TechRadar News

• Experts warn FIDO is not supported on certain clients when accessing Entra ID
• This triggers a fallback login mechanism that can be picked up
• Mitigations should be put in place, researchers say

FIDO-based authenticator apps are considered one of the strongest practical defenses against phishing and credential theft, but judging by Proofpoint’s latest research, it is not without its weaknesses.

The company's researchers say they have found a way to force a target to abandon FIDO-based authentication for a weaker login method which can be picked up in transit.

That way, despite being protected by industry-standard defenses, victims can still end up losing access to key accounts.

Missing security features

The “weakness” in this scenario is that not all browsers support FIDO. Safari on Windows, for example, is not compatible with FIDO-based authentication in Microsoft Entra ID, and when a user with such a setup tries logging in, they are offered an alternative - an SMS-delivered one-time password, email, or an OAuth consent prompt.

All of these can then be picked up via an Adversary-in-the-Middle attack (AitM), relayed to the attackers, and used to log into the account.

"This seemingly insignificant gap in functionality can be leveraged by attackers," Proofpoint said in its report.

"A threat actor can adjust the AiTM to spoof an unsupported user agent, which is not recognized by a FIDO implementation. Subsequently, the user would be forced to authenticate through a less secure method. This behavior, observed on Microsoft platforms, is a missing security measure."

So far, Proofpoint says there is no evidence that this method is being abused in the wild, and speculates that threat actors still rather target accounts without multi-factor authentication (MFA) in the first place.

However, as more and more businesses deploy this anti-phishing technique, working around FIDO-based authentication might catch on.

To minimize the risk, businesses should turn off alternative authentication methods for key accounts, or at least turning on additional checks when an alternative is triggered.

Via BleepingComputer

You might also like

• This Microsoft 365 phishing campaign can bypass MFA - here's what we know
• Take a look at our guide to the best endpoint protection tools around
• We've rounded up the best password managers

Cloud has become deeply embedded in how modern organizations operate. While the benefits are clear, the economics are becoming harder to navigate.

As businesses scale usage, questions are mounting about whether rising spend is still delivering proportional value. Gartner’s May 2025 trends report predicts that by 2028, one in four organizations will report dissatisfaction with their cloud outcomes.

This discontent reflects a growing distance between infrastructure and accountability, and the growing need for cloud governance to mature, before inefficiencies become embedded.

Designing for visibility, not just reporting

In many organizations, cost is still treated as a reporting outcome rather than something to shape. Spend is reviewed after deployment, leaving optimization efforts limited to what can be adjusted post-implementation.

Flexera’s 2025 State of the Cloud Report shows that a significant majority of organizations lack detailed visibility into their cloud costs, with only 43% tracking cloud costs at a unit level. This limited visibility hinders most teams’ ability to attribute costs to specific products, services or functions.

Our global data also shows that 34% of enterprises are spending more than $1 million monthly on SaaS. As SaaS adoption grows, so does the importance of managing software licensing costs, which can substantially impact cloud expenditures. Consequently, organizations must look for ways to optimize software license costs as they mature their cloud governance practices.

Visibility needs to move earlier in the decision chain, shaping how environments are constructed rather than rationalizing them after the fact. A shift left approach brings cost considerations – like infrastructure and software licensing costs - earlier into the product lifecycle, so that organizations can make more informed decisions about their cloud usage. By attributing these costs to specific products or services, organizations can gain a clearer understanding of their overall cloud spend.

By embedding cost insight into the architecture stage, organizations are able to steer usage intentionally. They can optimize cloud spend and build cloud environments that reflect business priorities as well as contribute to more sustainable cloud practices, minimizing their environmental footprint.

Bringing cost ownership to where decisions are made

Access to data does not guarantee accountability. Many organizations have detailed cost reporting but continue to struggle with cloud waste.

The issue here shifts from one of visibility towards one of proximity. Our data shows 59% of organizations have a FinOps team that does some or all cloud cost optimization tasks, yet in many cases, these teams still sit at the edge of delivery. So, while they can surface issues, they are often too removed from daily operations to intervene effectively.

The most effective models integrate cost ownership into delivery itself. This means that engineering leads, platform teams and product owners have oversight to take action before inefficiencies take hold.

As a result, when these roles are supported with relevant reporting and shared financial metrics, cost awareness becomes a natural part of the decision-making process. This makes it easier to adjust workloads, retire underutilized services, and optimize environments in-flight, rather than in hindsight.

Organizations with mature FinOps practices are better positioned to manage their cloud costs and reduce waste year over year. This improvement reflects a delivery culture where cost is treated as a design consideration.

Using attribution to prioritize what matters

Many organizations can report how much is being spent and on which services. Far fewer can explain how that spend supports outcomes the business cares about.

87% of organizations view cost efficiency as the primary measure of cloud success, up from 65% last year. This signals a shift in mindset that cloud is no longer assumed to be efficient by default, it must justify its footprint in context.

When cloud spend is tied to individual products, services or customer experiences, the conversation becomes more focused. Governing costs like software licensing ensures that licensing agreements are optimized and aligned with business needs.

Attribution helps shift cloud conversations away from usage and toward value. Taking a holistic approach to cost management not only helps in reducing waste but also contributes to more sustainable cloud practices, ultimately delivering both financial and environmental value.

Early discipline pays off at scale

Control is easiest to build before complexity sets in. The longer organizations delay embedding structure into cloud governance, the harder it becomes to retrofit later. Inconsistent tagging, ambiguous ownership and manual reporting all take time to correct once they are entrenched.

As 33% of global organizations now spend more than 12 million dollars annually on public cloud, this highlights how new services, accounts and tools can be introduced faster than the governance processes required to manage them.

It’s important to note that scaling effectively doesn’t mean avoiding complexity, but there is a need to manage it consistently.

Also, governance does not have to stand in the way of innovation. It can enable it, by improving confidence in decision making, and reducing the uncertainty that often undermines momentum.

Cloud is a system of interdependent decisions, each with its own financial implications. The ability to explain, anticipate and adjust these decisions draws the line between cloud as a delivery of value, or cloud as a cost center. As FinOps matures, designing for cost from the beginning and shifting cost conversations left is key to building cloud environments that scale with control.

We've featured the best cloud storage.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-proc

• Cisco Talos finds a new malware framework called PS1Bot
• The framework is distributed through malvertising and SEO poisoning
• PS1Bot can serve as an infostealer, keylogger, screen grabber, and more

Security researchers Cisco Talos have discovered a brand new malware framework which they say really goes the extra mile to infect a device.

PS1Bot can log keystrokes, grab cryptocurrency data, and persist on the compromised endpoint, among other things, the company's report says.

Complementing PS1Bot is a malvertising campaign, as well as SEO poisoning, which tricks unsuspecting victims into downloading the malware. Cisco Talos did not say what the theme of these ill-intentioned ads and pages are using, who the usual victims are, or how successful the campaign is.

Flexible and dangerous

They did say that whoever downloads the ZIP file can expect a JavaScript payload that acts as a dropper and pulls a scriptlet from an external server.

That scriptlet writes a PowerShell script to a file on disk and runs it. In turn, the PowerShell script contacts the threat actor’s command-and-control (C2) server, grabbing additional commands that transform the malware into whatever is necessary at the moment.

There are many things the framework can be turned into. It can serve as a reconnaissance tool, sharing with the attackers details about antivirus programs running on the computer, as well as basic system information.

