Feed aggregator

• Palo Alto Networks fixes authentication bypass PAN-OS flaw
• A day after the patch was released, criminals started looking for vulnerable endpoints
• The flaw allows them to run different PHP scripts

A vulnerability in Palo Alto Networks firewalls is being abused in in-the-wild attacks, researchers are saying.

The company recently found, and fixed, an authentication bypass vulnerability in its PAN-OS firewalls. The flaw, tracked as CVE-2025-0108, has a severity score of 8.8/10 (high), and was said to affect multiple versions of the product.

It released a fix on February 12, 2025, urging users to upgrade their firewalls to these versions:

11.2.4-h4 or later
11.1.6-h1 or later
10.2.13-h3 or later
10.1.14-h9 or later

Exploit attempts

The vulnerability impacts the PAN-OS management web interface, and allows malicious actors to run different PHP scripts. This, in turn enables sensitive data exfiltration, firewall configuration tampering, and more.

Now, researchers from the security outlet GreyNoise said they observed attempts to exploit the flaw on unpatched endpoints. The attacks, they said, started a day after Palo Alto Networks released the patch (February 13), and came from multiple IP addresses, which could suggest that more attackers picked up on the vulnerability at the same time.

Citing information from Macnica researcher Yutaka Sejiyama, BleepingComputer reported that the attack surface likely counts more than 4,400 devices.

To protect the firewalls, users should apply the patch as soon as possible, and restrict access to the product’s interface, as soon as possible.

Firewalls used by SMBs are often targets because these types of businesses typically have weaker security configurations and outdated firmware. Many SMBs lack dedicated IT teams, leading to misconfigured firewall rules that create vulnerabilities. Furthermore, threat actors can use firewalls as entry points to bypass network defenses and gain deeper access to internal systems. Once compromised, firewalls can be used to intercept sensitive data, launch further attacks, or disable security measures altogether.

Via BleepingComputer

You might also like

• A critical Palo Alto Networks bug is being hit by cyberattacks, so patch now
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

The 88-year-old pontiff was initially admitted to the hospital on Friday for bronchitis. On Monday, the Vatican said test results show Francis has "a polymicrobial infection of the respiratory tract."

(Image credit: Mondadori Portfolio)

• A flaw named WhoAMI was found in Amazon Machine Image
• It allows threat actors to gain RCE abilities on people's AWS accounts
• A fix has been released, but many users are still yet to update

Amazon Web Services (AWS) users are potentially vulnerable to a name confusion attack called “whoAMI”, experts have warned.

The vulnerability, found in Amazon Machine Image (AMI), was discovered in the summer of 2024 by cybersecurity researchers DataDog, and has now been confirmed by Amazon, which said it fixed the issue on its side, and urged users to update the code on their side and thus protect their premises.

AMI is a pre-configured template used to create and launch virtual servers (EC2 instances) in AWS. It includes an operating system, application software, and necessary configurations like storage and permissions. AMIs allow users to quickly deploy consistent environments, whether using AWS-provided images, community AMIs, or custom-built ones. This makes scaling and managing cloud infrastructure more efficient.

Following the naming pattern

AMIs can be public, or private, and once generated, come with a unique identifier. Public ones can even be found in the AWS catalog. But these public ones should also come with the ‘owners’ attribute, as a way to confirm that they’re coming from a trusted source.

Now, the researchers found that the way software projects retrieve AMI IDs was flawed, and allowed threat actors to gain remote code execution (RCE) capabilities within people’s AWS accounts.

The technical details on how the vulnerability works and how it might be exploited can be found on this link. Long story short, if a threat actor publishes an AMI with a name that follows the format used by trusted owners, it can be picked up by mistake.

When DataDog first discovered the flaw, it said that overall, a very small percentage of AWS users are vulnerable, but that still equals “thousands” of AWS accounts. Amazon responded by issuing a fix in mid-September last year, and releasing a new security control called “Allowed AMIs” in early December last year.

It also advised all users to apply the fixes, while stressing that there was no evidence of abuse in the wild.

Via BleepingComputer

You might also like

• Dangerous Microsoft Outlook flaw could let hackers send out malware via email
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

• Unprotected.org successfully petitions USPTO against the application for Hosted WordPress and Managed WordPress
• However this is not an absolute denial for the trademarks
• Move leads some to call Matt Mullenweg's WordPress leadership into question

Since September 2024, WordPress, led by Matthew Mullenweg, has been locked in a battle with WP Engine over licensing and contributions to the WordPress community.

