Feed aggregator

• The iOS 26 public beta could launch this week, a new report claims
• It’s slightly delayed compared to the usual public beta launch date
• That’s unlikely to push back the full iOS 26 release, expected in September

The iOS 26 developer beta has been out since Apple’s Worldwide Developers Conference (WWDC) in June 2025, but if you’ve been itching to get your hands on the beta without requiring a developer account there's good news, as the iOS 26 public beta is rumored to be launching as soon as this week.

That’s according to the latest Power On newsletter ($/£) from Bloomberg reporter Mark Gurman. There, Gurman revealed that “All indications are that iOS 26 should go into the public beta phase this coming week.”

That will bring the updated iOS operating system to a much wider audience than it currently has, although it’s not the full, ready-to-go release – that’s expected in September, alongside the reveal of the iPhone 17 range.

In a post on X last week, Gurman said that the iOS 26 public beta could launch on or around Wednesday, July 23, and the subsequent Power On update seems to suggest that Gurman remains confident with that timing.

New features coming soon

(Image credit: Apple / Future)

Gurman’s report also briefly touched on iOS 27, which is due out in 2026. Gurman believes that Apple has already started development on this software, which he says will focus on features destined for Apple’s foldable iPhone.

That’s rumored to be launching in the latter half of 2026, or perhaps early 2027, and will mark Apple’s first attempt to unseat the current best foldable phones on the market. There’s therefore a lot of pressure on Apple to get it right, perhaps explaining the early start on iOS 27.

In the past, Apple has tended to release its iOS public betas around the middle of July, so the mooted July 23 launch date is a little later than usual. Gurman ascribes this to the full-blown Liquid Glass redesign in iOS 26, saying “it makes sense that Apple would want to take a little extra time to get things right.”

But Gurman is not concerned about any knock-on effect of this delayed public beta release date, adding that it’s unlikely to push back the unveiling of the full version of iOS 26.

Aside from iOS 26, Apple will almost certainly release the public betas for macOS 26, iPadOS 26, watchOS 26, tvOS 26, and an update for the HomePod’s operating system at the same time.

The iOS 26 upgrade brings in a radically overhauled look and feel thanks to the Liquid Glass redesign, as well as increased protection from spam callers, a new Games app, updates to Apple Intelligence, and more.

And with the public beta supposedly launching this week, you’ll soon be able to try them out for yourself – just make sure you remember to back up your iPhone first in case anything goes wrong.

You might also like

• The iOS 26 public beta now has a possible release date, and it’s later than usual
• How to download the iOS 26 developer beta
• iOS 26: new features, a new design, and everything you need to know

Many industries continue to navigate the complexities of hybrid work and shifting workforce dynamics driven by necessary digital transformations. However, there is one critical issue quietly challenging and reshaping the field services industry in particular. Field service professionals serve as the unsung heroes of modern IT infrastructure. They keep the lights on, the networks connected and the systems running. But behind the scenes, a demographic shift threatens to disrupt these operations.

Veteran technicians, who have spent their careers mastering the nuances of complex systems, are exiting the workforce in large numbers, and there is no clear plan for passing on their knowledge. To make matters worse, younger generations are not joining the industry at the rate needed to replace retiring workers. What’s left is a widening skills gap that threatens to slow operations, increase costs and compromise service quality.

The Retirement Wave Is Real — and Risky

Baby Boomers make up a significant portion of the field service workforce, and their retirement creates more than a staffing issue — it’s a knowledge crisis. These professionals hold a wealth of practical, hands-on insights, including how to troubleshoot legacy equipment, navigate customer preferences and solve problems that aren’t covered in manuals.

To make matters worse, a recent survey from Service Council found that nearly half of field service engineers do not anticipate having a life-long career in the field. Of those engineers looking to leave, half expect to do so in the next three years, which would mean the loss of invaluable institutional knowledge.

The potential consequences will be far-reaching for organizations across all industries, with longer resolution times, higher error rates and diminished customer experience. And while companies will hire new talent, it won’t be enough to truly fill the knowledge gap.

Replacing Workers Isn’t Replacing Wisdom — AI Can Help

New technicians, no matter how well-trained, need time to build the kind of intuition that comes with experience. Research shows that 70% of skill development happens through hands-on work, while just 10% is a result of formal training. Without structured systems to capture and transfer knowledge, organizations risk leaving new hires to learn through trial and error — a costly and inefficient approach in today’s fast-paced environment.

However, emergent technologies, such as AI, offer a promising path forward. Rather than replacing human expertise, AI can supplement it and accelerate training by providing real-time support, predictive insights and guided troubleshooting to technicians in the field. These systems can analyze equipment data, flag anomalies and suggest next steps, helping less experienced workers make informed decisions quickly.

Advanced AI tools go even further, integrating telemetry, service logs, vendor documentation and industry best practices into a single, intelligent interface. The result is a personal digital assistant that is always available, up-to-date and ready to help. This type of support is invaluable to a newcomer in a fast-paced industry with high customer expectations.

Digital Twins: a Living Library of Expertise

Across industries, employees report difficulty accessing the information they need to do their jobs effectively, with only 12-16% of employees saying the critical information they receive from leaders is helping them do their jobs well. This is a critical issue, as it shows that traditional knowledge management tools that previously worked are falling short because they’re either fragmented, outdated or otherwise ineffective in breaking down silos.

Digital twins offer a dynamic solution. Serving as virtual replicas of physical assets and systems, these AI-powered models transmit real-time data to virtual environments. This allows new technicians, who may lack critical knowledge, to simulate scenarios, monitor performance and optimize maintenance strategies. In practice, this means that new technicians will have the opportunity to learn and practice their skills in a controlled environment.

But digital twins are not only advantageous for new technicians. All employees in the field service industry, regardless of employee experience, can benefit from digital twins, as they serve as an intuitive, on-demand source of expert guidance. They reduce learning curves and ensure that critical knowledge is preserved and accessible — regardless of who’s on the job.

The Time to Act Is Now

The field service industry is at a turning point. Organizations that invest in AI and knowledge-preserving technologies today will be better equipped to navigate tomorrow’s challenges. By proactively addressing the knowledge gap, companies can maintain operational excellence, safeguard institutional knowledge and build a more resilient, future-ready workforce.

Now is the time to bridge the gap and lead the next era of field services confidently, properly equipped with the latest cutting-edge technology.

We've listed the best COBOL online courses.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Getax ZX10 G2: 30-second review

Getac is one of those companies that likes to keep the names of products the same while changing the underlying hardware. Thankfully, with the new ZX10 release, someone decided to add “G2” to differentiate it from the prior version, even if they are remarkably similar in many respects.

On one level, this is a standard 10.1-inch Android tablet designed for business users who require stock control or a shop floor with mobile computing needs.

What separates this from a typical Android tablet is that it is designed to handle a high level of abuse or a challenging environment without issue, and it features hot-swapable batteries to ensure it is always ready for the next shift.

Like the original ZX10, the focus of the hardware is to provide a powerful SoC, while being less interested in peripheral features, such as the cameras.

What it offers above the prior G1 is a more powerful platform with increased memory, storage, a brighter display, and WiFi 6E communications.

Oddly, it’s running Android 13, not a cutting-edge release, but an improvement over the Android 12 that its predecessor used.

The build quality and accessory selection are second to none, so it’s no surprise that the device’s cost is relatively high. However, even at this price, it might make it into our selection of the best rugged tablets.

A question that business users might reasonably ask about this hardware is how many cheap tablets could we go through for each one of these?

(Image credit: Mark Pickavance)Getax ZX10 G2: price and availability

• How much does it cost? From $1200 / £1175 (plus tax)
• When is it out? Available now
• Where can you get it? From a Getac reseller

Unlike many of the tablets we typically discuss, the Getac ZX80 doesn’t come with a standard price tag, as each device is tailored to meet the specific needs of its owner. The review unit we assessed is likely to start at over $1200 in the USA, not factoring in any accessories, service agreements, or upgrades.

The UK price is a whopping £1175.00 plus VAT, making it one of the most expensive 10-inch tablets around.

Options such as different sensors, cradles, additional batteries, and external chargers can substantially raise the total cost. If your finance department is already wary of Apple equipment pricing, they might need to brace themselves for the investment in this equipment.

That said, the durability of this design, combined with a three-year bumper-to-bumper warranty, implies that most customers should expect good service from this device.

(Image credit: Mark Pickavance)

• Value score: 3/5

Getax ZX10 G2: Specs

Item

Spec

Hardware:

Getac ZX10 G2

CPU:

Qualcomm Dragonwing QCS6490

GPU:

Adreno 643

NPU:

Qualcomm Hexagon Processor

RAM:

8GB

Storage:

128GB

Screen:

10.1-inch TFT LCD 1000 nits

Resolution:

1200 x 1920 WUXGA

SIM:

Dual Nano SIM 5G+ MicroSD option

Weight:

906g (1.99lbs)

Dimensions:

275 x 192 x 17.9mm (10.8" x 7.56" x 0.7")

Rugged Spec:

IP67 and MIL-STD-810H

Rear cameras:

16.3MP Samsung GN1 Sensor

Front camera:

8MP Samsung GD1

Networking:

WiFi 6E, Bluetooth 5.2

OS:

Android 13

Battery:

4870mAh (extra slot for 2nd battery)

Getax ZX10 G2: Design

• Sturdy construction
• Unusual layout
• High brightness screen

Getac has extensive experience in making rugged equipment, and the ZX10 G2 is a prime example of how the lessons its engineers have learned are implemented in their recent designs.

The tablet is constructed with a metal chassis encased in a nearly impenetrable reinforced polycarbonate outer shell that has a subtle texture, making it easy to handle.

On paper, the new design is slightly lighter than its G1 predecessor, but that difference is likely due to the battery design, as the screen remains the same 10.1-inch-sized panel as before. This one is slightly brighter at 1000 nits over the 800 nits in the first ZX10.

Getac engineers prefer a form factor that is decidedly skewed towards right-handed users, with the five buttons, including power and volume controls, located on the right front face of the tablet.

The lanyard-connected stylus is also on the right, although you could rotate the tablet to bring that and the buttons to the left.

But if you do that, then you can’t use the harness accessory, as it uses two metal studs that project proud of the top left and right corners.

The bottom edge of the tablet features an edge connector for docking the unit when it is not in use, and pass-through antenna connections.

The physical connection points along this axis are significant enough that they will lock a hinged keyboard accessory to the ZX10, turning it into an Android laptop.

Another feature of Getac hardware that I appreciate is that the ports that could potentially be impacted by moisture are hidden behind a sealed door that clicks into position when shut.

I’ve seen way too many rugged tablets that use rubber plugs for water/dust proofing, and they will ultimately perish. These Getac covers will last much longer, if not for the working life of the machine.

