VR controllers and instead relies solely on hand tracking (sort of – more on that in a moment). This could change, but the hand tracking seemed reliable enough. It closely matches the hand tracking style used by Meta’s Quest headsets, which has you reach out to touch and point a little more than the Apple Vision Pro. This should help app creators port their XR apps from Meta systems to Android XR.

Meta could face some competition (Image credit: Meta ) Gemini is made for AR glasses

This is a good point to segue into software. Brownlee focuses on Android XR’s Gemini integrations, which in fairness seem neat.

This XR version of Gemini Live is just as smart as your smartphone version, with many of the same features – you can talk to it, and it can even take inspiration from the real world around you. Brownlee demoed one interesting trick, where he held up a book to the headset’s cameras and asked it “Can you take me to here?” To which Moohan responded “Sure, that looks like Wadi Rum in Jordan” before opening up the Google Maps app at the rough location of where the picture was taken (even Rainbolt isn’t able to escape the AI uprising).

It also comes with in-built circle to search, allowing Brownlee to use the AI to try and search the web for examples of the shoes he was wearing or of the art on the wall in the room. He also highlighted how Gemini allows you to open up apps with your voice, which makes for a less physically taxing way to interact with XR.

Overall, though, I’m a little disappointed. Gemini is a fun include for the device, but I could see it working a lot better on glasses compared to a headset – as you’re unlikely to be walking around with Moohan on in your day-to-day, unlike AR smart glasses. The other software teases – XR versions of existing Android apps – didn’t light my world on fire either.

Android XR smart glasses would be fantastic with Gemini (Image credit: Meta)

This is where the Apple Vision pro fell down. It’s not showing us much more utility from Moohan than your regular smartphone and pair of the basic smart glasses such as the Xreal Air 2s, which project your screen in front of you.

That said, it's still early days. Samsung and Google might still be able to convince XR developers to create exclusive and more meaningful uses for Moohan that your other devices can’t mimic. Obviously a lot of this critique hinges on Moohan’s price – which Samsung is remaining tight lipped on. If that changes, we’ll be sure to keep you in the loop.

You might also like

• TCL has 3 new smart glasses which are all in the running for the best of 2025 already
• This haptic vest might be my new favorite Meta Quest 3 accessory
• Asus Tarius VR headset could use the Meta Quest 3’s best feature to defeat it

• Security researchers are warning about "hidden text salting" in emails
• Hackers can hide parts of the text to confuse email scanners
• The hidden text helps the email pass the scans and land in the inbox

Hackers are increasingly using “hidden text salting”, or “poisoning” techniques, to work around email security measures and get phishing messages to land in people’s inboxes.

A new in-depth guide published by cybersecurity researchers from Cisco Talos outlines how cybercriminals are abusing HTML and CSS properties in email messages, setting the width of some elements to 0, and using the “display: hidden” feature to hide some content from the victims. They are also inserting zero-width space (ZWSP) and zero-width non-joiner (ZWNJ) characters, and ultimately hiding the true email content, by embedding irrelevant language.

As a result, email security solutions, spam filters, and brand name extractors get confused, and the emails that would otherwise end up in the spam folder, make it directly to the inbox.

Advanced filtering

In its writeup, Cisco Talos has given multiple examples, including one in which attackers hid French words in the email’s body. This confused Microsoft’s Exchange Online Protection (EOP) spam filter which ultimately let the message pass.

In another example, Cisco Talos said threat actors were using CSS properties and ZWSP characters to hide email content, successfully mimicking Wells Fargo, and Norton LifeLock.

To tackle this strategy, the researchers suggested IT teams adopt advanced filtering techniques that scan the structure of HTML emails, rather than just their contents. An email security solution could, thus, look for extreme use of inline styles or CSS properties such as “visibility: hidden”. Deploying AI-powered defenses is also recommended.

Email remains one of the top attack vectors, due to its simplicity, omnipresence, and low cost for a large-scale operation. It also owes its popularity to the fact that it attacks the email security chain on its weakest link - the human.

You might also like

• 7 myths about email security everyone should stop believing
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

• Philips H8000E are new noise-canceling headphones
• 40mm graphene drivers, hi-res audio, and Bluetooth Auracast
• "Easily replaceable" batteries for sustainability

Philips has announced its new competitor in the world of the best noise-canceling headphones, the Philips H8000E. They're over-ear headphones with ANC, customization options via the Philips Headphones apps, Bluetooth LE Audio and the next-gen LC3 codec, Bluetooth Auracast, 50 hours of battery life with the ANC on (70 with it off), and even replaceable batteries for repairability.

That's a lot of stuff, but there's one thing notably missing so far: the price. Philips has described these headphones as "mid-range", but that could mean anything from under $150 to under $250 depending on your particular view.

They're due to launch in September 2025 in the US, UK, and Europe, which means they're going to have an interesting time likely competing with the Sony WH-1000XM6 that are expected to launch in the summer – and also a lowered price for the existing Sony WH-1000XM5.