So far, the battle has seen Mullenweg block WP Engine from open source resources, followed by a court order that required WP Engine's access to be reinstated and restrictions to developers removed.

As part of a wider effort to control how hosts can use the WordPress name, the WordPress Foundation also attempted to trademark 'Hosted WordPress' and 'Managed WordPress,' but the US Patent and Trademark Office (USPTO) has required disclaimers for both terms in an initial setback for Mullenweg.

Is Mullenweg doing more harm than good for WordPress?

The attacks on WP Engine and trademark expansion efforts left many hosts wondering about the future of their WordPress hosting products and possible backlash from the WordPress Foundation over trademark infringements of the open-source software.

While this initial disclaimer request gives some relief to hosts it is not a denial and the term Hosted WordPress has already been granted in some counties. If the trademarks are granted it gives more control to the WordPress Foundation on which web hosting providers they can give licenses to for the use of the phrases.

The WordPress drama has caused many to question whether Mullenweg’s actions are damaging rather than strengthening the WordPress community. Since the attack on WP Engine, 159 Automatic (a company run by Mullenweg) employees have left because they disagree with his leadership.

The requested disclaimer on the trademarks was filed by Unprotected.org, a website critical on Mullenweg.

A spokesperson from the site told The Register, "This represents a great victory for the WordPress ecosystem, and we will continue to fight until there is accountability and a change in leadership.”

The spokesperson added, "The WordPress ecosystem is ready for new leadership, and Joost de Valk, the developer of Yoast SEO, is the first who comes to mind."

De Valk has previously called for the decentralisation of WordPress around Mullenweg and to create a federated and independent WordPress. In a blog post he said, “We, the WordPress community, need to decide if we’re ok being led by a single person who controls everything, and might do things we disagree with, or if we want something else. For a project whose tagline is “Democratizing publishing”, we’ve been very low on exactly that: democracy.”

In response, Mullenwag banned De Valk from sponsoring and attending any WordPress events. WordPress currently powers over 43% of the world’s websites but as web hosts develop their own website builders and uncertainty around the stability of WordPress grows we may see that number start to decline.

You might also like

• We've rounded up the best WordPress hosting options around
• What is managed WordPress hosting?
• WordPress.org vs WordPress.com what's the difference?

• Windows 11 has a new advert for PC Game Pass in testing
• It offers the ability to give up to five friends a 14-day free trial
• Microsoft doesn’t appear to be giving up with a broader push to get these kind of ‘suggestions’ into its desktop OS

Windows 11 is undergoing yet more experimentation with adverts, this time in the Settings app (again), as driving users with targeted ‘suggestions’ of one kind or another appears to be a habit Microsoft isn’t going to relent with anytime soon.

The new ad – or ‘recommendation’ as Microsoft might call it – is present in the latest preview build of Windows 11 released in the Dev and Beta channels, meaning it’s still just in testing for now.

It’s an advert that appears in the Settings app home page which is targeted at Game Pass Ultimate and PC Game Pass subscribers. If that sounds familiar, it’s because Microsoft instigated a similar advert in testing last year, though that was trying to cajole people into signing up for Game Pass itself.

It was still targeted at gamers only, though, we were told at the time. The difference with this fresh advertising initiative is that it’s aimed at those who already subscribe, and it’s a referral ad. The idea is to “share a 14-day free trial” with up to five friends in an effort to get them to sign up.

As with the past advert for Game Pass, this only appears for those who are signed into their PC on their Microsoft account.

In the blog post for the new preview build 26120, Microsoft also notes that it’ll be improving the Recall feature in its next release for testers. It doesn’t say how, only that: “This important update will improve your experience. As part of this upcoming update, your existing snapshots will be deleted.”

Recall is the (controversial and tricky to implement) AI-supercharged search feature that only applies to those who have a Copilot+ PC (as it needs the beefy NPU incorporated with these laptops to ensure the process runs smoothly).

There’s a neat extra for those who use OneDrive in that Windows 11 will present a notification on your PC offering the chance to resume working on a file that you were just editing on your phone. This happens if you were interacting with a file on your smartphone within the last five minutes, then you subsequently unlock your PC – a nifty touch.