(Image credit: Mark Pickavance)

On our review hardware, the top edge featured a 1D/2D imager barcode reader, which was linked by default to one of the two custom buttons on the left. The other button takes a picture with the camera, but these can be altered to fit the specific use case.

Getac offers smartcard readers and NFC if you specifically need those technologies.

Like the ZX80 I previously reviewed, the screen has an anti-glare coating that makes it relatively easy to see the display even in bright sunlight. However, the filter that applies to the image softens it in a way that won’t attract drone pilots, as it tends to blur the finer details in the image, such as thin branches or wires.

This is a shame, because the 1000 nits of brightness this LumiBond display outputs ticks a lot of boxes for outdoor use in other respects.

On the rear is a slot for the stylus, two slots for batteries, and an access panel for mounting a smartcard reader. The SIM slot is inside the top battery slot, and the MicroSD card slot is in the lower battery bay. I’ll talk more about the batteries later, but the ability to charge them using an external charger and then swap over without rebooting the machine is extremely useful.

Overall, the ZX10 G2 has many positive aspects for industrial and military users who may be looking for a dedicated data capture device or a service support system.

(Image credit: Mark Pickavance)

Design score: 4/5

Getax ZX10 G2: Hardware

• Powerhouse SoC
• Limited storage
• Dual battery options

When I reviewed the ZX80, it used a Qualcomm SM7325, aka the Snapdragon 778G 5G Mobile Platform, and again, with this machine, Getac engineers have gone with a Qualcomm SoC.

The Qualcomm Dragonwing QCS6490 is specifically designed for high-performance edge computing. It features up to 8-core Qualcomm Kryo CPUs, an integrated Qualcomm Adreno 643 GPU, and a robust AI engine (NPU + DSP), capable of achieving up to 12 TOPS.

In use, this makes the ZX10 remarkably responsive and reactive to user input, and the machine is capable of local data processing should the mission require it.

In the review machine, it came with 8GB of LPDDR5 memory and 128GB of storage, of which only about 80GB was available after a handful of test apps were loaded.

The amount of storage does seem low, and the Getac specifications do hint that a 256GB model is available for those who don’t want to expand storage using the MicroSD card slot.

Our review machine only had a single 4870mAh battery installed, enabling the total capacity to be doubled with the addition of a second. Getac also offers an enhanced high-capacity battery that can be installed in either slot, delivering a minimum of 9740mAh. While switching to those will offer considerably longer running times, it will also make the tablet more cumbersome to carry.

In the accessories, there is an external battery charger that can keep extra batteries ready for use. Having a policy where, at the start of each shift, the batteries are swapped and placed in the charger should help avoid dead tablets.

I prefer the dual battery arrangement over the external and internal battery model used in the ZX80, because, in theory, this machine never needs to be recharged directly if it isn’t convenient. And, because each battery can be changed independently, it makes it much easier to enhance the running time with either a single extended battery or two.

If the purchaser makes the right accessory purchases, the ZX10 should be able to operate almost indefinitely, and even if away from mains power, a small collection of extra batteries should keep it operating for days at a time.

(Image credit: Mark Pickavance)

• Hardware score: 4/5

Getax ZX10 G2: Cameras

• 16.3MP sensor on the rear
• 8MP on the front
• Two cameras in total

(Image credit: Mark Pickavance)

The Getac ZX10 G2 has two cameras:

Rear camera: 16.3MP
Front camera: 8MP

As with other Getac hardware, the specification doesn’t detail what the sensors are for the front and rear cameras. However, even without that input, I can say with some certainty that these aren’t the best sensors I’ve seen on a tablet, and they’re a notch below what an entry-level phone was delivering in 2020.

While the Android distribution was compiled for several 16MP sensors, my prior experience suggests that the rear sensor is the Omnivision OV16a10, and the front sensor is the Omnivision OV8856.

Those assertions are based on the ZX80 cameras, as these seem identical.

The one positive feature of the rear Omnivision OV16A10 is that it records 4K video at 30 fps, although there are no frame rate controls available at this resolution. In fact, the camera application has relatively few controls, and it lacks special shooting modes.

Being simple isn’t a bad thing if the system takes care of things like exposure and focus, but the camera app here does practically nothing, even though it has an AI processor sitting idle that could easily identify the subject of an image and how best to capture it.

With still image control, you have a resolution selection and digital zoom, as well as the ability to turn the flash on or off.

To be direct, nobody using this equipment is likely to be distracted from work by the temptation to enhance their photography skills.

Like the ZX80 and its sensors, the images from these cameras are workable, but only if any image is acceptable. However, the camera doesn’t balance light or colour well, and the digital zoom is an abyss of graininess.

Evidently, no special attention was paid to the cameras on this hardware or the capture application, as it was lifted directly from a prior product without any changes.

(Image credit: Mark Pickavance)Getax ZX10 G2 Camera samplesImage 1 of 10

(Image credit: Mark Pickavance)Image 2 of 10

(Image credit: Mark Pickavance)Image 3 of 10

(Image credit: Mark Pickavance)Image 4 of 10

(Image credit: Mark Pickavance)Image 5 of 10

(Image credit: Mark Pickavance)Image 6 of 10

(Image credit: Mark Pickavance)Image 7 of 10

(Image credit: Mark Pickavance)Image 8 of 10

(Image credit: Mark Pickavance)Image 9 of 10

(Image credit: Mark Pickavance)Image 10 of 10

(Image credit: Mark Pickavance)

• Camera score: 2/5

Getax ZX10 G2: Performance

• Decent SoC
• GPU is game-friendly
• Slow charging battery

Tablet

Getac ZX10 G2

Getac ZX80

SoC

Qualcomm Dragonwing QCS6490

Snapdragon 778G 5G

Adreno 643

Adreno 643

Mem/Storage

8GB/128GB

8GB/180GB

Battery Capacity

mAh

4870

4060 + 4870

Geekbench

Single

1142

1137

Multi

3044

3056

OpenCL

2877

2891

Vulkan

3159

3159

GFX

Aztec Open Normal

47

44

Aztec Vulkan Normal

51

49

Car Chase

44

41

Manhattan 3.1

76

59

PCMark

3.0 Score

9360

9521

Battery Life

8h 27m

15h 24m

Charge 30

Battery 30 mins

31%

18%

Passmark

Score

14639

15029

CPU

6902

7097

3DMark

Slingshot OGL

7777

7781

Slingshot Ex. OGL

6761

Maxed

Slingshot Ex. Vulkan

Maxed

Maxed

Wildlife

3387

3411

Steel Nomad.L

312

310

The obvious comparison for me was to the smaller ZX80 model, which uses a similar platform and delivers nearly identical performance.

Even if you are uninterested in either of these two machines, these results demonstrate that the Dragonwing QCS6490 performs at the same level as the Snapdragon 778G 5G, also by Qualcomm. As they both feature the same memory architecture, core counts and GPU, this isn’t hugely surprising.

Where things get interesting is when we explore battery life, since the ZX10 had only a single 4870mAh battery, whereas the ZX80 had an internally integrated 4060mAh battery plus an external 4870mAh battery.

That extra internal capacity nearly doubles the operating time of the ZX80, although it can’t replace the internal battery, which must be recharged in situ. Had Getac provided the second battery for the ZX10, I’d be surprised if its inclusion would not exceed the run time of the ZX80 by at least an hour, and probably longer.

One result here is highly misleading, and that’s the recharge percentage after 30 minutes. Given the capacity of the ZX80, it recovered approximately 18% of its total 8930mAh, or 1607 mAh. Conversely, the recovered power on the ZX10 was 1,510mAh. Given that the ZX80 has two batteries, not one, it’s safe to conclude that there’s no charging improvement over the ZX80 in the ZX10.

This is a weakness of this design, since it takes more than 90 minutes to fully recharge a 4870mAh battery, and it would be safe to assume double that if you have the second battery. The draw on the power supply is only 20W, which is why it isn’t faster.

I’ve seen phones and tablets with 25000mAh batteries that can recharge much faster than this using 66W power supplies. Getac may have taken the view that slower charging will extend battery life, and therefore, is in the customer’s interest. However, I found it curious that the Chicony-branded PSU included with the machine is rated for 20V at 65W, even though it can only take a third of that power when recharging.

Overall, this is a powerful tablet that offers performance beyond what most tablet makers are currently providing, with the possible exception of the Unihertz Tank Pad 8849 and its Dimensity 8200 platform.

• Performance score: 4/5

(Image credit: Getac)Getax ZX10 G2: Final verdict

I liked this design substantially more than the Getac ZX80, as I think it better balances the user experience with the capabilities. However, it’s not without some issues, most noticeably that it’s launched with a three-year-old version of Android.

Also, Getac doesn’t see camera sensors as a selling point, as the ones in this tablet are below what you might expect in a budget phone.

The strengths here include a solid computing platform, interchangeable hot-swap batteries, and a fantastic selection of accessories for docking and carrying the tablet throughout the day. It also comes with a warranty where Getac won’t argue with you about accidental damage for three years.

However, the cost of well-made and engineered equipment, which can withstand being in a warehouse or garden centre, is disturbingly high.

It’s a matter of convincing those senior people who control budgets that devices like the Getac ZX10 G2 ultimately save money with fewer issues and downtime, since the investment is likely to be substantial when deploying these into any decent-sized business.

Should I buy a Getax ZX10 G2?Getax ZX10 G2 Score Card

Attributes

Notes

Rating

Value

Expensive for an Android tablet

3/5

Design

Built to take knocks and keep working

4/5

Hardware

Powerful SoC, dual hot-swap batteries, tons of accessories

4/5

Camera

Poor sensors and grainy results

2/5

Performance

Powerful platform but slow charging

4/5

Overall

Highly durable, but you pay for the privilege

4/5

Buy it if...

Your environment is harsh
Most brands claim IP68, IP69K dust/water resistance, and MIL-STD-810H Certification, but this equipment is built to withstand much more than these dubious endorsements.

It comes with a three-year warranty that includes coverage for accidental damage, which is a testament to the abuse these devices can withstand.

You need a powerful platform
The processor in this Android tablet is at the top end of what is available and delivers a stellar user experience. With this much power available, it’s possible to locally process data before sending it to the Cloud.

Don't buy it if...

You are working on a budget
The price of the tablet is high, and once you’ve included a keyboard, extra batteries, an off-line battery charger and other accessories, the total package might run to $2000 or more. There are more affordable options that offer you more for less.

You need decent photography
The camera sensors in this device are like going back to the past for most Android phone and even tablet users. The results aren’t good, and it’s a weakness in the Getac tablets that I’ve observed so far.

