TechRadar News

• zLabs spots new version of the Konfety Android malware
• This version uses distorted APKs to avoid being detected and analyzed
• It also uses the "evil twin" tactic to remain hidden in plain sight

The infamous Konfety Android malware has apparently been updated, with new versions hiding in plain sight through tampered APK structure, experts have warned.

Security researchers zLabs have found new Konfety variants were adopting “increasingly advanced” techniques to evade detection and hinder reverse engineering efforts.

In ZIP files (which APKs are based on), every file includes a so-called General Purpose Bit Flag, a two-byte field that stores metadata about how the file should be handled (either 0 or 1). One of the bits in the flag indicates if the file is encrypted or not.

Norton 360 with Genie

Today’s cyberthreats are more sophisticated and scams are harder to detect. That’s why we made our all-in-one security more powerful to keep you safer online. Norton 360 now with Genie AI-powered scam detection. Advanced tech for advanced threats starting at $29.99 the first year.View Deal

Evil twins and dual-app deception

In Konfety’s case, the attackers intentionally set bit 0 to 1, even though the file wasn’t actually encrypted, causing decompression tools to misinterpret the files, analysis tools to crash thinking it was unreadable or corrupted, and reverse engineers to waste time troubleshooting.

But that’s not all. Each file entry in a ZIP archive also includes a compression method identifier (0x000 for no compression, 0x000C for an uncommon compression standard, etc.)

With Konfety, the attackers managed to declare files compressed using 0x000C, which wasn’t really the case. Since the files can’t decompress properly, it leads to partial extraction, parsing errors, or even crashes, which complicates reverse-engineering and analysis.

There are other ways Konfety tries to hide and maintain persistence. zLabs said that the attackers are also using so-called “dual-app deception”, in which there’s a legitimate app on major app stores, and a malicious one elsewhere.

The app also hides its icon when installed, and applies geofencing to make sure certain analysts and researchers can’t get to it.

Konfety works by using CaramelAds SDK to fetch ads, deliver payloads, and maintain communication with attacker-controlled servers. It redirects users to malicious websites, prompts unwanted app installs, and triggers persistent spam-like browser notifications.

“The threat actors behind Konfety are highly adaptable, consistently altering their targeted ad networks and updating their methods to evade detection,” the researchers warned.

“This latest variant demonstrates their sophistication by specifically tampering with the APK's ZIP structure. This tactic is designed to bypass security checks and significantly complicate reverse engineering efforts, making detection and analysis more challenging for security professionals.”

Via BleepingComputer

You might also like

• This dangerous new malware is hitting iOS and Android phones alike - and it's even stealing photos and crypto
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

We’ve been hearing for months that Apple is planning to bring AAA game Cyberpunk 2077: Ultimate Edition to macOS, and yesterday we finally got a release date: it’s due to arrive tomorrow, July 17. It’s the news Mac gamers have been waiting a tortuously long time to hear.

As someone who games on both a PC and a Mac – and who absolutely loves Cyberpunk 2077 and has been playing it for years – I’m super excited to try out one of the best single-player games on my Mac. Because this isn’t just one of my favorite games on one of my favorite computers. No, it looks like Apple and CD Projekt Red are going above and beyond to make this an experience custom-built for Mac gamers. And that means there’s a lot to look forward to.

Game-changing performance

(Image credit: Jacob Krol/Future)

As an Apple gamer, I’m used to performance that lags behind my PC. Don’t get me wrong, Apple silicon has been an absolute gamechanger for Mac gaming, and I can still get decent frame rates in most games on my MacBook Pro. But despite Apple’s lofty claims, it’s always seemed like wishful thinking to imagine that the integrated GPU you find in Apple’s Mac chips can compete with any of the best graphics cards.

That’s why the key detail that leapt out at me from Apple’s announcement was the claim that Cyberpunk 2077 will be able to run on a Mac at 120 frames per second (fps) when using ultra settings. Considering how incredibly demanding Cyberpunk 2077 is, that’s bona fide gaming PC performance and would be a massive step up for Mac players.

If that’s what you can potentially eke out of a game like Cyberpunk 2077, then other, less-demanding games could perform even better. Sure, MacBook Pro displays are limited to 120fps, but you might be able to max out all settings and still hit that refresh rate in other titles. It’s an enticing thought.