(Image credit: Microsoft) Analysis: Boss drum, here we go again

I know, you’re probably sick of hearing the ‘stop this with the veiled advertising in Windows 11’ drum, and I’m sick of beating it, believe me. Microsoft doesn’t appear to take any notice, though, and would likely argue that there’s some value to its latest nudge. After all, you might want your friends on Game Pass, too, and offering the ability to take a two-week test trial could be something your pals appreciate.

Well, fair enough I guess, but what I’d still like to see (and again, this is another well-worn drum) is the ability to turn off all these kinds of recommendations as a system-wide switch. Then those who don’t want some of their screen real estate taken over by such nudges – which are in quite a few corners of the Windows 11 interface – could just flick that switch and enjoy a cleaner UI all around. Meanwhile, those who felt some of the recommendations were useful could keep them turned on.

Everybody wins, no?

Anyhow, I should again emphasize that this latest plug for Game Pass is just in testing at the moment, so it may not be realized. Those who aren’t so keen on the idea can make their feelings known via the usual feedback channels, and maybe throw in a vote for that system-wide ad (sorry, recommendation) kill switch. I can dream, can’t I?

You may also like...

• How to set up your new Windows 11 laptop
• If Microsoft's Windows 11 24H2 issues continue like this, I'll fully convert to SteamOS for gaming
• Free Windows 11 upgrade offer won’t be getting killed off by Microsoft (yet)

• Veeam’s DevOps team mistakenly restored an old backup
• Topics and comments spanning 24 hours were lost
• Veeam apologizes for error, says it was not intentional

Top backup and data protection software provider Veeam has apologized after it accidentally erased forum data during an erroneous restoration.

A report from The Register said Fabian K from the company's Product Management team explained the internal infrastructure DevOps team had mistakenly restored a day-old backup of the forum database over the production database, leading to a temporary loss of forum data.

Confirmation of the mistake came around 4.5 hours after Veeam shared that “some topics and comments from the past 24 hours [were] missing.”

Veeam admits fault over mistake restoration

Veeam dedicated its web team to identifying potential issues, Fabian said in a 10:38am post on February 11: “We understand how important timely updates are, and we want to assure you that we are actively looking into this matter.”

Although the company spotted pretty quickly what had gone wrong, Fabian admitted in a 3:00pm post that it would not be possible for Veeam to combine new comments post-restoration with those missing in the runup to the mistake, meaning that an unknown number of posts have been lost without a backup.

Together with the public admission, the incident was humorously labeled as the ‘best post of the week’ in the company’s weekly forum digest, which is used to share news and upcoming plans.

Fabian wrote: “We sincerely apologize for any inconvenience this may have caused and appreciate your understanding.”

You might also like

• Keep your data safe with the best cloud storage around
• Veeam patches multiple critical remote code execution flaws
• We’ve listed all of the best ransomware protection

The age of one-size-fits-all AI appears to be crumbling. As enterprises rush to embed artificial intelligence into their operations, a stark reality has emerged: generic language models, while impressive, often stumble when faced with specialized industry needs.

This limitation is particularly glaring for those of us who work in sectors such as voice AI, where our tech is the first step in a complex chain of understanding and action. Converting speech to text perfectly means nothing if the AI can't grasp industry-specific jargon or generate contextually appropriate responses. Working in the medical space recently, we've seen how mixing precise speech recognition with specialty LLMs can mean the difference between accurate diagnosis transcription and potentially dangerous errors.

Enter "Bring your own LLM" (BYO-LLM) - an evolving consensus on how businesses approach AI integration. And the timing is perfect: the LLM landscape has exploded, with upstarts like DeepSeek and Mistral challenging OpenAI and Google's dominance, proving innovation isn't confined to Silicon Valley's walled gardens.

Breaking free from Big Tech

Every industry speaks its own language - from legal firms parsing case law to manufacturers decoding technical manuals. This specialization is precisely why vendor lock-in has become the tech industry's oldest trap.

Betting your entire stack on a single provider's LLM is increasingly risky as the technology evolves at warp speed. BYO-LLM offers an escape route - if a better model emerges, companies can pivot quickly without a complete infrastructure overhaul.

The compliance angle makes this freedom even more crucial. Regulations like GDPR demand strict data controls, and BYO-LLM lets organizations host models locally or choose providers that meet regional compliance standards - critical for sectors where data sovereignty isn't negotiable.

