TechRadar News

• Citrix fixes three flaws in NetScaler ADC and NetScaler Gateway
• Among them is a critical-severity one used as a zero-day which allowed for RCE and DoS attacks

Citrix has fixed three bugs in its NetScaler ADC and NetScaler Gateway instances, including a critical zero-day flaw which was apparently being abused in the wild.

In a new advisory, the company said it patched multiple flaws, including a memory overflow vulnerability that could lead to remote code execution (RCE) or Denial of Service (DoS) attacks in NetScaler ADC and NetScaler Gateway (when NetScaler is configured as Gateway or AAA virtual server).

The vulnerability is tracked as CVE-2025-7775 and has a severity score of 9.2/10 (critical).

Configuration flaws

Citrix has urged users to patch up immediately since the hackers are already leveraging the bug in real-life attacks.

"As of August 26, 2025 Cloud Software Group has reason to believe that exploits of CVE-2025-7775 on unmitigated appliances have been observed, and strongly recommends customers to upgrade their NetScaler firmware to the versions containing the fix as there are no mitigations available to protect against a potential exploit," it said.

Fortunately, leveraging the bug is not particularly straightforward, as devices need to be configured in a specific way for that to happen:

- NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server

- NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers

- NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers CR virtual server with type HDX

Citrix has released configuration settings that can check if the NetScaler device’s configuration leaves it vulnerable to exploits.

Other two bugs patched are a memory overflow vulnerability tracked as CVE-2025-7776, and an improper access control on the NetScaler Management Interface bug tracked as CVE-2025-8424.

Via BleepingComputer

You might also like

• CitrixBleed 2 flaws are officially here - so get patching or leave your systems at risk
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

It's not long now until Foundation season 3 is over. Three episodes remain before the Apple TV Original's latest installment comes to a close, so I suspect you'll want to know when its eight chapter will air on the tech giant's streaming platform.

As I've done every week prior to this one, I'll tell you when the space opera's next entry will be available to watch on one of the world's best streaming services. If you're new around these parts, you'll also find a full release schedule at the end of this article, so you can see when episodes 9 and 10 will be released. So, hop to it!

What is the launch date for Foundation season 3 episode 8?

I'm not sure how Brother Day's going to get out of this one, fellow viewers... (Image credit: Apple TV+)

Season 3's eighth episode, titled 'Skin in the Game', will make its Apple TV+ bow on Friday, August 29. As always, I imagine North and South American viewers will be able to tune in a day earlier (August 28) due to the time zones that operate on these continents.

Like its Apple TV Original brethren, the release times for new entries of Foundation's third season aren't publicly revealed ahead of schedule. The below times, then, are the best predictions I can make, based on when other episodes have launched on the service, about the release time for 'Skin in the Game':

• US – Thursday, August 28 at 9pm PT / Friday, August 8 at 12am ET
• Canada – Thursday, August 28 at 9pm PT / Friday, August 8 at 12am ET
• UK – Friday, August 29 at 5am BST
• India – Friday, August 29 at 9:30am IST
• Singapore – Friday, August 29 at 12pm SGT
• Australia – Friday, August 29 at 2pm AEST
• New Zealand – Friday, August 29 at 4pm NZST

When will new episodes of Foundation season 3 come out?

No need to antagonize Doctor Seldon about new episode release dates, The Mule – just read our handy guide instead! (Image credit: Apple TV+)

Want to know when the final two episodes of one of the best Apple TV+ shows' third season will debut? Read on:

• Foundation season 3 episode 1 – out now
• Foundation season 3 episode 2 – out now
• Foundation season 3 episode 3 – out now
• Foundation season 3 episode 4 – out now
• Foundation season 3 episode 5 – out now
• Foundation season 3 episode 6 – out now
• Foundation season 3 episode 7 – out now
• Foundation season 3 episode 8 – Friday, August 29
• Foundation season 3 episode 9 – Friday, September 5
• Foundation season 3 episode 10 – Friday, September 12

You might also like

• Here's everything we know about Severance season 3
• Find out what we know so far about Ted Lasso season 4
• Or get the lowdown on Slow Horses season 5

• Users will no longer need to apply Windows updates after first signing in
• By updating during the OOBE, PCs are protected from day one
• The change applies to Microsoft Entra joined and hybrid joined devices

Starting from September 2025, Windows 11 (22H2 or later) devices will be able to install quality updates during the Out of the Box Experience (OOBE) by default, which means it’s set to become even easier for admins to install updates during setup.

The change applies to Microsoft Entra joined and Entra hybrid joined devices.

For IT admins, they’ll see Windows now checks for and installs applicable updates on the final OOBE page so that users won’t need to apply any updates when they sign in for the first time.

Smoother Windows updates for all

“With Windows Autopilot and Microsoft Intune (or alternative management solutions), you can maintain seamless control over quality update behavior during provisioning, while ensuring alignment with organizational security and compliance requirements,” Microsoft Product Manager Victoria Wang wrote in a blog post,

The system requires that devices are running Windows 11 Pro, Enterprise, Education or SE, and companies must be using Microsoft Intune to manage Windows quality updates.

The OOBE updating experience is also only available for those who have had the August 2025 OOBE zero-day patch or those imaged with the June 2025 Windows non-security update.

Because devices will be handed out to workers with the latest security and quality updates, companies can improve security and compliance right from day one. It also reduces burden on workers and IT teams after device handout.

This marks a welcome change from the previous setup, which saw end users having to update their computers after receiving them.

The improvement comes as more companies update to Windows 11 ahead of the impending Windows 10 end of support in October 2025.

Canalys Research Manager Kieren Jessop explained that the commercial refresh cycle is now “providing vital momentum for the [PC] market” while consumers exercise more caution.

You might also like

• Ready to upgrade? These are the best business laptops and best mobile workstations
• Microsoft launches new hyper-powered disaster recovery service for Cloud PCs
• Desk workers should consider the best workstations

• Bluesound launches the big Pulse Cinema Dolby Atmos soundbar
• And also the much more compact Pulse Cinema Mini
• Pulse Cinema: $1,499 / £1,149 | Pulse Cinema Mini: $999 / £799

Bluesound has announced two serious soundbars in a choice of sizes. The flagship Pulse Cinema is a 47-inch-wide model, making it suitable for TVs of 55 inches and up, and the Pulse Cinema Mini is a more compact 33 inches, so should work for TVs of 40 inches and up.

Both models are pretty powerful, with Dolby Atmos support, hi-res audio and MQA support, and Bluesound's BluOS multi-room audio platform.

BluOS works with over 20 streaming services including TIDAL, Qobuz, Spotify, Amazon Music, Pandora and Deezer, and it supports hi-res audio up to 24-bit/192kHz. And the speakers can be teamed up with other Bluesound speakers to create a larger, multi-channel surround system.

Both soundbars are compatible with home systems from the likes of Control4, Crestron, RTI and others.