(Image credit: CD Projekt Red)

Of course, everything depends on which chips will be able to achieve this kind of output. Apple hasn’t given any specifics here, but when we went hands-on with Cyberpunk 2077 on a Mac, it reached 120fps at ultra settings using an M4 Max chip. It’s unlikely that lower-rated chips will hit those numbers too – I’m not holding out too much hope for my M1 Pro MacBook Pro – but we’ll have to see how they perform when we get some testing time with the game.

Interestingly, software is seemingly just as important here as hardware. Yes, a high-end chip will undoubtedly help you reach those sky-high numbers, but some of the most interesting tidbits from Apple’s Cyberpunk 2077 announcement were related to software.

For instance, Apple said that MetalFX Upscaling would be available on launch, with MetalFX Frame Interpolation and MetalFX Denoising coming later this year. Starting with MetalFX Upscaling, this renders the game at a lower level than your display’s native resolution, then uses artificial intelligence (AI) to scale it up. Nvidia and AMD already have similar techs, and they do a fantastic job (in some cases, the upscaled version actually looks better than the original), so this could be a major boost for macOS.

MetalFX Denoising, meanwhile, will allow “real time path tracing on the game’s highest quality graphics settings,” Apple says, and that’s something that could provide an incredible boost to visual fidelity.

The AI revolution

(Image credit: CD Projekt Red)

What’s fascinating to me is that these are all AI technologies. They come at a time when Apple’s headline AI (specifically, Apple Intelligence) is widely perceived to be seriously lagging behind rivals like ChatGPT and Copilot.

Yet while most people envisage chatbots when they think of AI, artificial intelligence is actually far broader, as these gaming techs show. Apple has long been a strong AI performer – its image processing and Siri suggestions being two examples you’ve likely encountered on an iPhone.

Of course, we don’t yet know how well all of these MetalFX techs will perform, with MetalFX Frame Interpolation and Denoising not expected until later this year. But they could counter the argument that Apple is falling behind in AI (a contention that was never the full picture anyway).

Of these AI features, MetalFX Frame Interpolation is the one that has piqued my interest the most. Apple says this generates a new frame for every two input frames, resulting in much smoother gameplay than you would normally be able to achieve.

This is sure to reignite the impassioned “fake frames” debate that has been playing out ever since Nvidia and AMD introduced their own frame-generation features. Yet provided Apple can avoid stutters and jerkiness, I think this is unlikely to bother Mac gamers – for most Apple fans, being able to enjoy smooth framerates on Mac hardware is likely to outweigh any high-level concerns about whether the frames are “real” or “fake.” The true test will be at more modest hardware levels rather than the M4 Max and M3 Ultra we’ve seen Cyberpunk played on so far.

A serious gaming test

(Image credit: Jacob Krol/Future)

And then there are all the other interesting additions that are unique to the Apple edition. This version comes with “dynamically calibrated HDR optimized for Apple XDR displays,” Apple says, alongside Spatial Audio with head tracking (providing you’re listening with a pair of the best AirPods), plus “For this Mac” graphical presets that are “individually optimized for every Apple Silicon Mac model.”

That all makes me think that Apple is trying to do this the right way. It’s making use of its other products and adding its own techs that are tailor-made for its devices, rather than just plugging in upscaling and frame generation tools from Nvidia or AMD and hoping for the best.

The last few years have shown that Apple is taking Mac gaming seriously. Cyberpunk 2077 will be the sternest test of that commitment – but if Apple does it right, it could also be its biggest success story so far.

You might also like

• Cyberpunk 2077 launches on macOS as Apple completes its Mac gaming redemption arc
• I just experienced super-smooth Cyberpunk 2077 at Ultra settings on a Mac, but the developers say there’s more to ‘squeeze out’ of Apple Silicon
• Cyberpunk 2077 will be the biggest test for Mac gaming yet

Good news, teen drama fans! The Summer I Turned Pretty season 3 is finally off and running, with the first two episodes now available to stream on Prime Video. Annoyingly, this is the final ever season we’re going to get, but the coming-of-age drama isn’t bowing out without setting off some fireworks.

The new TV show is easily top of the list when it comes to everything coming to Prime Video in July 2025, and the results speak for themselves. After the second season aired, the show was third in the streaming service’s global acquisition rankings, doubling its viewership with each passing season.

With this in mind, it doesn’t massively make sense for The Summer I Turned Pretty to end with season 3, but we might partially have the original book series to blame for that. This means the show has to pull out all the stops before saying goodbye, and the first two episodes are already almost too ridiculous to be believed.