So it's good that they've got a few advantages over Sony currently, with the biggest probably being the 50-hour battery life – Sony's headphones manage 30 hours with the ANC on.

There's also the future-proof support for the LC3 codec, which is capable of higher-res audio and better quality sound generally while using less power, which still isn't totally common among premium headphones.

And like Sony's headphones, they support the LDAC higher-res Bluetooth codec.

There are five levels of noise cancellation power selectable through the app, and the promise that 'AI microphones' will aid call quality.

There's a folding design that's good for travel, and they're lightweight. Philips says that they have some sustainability goals in mind too, featuring recycled plastic in the construction, and "easily replaceable integral batteries and detachable ear pads" with the aim that you can use them for years and years (though let's hope that the batteries are easier to replace than the last headphones that iFixit tried to repair).

With eight months to go until they're due to be released, let's hope that Philips really has future-proofed the sound quality, features, and planned price of these cans, because a lot may have changed in the world of the best headphones by then. I wouldn't be surprised to see new models before then not only from Sony but also Sennheiser.

You might also like

• These retro headphones and speaker designs really bring the ’80s cool – AIAIAI and design agency Brain Dead went old-school for this one
• Apple's banking on camera-equipped AirPods to trounce Meta smart glasses, but I'm not sure it's enough
• Size does matter: how one reader’s email left me obsessed with headphone arm length (and sent me on a quest to find a model for larger heads)

• Unofficial AMD Radeon drivers reveal FSR 4 DLL file
• The file suggests RDNA 4 GPUs will have access to FP8 WMMA, which may be a prerequisite for FSR 4
• Games that already have FSR 3.1 will have FSR 4 implemented instantly

While AMD has already confirmed that the new FSR 4 (FidelityFX Super Resolution) upscaling method will be exclusive to RDNA 4 GPUs, some gamers were holding out hope that older GPUs could one day benefit from its addition - but a recent revelation may have shut that possibility down entirely.

As reported by VideoCardz, an FSR 4 DLL file was spotted in unofficial Radeon drivers.

According to Osvaldo Pinali Doederlein on X, FSR 4 uses a machine learning algorithm with an 8-point floating-point implementation - and reports are also suggesting that RDNA 4 GPUs will use FP8 WMMA (Wave Matrix Multiply Accumulate that helps to accelerate AI applications), which is what is supposedly required for FSR 4 to function.

With this in mind, it would mean older GPUs won't be able to take advantage of FSR 4, as RDNA 3 GPUs (like the RX 7900 series) reportedly won't receive the full optimization of FP8 WMMA, while older RDNA 2 GPUs won't receive any FP8 support at all.

Since rival Nvidia's DLSS 4 upscaling tech will be available for all RTX GPU users, this could easily lose Team Red some fans.

(Image credit: Joseph GTK / Shutterstock) What does this mean for RDNA 3.5 handheld gaming PCs?

It remains to be seen whether RDNA 3 GPUs will be able to make the cut for AMD's new FSR 4, so I fear for what this may mean for handheld gaming PCs. Upcoming devices like the Lenovo Legion Go 2 will be using the Ryzen Z2 Extreme APUs, which are likely built-in RDNA 3.5 architecture.

If it wasn't clear enough already, upscaling will be an important feature for games going forward, especially graphically-intensive ones. If new handhelds can't take advantage of what Team Red's new frame generation will have to offer in terms of performance enhancements, then the ability of these handhelds to be able to play the latest AAA games will be compromised.

Games that already have FSR 3.1 support will instantly have FSR 4 implemented once it becomes available - so it begs the question of whether this could mean older GPUs could still use FSR 4 super-resolution, but lose out on potential improved frame generation tech, similar to Nvidia's DLSS 3 and 4 with RTX 3000 and 2000 series GPUs. Hopefully, older AMD GPUs can get something out of this...

You may also like...

• AMD exec hints that discrete RDNA 4 GPUs won’t be in gaming laptops anytime soon, leaving Nvidia’s RTX 5000 cards unchallenged
• AMD looks set to compete with Nvidia in the laptop GPU space - Team Red claims Ryzen AI Max 395+'s iGPU outperforms RTX 4070 laptop GPU
• Sorry, AMD, Nvidia's price tags for its RTX 5000 GPUs could win me over

• Security researcher finds related attacks and dubbed them Clone2Leak
• This allowed threat actors to leak credentials through Git's credential helper
• Patches are already available, so update now

A number of flaws was recently found in distributed version control system Git’s credential helper which allowed malicious actors to exfiltrate login credentials from different projects. It was responsibly disclosed to the developers and shut down.

Git's credential helper is a feature that securely manages credentials (usernames and passwords, or personal access tokens) required to authenticate with remote repositories. It simplifies authentication by caching or storing credentials so users don't need to repeatedly enter them for every Git operation.