Also Consider

Unihertz Tank Pad 8849
Larger and slightly heavier than the Getac ZX10 G2, this is a powerful Android tablet featuring an impressive 21000 mAh battery and the latest 50MP Sony IMX766 camera sensor. Although it may not offer the accessory selection of the ZX10 G2, at around $600, it’s nearly half the price and a better all-around performer.

Read our full Unihertz Tank Pad 8849 review

Getac ZX80 Rugged Android Tablet
Another super-robust design from Getac aimed at tough environment use. It uses a different Qualcomm SoC, and has a wide selection of accessories, including replaceable batteries.

However, like its ZX10 G2 brother, it’s on the expensive side, so it’s not an impulse purchase.

Read our Getac ZX80 Rugged Android Tablet hands on

For more durable devices, we've reviewed all the best rugged phones, the best rugged laptops, and the best rugged hard drives

• Battlefield content creators are reportedly receiving packages from EA
• Said packages seemingly confirm the name of the series' next game
• Battlefield 6 will allegedly be revealed officially on July 29, 2025

The title of the next Battlefield game seems to have been revealed, as content creators familiar with the series have reportedly been receiving special packages from EA.

As reported by Eurogamer, Battlefield content creator Rivalxfactor posted to X / Twitter, following a since-deleted post featuring a physical box emblazoned with the Battlefield 6 title.

"Content creators are receiving packages from EA," writes Rivalxfactor, who also states that: "Battlefield 6 will be the title name and the preview to the world will probably be by the end of the month."

In a follow-up post, Rivalxfactor claims that Battlefield 6 is to be officially announced on July 29, spanning a three-day event that will encompass not only the reveal of the game, but also interviews with the developers. Rivalxfactor also says an open beta will take place "shortly after" this event, though no specific date is given here.

I have confirmed with another person that there is indeed a 3 day EA event starting on July 29th. This is where Battlefield 6 will be revealed, devs will be interviewed in a somewhat fixed format, and the game will be featured with content creators.The open beta will launch… https://t.co/OmLRH3Gg3ZJuly 19, 2025

Previously, publisher Electronic Arts has suggested that the next Battlefield game will launch before April 2026, and we've also seen what is allegedly a leaked clip of the upcoming title's campaign mode.

If the footage indeed belongs to Battlefield 6, it looks like it's going to return to the series' roots, offering a more contemporary warfare setting and thus ditching the futuristic escapades of Battlefield 2042 and the historic battlegrounds of Battlefield 5 and Battlefield 1.

While we naturally encourage you to take any and all leaks with a healthy pinch of salt - we won't truly know anything concrete until EA officially reveals the game itself - it'll be worth marking July 29 on your calendar just in case the current crop of rumors turns out to be accurate.

You might also like...

• This is not a drill: one of the best strategy games ever is free right now – here's how to get it before it's gone
• The latest Turtle Beach Rematch controller sports a lenticular Donkey Kong theme and yes, it's compatible with Switch 2
• Ubisoft names the company CEO's son Charlie Guillemot as co-CEO of new Tencent-funded subsidiary – 'What matters now isn’t my name, it’s the work ahead'

• While fixing exploited flaws, Microsoft may have also introduced new bugs
• The issues affected multiple SharePoint on-prem variants
• Hackers are already exploiting them in the wild, so users should patch now

Microsoft has released an urgent patch to fix a zero-day vulnerability affecting on-premises SharePoint servers.

The vulnerability is already being exploited in the wild, which is why users are urged to apply the patch immediately and secure their assets.

Three Microsoft products were said to be affected: SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Server 2016. SharePoint Online (Microsoft 365) is not affected.

How to secure your endpoints

The vulnerability being addressed is described as a deserialization of untrusted data in on-premises Microsoft SharePoint Server, which allows an unauthorized attacker to execute code over a network. It is tracked as CVE-2025-53770, and carries a severity score of 9.8/10 (critical).

“Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild,” the National Vulnerability Database (NVD) said in its advisory.

To secure the endpoints, Microsoft recommends applying the July 2025 security updates immediately, as well as enabling Antimalware Scan Interface (AMSI) for SharePoint and making sure Defender Antivirus is deployed.

After patching, or enabling AMSI, users should rotate their ASP.NET machine keys, deploy Microsoft Defender for Endpoint to detect post-exploitation activity, or upgrade to supported SharePoint versions, if needed.

The vulnerability was actually introduced while fixing a pair of bugs that were also being exploited in the wild. Tracked as CVE-2025-49706 and CVE-2025-49704, these two were fixed in July, but introduced two new flaws - CVE-2025-53770, and CVE-2025-53771, a 6.3/10 (medium) path traversal bug that allows spoofing over a network.

The new bugs were quickly spotted by threat actors, and abused in attacks since July 18, with at least 85 organizations apparently being hit, including several multi-nationals and government entities, such as a private university and a private energy operator in California, a federal government health organization, and a private fintech firm in New York.

Via BleepingComputer

You might also like

• Top satellite communications company Viasat was also hit by Salt Typhoon – which shows just how widespread this massive attack was
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

• Nvidia's GH200 chips are at the core of Britain's Isambard-AI supercomputer
• It's the 11th fastest in the world, and 10x faster than Britain's second-fastest
• The UK government hopes it'll aid in drug discovery and more

The UK's most powerful AI supercomputer, Isambard-AI, is now fully operational at the Bristol Centre for Supercomputing (BriCS), with some serious Nvidia power at its core.

With 21 exaFlops of AI performance backed by 5,448 Nvidia GH200 Grace Hopper superchips, Isambard-AI now ranks 11th on the Top 500 list of fastest supercomputers, making it one of the global leaders.

Nvidia declared the British supercomputer is now 10x faster than the next UK supercomputer, and more powerful than all the others in the UK combined.

A giant leap forward

Besides being the 11th fastest supercomputer globally, Isambard-AI also ranks fourth globally on the Green500 list for energy efficiency, demonstrating the progress being made to reduce the environmental impact of AI machines and data centers.

Its eco-credentials are endless, including carbon-free power, waste heat recycling and a power usage effectiveness (PUE) of below 1.1 – among the best in the world.

Build in collaboration with Nvidia, HPE and the University of Bristol, Isambard-AI received £225 million in government funding in the hope that the supercomputer would go on to aid across important humanitarian issues like drug discovery and climate modeling.

"And as we press this switch to activate the UK’s most powerful supercomputer, we are embarking on Britain’s super future where AI contributes towards the delivery of better public services, greater public prosperity, deeper scientific discovery and stronger national security," UK Secretary of State Peter Kyle commented.

Among its first projects are Nightingale AI, trained on NHS data to support earlier diagnoses and personalized care, BritLLM, designed to promote inclusivity and better public service delivery in the UK's languages, including Welsh; and UCL Cancer Screening AI for prostate cancer detection.

You might also like

• There are the best AI tools and best AI writers
• Nvidia briefly became the first ever $4 trillion company
• Access powerful chips via the best cloud computing providers

EVenture Limited subsidiary Hide.me is a Malaysia-based company that has been making waves in the VPN business since 2011.

Hide.me currently boasts around 2,600 servers in 91 different locations worldwide. That's a pretty decent spread that'll be more than enough for most users, but NordVPN blows it out of the water when it comes to coverage, with servers in a whopping 118 countries.

Several protocols are available to choose from, including the super-speedy WireGuard and battle-tested OpenVPN, and IKEv2, SoftEther, and SSTP are in the mix, too. It's also nice to see that Hide.me offers DNS, IP, and IPv6 leak protection, and that port forwarding is there for anyone who needs it (perhaps while doing a spot of torrenting).

Hide.me is compatible with most of today's biggest and best platforms. Apps are available for Windows, macOS, Android, iOS, and Linux. You'll also be able to use Hide.me on smart TVs, consoles, and routers, as well as enjoy 10 simultaneous connections. If you need help getting set up on any of these devices, or just want help picking out the best server, 24/7 live chat is happy to help.

MultiHop lets you connect from one location and exit from another to prevent tracking (Image credit: Hide.me)

Advanced features include MultiHop VPN, allowing you to connect to one location and exit from another. This makes it even more difficult for anyone to trace back and identify you.

Hide.me claims to support P2P on most servers. We verified this by connecting to five different locations and had hassle-free torrenting in each case.

We also like that Hide.me is clear about its unblocking capabilities, listing the platforms it's able to access on its site. This is great news for fans of Netflix, BBC iPlayer, Hulu, Prime Video, and more, and sets Hide.me apart from other services that rely on vague promises that they're not always able to live up to.

While there have been some recent updates and improvements, they're more focused on enhanced the existing Hide.me service rather than adding new and innovative tools. It's why Hide.me can't quite keep up with innovators like NordVPN and ExpressVPN, but they're still worthwhile improvements. In particular, upgrading the servers from 1 Gbps to 10 Gbps is exciting, and Hide.me labels which servers have received the upgrade in its list. It's the kind of transparency we love to see.

Hide.me pricing

Hide.me's monthly plan is fairly priced at $9.95. Most providers charge somewhere in the $10-$13 range, although a few are significantly cheaper (Mullvad asks around $6).

The annual plan is available for an above-average $5.82 a month. Hide.me used to throw in 2TB of Internxt cloud storage, but no more. Now, it's the VPN only. Most providers are a little cheaper at around $4-5 for annual subscriptions, and a few cost even less (you'll pay a monthly $3.33 for Private Internet Access, $2.08 for FastestVPN).

The two-year plan offers the best value at $3.45, but even here, there's money to be saved elsewhere. Atlas VPN's three-year plan costs $2.08 a month, for instance. Looking at the totals, paying $89.95 to Hide.me gets you coverage for two years with two months free – but three years of protection (with three months free) at Atlas VPN costs $71.52.

You can pay for your plan by credit card, PayPal or even with cryptocurrency (Image credit: Hide.me)

Regardless of the plan length you go for, you'll find a number of ways to pay for your subscription. This includes the usual credit and debit cards, PayPal, Bitcoin, Google and Amazon Pay, and others – though the exact list varies from location to location.

If you fork out for a Hide.me plan and ultimately decide that it's not for you, don't panic! All plans are covered by a 30-day money-back guarantee that'll let you reclaim your cash without any quibble or questions. However, this only applies to users who haven't previously received a refund from Hide.me.

Plus, for folks who'd rather not part with a single penny, the free version of Hide.me is better than ever. It now boasts servers in 8 countries, which is pretty generous for a free VPN, and doesn't demand that you make an account and hand over your personal details. Most impressively, however, is the fact that Hide.me free doesn't impose any data limits or monthly caps on your usage - you can stay connected for as long as you like.

Of course, there are downsides to consider, including a lack of streaming support, port forwarding, and multihop functionality.