Is it just me or is The Summer I Turned Pretty season 3’s Prime Video debut already ridiculously unhinged?

Spoilers for The Summer I Turned Pretty season 3 ahead.

Got whiplash? Me too. In just two episodes, we’ve seen Jeremiah (Gavin Casalegno) not managing to graduate on time, then proposing haphazardly to Belly (Lola Tung) without a ring, but has also cheated on her in the interim… twice. Add to this the fact that Belly’s brother Steven (Sean Kaufman) woke up from a coma after being in a car accident on exactly the same day Jeremiah chose to propose, and you’ve got a lot to unpack in a much-needed therapy session. It’s getting messy, and in exactly the way we want to see.

However, it gets worse when you consider everything that’s happening from the other perspective. While Jeremiah thrives (in his own mind), Belly is having to give up her dreams to be with the boy who’s unknowingly cheating on her. Taking drugs, getting drunk at endless houseparties and then wondering why he’s not graduating with his friends clearly is a full-time job in itself, meaning the fallout later on in the season is going to be nasty.

In fact, it’s safe to say that Jeremiah’s storyline is already going above and beyond what we saw happen in the books. It’s worth pointing out that we have seen the same things happen in both the book and TV show, but seeing his behaviour brought to life in front of our eyes is nothing short of diabolical. He becomes an uglier version of the monster we already know he is, and depending on what Belly decides to do in future episodes, could grow to be even worse.

For now, Belly’s agreed to marry Jeremiah, which makes me want to simultaneously throw up and shout at my TV. Absolutely anybody can see it’s a bad decision, setting us up for what will surely be a chaotic episodes 3 and 4 when more characters find out about the news. There will be (rightful) judgement, scorn and plenty of tears in the immediate future, and boy I cannot wait to watch it all unfold.

You might also like

• Prime Video got it hugely wrong with Bosch Legacy, but Ballard gets the franchise back on track – and a 100% Rotten Tomatoes rating proves it
• New to Prime Video? Here are 5 movies and TV shows with over 90% on Rotten Tomatoes to get you started
• The Boys season 5: everything we know so far about the popular Prime Video show's final entry

What's new in Fortnite?

(Image credit: Epic Games)

Epic Games just launched the full Superman collab, with a special item granting Superman powers like flight, heat vision, and super-strength. You can read more about it here. In terms of the OG mode, there's set to be a live event on July 26 centered around a rocket launch. Until then, there's the new Thermal Rifle to try out, as well as a whole new OG Battle Pass to work through.

Fortnite OG wowed players when it first returned, offering up retooled versions of various classic seasons, which changed each week. It proved to be a massive hit, with player counts absolutely skyrocketing in the month or so Fortnite OG was live.

It's no surprise then, that it's now come back as a permanent fixture, continuing into 2025, and Epic has confirmed that the next season of Fortnite OG will begin in August.

Thankfully, the ongoing battle royale title receives regular updates from its developers teasing what's coming, and we do now know that Fortnite OG is going to cycle through seasons. Now that the new season of Fortnite battle royale has launched, the runway is clear for OG to take the spotlight.

Here's everything you need to know about when Fortnite OG Season 5 launches. We'll cover everything officially revealed by Epic Games, some info on what to expect, as well as a round-up of how things played out last time. As news comes out, this page will be updated.

Fortnite OG Season 5 release date

(Image credit: Epic Games)

Fortnite OG Season 5 will launch on August 8, 2025. This is according to the in-game Battle Pass screen. Recently, Epic Games has started to detail a live event that'll arrive on July 26. We'll have to wait and see where it lands this time around.

Fortnite OG is now a dedicated mode moving forward, cycling through Chapter 1 seasons in a similar way to how things worked at the end of 2023, though slightly elongated. Chapter 1 Season 2 ended on March 25, 2025, with Season 3 came to a close on June 8, 2025. This recreates the pattern of the original run, adding loot pool changes and feature introductions. You can read more in the full Fortnite OG Chapter 1 Season 4 blog post.

The best place to keep up on specific updates closer to the launch of the new season of Fortnite OG is the Fortnite Status X / Twitter account. We'll be sure to keep this page up to date as well.

What is Fortnite OG?