It can serve as a screen capture or keylogger tool, relaying screenshots and keystrokes to the C2. It can also work as a wallet grabber, stealing cryptocurrency wallet information. Finally, it can persist on the device via a PowerShell script that launches automatically upon restart.

"The information stealer module implementation leverages wordlists embedded into the stealer to enumerate files containing passwords and seed phrases that can be used to access cryptocurrency wallets, which the stealer also attempts to exfiltrate from infected systems," Cisco Talos said.

"The modular nature of the implementation of this malware provides flexibility and enables the rapid deployment of updates or new functionality as needed."

You might also like

• This dangerous new malware is hitting Windows devices by hiding in games
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

Using a VPN service should not be an obstacle to effectively enforcing mandatory age verification checks, like those recently implemented in the UK.

This is the response coming from the Age Verification Providers Association (AVPA) to the surge in VPN demand across the UK since the new rules came into play. The surge has also raised the question of whether VPN tools would make the Online Safety Act implementation ineffective.

According to the AVPA, to remain compliant, digital services need to actively detect VPN usage and give users the option to either prove their age or their real location.

"No need to even consider banning VPNs"

"Some argue that because VPNs exist, any age assurance system will fail. This leads to the mistaken belief that age-restricted sites are exempt from compliance if users connect through a VPN. As we have argued before, this is not true," wrote the AVPA in a blog post.

The AVPA suggests that, once VPN traffic is detected, tech providers should look at behavioral clues to assess whether the user is a UK-based minor or an adult using the VPN for privacy. If they have reason to believe this may be a minor based in the UK, they should offer a choice to either verify their age or consent to one-time geolocation.

That said, the most reliable services for unblocking streaming platforms or censored content all implement obfuscation technologies to mask the fact that people are using these services.

All in all, however, "there are ways to detect and address circumvention, and there is no need to even consider banning VPNs outright," said AVPA experts.

Digital services using age assurance to remain compliant, can do so by detecting VPN use, assessing risk using behavioural clues, and giving flagged users the option to verify their age or prove their location.@peterkyle @FeryalClark @Ofcom https://t.co/ximdlDcj8R pic.twitter.com/lpBIMiVKVuAugust 10, 2025

The AVPA recommendations came after a debate kicked off in the UK over whether authorities could ban VPNs to ensure full compliance with the Online Safety Act.

UK Secretary of State for Science, Innovation and Technology, Peter Kyle, however, has insisted there are no such plans, despite the government looking "very closely" at how VPNs are being used.

This adds to what the Electronic Frontier Foundation (EFF) explained when discussing the privacy risks of US age verification laws.

As the EFF experts pointed out, your IP address isn't the only method online services use to track down your location. Providers may also use GPS tracking, web cookies, mobile ad IDs, tracking pixels, or device fingerprinting, making the use of VPNs way less effective.

What's behind UK VPN surge?

(Image credit: Getty Images)

A virtual private network (VPN) encrypts internet connections while spoofing the user's real IP address.

While both of these skills can help you boost your online privacy and security by minimizing the data traces you leave around the internet, IP-spoofing can also make you look as if you're browsing from a completely different country.

Proton VPN recorded an hourly increase of over 1,400% starting from midnight on the day mandatory age verification was enforced. AdGuard VPN also confirmed to TechRadar that sign-ups grew by 2.5 times in just a few days. Data from Top10VPN shows an ongoing surge in VPN demand of almost 2,000% since July 25, too.

Whether minors looking to evade age checks are behind these numbers or it's adults concerned for their privacy is impossible to know.

What's certain, however, is that the new rules have attracted a strong backlash so far amongst technologists, politicians, and everyday users alike, worried about the negative impact that age checks may have on their privacy, security, free speech, and access to information.

The UK regulator, Ofcom, is, nonetheless, strongly suggesting against VPN use to bypass age checks, arguing it will be illegal for platforms to encourage this – the BBC reported.

If you're concerned about sharing your most sensitive data to access content on the web, I recommend downloading only reliable services to protect yourself. At the time of writing, NordVPN is TechRadar's top pick. While if you don't want to pay for a subscription, Proton VPN and Privado VPN are today's best free VPN apps you can get.

You might also like

• Wikipedia loses UK Online Safety Act legal challenge, but it may still be safe from age checks
• The 10 biggest sites you didn't realise are impacted by age verification
• From face scans to credit checks: how UK age verification works and why it’s a privacy nightmare

Mainframes have always been the silent powerhouses of enterprise technology – quietly doing the heavy lifting behind the scenes. They’ve provided the backbone for some of the world’s most essential systems for decades. And today, they’re more relevant than ever. In fact, many of the most critical functions across industries still run on mainframes. Why? Because they deliver unmatched reliability, speed, and scale.

These systems can process millions of transactions in seconds, making them indispensable for organizations that demand consistency and speed. From database management to enterprise resource planning (ERP) and customer relationship management (CRM) systems, mainframes support the core processes that keep businesses running.

Their ability to handle massive data volumes with precision and minimal downtime makes them idea for industries like finance, travel and transportation, healthcare, and retail—where timing and accuracy are everything.

But the game is changing. Mainframes are no longer just transactional workhorses. With the integration of artificial intelligence (AI) and cloud technologies, they’re evolving into intelligent platforms—capable of not just running the business, but transforming it. AI is unlocking new value from mainframe environments, turning them into engines of insight, resilience, and innovation.

Stopping fraud before it happens

Mainframes are built for scale and security—two things that matter more than ever in today’s threat landscape. As digital fraud grows more sophisticated and regulatory pressure intensifies, businesses need systems that can keep up. Mainframes are meeting that challenge head-on.

By running AI models directly on the mainframe—where the data lives and transactions happen—organizations can analyze patterns in real time. That means faster fraud detection, quicker triage, and smarter responses. No data movement. No latency. Just immediate action.

This same approach is streamlining other high-value processes, too. AI is accelerating loan modifications, automating credit decisions, and embedding intelligence into every customer interaction. It’s not just about stopping fraud—it’s about making smarter, faster decisions across the board.

Your AI-driven development partner

Mainframes are also evolving to meet the demands of modern development. As digital operations grow more complex and skilled talent becomes hard to find, AI is helping bridge the gap.

Mainframe applications, with their monolithic and deeply layered architectures, can be tough to navigate. They’ve been built over decades, often in legacy languages like COBOL, and that complexity makes them hard to understand, modify, or maintain—especially as experienced developers become harder to find.

That’s where AI steps in. By embedding AI directly into the mainframe development process, organizations can proactively identify service issues, streamline workflows, and allocate resources more effectively. AI doesn’t just assist—it accelerates.

It’s especially powerful when it comes to understanding and modernizing existing codebases. As the pool of developers fluent in older languages continues to shrink, AI can automate code restructuring, ensuring updates are made quickly, cleanly, and without introducing risk. It can also validate translated code—so when applications are migrated from one language to another, the new version performs exactly as it should, with no surprises and no logic gaps.

By automating these time-consuming, repetitive tasks, AI frees up developers to focus on what really matters: solving complex problems, driving innovation, and delivering value.

An operational strategy for the future

Even minor IT disruptions can lead to major consequences – downtime, lost revenue, and reputation damage. That’s why integrating AI into mainframe operations is a smart move.

AI enables IT teams to anticipate issues before they escalate. It helps identify patterns, predict failures, and take pre-emptive action. Ultimately, this leads to faster recover times, improved system reliability, and stronger business continuity.