Recently, a cybersecurity researcher from the Japanese GMO Flatt Security outfit, alias RyotaK, found three separate, but related attacks, and dubbed them “Clone2Leak.” He explained that the flaws revolve around the improper handling of authentication messages sent to the credential helper. As a result, Git could end up sharing stored credentials to a malicious server.

Multiple flaws

GitHub Desktop, Git LFS, GitHub CLI/Codespaces, and the Git Credential Manager, were said to be vulnerable.

Clone2Leak comprises these three flaws: CVE-2025-23040, CVE-2024-50338, and CVE-2024-53263. The first two are described as “carriage return smuggling” flaws affecting GitHub Desktop and Git Credential Manager, while the third one is described as “newline injection” in Git LFS. The researcher also discovered a logic flaw in credential retrieval, tracked as CVE-2024-53858, affecting CitHub CLI and GitHub Codespaces.

Users are now urged to migrate to the safe releases to mitigate the risk of potential credential leakage.

All of the above-mentioned bugs have since been addressed, and users are now urged to update their tools, audit credential configurations, and be extra careful when cloning repositories. That being said, the versions they should go for include GitHub Desktop 3.4.12, Git Credential Manager 2.6.1, Git LFS 3.6.1, and gh cli 2.63.0.

Users should also enable Git’s ‘credential.protectProtocol’, it was said.

Via BleepingComputer

You might also like

• Apple forced to patch iOS and macOS security flaw that could have leaked your private info
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

• WWE 2K25 is coming to PC and console on March 7
• The world-famous wrestler Roman Reigns will be the headlining cover star
• The next WWE 2K entry will feature new modes, match types, and over 300 wrestlers

WWE 2K25 has been officially revealed with world-renowned wrestler Roman Reigns announced as its cover star.

The next entry in the WWE 2K franchise will have three editions at launch, including a Standard Edition, which will arrive on March 14 for PS4, PS5, Xbox One, Xbox Series X, Xbox Series S, and PC.

For those looking to play early, they can purchase the WWE 2K25 Deadman Edition or The Bloodline Edition which will be released on March 7.

New features will be introduced in WWE 2K25 including the 2K Showcase: The Bloodline's Dynasty mode, "an interactive celebration of the legacy of the extended Anoa’i wrestling family", as well as new match types like Underground Match, Bloodline Rules Matcher, and Intergender matchups, the return of Chain Wrestling, a new MyRISE experience, and more.

The game will also feature The Island, allowing players to explore and challenge others while also completing quests, challenges, and live events. However, this will only be available on PS5, Xbox Series X, and Xbox Series S.

WWE 2K25 also boasts "the largest ever WWE 2K roster" of more than 300 Superstars, Legends, and Hall of Fame wrestlers, including some of the most iconic faces, like John Cena, Rhea Ripley, The Rock, “Rowdy” Roddy Piper, CM Punk, “Stone Cold” Steve Austin, Jade Cargill, Diamond Dallas Page, Booker T, Ultimate Warrior, Trish Stratus, and more.

Roman Reigns, aka "The Original Tribal Chief", will be featured on the Standard Edition cover, as well as the Bloodline Edition alongside other famous wrestlers, while the Deadman Edition will headline The Undertaker to celebrate his 35th anniversary in the WWE.

"I am personally and professionally excited that the Original and Only Tribal Chief and the extended Anoa’i family are the focus of WWE 2K25," said Roman Reigns.

"We’ve been building toward this moment for generations and I challenge players everywhere to show me and my Wiseman, Paul Heyman, what they’ve got, and prove they’re worthy of the attention of their Tribal Chief."

Greg Thomas, president of developer Visual Concepts added, "WWE 2K25 expands on our winning formula in nearly every aspect of the player experience. Our new approach to 2K Showcase and MyRISE storylines really tap into the creativity of the development team, and we're excited to see our community enjoy these updated features."

You might also like...

• Best PS5 games 2025
• Leaked listing suggests the Nintendo Switch 2 could cost less than $400, but I don't believe it
• Have you been chosen? Nintendo Switch 2 Experience invites are being sent out now

• Your Friendly Neighborhood Spider-Man's producers have revealed why its release was delayed
• The Marvel show's launch wasn't impacted by the pandemic or 2023 Hollywood strikes
• Work was completed in mid-2024, so we've had to wait seven months for it

Two of Your Friendly Neighborhood Spider-Man's (YFNSM) producers have explained why it wasn't released sooner than it should've been.

Brad Winderbaum and Jeff Trammell, the latter of whom is also YFNSM's showrunner and head writer, told TechRadar that there were two big reasons for the show's delayed launch. Strangely, it had nothing to do with the pandemic or the 2023 Hollywood strikes, even though the latter was the chief cause for multiple Marvel movie delays and a much quieter 2024 for Marvel Studios on the Disney Plus front.

So, considering Winderbaum – Marvel's head of TV, streaming, and animation – told me that the Marvel Phase 5 show was "completed last summer" (that'll be mid-2024, for anyone wondering), what was the hold up? As it happens, adding some final polish to the overall series and, even more curiously, issues from a distribution perspective.