(Image credit: Bluesound)Bluesound Pulse Cinema and Pulse Cinema Mini: key features and pricing

The Pulse Cinema is the star here, with 500 watts of power driving 16 drivers including a center channel, dual four-inch woofers and dedicated upfiring speakers. There's on-board digital signal processing to adjust the audio depending on placement – the soundbar can be wall-mounted as well as sat on a unit – and there's HDMI eARC, optical input, analog RCA inputs, Bluetooth in and out and AirPlay 2. There's also a subwoofer output.

This makes it an interestingly expandable competitor to the Sonos Arc Ultra – it adds more analogue inputs, and the subwoofer output means you can connect whatever kind of low-end driver you want, similar to the Marshall Heston 120.

But it also costs more than the Sonos Arc Ultra, so that power will have to really come through in the real-world.

The Pulse Cinema Mini is smaller but it still packs a punch: it has 280W of power. There aren't any up-firing Atmos speakers here but there are angled drivers and Atmos 2.1-channel virtualization. Once again there's a subwoofer out, optical and RCA inputs, Bluetooth and AirPlay 2 – and again, this makes it more versatile in some ways than the Sonos Beam 2, but also more expensive.

The Pulse Cinema and Pulse Cinema Mini will be available for pre-order on 24 September 2025 with shipping starting on October 24. The prices are:

• Pulse Cinema $1,499 / £1,149 / €1,299 (about AU$2,315)
• Pulse Cinema Mini $999 / £799 / €899 (about AU$1,543)

You might also like

• The best soundbars: TV audio upgrade for all budgets
• The best Dolby Atmos soundbars for all budgets
• The best cheap soundbars, all tested by our experts

• Framework and Nvidia have teamed up to introduce swappable laptop GPUs, starting with a new RTX 5070 module
• The Framework Laptop 16 with RTX 5070 is now available for pre-order, and the GPU module will soon be sold separately for upgrades
• This idea is an improvement from the swappable MXM laptop GPUs of the past

Upgrading a gaming notebook to get better performance usually means buying an entirely new system - maybe one of the best gaming laptops out there - but one laptop manufacturer, Framework, and Nvidia are hoping to change all that.

As reported by The Verge, the Framework Laptop 16 features an upgradable Nvidia RTX 5070 graphics module, allowing gamers to swap the existing GPU with a new and more powerful one. This Framework Laptop 16 packing the RTX 5070 module is now available for pre-order, with the first batch shipping in November.

Framework claims the installation of the Blackwell graphics module takes 'under five minutes' using the tools provided, and by the looks of it, installation should be a simple slot-and-screw process after removing the existing GPU.

While there's no option to buy it yet, Framework will be selling the Nvidia RTX 5070 graphics module individually.

Essentially, this is bringing the advantage of a desktop gaming PC to the laptop world, making easy GPU upgrades possible. Of course, the RTX 5070 mobile graphics card isn't as powerful as its desktop counterpart, but it still offers plenty of grunt for a notebook. And it's clearly a huge upgrade from the Framework Laptop 16's previous AMD Radeon RX 7700S GPU.

Now, it's worth noting that this isn't the first swappable laptop GPU. MXM GPUs allowed gamers to perform this same trick of switching out an old laptop graphics card for a new model.

However, these pretty much vanished in the last decade (at least for gaming or mainstream laptops), and besides, they weren't the best option for non-tech-savvy gamers anyway. Installation required deeper disassembly and complications including reapplying thermal paste.

In contrast, with Framework and Nvidia's new GPU module, it's claimed to only take a few minutes to install via a simple unscrewing and replacing process. The end result is a more than capable Blackwell GPU with tools like DLSS 4 Multi Frame Generation at its disposal. There's also a USB-C output on the module that can transmit to an external monitor and charge the system simultaneously.

Graphics module removal may be easier than you think... (Image credit: Framework)Analysis: could we see something similar for handhelds in the future?

Swappable chips in handhelds might sound far-fetched right now, but what could we possibly write off at this point?

Swappable laptop GPUs aren't entirely unheard of, as already noted, but in contemporary times, they may have sounded like a myth to many – but now they are again a reality.

We're already seeing mind-blowing designs like a DIY RTX 4090-powered handheld, and the GPD Win 5 with detachable battery functionality (which may be a negative for some) while using AMD's most powerful APU, the Ryzen AI Max+ 395.

If that's not a strong sign that things are only heading upwards from here in terms of portable gaming PC hardware, then I'm not sure what is – and I won't be surprised if we see something similar to what Framework and Nvidia have cooked up here in future handhelds.

You might also like...

• Watch out, Nvidia: AMD's FSR 4 tech offers a big leap for PC games – but there's a catch
• The ROG Xbox Ally's official release date has been announced, but pricing is still a mystery
• I think the Asus ROG Zephyrus G14 is the only gaming laptop I'd spend money on – and it's all thanks to Nvidia's powerful RTX 5070 Ti

• The Federal Trade Commission (FTC) Chair wrote a letter to 13 US tech giants, calling on them to resist foreign demands to weaken encryption or censor content
• FTC Chair Andrew Ferguson specifically mentions the EU Digital Service Act, UK Online Safety Act, and UK Investigatory Powers Act as problematic
• The pledge comes days after the US managed to get the UK to drop the encryption backdoor demand against Apple

The Federal Trade Commission (FTC) is calling on US tech giants to resist foreign demands to either weaken the security of their users by breaking encryption protections or impose censorship on their platforms.

On Thursday, August 21, 2025, FTC Chair Andrew Ferguson wrote a letter to 13 tech companies, including Apple, Alphabet (parent firm behind Google), Meta, Microsoft, and Amazon.

Ferguson specifically mentions the EU Digital Service Act, UK Online Safety Act, and UK Investigatory Powers Act as attempts to "censor content or degrade security for users." These actions, he warns, could also violate Section 5 of the Federal Trade Commission Act that prohibits unfair or deceptive acts, while eroding Americans' freedoms and online security.

"Foreign governments seeking to limit free expression or weaken data security in the United States might count on the fact that companies have an incentive to simplify their operations and legal compliance measures by applying uniform policies across jurisdictions," wrote Ferguson.

This pledge comes only days after the US officials managed to score a win and made the UK agree to drop its encryption backdoor request against Apple, which was issued back in February via a Technical Capability Notice (TCN) under the 2016 Investigatory Powers Act.

A greater push for control

(Image credit: Photo Illustration by Idrees Abbas/SOPA Images/LightRocket via Getty Images)

The UK and the EU have pushed for greater control over the internet in the name of safety over the last few years, crafting legislation that often requires US tech providers to adjust their services.

There are two main areas of contention: encryption and harmful, but legal, content.

Encryption refers to the technology used by security software like the best VPN apps, secure email, and encrypted messaging apps to keep online communications private between you and the receiver.

While that's a crucial protection – especially as major cyberattacks like Salt Typhoon become the norm – authorities see this as an obstacle to criminal investigation and are pushing for the creation of backdoors into encrypted software.

The likes of Signal and WhatsApp have already voiced their concerns against laws and proposals such as the UK Online Safety Act and EU Chat Control.