Hide.me keeps no logs on its users (Image credit: Hide.me)Privacy

Hide.me has a strict no logging policy. The company claims, "We do NOT keep logs of your VPN sessions, browsing behavior, websites you visit, or any activity related to your VPN connection. In addition, we NEVER store VPN connection logs and timestamps that match your incoming and outgoing IP address or session duration."

Hide.me does briefly record your randomly generated username and internally assigned (non-public) IP address when you connect, but this is only for troubleshooting purposes, and the company says even this troubleshooting log is securely wiped every few hours.

Hide.me says it will comply with court orders received by recognized legal authorities with jurisdiction over them. But again, that's to be expected, and if the logs don't show anything significant, that won't matter at all.

The company claims this is supported by a comprehensive audit, and that 'Hide.me has been certified as the most anonymous VPN service in the industry.'

It turns out that the audit dates from 2015, though. There's little information on the scope of the audit and no report you can read. Hide.me deserves real credit for realizing the importance of audits so long ago – some providers still don't get it, even today – but we think it's probably time to take another, something more thorough and transparent, where everyone can read the full results.

In the meantime, there's a simple metric we use to get a feel for how any provider is handling your privacy, and that’s how many trackers and third-party cookies are used on its website. The Blacklight privacy inspector gave us the answer; none at all. That's not unique - Mullvad, Proton VPN, Windscribe, and a handful of others are also tracker-free - but it's unusual, and suggests Hide.me is making a real effort to maintain your privacy.

This is the user interface of Hide.me's Windows app (Image credit: Hide.me)Apps

Hide.me's Windows app has a clear and straightforward interface. A large Enable button plugs you into the nearest server, the full location list (countries, expandable to cities in some cases) is just a click away, and a navigation bar has buttons for the streaming service, app settings, and more.

Hide.me displays its available servers in a list instead of on a map (Image credit: Hide.me)

The flexible location list can sort your options by name, or use ping time to show the fastest servers at the top. Begin typing a city or country name in the Search box and the list updates to display any matches (typing MIA cuts the list to just Miami, for instance.) A Favorites system enables grouping your most-used servers together for speedier access later.

A Streaming tab connects you to the best locations to unblock streaming platforms in a lengthy list of countries: Argentina, Australia, Austria, Brazil, Canada, Croatia, France, Germany, Italy, Japan, Norway, Poland, Portugal, Spain, Switzerland, Turkey, United Kingdom, and United States. That's nine countries added since our last review. Impressive!

We found Hide.me's connections times to be fair. Typically, we were able to connect to a server within 1 or 2 seconds, which meant we weren't waiting around. There doesn't appear to be a connection timeout, however, and we encountered a few instances where Hide.me was stuck on its "initializing service connection" animation for minutes at a time.

Digging into the details, it looked like Hide.me's Windows service had failed, and the app wasn't able to restart it. That can happen, but the top providers do a better job of handling it. ExpressVPN's Windows app recognizes a service failure immediately, for instance, without leaving you waiting for minutes. Then, it either fixes the problem all on its own or tells you what to do next.

Typically, though, connections ran smoothly, with the app making good use of notifications to keep you informed about what it's doing. Switch back to your other apps, and Hide.me will let you know when you’re protected, and when you’re not.

Hide.me's MultiHop feature gives you another option, good news when you need the best possible privacy. Choose an entry server of New York, say, and that's where you'll connect, but you'll be redirected through Hide.me's network to your pick of exit servers. Websites will think you're in the UK, and even if an attacker manages to compromise the London server, they won't be able to link the activity to your account as you've accessed it using the New York server, not your own IP.

You can tweak many aspects of Hide.me's VPN service in its settings menu (Image credit: Hide.me)Settings

There's real depth here. The app supports no less than five protocols (WireGuard, OpenVPN, IKEv2, SoftEther, SSTP), for instance, with a stack of configuration options including IKEv2 stealth mode, custom and random ports, tunnel via IPv4 or IPv6, and the option to enable Bolt (Hide.me's custom speedup technology). More on that later.

That's just the start. While most VPN apps ignore IPv6 entirely, or at best give you an option to disable it, Hide.me offers complete support and control. You can have the app connect via IPv4 only, IPv6 only, prefer IPv4 but use IPv6 as a fallback, or prefer IPv6 but use IPv4 as a fallback. That'll probably get you better speeds if you can use IPv6, and Hide.me's ability to handle both protocols reduces the chance of data leaks.

The advanced features continue everywhere you look. For example, split tunneling support enables defining which apps use the VPN, and which will use your regular connection. Plus, the client doesn't just have a single on/off kill switch setting to define what happens if the connection drops. It can run customs scripts, too. You get it to close apps, run others, whatever you like. You can also define whether scripts are run as the current user or an administrator.

Hide.me allows you to search for specific features in Settings, and will highlight them to point them out clearly (Image credit: Hide.me)

There's a lot to explore, and sometimes we couldn't remember where to find a particular setting. Fortunately, the app has a settings Search box. If you know you want to customize the Best Location feature, just type 'best' in the Search box, click the link, and the app will take you to the right page, and even highlight the option for you. A neat touch we've not seen with anyone else.

The Mac app looks pretty much identical to the Windows version, but doesn't have all its advanced features (Image credit: Hide.me)Mac app

We were glad to see that Hide.me's apps are similar across all platforms. The Mac app, in particular, is practically a clone of the Windows version, with the exception of a few small visual details.

Connection times were much faster than we saw on Windows, and we didn't have any connection failures. Real-world use was otherwise much the same. The app was easy to use, there were no unexpected drops, and everything worked more or less as we'd expect.

There's a decent set of advanced options, too. WireGuard, OpenVPN, and IKEv2 protocol support, a kill switch, auto-connect when you access untrusted networks, and split tunneling. If any of this technology doesn't quite deliver, you can even raise a ticket from within the app.

There are a lot of advanced Windows features that haven't made it to the Mac. There's no VPN-wide custom DNS option, no custom MTU, no way to tweak how Best Location is chosen, no IPv6 tunnel option, no IKEv2 configuration tweaks, and no real kill switch configurability beyond on or off.

If you're not interested in VPN technicalities, then none of that is likely to matter very much, and this is still a quality Mac app. It's not difficult to use, performance is good, and it has far more features than most.

Hide.me provides some impressive mobile apps (Image credit: Hide.me)iOS app

Most VPNs focus their development time on desktop apps, and iOS users in particular are expected to be grateful for whatever scraps are left. Fortunately, no one told Hide.me that this is the way things are supposed to be. Its own iOS offering is surprisingly powerful.

This isn't visible initially, because the app has the same simple and appealing interface as the rest of the range. It has the blue and white color scheme, a big connect button, and not a whole lot else. Don’t let that fool you, we tapped a few buttons and quickly got a feel for just what the app can do.

The Location picker has all the features we saw on the desktop, including the Favorites, the Streaming and Multihop lists, the search box, sorting, and more. You probably won't need all of that, but just the ability to bring favorite servers to the top of the list can make your VPN life so much easier.

IOS apps typically have almost no settings, but this one outperforms some of the Windows competition. There's support for IKEv2, OpenVPN UDP, OpenVPN TCP and WireGuard, for instance. The app can automatically connect when you use Wi-Fi or mobile networks. There's a kill switch. You can choose a custom DNS server. You even get to control whether the tunnel uses IPv4 or IPv6, assuming you've a reason to care and if you don't, no problem, the app has sensibly chosen defaults.

The feature list is still a little shorter than the desktop apps (no split tunneling, for instance), but that's inevitable, iOS just doesn't allow anything like the same level of system control. Despite that, this is a top-notch iOS app. It's easy to use and way more configurable than most of the competition.

Hide.me's Android app is very similar to the iOS version, but also includes split tunneling (Image credit: Hide.me)Android app

Hide.me's Android app didn’t spoil the excellent record for cross-platform consistency. Hide.me has paid real attention to detail with app design, and essentially the Android edition has the same appealing interface and capable location list as the rest of the family.

A better-than-most feature list includes WireGuard, OpenVPN, and IKEv2 support, auto-connect for unsecured networks, and a custom DNS option.

The Android app beats iOS with split tunneling, where you're able to define which apps use the VPN tunnel, and which don't. But it does lack some functionality. For example, it doesn't allow you to decide whether to use IPv4 or IPv6.

Overall, this is an impressive mix of power and ease of use. You don't have to register to use Hide.me's free plan, or hand over any personal details – just install it from your app store, explore the various screens, and see how it works.

And if you don't understand something, or there's some other problem? You can even raise a ticket from within the app. Now that's what we call convenient.

Hide.me provides a kill switch, and it's highly configurable, but not without issues (Image credit: Hide.me)Kill switch

We checked out the Windows app kill switch by manually closing WireGuard, OpenVPN and IKEv2 connections and everything worked as it should – our internet access was blocked right away, a notification warned us about the problem, and the app reconnected within seconds.

The kill switch didn’t always work when we switched locations, though. The app appears to close the first connection, then try to connect to the new server, and our device was sometimes able to use its regular internet connection until the tunnel was re-established.

This is unlikely to be a big issue for most users. If you’ve decided to switch locations, that’s a very strong indication that you’ve finished your torrenting, your online banking or whatever else you’re trying to protect, and a few seconds of unprotected internet access may not matter at all.

It is still a weakness, though, and one that could be a concern in the most privacy-critical situations.

Hide.me promises a lot on the unblocking front, but it delivers, too (Image credit: Hide.me)Privacy tests

Hide.me's Windows apps boast plenty of protocols, but are they set up for maximum security? We can't see every detail of what's going on, but checking app configuration files and logs provides some useful information.

The results were broadly positive, with OpenVPN using AES-256-CBC encryption and SHA256 authentication. IKEv2 connections provided the same reliable AES-256 shield, while SoftEther appeared to use its standard (and very acceptable) default settings.

The app's WireGuard and OpenVPN files were more than a year old, which means they're missing plenty of patches and bug fixes. This is unlikely to have any real practical impact on your privacy, but we'd like to see Hide.me update these more often, just to keep any risks to a minimum.

We spotted a slightly dubious design decision with the app's OpenVPN connections, as it saved our username and password to disk in plain text. This also isn't that big a deal (if you've got malware reading files, Hide.me's logins are the least of your worries), but it's unnecessary, and most apps do a better job of concealing your credentials.

Once we got connected, Hide.me excelled on the privacy front, with IPleak.net, DNSleak.com, and DNSleaktest.com confirming that it correctly shielded our IP, allocated us a new address from our chosen country, and blocked DNS leaks at all times.

Virtual locations

Most VPNs have very long location lists, but their servers aren't always where you expect. If they're in a country that maybe has poor internet connectivity, then a provider will often host them elsewhere.

This can often be a good idea. If a VPN offers a Monaco location, and allocates you a Monaco IP address when you connect, but the servers are really in a super-fast French data center just a few miles away, should you care very much? We'd say no.