(Image credit: Epic Games)

Fortnite OG launched in November 2023 and switched the game all the way back to the 2018 map. Specifically, it started in Season 5, with the return of Tilted Towers, a throwback weapon loot pool, and several OG skins to buy in the store. Each week, Epic Games moved the clock forward to the next season, rotating through Season 6, Season 7/8, and then Season 9/10.

The map went back to a more classic style, visually and in terms of level design. Iconic locations like Frosty Flights came back, as did old-school vehicles like the X-4 Stormwing. This lasted until December 2, 2023, when the game switched over to a new season. Fortnite OG returned on December 6, 2024 and is now a permanent mode, with its own seasons cycle.

Fortnite OG map

(Image credit: Epic Games)

Above, you can see the current Fortnite OG map. It's been meticulously recreated, with every tree, car, chest and object is right where you remember it. Ziplines and ascenders have been added in Zero Build to aid movement. As the seasons change, we'll likely see the map change with it, as well. With Season 4, you'll be able to jump into Dusty Divot, and Risky Reels.

Fortnite OG weapons loot pool

(Image credit: Epic Games)

Here's the weapons added as part of Fortnite OG season 3:

• Shopping Carts (live now)
• Thermal Scoped Assault Rifle (live now!) - Spot your enemies easier. It’ll also highlight Chests and Supply Drops for you!
• Apples (live now!) - As tasty as they are useful, these foraged items provide a nice lil’ 5 Health once eaten.
• Hop Rocks (live now!) - Prepare for lift-off! These meteor fragments grant you the power to perform gravity-defying leaps. It won’t last forever though, so use those hops carefully!
• Mushrooms - There’s no funny business here, these fungi’s provide 5 Shield and can be the difference between a slim victory or swift elimination…
• Bouncer - Spring into action! Whether you’re looking for a bouncy escape or setting up an aerial ambush, the Bouncer Trap is a friend.
• Drum Gun - Rapid fire your way to dominance like someone’s supporting you with a drum roll
• Dual Pistols - This pair of pistols packs a punch if you’re willing to get up close and personal.
• Jetpack - Take to the sky and get an aerial advantage over your opponents. Be warned though — it’s a long way to the ground when you’re all out of fuel
• Stink Bomb - Clear the way with a gaseous grenade that creates a lingering cloud of noxious fumes. Who said winning had to smell good?

Note that while these weapons and items are planned on being added this season, they're not all available at launch. Items like the Drum Gun will be added as the season progresses. The following weapons carry over from the previous season:

• Assault Rifle
• Burst Assault Rifle (Epic and Legendary rarities have arrived!)
• Scoped Assault Rifle
• Light Machine Gun
• Minigun
• Revolver
• Pistol
• Suppressed Pistol
• Suppressed Submachine Gun
• Tactical Submachine Gun
• Pump Shotgun
• Tactical Shotgun
• Heavy Shotgun
• Bolt-Action Sniper Rifle
• Semi-Auto Sniper Rifle
• Hunting Rifle
• Grenade Launcher
• Rocket Launcher
• Guided Missile
• Boogie Bomb
• Bushes
• Cozy Campfire
• Clingers
• Grenade
• Impulse Grenade
• Remote Explosives
• Port-A-Bunker
• Damage Trap
• Launch Pad (non-throwable version)
• Bandages
• Med Kits
• Shield Potions
• Small Shield Potions
• Slurp Juice
• Chug Jugs

FAQsHow long is Fortnite OG back for?

In excellent news for fans, Fortnite OG is a permanent game mode for the online battle royale game. It'll stay live in perpetuity, and follow its own seasonal cycle, which means it'll evolve regularly like other Fortnite modes.

Will Fortnite OG rotate seasons?

As well as Fortnite OG being a permanent game mode, it will absolutely have its own seasonal content that will help keep things fresh. Expect the seasonal cycle to change things up regularly.

How much does the Fortnite OG Pass cost?

The Fortnite OG Pass costs 1,000 V-Bucks. This gives you the chance to earn three skins, as well as a host of other items. It's worth pointing out that unlike the main Battle Pass, the Fortnite OG pass does not feature any V-Bucks, so you won't earn any back while working through it.

You Might Also Like...

• Our picks for the best free games to play in 2025
• Fortnite Chapter 4 review
• Best crossplay games

• Google says it will spend £3 billion on 670MW in hydroelectricity PPAs
• The deal could end up producing up to 3,000MW of hydroelectricity
• Google data center energy consumption is up 27%, emissions are down 12%

Google has agreed to spend at least $3 billion as part of an agreement to boost its renewable energy portfolio as demands increase in line with demand for artificial intelligence and cloud computing.