US tech firms and officials alike have also been raising concerns about new UK and EU requirements to mitigate online dangers by halting the spread of misinformation and content that could harm minors.

These frictions led the Trump administration to consider imposing sanctions on the EU for censoring Americans and imposing higher costs on US tech firms under its Digital Service Act – Reuters reported on Monday, August 26.

You might also like

• Europe needs to decouple from Big Tech USA: Here are 5 ways it can be achieved
• The Online Safety Act isn't just about age verification – end-to-end encryption is also at risk
• "A war against online anonymity" – why Switzerland wants to change its surveillance law and what's at stake

• The ROG Xbox Ally X's early benchmark indicates strengths in power efficiency and cooling
• Gaming at 18W TDP with frame generation yields high frame-rates in Doom: The Dark Ages with low temperatures
• Pricing is still not confirmed ahead of its October 16 launch

The Asus ROG Xbox Ally X launch isn't too far away, with the handheld landing on October 16 to challenge the best handheld gaming PCs on the market. However, early benchmarks have given us an insight into what we should expect performance-wise – and I'm not convinced just yet.

As highlighted by Windows Report, the ROG Xbox Ally X excels at power efficiency and cooling, based on early benchmarks by Cary Golomb on X. At 18W TDP (Thermal Power Design or, essentially, power consumption) with FSR upscaling, ray tracing, and frame generation enabled, it hit 70fps in intensive sequences in Doom: The Dark Ages.

This was achieved while using AMD's Ryzen Z2 AI Extreme processor, with the GPU load at 97%, and the temperature remaining stable at 57C. Gamers will be able to save plenty of battery life while using the Xbox Ally X on the go, thanks to its 80Wh battery, and this early benchmark is a clear indication of that.

ROG Xbox ALLY X Doom the Dark Ages1080p upscaled (FSR 50% 540p base res)Ray Tracing enabledCustom low-medium settingsFSR Frame-gen enabled.~70fps in this scene.~26w total (~18w TDP) but good news is we see the system self balancing power.My YouTube video tomorrow. pic.twitter.com/v6gh6uhpkhAugust 22, 2025

However, without the use of frame gen in this early benchmark, the frame rate would likely fall between 35 to 40fps, which isn't that much better than you would get with the Z2 Extreme's predecessor, the Z1 Extreme.

It's unclear whether the Ryzen AI Z2 Extreme processor used in the ROG Xbox Ally will show significant performance differences over the standard Z2 Extreme. One thing that's clear to me (based on early showcases), though, is that this handheld isn't impressive enough to warrant a high price tag.

Analysis: A minor improvement from the Ryzen Z1 Extreme isn't worth the cost

Now, I must reiterate that the price for the ROG Xbox Ally X isn't confirmed and is due to be announced later in September once pre-orders become available. However, all the signs from rumors and leaks point towards the device costing €899 – that would work out to around $1,050 (about £775 / AU$1,600) or potentially more. If that's the case, then its future success could be in the balance.

It's worth noting that the ROG Xbox Ally will be the cheaper and less powerful alternative, reportedly costing €599 (which should be around $700, or about £520 / AU$1,070), but its Ryzen Z2A with RDNA 2 architecture is highly unlikely to challenge the Ryzen Z1 Extreme.

Based on benchmarks between the Ryzen Z2 Extreme and the Ryzen Z1 Extreme, the performance jump does not appear to be significant enough to warrant paying $1,000; the original Asus ROG Ally and Lenovo Legion Go handhelds can be found much cheaper on sale.

As I've said before, I've got my eye on the Lenovo Legion Go S using the Z1 Extreme, since it's the only reasonable upgrade for me with 32GB of RAM and an 8-inch screen. Any other handheld is priced too high, and unfortunately, it looks like the ROG Xbox Ally X is joining that list, too.

You might also like...

• Best Xbox One games 2025: top titles to play right now
• New Xbox Series X games 2025 - the most anticipated Xbox release dates
• Where to buy the Asus ROG Xbox Ally handhelds: latest pre-order details, key information, and best early retailer links to bookmark now

• Square Enix has announced the dates for Final Fantasy 14 Fan Festival 2026
• The three events take place next year across the US, Europe, and Japan
• We can likely expect the first details of the game's next expansion to be revealed

Great news, fellow Warriors of Light: Square Enix has just announced the official dates for Final Fantasy 14's Fan Festival 2026.

In case you're new to the popular MMORPG, or are generally unfamiliar, Fan Festival (usually shortened to 'Fan Fest') is a bi-annual in-person convention meant to celebrate everything Final Fantasy 14. You can usually expect game-related challenges, musical performances, cosplay contests and the like.

More importantly, though, is that developer Creative Studio 3 - including game director Naoki Yoshida - typically reveals the first details of Final Fantasy 14's next expansion at Fan Fest. So whether you're going in-person or not, you'll certainly want to tune in if you're a fan of the game.

The first of next year's Fan Fest events is to take place at Anaheim Convention Center in Anaheim, California, US, on April 24, 2026. The second is three months later at Messe Berlin, Germany, on July 25. Finally, Tokyo's Makuhari Messe will host the last of three Fan Fests on October 31. Spooky!

Typically a two-day event, each Fan Fest gradually reveals more information about Final Fantasy 14's upcoming expansion. If next year's events follow similar patterns, we can expect preliminary info and a title drop at the US convention. More detailed info, including new areas, jobs (read: classes), extended trailers and release date will then be revealed at the European and Japanese-based events.

While we won't know the next expansion's official release date for a while, we can speculate based off of Tokyo's Dawntrail Fan Fest, for the game's current major expansion. That took place on January 7, 2024, with the expansion launching roughly six months later on July 2.

With the next Tokyo Fan Fest airing on October 31 - November 1, there are some concerns among the fanbase that we may not get to play Final Fantasy 14's next expansion until mid-2027. That would be an awful long time to wait, so hopefully, we can expect to play it a little earlier than what we might think.

You might also like...

• Fortnite Dino Megazord release date and what to expect from the new Power Rangers skin
• 'Just rely on backwards compatibility' – Switch 2 dev kits aren't making their way to some studios, and it could be a deliberate move from Nintendo
• The next Nintendo Direct showcase will reportedly air next month, just in time for Super Mario Bros.' 40th anniversary

• Report find CISOs are less confident in their staff protecting their companies
• Nearly twice as many experienced a material data loss this year
• Many are worried about AI’s risks, some are set to use it to their benefits

Barely more than half (57%) of Chief Information Security Officers (CISOs) believe staff understand their role in protecting the company, new research from Proofpoint has claimed.

The figure is down from 84% in 2024, and comes alongside a finding that despite their best efforts and investments in preventative measures, human error remains the top vulnerability, cited by around three in five CISOs.

This comes as three in four (74%) UK CISOs experienced material data loss in the past year – nearly double the 39% in 2024.

UK CISOs are worried that workers are risking their companies

Proofpoint's research added 86% of the material data loss instances involved departing employees, yet despite awareness programs, 30% of organizations still lack insider risk resources.