But what if you're in Cambodia, and you connect to a Cambodia location, but the server is really located in New York? That's likely to deliver a big and very unexpected performance hit.

We tested ten Hide.me locations to get a feel for what the company is doing.

In most cases, Hide.me's servers turned out to be in the advertised locations and some appeared to be virtual locations but weren't far away. Still, we found a couple of notable exceptions. Hide.me's Mexico location appears to be hosted on the US east coast, and its Morocco servers are closer to Quebec or Ontario.

This may not be an issue for everyone. The servers correctly give you Mexican and Moroccan IP addresses, so they’ll work just as you expect, and if you're in North America, having servers closer by might improve performance.

Providers should be transparent about their use of virtual locations, though, in order that potential customers can make up their own minds. Hide.me doesn’t highlight which locations are virtual, or tell users where they really are (which ExpressVPN does), and we'd like to see that change.

Netflix and streaming

Most VPNs claim they can help you access geoblocked websites, and Hide.me is no exception, with the company promising that you'll 'avoid annoying censorship.'

And this turned out to be correct, as Hide.me got us access to Netflix in the US, UK, Australia, Canada and Japan.

It scored with our other test US platforms, too, working with both Amazon Prime Video and Disney Plus.

The good news kept coming, too. Not only did Hide.me unblock BBC iPlayer, ITV and Channel 4 in the UK, but it delivered with Australia’s 9Now and 10 play, too.

That’s a perfect 100% unblocking score, a great result. Hide.me did just as well in our last review, too, which suggests the company didn’t just get lucky – it’s working hard to unblock everything possible, and then make sure those services stay available long-term.

(If you plan on testing Hide.me for yourself, keep in mind that you only get this level of success from the paid product – the free plan doesn't support unblocking streaming sites.)

We used several different speed testing services to help determine Hide.me's performance (Image credit: Speedtest.net)Performance

We assess VPN speeds by running multiple automated speed tests using several platforms including SpeedTest's website and command line app, Measurement Lab, and Cloudflare.

Hide.me’s data center results were pleasantly unexpected. WireGuard speeds reached a decent mid-range of 580Mbps and switching to regular OpenVPN got us an above average 260Mbps. Using OpenVPN with Hide.me's Bolt got us an amazing 950Mbps.

That's a huge achievement, but there's an important point to keep in mind. Bolt is only available in the Windows app. If you're using Bolt on any other platform, performance is going to be more ordinary, though still very acceptable for most purposes. Would you really be upset if your VPN 'only' managed 580Mbps? Didn't think so.

Hide.me review: Final verdict

Hide.me boasts some seriously impressive speeds and works like a charm when it comes to unblocking services – narrowly missing out on a perfect score. However, other big-name providers have more intuitive apps and a better roster of features, meaning Hide.me remains a half-step behind the competition.

Windscribe is one of the best all-rounders in the VPN market. It's got some handy privacy-boosting tools, the speeds you need to enjoy HD streaming, and apps for pretty much every platform out there. So, even though it can't quite match up to today's best VPNs, it's still worth checking out if you're on the hunt for something new.

During our hands-on testing, we were impressed by Windscribe's core features and unblocking power, but we did run into issues with its UI. So, to help you figure out if Windscribe is your match made in heaven, we put its approach to privacy, server network, and overall value for money to the test. Keep reading, and let's dig in.

Features

Windscribe boasts a generous spread of servers across 69 countries, and 134 cities, all over the world. That's a decent spread that'll suit most people's geo-spoofing needs, but it's worth noting that NordVPN has it beat with coverage in 118 countries.

There's a Windscribe for every device out there, too, which is exactly what we like to see from today's most modern providers. Windscribe is compatible with Windows, Mac, Android, iOS, and Linux, with feature and UI parity remaining consistent across all of its apps. Plus, if you're looking for a more lightweight option that still packs a privacy-boosting punch, there are also browser extensions available for Chrome, Firefox, and Edge.

In terms of VPN protocols, Windscribe ticks all the right boxes, offering a choice between IKEv2, OpenVPN, and WireGuard. Industry-standard AES-256 encryption also ensures that your web traffic is kept safe from cybercriminals and snoopers, while stealth technologies try to obfuscate your VPN usage, perhaps allowing you to get online even in countries that actively block VPN traffic.

ROBERT is Windscribe's DNS-backed tool to help users block ads, malware, trackers and more (Image credit: Windscribe)

The powerful apps look great and are easy to use for beginners but also include many advanced features including split tunneling (on the desktop as well as mobile devices), MAC address spoofing (a clever way to reduce the chance of being tracked), versatile auto-connect rules, full IPv6 support, and even a command line interface to automate the VPN from scripts.

ROBERT is Windscribe's DNS-based tool for blocking ads, malware, trackers, and various internet content types like gambling, porn, fake news, clickbait, and so on. How effective is it? We'll take a look later.

There's no 24/7 support but Windscribe does have a decent web knowledge base and a helpful support chatbot. You can raise a ticket if you need more advice, and in our experience, replies are detailed and helpful.

New features include Encrypted Client Hello (ECH) that can bypass SNI filtering so others can't try to view or maybe block the domains you're trying to access.

While many VPNs offer no control over DNS at all, Windscribe allows you to define which DNS to use when the VPN is connected or disconnected. The latest addition includes support for DNS-over-HTTPS, and as Windscribe also runs Control D (a very configurable DNS service, with a free plan) we expect to see more related features appear over time.

The Android app has a new ‘Decoy Mode’ which is an interesting privacy feature (Image credit: Windscribe)

In addition to paid plans, Windscribe also offers a very generous free plan (Image credit: Windscribe)Windscribe pricing

Windscribe's free plan offers a generous 10GB of data transfer a month if you register with your email address, and 2GB if you don't. You're limited to 11 countries – North America, across Europe, and Hong Kong – but that's still far better than some (Hotspot Shield and a few others don't give you any choice of locations at all).

Upgrading to a commercial plan gets you unlimited data and access to all 110 locations.

One of our favorite things about Windscribe is the fact that it gives users unlimited simultaneous connections to play with. So, if you have a lot of devices you need to protect, or want to share your account with friends and family, you only need to pick up a single subscription. It's great value for money that you don't see everywhere.

Prices are fair. Monthly billing is only $9 – many VPNs charge $10-$13. Pay for a year upfront and the price falls to an equivalent $5.75. That's not cheap but it's within the range we expect for a premium VPN, and it's still far lower than some. ExpressVPN and Hide.me both ask $8.32 a month on the annual plan, NordVPN charges $8.29 from the second year.

If low prices are top of your priority list, though, there's money to be saved elsewhere. As we write this, Private Internet Access has a three-year plan that's only $2.03 a month for the first term, while Ivacy's five-year offering is only $1 a month. Sure, we don't like long-term contracts either, but look at the totals. Hand over $69 to Windscribe and you get one year of protection. Give Ivacy $60 and you're covered for five.

Windscribe does offer a 'Build a Plan' scheme that cuts costs by allowing you to buy only the locations you need for $1 each. Each location adds 10GB to your free bandwidth allowance, and your plan must have a minimum of two locations.

For example, providing your email address gets you 10GB of data a month. Add the US and UK locations, and you'll get 30GB of data for $2 a month. You can upgrade to unlimited data for another $1, or a total of just $3 a month, and that's billed monthly. No need to sign up for years.

If you only use a VPN for occasional short trips, say, that looks like a great deal. Surfshark's monthly-billed plan is more than four times as expensive at $13, for instance – okay, that's the full service with all the locations, but if you don't need them, who cares?

Another option, ScribeForce, enables signing up a group of users (a business, a family) with the same account. There's a five-user minimum, but you'll pay just $3 each, billed monthly, for access to the full and unrestricted service.

Unusual add-ons include static IP addresses. Adding a US or Canadian residential IP costs $8 a month (data center IPs are $2) and could greatly improve your chances of accessing any blocked sites, and enable connecting to IP-restricted business and other networks. Once you have a static IP, you can also enable port forwarding in the Windscribe web console.

Whatever your preference, Windscribe supports payments via card, PayPal, Bitcoin, and other cryptocurrencies via CoinPayments.net, along with gift cards and assorted other options via Paymentwall.

Windscribe doesn't have the lowest headline prices, then, but it's fairly priced for the features on offer, and there are huge savings to be made if you're covering multiple users.

There is a small catch in Windscribe's money-back guarantee, which only covers you for three days and if you've used less than 10GB of traffic. So, if you think that might be an issue, download and try the free version before you buy to make sure it delivers what you need.

Windscribe protects your privacy with AES-256 encryption and doesn't keep logs (Image credit: Windscribe)Privacy and logging

Windscribe's privacy features include strong AES-256 encryption, SHA512 authentication, a 4096-bit RSA key, and support for perfect forward secrecy (keys aren't re-used, so even if a snooper gets hold of a private key, it will only allow them to view data within one session).

The apps use multiple techniques to reduce the chance of data leaks, including redirecting DNS requests through the tunnel to be handled by the VPN server, and optionally using a firewall to block all internet access if the connection drops.

We checked Windscribe's performance on a Windows 10 system using the websites IPLeak, DNSLeakTest, and DoILeak and found no DNS or other leaks.

Windscribe claims its ROBERT DNS filter can protect your privacy by blocking trackers, but how well does it work? We connected to our nearest server, then tried accessing 156 common trackers, and ROBERT blocked 147. That's one of the best results we've seen. ROBERT did even better at keeping us away from malicious sites, and the ad blocker scored an excellent 93% (most VPN ad blockers managed 40-90%.)

We enabled the Windows app's firewall (similar to a kill switch) and began using various tricks to forcibly close the VPN connection and see what happened.

We found the app didn't display a notification to warn that we'd been disconnected. If it wasn't able to reconnect immediately, that might leave the user with no internet, and no idea why.

This situation probably won't last long, though, as the app tries to reconnect as soon as it spots the problem, and we were typically online again within a few seconds. This may be a small usability issue, but in privacy terms, the client worked perfectly, handling every oddball situation we threw at it and always protecting our traffic.

Windscribe's stance on logging is covered in a clearly written and refreshingly short privacy policy which explains what the company does and doesn't collect.

There's a tiny amount of very minimal long-term logging, but it's limited to the total bandwidth you've used in a month (essential to manage usage on the free plan), and a timestamp of your last activity on the service to allow identifying inactive accounts.

The system collects some connection details – username, VPN server connected to, time of connection, bandwidth used during the session, number of devices connected – but these are held in the VPN server's RAM only, and are lost when the session closes.

Other than that, there is no logging of connections, IPs, timestamps or browsing history. Or as the privacy policy puts it, 'we do not store any logs on who used what IP address, so we cannot tie user activity to any single user.'