The deal with Brookfield Renewable Energy Partners includes 20-year power purchase agreements for 670 megawatts of clean energy via two Pennsylvania hydroelectric plants at Holtwood and Safe Harbor.

Although Google has been bidding big on renewable energy in recent years, this marks the world's largest corporate clean power deal for hydroelectricity.

Google strikes the biggest-ever corporate hydroelectricity deal

Already a considerable starting point, Brookfield noted the Hydro Framework Agreement will support the provision of up to 3,000 megawatts of carbon-free hydroelectric capacity across the United States.

The move aligns with Google's efforts to power its data centers with carbon-free energy around the clock, and comes during an era of increased green energy investments. Hyperscaler rivals like Amazon, Meta, and Microsoft have also been splurging on nuclear, gas and renewables to meet demand.

"Hydropower is a proven, low-cost technology, offering dependable, homegrown, carbon-free electricity that creates jobs and builds a stronger grid for all," Google Head of Data Center Energy Amanda Peterson Corio explained.

Brookfield Asset Management President Connor Teskey welcomed the investment, noting that hyperscalers will need to diversify their energy production to meet demand at scale.

Although surges in AI and cloud computing have resulted in higher demand for data centers, Google's most recent 2025 sustainability report revealed how the company managed to cut data center emissions by 12% despite a 27% rise in energy consumption. In its most recent full year, the company procured more than eight gigawatts of clean energy.

Energy efficiency improvements to its AI systems, including power-hungry GPUs, have also resulted in a reduction in water consumption, typically used for cooling. However, having only replenished 64% of the water it used in 2025, there's still clearly a long way to go.

You might also like

• Google's data centers using more power than ever before as AI surge continues
• These are the best cloud computing providers with powerful chips
• Check out our roundup of the best AI tools and best AI writers

• Claude for Financial Services launches specifically for the financial industry
• Users can access powerful Claude 4 models and other Claude AI tools
• The system integrates with internal and external data sources

Anthropic has launched a special edition of its Claude AI platform designed for the highly regulated financial industry, with a focus on market research, due diligence, and investment decision-making.

The OpenAI rival hopes for financial institutions to use its tool for financial modelling, trading system modernisation, risk modeling, and compliance automation, with pre-built MCP connectors offering seamless access to entperise and market data platforms.

The company boasted that Claude for Financial Services offers a unified interface, combining Claude's AI powers with internal and external financial data sources from the likes of Databricks and Snowflake.

Claude for Financial Services

Anthropic highlighted four of the tool's key benefits: powerful Claude 4 models that outperform other frontier models, access to Claude Code and Claude for Enterprise, pre-built MCP connectors, and expert support for onboarding and training.

Testing revealed Claude Opus 4 passed five of the seven Financial Modeling World Cup competition levels, scoring 83% accuracy on complex excel tasks.

"Access your critical data sources with direct hyperlinks to source materials for instant verification, all in one platform with expanded capacity for demanding financial workloads," the company shared in a post.

Anthropic also stressed user data is not used for training its generative models in the name of intellectual property and client information confidentiality.

Besides Snowflake for data and Databricks for analytics, Claude for Financial Services also connects with the likes of Box for document management and S&P Global for market and valuation data, among others.

Among the early adopters is the Commonwealth Bank of Australia, whose CTO Rodrigo Castillo praised Claude for its "advanced capabilities" and "commitment to safety." The Australian banking giant envisions using Claude for Financial Services for fraud prevention and customer service enhancement.

You might also like

• Financial leaders still rely on regular tools like Excel for automation tasks over AI
• We've listed the best AI tools and best AI writers for different industries
• Boost output with the best productivity tools

• A reputable source claims the first public iOS 26 beta will land on or around July 23
• That would be later in the year than usual
• There's already an iOS 26 developer beta

It’s now over a month since iOS 26 was announced, and although it’s available in developer beta, the public beta is yet to launch. But we do now have a good idea of when the first public beta might land.

According to Apple watcher Mark Gurman in a reply to a post on X by @ParkerOrtolani, the first iOS 26 public beta will probably land on or around July 23.