Looking ahead, nearly two-thirds (63%) are expecting a material cyberattack in the next 12 months, and yet nearly as many (61%) admit their organization is unprepared to respond with 57% prepared to pay a ransom to quickly restore systems or prevent data leaks.

Cybercriminals aside (as AI tools have lowered the entry barrier while simultaneously boosting attack sophistication), CISOs are also worried about AI use within their companies. Two in three (66%) restrict employee GenAI use altogether, with only 60% boasting GenAI usage guidelines.

“As GenAI adoption accelerates both opportunity and threat, CISOs are being asked to do more with less, navigate unprecedented complexity, and still safeguard what matters most,” Proofpoint Global Resident CISO Patrick Joyce noted.

Still, more than half (55%) are exploring AI-enhanced defenses moving forward, with 72% prioritizing safe GenAI use over the next two years.

“CISOs now face a dual responsibility: harnessing AI to strengthen their security posture while ensuring its ethical and responsible use,” Proofpoint Chief Strategy Officer Ryan Kalember added.

However, all of this has resulted in increased pressure on CISOs – 67% report excessive expectations (up from 62% last year), and 58% have either experienced or witnessed burnout in the past year.

Kalember noted that CISOs have now become central to company decision-making, however Proofpoint’s research revealed boardroom alignment with UK CISOs has declined from 84% in 2024 to 57% in 2025, suggesting they’re not getting the support they need.

Looking ahead, companies can make subtle changes to close the insider risk gap and to enhance data loss protection while also establishing CISO role clarity in the AI era.

You might also like

• We’ve listed the best endpoint protection software
• Prepare for evolving attacks with the best ransomware protection
• UK firms at at risk of more cyber incidents - here's how to stay protected

The browser wars are back — only this time, the battleground isn’t tabs or load times. It’s intelligence.

A new wave of AI-powered browsers promises to transform how we interact with the web, turning passive pages into active assistants that summarize, search, automate, and act on your behalf. But while the tech may feel novel, the business model behind it isn’t. These browsers don’t just offer smarter tools — they risk ushering in a new era of data extraction, baked into the very architecture of how we browse.

On 9 July, Perplexity launched Comet — a slick new browser that promises to revolutionize how we interact with the web using embedded AI assistants. Soon, OpenAI is expected to follow, reportedly designing its browser to take on Google Chrome by baking agentic AI models directly into the browsing experience. These models won’t just help you navigate the web — they’ll act on your behalf, making decisions, summarizing content, and even initiating tasks.

For all the talk of innovation, though, there’s an uncomfortable sense of déjà vu. Because while the front end may be changing, the business model behind it all feels eerily familiar — surveillance, packaged as convenience.

Privacy failures

We’ve been down this road before. For anyone who remembers Cambridge Analytica or Google’s $5 billion Incognito tracking lawsuit, the idea that tech companies might exploit user data in the name of progress shouldn’t come as a surprise.

What is surprising, though, is how quickly AI companies are embracing the very same privacy failures that landed their Web 2.0 predecessors in hot water. Comet, for instance, reportedly tracks “everything users do online” to build hyper-personalized ad profiles — a move straight out of the early-2000s Google playbook.

But this isn’t just a repeat of the past. The stakes are much higher now. AI systems don’t simply store information — they learn from it. They don’t just record your browsing history — they analyze it, infer your intent, predict your preferences, and adapt to your behavior. This isn’t passive tracking. It’s predictive, persuasive, and increasingly invisible.

Invisibility

And that invisibility is part of the problem. When a browser starts finishing your sentences, anticipating your questions, and helping with your emails, it feels like magic. But behind that seamless experience is a complex black box trained on your digital life. And unlike cookies or ad IDs, this kind of data isn’t easily wiped.

Once an AI model ingests your personal information, there’s no reliable way to make it forget. What goes in becomes part of the model’s DNA — shaping its outputs long after you’ve closed the tab.

Some argue that users understand this trade-off — that people are willingly giving up privacy for smarter tools. But let’s not pretend “I agree” on a 12,000-word terms of service means informed consent.

Most users don’t know what they’re giving away, let alone how it might be used months or years down the line. We’ve normalized this kind of ambient data collection to the point that it barely registers as a privacy issue anymore. That doesn’t make it harmless. It just makes it harder to spot.

Building user trust

As the founder of Aloha Browser, I’ve spent years watching the industry flirt with these trade-offs. I understand the temptation to lean into data-driven personalization. But I also know that building user trust requires restraint, not reach. Respecting people’s boundaries shouldn’t be considered radical — it should be the baseline.

The urgency of this moment isn’t just technical — it’s also regulatory. Earlier this month, the European Commission released a voluntary Code of Practice for general-purpose AI models, marking the first major milestone in the rollout of the EU’s AI Act.

Full compliance will become mandatory by August 2026, but these early guidelines already signal the direction of travel — transparency, documentation, and accountability. Europe now has the chance to lead by example — to show that it’s possible to build transformative AI products without reverting to the surveillance capitalism model that defined the last digital era.

Invisible surveillance

But regulation moves slowly, and the industry doesn’t wait. The AI browsers launching now will set precedents — technical, legal, and cultural — that could shape the next decade of digital life.

If we let these tools define “normal” before the rules catch up, we may find ourselves trapped in an architecture of invisible surveillance that’s far more entrenched than anything we faced in Web 2.0. If we’re not careful, today’s AI browsers could usher in a form of surveillance even more pervasive — and less visible — than anything we saw with Cambridge Analytica.

We don’t have to accept that outcome. If we don’t fight for privacy now, we’ll lose it — not with a bang, but with an instant, frictionless click.

We've featured the best business VPN.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Financial services firms are no strangers to cyberattacks, often facing some of the most expensive consequences. In 2024, the average cost of a data breach in the financial industry worldwide was $6.08 million, while the global average cost of a data breach across all studied industries was $4.88 million.

The growth of Ransomware-as-a-Service (RaaS) has amplified this threat. Today’s attackers often operate within organized networks that leverage AI-driven technologies for target selection, breach execution, and extortion. This is a particular challenge for financial services, already a key target by cybercriminals thanks to the sector’s lucrative assets and sensitive data.

To counteract this rising tide, the EU introduced the Digital Operational Resilience Act (DORA) earlier this year - a sweeping regulation that mandates enhanced risk management, incident reporting, and third-party oversight in the financial sector. For financial institutions, compliance with DORA is more than a tick-box exercise, it’s a strategic imperative for operational survival.

A structured path to resilience

DORA’s framework provides financial institutions with a structured path to resilience by requiring institutions to develop comprehensive strategies for identifying, reporting, and mitigating information and communications technology (ICT)-related incidents. In the context of ransomware, the regulation emphasizes the importance of early detection, accurate reporting, and verified data integrity.

When a ransomware attack occurs, the initial response window, often within the first hour, is critical. Swift, coordinated actions can mean the difference between a controlled incident and a full-scale operational crisis. As a result, DORA compels financial organizations to establish and regularly test detailed response plans, ensuring staff are trained and roles are clearly defined.