YFNSM is finally set to arrive on Disney Plus tomorrow (January 29) (Image credit: Marvel Animation/Disney Plus)

"We announced it pretty quickly after we greenlit its development," Winderbaum told me about Spider-Man's latest animated adventure. "We started showing fans some of the art at Comic-Con [in July 2021], so we were working on it right around then.

"The development timeline was around three years and we actually completed it last summer," he added. "So, we've been waiting with bated breath for the world to see it. The only real delay was on the distribution side. You know, release schedules and subject to a lot of different forces in the world, so they're liable to shift and change."

It wasn't just the scheduling patterns that deviated from their original target. YFNSM was initially designed to be a show that was canon in the Marvel Cinematic Universe (MCU), one that would've acted as a prequel to the Tom Holland-starring Spider-Man movies that are also set in Marvel's cinematic juggernaut. However, as Winderbaum explained on a December 2024 edition of the Phase Hero Podcast, the comic book giant pivoted away from that plan when, as Windderbaum put it, "we would've had to put so many limiters on our story to get it to lock into canon".

Paid intern by day, Spider-Man also by day.Stream Marvel Animation's all-new series #YourFriendlyNeighborhoodSpiderMan Wednesday on @DisneyPlus. pic.twitter.com/gArYz2nXQPJanuary 27, 2025

Even with its semi-creative overhaul, YFNSM was ready to make its debut on one of the world's best streaming services seven months ago. Given the dearth of Marvel content last year, it would've made sense to release it on Disney's primary streamer in 2024, then. Regardless, Trammell isn't complaining about the additional development time that was afforded to the show's crew.

"It took the time that it took," he told me with a smile. "There were certain parts of it where we thought 'we can push this even further and make it better', and we were allowed the time to do that by Marvel, which was great.

"Everyone wants to deliver the best version possible," Trammell continued, "And I think we were able to do that because Marvel was so supportive, and gave us more time to iron things out or work on something that wasn't at the required level. It's great to have the chance to do that because I've worked on other shows where that wasn't the case and we were forced to hit specific deadlines. Marvel knew this was an important series, so they wanted us to get it right."

Depending on who you ask, YFNSM could've used more time to make it as good as possible. Indeed, Trammell has already had to defend its animation style after some fans criticised how it looked, so some people may not agree with his sentiments. Anyway, you can see what I thought of YFNSM and whether it deserves a spot in our best Disney Plus shows guide, when my review goes live tomorrow (January 29).

You might also like

• 'There's a lot of content coming out': Your Friendly Neighborhood Spider-Man producer explains why the Marvel TV show has such a 'unique' release schedule
• Find out how to watch the Spider-Man movies in order
• Or get the lowdown on what we know so far about Spider-Man 4

DeepSeek has turned the AI world upside down this week with a new chatbot that's shot to the top of global app stores – and rocked giants like OpenAI's ChatGPT.

The reason why DeepSeek is such big news is because it's free, open source and appears to show it's possible to create chatbots that can compete with models like ChatGPT's o1 for a fraction of the cost.

It's a story that continues to develop by the minute too, as rivals like OpenAI and Nvidia publicly comment on the emergence of China's new AI disruptor, while the Australian government raises privacy concerns about DeepSeek.

Confused about DeepSeek and want the latest news on the biggest AI story of 2025 so far? We're covering all of the latest news here live below...

The latest DeepSeek news

• OpenAI's Sam Altman calls DeepSeek 'impressive' but promises to launch 'much better models' soon
• Don't get too attached to DeepSeek – it'll never survive in the US
• DeepSeek forced to pause new signups following large scale cyberattack
• DeepSeek has already dethroned ChatGPT – is it coming for Midjourney and DALL-E next?

A quick DeepSeek refresher

(Image credit: Getty Images)

A bit confused about DeepSeek? Here's a quick primer. The free AI chatbot was actually released on January 20, but has exploded in popularity over the past few days as tech fans realized its significance. As the venture capitalist Marc Andreessen noted on X (formerly Twitter), "Deepseek R1 is AI's Sputnik moment".

The app is currently top of the free charts on Apple's App Store and Play Store in the US and many other countries, despite being made in China – which was the subject of a trade ban on advanced chips from the likes of Nvidia.

Ironically, it's those trade restrictions that appear to have sparked the ingenuity behind of DeepSeek, which was created using a tiny amount of the enormous compute power that's behind today's major AI models.

Benchmark tests show that it can perform tasks like answering questions and generating code as well as the current top AI models around. However, you may have trouble creating a DeepSeek account – it was forced to pause sign-ups following a major cyber-attack.

OpenAI's Sam Altman responds

(Image credit: Shutterstock/photosince)

OpenAI's Sam Altman has now publicly commented on DeepSeek for the first time, stating on X (formerly Twitter) that the AI model is "impressive" – and I can't help but hear that in the voice of Patrick Bateman in the American Psycho business card scene.