The open source revolution

DeepSeek's emergence marks a turning point: barriers to LLM development are falling, even as strategic hurdles remain.

While platforms like Hugging Face have democratized access to pre-trained models, creating a competitive LLM still demands serious resources. Finetuning the state of the art has become increasingly easy and is now a very quick way for businesses to maintain IP and have a performant domain-specific LLM which understands their use cases.

Open source has been critical on both the foundation model level and the making available the tooling for finetuning.

Building your own beast

For organizations eyeing their own LLM journey, the price tag for training a foundational model can hit eight figures. Fine-tuning existing models is cheaper but still demands significant investment. Your shopping list includes elite data scientists (who command astronomical salaries), serious computational muscle, and mountains of clean, properly labeled data.

Model efficiency isn't optional - in real-time applications, every millisecond of latency kills user experience. Cascaded systems can tackle this by processing speech in stages, but optimization remains a constant challenge.

Add security requirements and on-premises deployment to the mix, and your infrastructure needs multiply.

The build vs integrate dilemma

Unless your differentiator hinges on foundational proprietary AI, most companies will benefit from integrating established models. The key is knowing when to build and when to borrow. For real-time applications, you'll need robust infrastructure - think on-premises deployment, scalable compute resources, and a team that can handle both technical complexities and industry-specific requirements.

The future of AI isn't about having the biggest model - it's about having the right one. As open-source innovation accelerates and specialized models proliferate, success will come to those who can seamlessly integrate the perfect tools for each task.

Generic AI is dead. Long live the custom revolution!

We've featured the best AI website builder.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Apple is apparently considering inserting ads into its Apple Maps app
• This would mirror a move taken by Google Maps and similar rivals
• It could result in a much worse user experience

Apple Maps was a buggy mess when it first launched, but in the years since it has become a genuine rival to Google Maps, and arguably outperforms it in some areas. But there are murmurings that it could soon adopt one of Google Maps’ worst features, and it’s made me worried for its future.

That’s because Bloomberg journalist Mark Gurman believes Apple is considering inserting adverts into the Apple Maps app. This could mean that certain places get pushed to the top of search results within the app, an example being a local Wendy’s topping the list when you search for 'fries,' merely because it paid to be advertised this way.

Apple Maps wouldn’t be the first Apple app to come with built-in ads. The Stocks, News and App Store apps already contain adverts, and the company is pushing further into the commercials business with its expanding sports coverage.

It’s also not the first time that Apple has looked at inserting ads into Apple Maps. Gurman reported back in 2022 that the firm was looking at ways to integrate advertising into its navigation app, although little came of this. Now, it looks like Apple is returning to the idea in a more serious way.

Degrading your search results

(Image credit: Shutterstock)

A move like this sticks in the craw for a number of reasons. As an Apple user, I’m already paying a premium for hardware, so being served ads on top of that feels like I’m being nickel-and-dimed. As well as that, Apple is one of the most valuable and profitable companies in the world – does it really need to be degrading the user experience in order to squeeze even more money into its coffers?

I take some small comfort knowing that Apple is far more committed to user privacy than Google is. Apple takes certain steps to protect the information of people using the Maps app, such as assigning you a random identifier that only lasts for the duration of your session, making it impossible for Apple or a hacker to get a complete picture of any one person’s journeys. That makes me feel Apple would at least handle user privacy more stringently if it were to bring ads to Apple Maps.

But it doesn’t overcome my main problem with seeing ads in a mapping app. Apps like this aren’t just used for route planning – they’re used to find attractions and restaurants in your nearby area. You might want to find the best eatery near you, but if certain locations are being promoted to the top of the pile because they paid for the privilege, you could be pushed towards an inferior location and miss somewhere better that didn’t slip Apple a few shiny greenbacks. In other words, the playing field is being skewed away from the genuinely best results and towards those with the deepest pockets.

If I use an app like Apple Maps to find local attractions, I don’t want my screen to be crowded with questionable options when something better might end up being pushed out of sight. And while I’m assuming that Apple will respect user privacy based on its past behavior, that’s not a guarantee that the company will be quite so scrupulous when serious money is on the line.

I guess the good news is that I’ve become so accustomed to ignoring ads that I've already conditioned myself to scroll right past them in search results. But if Apple handles this move poorly, I might have to start looking for an alternative app.