One of the cornerstones of compliance is the ICT risk management audit, which involves identifying all types, locations, and classifications of data and storage infrastructure. To do this effectively, organizations must adopt tools that provide full visibility into their data environments, as this allows for rapid and accurate reporting when incidents occur. These tools can link isolated datasets and apply uniform security policies across hybrid and multi-cloud environments, saving a business large amounts in downtime damages.

Ensuring data visibility and control

cybercriminals increasingly targeting critical data sites, IT teams are now required to continuously monitor for infrastructure anomalies. This is particularly important in cell-level data corruption, a stealthy form of attack where malicious code is embedded deep within databases, lying dormant until it’s triggered to corrupt vital assets. These attacks are difficult to detect and can undermine trust in the integrity of the entire dataset.

The key effective countermeasure is to maintain secure, immutable backups that are regularly tested for integrity and can be restored rapidly if needed.

AI plays a vital role here. Modern AI tools can detect anomalies in user behavior, flag potential compromises, and automate the process of isolating malware-infected backups. By continuously scanning for subtle changes in data patterns, these systems serve as an early warning mechanism, triggering immediate recovery and minimizing disruption.

To be effective, backup systems must also be resilient themselves. This means ensuring that storage locations are physically secure, regularly tested, and not connected to the network in a way that would allow them to be compromised during an attack. Immutable storage is increasingly seen as a best practice, as it ensures data cannot be altered once written.

Speed matters: responding to an active threat

Once a ransomware attack is detected, a fast response is required . IT teams must act swiftly to isolate affected systems and end-users, minimizing the potential spread of malware. Data management tools enable teams to quickly identify which datasets have been accessed or altered, allowing for precise damage assessment and targeted recovery.

If backups have been properly maintained, organizations can restore data without paying a ransom. However, in order to avoid fines for non-compliance and to assist regulatory investigations, institutions must also be able to accurately report the specifics of the attack, including the strain of ransomware involved and its impact on operations.

Building a culture of preparedness

True cyber resilience doesn’t begin in the moment of attack, it starts with preparation. DORA mandates that financial services providers not only implement technical defenses but also cultivate a culture of readiness and transparency. This includes having a clearly communicated, continually updated ransomware response strategy that extends to third-party service providers.

Failure to comply with DORA can result in substantial penalties, including fines of up to 2% of global annual turnover. Beyond avoiding financial harm, compliance also offers a strategic advantage; it demonstrates to customers and partners that an institution can be trusted to safeguard sensitive data and maintain operational continuity in the face of threats.

The future of data protection

As ransomware threats continue to evolve, financial institutions must shift from reactive defense to proactive resilience. Regulatory frameworks like DORA offer not only a roadmap for compliance but an opportunity to strengthen operational integrity and customer trust. By investing in visibility, rapid response capabilities, and a culture of preparedness, organizations can not only meet regulatory expectations—but emerge stronger, more secure, and more competitive in an increasingly high-risk digital environment.

We've featured the best online cybersecurity course.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

While many boardrooms buzz with excitement about AI, cloud migration, and digital transformation, the reality on the ground tells us a different story. The gap between strategic vision and technical execution is widening, creating what we call the "last mile problem”, where promising technologies fail when they meet the messy reality of legacy systems, data governance, and real-world constraints.

Digital transformation isn’t just a matter of buying the right tools, the right computer, and getting rid of legacy tech. But anyone who has actually tried to implement these technologies on a scale knows the reality is messy and complicated.

As businesses scramble to capitalize on AI, green software, cloud, there is a growing disconnect between technical reality, and grand strategic vision. We call it the ‘Devil’s in the Detail’ approach: a philosophy that embraces the often uncomfortable, technical realities of deploying innovation, where real, lasting transformation occurs.

Many initiatives fail in the ‘last mile’ - we’ve seen this from self-driving cars to retailers implementing new payment systems. Often, the grand vision survives until it meets the messy reality of legacy systems, data governance, and cross-border compliance.

Understanding what sounds good in a boardroom presentation versus what works in real life

What sets builders apart from talkers isn’t always just the technical expertise - it's understanding that implementation is strategy. Consider the challenge of AI bias mitigation, a priority that generates significant attention across every industry, from automotive giants to the NHS and schools across the UK.

The technical reality is often more complex than typical policy discussions suggest. Everyone agrees AI bias is bad, but practically speaking, it’s extremely difficult to get your hands on digitized data in certain languages or from underrepresented groups to actually train the bias out of an LLM model - what you put in, you get out. Even if you could, there are often substantial compliance issues when it comes to moving sensitive data across borders.

More fundamentally, addressing AI bias requires understanding the full data lifecycle, from collection and preprocessing through model training and deployment. Each stage introduces potential bias amplification that technical teams must identify and mitigate. This requires expertise that spans machine learning, data engineering, regulatory compliance, and domain-specific knowledge about the business processes being automated.

This represents the operational reality that technology consultancies must navigate. Bridging the gap between strategic intent and technical execution. The approach requires organisations to maintain rigorous standards while managing client expectations around feasibility and timelines. A practical step may also be an ‘AI/Data Officer’ in the room when discussing plans for tech strategy. It’s something we use to make sure that the goals being shared will match technical execution.

Making new tech ready for prime time

How can organizations make new tech ready for prime time? It’s about making sure the approach works in the real world, not just in word documents. This approach is particularly crucial in retail, where the gap between digital transformation promises and delivery reality can make or break customer experiences. A checkout system that works beautifully in testing but crashes under Black Friday traffic volumes isn't just a technical failure; it's a business catastrophe.

The organizations that thrive in digital transformation recognize that implementation complexity is not a barrier to overcome but a competitive advantage to master. The technical depth required to navigate these challenges becomes a differentiating capability in markets where strategic vision alone is insufficient.

As media narratives elevate hype over practicality, the businesses that succeed will be those who can decode the messy middle, not just theorise from the top. The devil, as they say, is in the detail, and that's exactly where real transformation happens.

Technical expertise becomes a strategic asset when organizations understand that successful digital transformation requires mastery of implementation complexity rather than just conceptual innovation. Companies that invest in deep technical capabilities, understanding distributed systems, data governance, and integration patterns, create sustainable competitive advantages that can't be easily replicated through strategic planning alone.

Decoding the messy middle

The broader lesson here is that enterprise technology transformation isn't just about adopting new tools or the shiniest new product. It's about understanding how those tools actually work in complex, real-world environments. As media narratives elevate hype over practicality, the businesses that succeed will be those who can decode the messy middle, not just theorize from the top.

Lots of people have lofty points of view on AI, cloud, and responsible tech. But these technologies are usually much more complicated when you lift up the hood. Untangling this complexity is hard and important. It's a reminder that in an industry obsessed with the next big thing, sometimes the most valuable skill is knowing how to make the current big thing work. The devil, as they say, is in the detail. And that's exactly where real transformation happens.