Seeing the bigger picture

The future of mainframes lies in their ability to evolve—and AI is accelerating that evolution. By integrating AI technologies, organizations are transforming mainframes from transactional engines into strategic platforms.

This combination of trusted infrastructure and modern intelligence allows businesses to extract deeper, more actionable insights from the data they already generate. It’s a powerful shift that improves decision-making and enables smarter, faster strategies.

AI enhances performance, can strengthen security, and deliver real-time intelligence that helps organizations stay competitive and resilient. It’s not just about keeping systems running—it’s about using them to drive innovation, efficiency, and growth.

The opportunity is here. The time to act is now.

We've featured the best AI website builder.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Following an 18-month ban, Blood Oxygen tracking is coming back to the Apple Watch Series 9, Series 10, and Ultra 2
• It's not an entirely on-device experience anymore, though
• The Apple Watch still measures Blood Oxygen, but the iPhone will calculate and display the final result

It’s been a long 18 months, but Apple’s announced that Blood Oxygen tracking and monitoring are returning to the Apple Watch Series 9, Series 10, and Ultra 2 in the United States.

The feature was disabled and effectively banned on the Series 9 and Ultra 2 – then the Series 10, which launched later – after a ruling in January 2024 due to a patent dispute over the technology being used between Massimo and Apple. Now, thanks to iOS 18.6.1 and watchOS 11.6.1, which will roll out later today, the feature is returning in a ‘redesigned’ form.

In its new iteration, the Apple Watch Series 9, Series 10, and Ultra 2’s sensors can take a reading, then transmit the data to the connected iPhone, where it will be calculated and displayed in the Health app under ‘Respiratory’ readings.

So no, you won’t be able to take the reading, watch as it progresses, and then view the results right on your wrist, as you could before. Still, this does effectively return the tracking and monitoring functionality to the impacted Apple Watch models in the United States.

In a statement shared, Apple explains the changes as:

“Users with these models in the U.S. who currently do not have the Blood Oxygen feature will have access to the redesigned Blood Oxygen feature by updating their paired iPhone to iOS 18.6.1, and their Apple Watch to watchOS 11.6.1. Following this update, sensor data from the Blood Oxygen app on Apple Watch will be measured and calculated on the paired iPhone, and results can be viewed in the Respiratory section of the Health app. This update was enabled by a recent U.S. Customs ruling.”

The U.S. Customs ruling is key here, as this will return the feature to the Apple Watches sold when the ban began and was subsequently enforced. If you still have an older Apple Watch, or one sold prior to January 2024, the Blood Oxygen functionality remains unimpacted and won’t be changed. That also goes for any models sold outside of the United States, which have been unimpacted by this ruling.

Still, this does return the Blood Oxygen feature to the Apple Watch, even if it splits the experience between watch and phone. But this separation is likely key to having this allowed and approved by U.S. Customs.

(Image credit: Future / Lance Ulanoff)

For those who have purchased an Apple Watch Series 9, 10, or Ultra 2 in those many months, this is a return to form and rounding out of the health tracking features on Apple’s star wearable in the United States. Even in our Apple Watch Series 10 review, we noted that the Blood Oxygen tracking feature was missing in the US.

Apple has a pretty smart rollout here, and considering rumors of further pushes into health features that we might see with future generations of Apple Watch models, it might be helpful to have these readings going straight into the Health app. Either route, though, if you’ve been waiting for Blood Oxygen tracking to return, it’s back, but you’ll want to make sure your iPhone is nearby if you want to see the results.

While Apple has not shared an exact timing for the rollouts of iOS 18.6.1 and watchOS 11.6.1, it has promised to arrive today – August 14, 2025 – in the United States, and we’ll update this piece when we see it rolling out.

You might also like

• Constantly dismissing notifications on your Apple Watch? You’re going to love Apple’s watchOS 26 latest gesture
• I'm a fitness tracker expert, and here are my top 3 subscription-free picks for 2025
• Garmin Venu X1 review: The most innovative Garmin watch in years, and a genuine Apple Watch Ultra rival

Have you ever tried reading an iMessage thread exported into an email? It’s like viewing your Instagram feed through an A4 binder.

Welcome to the reality many compliance teams face today: digital conversations that look nothing like the originals, stripped of context and flattened into disorienting formats. That’s a problem, as regulatory reviews require not just the message, but the full story.

That story lives in native data. If you’re not capturing it, you’re already a step behind.

What is native data, and why should you care?

Native data means capturing communications exactly as they happened, in their original environment, with every bit of context intact. That includes:

• Timestamps and delivery receipts
• Message order and full threading
• Reactions, emojis, and edits
• Attachments, formatting, and metadata

It doesn’t matter whether the conversation happened over Slack, WhatsApp, SMS, iMessage, Teams, or somewhere else entirely. Suppose you're reviewing those messages out of order or in a restructured format (looking at you, exported email chains). In that case, you're missing more than just convenience - you're losing critical details that are essential for an accurate compliance review.

Native capture isn’t about bells and whistles - quite the opposite. It’s about authentically recreating the conversation that has taken place, ensuring accuracy, auditability, and trust.

The risk of non-native capture

When messages are exported, summarized, or reformatted, a lot gets lost in translation:

• Threads break apart. You review individual communications without any indication of how they relate. This can completely shift the meaning associated with each message.
• Reactions disappear. A thumbs-up to a risky comment? Gone.
• Edits vanish. There’s no way to tell what was changed, or when.
• Timestamps warp. Or worse, they’re missing altogether.
• The message gets jammed into an email that appears to have been written by a robot.

This kind of context stripping isn’t just frustrating, it’s dangerous. Reviewers are forced into manual reconstruction mode, which slows down investigations, adds more scope for human error, and increases the risk of missing critical signs of misconduct. It also makes audits significantly harder to defend.

When firms struggle to explain key interactions to regulators - because the records were incomplete or misaligned with the original user experience - that’s more than just a gap. It’s a compliance liability.

Why native matters for investigations

When compliance teams investigate digital communications, they shouldn’t have to rebuild conversations manually from raw exports. That’s not oversight, it’s archaeology.

With native capture, the full conversation is laid out as it actually occurred. Messages are threaded. Metadata is intact. Reactions, edits, and attachments are all right where they belong.

This dramatically reduces the time spent hunting for context, and eliminates the need to second-guess what was meant. It also cuts down on false positives, enabling faster, clearer decision-making. When regulators come knocking, you can confidently hand over records that are complete, verifiable, and defensible.

What native capture enables

Native capture isn’t just a compliance checkbox - it’s a strategic enabler. When your team has access to fully native, context-rich communications, there is nothing to decipher. You gain real-time oversight rather than relying on after-the-fact deductions. Investigations become faster and smoother, with fewer bottlenecks slowing you down.

Native capture also fosters alignment across teams. Whether Legal, Risk, or Marketing, everyone is working from the same trusted source of truth. This shared clarity builds confidence when facing regulators, internal stakeholders, or legal scrutiny.

Ultimately, native capture provides the clarity compliance leaders need to shift from reactive firefighting to proactive management, without burning out their teams.

What to ask your vendor

If you’re wondering whether your current system is truly native, here’s a quick litmus test:

• What formats are you capturing in?
• Can you view the conversation exactly as it looked to the sender and recipient?
• Do you preserve full threading: message order, reactions, and edits?
• Is metadata (like timestamps and user IDs) retained and searchable?
• Can you use the captured data downstream for reports, escalations, audits?