But he was also typically bullish about OpenAI's response, stating that "we will obviously deliver much better models" and that it's "legit invigorating to have a new competitor". Altman also doesn't think the news changes the picture in terms of chips, stating that "more compute is more important now than ever before to succeed at our mission".

The markets don't seem to agree, with the chip-making giant Nvidia suffering the biggest one-day market value dive in US history yesterday.

Will the DeepSeek hype last?

(Image credit: DeepSeek)

TechRadar's Editor-at-Large Lance Ulanoff has written a fine takedown of the DeepSeek hype – questioning whether the chatbot, which isn't yet multi-modal, is worthy of the column inches it's getting and (quite reasonably) suggesting that it's unlikely to last in the US, given TikTok's recent woes.

Commenting on the share price drops of Nvidia and others he notes "with almost no information or real proof that DeepSeek and its investors are being transparent and truthful, investors have started pulling their AI dollars from the US stock market."

Even if we do accept that DeepSeek is a breakthrough, there are understandable question marks about its longevity in the US. As Lance Ulanoff states "it doesn't matter how good it is; this app will not survive in the current US climate".

• Read more: Don't get too attached to DeepSeek – it'll never survive in the US

Is DeepSeek safe to use?

(Image credit: Future)

We've done our own in-depth comparison of how DeepSeek compares to ChatGPT, but since then some privacy alarm bells have been sounded about the app.

As noted by the BBC, Australia's science minister, Ed Husic, told ABC News earlier today there are lots of unanswered questions around "data and privacy management" with DeepSeek. "I would be very careful about that, these type of issues need to be weighed up carefully," he cautioned.

DeepSeek's privacy policy is quite open that "we store the information we collect in secure servers located in the People's Republic of China". That information includes your email address, phone number, date of birth and chat histories.

None of this is much different from the privacy policies of ChatGPT or Gemini, but the harvesting of that information in China – and the fact that it's combined with "actions you have taken outside the service" from advertisers – is bound to keep those alarm ring bells ringing louder in the coming days.

Who actually owns DeepSeek AI?

(Image credit: DeepSeek / Future)

DeepSeek was founded in mid-2023 by the Chinese hedge fund manager Liang Wenfeng, who is the company's CEO. Liang founded High-Flyer, a hedge fund that uses AI to create trading strategies, back in 2015 – then according to a Washington Post profile, used that experience to develop large language models with his new DeepSeek company.

How close are DeepSeek's links to the Chinese government? Inevitably, the AI app's newfound success has garnered a lot of new attention, but it apparently hasn't always been considered an AI star inside China.

According to Matt Sheehan (an expert on China’s AI industry quoted in the Washington Post's profile), DeepSeek was "not the ‘chosen one’ of Chinese AI start-ups" and that it "took the world by surprise, and I think to a large extent, they took the Chinese government by surprise".

But DeepSeek is now far from an unknown – and it'll be interesting to see if or how it distances itself from the Chinese government in order to allay those growing privacy fears.

Nvidia calls DeepSeek an 'excellent AI advancement'

Beyond OpenAI's Sam Altman sharing his thoughts about DeepSeek AI and promising much more from ChatGPT, Nvidia has also publicly commented, calling DeepSeek an "excellent AI advancement."

The response came after yesterday's record-breaking $600 billion share price drop, the largest drop the shares have ever seen and largely a result of DeepSeek's performance and the cost of the AI model. Beyond being impressed by R1, it's clear that Nvidia wants to remain a key part of the narrative.

The complete written statement reads, “DeepSeek is an excellent AI advancement and a perfect example of Test Time Scaling. DeepSeek’s work illustrates how new models can be created using that technique, leveraging widely-available models and compute that is fully export control compliant. Inference requires significant numbers of NVIDIA GPUs and high-performance networking. We now have three scaling laws: pre-training and post-training, which continue, and new test-time scaling.”

• A Steam Deck user had an issue with the gaming handheld's bulk
• So he created the 'Steam Brick,' a stripped-down version
• He successfully created a portable one-third the size of the original

The Steam Deck has taken the gaming handheld market by storm since its initial launch, enabling users to play the best PC games in a much smaller and more portable form factor. However, one person decided that his OLED Steam Deck wasn’t portable enough, and decided to take matters into his own hands.

User crastinator-pro’s disclaimer on the GitHub page reads “I am not a smart man,” after he describes his thought process behind the massive modification process, which involved stripping down the portable’s screen and controller. According to the post, he only found himself using the Deck with either AR Glasses or a TV and, more often than not, leaving it at home due to it being too bulky for his taste.

Crastinator-pro started by testing if the Steam Deck would still boot if he disconnected everything but the fan from the motherboard. He found that it would, writing that it “will boot output display over USB and accept peripherals via an external dock.” After more tearing down, he then made a basic case to house the brick-like ‘console.’ The biggest obstacle here was ensuring that the case wouldn’t melt from any heat generated by gaming sessions.