We've featured the best IT infrastructure management service.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

A Fortnite Megazord skin is set to launch next month, adding in the iconic Power Rangers battle robot, as well as additional items to earn. This all ties in with the ongoing Power Rangers collaboration as part of Chapter 6 Season 4 (Shock 'N Awesome).

What's new in Fortnite?

(Image credit: Epic Games)

Fortnite just launched a One Punch Man collaboration. This adds a new mythic which powers up your Harvesting Tool. You'll be able to take enemies down with one hit of the pickaxe. There's additional One Punch Man skins to take a look at in the store too, as well as new items on the Island Map.

Now that a brand new season of Fortnite has launched. There's a completely fresh map to try out, and the addition of a bug-fighting ranking system. There are ranks to rise through in each match, giving you access to progressively more powerful gear.

We've got a while until the next season of Fortnite arrives, but there's plenty to keep us busy until then. It's regular updates like these that continue to keep Fortnite ranked highly in our best free games list.

Here's everything you need to know about the Fortnite Dino Megazord skin, including when it's coming to the game and details on how to unlock it once it's here. As new info is revealed closer to launch, we'll be sure to update this page.

Fortnite Megazord release date

(Image credit: Epic Games)

Fortnite's Megazord skin will release on September 16, 2025. This can be seen in the in-game calendar that's on the main menu screen before loading into a match. Battle Pass owners will be able to complete Quests to unlock the Dino Megazord skin and associated cosmetics. The Megazord Quests will be available to progress until November 1, 2025.

The best place to keep up on specific updates closer to the launch of the new season is the Fortnite Status Twitter account. We'll be sure to keep this page up to date as well.

How to unlock the Fortnite Megazord skin

(Image credit: Epic Games)

You'll be able to start completing Quests on September 16, 2025 that progress towards the Fortnite Dino Megazord skin. As with previous special skins like Superman, earning XP will slowly unlock more and more rewards. We'll have to wait until closer to launch to know exactly what these quests are, but expect them to revolve around Power Rangers items, weapons and NPCs.

You Might Also Like...

• Our picks for the best free games to play right now
• Fortnite Chapter 4 review
• Fortnite Nintendo Switch 2 review

• Project Moohan could launch on September 29, according to a new leak
• It will be Samsung's first Android XR headset
• Pricing may be cheaper than the Apple Vision Pro

We've been waiting a long time for Project Moohan, Samsung's first XR (extended reality) headset developed in partnership with Google. It was announced back in December, but thanks to a new leak we may now have a release date and a price for the device.

According to Newsworks (via GSMArena), Samsung is plotting another Unpacked event for Monday, September 29, to announce the Android XR headset. Sales will then follow on October 13, beginning in Samsung's home country of South Korea.

Samsung has already said the headset will be launching in the second half of 2025, so the new information fits with that. Project Moohan is just a codename though ("moohan" means "infinity" in Korean), so we're still not sure exactly what it's going to be called.

The report mentions pricing too: between 2.5 and 4 million won. Samsung won't use a direct currency conversion internationally, but for reference that's a starting price of $1,790 / £1,330 / AU$2,765 at today's rates.

Choose your reality

We've already given the headset a try (Image credit: Jacob Krol/Future)

This is Samsung's first XR headset: the XR term encompasses both augmented reality (digital elements on top of the real world), virtual reality (completely enclosed digital worlds), and mixed reality (digital elements interacting with the real world).

In other words, XR = AR + VR + MR, so this sounds like a true all-rounder. The Meta Quest 3 is marketed as a mixed reality headset, and based on the time we've spent with Project Moohan prototypes, this new device will work in a similar way.

Apple completely ignores these terms for the Vision Pro, which it calls a "spatial computer", but it's the same sort of thing really. In our testing, we found Project Moohan to be a less premium, more lightweight take on the Apple Vision Pro approach.

We'll be able to try out the finished version of the product in the near future. It looks as though there'll be a Snapdragon XR2+ Gen 2 processor fitted inside, together with 16GB of RAM, and Gemini AI will of course be available on board.

You might also like

• Project Moohan could get first-party controllers
• What we know about Project Moohan
• 3 things we want from Samsung's XR headset

Spoilers for The Summer I Turned Pretty season 3 episode 8 ahead.

Can you hear the sound of Prime Video fans sighing with relief? The Summer I Turned Pretty season 3 episode 8 has finally stopped the wedding that should never be happening, though Belly (Lola Tung) currently isn't in a position to see that as a good thing. Since the very first season of the hit show, she's been torn between brothers Conrad (Christopher Briney) and Jeremiah (Gavin Casalegno), yet chooses to marry Jeremiah after a haphazard proposal at the end of season 3 episode 1.

However, as we saw from the bachelorette party in season 7, it's all a bit more complicated than that. Conrad and Belly both still have feelings for each other, with Belly refusing to acknowledge how she really feels while Conrad makes a brave declaration of his love. After finding out Jeremiah has cheated on her (twice), Conrad begs Belly to leave him and be with her, prompting Belly to respond that they "never meant anything." Ouch.

Obviously, we know this is a complete lie, as Belly dances around the club picturing Conrad as the future she wants. She's been making bad decision after bad decision as she's intent on marrying someone who doesn't even respect her, pushing everybody else away in the process. But something beautiful happens in The Summer I Turned Pretty season 3 episode 8, and it involves absolutely no boys at all (almost).

Belly finally chooses herself in The Summer I Turned Pretty season 3 episode 8

Lola Tung (Belly) in The Summer I Turned Pretty. (Image credit: Amazon Prime Video)

Jeremiah seemingly got the boot in episode 6, but season 3 episode 8 has officially broken off their engagement on the morning of the wedding. In the penultimate scene, Jeremiah claims that he's been waiting for Belly to admit she still has feelings for Conrad, saying that he's known through the entire engagement that the pair have a bond that goes beyond the superficial romance Belly and Jeremiah have. He sees the way Belly looks at Conrad, stating (rightly, for once) that Belly can't marry Jeremiah simply to bury the feelings she has for Conrad.

As we hear from Belly's voiceover, she can't bring herself to go through with the wedding either, breaking off their hand-holding as Jeremiah leaves the room. However, her screen time tells us a different story, practically begging Jeremiah to marry her while claiming what they have is special, and Conrad is nothing in comparison. Absolutely nobody is buying this, though, and I for one could have punched the screen I was so overjoyed.

We've been waiting for Belly to have her head screwed on and properly start thinking about what's best for her, rather than just chasing who happens to have her heart at the moment. By catching a flight to Paris (where else?), she's giving herself the time and space she needs to think things through, recuperate while hopefully finding herself in the process. No boys means no drama, and The Summer I Turned Pretty should reflect that as the healthiest choice... but it won't.

How do I know this? Because as Belly arrives at the airport terminal, she spots Conrad sitting across from her, clearly waiting to go somewhere too. The screen cuts to black before we see Belly's full reaction to him sitting there, but either The Summer I Turned Pretty season 3 is heading straight back to its old tricks, or Belly's seeing someone that isn't actually there. I've no doubt we'll be seeing more where the peach stand scene came from, but let me have my man-free victory in peace for more than just a week, Amazon.