Be wary if your system depends on exported spreadsheets or emails, or offers only “summary” logs instead of complete conversations. If threading and reactions aren’t visible, or if there’s no way to replay or faithfully reconstruct the original user experience, these are clear red flags.

If you’re encountering these issues, you’re not just wasting time. You’re risking your entire compliance defensibility.

Context is the new compliance currency

Today’s digital conversations move fast, flow across platforms, and rarely follow a script. Compliance can't afford to fall behind or work blindly. Native capture isn’t a luxury; it’s the new baseline. Without it, you’re not just making life harder for your team - you’re accepting risk you can’t afford.

Ask yourself: Are you capturing the full story thread, edits, reactions and all? Or just a flattened transcript that leaves too much unsaid? Because in compliance, as in conversation, it’s what’s between the lines that often matters most.

We've featured the best small business software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

I've been reviewing vacuum cleaners at TechRadar for the past 18 months, during which time I've tested some of the very best vacuum cleaners money can buy, from vacuums that that can empty themselves, and vacuums that can tell you exactly what they're sucking up, to vacuums with lasers.

And while all of those vacuums are impressive, I'll concede that what most people want is a vacuum that does a good job of cleaning their floors, is comfortable to use, and – crucially – doesn't require them to take out a loan in order to purchase it.

Broadly speaking, you do get what you pay for with vacuum cleaners, so if you can I'd steer clear of the ultra-cheap end of the market. However, there are some real hidden gems in the budget bracket. Read on for a closer look at my favorite cheap vacuum cleaner – the one I recommend to my thrifty friends and family members – plus three great-value alternatives to consider if my top pick doesn't take your fancy.

This article focuses on US picks – click here for UK recommendations.

My #1 cheap vacuum cleaner in the US

(Image credit: Future)

The Shark Stratos Corded Stick vacuum is well designed, with suction powerful enough to clear vast amounts of dog hair from our tester's carpets. The supplied attachments are useful, and the modular design means this vacuum can be used in a number of configurations for different cleaning tasks.

At full price it's a relatively affordable $299.99, but deals crop up fairly regularly, and right now you can snap one up for a bargain $179.99 - and with that price cut, it's incredible value for money.

Various special features help elevate it well above what I'd expect for that budget-friendly price. The floorhead has LED lights to help illuminate dark corners, and is designed so that hair won't tangle around the brushroll. There's also an odor-neutralizer cartridge, which won over our tester by leaving his carpets smelling lovely and fresh.

A big reason why this vacuum is so cheap is because it's corded. In a world of mostly cordless vacuums, that can seem old-fashioned and inconvenient, but there are benefits to going corded that go beyond just price. The suction is almost always far superior to what you'd get on a cordless model, plus corded vacuums tend to last longer in general, so you're getting a better return on your investment. And, of course you'll never run out of juice, either. If having a cord is a deal-breaker, I've included three great cheap, cordless alternatives below.

Alternatives to consider...

Not sold on the Shark Corded? Here are three alternatives that also impressed me by punching well above their diminutive price tags.

Dreame R20

The Dreame R20 is my favorite cordless vacuum overall – and not just in the budget bracket. It's powerful, lightweight and maneuverable, with advanced extras like automatic suction adjustment and a special head for hard flooring. The runtimes are long, too.

Read our full Dreame R20 review

Shark Detect Pro Cordless

It's less powerful than the corded Stratos, but the Detect Pro is nimble and lightweight, with clever detection and automation features. You can also opt for a version with an auto-empty dock, although that costs a little more.

Read our full Shark Detect Pro cordless review

Dyson V8

It's not cheap in the wider market, coming in around $360 with current deals, but this is the cheapest Dyson vacuum. You're getting that premium build quality and meticulous engineering, plus it's lightweight and versatile.

Read our full Dyson V8 review

Looking for a different day?

A new NYT Connections puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Thursday's puzzle instead then click here: NYT Connections hints and answers for Thursday, August 14 (game #795).

Good morning! Let's play Connections, the NYT's clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need Connections hints.

What should you do once you've finished? Why, play some more word games of course. I've also got daily Strands hints and answers and Quordle hints and answers articles if you need help for those too, while Marc's Wordle today page covers the original viral word game.

SPOILER WARNING: Information about NYT Connections today is below, so don't read on if you don't want to know the answers.

NYT Connections today (game #796) - today's words

(Image credit: New York Times)

Today's NYT Connections words are…

• TAKE CARE OF
• HAZE
• PAY
• РЕС
• FOOT
• FINE
• CASH
• THIGH
• BREAST
• МАС
• CAPITAL
• TENDER
• GRAND
• WING
• SETTLE
• BRILLIANT

NYT Connections today (game #796) - hint #1 - group hints

What are some clues for today's NYT Connections groups?

• YELLOW: Chicken pieces
• GREEN: Sorting the check 
• BLUE: Superb
• PURPLE: Partially fancy snacks

Need more clues?

We're firmly in spoiler territory now, but read on if you want to know what the four theme answers are for today's NYT Connections puzzles…

NYT Connections today (game #796) - hint #2 - group answers

What are the answers for today's NYT Connections groups?

• YELLOW: POULTRY CUTS 
• GREEN: HANDLE, AS A BILL 
• BLUE: SPLENDID
• PURPLE: STARTS OF CULINARY NUTS 

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Connections today (game #796) - the answers

(Image credit: New York Times)

The answers to today's Connections, game #796, are…

• YELLOW: POULTRY CUTS BREAST, TENDER, THIGH, WING
• GREEN: HANDLE, AS A BILL FOOT, PAY, SETTLE, TAKE CARE OF
• BLUE: SPLENDID BRILLIANT, CAPITAL, FINE, GRAND
• PURPLE: STARTS OF CULINARY NUTS CASH, HAZE, MAC, PEC

• My rating: Hard
• My score: 1 mistake

The tile that read TAKE CARE OF stood out so much I honed in on finding common words to link to it.

I’m sure I wasn’t the only one who did this and I’m also sure I wasn’t the only person to wonder about the phrase “FOOT the bill”. It comes from adding up a column of figures at the bottom of a page rather than anything to do with our feet.

My mistake came in thinking that CASH, CAPITAL, GRAND and TENDER were all expressions for money. I got “one away” but switched my attention to the far more obvious collection of POULTRY CUTS.

I love nuts, but even after the answers were revealed I struggled to think what PEC could be referring to. Are Pecan nuts culinary? I thought they were a poor man’s walnut.

Yesterday's NYT Connections answers (Thursday, August 14, game #795)

• YELLOW: DERRIERE BACKSIDE, CABOOSE, SEAT, TAIL
• GREEN: USED TO HIT A BALL IN SPORTS BAT, MALLET, RACKET, STICK
• BLUE: COMPONENTS OF A BRIDE'S ENSEMBLE BOUQUET, BUSTLE, TRAIN, VEIL
• PURPLE: RHYMING COMPOUND WORDS BACKPACK, NITWIT, COOKBOOK, HUBUB

What is NYT Connections?

NYT Connections is one of several increasingly popular word games made by the New York Times. It challenges you to find groups of four items that share something in common, and each group has a different difficulty level: green is easy, yellow a little harder, blue often quite tough and purple usually very difficult.

On the plus side, you don't technically need to solve the final one, as you'll be able to answer that one by a process of elimination. What's more, you can make up to four mistakes, which gives you a little bit of breathing room.

It's a little more involved than something like Wordle, however, and there are plenty of opportunities for the game to trip you up with tricks. For instance, watch out for homophones and other word games that could disguise the answers.