That’s a bit unusual, as typically we’d have had the first public beta before then. For example, the first public beta of iOS 18 launched on July 15 last year, following its announcement on June 10. So this year, with iOS 26 having been unveiled on June 9, we’d if anything have expected to already have the first public beta.

around the 23rdJuly 15, 2025

A worthwhile wait

Still, if Gurman is right there’s not too much longer to wait, and it should be worth the wait too, as iOS 26 is a significant upgrade for Apple’s smartphone operating system.

It includes a completely new look, with more rounded and transparent elements, plus redesigned phone and camera apps, a new Apple Games app, and more.

Of course, we’d take the claim of it landing on or around July 23 with a pinch of salt, especially with that being later than normal. But Gurman has a superb track record for Apple information, and either way we’d expect it to land soon.

If you can’t wait a little big longer though, you can always grab the developer beta – the next version of which may well even land before July 23. To get that, check out how to install the iOS 26 developer beta.

You might also like

• iOS 26: new features, a new design, and everything you need to know
• iOS 26 is official – here are the 5 biggest new features coming to your iPhone
• iOS 26 compatibility – does your iPhone support it? Here's the full list of supported devices

AI isn’t just something to adopt; it’s already embedded in the systems we rely on. From threat detection and response to predictive analytics and automation, AI is actively reshaping how we defend against evolving cyber threats in real time. It’s not just a sales tactic (for some); it’s an operational necessity.

Yet, as with many game-changing technologies, the reality on the ground is more complex. The cybersecurity industry is once again grappling with a familiar disconnect: bold promises about efficiency and transformation that don’t always reflect the day-to-day experiences of those on the front lines. According to recent research, 71% of executives report that AI has significantly improved productivity, but only 22% of frontline analysts, the very people who use these tools, say the same.

When solutions are introduced without a clear understanding of the challenges practitioners face, the result isn’t transformation, it’s friction. Bridging that gap between strategic vision and operational reality is essential if AI is to deliver on its promise and drive meaningful, lasting impact in cybersecurity.

Executives love AI

According to Deloitte, 25% of companies are expected to have launched AI agents by the end of 2025, with that number projected to rise to 50% shortly thereafter. The growing interest in AI tools is driven not only by their potential but also by the tangible results they are already beginning to deliver

For executives, the stakes are rising. As more companies begin releasing AI-enabled products and services, the pressure to keep pace is intensifying. Organizations that can’t demonstrate AI capabilities, whether in their customer experience, cybersecurity response, or product features, risk being perceived as laggards, out-innovated by faster, more adaptive competitors. Across industries, we're seeing clear signals: AI is becoming table stakes, and customers and partners increasingly expect smarter, faster, and more adaptive solutions.

This competitive urgency is reshaping boardroom conversations. Executives are no longer asking whether they should integrate AI, but how quickly and effectively they can do so, without compromising trust, governance, or business continuity. The pressure isn’t just to adopt AI internally to drive efficiency, but to productize it in ways that enhance market differentiation and long-term customer value.

But the scramble to implement AI is doing more than reshaping strategy, it’s unlocking entirely new forms of innovation. Business leaders are recognizing that AI agents can do more than just streamline functions; they can help companies bring entirely new capabilities to market. From automating complex customer interactions to powering intelligent digital products and services, AI is quickly moving from a behind-the-scenes tool to a front-line differentiator. And for executives willing to lead with bold, well-governed AI strategies, the payoff isn’t just efficiency, it’s market relevance.

Analysts distrust AI

If anyone wants to make their job easier, it’s a SOC analyst, so their skepticism of AI comes from experience, not cynicism. The stakes in cybersecurity are high, and trust is earned, especially when systems that are designed to protect critical assets are involved. Research shows that only 10% of analysts currently trust AI to operate fully autonomously. This skepticism isn’t about rejecting innovation, it’s about ensuring that AI can meet the high standards required for real-time threat detection and response.

That said, while full autonomy is not yet on the table, analysts are beginning to see tangible results that are gradually building trust. For example, 56% of security teams report that AI has already boosted productivity by streamlining tasks, automating routine processes, and speeding up response times. These tools are increasingly trusted for well-defined tasks, giving analysts more time to focus on higher-priority, complex threats.

This incremental trust is key. While 56% of security professionals express confidence in AI for threat detection, they still hesitate to let it manage security autonomously. As AI tools continue to prove their ability to process vast amounts of data and provide actionable insights, initial skepticism is giving way to more measured, conditional trust.