Here is some of the data from Windscribe's transparency report (Image credit: Windscribe)

As there is no data on your activities, Windscribe points out that there's nothing to share. This is backed up by a transparency report which covers the numbers of DMCA and Law Enforcement data requests over the year, and in both cases states that: 'Exactly zero requests were complied with due to lack of relevant data.'

This is all good, but we would like to see Windscribe go further. Many VPNs have had their systems publicly audited to check for logging or other privacy issues, and that gives far more reassurance to potential customers than comforting words on a website. We hope that Windscribe (and all other VPN providers for that matter) will soon do the same.

In June 2023, Windscribe's Co-Founder and CEO, Yegor Sak, was hit with a lawsuit in connection with alleged offences committed by an unknown user. Fast forward to April 2025, and the case was dismissed in court due to a lack of evidence, becoming a landmark victory for no-log VPNs as law enforcement bodies increasingly pressure VPNs to keep lawfully accessible records of user records.

In the meantime, it's worth remembering that Windscribe gives you 2GB of data per month, for free, without requiring an email address or any other personal data. If you're just looking to protect email and basic browsing, and can live with the data limit, this automatically gets you more guaranteed anonymity than you'll have with almost everyone else.

Speed testing is an important part of any VPN review (Image credit: Speedtest.net)Performance

Our performance tests involved connecting to the nearest Windscribe locations from both a UK data center and US location, each with 1Gbps test connections. We then measured download speeds using benchmarking services including SpeedTest (both the website and command line app), Cloudflare, Measurement Lab, and more. We ran each test using at least two protocols and in both morning and evening sessions.

Crunching the numbers revealed excellent OpenVPN speeds of 270-330Mbps, more than twice what we see with many providers.

Switching to WireGuard accelerated speeds to a blistering 950Mbps+, essentially maxing out our test connection. That puts Windscribe alongside NordVPN, Surfshark, and IPVanish at the top of our performance charts.

We can only measure the speeds for our test locations, of course, and you may see different results. If performance is a top priority for you, using the free version gives you the chance to check local speeds (from the 11 free locations) without as much as handing over your email address.

Alternatively, Windscribe's 'Build A Plan' option could give you a month of unlimited traffic to a couple of locations for only $3, a low-priced way to run all the intensive speed testing you need.

Windscribe was able to unblock Netflix for all but one of the regions we tried (Image credit: Netflix)Netflix and streaming

Connecting to a VPN server in another country may, in theory, allow you to access content you wouldn't otherwise be able to view.

Unfortunately, it's not always that simple, as many content providers now attempt to detect and block visitors they think are using a VPN.

To test a VPN's unblocking abilities, we log into at least three Windscribe servers in the US, UK, Australia, Canada, and Japan, then try to access local Netflix content and other streaming services.

Windscribe scored full marks in our UK tests, getting us into BBC iPlayer, ITV, and Channel 4.

The perfect record continued in Australia, as we managed to stream TV from 9Now and 10 Play.

Windscribe followed up by unblocking US Disney Plus, and allowing us to stream whatever we liked. The good news finally ended with US Amazon Prime Video, which detected our VPN use and locked us out.

Windscribe still managed to end on the highest of high notes, though, by unblocking every Netflix library we tried: the US, UK, Australia, Canada, and Japan.

Failing only one of our test sites is a very impressive result. If only a 100% track record will do, though, ExpressVPN, NordVPN, Private Internet Access, ProtonVPN, PureVPN, and Surfshark all unblocked every one of our test services in their last review.

• Save yourself a packet with our exclusive Windscribe offer here

Windscribe fully supports P2P and torrenting (Image credit: BitTorrent)Torrents

VPN providers generally don't boast about their torrent support, and it can be a challenge to figure out what you're allowed to do. TunnelBear was so quiet about its P2P policy that we had to email tech support to ask.

Windscribe is much more open and transparent. Just point your browser at the company's Status page and you'll see its full list of locations, which of them support P2P (most) and which of them don't (India, Lithuania, Russia, and South Africa, at the time of writing).

Your options are just as clear in the Windscribe apps. Locations where torrents aren't allowed are marked with the same crossed-out 'P2P', but select anything else and you can download whatever and whenever you like.

We don't like to take a provider's website promises for granted, even when they're from a VPN we trust, so we tried downloading torrents from three P2P-approved servers. Everything ran smoothly, and our downloads completed with no connection or performance issues at all.

Factor in Windscribe's free plan and various anonymous payment options (cryptocurrencies, gift cards), along with its decent performance levels, and the company makes a great torrenting choice.

Windscribe offers clients for most major platforms (Image credit: Windscribe)Client setup

Tapping the 'Get Started' button on the Windscribe site took us to the Download page. The website detected and highlighted the best choice for our laptop – the Windows client and Chrome extension – but there were also links to downloads for Mac, Android, and iOS, extensions for Firefox and Edge. Plus guides to cover setup on routers, Linux, Kodi, Amazon Fire TV, and other devices.

Still not enough? No problem. Paying customers get tools to build custom configuration files for OpenVPN, WireGuard, and IKEv2. These can be used to manually set up connections with third-party apps, routers, and more.

Installing the Windows app is easy. You're able to create an account just by entering a username and password, which gets you 2GB of data a month. Hand over your email, too, and you get 10GB. Tweet about Windscribe, just once, and you get an excellent 15GB a month forever (not just a one-off.)

To put all that in perspective, TunnelBear's generosity stops with a 2GB monthly data allowance, and Avira Phantom VPN's free package gives you a tiny 500MB.

• Check out our exclusive Windscribe offer

Windscribe's Windows app features a smartly designed interface (Image credit: Windscribe)Windows app

Windscribe's Windows app has real visual panache, with rounded corners and classy flag backgrounds (check the screenshot above) to highlight your current location.

It's more cluttered than most, with plenty of text, icons, and buttons crammed into a very small space, but there's also been real thought put into the design and overall it works well. Hover your mouse over an icon, for instance, and a tooltip explains what it's about.

Windscribe's full location list shows you countries to begin with, which can be expanded to view available servers (Image credit: Windscribe)

The app displays your current protocol and port, always helpful, but it's not just a static label. Click it and you can change the protocol and settings to whatever you need. The app even offers to set the protocol as a default for that network. So, if you have to use one protocol to get online at the library and another at the coffee shop, you don't have to change them manually. Once you've connected, allow the app to save your settings for that network, and it'll automatically connect next time.

Tapping Locations displays the full location list. This opens with a list of countries and you can expand any of these to view its available servers. Each server has a latency indicator to help you find the fastest option. You can also mark countries as Favorites, displaying them at the top of the list for zero-scroll reconnections later.

The Windows client has lots of useful expert-level settings (Image credit: Windscribe)

The interface is very configurable. You can order locations by alphabet, latency, or location. You can even display latency as bars or figures, have the interface docked or a free-floating window, display notifications for events or hide them, and the list goes on.

There are many interesting connectivity features, and these are often as tweakable as the UI.

Windscribe gives you plenty of choices when it comes to VPN protocols (Image credit: Windscribe)

Supported protocols include WireGuard, OpenVPN, IKEv2, Stealth, and WStunnel, connection times were speedy at 1-2 seconds, and the app uses helpful notifications to tell you when you're connected, and when you're not.

OpenVPN is securely configured with AES-256-GCM encryption and SHA512 authentication. We couldn't find any issues with Windscribe's WireGuard setup, and it's good to see IKEv2 connections that don't store your credentials and are configured to use maximum-strength encryption so that they're not vulnerable to theft.

Split tunneling allows you to decide which traffic is routed through the VPN, and which bypasses it. Unlike most VPNs, this isn't just for apps, you can set up rules for specific IP addresses and host names, too.

Unusual extras include the ability to set up your device as a Wi-Fi hotspot (if your OS and network adapter supports it), or as a proxy gateway for use by TVs, gaming consoles, or anything else that can work with a proxy server.

One surprising feature is that Windscribe's desktop clients can import custom OpenVPN and WireGuard configuration files from other providers, and then display those servers alongside their own. If you use another VPN but its app is underpowered, you might be able to use Windscribe's instead. You don't need a subscription.

There's a lot to like here, especially for advanced users who like to tweak every aspect of their VPN. If you can find the settings you need, that is. We got lost several times scrolling up and down, clicking various icons, opening drop-down lists, and generally trying to figure out what's what.

If you're happy with the basics, the good news is you won't even see most of the complexities unless you go looking. As long as you can choose a country from a list and click a Connect button, Windscribe's apps will work just fine.

Windscribe's Mac app is an impressive piece of work (Image credit: Windscribe)Mac app

If you're a Mac user then you'll doubtless be very familiar with VPN providers largely ignoring all your needs, saving their best features for Windows and leaving you with the bare minimum. But here's some good news: Windscribe hates that approach just as much as you do, and its Mac app is as close a match to the Windows edition as anyone could expect.

Take the interface, for instance. There are no pointless variations, no 'do it this way on Windows, but that way on Mac' rules to remember. It's the same stylish look, the same icons, the same main menus, and almost the same options, all in the same order.

Mac VPN apps generally don't have as many advanced features as Windows, mostly because Apple's security model doesn't give them as much control over your device. Seems like no-one told Windscribe this, though, because its Mac app has all the key features we saw on Windows: WireGuard support, the firewall (kill switch), custom DNS settings, MAC spoofing, split tunneling, port and protocol options, network allow-listing, proxy support and more.

If your VPN needs are simple, or you're just not interested in the low-level tech, all this power might sound intimidating. No need to worry, though: unless you click the Menu icon and go exploring, you'll never even know these options are there.

Whether you fine-tune every setting or ignore them entirely, the Mac app is generally very easy to use. Tap the On/Off button and you're speedily connected to your nearest server, then tap again to disconnect, and there's a list of other locations if you need them.

The app still looks a little more complex than some of the competition, just because it has more icons, buttons and status information. But, generally, it's a well-designed mix of functionality and ease of use, and a must-see for any Mac user looking for a little extra power.

The mobile apps are good, too (Image credit: Windscribe)Mobile apps

Windscribe's Android app follows a similar design to the Windows version, with the same gorgeous background flags, the big On/Off button, and details on your new IP and preferred protocol.

A list of countries (expandable to city level) makes it easy to find the server you want. You can switch to list Favorites and specialist Streaming locations. There's also a Custom Config list that might enable using other VPN servers with Windscribe's interface and features.

A comprehensive Preferences screen comes absolutely stuffed with features. The Connection panel alone enables choosing between WireGuard, OpenVPN UDP, TCP, IKEv2 or Stealth, and selecting your preferred port, as well as choosing which apps use the VPN, and which don't (split tunneling). It also provides integration with Android's Always-On feature to let you set up a system-wide kill switch, or enable GPS spoofing, define a packet size, allow or block local network traffic, and more.