(Image credit: Valve / crastinator-pro)

The final result is truly a marvel of engineering. The ‘brick’ is roughly one-third the size of the Steam Deck, four times smaller than its OEM case, and 24% lighter. The ‘brick’s’ dimensions are 7.6 x 4.9 x 0.8 inches / 193.5 x 126.5 x 21mm, and it weighs 16.7oz / 474g, compared with the original OLED Steam Deck’s 4.6 x 11.7 x 1.9 inches and a weight of 1.41lbs.

That’s a significant difference, but there are a couple of downsides to this build. The first one is that “accessing the BIOS by holding down the + button while powered up is impossible, as that button isn’t included in the build.” The second is that it’s difficult to determine whether the modified system is turned on since the indicator light doesn’t illuminate.

What makes the Steam Deck so special?

The Steam Deck is a fascinating machine — not only does it offer comparable PC gaming functionality without the bulk of either a desktop or laptop, but you can also endlessly modify the machine to suit your software or hardware needs. Projects like the ‘Steam Brick’ truly show just how well-built and flexible this portable is.

Simply using the handheld as intended can be a changing experience for gamers. As TechRadar’s Roland Moore-Colyer puts it, the freedom of being able to play the best Steam Deck games without being tethered to a dedicated PC is incredible. Even better is not having to worry about carrying a heavy gaming laptop when traveling, something only console gamers have been able to experience.

You can also choose from the best Steam Deck alternatives, each of which offers unique features and selling points – the Lenovo Legion Go for example, has a joystick that replaces the function of a mouse for shooters.

• The Steam Deck keeps winning me over – here’s why it’s my most-played console of 2024
• Steam Deck OLED vs Steam Deck: comparing design, specs, performance, and more
• The best Steam Deck alternatives in 2025: top picks to play on the go

In the evolving cyber arms race, bad actors have turned to sophisticated tools like Rockstar 2FA, a phishing-as-a-service kit capable of bypassing multi-factor authentication (MFA) on widely trusted platforms such as Microsoft 365 and Google Workspace. This attack method resets the cybersecurity landscape, exposing pre-MFA vulnerabilities and proving that even advanced authentication methods are no longer a silver bullet for security. As cyber threats evolve at an unprecedented pace, businesses find themselves at a crossroads in balancing technological innovation with holistic identity security strategies. The question organizations must now ask is no longer whether MFA should be in place but whether it is enough, properly configured, monitored effectively, and a part of a broader defense strategy.

As 2025 nears, the proliferation of AI-embedded SaaS applications amplifies the challenges of managing human and non-human identities, driving a surge in identity-driven breaches. To navigate this evolving landscape, businesses need to rethink their approach to identity and access management (IAM), and extend their approach beyond MFA to include centralized monitoring, anomaly detection, and real-time remediation.

The problem with MFA in 2025

MFA undoubtedly raises the bar for some attackers, yet organizations often mistake its implementation for complete, set-it-and-forget-it security. It reduces the probability of an attack, but think a few steps down the line and it becomes clear that MFA does little to stop breaches if not configured properly or if monitoring and detection mechanisms are inadequate.

For years, MFA has been heralded as the best defense against phishing. However, its growing adoption has motivated attackers to find new ways to exploit its weaknesses. One key vulnerability lies in session token abuse. Once a user grants second-factor access in a browser session, the resulting session tokens — captured via phishing attacks — can be reused to bypass MFA entirely. Even the most junior cybercriminals exploit these tokens to mimic legitimate user activity, rendering MFA protections useless after an initial breach.

Failing to address these gaps has significant implications, from operational disruption to potential regulatory fines and reputational damage. The bottom line is that today’s threat actors don’t need widespread success; they only need one vulnerable entry point to compromise entire systems.

What’s worse, phishing-as-a-service kits like the previously mentioned Rockstar 2FA make this process seamless. Attackers leverage automation and brute force to identify users who can be tricked and have their credentials or session tokens stolen. The result? Undetectable campaigns that sidestep MFA without triggering alarms.

Identity-based threats beyond MFA

While identity-based attacks affect every industry, cybercriminals gravitate toward targets that promise the highest returns — financial services organizations, legal departments, and C-suite executives. These roles often have elevated privileges and access to critical data, making them ideal targets for phishing campaigns.

Compounding the issue, the rapid adoption of SaaS and AI has introduced a critical yet overlooked vulnerability: non-human identities. Unlike human users, these machine-based identities — service accounts, OAuth tokens, and third-party integrations — cannot perform MFA. They rely instead on static authentication methods, such as API tokens or embedded credentials, which are significantly less secure. This vulnerability was starkly highlighted in a recent browser extension attack campaign where attackers used consent phishing to bypass MFA protections. By tricking victims into authorizing a malicious OAuth application through legitimate Google authentication flows, the attackers gained access without triggering MFA prompts, exploiting the static nature of machine-based authentication.

