Feed aggregator

Impulse buying can be a good thing when you find a one-of-a-kind and useful gift.

• Experts observe a 19x quarter-over-quarter rise in .es usage for malicious campaigns
• 99% were credential phishing attacks, with 1% relating to remote access trojans
• Microsoft was by far the most commonly impersonated brand

Cybersecurity experts from Cofense have revealed a 19x increase in malicious campaigns using .es domains between Q4 2024 and Q5 2025, making it the third-most abused top-level domain (TLD) after .com and .ru.

Typically reserved for businesses and organizations in Spain, or Spanish-speaking audiences, researchers found nearly 1,400 malicious subdomains across nearly 450 .es base domains between January and May.

An overwhelming majority (99%) of the campaigns involved credential phishing, with most of the remaining 1% delivering remote access trojans (RATs) like ConnectWise RAT, Dark Crystal and XWorm.

.es domains are proving popular for phishing attacks

Although the rise of .es domains in cyberattacks is noteworthy, attack vectors remain unchanged. Malware was seen to be delivered by C2 nodes or spoofed emails, with most (95%) impersonating Microsoft (an attacker's favorite). Adobe, Google, Docusign and the Social Security Administration made up the top-five most commonly impersonated websites. Email lures often mimicked HR and document-related requests.

Interestingly, the malicious .es subdomains were randomly generated, not crafted manually, making them easier to identify as being fake. Examples include ag7sr[.]fjlabpkgcuo[.]es and gymi8[.]fwpzza[.]es.

Despite researchers suggesting that no similarities can be used to link attacks to a single group, 99% of the malicious .es domains were hosted on Cloudflare.

"If one threat actor or threat actor group were taking advantage of .es TLD domains then it is likely that the brands spoofed in .es TLD campaigns would indicate certain preferences by the threat actors," the researchers wrote.

Cofense explained that "significant restrictions" on the usage of .es TLDs were in place until 2005, adding that the recent rise in .es-related attacks could be a cause for concern, marking a new trend exploiting the authority that country-related TLDs unofficially carry.

You might also like

• We've listed the best identity theft protection services
• Keep yourself protected online by installing the best business VPN
• ChatGPT and other AI tools could be putting users at risk by getting company web addresses wrong

• Experts observe a 19x quarter-over-quarter rise in .es usage for malicious campaigns
• 99% were credential phishing attacks, with 1% relating to remote access trojans
• Microsoft was by far the most commonly impersonated brand

Cybersecurity experts from Cofense have revealed a 19x increase in malicious campaigns using .es domains between Q4 2024 and Q5 2025, making it the third-most abused top-level domain (TLD) after .com and .ru.

Typically reserved for businesses and organizations in Spain, or Spanish-speaking audiences, researchers found nearly 1,400 malicious subdomains across nearly 450 .es base domains between January and May.

An overwhelming majority (99%) of the campaigns involved credential phishing, with most of the remaining 1% delivering remote access trojans (RATs) like ConnectWise RAT, Dark Crystal and XWorm.

.es domains are proving popular for phishing attacks

Although the rise of .es domains in cyberattacks is noteworthy, attack vectors remain unchanged. Malware was seen to be delivered by C2 nodes or spoofed emails, with most (95%) impersonating Microsoft (an attacker's favorite). Adobe, Google, Docusign and the Social Security Administration made up the top-five most commonly impersonated websites. Email lures often mimicked HR and document-related requests.

Interestingly, the malicious .es subdomains were randomly generated, not crafted manually, making them easier to identify as being fake. Examples include ag7sr[.]fjlabpkgcuo[.]es and gymi8[.]fwpzza[.]es.

Despite researchers suggesting that no similarities can be used to link attacks to a single group, 99% of the malicious .es domains were hosted on Cloudflare.

"If one threat actor or threat actor group were taking advantage of .es TLD domains then it is likely that the brands spoofed in .es TLD campaigns would indicate certain preferences by the threat actors," the researchers wrote.

Cofense explained that "significant restrictions" on the usage of .es TLDs were in place until 2005, adding that the recent rise in .es-related attacks could be a cause for concern, marking a new trend exploiting the authority that country-related TLDs unofficially carry.

You might also like

• We've listed the best identity theft protection services
• Keep yourself protected online by installing the best business VPN
• ChatGPT and other AI tools could be putting users at risk by getting company web addresses wrong

Years of insufferable summers and five AC units later, I've finally found the only window unit that keeps my home cool (and looks good while doing it).

Ahead of Galaxy Unpacked, Samsung tells CNET what's in store for its upcoming foldables -- and why it's making some key design changes.

Our series on identity theft protection apps will evaluate the features, pricing options, competition, and also the overall value of using each app. However, these are not full hands-on reviews since evaluating identity theft protection apps is almost impossible. It would require several months of testing, purposefully hacking accounts to see if the protection app works, handing over personally identifiable information, performing multiple credit checks, and risking exposure of the reviewer’s personally identifiable information.

Preserving the safety of our identities has become paramount, playing a crucial role in achieving various personal and professional milestones. A secure identity is foundational for maintaining a spotless record, a stellar credit history, and a clean criminal background. These elements serve as the bedrock for financial well-being, enabling individuals to unlock employment opportunities, purchase vehicles and homes, and access bank loans for ventures such as starting a new business. As we navigate this landscape, understanding the implications of identity theft becomes increasingly critical, particularly in light of the surge in online activities we've witnessed in recent years, particularly during the pandemic.

The concept of identity theft is no longer a distant worry; it has become a salient threat that looms over individuals in the digital age. This invasive crime can lead to catastrophic disruptions and financial devastation. Unfortunately, many people harbor the hope that they will never fall victim to such deceit; the stark reality is that identity theft can happen to anyone, regardless of how prudent or careful they may be. Identity theft typically occurs when someone unlawfully acquires and exploits another individual's personal information—such as their name, address, social security number, or credit card details—for fraudulent purposes. The repercussions are often far-reaching and can linger for years, affecting every aspect of a victim's life.

One of the most immediate and devastating impacts of identity theft is the inability to access financial resources. When personal information is compromised, banks and lenders may abruptly deny loans or credit applications, leaving victims in a precarious financial position. This disruption can hinder individuals from purchasing essential items like homes, cars, or securing personal loans necessary for everyday life. Additionally, victims may find their existing financial accounts frozen or compromised, further exacerbating the situation and preventing them from accessing their own hard-earned funds to meet their financial obligations.

Employment opportunities, too, can be negatively affected by the ramifications of identity theft. Many employers conduct background checks as part of their hiring process, and if discrepancies or red flags associated with a victim’s stolen identity are flagged, it can lead to job rejections or even terminations. This loss of income can be particularly devastating, leaving individuals struggling to provide for themselves and their families.

Beyond the tangible financial consequences, the emotional toll of identity theft can be equally devastating. Victims often report feelings of violation, anger, and helplessness as they grapple with the breach of their personal security. The process of restoring one’s identity and repairing damaged credit can be not only time-consuming but also financially burdensome, requiring significant emotional resilience. Moreover, identity theft can foster social isolation, as victims may become wary of engaging in everyday activities that necessitate sharing personal information, eroding their trust in others.

In a world where identity theft poses a significant and growing threat, taking proactive measures to safeguard personal information has become essential for everyone. Individuals can fortify their defenses by employing robust passwords, implementing two-factor authentication on various accounts, and exercising caution when sharing sensitive data online. Regular monitoring of credit reports and bank statements enables timely detection of suspicious activities, serving as an early warning system for potential compromises. Additionally, identity theft protection services offer an extra layer of security, often providing assistance in the event of account breaches and credit restoration.

For those concerned about identity theft, services such as IDShield are worth considering. This product emphasizes fraud intervention by deploying licensed private investigators who act on behalf of victims. By granting them Power of Attorney, individuals can ensure that these professionals navigate the complexities of credit agencies to restore their good name effectively. However, while IDShield offers notable services, there are concerns regarding its efficacy. An ideal identity theft protection app should be more proactive in preventing fraud rather than merely addressing it post-incident. Additionally, some users have expressed frustration with unclear explanations on their website, which can create confusion about the specifics of what the product actually offers.