You might also like

• Stand ready for Invincible season 5's arrival, worm: Amazon confirms the hit Prime Video show's fourth chapter won't be its last
• Ballard season 2 would have a ‘very exciting’ arc says Maggie Q – but the Bosch spin-off might not return, despite being Prime Video’s #1 show
• New to Prime Video? Here are 5 movies and TV shows with over 90% on Rotten Tomatoes to get you started

• Salesloft was breached when OAuth tokens from SalesDrift were stolen
• Google tracked the threat actors as UNC6395
• ShinyHunters claimed responsibility for the attack

Revenue workflow platform Salesloft suffered a cyberattack which saw threat actors break in through a third-party and steal sensitive information.

The company is using Drift, a conversational marketing and sales platform that uses live chat, chatbots, and AI, to engage visitors in real time, alongside its own SalesDrift, a third-party platform which links Drift’s AI chat functionality to Salesforce, syncing conversations, leads, and cases, into the CRM via the Salesloft ecosystem.

Starting around August 8, and lasting for about ten days, adversaries managed to steal OAuth and refresh tokens from SalesDrift, pivoting to customer environments, and successfully exfiltrating sensitive data.

Attack attribution

"Initial findings have shown that the actor's primary objective was to steal credentials, specifically focusing on sensitive information like AWS access keys, passwords, and Snowflake-related access tokens," Salesloft said in an advisory.

"We have determined that this incident did not impact customers who do not use our Drift-Salesforce integration. Based on our ongoing investigation, we do not see evidence of ongoing malicious activity related to this incident."

In its write-up, Google’s Threat Intelligence Group (GTIG) said the attack was conducted by a threat actor known as UNC6395.

“After the data was exfiltrated, the actor searched through the data to look for secrets that could be potentially used to compromise victim environments,” the researchers said.

“GTIG observed UNC6395 targeting sensitive credentials such as Amazon Web Services (AWS) access keys (AKIA), passwords, and Snowflake-related access tokens. UNC6395 demonstrated operational security awareness by deleting query jobs, however logs were not impacted and organizations should still review relevant logs for evidence of data exposure.”

Google seems to believe this is a unique threat actor, which is why it gave it a unique moniker UNC6395.

However, hackers known as ShinyHunters told BleepingComputer the attack was actually their doing - although Google begs to differ, telling the site, "We've not seen any compelling evidence connecting them at this time."

You might also like

• A flaw in Google OAuth system is exposing millions of users via abandoned accounts
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

• The Samsung Galaxy S26 Ultra could have a camera island
• This is apparently necessary due to upgrades to the main and telephoto cameras
• However its battery capacity might not be increased

The Samsung Galaxy S26 Ultra will be a mixed bag of big upgrades and completely unchanged specs, if the latest leaks are anything to go by, but let’s start with the rumored upgrades.

According to South Korean site Newsis (via SamMobile), the Galaxy S26 Ultra will have a camera island. That’s a camera design we haven’t seen on this line of phones since the Samsung Galaxy S21 Ultra, with subsequent models having lenses that protrude directly out of the back instead.

According to this report, the move to a camera island on the Galaxy S26 Ultra is a necessary change to accommodate upgrades to the phone's main and telephoto cameras.

The source doesn't specify what these upgrades are, mind, but we’ve previously heard multiple times that the Galaxy S26 Ultra’s main camera might have a wider aperture, allowing it to capture more light. The Galaxy S26 Ultra’s telephoto camera might also have a wider aperture, so those could be the upgrades referred to here.

Today’s report also doesn’t detail what shape the camera island will be, so it’s unclear whether this will be a return to the design of the Samsung Galaxy S21 Ultra or something different. But either way, it should make the phone look very different from the Samsung Galaxy S25 Ultra from the back.

No battery boost

The Samsung Galaxy S25 Ultra (Image credit: Future / Lance Ulanoff)

Now for the less good news – SamMobile has spotted a Chinese certification for a new Samsung battery that the site believes is intended for the Galaxy S26 Ultra, and it has a 5,000mAh capacity, just like the battery in the Galaxy S25 Ultra.

While that isn’t small, it is a lower capacity than many rival handsets, and it’s a capacity that Samsung seems very reluctant to go beyond.

Still, even if this battery does end up in the Galaxy S26 Ultra, the phone might have better battery life anyway thanks to a more efficient chipset, and reports have also suggested it might offer faster 65W charging.

We’re not expecting to see the Samsung Galaxy S26 Ultra until January, though, so there’s plenty of time for other leaks to emerge and contradict these ones.

You might also like

• The Samsung Galaxy S26 Ultra could have a privacy-boosting AI trick built into its screen – here’s how it works
• Two key specs leak for the Galaxy S26 – and we may get a battery upgrade at last
• The Galaxy S26 Edge could be even thinner with a bigger battery, which sounds too good to be true – but I hope it is

• Adobe reveals addition of Gemini 2.5 Flash Image to Firefly and Express
• Firefly models are already supported by models from Google, OpenAI and more
• Gemini 2.5 Flash Image promises better performance

Google’s Gemini 2.5 Flash Image is now available in Adobe Firefly for text-to-image functionality and Adobe Express.

Gemini 2.5 Flash Image allows Adobe users to generate stylized graphics in Firefly, then animate, resize, add captions and publish via Adobe Express, making the whole end-to-end process even slicker.

Other use cases include campaign asset changes for marketers (such as swapping backgrounds and creating variations), and prototyping product concepts for designers.

Adobe Firefly and Express get Gemini 2.5 Flash Image

Although many of these features were previously available using Adobe’s own Firefly models, Google’s Gemini model improves the experience with better context and knowledge, consistency and performance.

Adobe also uses other partner models from companies like OpenAI, Black Forest Labs, Runway, Pika, Ideogram, Lume AI, Moonvalley and more to give users the choice. By not restricting them to in-house models and giving them more flexibility, it ultimately means customers are more likely to stay subscribed to Adobe’s platform.

For a limited time, Adobe is offering paid customers unlimited generations with Gemini 2.5 Flash Image as a welcome promotion. Even free Firefly users will be able to access up to 20 generations to test the newly added model.

Regardless of model selection, though, Adobe stressed that user-generated content and uploads will not be used to train generative AI models.

“This has always been the case for Adobe Firefly generative AI models, and it’s a requirement in all our partnership agreements,” VP of New GenAI Business Ventures Hannah Elsakr wrote in a blog post.

“With today’s addition of Google’s Gemini 2.5 Flash Image in Adobe Firefly and Adobe Express, people have even greater flexibility to explore their ideas with industry-leading generative AI models and create stunning content with ease,” Elsakr added.

You might also like

• These are the best AI image generators
• Want a change? We’ve listed the best Adobe Photoshop alternatives
• Adobe Firefly is about to make its biggest leap in AI video yet with a new model and Veo 3 integration

• Tbps-scale DDoS attacks have shifted from rare anomalies to constant threats
• Hacktivist groups weaponize automation and botnets to destabilize fragile infrastructure
• Political disputes increasingly spill online, triggering destructive waves of cyber aggression

The first half of 2025 marked another MAJOR escalation in distributed denial-of-service (DDoS) activity, with new NetScout research documenting more than eight million attacks worldwide in these six months.