A Network Whitelisting tool enables automatically connecting to Windscribe whenever untrusted networks are accessed while ignoring others. So, for instance, you can configure the service to automatically connect when you access Wi-Fi on the train, but stay offline when you're at home or work.

Windscribe's iOS app earned bonus points immediately for an unusual privacy plus. The app detects your external IP and network but can blur them, ensuring you won't give away clues to your identity if you share a screenshot.

Although the app can't match the Windows edition for power, it still has wide protocol support, kill switch, and ad, malware, and content blocking. That's already outperforming most iOS apps, but it's Windscribe's more unusual options that really help it stand out from the crowd. Most VPN apps can't access servers from another provider, for instance, or allow you to set a preferred protocol depending on the network you connect to.

• Grab our exclusive Windscribe deal here

Windscribe even offers browser extensions for most popular web browsers (Image credit: Windscribe)Browser extensions

Windscribe's Chrome, Edge, and Firefox extensions provide a quick and easy way to connect to the VPN from your browser. This has its limitations – they're simple proxies and only protect your browser traffic – but if you only need the VPN for basic browsing tasks, they're your most convenient and straightforward option.

The extensions make an immediate positive impression, courtesy of a stylish interface along the lines of the desktop and mobile apps. The basic operations work much as you'd expect. Autopilot mode enables connecting to the best location with a click, you're able to choose countries or individual cities from a list, and set your most commonly used cities as Favorites.

There are some nifty privacy features with the extensions (Image credit: Windscribe)

Need more? The extension can block WebRTC leaks, fake your GPS location, time zone, and language to match your chosen Windscribe server, keep switching your browser user agent to make you more difficult to track, stop websites begging you to let them show notifications, and even delete first or third-party cookies when you close the tab.

The browser extensions support Windscribe's ad and malware-blocking tool ROBERT, even for free users. Known malicious and phishing sites, bandwidth-sapping ads, trackers, social media widgets, and other nasties can all be exterminated in a click or two.

The sheer volume of options can make the extensions look complicated but Windscribe does a lot to help. A small start-up tutorial explains which buttons do what, and a useful additional introduction is that the many settings each have a sentence or two describing what they're all about.

Put it all together and this is a very capable extension that delivers far more than you'll get with other VPN providers, and even many standalone Chrome privacy extensions. Don't just take our word for it – the excellent 4.7 rating on the Chrome store suggests most users agree.

Windscribe has a knowledgebase but it's rather lacking (Image credit: Windscribe)Support

If you have any technical troubles, Windscribe's support site is a good place to begin looking for answers. Resources start with collections of articles on common topics, including 'getting started' guides, technical troubleshooting, billing questions, and some general FAQs.

These tutorials don't always have the range and depth we'd like, but they more than cover the basics. The Android setup guide doesn't just say ‘go install the app at Google Play', for instance, as we often see with lesser providers. It quickly explains what a VPN is for, gives a link to the Play Store, an alternative direct APK download if you need it, and covers the setup and usage basics, complete with helpful screenshots.

If your problem isn't covered by the website, you can always contact support directly via a ticket system (there's no live chat). In our experience, replies can sometimes take around a day to arrive. When they do, they're friendly, accurate, and complete. We think they're generally well worth the wait.

Windscribe review: Final verdict

Windscribe is a likable VPN, with good-looking and powerful apps, expert-level features, and one of the most generous free VPN plans around. The array of advanced options and settings means this probably isn't the best choice for newcomers or anyone only looking for the VPN basics. If you're unsure about Winscribe, there's an easy and risk-free way to find out for sure. Just install the free version and see how it works for you.

• We've also highlighted the best VPN

• The Fantastic Four: First Steps director has responded to criticism of its visual effects
• Matt Shakman gave a polite but abrupt reply to fans who've reacted negatively
• Critics who've seen the Marvel movie are unanimous in their praise of its CGI

Matt Shakman has given a blunt response to anyone who's reacted negatively to The Fantastic Four: First Steps' visual effects (VFX).

Speaking to TechRadar, the Marvel movie's director gave a polite albeit direct 10-word reply to fans who've said they're less than impressed by some aspects of the film. Of particular note is its computer generated imagery (CGI) and special effects, which have come in for some criticism since the first trailer for First Steps was released in February.

For one, reactions to Reed Richards' elastic superpowers and the Silver Surfer's aesthetic, both of which were unveiled in First Steps' official trailer, were mixed when said footage dropped in April. Then there's those who initially found fault with how The Thing looks. Oh, and let's not forget how many folks hit out at how Giganto, one of the first villains that The Fantastic Four fought in the comics and who's expected to appear in First Steps, looked in a *checks notes* promo tie-in advert for the Little Caesar's restaurant chain.

Ahead of the Marvel Phase 6 film's release, I asked Shakman for his thoughts on said criticism and whether he and First Steps' hundreds-strong VFX team felt weighed down by it.

"I think the visual effects look beautiful in this movie," he replied frankly.

Initially, some people weren't enamored with The Silver Surfer's look (Image credit: Marvel Studios)

Now, some readers might think Shakman is dodging the question and/or giving a stock answer that tows the company line.

However, numerous individuals who've already seen one of the most anticipated new movies of the year, including critics, have reacted positively to the VFX in the final cut. Threads on the r/MarvelStudios and r/MarvelStudiosSpoilers sub-Reddits are full of social media posts from journalists praising the CGI and other special effects, so it seems the initial negativity to these elements of the film was overexaggerated.

Okay, the reactions in the aforementioned Reddit threads are just a fraction of those who've seen the final Marvel Cinematic Universe (MCU) movie of 2025. Nonetheless, the fact that there's people hailing First Steps' VFX is evidence that it's not as bad as some fans feared, and that it just needed a little polish and refinement ahead of launch.

You can judge for yourself when the latest Fantastic Four big-screen reboot arrives in a cinema near you on Friday, July 25. In the meantime, read my definitive guide to The Fantastic Four: First Steps or check out the section below for more pre-release coverage of the forthcoming superhero flick.

You might also like

• The Fantastic Four: First Steps cast and character guide: Pedro Pascal, Vanessa Kirby, and who else you'll see in the Marvel movie
• The final trailer for The Fantastic Four: First Steps is here – and I'm growing increasingly concerned about one character's fate in the Marvel movie
• The Fantastic Four: First Steps is reportedly getting a sequel – and it isn't the only thing I've just learned about my most anticipated Marvel movie of 2025

Dr. Nick Maynard tells NPR he's treating children shot at food distribution sites and witnessing what he believes is the systematic destruction of Gaza's civilian infrastructure.

(Image credit: Eyad Baba/AFP via Getty Images)

Texas lawmakers begin a special session Monday. Republicans want to redraw congressional districts in order to skew voting results so the GOP wins more seats. Trump favors the idea.

Viltrox AF 35mm f/1.2 LAB FE: one-minute review

Professional lenses typically offer the best image and build quality, but at a cost. Plus, when thinking about features on prime lenses, most are fairly straightforward despite the aforementioned characteristics. One of two lenses bucking this trend is the Viltrox AF 35mm f/1.2 LAB FE, the other being the Viltrox AF 135mm f/1.8 lens.

The latter is available for both Sony E and Nikon Z mount, with the 35mm soon to be available for Z mount, too. The thing I love about these lenses is that, despite being primes they're surprisingly feature-packed, and are available at extremely attractive prices.

The 35mm f/1.2 LAB costs just $999 / £959 at Amazon, which is an amazing price for what you get (if you're buying from Australia you can purchase the lens in USD.) This price is especially impressive when the slower Sony FE 35mm f/1.4GM is considerably more expensive. The Sony is, of course, a flagship G Master lens, which may suggest superiority, but the 35mm f/1.2 LAB holds up well by comparison.

That extra 1/3 stop of light-gathering capability makes a difference in two ways. First, it makes the lens better for astrophotography. Second, it produces a beautifully shallow depth of field. Detail is also impressively sharp wide open at f/1.2, so for portraiture and astrophotography this is a truly stunning lens.

Image 1 of 3

(Image credit: James Abbott)Image 2 of 3

(Image credit: James Abbott)Image 3 of 3

(Image credit: James Abbott)

• Check out more of the best Sony lenses

Viltrox AF 35mm f/1.2 LAB FE specsViltrox AF 35mm f/1.2 LAB FE specs

Type:

Standard prime

Mount:

Sony E mount (Nikon Z coming soon)

Sensor:

Full-frame

Focal length:

35mm

Max aperture:

f/1.2

Minimum focus:

13.4 inches / 34cm

Filter size:

77mm

Dimensions:

3.51 x 8.80 inches / 89.2 x 121.8mm

Weight:

32.5oz / 920g

Viltrox AF 35mm f/1.2 LAB FE: Design

• Digital color screen
• Large and heavy for a 35mm lens
• Excellent build with weather sealing

Most prime lenses are fairly simple in their design, relying on their fast maximum apertures and excellent image quality to act as the main selling points. The 35mm f/1.2 LAB certainly follows suit here, but it also has a few tricks up its sleeve that set it apart from other primes. It’s also a beast of a lens, at 3.51 x 8.80 inches / 89.2 x 121.8mm and weighing32.5oz / 920g.

It’s certainly nowhere near as large and heavy as the 135mm f/1.8 LAB lens, but it’s close to double the weight of the Sony FE 35mm f/1.4GM and is slightly larger. The fact that it's an f/1.2 lens is a contributing factor, but Viltrox LAB series lenses do seem to be pretty hefty, to say the least.

Both lenses are made of aerospace-grade magnesium-aluminum alloy with a die-coating, so they have a premium look and feel alongside being of an extremely high build quality. Plus, the lenses feature a dust and moisture-resistant construction, making them perfect for outdoor photographers.

The filter thread is 77mm, so not too large and ideal for both circular and square filters, while the 11-blade aperture produces smooth bokeh with circular highlights. The minimum focusing distance is 13.4 inches / 34cm, which isn’t the shortest you'll find but is still pretty good.

Image 1 of 3

(Image credit: James Abbott)Image 2 of 3

(Image credit: James Abbott)Image 3 of 3

(Image credit: James Abbott)

As mentioned, despite being a prime lens, the 35mm f/1.2 LAB is fairly feature-packed. It has a customizable multi-function ring, which by default is set to control the aperture, with clicked and clickless operation selectable using a switch.

There are also two customizable Fn buttons and a small color digital screen that shows the focus distance, aperture, and the active Fn button. The screen can, alongside the Fn and multi-function ring, be customized by connecting the lens via Bluetooth to the Viltrox Lens app.