Consider the number of apps integrated into a single employee’s account — Calendly linked to Microsoft 365, Slack connected to Salesforce, and AI tools with access to sensitive business data. These machine identities often carry privileges equivalent to human users, but their proliferation makes them difficult to monitor and control. We’ve found the ratio of non-human identities to human ones at almost 10-to-1. Each integration introduces another point of exposure, and poor oversight creates easy openings for intelligent attackers. Organizations must trust that AI vendors secure their tokens effectively, but this trust is often misplaced. Attackers frequently target these third-party tokens to bypass MFA protections, exploiting the trust users place in vendors. Breaches at vendor systems have repeatedly enabled attackers to compromise tokens, using them as entry points to infiltrate customers’ systems and access sensitive data.

Decentralized administration: a hidden weakness

Decentralized administration poses yet another risk, especially within organizations using dozens of SaaS applications.

With disparate platforms under a company’s corporate umbrella — like Salesforce managed by sales teams, Workday by HR, HubSpot managed by the marketing team, and GitHub by developers — security often becomes an afterthought. Admins, focused on immediate business needs, may disable security configurations temporarily to resolve workflow bottlenecks. These short-term fixes can lead to long-term security risks, such as misconfigured MFA or excessive privileges, which attackers eagerly exploit.

The challenge lies in scale. Each SaaS platform defines MFA and security controls differently, requiring deep expertise to manage configurations effectively. Without centralized oversight, organizations lose visibility into their security posture, creating opportunities for breaches.

Actionable steps to bolster defenses

Looking ahead, the battle against phishing and identity-based threats will require a multi-layered approach to security:

Adopt stronger MFA solutions: Organizations must move beyond phone-based 2FA to advanced methods like biometrics or hardware-based security keys, which are far more resistant to phishing.

Centralize identity management: Consolidate administration under a single framework to enforce consistent security configurations and policies across SaaS applications, reducing misconfigurations and unauthorized access.

Enhance visibility and monitoring: Implement tools that provide continuous visibility into both human and machine identities, detecting anomalies in real time. Continuously audit configurations to detect drift from secure states.

Prioritize training and awareness: Educate employees and administrators to recognize phishing attempts and avoid risky configurations. rain business teams to prioritize security and avoid temporary “workarounds” that compromise long-term defenses.

The adoption of AI and SaaS is inevitable, but so are the threats they introduce. To stay ahead, businesses must recognize that MFA alone is insufficient. By combining advanced authentication, centralized monitoring, and proactive policies, organizations can defend against the phishing arms race of 2025. MFA may no longer be the silver bullet, but with the right defenses, it can be a key component of a more holistic identity strategy.

We've featured the best business VPN.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Microsoft has confirmed a bug is taking out audio on some PCs
• It’s affecting all versions of Windows 11, and also Windows 10, mainly hitting those who use a DAC with their PC setup
• A fix is in the pipeline, we’re told

Microsoft has confirmed that Windows 11 has an audio bug (that we reported on yesterday), a glitch which can take out the PC’s sound completely, and it’s now clear that this affects multiple Windows versions.

That means not just those on Windows 11 24H2 (an update that’s still rolling out), but people running 23H2 and 22H2, and also Windows 10, making this an unusually widespread bug to say the least.

This problem was first noticed by Windows Latest and is lurking within the January 2025 cumulative updates for these OS versions.

The tech site ran into the issue after they installed the January update for Windows 11 (24H2), whereupon the audio on their PC immediately stopped working.

Apparently, this bug mainly affects those with use an audio DAC (digital-to-analog converter) hooked up via USB, but it can happen to any unlucky Windows 11 (or 10) user who grabs the latest patch.

As Windows Latest spotted, Microsoft has confirmed the issue, stating that: “After installing this security update, you might experience issues with USB audio devices. You are more likely to experience this issue if you are using a USB 1.0 audio driver-based DAC in your audio setup.”

Sadly, there isn’t a fix, and the only way to avoid your audio being torpedoed is to remove the external DAC (assuming you’re using one, and this is what’s causing the problem). In other words, just plug the audio device directly into your PC, instead of via the DAC.

Microsoft further notes: “We are working on a resolution and will provide an update in an upcoming release.”

(Image credit: Marjan Apostolovic / Shutterstock) Analysis: An update oddity indeed

This is an odd one for a couple of reasons. Firstly, it’s unusual to see a bug disrupting every available version of Windows 11, and Windows 10 as well – that represents an alarming across-the-board clattering of dominoes.

Secondly, the January update doesn’t bring anything in the way of new features (to any of these OS versions). It’s a very straightforward patch applying security fixes, and that’s all. So, it really shouldn’t be causing any issues, but clearly, it is.

Why? Well, your guess is as good as mine, but if you want to hear my stab-in-the-dark, it’s that someone has been tweaking something deep inside of Windows as part of those security measures. Why do I say that? Given that the bug is present across all versions, going back to Windows 10, it surely must have been an old, core part of the operating system codebase that was tweaked (and broke something).