It's playable for free via the NYT Games site on desktop or mobile.

• A collection of new leaked DJI Mini 5 Pro photos has been released
• “C0” sticker suggests it will be the first sub-249g drone with a 1-inch sensor
• Battery appears to be the same as that used by DJI Mini 4 Pro and Mini 3 Pro

A new set of leaked photos of the DJI Mini 5 Pro have arrived, bringing with them a whole heap of new information about the upcoming ultra-lightweight drone.

Following on from the leaked render and specs that emerged earlier this month, this set of photos, shared on X (formerly Twitter) and DroneXL by trusted drone tipster Jasper Ellens, appear to show the actual drone itself from a variety of angles.

Some exclusive new pictures from my friends today. Revealing multiple secrets on the #Mini5Pro. It seems DJI managed to pull off the unthinkable: a sub 249 gram #C0 consumer 1 inch camera drone. They actually made it happen! Cheers Jasperhttps://t.co/OOUwzGuLGCAugust 13, 2025

These new views of the DJI Mini 5 Pro appear to reveal a few key details about the drone, such as the fact that it’ll use the exact same batteries as the Mini 4 Pro and Mini 3 Pro – great news for people who already own one or both of those models.

More exciting, though, is the presence of a “C0” class sticker on the bottom of the drone. Assuming this is real, it’s confirmation that the Mini 5 Pro will still weigh less than 250g.

While this couldn’t be called surprising news – after all, sub-250g weight has long been one of the key selling points of the Mini series – it’s great to see that the Mini 5 Pro’s purported new features like LiDAR and a camera with a 1-inch sensor haven’t tipped it into the C1 class.

Personally, I see getting a 1-inch sensor on a sub-250g drone as a huge achievement for DJI; having DJI Air-levels of imaging performance on a drone that can be flown with far less fuss, at least here in the UK where I live, makes it a truly exciting prospect.

If the leaked info turns out to be correct, I can definitely see the DJI Mini 5 Pro being my next go-to drone for day-to-day aerial photography and videography.

Secret button?

(Image credit: DJI)

One last intriguing detail from the new leaks is the presence of what looks like a small button on the side of the drone.

What this might do remains a mystery, but one potential theory is that it will launch the drone when there’s no controller present. This could give it similar selfie shooting capabilities to the DJI Flip or DJI Neo, allowing users to unfold it, launch it from their hand to take a quick clip or photo before having it return automatically – no controller or even smartphone required.

With these latest pieces of info added to what we’ve already heard, we can now build up a pretty clear image of how the Mini 5 Pro might look spec-wise.

• DJI Mini 5 Pro rumored specs
• 1-inch image sensor supporting up to 4K 120fps video
• 24mm lens with f/1.8 aperture
• 48mm medium telephoto shooting mode
• Gimbal supporting 225º movement, including vertical shooting
• Forward-facing LiDAR and omnidirectional infrared vision sensors
• 36-minute battery life

That’s an impressive set of specs for a small folding drone, and I’m very much looking forward to getting confirmation when DJI finally gets around to officially launching the Mini 5 Pro.

Rumor has it this will be happening in September 2025, which is getting nearer and nearer. Check back for more news in the coming weeks.

You might also like

• DJI Mini 5 Pro leaks give us our first glimpse of the beginner drone and a potential release date – here’s what we know
• I tested DJI’s impressive first 360 camera, but Insta360 still has the edge
• DJI’s first robot vacuum gets launch date in official teaser – and it looks like the Romo is arriving sooner than expected

• Football Manager 26 has been announced with a Match Day teaser trailer
• The footage provides our first look at the game running on the Unity engine
• Football Manager 26's announcement comes after the cancellation of Football Manager 25

Sega and Sports Interactive have unveiled the first look at Football Manager 26, showcasing the game running on the Unity engine.

Following the cancellation of Football Manager 25, the sports series has made a surprise return with the announcement of Football Manager 26 in a short trailer teasing a 'Match Day first look' coming soon.

The trailer features live-action scenes filmed of the Match Day experience through the lens of the official Premier League license, but also provides a first look at some rendered footage running on the Unity engine.

However, the video does note that "actual game footage - not final".

In a press release, Sega said, "FM26 promises to take players on a journey to define their footballing destiny with our most immersive and visually rich Football Manager experience yet. The potential for storytelling is redefined by taking players closer to the heart of the beautiful game."

A website is also live, displaying the announcement trailer and text that reads, "Back. Better. Building for the season ahead. FM26 Match Day First Look. Coming Soon."

There's no release date just yet, but Sega has previously revealed in its internal sales showing its launch roadmap that it has plans to release FM26 in Fall 2025.

Understandably, fans of the series are excited about the announcement, as evident by the replies to the X / Twitter post, now that there's confirmation that FM26 hasn't been canned, just like FM25.

Football Manager 25 was canceled in February after it was delayed twice, with Sports Interactive stating that it "hasn't achieved what we set out to do."

At the time, the developer said it couldn't release the game in its current state and would "shift our focus to the next release."

You might also like...

• The Nintendo Switch 2 is the company’s least ambitious console to date, but its improvements are astronomical
• Assassin's Creed Shadows devs tease the return of some past series lore, including the Assassin vs. Templar conflict, the Isu, and a modern-day storyline – 'You can expect it to be expanded at some point, in some fashion'
• Monster Hunter Wilds patch notes reveal a new endgame expansion, 9-star monsters and additional stability fixes for PC

• YouTube has officially rolled out age verification checks to US users
• The service will use AI to determine your age
• If it detects you're under 18, you'll have to verify your age by submitting a credit card or government ID

YouTube has officially launched its AI-based age checks in the US, following the introduction of online age verification checks in the UK, which aim to shield young people from viewing adult content. Since its widespread rollout came into effect, it’s been met with a slew of backlash, and users are furious.

The main reason why users are concerned with YouTube’s new age check process is down to the age-estimation model itself, which the company announced will "use AI to interpret a variety of signals that help us to determine whether a user is over or under 18". But how will it work?

YouTube’s AI model will use ‘signals’ to detect whether a user is under or over the age of 18, which include the longevity of the account, the types of videos a user searches for, and the categories of videos they’ve already watched.

If YouTube detects you’re underage, it will restrict your account by disabling personalized advertising, turning on digital wellbeing tools, and limiting repetitive views of some kinds of content, despite the age you’ve set on your account. If you’re falsely estimated to be under 18, you’ll have to verify your age by submitting a credit card or government ID.

YouTube hasn't stated how this AI model will receive data from those trying to verify their age, nor how the data will be stored, which has sparked fears of possible data leaks.

Widespread frustration

Although it’s early days into YouTube’s new AI age checks, users are already taking measures to stop them. On Tuesday, a Change.org petition was published and has grown exponentially, reaching over 90,000 signatures so far.

The petition reads "this isn’t just about age restriction – it’s about mass surveillance and data control", but that’s not the only reason why users are angry. One Reddit post has sparked widespread conversation about YouTube’s new age checks, garnering 1.8k responses.

Oh my GOD, it's happening from r/youtube

Aside from data control concerns, the question as to whether YouTube is a host for ‘real’ adult content is another conversation furious users are having (see below). This was also raised when Spotify introduced its face-scanning age checks in the UK, another service that - despite not hosting X-rated content - hosts podcasts that may be deemed of mature nature.