You might also like

• Apple Maps could be plotting a big update to help it compete with Google Maps' Street View
• Google Maps is ramping up its Waze-like incident reports – and that could split opinion among users
• Apple Maps just launched on the web – here's what you need to know

Rising costs, particularly the increase in National Insurance costs coming into effect in April, are putting significant pressure on retailers’ margins. In response, many brands are passing on these higher costs to consumers. A recent survey by The British Retail Consortium indicates that as much as two-thirds of British retailers plan to raise prices in response to increased NI costs. However, inflating prices has a negative impact on consumer confidence and spending.

Despite reports of a bumper Christmas trading season, consumer spending has been faltering ever since and retailers are very concerned about increased pressure on costs. As a result, organizations are grappling with how they can do their best not to increase prices.

At this crucial time, retailers must reassess and look at ways to generate efficiency by making improvements in key areas such as forecast accuracy in the supply chain and stock control, driven by AI’s transformational potential. This means they can absorb cost increases and avoid passing these on to consumers whose spending is already squeezed.

At the recent National Retail Federation (NRF) 2025, top of the agenda was how AI can change the retail game. The technology has the potential to lead the charge in these unprecedented times and empower retailers to enhance supply chain responsiveness to disruption, and drive supply chain efficiency for the benefit of the customer. To continuously deliver the exceptional shopping experiences their customers expect.

The cost vs. customer experience challenge

Cost optimization has become a top priority for retailers who have had to navigate a significant jump in costs on a variety of fronts. With margins squeezed, increasing prices or adding new charges may seem like an obvious way to protect margins. However, the long-term pursuit of a consumer cost pass-through strategy can prove a risky choice, as there comes a point when consumer loyalties and trust begin to erode.

One thing is for sure: Today’s consumers, and their wallets, are weary following a prolonged period of inflationary turbulence and economic volatility. Indicators show that consumers are now hyper alert and sensitive to price rises and will be making their purchasing decisions accordingly. Similarly, they are less likely to look favorably on retailers who they perceive are rising prices in an attempt to increase profits – rather than offset costs.

Post-Christmas and with the build up to increased budget pressures this April, retailers that want to deliver a consistent consumer experience and maintain customer spend should opt to work smarter so they can mitigate the need to pass costs onto consumers. To achieve this goal, they should address the supply chain weaknesses that increase operational cost – and consider the host of AI-driven technological innovations designed to change the way retail does business. For example, AI-enabled pricing, provides retailers with real-time insights into the factors influencing customer demand to make optimal pricing decisions across the product lifecycle, at a granular level and at speed.

Inefficient data management

When data from suppliers, customers and other sources is scattered across the supply chain it becomes difficult to capture the actionable insights that enable better demand forecasting and inventory management.

Today’s cloud-powered platforms enable retailers to break down the operational silos that generate inefficiencies, making it possible for internal teams to work much more proactively and cohesively. Even better, by sharing data with the entire supply chain, including trading partners, via a single platform, smarter processes and approaches can be initiated so that everyone can work more effectively.

This kind of real-time flexibility minimizes inefficiencies such as excess inventory. An entire end-to-end AI-driven supply chain can plan for both demand and returns more intelligently. By doing so, retailers can reduce the need for reactive and costly safety-buffer stock orders.

Smarter inventory and returns management

As supply chains become more connected, retailers gain the visibility they need to engage in smarter inventory and returns management.

For example, retailers will be able to see if high demand products are already in transit and extend delivery windows on their website accordingly, rather than ordering additional stock. They can also instantly identify if an item is currently available at a store location for immediate pickup.

By engaging in this real-time dynamic inventory management, retailers can significantly reduce the inventory wastage that equates to lost revenue and additional costs. Equipped with real-time visibility of stock returns, inventory levels across the network can be optimized. This ensures items are instantly re-routed to where they are needed the most – direct to a store or a distribution center.

Using AI to enhance supply chain resilience

A digitally connected and cooperative supply chain will be better equipped to handle disruptions caused by external factors such as weather, or internal issues like supply chain bottlenecks. What’s more, real-time and bi-directional data sharing makes it possible to create interoperable workflows that transform retail planning and merchandising. It also opens the door to deploying AI technologies that will further improve supply chain efficiencies and reduce interruptions.