Since this is a third-party lens, firmware updates and customization can’t be applied in the same way as OEM lenses. But, with the lens unattached from a camera, it can be powered via a USB-C port on the lens mount and then connected to the app. This works incredibly well; a firmware update was required during testing and only took a few minutes to complete.

The ability to personalize the controls is extremely useful for tailoring the lens to the way you like to shoot. I was quite happy with the default configurations, so although I looked at the options available in the app, I left everything as it was.

Viltrox AF 35mm f/1.2 LAB FE: Performance

• Excellent image quality overall
• Impressive sharpness at f/1.2
• Sharpest at f/8

The image quality produced by this lens is sensational, with incredible sharpness and detail wide open at f/1.2. Sure, with this lens you’ll need to stop down on some occasions, but most people want a lens like this for that fast maximum aperture, and the 35mm f/1.2 LAB is incredible when shooting wide open. It’s not perfect, but it’s seriously impressive.

The 35mm f/1.2 LAB produces exceptional center sharpness at f/1.2, and while extreme corner sharpness is quite soft, edge sharpness is excellent. Corner sharpness increases gradually as you get closer to the center of the frame and as you stop down the aperture, with f/4 showing greatly improved extreme corner sharpness.

Overall sharpness continues to improve up to f/8, which, like many lenses, is the sweet spot at which most detail is resolved and the overall image produced is sharpest. Beyond f/8, diffraction begins to come into play, with f/11 providing slightly less sharp images, and f/16 exhibiting the least sharp results.

Image 1 of 7

(Image credit: James Abbott)Image 2 of 7

(Image credit: James Abbott)Image 3 of 7

(Image credit: James Abbott)Image 4 of 7

(Image credit: James Abbott)Image 5 of 7

(Image credit: James Abbott)Image 6 of 7

(Image credit: James Abbott)Image 7 of 7

(Image credit: James Abbott)

Vignetting is most visible at f/1.2 as you’d expect, and becomes less noticeable until f/2, where it almost disappears, and completely disappears at f/2.8. This is normal for a prime lens, and it’s not an issue at all because vignetting is easy to remove with software.

There isn’t a profile available in Adobe Lightroom yet since this lens is still relatively new after an April 2025 release, so any corrections currently have to be made manually. Chromatic aberration is minimal, with only the tiniest amount of fringing visible, and this was easily removed.

Autofocus performance is fast and precise, with the lens locking onto subjects quickly and silently. The AF 35mm f/1.2 LAB features Quad Viltrox HyperVCM motors, which Viltrox claims provide 150% faster AF than STM motors. I couldn’t perceive a difference in speed.

The lens also supports subject recognition, which I tested by using people/eye recognition to shoot portraits wide open. This worked exceptionally well, with perfectly sharp eyes and a dramatic fall-off in depth of field.

Should you buy the Viltrox AF 35mm f/1.2 LAB FE?Buy it if...

You’re on a budget

Considering the image quality, build quality and features alongside the amazing price, this lens is an absolute bargain.

You shoot astrophotography

35mm is a great focal length for astrophotography, and the fast f/1.2 maximum aperture enables lower ISO settings for improved image quality.

You shoot portraits

35mm is also a great focal length for environmental portraits, and the sharpness available at f/1.2 is outstanding.

Don't buy it if...

You’d like a compact and lightweight lens

The 35mm f/1.2 LAB is a chunky and fairly weighty lens. There are lighter and more compact alternatives available, although they're also slower.

You need versatility

Primes typically offer the best image quality and faster maximum apertures, but zoom lenses are, by their nature, more convenient and versatile.

You shoot APS-C

If you shoot with an APS-C camera, there are more appropriate Viltrox lenses available to you, including the Viltrox AF 27mm f/ 1.2 Pro, which is almost half the price.

How I tested the Viltrox AF 35mm f/1.2 LAB FE

• I tested it over several weeks
• I used it to capture multiple subjects
• I tested it with an unforgiving Sony A7R V

I tested the Viltrox AF 35mm f/1.2 LAB FE over several weeks attached to an unforgiving Sony A7R V, shooting a range of relevant subjects and using different aperture settings to test sharpness and distortion. I shot both static and moving subjects to test autofocus performance.

With 30 years of photographic experience and 17 years working as a photography journalist, I’ve used many of the cameras and lenses that have been released in that time. As a working photographer, I aim to test cameras and lenses from a photographer’s point of view.

• First reviewed July 2025

President Trump plans to levy a 50% tariff on all goods from Brazil — the source of about 30% of U.S. coffee imports. This looming tariff threat has sent shock waves through the U.S. coffee industry.

(Image credit: Claire Harbage)

Trump released his video message to newly naturalized citizens. He welcomes them to the "national family," adding that they have a responsibility to "fiercely guard" and preserve American culture.

(Image credit: David L. Ryan)

The Legislature will look at proposals for emergency preparedness in a special session that was already planned over hemp laws. A bill to help build emergency systems failed in the spring.

(Image credit: Jacquelyn Martin)

A poll of parents last fall found 40% of teens consumed some type of protein supplement in the past year. Boys took it to bulk up; girls took it to replace meals.'/>

Teenage boys especially are getting lots of messages — from peers and from social media — about the power of protein supplements. Doctors caution there can be too much of a good thing.

(Image credit: Huizeng Hu/Moment RF)

The "Safer Beauty Bill Package" would ban the most toxic ingredients in everyday cosmetics and create protections for the women of color and salon workers who are disproportionately exposed to them.

(Image credit: Nadia Audigie)

With more than $2 billion dollars in federal research grants at stake, the two sides will argue before a federal judge as the university pushes back on the administration's demands.

(Image credit: Jesse Costa)

Every organization claims security is a priority, yet 91 percent of Security and IT leaders admit they’re making compromises in their security strategies. In today’s environment, compromise has shifted from a failure point to a functional reality of modern enterprise.

Pressed to deliver agility, reduce cost, and keep up with the exponential demands of AI, security teams are being forced to make trade-offs they once would have rejected outright. Visibility is sacrificed for speed. Data quality is sidelined in the rush to deploy. Tools are added faster than they can be integrated. And all of it unfolds under the guise of “acceptable risk,” a term that now shifts depending on the urgency of the business goal at hand.

This is not a story of negligence; it’s one of systemic strain and of an urgent need to reset. As hybrid cloud environments grow more complex and threat actors grow more sophisticated, enterprises must confront an uncomfortable truth: the more compromise becomes routine, the harder it becomes to manage what comes next.

This article explores the consequences of this normalization, the fractures it is creating across the security landscape, and why visibility must be the foundation for regaining control in a world increasingly shaped by AI.

The business of compromise

Security leaders are not compromising out of carelessness. They are making calculated decisions under pressure. With cloud computing environments expanding, AI deployments accelerating, and infrastructure growing more fragmented, the operational burden on security teams is exceeding what existing tools and architectures were built to handle.

When asked where they are making trade-offs, the answers are telling. Nearly half of respondents to our 2025 Hybrid Cloud Security Survey say they lack clean, high-quality data to support secure AI workload deployment. The same proportion report insufficient visibility across their hybrid environments, particularly in lateral traffic, which remains one of the most critical yet overlooked areas for threat detection. Another 47 percent point to tool integration as a key area of compromise, highlighting the strain of managing sprawling tech stacks that fail to deliver cohesive insight.

These issues strike at the foundation of any viable security strategy. Without comprehensive visibility, detection becomes reactive. Without reliable data, AI initiatives carry unquantified risk. Without integrated tools, signal fragmentation makes it difficult to prioritize threats, let alone respond effectively.

The perception of risk is also changing. Seventy percent of Security and IT leaders now consider the public cloud to be their most vulnerable environment, citing concerns over governance, blind spots, and the difficulty of maintaining control across distributed architectures. This represents a departure from the early optimism that once accompanied widespread cloud adoption.

In this climate, compromise has become operationalized. What was once a contingency is now a constant, and the consequences extend far beyond tactical inconvenience. Each trade-off introduces ambiguity into risk calculations, increasing the likelihood that a blind spot becomes a breach. The underlying challenge is not just about resources or tooling. It is about the quiet erosion of standards that were once considered non-negotiable.

Where the cracks are showing

The consequences of compromise are materializing across every layer of the organization. This year, the percentage of organizations reporting a breach rose to 55 percent, a 17 percent increase from last year. Just as concerning, nearly half of security leaders say their current tools are falling short in detecting those intrusions. These failures are not due to a lack of investment. They are the result of environments that have outgrown traditional controls, where more data, more alerts, and more tools do not necessarily translate into better protection.

Tool sprawl is a prime example. Organizations are managing an average of 15 security tools across hybrid environments, yet 55 percent admit those tools are not as effective as they should be. Rather than delivering clarity, this growing stack often introduces friction and gaps. Overlapping capabilities generate noise without insight. And all the while, attackers are adapting faster than defenders can consolidate.

AI tools are compounding the issue. One in three organizations say their network data volumes have more than doubled over the past two years, driven largely by AI workloads. This surge is overwhelming existing monitoring tools and giving threat actors more opportunities to hide in plain sight. Nearly half of respondents report a rise in attacks targeting large language models (LLMs), while 58 percent say AI-powered threats are now a top security concern.

These developments reveal the hard truth that compromises made upstream—in visibility, data quality, and tool integration—are now surfacing downstream in the form of missed threats, delayed response times, and a growing sense that risk is outpacing control.

Visibility as a strategic equalizer

But at its core, the issue is not how much data flows through an environment, but how little of it can be fully understood or trusted. Without clear insight into where data travels and how it behaves, risk remains obscured. Eighty eight percent of Security and IT leaders say access to network-derived telemetry is essential for securing AI deployments, which speaks to a broader shift.

As systems become more distributed and threats more subtle, traditional log-based telemetry is no longer enough. What organizations need is complete visibility into all data in motion, across all environments, at all times.

For CISOs, the implications go beyond threat detection. Without complete visibility, risk management becomes reactive. Security teams operate in the dark, relying on fragmented signals and assumptions rather than intelligence. And when accountability is high, but authority is limited, the gap between what leaders are responsible for and what they can control becomes a vulnerability.

Fusing network-derived telemetry with log data is the only way to close the space between what organizations believe is secure and what is actually at risk. This deep observability is what transforms fragmented environments into something defensible, and what gives teams the situational clarity to not just respond to threats, but to contain them before they escalate.

Just because compromise has become the norm does not mean it has to remain the standard. Risk can be recalibrated, but only if visibility is treated as the foundation for a more resilient, forward-looking security strategy.

We list the best online cybersecurity course.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

José Adolfo Macías Villamar, whose nickname is "Fito," escaped from a prison in Ecuador last year and was recaptured late June. In April, a U.S. Attorney indicted him in New York City on charges he imported thousands of pounds of cocaine into the United States.

(Image credit: Ecuador's Ministry of Interior)