Comment from r/youtube

While YouTube is very much on it with flagging adult-leaning content, this can affect videos such as movie and game trailers, which are watched by users of all ages. With the new age checks in place, some content in this category won’t be available to watch if you haven’t logged in, as one user has shared.

Comment from r/youtube

How do you feel about YouTube’s new age verification checks? Share your thoughts with us in the comments.

You might also like

• Over 450,000 Brits want to repeal the UK Online Safety Act – here's how to have your say
• What happens to your data when you verify your age – and what are the risks?
• The rise of AI on YouTube is changing the platform I grew up with, and not for the better

• Proton said the company has begun moving some of its physical infrastructure out of Switzerland for fear of the new proposed surveillance law
• Lumo, the company's newly launched privacy-first AI chatbot, is the first product to move
• An amendment to the current surveillance law would require VPNs and messaging apps to identify and retain user data

Proton has confirmed the company has begun moving out of Switzerland due to "legal uncertainty" over the newly proposed surveillance law.

Proton's newly launched privacy-first AI chatbot, Lumo, has become the first product to change home yet, "investing in Europe does not equate to leaving Switzerland," a company spokesperson told TechRadar, amid rumors it's exiting the country for good.

The firm behind one of the best VPN and encrypted email services has been very critical of the Swiss government’s proposed amendment of its surveillance law since the beginning, already sharing plans to quit Switzerland back in May.

If it passes, the Ordinance on the Surveillance of Correspondence by Post and Telecommunications (OSCPT) will introduce new obligations for virtual private networks (VPNs), messaging apps, and social networks. These measures include mandatory user identification and data retention of up to six months for all services with at least 5,000 users. Providers will also be required to decrypt the communication upon the authorities' request should they own encryption keys.

Lumo – the first to go

(Image credit: Proton)

Proton launched its ChatGPT competitor, Lumo, in July 2025, to give its users an alternative to Big Tech solutions that truly protect their privacy.

In a blog post about the launch, Proton's Head of Anti-Abuse and Account Security, Eamonn Maguire, explains that the company has decided to invest outside Switzerland for fear of the looming legal changes.

He wrote: "Because of legal uncertainty around Swiss government proposals to introduce mass surveillance – proposals that have been outlawed in the EU – Proton is moving most of its physical infrastructure out of Switzerland. Lumo will be the first product to move."

Talking to a Swiss publication after the launch, Proton's CEO Andy Yen confirmed that the proposed changes to the Swiss surveillance law made the company opt for Germany instead to host Lumo's servers. Proton has also confirmed it's also developing facilities in Norway.

While the company did not specify that Germany would become the new home of the majority of its infrastructure, Proton confirmed to TechRadar that investing in Europe doesn't equate to leaving Switzerland.

It's worth noting, however, that being based in the EU could make Proton, and similar companies, vulnerable to wider data retention or scanning obligations if proposals like the so-called ProtectEU or Chat Control were to pass.

We approached Proton for clarification on this point, but are still waiting for a reply at the time of publication.

What's next for the Swiss tech privacy industry?

Proton isn't the only provider that has been vocal against what critics have deemed Switzerland's "war against online anonymity."

Another VPN provider, NymVPN, confirmed back in May its intentions to leave Switzerland if the new surveillance rules are enforced.

Talking to TechRadar, Nym's co-founder and COO, Alexis Roussel, shares support for Proton's decision to find a new home for its private AI chatbot.

He said, "Proton is in a position that they are expanding, so it totally makes sense. You cannot invest in privacy in Switzerland right now."

Roussel also confirmed to TechRadar that the company has already developed a strategy to move its VPN activities outside Switzerland and the EU. Yet, this remains the last resort.

He also explains that the fact that Nym works on a decentralised infrastructure means that it won't be affected by the encryption provision, as the company doesn't hold any encryption keys.

"Depending on how they modify things within the law, this will affect our decision to move. But we would like to resist the ordinance until the end and go to the tribunal," said Roussel.

As reported by Cyberinsider, also secure and private messaging app Session said that, "while keeping a close eye on the situation," its decentralized structure means its services are less vulnerable to the changes.

You might also like

• Windscribe CEO speaks out against global threats to no-log VPNs
• Encryption backdoors: privacy can be misused, "but the cost of a world without is so much higher"
• "A win for privacy" – Florida rejects the encryption backdoor law for social media

• The iPhone 17 Pro will reportedly cost $50 more than the iPhone 16 Pro
• However, it's also said to start with twice as much storage
• Based on this and other leaks, we've predicted pricing for every iPhone 17, iPhone 17 Pro, and iPhone 17 Pro Max configuration

It’s now looking very likely that the iPhone 17 series – and in particular the iPhone 17 Pro – will cost more than the iPhone 16 series, with the latest leak pointing to a $50 price increase for the iPhone 17 Pro.

This tip comes from leaker Instant Digital (via MacRumors), and they’ve actually made the same iPhone 17 Pro price rise claim before. So, they're just reiterating it here, but this shows that they’re still confident in its accuracy. It’s not all bad news, either, as Instant Digital additionally states that there won’t be a 128GB model, so you’ll be getting 256GB for your money instead.

At $50 more than the current 128GB iPhone 16 Pro, the iPhone 17 Pro would start at $1,049, but again, that’s with 256GB of storage, and since the 256GB iPhone 16 Pro costs $1,099, that could actually be seen as a price decrease for the iPhone 17 Pro – at least for anyone who wants 256GB.

Predicting the other prices

This gives us some indication of what the other models and configurations might cost, but the same source (and others) have previously said to expect a $50 price increase across the board.

In which case, assuming the iPhone 17 Pro is the only phone to be getting a storage bump, prices might look like what you can see in the chart below.

Storage

iPhone 17

iPhone 17 Pro

iPhone 17 Pro Max

128GB

$849

N/A

N/A

256GB

$949

$1,049

$1,249

512GB

$1,149

$1,349

$1,449

1TB

N/A

$1,549

$1,649

Note that we haven’t included the iPhone 17 Air since this is a totally new model, so there’s no price history to work with. Mind you, there's a good chance that it'll have a similar price to the iPhone 16 Plus – or perhaps cost $50 more, in line with what we’re hearing about the other iPhone 17 models.

In any case, we’d take all of this with a pinch of salt, but with Trump’s tariffs increasing production costs, it seems likely that the iPhone 17 series will cost more than the current models anyway.

We should find out in September, with leaks suggesting September 9 could be the date when Apple will announce the iPhone 17 series.

You might also like

• iPhone 17 Air leak reveals what it might lack compared to the iPhone 17 Pro – and I think that's too big a compromise
• 'This looks hideous': the iPhone 17 Pro has been shown off in a new orange shade that you’re going to either love or hate
• New iPhone 17 rumors tease pricing and colors – and there's good news and bad news

• Razer's Wolverine V3 Pro 8K PC has been released, an evolution of the Wolverine V3 Pro controller
• The controller features Razer’s 8000 Hz HyperPolling tech, which is also offered in Razer's impressive Viper 8K gaming mouse, for the best input response
• A Razer Wolverine V3 Tournament Edition 8K PC is also available for purchase

Razer has announced the launch of its Wolverine V3 Pro 8K PC, a next-generation controller built specifically for PC gaming and featuring new improvements.

As the next evolution of the Wolverine V3 Pro controller, this latest model features Razer’s 8000 Hz HyperPolling technology for both wired and wireless gaming, which should offer an impressive "near-instantaneous" input response for first-person shooter (FPS) gaming.