Whatever the case, this is yet another hassle for Windows 11 users, particularly those on 24H2, some of who’ve been experiencing a very hard time of it lately, with a seemingly relentless stream of bugs crawling in the general direction of those users. Most recently, that includes another audio bug, and a whole bunch of nastiness that has been visited on PC gamers in one form or another.

Are some of those 24H2 users getting very fed up? I’d say that’s likely, particularly the gamers, but hopefully the teething troubles caused by what I presume is the under-the-hood transition to the Germanium platform (introduced with 24H2, and a key element for Copilot+ PCs) will soon start to settle down.

In the case of this audio bug, though, clearly it has nothing to do with Germanium seeing its widespread presence outside of 24H2. With any luck, the promised fix from Microsoft won’t take long.

You may also like...

• How to prepare for Windows 10 End of Life
• If Microsoft's Windows 11 24H2 issues continue like this, I'll fully convert to SteamOS for gaming
• Windows 11 remains an unloved OS – but why won't people upgrade?

• Google’s Chrome Web Store for Enterprise has been made available
• It’s free to use for Chrome Enterprise Core and Premium users
• Two new features are coming later in 2025

Google’s Chrome Web Store for Enterprises has officially launched, meaning company IT admins are about to have much more control over the type of browser extensions employees can access.

First teased back in October 2024, the new Enterprise-destined Chrome Web Store allows organizations to curate lists of pre-approved Chrome extensions for their workers to help reduce the risks associated with malicious extensions.

Tools built into the admin controls will display disk scores for extensions to provide additional visibility into the potential risks.

Chrome Enterprise Web Store

The feature relies on Google’s security operations (SecOps) tools to offer real-time telemetry and risk scoring, providing IT admins with detailed insights into extension usage and more, but risk scores are provided by third-party platform spin.AI.

“By providing greater control, visibility, and security, Google is committed to empowering businesses to harness the full potential of Chrome extensions while safeguarding their critical assets," Chrome Web Store & Extensions Product Manager Hafsah Ismail and Chrome Enterprise Product Manager Maxime Martin wrote in the announcement.

Hafsah and Martin summarized the benefits, which include simplified access, enhanced security, increased productivity, customizable interface, and more transparency.

The company-specific Web Stores will also feature company branding, including logos, imagery, and announcements, allowing enterprises further customization of their employee experiences.

Besides the ability to curate pre-approved lists, admins will also be able to remotely remove extensions from users’ systems in an update later this year. Another update arriving this year will let Enterprise admins look forward to customer block messages on extension detail pages. Google hopes this will reduce end-user requests to IT.

The new Chrome Web Store is available free of charge to Chrome Enterprise Core and Chrome Enterprise Premium users.

You might also like

• We’ve listed our pick of the best browsers
• Check out the best privacy tools and anonymous browsers
• Google Workspace opens up Gemini for all - but you'll have to pay more

• There's a new Apple Support doc about AirPods updates
• Spoiler: You're doing it correctly already
• If things go wrong, try, try again

Apple's AirPods, AirPods Pro and AirPods Max aren't like other Apple products: where iPhones, iPads and Macs update their software through a visible and straightforward process, Apple's headphones are more mysterious. Or at least, they were until now.

At long last, Apple has clarified what you need to do to update the best AirPods of all kinds. And it's simple: just wait for a full moon, turn out your pockets three times, and dance the dance of the AirPods update. If you've been good then the AirPods gods will smile upon you and bless your buds.

Well, not quite. But even with the clarification it's still a bit opaque.

How to update the software in AirPods, AirPods Pro 2 and AirPods Max

Apple has updated its AirPods firmware support page (via The Verg) to explain exactly how to perform an AirPods or AirPods Max firmware update. And the steps are:

• You need to be in Bluetooth range of your iPhone, iPad or Mac, and that device needs to be connected to Wi-Fi.
• For earbuds: put them into the charging case and close the lid. Plug the charging case into a USB charger or port.
• For AirPods Max: plug the charging cable into the right earphone and connect the other end to a into a USB charger or port.
• Wait 30 minutes.
• Reconnect your earbuds or headphones to your iPhone, iPad or Mac.

I'm being a bit snarky but there is some new information here: I was aware of all the steps but I didn't know it could take up to 30 minutes for the update to complete, which perhaps explains why I've been annoyed by firmware updates I knew were available but that didn't install when I wanted them to.

While the new information is handy, it'd be nice if there were a notification to let you know your update was complete; at the moment you still need to go into Bluetooth settings and check the firmware version manually to see if it's been updated. Maybe Apple will add a notification in a future iOS update.

You might also like

• Apple's banking on camera-equipped AirPods to trounce Meta smart glasses, but I'm not sure it's enough
• The best earbuds: wireless and wired buds for all budgets, all TechRadar tested and recommended
• The best noise-cancelling earbuds, chosen by our testers and for all budgets