(Image credit: IDShield)Plans and pricing

IDShield offers straightforward plans designed to protect individuals and families from identity theft, with pricing that varies primarily based on whether you opt for one-bureau or three-bureau credit monitoring.

For individuals, plans typically start around $14.95 per month for one-bureau credit monitoring (usually Experian). If you desire more comprehensive credit oversight, the three-bureau option (monitoring Experian, TransUnion, and Equifax) is available for approximately $19.95 per month.

For families, IDShield provides coverage for two adults and eligible dependent children under 18 living in the same household. A one-bureau family plan typically costs around $29.95 per month, while the three-bureau family plan is approximately $34.95 per month. Some sources indicate the family plan covers an unlimited number of children.

Regardless of the plan you choose, all IDShield subscriptions come with a robust set of features. These include dark web monitoring, social security number (SSN) monitoring, financial account monitoring, social media monitoring, public records monitoring, and alerts for various identity threats like address changes and court records. A significant benefit across all plans is access to licensed private investigators who will work to fully restore your identity if it's stolen, alongside up to $3 million in identity theft insurance to cover eligible financial losses and certain legal fees. Many plans also bundle in digital security tools like a VPN and password manager for up to three devices on individual plans and up to 15 devices on family plans, typically provided by Trend Micro. It's worth noting that while credit monitoring is a core feature, some plans may not provide full credit reports, only a monthly credit score tracker. IDShield often provides a 30-day free trial for new members.

Interface

Before discussing the desktop and mobile apps, it's imperative to highlight the IDShield website. Unlike other apps that can be downloaded and used right away, identity theft protection requires some self-education. Understanding the field of identity theft, including how criminals can harm your reputation, destroy your credit, and even impersonate you to commit crimes, is essential.

Despite its efforts, IDShield encounters some obstacles in conveying critical information. The primary website provides descriptions of the app's features, but the "See more" option that elaborates on additional functionalities is easily overlooked due to its diminutive size.

Furthermore, the consultation feature's description lacks specifics, leaving out crucial details. It merely states that “We monitor your personal and financial information 24/7. When we detect fraud, we work to restore your identity quickly.” However, without some more specifics, it fails to provide any meaningful information about the restoration process or the actual steps taken to return consumer reports and other records to their pre-theft status. This generic description leaves potential customers with some unanswered questions and an unclear understanding of the services provided.

Mobile app

Within the app, just like in other sections, there's a lack of detailed explanations about the features' functionality. In contrast, Norton LifeLock excels in presenting options in a dashboard layout, similar to a wizard. It clearly indicates the remaining steps or the number of accounts that require configuration.

IDShield places too much emphasis on your credit score. Some of the information intended to explain features actually ends up explaining general credit monitoring concepts. This issue persists not only in the desktop app but also in the mobile apps for iPhone iOS and Android.

(Image credit: IDShield)Features

IDShield lacks substantial features, except for the consultation with licensed investigators. This service primarily addresses issues that arise after identity theft has already occurred. The app monitors credit bureaus and sends alerts for credit-related problems, allowing users to address them promptly before they become severe, such as a low credit score. However, some of these features are repetitiously listed, causing inconvenience.

On the IDShield website and in a feature comparison document, "Unlimited consultation" and "Licensed private investigators" are listed. However, these phrases essentially convey the same idea. Another example is social media monitoring, which is not as impressive as it seems. It primarily tracks illicit images, drug references, and foul language, but it does not monitor for account hacking.

IDShield excels in its vigilance in safeguarding your identity. While Norton LifeLock offers superior tools for identity protection, IDShield surpasses it in monitoring the usage of your personal information, such as your address, phone number, and other identifiable details. IDShield's capabilities extend to tracking public court records and detecting pay-day loan fraud attempts made with your name and identity.

One standout feature of IdentityForce is its capability to alert users when a registered sex offender moves into their neighborhood. However, it's worth noting that the app currently lacks the ability to notify users if a sex offender attempts to steal their identity. This could be a valuable addition to the app, as it would provide users with a more comprehensive identity protection solution.

Support

IDShield understands that customers may have questions or concerns about their services, and they offer multiple support channels to ensure timely and convenient assistance.

For immediate assistance, customers can call IDShield's dedicated phone support line at 1-888-494-8519. Phone support is available from Monday through Friday, from 7 AM to 7 PM Central Standard Time (CST). Customers can speak directly to knowledgeable representatives who are trained to address a wide range of issues, from account inquiries to technical support.

For customers who prefer written communication, IDShield offers email support at Idshield@legalshield.com. Customers can send detailed queries or concerns to this email address anytime, and they can expect a response within 24 hours. This option is particularly suitable for non-urgent matters or complex inquiries that require more comprehensive explanations.

IDShield's website features a live chat option for customers who prefer real-time assistance. The live chat function allows customers to connect directly with a support representative and have their questions answered promptly. This option is available during business hours, and customers can initiate a chat by clicking the "Live Chat" button on IDShield's website.

In addition to these support channels, IDShield also provides a comprehensive knowledge base and frequently asked questions (FAQs) section on their website. Customers can find answers to common questions, troubleshooting tips, and other resources without contacting support directly.

IDShield's commitment to customer satisfaction is evident in their diverse support options. By offering phone, email, and live chat support, IDShield ensures that customers have convenient and accessible channels to resolve their queries and concerns.

The competition

In today's digital age, the threat of identity theft has become increasingly prevalent, prompting consumers to seek robust identity theft protection services. IDShield operates in a competitive landscape, where several strong players vie for attention with their comprehensive offerings.

Among these, Aura stands out as a prominent competitor, frequently receiving high marks for its all-in-one approach to digital security and identity protection. Aura distinguishes itself by bundling essential features like a virtual private network (VPN), antivirus software, and thorough dark web monitoring with its identity theft services. This integration of tools provides users with a holistic security solution, allowing for a seamless experience. Additionally, Aura's three-bureau credit monitoring, included across all plans, enables users to gain a complete view of their credit status, enhancing their ability to detect fraudulent activities promptly.

Another key competitor in this space is Norton LifeLock, a well-established name recognized for its extensive suite of monitoring features. LifeLock offers an array of services that extend beyond typical identity theft protection. Users benefit from comprehensive monitoring of their credit and financial activities, as well as unique features like home and auto title monitoring. This focus on a broad spectrum of identity protection resonates with consumers looking for a more integrated solution. Moreover, the incorporation of Norton 360 antivirus with LifeLock subscriptions appeals to those seeking to combine cybersecurity with identity theft protection, ensuring that users’ devices are safeguarded against various online threats.

Identity Guard is another significant player that has garnered attention for its strong monitoring capabilities, leveraging artificial intelligence to detect threats swiftly. This technological advancement allows Identity Guard to provide proactive alerts and real-time monitoring, which can be invaluable for users keen on staying one step ahead of potential fraud. The service typically offers a range of plans at various price points, making it accessible to a wider audience. This flexibility can be particularly appealing for consumers primarily focused on alerting and monitoring, rather than extensive recovery services.

Beyond these top contenders, other notable services such as IdentityForce also provide substantial protection, incorporating features like social media monitoring and personal identity safety scores. Such tools help users maintain an awareness of their online presence and identify potential risks associated with their digital identity. Experian IdentityWorks and ID Watchdog stand out for their strong ties to credit bureaus, offering users a direct link to credit monitoring services that can provide significant peace of mind, especially in times of heightened concern about financial security.

As identity theft protection continues to evolve, companies like McAfee and Bitdefender are increasingly integrating these services into their broader cybersecurity suites. By bundling antivirus capabilities, VPN access, and identity protection, they create an all-encompassing security solution that appeals to users looking for comprehensive protection under one roof.

Ultimately, the choice among these competitors often comes down to individual needs, budget constraints, and the desired level of credit bureau monitoring. Factors such as additional features, like enhanced digital security tools or personalized restoration services, can also play a crucial role in the decision-making process. Consumers must carefully evaluate their priorities and preferences to find the identity theft protection service that best meets their unique requirements in this ever-evolving digital landscape.

Final verdict

IDShield could benefit significantly from rebranding with a more fitting name. Since its primary focus is on collaborating with investigators to handle fraud cases, a name like "IDRestore" would better align with its core function. This strategic change in naming would provide a clearer and more accurate representation of the app's services.

When comparing IDShield to its competitors, it stands out as a cost-effective option. Its pricing structure makes it an accessible choice for individuals and families seeking protection against identity theft. The affordability of IDShield makes it a practical solution for those who prioritize financial security without overspending.

Despite its low cost, IDShield does not compromise on the quality of its services. The app employs robust security measures and advanced technologies to protect users' personal information. Its user-friendly interface and comprehensive features enable users to monitor their credit reports, detect suspicious activities, and receive real-time alerts easily.

By offering a competitive price point alongside effective identity protection services, IDShield presents an attractive value proposition. Its commitment to providing affordable yet reliable solutions makes it a compelling choice for individuals and families looking to safeguard their personal information in an increasingly digital world.

Take a look at our full guide to the best identity theft protection

Since 1954, an IRS rule had barred houses of worship from explicitly endorsing political candidates.

(Image credit: Charlie Neibergall)

Spending time on the internet in 2025 is proving to be more difficult than ever before. After all, image generation tools are readily accessible in AI products like ChatGPT, and video generation software like Google's Veo 3 is available to the general public.

We're still at a point in the AI-powered internet journey where I'd argue it's still easy enough to tell what's real and what's not. That said, today's AI image and video tools are more powerful than ever, and the scary thing is: this is the worst they'll ever be.

The other day, while browsing Instagram, I stumbled across a new post from France and Real Madrid soccer superstar, Kylian Mbappé. Widely regarded as one of the best players in the world, the image showcased an incredible bicycle kick he had performed in the Club World Cup quarter-final the night before.

The thing is, while the image appeared normal at first glance, a closer inspection revealed some seriously bad editing, or quite possibly AI image generation.

You see, zoom into the crowd watching Mbappé's acrobatics and you'll see a Picasso-esque abstract work of art, people merging into each other, and something more akin to a horror movie than a soccer field. All of the faces blur together like a nightmare.

Initially, I couldn't quite believe that a social media admin for an Instagram account with over 124 million followers would use AI to enhance an image. But then I thought about it some more, and of course, AI has infiltrated the social profiles of public figures. It's everywhere.

A post shared by Kylian Mbappé (@k.mbappe)

A photo posted by on

What's real anymore?

You might be wondering why Kylian Mbappé's social media team used AI to edit this photo in the first place. After all, according to official reports, there were over 76,000 fans in MetLife Stadium for the game.

Since it started a few weeks ago, the FIFA Club World Cup has been plagued with stories of low attendance rates, with one report claiming the tournament had over 1 million empty seats in the group stage alone.

Now, 76,000 is closer to MetLife's 82,500 capacity than some of the other examples of low attendance in the tournament, but considering the terrible photo edits to the crowd, did Mbappé's incredible goal fall into the line of sight of empty seats?

Thinking about the context of the tournament and the badly edited photo, this is the conclusion that I'd feel most comfortable putting forward. After all, sometimes you have to call a spade a spade. Why would anyone play with the crowd capacity other than to fill gaps?

Whether Mbappe's photo was AI-edited or badly edited by a human, the world of photo editing on social media is nothing new. Since the inception of platforms like Facebook and Instagram, we've all had to adapt to the 21st-century way of living, which often includes curating your best angles and happiest moments online.

AI-generated instagram influencer (Image credit: @millasofiafin / Instagram)

In the past, influencers would slim down their waists using apps on their iPhones or by manually editing the photo. Now, AI can do it all with the press of a button. And that's not all, AI-edited photos are only the beginning.

Whether that's fully AI-generated influencers scoring brand deals, AI-generated YouTube channels garnering millions of views and subscribers, or AI beauty pageants, we no longer live in a world where it's easy to tell what's real on social media and what's not. The thing is, have we ever been able to? Or is AI just making it easier than ever before to bend reality to fit a narrative?

As someone who has used multiple AI photo editing tools for testing purposes, I'm fairly confident that Mbappé's terrible editing is the work of artificial intelligence, and most probably Apple's mediocre Clean Up tool.

This clear example of heavily-edited photography shines a light, not only on bad editing, but also on the fact that if bad edits slip through the cracks, there's a high chance most of the posts we see aren't actually rooted in real life.

You might also like

• Can an AI travel agent remove the stress of vacation booking? I tried three to find out
• I tried a ChatGPT prompt that 'unlocks 4o’s full power', and I don’t know why I didn’t try it sooner
• I asked AI to plan the perfect day in London – here’s what it got right and hilariously wrong

Spending time on the internet in 2025 is proving to be more difficult than ever before. After all, image generation tools are readily accessible in AI products like ChatGPT, and video generation software like Google's Veo 3 is available to the general public.

We're still at a point in the AI-powered internet journey where I'd argue it's still easy enough to tell what's real and what's not. That said, today's AI image and video tools are more powerful than ever, and the scary thing is: this is the worst they'll ever be.

The other day, while browsing Instagram, I stumbled across a new post from France and Real Madrid soccer superstar, Kylian Mbappé. Widely regarded as one of the best players in the world, the image showcased an incredible bicycle kick he had performed in the Club World Cup quarter-final the night before.

The thing is, while the image appeared normal at first glance, a closer inspection revealed some seriously bad editing, or quite possibly AI image generation.

You see, zoom into the crowd watching Mbappé's acrobatics and you'll see a Picasso-esque abstract work of art, people merging into each other, and something more akin to a horror movie than a soccer field. All of the faces blur together like a nightmare.

Initially, I couldn't quite believe that a social media admin for an Instagram account with over 124 million followers would use AI to enhance an image. But then I thought about it some more, and of course, AI has infiltrated the social profiles of public figures. It's everywhere.

A post shared by Kylian Mbappé (@k.mbappe)

A photo posted by on

What's real anymore?

You might be wondering why Kylian Mbappé's social media team used AI to edit this photo in the first place. After all, according to official reports, there were over 76,000 fans in MetLife Stadium for the game.

Since it started a few weeks ago, the FIFA Club World Cup has been plagued with stories of low attendance rates, with one report claiming the tournament had over 1 million empty seats in the group stage alone.

Now, 76,000 is closer to MetLife's 82,500 capacity than some of the other examples of low attendance in the tournament, but considering the terrible photo edits to the crowd, did Mbappé's incredible goal fall into the line of sight of empty seats?

Thinking about the context of the tournament and the badly edited photo, this is the conclusion that I'd feel most comfortable putting forward. After all, sometimes you have to call a spade a spade. Why would anyone play with the crowd capacity other than to fill gaps?

Whether Mbappe's photo was AI-edited or badly edited by a human, the world of photo editing on social media is nothing new. Since the inception of platforms like Facebook and Instagram, we've all had to adapt to the 21st-century way of living, which often includes curating your best angles and happiest moments online.

AI-generated instagram influencer (Image credit: @millasofiafin / Instagram)

In the past, influencers would slim down their waists using apps on their iPhones or by manually editing the photo. Now, AI can do it all with the press of a button. And that's not all, AI-edited photos are only the beginning.

Whether that's fully AI-generated influencers scoring brand deals, AI-generated YouTube channels garnering millions of views and subscribers, or AI beauty pageants, we no longer live in a world where it's easy to tell what's real on social media and what's not. The thing is, have we ever been able to? Or is AI just making it easier than ever before to bend reality to fit a narrative?

As someone who has used multiple AI photo editing tools for testing purposes, I'm fairly confident that Mbappé's terrible editing is the work of artificial intelligence, and most probably Apple's mediocre Clean Up tool.

This clear example of heavily-edited photography shines a light, not only on bad editing, but also on the fact that if bad edits slip through the cracks, there's a high chance most of the posts we see aren't actually rooted in real life.

You might also like

• Can an AI travel agent remove the stress of vacation booking? I tried three to find out
• I tried a ChatGPT prompt that 'unlocks 4o’s full power', and I don’t know why I didn’t try it sooner
• I asked AI to plan the perfect day in London – here’s what it got right and hilariously wrong

Protecting your digital identity has become increasingly important. With the rise of sophisticated cyber threats, such as phishing scams, identity theft, and data breaches, choosing a robust identity protection service is essential for safeguarding your personal information.

This review offers a comprehensive analysis of McAfee identity protection, examining its key features, effectiveness in preventing identity theft, and overall value to consumers. Key aspects covered include the service's monitoring capabilities, real-time alerts, recovery support, and user-friendly interface. Additionally, we'll explore how McAfee+ compares to other identity protection services on the market.

By the end of this review, you will have a clearer understanding of whether McAfee Identity Protection is the right solution for you in securing your sensitive information and maintaining your online peace of mind.

McAfee+: Plans and pricing

The McAfee Essential plan, often referred to as a "starter" plan within the McAfee Total Protection suite, is designed to provide a solid foundation of security for individuals with multiple devices. Priced at an introductory offer of $39.99 for the first year (with renewal prices typically higher), it offers protection for up to five devices, compatible with Windows, Mac, Android, iOS, and ChromeOS. This plan includes McAfee's award-winning antivirus and scam detection, ensuring real-time defense against malware, ransomware, and phishing attempts.

In addition to core antivirus protection, the Essential plan enhances online privacy with a Virtual Private Network (VPN), which often includes unlimited data usage, particularly when auto-renewal is enabled. Users also benefit from identity monitoring that alerts them if their personal information appears on the dark web. The plan includes a password manager (True Key) for secure login management and Safe Browse capabilities to warn against risky websites. Furthermore, it provides Personal Data Cleanup (scan only) to help identify where your data may be exposed on data broker sites and Online Account Cleanup (scan only) to locate old online accounts linked to your personal information. The McAfee Protection Score included in this plan helps users gauge their overall cybersecurity health. While the Essential plan offers a robust range of essential security and privacy features, it lacks the more extensive identity theft coverage and full-service data cleanup found in higher-tier McAfee+ plans.

In contrast, the McAfee+ Advanced Individual plan presents a much more comprehensive security package. Typically priced at an introductory fee of around $89.99 for the first year, this plan is more than double the cost of the Essential plan. The most significant upgrade is its coverage for unlimited devices (for one user), ensuring that all household devices are protected. Beyond the features of the Essential plan, the Advanced plan significantly enhances identity protection. It includes full-service Personal Data Cleanup, where McAfee actively assists in removing your information from data broker sites rather than merely scanning and alerting you. Furthermore, it provides $1 million in identity theft coverage and restoration services, enhanced bank and credit card transaction monitoring, and 1-bureau credit monitoring with monthly scores. The ability to initiate a security freeze in the event of suspected identity theft adds layer of security, making the McAfee+ Advanced Individual plan ideal for users who prioritize comprehensive identity and financial safety alongside robust device protection.

Lastly, the McAfee+ Advanced Family plan offers a comprehensive solution designed to protect the entire household (up to six users), extending beyond devices to include robust identity and privacy features. Its introductory price typically starts around $119.99 for the first year, though this can vary slightly depending on the retailer and current promotions.

This family plan offers unlimited device coverage for all compatible household devices, including Windows PCs, Macs, Android devices, iOS devices, and Chromebooks. A key differentiator for the family plan is the inclusion of Parental Controls (McAfee Safe Family), allowing parents to manage their children's online activities, set screen time limits, filter content, track locations, and view activity reports.

Beyond device security, the McAfee+ Advanced Family plan offers significant identity protection features. These include identity monitoring with alerts for personal information found on the dark web, as well as advanced tools such as bank and credit card transaction monitoring, along with 1-bureau credit monitoring that includes monthly credit scores. The financial protection is substantial, boasting up to $2 million in identity theft coverage and restoration services (an increase from the individual plan's $1 million coverage). This plan also allows users to place a security freeze on their credit if suspicious activity is suspected.

To enhance online privacy, the McAfee+ Advanced Family plan features an unlimited Secure VPN for safe browsing on public Wi-Fi. It includes full-service Personal Data Cleanup, where McAfee actively helps in removing personal information from data broker sites. Additionally, the Scam Detector, powered by McAfee Smart AI, identifies and warns against risky texts, emails, and videos. Meanwhile, the password manager (True Key) ensures secure login credentials. Safe Browse (WebAdvisor) blocks dangerous websites and downloads, further contributing to comprehensive cybersecurity. Lastly, the McAfee Protection Score tracks the overall cybersecurity health of the family, making the McAfee+ Advanced Family plan an ideal choice for families seeking comprehensive digital protection and peace of mind.

McAfee+: Features

McAfee+ is a comprehensive cybersecurity suite developed by McAfee that offers a variety of features to enhance your digital safety. Below are some key features included in the McAfee+ plans:

Antivirus and Antimalware: McAfee+ provides real-time protection against viruses, malware, spyware, ransomware, and other malicious threats. It scans your system to detect potential threats, preventing them from causing harm. Unlike many online identity protection suites, this feature is essential for personal security.

Firewall Protection: A built-in firewall monitors and controls incoming and outgoing network traffic, protecting your device from unauthorized access and blocking suspicious connections.

Web Protection: This feature helps safeguard your online activities by blocking malicious websites, phishing attempts, and dangerous downloads. It also scans email attachments and instant messages for potential threats, making it especially useful for children online.

Identity Theft Protection: McAfee+ helps protect your personal information from being compromised by monitoring potential identity theft risks. This may include features like credit monitoring, social security number tracking, and alerts for suspicious activity. McAfee’s Identity Theft Protection service monitors over 40 data broker sites to identify whether your personal information has been compromised.

Safe Browsing: McAfee+ provides secure browsing extensions or plugins for popular web browsers. These tools warn you about unsafe websites in search results and block harmful ads or pop-ups.

Credit Monitoring: Depending on the selected plan, credit bureau monitoring looks for threats to your identity and monitors the Dark Web for associated risks.

Password Manager: This unique tool securely stores your login credentials and assists in creating strong, unique passwords for each website or application you use.

Secure VPN: McAfee+ includes a virtual private network (VPN) feature that encrypts your internet connection and anonymizes your online activities, adding an extra layer of privacy and security.

System Optimization Tools: McAfee+ also offers system optimization tools to improve your device’s performance by cleaning up unnecessary files, managing startup programs, and optimizing system settings.

Parental Controls: McAfee+ products include parental control features that allow you to monitor and restrict your child's online activities, block inappropriate content, and set usage time limits.

Overall, McAfee+ provides a robust suite of tools designed to enhance your cybersecurity and protect your personal information online.

McAfee+: Support

As would be expected from a veteran provider, McAfee offers numerous methods for support. On the direct side, there is 24/7 phone support, although we would have liked to see the number more prominently featured as we had to go through multiple screens to find it. There is a virtual assistant, and we did find a chat to a real person available 24/7 for English speaking countries (and 9am to 6 pm on business days for the rest of the world). We did not find an email, or a support portal as alternate methods for direct contact.

There are some options on the self support as well. We found a Support Home page, with a search bar, which had jump offs to YouTube videos, a FAQ, and related articles. There are also links to McAfee social media sites, including a Twitter feed that is active with recent updates, but it was not reassuring to find the link to the Facebook site coming up as “This page is not available.”

McAfee+: Competition

While McAfee+ provides a comprehensive security suite, several outstanding alternatives offer similar, if not enhanced, protection tailored to your specific needs and budget.

One of the top contenders is Bitdefender, which consistently earns high marks for its impressive malware detection capabilities in independent lab tests. In addition to its robust antivirus protection, Bitdefender boasts a feature-rich package that includes parental controls, a secure VPN, scam protection, and a comprehensive firewall. Its user-friendly interface and streamlined performance make it an excellent choice for families seeking extensive security without a steep price point. Moreover, Bitdefender offers a unique feature called "Vulnerability Assessment," scanning for potential security risks on your devices, further fortifying your online safety.

Norton 360 is another widely acclaimed option, often regarded as a gold standard in digital security. It encompasses a full suite that extends beyond basic antivirus functions, with many of its plans including features such as automatic cloud backup, a secure VPN, parental controls, and even identity theft protection. This makes Norton 360 an ideal choice for users looking for a holistic security solution. Moreover, it is equipped with advanced features like a password manager and dark web monitoring, ensuring that users are not only protected from current threats but also alerted to potential future risks. Norton also proudly offers a "100% Virus Protection Promise," reassuring users of its commitment to effective malware defense.

For those interested in a robust solution that includes a free tier, Avast One is an excellent option. Its free version is notably feature-rich, providing robust ransomware protection, a secure VPN, tracker blockers, and a built-in firewall. Furthermore, Avast’s reasonably priced premium upgrades offer even more sophisticated tools, such as advanced malware protection and a system cleanup feature, catering to a broad range of users with diverse budgets and requirements.

Other noteworthy alternatives include TotalAV, recognized for its superior web protection and system optimization tools. TotalAV not only helps shield against malware but also enhances system performance, making it a compelling choice for those seeking a more responsive computer experience alongside security. On the other hand, Malwarebytes is a household name recognized for its effective malware removal capabilities; its premium version provides real-time protection against a variety of online threats, making it an excellent complement to any primary antivirus.

Finally, consider solutions like Surfshark Antivirus, which is often bundled with the popular Surfshark VPN. This combination offers a substantial advantage in terms of privacy and security when browsing the internet. Similarly, Trend Micro is also a strong contender, offering comprehensive security features that include ransomware protection, Pay Guard for secure online transactions, and a social media privacy scanner, appealing to users who prioritize multifaceted protection.

In summary, while McAfee+ remains a solid choice, exploring these alternatives may lead to discovering a solution that better meets your specific security requirements and budgetary constraints.

McAfee+: Final verdict

McAfee+ provides a strong option for personal security and identity protection. We appreciate the variety of subscription tiers, the multitude of features, the support center, and the availability of 24/7 phone support. However, there are some areas that could be improved: the pricing is only available on an annual basis, the lowest tier lacks credit monitoring, there is only one method for direct support, and overall, the pricing tends to be on the expensive side. Nonetheless, when it comes to trusting a provider with your personal information, McAfee's longstanding reputation built over the years is a significant advantage.

We've featured the best internet security suites

From massage guns to your favorite sunscreens, you’ll want to stock up now.

The UK Public Accounts Committee’s recent report sends a clear and urgent message: cyber threats are evolving faster than defenses can keep up. The digital infrastructure underpinning our critical infrastructure is increasingly exposed—not only due to external threats but because of internal gaps in strategy, capability, and legacy system management.

Replacing outdated technology may be part of the solution, but it’s far from the full picture. We need a fundamental shift in mindset—toward continuous assurance, smarter system design, and a dynamic approach to skills development that anticipates the challenges of tomorrow, not just today.

Beyond ‘build and forget’: cybersecurity as an ongoing commitment

For too long, cybersecurity has followed a static, compliance-driven model—deploy once, tick the box, and move on. In today’s evolving threat landscape, this ‘build and forget’ mentality is no longer viable, if it ever was.

Security must be woven into every stage of design, development, and operations through a Secure by Design approach. With Cyber Physical Systems and enterprise IT environments in constant flux, reassessing security posture regularly ensures defenses remain adaptive and effective.

The UK government has rightly prioritized Secure by Design in its Defending the UK in a Digital World: Cyber Security Strategy 2022–25. Yet, despite this ambition, adoption across sectors remains uneven, with many organizations still relying on outdated risk frameworks and reactive measures—essentially attempting to counter modern threats with legacy solutions.

Cybersecurity must evolve beyond static processes. It requires continuous evaluation, proactive defense, and resilient security strategies to stay ahead of emerging risks.

Legacy systems: balancing risk and progress

Few areas illustrate the tension between innovation and practicality more clearly than legacy systems. Originally built for a different technological landscape, many were air-gapped, manually operated, and completely isolated from external networks—never designed to withstand the level of connectivity and cyber threats seen today.

In pursuit of efficiency and cost reduction, organizations have increasingly networked and remotely managed these systems, often without implementing adequate security safeguards. While this enhances operational flexibility, it also exposes critical infrastructure to new vulnerabilities, opening doors to sophisticated cyber threats.

The solution isn't as simple as replacing old systems outright. The decision to upgrade or extend the life of legacy platforms requires careful cyber risk evaluation, ensuring the right balance of mitigation strategies, isolation measures, and continuous monitoring to maintain security. Organizations must also weigh financial constraints, applying appropriate risk controls to optimize security investments without excessive costs.

Secure by design: a strategic imperative

Secure by Design isn’t just a cybersecurity buzzword—it’s an essential principle for building resilient digital infrastructure. It ensures that an appropriate level of security is built in from the ground up, integrated at every design, development, and operational phase to create adaptable, auditable, and testable systems.

Yet, despite its inclusion in policy frameworks and industry guidelines, implementation is often incomplete or superficial. Many organizations pay lip service to security but fail to embed it across teams and processes, treating it as an isolated function rather than an organizational priority – much like organizations approach health and safety.

Regulation will play a vital role in closing this gap. The upcoming Cyber Security and Resilience Bill is set to improve oversight, enforce stronger standards, and introduce mandatory incident reporting for high-risk sectors. Coupled with enhanced threat intelligence sharing, this legislation could shift cybersecurity strategies from reactive defense to proactive resilience.

Cyber talent: securing the future workforce

Another major challenge in cybersecurity is building a workforce capable of responding to evolving threats. As technology advances, skills become obsolete faster than ever, requiring ongoing investment in cyber capability development.

While direct government hiring plays a role—especially in sensitive security domains—industry partnerships offer a scalable alternative. Specialist organizations, like Thales, are well-positioned to train and upskill professionals through apprenticeships, immersive simulations, and diverse sector exposure, which traditional public-sector roles often lack.

This model provides dual benefits: it equips trainees with experience across various threat scenarios, while also fostering an agile workforce that can quickly adapt to emerging technologies like artificial intelligence and quantum computing. Cybersecurity isn't just about fixing vulnerabilities of the past—it's about anticipating and securing against the threats of the future.

Transparency and collaboration: strengthening cyber resilience

Cybersecurity can no longer be viewed as a standalone issue—threats don’t respect organizational boundaries, and weaknesses in one system can expose an entire network. Transparency, collaboration, and mandatory incident reporting are essential for national security, ensuring vulnerabilities are addressed before they escalate into widespread risks.

Reporting cyber incidents, much like the practice of reporting near misses and accidents in health and safety, strengthens overall resilience. Just as greater visibility has helped organizations reduce safety incidents, increased cyber reporting makes it harder for hackers to exploit gaps, reinforcing defenses before real damage occurs.

The Thales Data Threat Report underscores the growing risks to Critical National Infrastructure (CNI) and highlights the value of compliance—organisations that passed cybersecurity audits had significantly fewer breaches than those that failed. With the Cyber Security and Resilience Bill raising standards, stronger protections for essential infrastructure, including data centers that support AI innovation and national healthcare, will become the norm.

Each unreported cyber-attack is a missed opportunity to refine security strategies. Enhanced visibility into cyber threats improves collective intelligence, allowing organizations to make faster, smarter decisions in the face of emerging risks.

Conclusion: building security for the future

Modern cybersecurity requires more than patching vulnerabilities or checking compliance boxes—it demands a strategic rethink of how systems are designed, maintained, and safeguarded. Understanding how legacy and modern environments interact is key, alongside developing cyber talent that can anticipate and mitigate future risks.

Secure by Design must be the standard, not the exception. With the right balance of policy, proactive security measures, and skilled professionals, organizations can shift from reactive defense to sustainable resilience, ensuring they are prepared for the threats ahead, not just responding to the ones they see today.

We've featured the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The UK Public Accounts Committee’s recent report sends a clear and urgent message: cyber threats are evolving faster than defenses can keep up. The digital infrastructure underpinning our critical infrastructure is increasingly exposed—not only due to external threats but because of internal gaps in strategy, capability, and legacy system management.

Replacing outdated technology may be part of the solution, but it’s far from the full picture. We need a fundamental shift in mindset—toward continuous assurance, smarter system design, and a dynamic approach to skills development that anticipates the challenges of tomorrow, not just today.

Beyond ‘build and forget’: cybersecurity as an ongoing commitment

For too long, cybersecurity has followed a static, compliance-driven model—deploy once, tick the box, and move on. In today’s evolving threat landscape, this ‘build and forget’ mentality is no longer viable, if it ever was.

Security must be woven into every stage of design, development, and operations through a Secure by Design approach. With Cyber Physical Systems and enterprise IT environments in constant flux, reassessing security posture regularly ensures defenses remain adaptive and effective.

The UK government has rightly prioritized Secure by Design in its Defending the UK in a Digital World: Cyber Security Strategy 2022–25. Yet, despite this ambition, adoption across sectors remains uneven, with many organizations still relying on outdated risk frameworks and reactive measures—essentially attempting to counter modern threats with legacy solutions.

Cybersecurity must evolve beyond static processes. It requires continuous evaluation, proactive defense, and resilient security strategies to stay ahead of emerging risks.

Legacy systems: balancing risk and progress

Few areas illustrate the tension between innovation and practicality more clearly than legacy systems. Originally built for a different technological landscape, many were air-gapped, manually operated, and completely isolated from external networks—never designed to withstand the level of connectivity and cyber threats seen today.

In pursuit of efficiency and cost reduction, organizations have increasingly networked and remotely managed these systems, often without implementing adequate security safeguards. While this enhances operational flexibility, it also exposes critical infrastructure to new vulnerabilities, opening doors to sophisticated cyber threats.

The solution isn't as simple as replacing old systems outright. The decision to upgrade or extend the life of legacy platforms requires careful cyber risk evaluation, ensuring the right balance of mitigation strategies, isolation measures, and continuous monitoring to maintain security. Organizations must also weigh financial constraints, applying appropriate risk controls to optimize security investments without excessive costs.

Secure by design: a strategic imperative

Secure by Design isn’t just a cybersecurity buzzword—it’s an essential principle for building resilient digital infrastructure. It ensures that an appropriate level of security is built in from the ground up, integrated at every design, development, and operational phase to create adaptable, auditable, and testable systems.

Yet, despite its inclusion in policy frameworks and industry guidelines, implementation is often incomplete or superficial. Many organizations pay lip service to security but fail to embed it across teams and processes, treating it as an isolated function rather than an organizational priority – much like organizations approach health and safety.

Regulation will play a vital role in closing this gap. The upcoming Cyber Security and Resilience Bill is set to improve oversight, enforce stronger standards, and introduce mandatory incident reporting for high-risk sectors. Coupled with enhanced threat intelligence sharing, this legislation could shift cybersecurity strategies from reactive defense to proactive resilience.

Cyber talent: securing the future workforce

Another major challenge in cybersecurity is building a workforce capable of responding to evolving threats. As technology advances, skills become obsolete faster than ever, requiring ongoing investment in cyber capability development.

While direct government hiring plays a role—especially in sensitive security domains—industry partnerships offer a scalable alternative. Specialist organizations, like Thales, are well-positioned to train and upskill professionals through apprenticeships, immersive simulations, and diverse sector exposure, which traditional public-sector roles often lack.

This model provides dual benefits: it equips trainees with experience across various threat scenarios, while also fostering an agile workforce that can quickly adapt to emerging technologies like artificial intelligence and quantum computing. Cybersecurity isn't just about fixing vulnerabilities of the past—it's about anticipating and securing against the threats of the future.

Transparency and collaboration: strengthening cyber resilience

Cybersecurity can no longer be viewed as a standalone issue—threats don’t respect organizational boundaries, and weaknesses in one system can expose an entire network. Transparency, collaboration, and mandatory incident reporting are essential for national security, ensuring vulnerabilities are addressed before they escalate into widespread risks.

Reporting cyber incidents, much like the practice of reporting near misses and accidents in health and safety, strengthens overall resilience. Just as greater visibility has helped organizations reduce safety incidents, increased cyber reporting makes it harder for hackers to exploit gaps, reinforcing defenses before real damage occurs.

The Thales Data Threat Report underscores the growing risks to Critical National Infrastructure (CNI) and highlights the value of compliance—organisations that passed cybersecurity audits had significantly fewer breaches than those that failed. With the Cyber Security and Resilience Bill raising standards, stronger protections for essential infrastructure, including data centers that support AI innovation and national healthcare, will become the norm.

Each unreported cyber-attack is a missed opportunity to refine security strategies. Enhanced visibility into cyber threats improves collective intelligence, allowing organizations to make faster, smarter decisions in the face of emerging risks.

Conclusion: building security for the future

Modern cybersecurity requires more than patching vulnerabilities or checking compliance boxes—it demands a strategic rethink of how systems are designed, maintained, and safeguarded. Understanding how legacy and modern environments interact is key, alongside developing cyber talent that can anticipate and mitigate future risks.

Secure by Design must be the standard, not the exception. With the right balance of policy, proactive security measures, and skilled professionals, organizations can shift from reactive defense to sustainable resilience, ensuring they are prepared for the threats ahead, not just responding to the ones they see today.

We've featured the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

In the world of technology, open source refers to software which is made publicly available, and is free for anyone to use or modify. It is a very popular approach to software development, enabling an open and community engagement to building software projects.

One of the main advantages of open source is transparency, a property that is widely embraced by tech enthusiasts. Open source code means that anyone can inspect the code before usage, meaning that anyone could spot malicious, or broken, code. This is a perfect example of the mantra “Don't trust, verify”, which is popular in various technology spaces.

One of the main drawbacks of open source is considered to be lack of interested involvement from external developers. Many projects typically start with one, or a few, developers – and this base can struggle to grow, leading to a low “bus-factor” (dependency on too few developers) for the majority of open source projects.

This can lead to developer burnout or exhaustion, and can eventually cause the ultimate abandonment of projects. Alongside this, funding can also play a crucial role; many of the most successful projects are backed by some degree of funding from organizations and/or non-profits, effectively supporting developers throughout the time required to maintain the project.

Thankfully, while these issues are very much real there are several examples of successful and pioneering projects in the open source space which have overcome these obstacles. The Linux Foundation is the most prominent example, and there are also some interesting ones in the cryptography space, a field that can particularly benefit from adapting the open source approach. Let’s take a look at some of them individually below.

The Linux Foundation

The most notable example of a successful open source project is the open source development of the Linux Kernel. Originally published in 1991 under a custom license which did not allow commercial usage, this was quickly shifted to an open source-friendly license (GPL), to enable developers to collaborate on the code and ensure wide and free availability of the software.

The open source version which can now be found on Github, is one of the most contributed projects in the history of open source. With over 15,000 contributors, this project has clearly been a huge success. Whilst only ~4% of Desktop computers worldwide are now running Linux, it is still the platform of choice for many computer scientists and cryptographers.

Let’s encrypt

In the cryptography space, a popular example is Let’s Encrypt. Let’s Encrypt is an influential open source certificate authority (CA) which helps enable secure communication via HTTPS over the web. This project was started by the Internet Security Research Group (ISG), which is a small non-profit launched in 2015 and backed by various industry players.

Since their launch in 2015, HTTPS usage on the internet has risen from ~40% to ~90%+ today. This, of course, is not down solely to Let’s encrypt, but their mission to “democratize HTTPS by making SSL/TLS certificates free, automated, and easy to obtain” has clearly had a major impact on this. Today, Let’s Encrypt powers secure communications for millions of sites, APIs, and services and is viewed as a major success in the cryptography space.

Open science

Open science is a similar idea which draws influence from open source. The goal of open science is to make academic publications (as well as any associated source code, data, etc) public and free for anyone to view or build on. Particularly in the cryptography space, this is something that academics tend to view as a must-have for their work: all experiments should be reproducible with available code. The website https://paperswithcode.com/ collects works which open-source their code in the Machine Learning space.

Such an approach can be critical for successful outcomes in science and research. Attempting to build on something “closed” is almost impossible, which may lead researchers to either completely rebuild something from scratch, or giving up entirely.

An additional element that can help promote this collaborative approach is the promotion of platforms like events and conferences that aim to gather experts and researchers and foster exchange. In the world of cryptography - and of Fully Homomorphic Encryption in particular - FHE.org is one such community, hosting regular online meetups and an annual conference to bring together the best and brightest minds.

Looking forward

The next frontier in this space, in my view, is AI. AI is an area showing immense growth over the past few years; there is a tangible improvement in models. OpenAI recently closed the largest funding round in history (40b at a 300b valuation). There is currently an AI-arms race between big-tech firms, and specialized start-ups who are vying to release the best model (Polymarket is currently backing Google, at the time of writing).

Clearly, this is a sector where open source principles could be applied well, with collaboration encouraged to ensure correct management of ethics, as opposed to control by a single organization or board.

We've featured the best encryption software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

In the world of technology, open source refers to software which is made publicly available, and is free for anyone to use or modify. It is a very popular approach to software development, enabling an open and community engagement to building software projects.

One of the main advantages of open source is transparency, a property that is widely embraced by tech enthusiasts. Open source code means that anyone can inspect the code before usage, meaning that anyone could spot malicious, or broken, code. This is a perfect example of the mantra “Don't trust, verify”, which is popular in various technology spaces.

One of the main drawbacks of open source is considered to be lack of interested involvement from external developers. Many projects typically start with one, or a few, developers – and this base can struggle to grow, leading to a low “bus-factor” (dependency on too few developers) for the majority of open source projects.

This can lead to developer burnout or exhaustion, and can eventually cause the ultimate abandonment of projects. Alongside this, funding can also play a crucial role; many of the most successful projects are backed by some degree of funding from organizations and/or non-profits, effectively supporting developers throughout the time required to maintain the project.

Thankfully, while these issues are very much real there are several examples of successful and pioneering projects in the open source space which have overcome these obstacles. The Linux Foundation is the most prominent example, and there are also some interesting ones in the cryptography space, a field that can particularly benefit from adapting the open source approach. Let’s take a look at some of them individually below.

The Linux Foundation

The most notable example of a successful open source project is the open source development of the Linux Kernel. Originally published in 1991 under a custom license which did not allow commercial usage, this was quickly shifted to an open source-friendly license (GPL), to enable developers to collaborate on the code and ensure wide and free availability of the software.

The open source version which can now be found on Github, is one of the most contributed projects in the history of open source. With over 15,000 contributors, this project has clearly been a huge success. Whilst only ~4% of Desktop computers worldwide are now running Linux, it is still the platform of choice for many computer scientists and cryptographers.

Let’s encrypt

In the cryptography space, a popular example is Let’s Encrypt. Let’s Encrypt is an influential open source certificate authority (CA) which helps enable secure communication via HTTPS over the web. This project was started by the Internet Security Research Group (ISG), which is a small non-profit launched in 2015 and backed by various industry players.

Since their launch in 2015, HTTPS usage on the internet has risen from ~40% to ~90%+ today. This, of course, is not down solely to Let’s encrypt, but their mission to “democratize HTTPS by making SSL/TLS certificates free, automated, and easy to obtain” has clearly had a major impact on this. Today, Let’s Encrypt powers secure communications for millions of sites, APIs, and services and is viewed as a major success in the cryptography space.

Open science

Open science is a similar idea which draws influence from open source. The goal of open science is to make academic publications (as well as any associated source code, data, etc) public and free for anyone to view or build on. Particularly in the cryptography space, this is something that academics tend to view as a must-have for their work: all experiments should be reproducible with available code. The website https://paperswithcode.com/ collects works which open-source their code in the Machine Learning space.

Such an approach can be critical for successful outcomes in science and research. Attempting to build on something “closed” is almost impossible, which may lead researchers to either completely rebuild something from scratch, or giving up entirely.

An additional element that can help promote this collaborative approach is the promotion of platforms like events and conferences that aim to gather experts and researchers and foster exchange. In the world of cryptography - and of Fully Homomorphic Encryption in particular - FHE.org is one such community, hosting regular online meetups and an annual conference to bring together the best and brightest minds.

Looking forward

The next frontier in this space, in my view, is AI. AI is an area showing immense growth over the past few years; there is a tangible improvement in models. OpenAI recently closed the largest funding round in history (40b at a 300b valuation). There is currently an AI-arms race between big-tech firms, and specialized start-ups who are vying to release the best model (Polymarket is currently backing Google, at the time of writing).

Clearly, this is a sector where open source principles could be applied well, with collaboration encouraged to ensure correct management of ethics, as opposed to control by a single organization or board.

We've featured the best encryption software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

It’s good news for those of us who can’t wait to head back to Virgin River, because seasons 1-2 of Sullivan’s Crossing – also created by author Robyn Carr – are now available to stream on Netflix. You might have missed it in everything new coming to Netflix in July 2025, but there’s a good reason why you shouldn’t overlook it (and not just that season 3 is still to come).

Virgin River’s success alone is nothing short of astonishing. It’s now the longest-running original series on the platform, still pulling in almost 16 million viewers when season 6 dropped in December 2024. Virgin River season 7 has officially wrapped filming, but no release date is confirmed as of writing.

Bad news, right? Wrong! Sullivan’s Crossing is the ideal new TV show to tide us over in the meantime. Set in Canada rather than California, it’s the epitome of cozy comfort drama with plenty of famous faces thrown in for good measure.

Why I recommend watching Sullivan’s Crossing on Netflix

Neurosurgeon Maggie (Morgan Kohan) is looking to move away from her big city life in Boston after a terrible tragedy affects her personal life. She moves back to her childhood hometown of Sullivan’s Crossing, Nova Scotia, where her dad Sully (Scott Patterson) runs a campground. Maggie meets new resident Cal (Chad Michael Murray), and sparks soon fly. Where have we heard that storyline before?

Sure, Sullivan’s Crossing is exactly the same as Virgin River if you strip it back to its bare bones, but in reality, the hit TV show is so much more than its big sister. For starters, the cast unites When Hope Calls’ Kohan, noughties teen heartthrob Murray and Gilmore Girls legend Patterson in family conflict that always pulls on the heartstrings, allowing each actor to do what they’re best at. Obviously, it doesn’t hurt that any drama takes place against the jaw-droppingly picturesque vistas of rural Canada.

Our main anchor points differ from Virgin River, too. Maggie is falling for Cal, but still has tenuous links to her ex, Andrew (Allan Hawco). In essence, this acts as the reverse of Jack Sheridan (Martin Henderson), who falls for newcomer Mel (Alexandra Breckenridge) but hasn’t fully broken things off with Charmaine (Lauren Hammersley). Sullivan’s Crossing takes its romantic triangle one step further, embroiling the trio in a messy pregnancy plot destined to change all of their lives for good.

What’s the best thing about Sullivan’s Crossing, I hear you ask? The beautiful mundanity of their day-to-day lives. Where rival TV shows like Riverdale and the reboot of Dynasty take the drama in their dynamics to the extreme, Sullivan’s Crossing always returns to the simplicity of what real life really looks like, and that pays off in its popularity. You can blissfully lose your mind to the till breaking at the campground reception, inane chatter happening in the local diner and the many whimsical local events that bring the community together.

If you just can’t wait for Virgin River to return, or want to immerse yourself in more of the same, there’s no question that Sullivan’s Crossing will scratch that itch.

You might also like

• I watch TV for a living and these are my top 3 Netflix shows that you should watch now
• Netflix’s #1 movie is a K-pop demon hunting anime with 97% on Rotten Tomatoes that I can’t get out of my head
• Netflix will start streaming NASA content soon – and the results look out of this world

It’s good news for those of us who can’t wait to head back to Virgin River, because seasons 1-2 of Sullivan’s Crossing – also created by author Robyn Carr – are now available to stream on Netflix. You might have missed it in everything new coming to Netflix in July 2025, but there’s a good reason why you shouldn’t overlook it (and not just that season 3 is still to come).

Virgin River’s success alone is nothing short of astonishing. It’s now the longest-running original series on the platform, still pulling in almost 16 million viewers when season 6 dropped in December 2024. Virgin River season 7 has officially wrapped filming, but no release date is confirmed as of writing.

Bad news, right? Wrong! Sullivan’s Crossing is the ideal new TV show to tide us over in the meantime. Set in Canada rather than California, it’s the epitome of cozy comfort drama with plenty of famous faces thrown in for good measure.

Why I recommend watching Sullivan’s Crossing on Netflix

Neurosurgeon Maggie (Morgan Kohan) is looking to move away from her big city life in Boston after a terrible tragedy affects her personal life. She moves back to her childhood hometown of Sullivan’s Crossing, Nova Scotia, where her dad Sully (Scott Patterson) runs a campground. Maggie meets new resident Cal (Chad Michael Murray), and sparks soon fly. Where have we heard that storyline before?

Sure, Sullivan’s Crossing is exactly the same as Virgin River if you strip it back to its bare bones, but in reality, the hit TV show is so much more than its big sister. For starters, the cast unites When Hope Calls’ Kohan, noughties teen heartthrob Murray and Gilmore Girls legend Patterson in family conflict that always pulls on the heartstrings, allowing each actor to do what they’re best at. Obviously, it doesn’t hurt that any drama takes place against the jaw-droppingly picturesque vistas of rural Canada.

Our main anchor points differ from Virgin River, too. Maggie is falling for Cal, but still has tenuous links to her ex, Andrew (Allan Hawco). In essence, this acts as the reverse of Jack Sheridan (Martin Henderson), who falls for newcomer Mel (Alexandra Breckenridge) but hasn’t fully broken things off with Charmaine (Lauren Hammersley). Sullivan’s Crossing takes its romantic triangle one step further, embroiling the trio in a messy pregnancy plot destined to change all of their lives for good.

What’s the best thing about Sullivan’s Crossing, I hear you ask? The beautiful mundanity of their day-to-day lives. Where rival TV shows like Riverdale and the reboot of Dynasty take the drama in their dynamics to the extreme, Sullivan’s Crossing always returns to the simplicity of what real life really looks like, and that pays off in its popularity. You can blissfully lose your mind to the till breaking at the campground reception, inane chatter happening in the local diner and the many whimsical local events that bring the community together.

If you just can’t wait for Virgin River to return, or want to immerse yourself in more of the same, there’s no question that Sullivan’s Crossing will scratch that itch.

You might also like

• I watch TV for a living and these are my top 3 Netflix shows that you should watch now
• Netflix’s #1 movie is a K-pop demon hunting anime with 97% on Rotten Tomatoes that I can’t get out of my head
• Netflix will start streaming NASA content soon – and the results look out of this world

The shift comes after nearly 20 years of mandatory shoe removal, a rule put in place after the 2001 "shoe bomber" attempt reshaped airport security protocols.

• The KEF XIO soundbar costs £1,999 / $2,499 / AU$3,600
• Dolby Atmos, DTS:X and Sony 360 Reality Audio
• 5.1.2 channels with 12 class D amplifiers

Audio legend KEF has been busy: not only did its team collaborate with Nothing on the Headphone (1), but it's also unveiled its first-ever Dolby Atmos soundbar. The team is clearly pretty proud of it, and promises a "transcendent" audio experience.

At $2,499 / £1,999 this is clearly one for high-end home theaters. It's a 5.1.2-channel all-in-one soundbar with 12 class D amplifiers putting out a whopping 820W of total power.

Despite that, the XIO soundbar is still shallow enough to look good on a wall. And where many soundbars are made specifically for movies, KEF says that the XIO has been made with music in mind too.

(Image credit: KEF)KEF XIO soundbar: key features

The soundbar has six Uni-Q MX drivers, which are smaller versions of the Uni-Q drivers you'll find in larger KEF speakers. These are special because they're two speaker in one – a smaller driver sits at the center of the cone of the large speaker, creating a wider soundstage between them that forms one clear audio signal.

Three of these drivers are placed on top for upward-firing audio, and the other three face forwards. They're teamed up with four P185 bass drivers, which are rectangular drivers that KEF says have the same radiating area as a standard circular 10cm driver. The rectangular shape means the soundbar can accommodate more drivers without adding bulk – similar racetrack drivers are used in lots of the best soundbars.

Despite that serious low-end power, you shouldn't get much in the way of unwanted vibration: KEF says the way it has arranged the drivers, with two pairs facing in opposite directions, meaning that each driver cancels out the vibration of its opposite.

The XIO also features KEF's patent-pending Velocity Control Technology, which it calls VECO. It's a sensor that monitors the P185 driver cones, adjusting the movement to compensate for any errors it detects in order to minimize distortion and compression.

Another key acronym is MIE, short for the Music Integrity Engine. This is a suite of DSP algorithms made specifically for the XIO to handle multi-channel processing, virtualization and object placement. The result, KEF says, is "transcendent soundscapes".

The XIO works with all the major streamers including Tidal, Amazon Music, Qobuz and Deezer, and it has HDMI eARC, optical and subwoofer outputs. You can also add any KEF subwoofer via the optional KW2 wireless receiver.

The KEF XIO is available via early access to myKEF members from today, 8 July, and it goes on sale on the 18th of July. It'll also be available from today in certain retailers, including Peter Tyson AV and Sevenoaks Sound & Vision in the UK, with wider retail availability starting on 8th August 2025.

You might also like

• The best soundbars: TV audio upgrade for all budgets
• The best Dolby Atmos soundbars for all budgets
• Why owning a soundbar has been a game-changer for me

• The KEF XIO soundbar costs £1,999 / $2,499 / AU$3,600
• Dolby Atmos, DTS:X and Sony 360 Reality Audio
• 5.1.2 channels with 12 class D amplifiers

Audio legend KEF has been busy: not only did its team collaborate with Nothing on the Headphone (1), but it's also unveiled its first-ever Dolby Atmos soundbar. The team is clearly pretty proud of it, and promises a "transcendent" audio experience.

At $2,499 / £1,999 this is clearly one for high-end home theaters. It's a 5.1.2-channel all-in-one soundbar with 12 class D amplifiers putting out a whopping 820W of total power.

Despite that, the XIO soundbar is still shallow enough to look good on a wall. And where many soundbars are made specifically for movies, KEF says that the XIO has been made with music in mind too.

(Image credit: KEF)KEF XIO soundbar: key features

The soundbar has six Uni-Q MX drivers, which are smaller versions of the Uni-Q drivers you'll find in larger KEF speakers. These are special because they're two speaker in one – a smaller driver sits at the center of the cone of the large speaker, creating a wider soundstage between them that forms one clear audio signal.

Three of these drivers are placed on top for upward-firing audio, and the other three face forwards. They're teamed up with four P185 bass drivers, which are rectangular drivers that KEF says have the same radiating area as a standard circular 10cm driver. The rectangular shape means the soundbar can accommodate more drivers without adding bulk – similar racetrack drivers are used in lots of the best soundbars.

Despite that serious low-end power, you shouldn't get much in the way of unwanted vibration: KEF says the way it has arranged the drivers, with two pairs facing in opposite directions, meaning that each driver cancels out the vibration of its opposite.

The XIO also features KEF's patent-pending Velocity Control Technology, which it calls VECO. It's a sensor that monitors the P185 driver cones, adjusting the movement to compensate for any errors it detects in order to minimize distortion and compression.

Another key acronym is MIE, short for the Music Integrity Engine. This is a suite of DSP algorithms made specifically for the XIO to handle multi-channel processing, virtualization and object placement. The result, KEF says, is "transcendent soundscapes".

The XIO works with all the major streamers including Tidal, Amazon Music, Qobuz and Deezer, and it has HDMI eARC, optical and subwoofer outputs. You can also add any KEF subwoofer via the optional KW2 wireless receiver.

The KEF XIO is available via early access to myKEF members from today, 8 July, and it goes on sale on the 18th of July. It'll also be available from today in certain retailers, including Peter Tyson AV and Sevenoaks Sound & Vision in the UK, with wider retail availability starting on 8th August 2025.

You might also like

• The best soundbars: TV audio upgrade for all budgets
• The best Dolby Atmos soundbars for all budgets
• Why owning a soundbar has been a game-changer for me