This tech was also present in Razer's excellent Viper 8K gaming mouse, one of the fastest, most responsive gaming mice TechRadar has ever seen.

The Wolverine V3 Pro 8K PC also offers TMR (Tunnel Magnetoresistance) Thumbsticks with swappable caps and provides anti-drift performance and long-lasting durability, which is a must for pinpoint accuracy in FPS games.

It's also Razer's lightest wireless esports controller to date, featuring an ergonomic shape that reduces hand fatigue during long gaming sessions, four mouse click back buttons, and two claw grip bumpers that are fully remappable, Razer Pro HyperTriggers, and more.

The controller also comes packaged with a carrying case and a 2m braided cable for portability.

"PC gamers have long demanded a controller that doesn’t compromise on speed, precision, or customization," said Nick Bourne, head of mobile and console division at Razer. "With the Wolverine V3 Pro 8K PC, we’ve delivered exactly that — a controller built specifically for the PC ecosystem.

"From the industry’s fastest polling rate to our lightest wireless form factor, this is the definitive device for competitive PC players who want every advantage."

Razer is also launching the Razer Wolverine V3 Tournament Edition 8K PC, a wired variant offering the aforementioned features "designed for players who demand uncompromising performance and zero-latency input."

"Engineered with the same elite-level features as its wireless counterpart, the Tournament Edition delivers precision and responsiveness through a direct wired connection, making it the ideal choice for competitive gamers," Razer said.

The Razer Wolverine V3 Pro 8K PC is now available for purchase at $199.99 / £179.99 GBP, while the Razer Wolverine V3 Tournament Edition 8K PC will cost $119.99 / £99.99 GBP.

You might also like...

• Best PC controllers in 2025: top gamepads from GameSir, Thrustmaster and more
• The Nintendo Switch 2 is the company’s least ambitious console to date, but its improvements are astronomical
• Monster Hunter Wilds patch notes reveal a new endgame expansion, 9-star monsters and additional stability fixes for PC

• Universal Print anywhere, or pull printing, is now generally available for Microsoft 365
• Users authenticate print jobs when they arrive at their chosen printer
• It avoids privacy blunders and waste from duplicates

Microsoft has released 'Universal Print anywhere' for all Microsoft 365 organizations at no extra cost, all in a bid to improve security by avoiding erroneous prints to wrong locations.

The company's Nishant Lakhanpal explained in a blog post that users can "print securely from any location and retrieve their documents at any printer" – a feature which has become known as 'pull print'.

It means that users will have to authorize print jobs once they arrive at their chosen printer, meaning important or private documents won't automatically print and end up in unwanted hands.

Microsoft brings pull printing to all eligible users

The feature works by sending print jobs without selecting a specific printer in advance, so documents can be retrieved from any registered corporate printer by authenticating on the device. It also saves users from having to trawl through long printer lists to find the right printer – which often leads to mistakes.

"Universal Print anywhere ensures that confidential documents are never left on printers for unauthorized viewing," Lakhanpal wrote.

Apart from the security benefits, Microsoft also notes that pull printing helps to reduce waste by avoiding duplicate printing caused by forgotten or uncollected print jobs.

"The feature is included with your existing Universal Print licensing at no additional cost," Microsoft confirmed.

Handily, Universal Print anywhere works across Windows and macOS platforms, meaning that all employees can use the functionality without being bound to Microsoft's own operating system. To participate with Universal Print anywhere, admins must register printers to the network.

Looking ahead, Microsoft has also committed to extending Universal Print anywhere to even more OEMs to ensure maximum device compatibility and support.

You might also like

• Need an upgrade? We've listed the best all-in-one printers
• Check out the best business laptops and best mobile workstations
• Microsoft's new Windows tool will let you access your work PC, even if it's been hit in a cyberattack

• Windows 10 has a new update for August
• It rolls out the offer of extended support until October 2026 to everyone
• Microsoft has also fixed a bug that caused the sign-up process to crash

Windows 10's latest update is an important one in terms of the impending End of Life for the operating system, as it rolls out the offer of extended support (beyond October 2025) to all users – and fixes a bug that meant some people weren't able to successfully sign up for said offer.

Windows Latest noticed that the August update for Windows 10 (known as KB5063709) brings in the Extended Security Updates (ESU) option for everyone.

Some folks (a minority) have already had the ESU offer – which appears in the Windows Update panel – with a previous update, but the KB5063709 patch brings it to all Windows 10 PCs ahead of the October deadline for support ending.

For some of those who have already seen the ESU option, though – which fires up an enrollment wizard that facilitates signing up – there was a frustrating bug that meant the process didn't work.

As Windows Latest points out, that wizard was crashing (either immediately, or partway through the process) for some Windows 10 users, leaving them rather bewildered as to how they were going to get their extended support sorted.

However, we're told that Microsoft has resolved this issue with the August update, just in time for the wider rollout of the ESU.

Analysis: Wizard mended

(Image credit: Getty Images)

So, if you've previously tried to enroll for extended support using the ESU wizard in Windows Update but it was crashing – either becoming unresponsive, or bombing out entirely – try again after installing this new patch for Windows 10, an you should be okay, fingers crossed.

And if you've never seen the ESU offer and you were wondering where on earth it was, then check back in Windows Update after applying the August update. You should see the offer of extended support on the right-hand side of the Windows Update panel.

To remind you, there are a few choices as to how you can sign up for the ESU program, one of which is to pay $30 for the extra year of support it grants (through to October 2026). If you'd prefer to get extended support for free, you can do so using another choice, namely syncing your PC's settings to OneDrive (not your files, note – just the settings). A third option is to spend 1,000 Microsoft Rewards points, if you have that many.

It's also worth remembering that you'll need a Microsoft account to sign up for the ESU program.

You might also like

• Microsoft finally fixes one frustrating Windows 11 pop-up – just as a more irritating one arrives to take its place
• Microsoft promises to crack one of the biggest problems with Windows 11: slow performance
• Microsoft has all but given up on Windows 11 SE – and it looks like the war against Chromebooks has been lost

• Mimecast uncovers phishing campaign targeting the UK Home Office
• Accounts are being stolen through phishing emails and fake websites
• The fake sites are almost indistinguishable

A phishing campaign has been uncovered by Mimecast researchers targeting the Home Office Sponsorship Management System (SMS).

The main aim of the campaign appear to be to compromise access to accounts, which can then be sold on the dark web, extorting organizations through the theft of sensitive data, and creating fraudulent Certificates of Sponsorship (CoS).

The campaign doesn’t just affect organizations with sponsor license privileges, but threatens to undermine the entire UK immigration system.

UK Home Office at risk

The attackers begin the campaign by sending emails that closely resemble legitimate emails distributed by the Home Office, using the same branding and stylization. The emails include an urgent call to action that threatens account suspension if the user doesn’t log in.

The victims are guided to a fake login page via a captcha-gated URL that looks very similar to the legitimate URL used by the Home Office. After completing the captcha, the user lands on a cloned Home Office login page.

The only differences between the legitimate and illegitimate pages are in the form submission. The fake page directs credentials to an attacker-controlled script, where the exposed credentials can be used to log in to the victims account.

With the stolen accounts, the attackers can then create fake job offers and visa sponsorship schemes, and charge victims tens of thousands of pounds to access them.

The best protection against phishing campaigns such as this one is constant vigilance. Always double check URLs and be cautious of urgent calls to action.

A full list of the indicators from this phishing campaign can be found on the Mimecast blog.