For example, using AI powered tools, retailers can monitor their entire supply chain in real-time and proactively identify and respond to potential disruptions on the horizon. They can also deploy AI and ML solutions to improve and elevate how they undertake several supply chain activities, such as last-mile delivery planning and warehouse management.

Finally, retailers that invest in AI-enabled tools will be able to automate routine tasks and support human operators with real-time insights that help them to focus on making strategic decisions that will drive efficiency.

Streamlining the supply chain to boost efficiency – and save costs

Today’s cloud-powered, interoperable, and data-driven supply chains make it possible to unite multiple teams – retail planning, merchandising, warehousing and transportation – so they can collaborate instantly and seamlessly. When combined with the transformative potential of AI, retailers can plan and proactively manage their supply chains ‘in the moment’ to improve resource utilization, boost operational efficiency and minimize waste. By doing so, they’ll be able to avoid passing on price increases that disappoint loyal customers and suppress demand.

We've featured the best Enterprise Resource Planning (ERP) software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Spyware maker SIO suspected of being behind 'Spyrtacus', a not-so new spyware
• It was previously found on Google Play but now largely on phishing websites
• A convincing paper trail links Spyrtacus back to SIO and a subsidiary

At least three Android apps have been identified as being spyware, and researchers believe that developer SIO, which sells its products to the Italian government, is responsible.

In late 2024, an anonymous security researcher raised its concerns about the apps with TechCrunch, who then forwarded the concerns to Google and cybersecurity firm Lookout; which both confirmed the apps in question, which purported to be popular apps like WhatsApp, and support services for phone carriers, were spyware.

Lookout identified the spyware as ‘Spyrtacus’, with reference to the malware itself being found in the code. Both it and a second cybersecurity firm that asked not to be named found that Spyrtacus could steal texts, chats, calls, and contacts, as well as record ambient audio and imagery directly from a device’s microphones and cameras.

SIO’s Spyrtacus spyware

Connecting SIO to Spyrtacus is a convoluted paper trail, but it can be done. Per the researchers TechCrunch spoke with, a number of command-and-control (C2) servers were linked to former startup ASIGINT, now a known subsidiary of SIO that’s directly involved in producing “computer wiretapping” software (PDF, originally in Italian). Italy’s Lawful Intercept Academy, which issues compliance certifications to spyware developers, lists SIO as the cert holder for a product, SIOAGENT, that ASIGINT owns.

Finally, ASIGINT CEO Michele Fiorentino confirmed on LinkedIn he worked on ‘Spyrtacus Project’ at another company linked to SIO’s C2 servers, DataForense.

Kristina Balaam, a researcher at Lookout, found 13 samples of Spyrtacus in total that dated from 2019 through to October 2024. However, Ed Fernandez, a Google spokesperson, was confident that “no apps containing this malware [can currently be] found on Google play”, and confirmed that its app store has had protection against Spyrtacus in place since 2022.

This may not have done much to slow the operation down; Kaspersky, an antivirus software company with its own fair share of controversy over privacy concerns, found in a 2024 report that Spyrtacus distribution had largely switched tack from Google Play to fake but convincing imitations of Italian internet service provider (ISP) websites.

The Italian government already has harrowing form for enabling spyware manufacturers; back in February 2025, Israeli spyware developer Paragon Solutions cancelled its own contract with Italy’s government after being caught violating the ‘ethical framework’ set out in it by encroaching on the privacy of seven Italian citizens and several others across Europe.

It gets murkier when Italian telephone operators have been found actively practicing surveillance (originally in Italian) and being paid by the Italian justice ministry for their services, and that’s saying nothing of the prior two decades during which spyware companies like Hacking Team, Cy4Gate, RCS Lab and Raxir have called Italy home.

You might also like

• US lawmakers want Trump to call out UK Apple iCloud encryption backdoor demand
• Ransomware attacks surged in 2024 as hackers looked to strike faster than ever
• We’ve also listed the best ransomware protection right now

New York Times writer Charlie Savage discusses the scope of executive power as President Trump circumvents Congress, pushes legal boundaries and fires scores of federal workers, including at the FBI.

Are you looking for a good internet service provider in Greenwood? These are the best internet plans in the area.