More than three million attacks were recorded across Europe, the Middle East, and Africa, underscoring the regional strain.

It also noted terabit-per-second scale strikes, once rare anomalies, have become almost routine, with peaks reaching 3.12Tbps in the Netherlands and 1.5Gbps in the United States.

Political conflict drives digital aggression

These findings suggest DDoS attacks are no longer an occasional disruption, but an entrenched method of destabilizing essential networks, as geopolitical tensions remain a key trigger for major attack campaigns.

NetScout noted how disputes between India and Pakistan spurred extensive waves of hostile activity against Indian financial and governmental systems.

Similarly, during confrontations involving Iran and Israel, over 15,000 strikes targeted Iranian infrastructure in a matter of days, while fewer than 300 targeted Israel.

Even international forums were not spared, with events in Switzerland experiencing more than 1,400 incidents in a single week.

Much of this scale also relies on compromised devices operating as botnets.

In March 2025 alone, attackers launched an average of 880 botnet-driven incidents daily, with peaks of 1,600.

The compromised systems typically included routers, servers, and IoT devices, often relying on known flaws rather than undiscovered vulnerabilities.

Despite years of security warnings, these weaknesses remain consistently exploited, enabling short but impactful campaigns that disrupt dependent services.

For organizations relying only on basic antivirus or endpoint protection, such sustained botnet traffic presents challenges that overwhelm conventional safeguards.

Furthermore, the evolution of DDoS campaigns has been accelerated by automation and artificial intelligence.

Multi-vector strikes and carpet-bombing techniques now occur faster than defenders can respond, creating asymmetric pressure.

NetScout also pointed to the emergence of “rogue LLMs,” which provide hostile actors with accessible planning and evasion methods.

Combined with DDoS-for-hire platforms, these tools have significantly reduced the barriers for inexperienced attackers, enabling high-capacity strikes with minimal technical depth.

The outcome is that Tbps-scale incidents have shifted from rare spectacles to constant risks.

Among hacktivist collectives, NoName057(16) continues to execute the most frequent campaigns, far outpacing rivals.

In March, the group claimed more than 475 attacks, primarily directed at government portals in Spain, Taiwan, and Ukraine.

Their reliance on varied flooding techniques indicates both coordination and persistence, suggesting ideological motivations beyond opportunistic disruption.

While new players such as DieNet and Keymous+ entered the scene with dozens of attacks across multiple sectors, their activity still fell short compared with NoName057(16)’s scale.

“As hacktivist groups leverage more automation, shared infrastructure, and evolving tactics, organizations must recognize that traditional defenses are no longer sufficient,” stated Richard Hummel, director, threat intelligence, NetScout.

“The integration of AI assistants and the use of large language models (LLMs), such as WormGPT and FraudGPT, escalates that concern. And, while the recent takedown of NoName057(16) was successful in temporarily reducing the group’s DDoS botnet activities, preventing a future return to the top DDoS hacktivist threat is not guaranteed.”

You might also like

• The best antivirus software can keep your devices protected
• Surf the web at speed with the best browser
• AI in the workplace: the legal risks businesses can’t afford to ignore

From smart watches to smart supply chains, digital transformation is reshaping how we live, work and interact. But the true vision of an interconnected world – where billions of everyday items are embedded with intelligence – remains just out of reach.

That’s not because the ambition is too bold. In fact, it’s widely recognized. McKinsey estimates the Internet of Things (IoT) could deliver up to $12.5 trillion in global value by 2030. Extend that connectivity to low-cost everyday objects, and the potential increases dramatically.

So why hasn’t it happened yet?

The biggest roadblock is supply. A truly connected world needs a colossal volume of chips. But we’re not talking about the advanced processors that power smartphones or autonomous vehicles – we’re talking about simpler, highly distributed, low-cost chips that can be embedded into everyday items.

These so-called ‘legacy’ chips – typically manufactured on 28nm or larger nodes – are anything but outdated. They’re critical to modern electronics, supporting high-performance processors and underpinning countless devices across consumer, industrial and automotive markets.

We saw just how vital they are during the COVID-19 pandemic. Shortages of these chips brought global manufacturing to a standstill, delaying everything from cars to home electronics. The ripple effects were felt across entire economies. As the number of smart devices scales, how to prevent a reoccurrence is an ever-present consideration.

So why not just build more chip factories?

Traditional fabs can’t meet future needs

Scaling legacy chip production is incredibly difficult. The equipment is aging and hard to replace. New fabs cost tens of billions and take years to build. And since mature-node chips don’t deliver the same profit margins as cutting-edge silicon, there’s little financial incentive to invest.

Even worse, legacy fabs are environmentally demanding. They consume vast amounts of energy and water. While next-gen fabs are built for sustainability, retrofitting legacy fabs to reduce their carbon footprint is expensive and complex.

To unlock true scale, we need a fundamentally different approach: one that’s faster, affordable, more flexible – and designed for sustainable, high-volume production.

Enter FlexICs

Flexible integrated circuits (FlexICs) are a new class of semiconductor: a chip that’s ultra-thin, physically flexible, and radically more sustainable.

Instead of traditional silicon wafers and high-temperature processing, FlexICs use thin-film technology and a low-energy manufacturing process. Think: less water, less energy, fewer harmful chemicals – and much faster turnaround.

This breakthrough unlocks a faster, more agile development cycle. Designs go from tape-out to volume production in weeks, not months. Costs are dramatically reduced. And it becomes viable to prototype, iterate and customize chips without the high stakes typically associated with silicon design.

Built for ubiquitous intelligence

This isn’t just a manufacturing story. It’s a transformation in how and where intelligence can be deployed.

FlexICs enable connectivity in places where traditional chips simply can’t go. Their ultra-thin, flexible form factor means they can be embedded directly into products or packaging, even on curved surfaces, delivering smarter, more connected experiences almost anywhere.

And they support standard communication protocols such as NFC, unlocking seamless, item-level intelligence for mass-market products – and the fastest digital connection between brands and their customers.

This embedded intelligence has multiple roles to play, from driving loyalty programs and exclusive content based on location or season, to product authentication, provenance information – or even facilitating improved reuse and recycling for a more circular economy.

It also offers a practical route for embedding real-time data collection into previously passive environments, whether that’s logistics chains, recycling systems, or agricultural operations.

Wherever you need intelligence, FlexICs bring it – sustainably, affordably, and at scale.

The future is flexible

But its goal isn’t about competing with silicon fabs. It’s about complementing them – addressing the unmet need for scalable, cost-effective, environmentally conscious production of the chips that will power the next wave of smart, connected systems.

We’re standing at the threshold of a hyperconnected future. But realizing that future depends on embedding intelligence at unprecedented scale. Flexible chips are the key to unlock that potential and make the vision of an interconnected world a reality.

We list the best performance management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro