Feed aggregator

• New agentic AI tool Manus is being hailed as more capable than previously available agents
• Others are less impressed, citing crashes and hallucinations, while experts call for caution
• A use case gallery shows Manus being used to plan trips and analyse stocks

Manus, a new ‘agentic’ AI tool from Chinese startup Monica, has entered into invite-only preview, and, according to some users, “[redefines] what’s possible” for automated AI workflows to achieve.

That’s according to one Twitter user who asked Manus to ‘code a threejs game where you control a plane’ and “ended up concluding that Manus is the most impressive AI tool I've ever tried”.

Manus’ own use case gallery (via TechCrunch) lays out some of the possibilities, such as planning a trip to and producing a personalised guidebook for a trip to Japan, accessing a database to sort information from it into tables, analyzing stocks in a human-readable dashboard, and scheduling job candidate interviews without intervention from a real person.

What are AI agents?

AI ‘agents’, though powered by large language models (LLMs), differ from AI writers in that they utilise systems to automate a workflow based on a user’s prompt, rather than produce a single piece of output.

Manus isn’t offering anything especially new, though it is notable that, up until now, perhaps, AI agents haven’t had the best reputation; known for struggling with factual information, and basically being non-functional.

Others, however, aren’t as impressed. TechCrunch’s Kyle Wiggers gave a cohesive account of their experience, reporting crashes, and failures on tasks ranging from simple (booking a table at a restaurant) to the convoluted (“Then I asked the platform to build a Naruto-inspired fighting game)”.

Comparisons have also been made with DeepSeek’s LLMs, though these don’t quite add up. Manus and DeepSeek might both hail from China, but DeepSeek is not an agent, and Manus is not open source, and indeed has no release schedule. That said, an open source version, OpenManus, is in active development.

Manus coming from a Chinese startup has caused unease, with some circles, Axios notes, worrying China is gaining ground in a so-called “race for AI supremacy”.

Experts doubt Manus

Two industry figures told TechRadar Pro their doubts surrounding agentic AI still remain. Corpora.ai’s CEO, Mel Morris, said that “Manus' demonstrations showcase the potential of Agentic AI as a significant step forward. However, granting autonomous AI agents like Manus the ability to perform independent actions raises serious concerns.”

“We have already witnessed numerous examples of generative AI and so-called reasoning models producing flawed outputs. If given autonomy over high-stakes tasks - such as buying and selling stocks - such imperfections could lead to chaos. The ability to compare stock fundamentals and trading activity in minutes is vastly different from successfully navigating the complexities of the market.”

Similarly, Copyleaks co-founder and CEO Alon Yamin said that ,“while innovation in AI can drive remarkable efficiency, it also amplifies concerns around transparency, data security, and responsible oversight. Manus’ cloud-based operations surface several critical questions about data governance: Who controls the information? Where does it reside? How is the data protected?”

“As AI systems become more autonomous, ethical development and regulatory alignment must be prioritized. AI governance solutions that help organizations detect and mitigate AI risks remain critical, ensuring advancements like Manus AI are deployed responsibly and transparently.”

You might also like

• We’ve also listed the best AI video editors right now
• What is Gemini Code Assist? Everything we know about the AI coding tool
• These are the AI assistants developers are actually using - and how they're using them

AdGuard just became the latest VPN provider to add quantum-resistant encryption to its software.

Specifically, AdGuard VPN now integrates a combination of classic encryption methods with one of the post-quantum algorithm standards released by the National Institute of Standards and Technology (NIST) in August last year. The feature was rolled out on macOS and Windows on March 6, 2025, with the mobile apps expected to get the upgrade later in the month.

The firm now follows in the footsteps of Google Chrome and some of the best VPN providers on the market by upgrading its encryption protections to ensure user data is protected against new threats posed by quantum computing.

The need for quantum-proof encryption

"We are on the brink of the quantum technology era, and data protection must stay ahead of the threats, not just react to them. By implementing post-quantum cryptography, we are laying the foundation for a secure internet in the future," said Denis Vyazovoy, AdGuard VPN CPO.

Experts predict that it's just a matter of time before quantum computers break current RSA-based encryption methods. This is mainly because these machines will have the ability to process computations that today's computers can't handle, within minutes.

Recent releases such as Google's Willow quantum chip and Microsoft’s Majorana 1 chip, AdGuard explains, "are pushing quantum computing closer to solving complex real-world problems." This may be a portent of what the industry has long feared – that current encryption will soon become obsolete.

Quantum computers are still some years away from becoming mainstream, but cybercriminals are thought to have already adopted "harvest now, decrypt later" attacks. These involve malicious actors collecting encrypted data and decrypting it once quantum machines are up for the task.

It's exactly with this in mind that NIST experts released the first sets of quantum-safe algorithms last year designed for specific tasks, namely protection for key exchanges (ML-KEM) and identity authentication (ML-DSA and SLH-DSA).

Encryption refers to the scrambling of data into an unreadable form to prevent third-party access. VPNs – like encrypted messaging apps like Signal and WhatsApp – use end-to-end encryption to secure your data in transit. (Image credit: Getty Images)

As mentioned earlier, AdGuard VPN has implemented a hybrid encryption approach that includes the classic X25519 elliptic curve algorithm with the post-quantum Kyber768-based ML-KEM768.

This dual-layer encryption approach, the provider explains, "ensures robust protection against both current and future risks, enabling secure session keys that are resilient to quantum computing advancements."

This is exactly what the likes of Google, Signal, Tuta Mail, ExpressVPN, NordVPN, Mullvad VPN, Windscribe, and PureVPN have also done.

Put simply, having a hybrid encryption method ensures that tried and tested algorithms always protect your data, even if the post-quantum protection fails.

If you're using the latest version of AdGuard VPN on desktop, you should already be able to enable this feature through the settings menu. This advanced security option is also expected to land on the iOS and Android VPN apps in the next couple of weeks.

The social media site X, formerly known as Twitter, has been having a very bad Monday so far, with users reporting its third outage of the day – and it might not be the last.

The first spike in reported problems on Downdetector happened at 10am ET, with X users in both the US and UK unable to get their usual fix of memes and outrage in the app or website.

While that outage was quickly resolved, X has gone down a further two times – with the latest one approaching an earlier peak at 2pm. So to quote X's own tagline "what's happening"?

Here's all the latest news on the X downfall and when we can expect normal service (if that's ever possible on the reincarnated Twitter) to resume...

The latest news

• X (formerly Twitter) is down for the third time today
• The latest outage started at around 10.50am ET / 2.50pm GMT
• It's affecting both the app and site, with a DDOS attack rumored

When did this latest X outage start?

(Image credit: Downdetector)

This is very much a global X / Twitter outage, with reports of problems climbing fast in the US and UK from around 10.50am ET / 2.50pm GMT on the site Downdetector.

They've just hit a peak of 30,000 reports in the US, which is a massive outage. In the UK, reports have fallen in the past hour, but are still hovering at the 4,700 mark.

So, what's causing the problems? While there's been nothing official, some cybersecurity commentators suggest it may be a so-called DDOS (or Distributed Denial-of-Service) attacks, where a flood of internet traffic overwhelms a server.

In other words, buckle up – because this could last a while...

'Something went wrong'

(Image credit: X / Future)

Ever the master of understatement, X is greeting many users (my US colleagues in particular) with error messages like 'something went wrong' or simply a blank screen.

Some have taken to (other) social media platforms like Reddit to exclaim that this is actually an improvement to their lives. But here in the UK, X is back (for me at least) with its usual mix of Elon Musk ramblings, AI-generated memes and Fessholes.

This latest outage has fallen short of the second one earlier today at around 10am ET / 2pm GMT, but it is still pretty widespread. There's still no official word from X on the cause of today's wobbles, but presumably Grok is working on it...

Time to head to Bluesky?

(Image credit: Shutterstock)

Not surprisingly, many folks over on Bluesky are enjoying today's X outage and are looking back at the smoking remains of Twitter with a degree of schadenfreude.

Bluesky has managed to establish itself as a genuine X alternative, with the maker of the popular Tweetbot app (which was shut down after Twitter banned third-party apps) recently announcing that it's making an iOS and Mac app for the platform that's aptly called Phoenix.

Some Bluesky fans have noted (below) that it's been a particularly bad day for Elon Musk, with Tesla stock also down. And looking at Downdetector, the X problems don't seem to be easing...

(Image credit: Bluesky) The longest outage of the day...

(Image credit: Downdetector)

It might not have hit the Downdetector peaks of the second outage earlier today, but this latest X wobble is the longest of the day – it's now over the two-hour mark, which means the world's productivity has coincidentally hit a 2025 peak.

That's now over seven hours in total since the first reported problems earlier today, which easily overshadows former Twitter outages in the past like the one in 2022 when the world was denied its memes for only an hour or so.

Back then, that seemed like a long time for the site to be down. Of course, the X workforce has shrunk by about 80% since then, but it did at least go on a cybersecurity hiring spree late last year – and we imagine it's been a busy day for them.  

Have sweeter dreams with these deals to celebrate National Sleep Awareness Month.

• Cisco Talos recently found a bug in PHP-CGI, being used in attacks against Japanese firms
• GreyNoise said the attacks are being seen worldwide, and called for "immediate action"
• A patch was released in the summer of 2024, so update now

Cybersecurity researchers from Cisco Talos recently discovered a critical PHP-CGI vulnerability which could soon become a “global problem” - and doubling down on these findings, experts from GreyNoise have now added “immediate action” from is needed to tackle the threat.

In its report, GreyNoise noted how Cisco Talos recently observed threat actors targeting Japanese organizations through CVE-2024-4577, a critical remote code execution (RCE) flaw in PHP-CGI, with 79 exploits available. Cisco Talos said the unnamed threat actor used the bug to steal credentials and establish persistence on the target system “indicating the likelihood of future attacks.”

“While Talos focused on victimology and attacker tradecraft, GreyNoise telemetry reveals a far wider exploitation pattern demanding immediate action from defenders globally,” the report said.

The US, Singapore, and other targets

Cisco Talos said the threat actors were exploiting the flaw to drop Cobalt Strike beacons, and conduct post-exploitation activities using the TaoWu toolkit.

However, GreyNoise said the flaw was being abused in multiple places around the world, including the United States, Singapore, Japan, and other countries.

The attacks started in January this year, with GreyNoise’s Global Observation Grid (a worldwide network of honeypots) detecting 1,089 unique IPs (separate threat actors, essentially), attempting to exploit CVE-2024-4577 in January 2025 alone.

Almost half (43%) of IPs targeting CVE-2024-4577 in the past 30 days came from either Germany, or China, GreyNoise said.

Cisco Talos has released guidance to help businesses with internet-facing Windows systems exposing PHP-CGI mitigate the threat and defend against potential attacks, which you can find here. A patch was released in the summer of 2024, according to The Record, and GreyNoise added users should run retro-hunts to identify similar exploitation patterns.

Via The Record

You might also like

• PHP code could be easily exploited to let hackers target Windows servers
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

The latest measure, sponsored by Sen. Jeanne Shaheen, a Democrat from New Hampshire, follows years of delays and efforts to have Harriet Tubman replace President Andrew Jackson on the $20 bill.

(Image credit: Harvey B. Lindsley)

If you share a bank account with someone, here's what that means for your taxes.

JBL Tune 310C review

The JBL Tune 310C are a budget pair of wired earbuds designed to bring "hi-res" audio directly to you, for less than $25 / £15 / AU$30. At this price, you’re unlikely to be expecting a whole lot – and you're not wrong; buds this cheap can often falter with tinny audio, a flat design and limited feature-set. But this isn't the case here.

I’ll be upfront: you’re not going to get stunning sound quality out of the JBL Tune 310C. Sure, they can decode hi-res-quality files thanks to their built-in digital to analogue converter (DAC), but I rarely felt that I was getting a massively detailed listen. Despite that, I wouldn’t say the JBL Tune 310C are an unpleasant-sounding pair of in-ears.

When tuning into Black Eye by Allie X, bass displayed solidity, but the swift kick of the drum machine sounded a touch lethargic, meaning the track didn’t quite have its distinctive "bounce" – something the best wired earbuds are able to replicate. Meanwhile, vocals were clear, neither muffled nor distorted, although when switching to I Want You by Moloko, the singer’s breathiness was fairly muted, resulting in a less detailed, natural-sounding listen.

However, given their price, I’d still argue that the JBL Tune 310C offer adequate audio. The resonant bass and clean vocals alone make for a decent all-round listen, even if subtle intricacies are missing. Treble is pretty bright, too, when listening to Electric Tooth Brush by Toronto; I was struck by the snappy high-pitched percussion. While such delivery might wear you down after some time, it's suited to songs with a more excitable sound signature. And even with that brightness, I'd argue that these buds rarely become grating, inflicting tinny audio onto your ears, such as the Belkin SoundForm Wired Earbuds with USB-C connector, for example.

Note that if you’re not loving the sound of the JBL Tune 310C, you’re able to tweak it to your liking. That’s because these buds come with three built-in EQ options – something that isn't an option even in high-calibre, pricier alternatives such as the Master & Dynamic ME05. The EQ preset options included are Default, which offers a more balanced sound; Bass, for ramped up low-end power; and Vocal, for focusing on voices in podcasts, news broadcasts, or similar.

And they do all sound unique, which is a big plus point in my view. Having said that, I did mostly find myself sticking with Default. Don’t get me wrong, I’m a lover of bass-heavy bangers, but the Bass mode can occasionally sound a little bloated in the low-end. For instance, the drum machine in Black Eye hit with more depth in this mode, but in turn, also sounded less agile and a touch muddy.

Meanwhile, Vocal mode works very nicely when watching dialogue-heavy content, whether that’s a documentary on one of the best streaming services or a podcast on Spotify. It isn't the best for listening to music, however, since it sometimes casts a tinny layer over your favorite tracks; I'd use it sparingly.

One feature that improves the overall user experience is the inclusion of multiple sizes of ear gels, ensuring a comfortable listen regardless of your ear shape. Unlike the loose-fitting JBL Tune 305C, this enables you to form a proper in-ear seal, opening you up to the world of passive noise isolation. Is this super effective? Not really. I could still hear the odd nugget of speech when listening at around 50% volume. Nevertheless, it did dull excess noise – the sound of colleagues typing, for example. And far more effectively than the Tune 305C can.

One final feature worth mentioning is the JBL Tune 310C’s built-in mic and controller. The controller allows you to adjust volume, toggle play/pause, take calls or adjust EQ (by holding the volume up and down buttons simultaneously). Pretty neat! And the built-in mic is surprisingly good, too. When making a call and taking a voice recording, my speech could sound a little on the quiet side, but my voice was clear and pretty uninterrupted by static – something even the more expensive buds can suffer from.

In terms of looks, these wired earbuds are pretty middle of the road. The flat wire, despite being conveniently tangle-resistant, is pretty prone to bending, which isn’t so pretty to look at. And similarly to the Tune 305C, there’s plastic casing on the outside of the buds that looks a little cheap, in my opinion. I'm a fan of the small-sized USB-C adapter and handy controller, though – neither of which suffered any connectivity issues. The buds also arrive in some neat color options, including black, blue, red and white.

In my view, there are only a couple of hold-ups in terms of design. First, I experienced quite a lot of cable noise when on-the-go. Sure, that’s an inherent issue with many buds that have eartips; but it could become quite distracting when I was moving around. Second, there’s a lack of waterproofing – something I always like to have for added peace of mind if using these buds in the rain, for example.

Otherwise, though, I was pleased with what the Tune 310C could provide. They’re pretty comfortable in-ear and aren’t too hefty, meaning they won’t slip out all too easily. Audio, although unremarkable, is certainly solid given the Tune 310C’s budget cost, especially when you consider the tuning available through their three EQ modes.

So, if you’re looking for some cheap, feature-rich earbuds, then these JBL buds are worth considering. The SoundMagic E80D are better still, if you have a little extra cash – simply for the upgrade in sound quality. Plus the Skullcandy Set USB-C are a decent alternative, if you want some waterproof buds.

(Image credit: Future) JBL Tune 310C review: Price and release date

• $24.95 / £14.99 / AU$29
• Launched in 2024

The JBL Tune 310C released in 2024 around the same time as the JBL Tune 305C. The latter are a looser-fitting variant more akin to the Apple EarPods. They have a very modest list price of $24.95 / £14.99 / AU$29, which is pretty much inline with the 305C and competitors like the Apple EarPods, for instance. That price is typically the same regardless of the color option you pick. For reference, these are available in black, blue, red and white.

JBL Tune 310C review: Specs

(Image credit: Future) Should I buy the JBL Tune 310C? Buy them if...

You’re looking for some inexpensive buds
EQ options, a built-in DAC and solid mic quality, all for less than $25 / £15? Oh, go on then. If you’re looking for a cheap wired option, you’ll struggle to find buds with so many features packed in. Sound quality –although not out of this world – isn’t bad either, making the 310C an excellent choice for those on a tight budget.

You’re into bass-heavy bangers
Considering the cost, I found the JBL Tune 310C offered impressively impactful bass. If you enjoy tracks with imposing low-end power, you won't go far wrong with the Tune 310C. You can even activate Bass mode by holding the volume up and down buttons simultaneously for some real low-end weight.

Don't buy them if...

You want earbuds for runs and workouts
If you want earbuds that are totally workout-ready then the JBL Tune 310C are to be avoided. They don’t have a waterproof rating to give you peace of mind for those sweaty moments, and you’ll experience quite a lot of cable noise when you’re moving about. If you want a better suited audio companion, I’d recommend checking out our guide to the best open ear headphones.

You’re an audiophile
If you value excellent, top-tier audio quality, the JBL Tune 310C aren’t going to cut it. Bass output is powerful for the price, but can get a little muddy. Vocals aren’t beautifully natural, and finer sonic details sometimes remain under wraps. Sure, they sound solid for the price, but these certainly aren’t audiophile-grade.

JBL Tune 310C review: Also consider

SoundMagic E80D
For me, the SoundMagic E80D are among the best cheap wired earbuds money can buy. Sure, they’re a little more pricey than the JBL 310C buds, but if you want a more controlled, detailed listen, they deliver with ease. They’re also comfortable in the ear and block out external noise fairly well. There really is a lot to love about the E80D, but don’t just take my word for it. Read our full SoundMagic E80D review.

Apple EarPods USB-C
Want something a bit more loose fitting? Well, the Apple EarPods USB-C are among the best budget options for you. You get decent all-round sound, a relaxed in-ear fit, and classic Apple sleekness – all for less than $20 / £20 / AU$30. Note that the open-style fit does leave you more exposed to external noise, however, so bear that in mind if you want a more focused listening experience. Read our full Apple EarPods USB-C review.

JBL Tune 310C review: How I tested

(Image credit: Future)

• Tested for one week
• Used in the office and while on walks
• Predominantly tested using Tidal

I put the JBL Tune 310C to the test over the course of one week. When trying out these buds, I predominantly spent my time listening to music, which I did in the main through Tidal on the Samsung Galaxy S24 FE. However, I also tried them out with YouTube and Spotify on my Windows laptop.

When listening, I played through all the tracks in our TechRadar testing playlist, which contains songs from a variety of genres – read our guide on how we test earbuds for more. In addition, I spent hours tuning into songs from my personal library, while also using them in a variety of environments, including busy streets and the office at Future Labs.

• First reviewed: March 2025
• Read more about how we test

From Huntsville to Mobile, Alabama residents have several internet options worth considering, and we've found the best options.

Mark Carney is a newcomer to elected politics with decades of experience in finance. After his landslide victory, he pledged to continue tariffs on the U.S. "until the Americans show us respect."

(Image credit: Artur Widak)

Washington Post columnist Ruth Marcus resigned today, accusing the paper's publisher of killing her piece on owner Jeff Bezos' overhaul of its opinion pages.

(Image credit: Thos Robinson/Getty Images for The New Yorker)

Unplanned downtime costs the Global 2000 a staggering $400 billion annually, according to Oxford Economics research, with each company facing an average loss of $200 million per year due to unexpected digital disruptions.

The repercussions of this can be severe. In a world where customers demand round-the-clock product and service availability, IT organizations are under constant pressure to deliver it for their mission critical IT services. So, what is business downtime, and what are the solutions?

Defining and understanding IT downtime

There’s no doubt that today’s digital landscape is ruled by the applications that we all rely on. While most people don’t spend a huge amount of time thinking about IT downtime, it can be nothing short of a nightmare when it disrupts an application that an organization can’t function without. “IT downtime” describes any period when systems, services, or networks are unavailable. While some downtime is planned, such as maintenance activity, the bigger risk comes from unplanned downtime, typically caused by technical failures, cybersecurity incidents, or natural disasters. For businesses, this unplanned downtime can lead to significant financial and client loss, with Europe and APAC having the longest recovery times from downtime events.

The causes of downtime can range from software bugs to infrastructure configuration errors, networking errors, or even storage failures. Adding to the challenge, IT operations teams often manage hundreds of different inter-dependent applications, making the process of identifying a root cause lengthy, manual and very complicated.

The cyber-attack on the British Museum in October 2023 is one example of just how financially damaging downtime can actually be. A hacker group named Rhysida targeted the British Museum and caused a technology outage. Rhysida demanded a ransom of approximately £500,000 at the time, which the library refused to pay. As a result, Rhysida publicly released approximately 600GB of sensitive data online. The breach forced the library to take its main catalogue offline for several months, with a partial read-only restoration occurring in January 2024. The institution had to use about 40% of its financial reserves, estimated at £6–7 million, to recover from the attack. Ciaran Martin, the previous CEO of the National Cyber Security Centre, said, “This incident has been described as "one of the worst cyber incidents in British history.”

Oxford Economic Research shows that some organizations can expect their stock price to drop between one and nine percent after a single downtime event - and then take an average of 79 days to recover. It’s not difficult to understand how these and other hidden costs could easily amount to more than $200 million annually for a single company.

The business impact of downtime

Financial impact: Beyond the costs of restoring systems, businesses may face hefty regulatory fines and penalties. Additionally, operational disruptions can lead to lost revenue and hinder employee productivity. When customers experience service interruptions, it not only affects their satisfaction but can also tarnish the company's reputation, leading to long-term trust issues. Impact on innovation: Innovation is essential for economic growth because it creates new markets, industries, jobs and investment opportunities.

When a company experiences any measure of downtime, it can stymie innovation by disrupting workflows, moving attention away from new projects, creating delays in development cycles and preventing development of new ideas. When systems are unavailable, employees are unable to focus on creative problem-solving and exploring new technologies, negatively impacting the progress of innovative ideation.

Customer experience: Not only can financial and productivity losses impact the bottom line, they can also create a negative customer experience. This can bring ill-repute on an organisation, while potentially dissuading new customers from wanting to do business together. Customers expect reliability and availability from applications, and frequent downtime can frustrate users and erode customer trust. A single incident can result in lost customers, negative reviews, and diminished brand loyalty.

Brand reputation: Organizations have regulatory and compliance consequences to manage. Critical systems that are unavailable can impact reporting and recording leading to legal ramifications and fines, damaging an organization's reputation.

The hidden costs of downtime

With technology, and more specifically applications, becoming increasingly integral to daily operations, business downtime has become a significant risk to the productivity of organizations. In fact, a recent Forbes article reports that large enterprises can see costs as high as $9k per minute from downtime.

The reality is that the cost of business downtime often goes far beyond lost income. The financial impact is compounded by lost opportunities to acquire new customers or expand sales, as well as by recovery costs, such as repairs or overtime compensation. Further, negative publicity can drive away future customers and supply chain disruption can impact supplier relationships.

Actions to strengthen your resilience

So, how can businesses combat downtime as an issue? No one expects businesses to become resilient to downtime immediately, but there are actions organizations can take to navigate and minimize the damage:

1. Agree on a downtime strategy: Regularly testing apps and having the staff on hand to resolve any issues is a strong start to ensure systems are back online as quickly as possible.

2. Analyze historic vulnerabilities: Organizations should get into the habit of analyzing what went wrong every time there’s a forced period of downtime. This helps to avoid issues reoccurring. It is also worth investing in data analytics tools to constantly monitor the performance of critical applications.

3. Enforce data control: By having a clear data governance policy, organizations can better enhance security and resilience by protecting against data shocks and strengthening their ability of recovering and withstanding security threats.

4. Be proactive: Prevention is always better than a cure. Getting ahead of potential issues and coordinating their teams to prevent them from occurring will pay dividends.

Be on the front foot

In today’s fast-paced, technology-driven world, application failures can have widespread and severe consequences. To mitigate these risks, businesses should adopt proactive and efficient strategies to anticipate potential issues and address them without delay. Prioritizing infrastructure and application resiliency not only minimizes operational risks but also fosters customer loyalty, positioning organizations for sustained growth and innovation in an increasingly competitive market. How resilient is your business?

We've featured the best business VPN.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here : https://www.techradar.com/news/submit-your-story-to-techradar-pro

Plus, a record-low price on one of the best mattresses to buy in 2025 and a handy robot vacuum for under $200.

“Proper preparation and planning prevents poor performance” is a famous adage that the British Army has used for centuries. The phrase highlights the importance of a well-structured plan - it ensures that teams stay on track, budgets are managed efficiently, and objectives are achieved.

Whilst most enterprises are not combatting tanks or missiles like the military, they are facing constant threats in the form of cyberattacks. Ensuring that employees are well-prepared for whatever challenges arise is crucial.

Being prepared for a cyberattack requires strong cyber crisis management underpinned by individuals with the right skills, which enables effective decision-making, steadfast leadership, and the learning of lessons. Readiness can be the difference between a well-handled, minor cyber incident and a major crisis.

The lessons of past global incidents

“Proper preparation and planning prevents poor performance” has another joking meaning by the British military. Military leaders have used the line when something has gone wrong, but it can still be used to teach a valuable lesson.

In cybersecurity, there is so much focus on the next threat that it can be easy to overlook past incidents. While the tactics and techniques employed by cybercriminals have rapidly changed over the years, having an effective crisis management plan has always been critical.

For example, when it was first discovered in December 2021, around one in three applications using the vulnerable version of Log4Shell were susceptible to remote code execution, marking one of the most extensive cyber threats to date.

Despite the scale of the vulnerability, it was relatively easy to address on an individual level by simply updating to a secure version. The Log4j incident highlighted the critical need for proactive vulnerability management and a robust incident response strategy.

Businesses that lagged on security trends or had ineffective patching processes remained exposed for much longer, with many continuing to use vulnerable versions even years later.

Almost two years later, the MOVEit vulnerability, a zero-day vulnerability that affected more than 2,600 organizations and nearly 90 million individuals, again highlighted the importance of organizations being prepared, but in a different way.

As a zero-day, there was little that could be done to proactively reduce risk. However, clear, transparent, and timely communication with stakeholders was crucial in managing expectations and maintaining trust throughout the incident.

Whilst the two incidents required very different responses from organizations, both carry the lesson of the importance of preparedness.

How to make the right decision during a crisis

In a crisis, leaders face intense pressure, where every decision is significant. Success depends on a clear decision-making framework that balances urgent needs with long-term objectives. So, what does an effective framework look like?

A strong starting point during any crisis is being able to gather all accurate and relevant information. By understanding the full scope of the crisis and its potential impacts, leaders help prioritize actions and allocate resources effectively.

It’s critical in any crisis management framework that leaders establish credible sources that allow them to determine the extent of the crisis and make effective decisions. These sources must be rigorously cross-checked to avoid the spread of unverified information, which will only spread panic and distrust during a crisis.

In addition to having the correct information, leaders should go into cyber crises knowing what their key priorities and strategic focuses are. For example, how do you keep people safe, and which systems are essential for maintaining services?

Actions must align with the organization's mission and values, ensuring responses are both effective and true to core principles. Effective crisis management demands prioritizing resources and making informed trade-offs to minimize the impact of an attack.

Considering such priorities before an incident will also reveal the ethical implications of each choice. This includes the impact of decisions on customers, employees, and business relationships. By considering such implications, leaders can then make decisions that support sustainable recovery.

What to do in the middle of a crisis

As mentioned before, preparation is key to making the right decisions. However, during a crisis, there are a number of points leaders need to follow.

First and foremost, clear and transparent communication is absolutely essential. Stakeholders need to be provided with regular updates so they can manage expectations. It’s critical that any statement provides truthful information about the situation, including any associated risks and uncertainties.

A company might handle the technical aspects of a cyber incident very well, but if they don’t manage communications effectively or address the business impact, it could lead to negative media coverage and customer backlash—the court of public opinion, as I like to call it.

For example, CrowdStrike was both applauded and criticized in the court of public opinion, despite resolving the issue fairly quickly.

On the other hand, Atmos recently showcased the importance of regular communication. Through regular statements, they were able to hit back at ransomware attack claims and then later that week confirm the claims of compromise were unfounded.

By immediately addressing the rumors of a potential breach, they prevented panic from spreading among customers and partners, and fostered a reputation of transparency and credibility.

During a crisis, it’s also critical that leaders remain flexible and adaptable to changes. Cyber incidents are constantly changing, and new information is coming to the forefront. For example, initially, a breach might just be the encryption of systems, but days later it can quickly unfold that customer data has been exfiltrated.

Leaders must learn from ongoing events and adjust their approaches based on real-time feedback and evolving circumstances. By incorporating feedback from stakeholders and team members, leaders can refine strategies and improve crisis management.

Practice makes perfect

It’s easy for organizations to complete their cyber crisis plans and leave them on the shelf until needed. However, preparation doesn’t mean just creating plans but regularly testing and refining them.

An effective crisis management framework should include well-defined roles, responsibilities, and communication protocols. Regular drills and simulations are essential to test and refine the plan, ensuring teams are prepared for real emergencies.

Ongoing training is crucial to reinforce the crisis management framework, instilling confidence and ensuring familiarity with assigned roles. Comprehensive crisis simulations, including cyber drills, should emulate real-life scenarios to enhance preparedness and situational awareness.

Following a cyber incident, it is vital to update the response framework. After the immediate crisis is resolved, a thorough review must be conducted to assess the effectiveness of the response and identify areas for improvement.

Debriefing sessions enable leaders to analyze successes and pinpoint gaps in the response process. Documenting lessons learned and updating protocols based on this analysis ensures the organization is better equipped to manage future incidents. Maintaining a culture of continuous improvement is key to sustaining a robust state of crisis readiness.

Ultimately, the rate and impact of cyberattacks is not going to slow down anytime soon. However, being prepared for such incidents can stop an attack from becoming a full-blown crisis. Preparation is key to stopping cyberattacks, and at the heart of preparation is a proactive and regularly tested crisis management plan.

We've featured the best business plan software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Looking for a different day?

A new Quordle puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Monday's puzzle instead then click here: Quordle hints and answers for Monday, March 10 (game #1141).

Quordle was one of the original Wordle alternatives and is still going strong now more than 1,100 games later. It offers a genuine challenge, though, so read on if you need some Quordle hints today – or scroll down further for the answers.

Enjoy playing word games? You can also check out my NYT Connections today and NYT Strands today pages for hints and answers for those puzzles, while Marc's Wordle today column covers the original viral word game.

SPOILER WARNING: Information about Quordle today is below, so don't read on if you don't want to know the answers.

Quordle today (game #1142) - hint #1 - Vowels How many different vowels are in Quordle today?

• The number of different vowels in Quordle today is 5*.

* Note that by vowel we mean the five standard vowels (A, E, I, O, U), not Y (which is sometimes counted as a vowel too).

Quordle today (game #1142) - hint #2 - repeated letters Do any of today's Quordle answers contain repeated letters?

• The number of Quordle answers containing a repeated letter today is 1.

Quordle today (game #1142) - hint #3 - uncommon letters Do the letters Q, Z, X or J appear in Quordle today?

• Yes. One of Q, Z, X or J appears among today's Quordle answers.

Quordle today (game #1142) - hint #4 - starting letters (1) Do any of today's Quordle puzzles start with the same letter?

• The number of today's Quordle answers starting with the same letter is 0.

If you just want to know the answers at this stage, simply scroll down. If you're not ready yet then here's one more clue to make things a lot easier:

Quordle today (game #1142) - hint #5 - starting letters (2) What letters do today's Quordle answers start with?

• L

• J

• S

• R

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

Quordle today (game #1142) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle, game #1142, are…

• LINGO
• JUICE
• SHARP
• REVEL

A close shave for me today, due to a poor start and some bad luck. I had an incorrect hunch that there would be lots of Es in today’s puzzle, while I wasted a start word with FUNKY.

Next, I had two near misses before guessing SHARP and LINGO, leaving me zero margin for error with the last couple of words.

Somehow I finished before running out of turns. Phew!

How did you do today? Let me know in the comments below.

Daily Sequence today (game #1142) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle Daily Sequence, game #1142, are…

• MACAW
• MOODY
• DROOL
• FIERY

Quordle answers: The past 20

• Quordle #1141, Monday 10 March: AVAIL, THESE, TITAN, GAUGE
• Quordle #1140, Sunday 9 March: SKILL, IDEAL, WHERE, REHAB
• Quordle #1139, Saturday 8 March: WATCH, LAPSE, WREST, HEFTY
• Quordle #1138, Friday 7 March: GLEAN, SHINY, DECRY, MANGA
• Quordle #1137, Thursday 6 March: TRICE, EIGHT, BELCH, RIPER
• Quordle #1136, Wednesday 5 March: PLEAD, TWANG, MAJOR, RISKY
• Quordle #1135, Tuesday 4 March: FLOWN, ETUDE, TOPAZ, JOKER
• Quordle #1134, Monday 3 March: FRILL, KAYAK, REBAR, WORDY
• Quordle #1133, Sunday 2 March: TUNIC, GLOSS, DEBUG, LARGE
• Quordle #1132, Saturday 1 March: DENSE, BONEY, KITTY, SMEAR
• Quordle #1131, Friday 28 February: PASTA, RAZOR, PLUMB, DROOL
• Quordle #1130, Thursday 27 February: THIEF, CHAIR, ETHER, GRIME
• Quordle #1129, Wednesday 26 February: LOVER, SPIED, VAPOR, METER
• Quordle #1128, Tuesday 25 February: TWIST, TWEAK, MEANT, CLEAR
• Quordle #1127, Monday 24 February: LEASH, LEVER, TOTEM, CREME
• Quordle #1126, Sunday 23 February: RABID, RELIC, SCRAM, BASIS
• Quordle #1125, Saturday 22 February: ETHER, SONIC, VAUNT, ROUSE
• Quordle #1124, Friday 21 February: STIFF, PRIZE, SCOWL, DONUT
• Quordle #1123, Thursday 20 February: HASTY, DRAPE, FICUS, CRAZE
• Quordle #1122, Wednesday 19 February: ABATE, TROVE, VENUE, DRAPE

Looking for a different day?

A new NYT Connections puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Monday's puzzle instead then click here: NYT Connections hints and answers for Monday, March 10 (game #638).

Good morning! Let's play Connections, the NYT's clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need Connections hints.

What should you do once you've finished? Why, play some more word games of course. I've also got daily Strands hints and answers and Quordle hints and answers articles if you need help for those too, while Marc's Wordle today page covers the original viral word game.

SPOILER WARNING: Information about NYT Connections today is below, so don't read on if you don't want to know the answers.

NYT Connections today (game #639) - today's words

(Image credit: New York Times)

Today's NYT Connections words are…

• PHONE
• BREAK
• FOOTBALL
• LEGEND
• SADDLE
• KEYS
• BELL
• WALLET
• ALTERNATIVE
• KING
• WONDER
• CHANGE
• MOCCASINS
• INTERCOM
• DEPARTURE
• ALARM

NYT Connections today (game #639) - hint #1 - group hints

What are some clues for today's NYT Connections groups?

• YELLOW: Doing things differently 
• GREEN: Chiming
• BLUE: Made from the same material 
• PURPLE: Playing all the right notes

Need more clues?

We're firmly in spoiler territory now, but read on if you want to know what the four theme answers are for today's NYT Connections puzzles…

NYT Connections today (game #639) - hint #2 - group answers

What are the answers for today's NYT Connections groups?

• YELLOW: VARIATION FROM THE NORM 
• GREEN: THINGS THAT RING 
• BLUE: THINGS TRADITIONALLY MADE OF LEATHER 
• PURPLE: SINGER-SONGWRITER PIANISTS 

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Connections today (game #639) - the answers

(Image credit: New York Times)

The answers to today's Connections, game #639, are…

• YELLOW: VARIATION FROM THE NORM ALTERNATIVE, BREAK, CHANGE, DEPARTURE
• GREEN: THINGS THAT RING ALARM, BELL, INTERCOM, PHONE
• BLUE: THINGS TRADITIONALLY MADE OF LEATHER FOOTBALL, MOCCASINS, SADDLE, WALLET
• PURPLE: SINGER-SONGWRITER PIANISTS KEYS, KING, LEGEND, WONDER

• My rating: Easy
• My score: Perfect

I had a hunch that WONDER was connected to Stevie, but my uncertainty over who could join him led me to pursue other groups.

THINGS TRADITIONALLY MADE OF LEATHER was the first connection I saw, mainly down to MOCCASINS and SADDLE, with my only hesitation being FOOTBALL as I knew that in the early days they were called pigskins.

After initially thinking that both BREAK and DEPARTURE had vacations in common, I saw that difference or VARIATION FROM THE NORM was the link. In a huge departure from the norm for me, I managed to get today’s puzzle without a mistake. A unique and enjoyable experience.

How did you do today? Let me know in the comments below.

Yesterday's NYT Connections answers (Monday, 10 March, game #638)

• YELLOW: CAT BREEDS RAGAMUFFIN, RUSSIAN BLUE, SPHYNX, TURKISH ANGORA
• GREEN: FAMOUS SMILES CHESHIRE CAT, COMEDY MASK, JOKER, MONA LISA
• BLUE: ATTRACTIONS ICONICALLY DIFFERENT FROM THEIR ORIGINAL FORMS LIBERTY BELL, STATUE OF LIBERTY, TOWER OF PISA, VENUS DE MILO
• PURPLE: ASSOCIATED WITH "THE DUDE" LEBOWSKI BATHROBE, BOWLING, RUG, WHITE RUSSIAN

What is NYT Connections?

NYT Connections is one of several increasingly popular word games made by the New York Times. It challenges you to find groups of four items that share something in common, and each group has a different difficulty level: green is easy, yellow a little harder, blue often quite tough and purple usually very difficult.

On the plus side, you don't technically need to solve the final one, as you'll be able to answer that one by a process of elimination. What's more, you can make up to four mistakes, which gives you a little bit of breathing room.

It's a little more involved than something like Wordle, however, and there are plenty of opportunities for the game to trip you up with tricks. For instance, watch out for homophones and other word games that could disguise the answers.

It's playable for free via the NYT Games site on desktop or mobile.

Looking for a different day?

A new NYT Strands puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Monday's puzzle instead then click here: NYT Strands hints and answers for Monday, March 10 (game #372).

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #373) - hint #1 - today's theme What is the theme of today's NYT Strands?

• Today's NYT Strands theme is… What's the magic word?

NYT Strands today (game #373) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• LAST
• PAST
• REST
• SING
• TANK
• BRASH

NYT Strands today (game #373) - hint #3 - spangram What is a hint for today's spangram?

• Said with a wave of a wand

NYT Strands today (game #373) - hint #4 - spangram position What are two sides of the board that today's spangram touches?

First side: left, 5th row

Last side: right, 6th row

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #373) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #373, are…

• TADA
• SHAZAM
• ABRACADABRA
• PRESTO
• ALAKAZAM
• SPANGRAM: CASTING SPELLS

• My rating: Moderate
• My score: 1 hint

The Strands trend for very long Spangrams continues, with CASTING SPELLS taking up a large chunk of today's puzzle.

The large block taken up by the theme words made for an easier than normal search. The only challenge was navigating the high number of As and coping with the return of an earworm I’d only just shaken…

The song ABRACADBRA by Steve Miller had only just left my head after its appearance in the Connections category #1 SONGS FROM 1982 a couple of days ago and now it’s returned – competing for headspace with Lady Gaga’s song of the same name. Frankly, I need some kind of vanishing magic spell to rid me of this agony.

How did you do today? Let me know in the comments below.

Yesterday's NYT Strands answers (Monday, 10 March, game #372)

• VOLUME
• BACK
• POWER
• HOME
• MUTE
• GUIDE
• CHANNEL
• SPANGRAM: REMOTE CONTROL

What is NYT Strands?

Strands is the NYT's not-so-new-any-more word game, following Wordle and Connections. It's now a fully fledged member of the NYT's games stable that has been running for a year and which can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.

• A vulnerability in an old camera is being used to create a botnet
• The camera is no longer supported by its vendor and will not receive a patch
• Users are advised to move to a newer model

Security researchers are warning cybercriminals are abusing a command injection vulnerability in an old IP camera to build out a botnet.

The IC-7100, manufactured by a Taiwanese networking gear maker called Edimax, is vulnerable to a command injection flaw caused by the improper neutralization of incoming requests, security researchers from Akamai found.

Akamai says that a malicious group is using this flaw right now to build out a botnet - however it isn't known which botnet, or how big it is - although usually, botnets are used in DDoS attacks, illegal proxy services, ad click fraud, and more.

Obtaining confidential information

The flaw is tracked as CVE-2025-1316, and has a severity score of 9.3/10 (critical). It allows threat actors to send a custom-crafted request to the device, and thus gain remote code execution (RCE) capabilities.

The US Cybersecurity and Infrastructure Security Agency (CISA) reportedly tried reaching out to Edimax, to no avail. Akamai was somewhat luckier, being told by Edimax that the camera reached end-of-life and was no longer supported. However, the manufacturer did not say if other, newer models, were also susceptible to the same flaw, and if it would be addressing it any time soon.

The Edimax IC-7100 is a network camera designed for home and small business surveillance. It is used by homeowners, small businesses & retail stores, in offices, and by remote workers. It was released in 2011, and its discontinuation date isn't specified. Unfortunately, many owners don’t keep track of outdated gear, and continue to use hardware and software that is no longer supported, putting themselves at risk.

Unfortunately, the only way to defend against this attack is to remove the cameras and replace them with newer, supported models. Putting it behind the firewall might help mitigate the risk, but it won’t eliminate it entirely.

Via BleepingComputer

You might also like

• Web DDoS attacks see major surge as AI allows more powerful attacks
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

• The NHS is reportedly looking into allegations of a third-party software flaw
• A vulnerability of this kind could leave patients exposed
• However Medefer denies wrongdoing, says it was unaware of issue

The NHS is reportedly “looking into” allegations that a software flaw in a virtual booking provider left patient data exposed for a number of years.

Reports from ComputerWeekly say a researcher found a flaw in Medefer, which handles 1,500 NHS patient referrals per month, with its system allowing patients to book virtual appointments with doctors, as well as giveingphysicians access to the relevant patient data.

However, the APIs in Medefer's software were apparently not secured properly, meaning sensitive patient data could have fallen into the wrong hands, the researcher confirmed.

Patients vulnerable

The researcher, who wished to be anonymous, told Computer Weekly hackers could target these reported vulnerabilities by using "a suite of automated tools and techniques" in order to retrieve personal and sensitive information that could be monetised or used for further malicious activity. Since authentication wasn't required, threat actors could "script automated calls to the APIs to exfiltrate large amounts of data, for example all patient records."

The flaw could have existed for at least 6 years, the researcher said, meaning a large amount of NHS data could be at risk.

However Medefer says that it first heard about the NHS investigation in the media, and that it has had no prior contact from the NHS on this issue.

"There is no evidence of any patient data breach from our systems at any point. This has been formally confirmed by an independent specialist cybersecurity agency" Dr Bahman Nedjat-Shokouhi, CEO of Medefer told TechRadar Pro.

"The external cybersecurity agency has asserted that the allegation that this flaw could have provided access to large amounts of patients’ data is categorically false, confirmed that all of Medefer’s data systems are currently secure, and that it is not possible to access any patient data without appropriate security authentication. The issue has been reported to the Information Commissioner’s Office (ICO) by Medefer, and the commission confirmed no further action needs to be taken."

Healthcare data is incredibly valuable for threat actors, as medical information can be sold on the dark web, and personally identifiable information (like names, addresses, emails) can be used in social engineering attacks or identity theft, so anyone potentially exposed should monitor their accounts carefully.

You might also like

• Check out our list of the best firewall software around today
• Top IVF firm says hackers accessed private data during cyber incident
• We've also rounded up the best malware removal software on offer right now

• OnePlus will no longer outfit its phones with the iconic Alert Slider switch
• Future OnePlus phones will feature an iPhone-style customizable button
• The button will offer the same functionality as the Alert Slider plus new features

OnePlus will replace the iconic Alert Slider found on most of its premiere phones with an Apple-style customizable button, according to a new statement by the company’s CEO.

In a post to the OnePlus Community forum, OnePlus CEO Pete Lau confirmed that the Alert Slider would be replaced due to the limited functionality offered by the three-position slider.

This means the successors to the OnePlus 13 and OnePlus 13R will likely lack one of the brand's most iconic features.

Lau gave few details about the Alert Slider’s successor, only that it would offer more functionality than the current three-position switch, and that switching between sound profiles without unlocking the phone would still be possible.

In fact, the post implies that Lau personally insisted that the new button should be able to offer the same functionality as the outgoing Alert Slider, as well as new and expanded functions that are yet to be revealed.

Overall, this new OnePlus button sounds theoretically identical to Apple’s Action Button, first seen with the release of the iPhone 15 Pro – so we can look at the iPhone to make some educated guesses about the new button’s potential capabilities.

The OnePlus 14 will likely feature an iPhone-style customizable button (Image credit: Future | Alex Walker-Todd)

The Action Button found on the iPhone can be assigned to a long list of functions, including turning the flashlight on and off, opening the camera, activating a shortcut, or toggling do not disturb.

OnePlus takes fairly liberal inspiration from Apple when it comes to software - there is a simulated Dynamic Island on the latest OnePlus 13 interface, for instance - so I wouldn’t be surprised to see something similar from the company’s future handsets.

Lau’s post mentions that backlash to the OnePlus 10T, which launched in 2022 sans Alert Slider, inspired internal debate about the future of the iconic hardware feature, and that removing the slider will allow for better use of the devices’ internal space. OnePlus has yet to announce the first product that will feature the new button.

The end of an era

OnePlus is the last remaining major phone maker to fit its handsets with a physical ringer switch – though, as this news entails, not for much longer.

I’ve always found the ringer switch affixed to OnePlus phones to be a useful addition – other functions are easy enough to find in the UI or on the lock screen, and it’s nice to be able to switch my phone into silent mode without even looking at the display when I’m taking a break.

Perhaps even more important is the character the alert slider brings to OnePlus phones – it’s a unique feature that made the best OnePlus phones stand out in a field of increasingly homogenous phone designs, lending as much personality as utility.

When I was daily driving the OnePlus Open, I used the slider every day, and I still use it whenever I’m testing a OnePlus or Oppo phone (Oppo and OnePlus are related companies under the same umbrella parent). Tactility is a rare and underrated thing in modern phone design, so I’ll be genuinely sad to see the Alert Slider go.

What do you think about this decision? Should OnePlus have kept the Alert Slider as is? Let us know in the comments.

You might also like

• Three iPhone 17 model dummy units appear in a hands-on video leak
• New Samsung Galaxy S25 Edge may have revealed some key details – including its price
• iPhone 16e: price, design, Apple Intelligence, and everything you need to know