Looking ahead

Closing the perception gap between executive enthusiasm and analyst skepticism is critical for business growth. Executives must create an environment where analysts feel empowered to use AI to enhance their expertise without compromising security standards. Without this, the organization risks falling into the hype cycle, where AI is overpromised but underdelivered.

In cybersecurity, where the margin for error is razor-thin, collaboration between AI systems and human analysts is critical. As these tools mature and demonstrate real-world impact, trust will grow, especially when their use is grounded in transparency, explainability, and accountability.

When AI is thoughtfully integrated and aligned with practitioner needs, it becomes a reliable asset that not only strengthens defenses but also drives long-term resilience and value across the organization.

We list the best cloud firewall.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

It’s a scenario that plays out far too often: A mid-sized company runs a routine threat validation exercise and stumbles on something unexpected, like an old infostealer variant that has been quietly active in their network for weeks.

This scenario doesn’t require a zero-day exploit or sophisticated malware. All it takes is one missed setting, inadequate endpoint oversight, or a user clicking what they shouldn’t. Such attacks don’t succeed because they’re advanced. They succeed because routine safeguards aren’t in place.

Take Lumma Stealer, for example. This is a simple phishing attack that lures users into running a fake CAPTCHA script. It spreads quickly but can be stopped cold by something as routine as restricting PowerShell access and providing basic user training. However, in many environments, even those basic defenses aren’t deployed.

This is the story behind many breaches today. Not headline-grabbing hacks or futuristic AI assaults—just overlooked updates, fatigued teams and basic cyber hygiene falling through the cracks.

Security Gaps That Shouldn’t Exist in 2025

Security leaders know the drill: patch the systems, limit access and train employees. Yet these essentials often get neglected. While the industry chases the latest exploits and talks up advanced tools, attackers keep targeting the same weak points. They don’t have to reinvent the wheel. They just need to find one that’s loose.

Just as the same old techniques are still at work, old malware is making a comeback. Variants like Mirai, Matsu and Klopp are resurfacing with minor updates and major impact. These aren’t sophisticated campaigns, but recycled attacks retooled just enough to slip past tired defenses.

The reason they work isn’t technical, it’s operational. Security teams are burned out. They’re managing too many alerts, juggling too many tools and doing it all with shrinking budgets and rising expectations. In this kind of environment, the basics don’t just get deprioritized, they get lost.

Burnout Is a Risk Factor

The cybersecurity industry often defines risk in terms of vulnerabilities, threat actors and tool coverage, but burnout may be the most overlooked risk of all. When analysts are overwhelmed, they miss routine maintenance. When processes are brittle, teams can’t keep up with the volume. When bandwidth runs out, even critical tasks can get sidelined.

This isn’t about laziness. It’s about capacity. Most breaches don’t reveal a lack of intelligence. They just demonstrate a lack of time.

Meanwhile, phishing campaigns are growing more sophisticated. Generative AI is making it easier for attackers to craft personalized lures. Infostealers continue to evolve, disguising themselves as login portals or trusted interfaces that lure users into running malicious code. Users often infect themselves, unknowingly handing over credentials or executing code.

These attacks still rely on the same assumptions: someone will click. The system will let it run. And no one will notice until it’s too late.

Why Real-World Readiness Matters More Than Tools

It’s easy to think readiness means buying new software or hiring a red team, but true preparedness is quieter and more disciplined. It’s about confirming that defenses such as access restrictions, endpoint rules and user permissions are working against the actual threats.

Achieving this level of preparedness takes more than monitoring generic threat feeds. Knowing that ransomware is trending globally isn’t the same as knowing which threat groups are actively scanning your infrastructure. That’s the difference between a broader weather forecast and radar focused on your ZIP code.

Organizations that regularly validate controls against real-world, environment-specific threats gain three key advantages.

First, they catch problems early. Second, they build confidence across their team. When everyone knows what to expect and how to respond, fatigue gives way to clarity. Thirdly, by knowing the threats that matter, and the ones focused on them, they can prioritize those fundamental activities that get ignored.

You may not need to patch every CVE right now, just the ones being used by the threat actors targeting you. What areas of your network are they actively doing reconnaissance on? Those subnets probably need more focus to patching and remediation.

Security Doesn’t Need to Be Sexy, It Needs to Work

There’s a cultural bias in cybersecurity toward innovation and incident response. The new tool, the emergency patch and the major breach all get more attention than the daily habits that quietly prevent problems.