You might also like

• These are the best secure email providers around today
• Take a look at the best web browsers to keep you safe
• A shocking number of businesses don't have cyber insurance - here's why you should fix that immediately

Watch Premier League on Peacock

NBC is the exclusive home network of the EPL in the US, wrapping up the rights until at least 2028. Every single game of the 2025/26 Premier League season is available to stream on Peacock – with many live as they happen – and you can watch them all online from anywhere with a VPN.

Season dates: August 15 2025 – May 24 2026

Stream every match: Peacock

Download a VPN to watch overseas

Sure as night follows day, the pinnacle of English football is back for another jam-packed season of 380 games between August and next May. Liverpool is the club with a target on its back, as Arsenal, Chelsea and usurped champions Man City all seek a way to get their hands on the iconic Premier League trophy.

This will also be the year that the likes of Aston Villa, Newcastle and Nottingham Forest all try to break the domination of the top four. And for Man United and Tottenham Hotspur – who finished 15th and 17th respectively last time out – it's going to be a season of refresh and rebuild in order to propel themselves back to the top half.

For promoted Burnley, Leeds and, back in the top flight after a decade away, Sunderland, it's all about survival. While Wolves, West Ham, Fulham and a newly homes Everton will all be desperate to be dragged into a relegation dogfight.

Regardless of who you're supporting this season, read on as we explain how to watch the Premier League on Peacock from anywhere in the world.

How to watch Premier League on Peacock in the US

All games of the 2025/26 EPL season will be streamed on Peacock, with many of the matches exclusive to the online platform or simulcast with NBC.

The Peacock price starts with the Premium plan at $10.99 a month and you can get 12 months for the price of 10 by opting for an annual subscription. This includes 4K streams and access to the entire Peacock catalog.

For an extra $6 per month you can upgrade to the ad-free Peacock Premium Plus, with which you also get the option to download shows to watch offline.

Note that EPL games chosen to be shown on the USA Network will not be live streamed on Peacock. You will have to wait until the next day to stream those matches in full.

How to watch Premier League on Peacock from anywhere

Peacock is only available to watch in the US, which means it won't work if you try to stream EPL soccer when overseas on business or vacation. However, you can always download a VPN to overcome these regional restrictions and access Peacock as normal when you're outside the US. You may be surprised how simple it is to do.

Watch Premier League on Peacock from anywhere with one of the best VPNs:

Editors Choice

NordVPN – get the world's best VPN
We regularly review all the biggest and best VPN providers and NordVPN is our #1 choice. It unblocked every streaming service in testing and it's very straightforward to use. Speed, security and 24/7 support available if you need – it's got it all.

The best value plan is the two-year deal which sets the price from $2.91 per month including four months free. There's also an all-important 30-day no-quibble refund.

- Try NordVPN 100% risk-free for 30 daysVIEW DEAL ON

• Love TV? Sign up to the weekly How To Watch newsletter

Where else can I watch Premier League in the US

EPL matches are shared between NBC-owned channels. A handful of games each gameweek will be shown on TV by NBC or the USA Network.

All matches shown by NBC will be simulcast online with Peacock. However, any matches shown on USA will not – they'll be added to the Peacock library the day after they take place.

You can access the games live on USA Network via Sling TV.

What Premier League games will be shown live on Peacock?

So far, NBC has only announced what games it's showning where for the first two gameweeks of the 2025/26 Premier League season.

The following games will be live streamed by Peacock (*denotes simulcast on NBC), while all other games will be shown live on USA and streamed a day later on Peacock:

Saturday, August 16
Sunderland vs West Ham, 10am ET / 7am PT
Tottenham Hotspur vs Burnley, 10am ET / 7am PT
Wolverhampton Wanderers vs Manchester City*, 12.30pm ET / 9.30am PT

Sunday, August 17
Nottingham Forest vs Brentford, 9am ET / 6am PT
Manchester United vs Arsenal*, 11.30am ET / 8.30am PT

Saturday, August 23
Bournemouth vs Wolverhampton Wanderers, 10am ET / 7am PT
Burnley vs Sunderland, 10am ET / 7am PT
Arsenal vs Leeds United*, 12.30pm ET / 9.30am PT

Sunday, August 24
Crystal Palace vs Nottingham Forest, 9am ET / 6am PT

What streaming devices are supported by Peacock?

Web Browsers (Chrome, Firefox 115, Edge, Safari)
Mobiles and tablets (Android 7.0 or above, iOS 15 or above)
Amazon Fire TV
Android TV
Apple TV
Chromecast (2nd Generation or above)
Google TV
Hisense VIDAA (2021 devices and newer)
LG Smart TV (LG WebOS 3.5 or above)
PlayStation (PS4, PS5)
Roku (2, 3 & 4, Streaming Stick, Express/Express+, Premiere/Premiere+, Ultra/Ultra LT)
Samsung Smart TV (2017 models and later
VIZIO (SmartCast TV 2016 and newer)
Xbox (One, X, S)
Xumo

What content does Peacock have?

In addition to Premier League soccer, a subscription to Peacock gets you access to a wide range of content from the vast NBC library.

In terms of live sport, that means hours of Summer and Winter Olympics coverage, Sunday Night Football, college football and basketball, the Tour de France and big PGA golf events.

Peacock is the home of Love Island USA, and other reality shows like The Traitors US and various iterations of Real Housewives.

NBC makes some of its drama and comedy shows exclusively available on Peacock in the US, too. Recent examples are sword-and-sandal epic Those About to Die, mystery of the week whodunnit Poker Face and The Office spin-off The Paper.

We test and review VPN services in the context of legal recreational uses. For example:1. Accessing a service from another country (subject to the terms and conditions of that service).2. Protecting your online security and strengthening your online privacy when abroad.We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.

• Report finds around half of UK&I businesses don't have any form of cyber insurance
• This is despite brokers predicting rising claims and premiums
• Ransomware continues to grow and affect UK&I businesses

Around half of UK & Ireland businesses lack any form of cyber insurance, despite rising instances of threats, new research has warned.

A report from Arctic Wolf found 70% of UK&I insurance brokers are anticipating claims to increase in 2026, with a similar number (68%) predicting premium rates to rise over the same period.

The news comes as cybercriminals are using AI tools more and more to help build more sophisticated attackes, targeting company data and adding to privacy concerns.

Many companies lack cyber insurance

Arctic Wolf's data claims ransomware has now become the most common type of insurance claim globally, followed by data breaches, theft of funds and phishing.

Nearly one in five (18%) respondents' clients had experienced a cyberattack within the past month, with the average global insurance claim hovering around the $115,000 mark and large businesses claiming an average of over $812,000.

Recent UK Government analysis shows that the number of businesses experiencing a ransomware crime doubled between 2024 and 2025, with 43% of businesses having experienced a cyber security breach or attack in the last 12 months.

"While the insurance industry is working with clients to improve protection, attacks are ultimately costing businesses hundreds of thousands of pounds worth of damage," Senior Director of Strategy for Insurance Alliances Kevin Kiser explained.

In the UK and Ireland, around one in four (23%) brokers have now negotiated pre-arranged insurance benefits for clients with cyber risk vendors, and UK&I brokers are more likely than the global average to partner with cybersecurity providers.

"As threat tactics evolve, cyber insurance is no longer a ‘nice to have’ but a strategic pillar of modern risk management," Kiser added.

You might also like

• We've listed the best endpoint protection software
• Consider using the best firewalls to protect your connected systems
• Marks and Spencer click and collect is back at last - services return following cyber incident