Real resilience depends on consistency. It means users can’t run untrusted PowerShell scripts. It means patches are applied on a prioritized schedule, not “when we get around to it.” It means phishing training isn’t just a checkbox, but a habit reinforced over time.

These basics aren’t glamorous, but they work. In an environment where attackers are looking for the easiest way in, doing the simplest things correctly is one of the most effective strategies a team can take.

Discipline Is the New Innovation

The cybersecurity landscape will continue to change. AI will keep evolving, adversaries will go on adapting, and the next headline breach is likely already in motion. The best defense isn’t more noise or more tech, but better discipline.

Security teams don’t need to do everything. They need to do the right things consistently. That starts with reestablishing routine discipline: patch, configure, test, rinse and repeat. When those fundamentals are strong, the rest can hold.

For CISOs, now is the time to ask a simple but powerful question: Are we doing the basics well, and can we prove it? Start by assessing your organization’s hygiene baseline. What patches are overdue? What controls haven’t been tested in months? Where are your people stretched too thin to execute the essentials? The answers won’t just highlight the risks, they’ll point toward the pathway to resilience.

We list the best patch management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• WeTransfer users were outraged when it seemed an updated terms of service implied their data would be used to train AI models.
• The company moved fast to assure users it does not use uploaded content for AI training
• WeTransfer rewrote the clause in clearer language

File-sharing platform WeTransfer spent a frantic day reassuring users that it has no intention of using any uploaded files to train AI models, after an update to its terms of service suggested that anything sent through the platform could be used for making or improving machine learning tools.

The offending language buried in the ToS said that using WeTransfer gave the company the right to use the data "for the purposes of operating, developing, commercializing, and improving the Service or new technologies or services, including to improve performance of machine learning models that enhance our content moderation process, in accordance with the Privacy & Cookie Policy."

That part about machine learning and the general broad nature of the text seemed to suggest that WeTransfer could do whatever it wanted with your data, without any specific safeguards or clarifying qualifiers to alleviate suspicions.

Perhaps understandably, a lot of WeTransfer users, who include many creative professionals, were upset at what this seemed to imply. Many started posting their plans to switch away from WeTransfer to other services in the same vein. Others began warning that people should encrypt files or switch to old-school physical delivery methods.

Time to stop using @WeTransfer who from 8th August have decided they'll own anything you transfer to power AI pic.twitter.com/sYr1JnmemXJuly 15, 2025

WeTransfer noted the growing furor around the language and rushed to try and put out the fire. The company rewrote the section of the ToS and shared a blog explaining the confusion, promising repeatedly that no one's data would be used without their permission, especially for AI models.

"From your feedback, we understood that it may have been unclear that you retain ownership and control of your content. We’ve since updated the terms further to make them easier to understand," WeTransfer wrote in the blog. "We’ve also removed the mention of machine learning, as it’s not something WeTransfer uses in connection with customer content and may have caused some apprehension."

While still granting a standard license for improving WeTransfer, the new text omits references to machine learning, focusing instead on the familiar scope needed to run and improve the platform.

Clarified privacy

If this feels a little like deja vu, that's because something very similar happened about a year and a half ago with another file transfer platform, Dropbox. A change to the company's fine print implied that Dropbox was taking content uploaded by users in order to train AI models. Public outcry led to Dropbox apologizing for the confusion and fixing the offending boilerplate.

The fact that it happened again in such a similar fashion is interesting not because of the awkward legal language used by software companies, but because it implies a knee-jerk distrust in these companies to protect your information. Assuming the worst is the default approach when there's uncertainty, and the companies have to make an extra effort to ease those tensions.

Sensitivity from creative professionals to even the appearance of data misuse. In an era where tools like DALL·E, Midjourney, and ChatGPT train on the work of artists, writers, and musicians, the stakes are very real. The lawsuits and boycotts by artists over how their creations are used, not to mention suspicions of corporate data use, make the kinds of reassurances offered by WeTransfer are probably going to be something tech companies will want to have in place early on, lest they face the misplaced wrath of their customers

You might also like

• New judge’s ruling makes OpenAI keeping a record of all your ChatGPT chats one step closer to reality
• I don't like the idea of my conversations with Meta AI being public – here's how you can opt out
• Microsoft Copilot is putting eyes on your screen, and I don't mind it – as long as it stays private