• Security researchers spot new piece of malware called FinalDraft
• It gets commands from a drafted email
• It can exfiltrate data, run PowerShell, and more

Cybersecurity researchers from Elastic Security Labs have discovered a new piece of malware which abuses draft email messages in Outlook for data exfiltration, PowerShell execution, and more.

The malware is part of a wider toolkit used in a campaign called REF7707 targeting government organizations in South America, and Southeast Asia.

As per the researchers, the toolkit comprises a couple of tools: a loader called PathLoader, the malware called FinalDraft, and multiple post-exploitation utilities.

Speeding up

The attack starts with the victim somehow being exposed to the loader. While the researchers don’t detail how that happens, it’s safe to assume the usual channels: phishing, social engineering, fake cracks to commercial software, and similar.

The loader installs FinalDraft, which establishes a communications channel through Microsoft Graph API. It does so by using Outlook email drafts. It proceeds to receive an OAuth token from Microsoft, using a refresh token embedded in its configuration. It stores it in the Windows Registry, allowing cybercriminals persistent access to the compromised endpoint.

The malware allows the attackers to perform a whole swathe of commands, including exfiltrating sensitive data, creating covert network tunnels, tampering with local files, executing PowerShell, and more. After performing these commands, the malware deletes them, making analysis even harder.

The researchers found the malware on a computer belonging to a foreign ministry in South America. However, after analyzing its infrastructure, Elastic has seen links to victims in Southeast Asia, as well. The campaign targets both Windows and LInux devices.

The attack was not linked to any known threat actors, so we don’t know if this was a state-sponsored play or not. However, given that the goal seems to be espionage, it’s safe to assume nation-state attacks. In-depth analysis, including detection mechanisms, mitigations, and YARA rules, can be found on this link.

You might also like

• Dangerous Microsoft Outlook flaw could let hackers send out malware via email
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

The Elegoo Centauri Carbon is one of the new wave of CoreXY fully enclosed machines that I've reviewed this year, although this one is aimed directly at the entry-level market. Elegoo already has a decent history with this level of printer, with their Neptune printers being some of the most reliable on the market—if not the most well-known.

The main reasons for making the switch from the traditional bed slinger to the CoreXY machines is that they ensure high speed and accurate prints, and it's nice to see a printer of this type and quality come from Elegoo.

After removing the printer from the box, it only took around 10 minutes to get it set up and started with the first print. What really impressed me was the fact that it was so easy to use. It actually compared really well against the new Creality and Anycubic machines and, again, was just extremely fast and ran through its various self-checks faster than those competing machines.

While an initial check through the specifications showed that this is a slower printer than the new Creality K2 Plus or the S1 from Anycubic, when it came to general print speeds away from the standard test models, the Centauri Carbon actually outpaced them.

As I've seen with many of the best 3D printers, there's a lot of self-checking that goes on, so the auto bed levelling, strain gauge system, and other fail-safes all help to avoid misprints. It's nice to see a printer of this type coming out with its own integrated camera as a standard part of the machine, rather than an optional extra—the main thing here is that it will also print Carbon fill straight from the box, again without any additions.

The enclosed design enables plenty of material support, and through the test, I used PLA, PETG, as well as TPU and carbon fill, just to give the printer a full run of materials. With more advanced materials, having that enclosed build area does help with print quality, and when it comes to materials such as PLA, you can always pop the top of the machine to increase airflow.

Overall, while there's nothing groundbreaking about the Centauri Carbon, other than the amount of printer that you get for the price. When it comes to build quality, design, and ease of use, I have to say I've been extremely impressed. Although it remains a closed system, as an out-of-the-box and easy-to-use solution, the Elegoo Centauri Carbon is just a really well-thought-out and solid machine.

Elegoo Centauri Carbon: Price and Availability

The Elegoo Centauri Carbon can be purchased directly from the official Elegoo website as well as through major online retailers.

US: $299.99
UK: £299.99
EU: €329.99
CA: $449.99

• Price and Availability: 5/5

Elegoo Centauri Carbon: Design

(Image credit: Alastair Jennings)

The first thing I noticed when I lifted the Centauri Carbon out of the box was just how heavy it was for such a relatively small machine. The reason for this is that it has a completely integrated chassis, which helps boost stability, and certainly, for a machine of this type, it feels really solid. That solid build is carried across the entire design of this 3D printer, and it all feels really high-quality, with reinforced aluminium alloy pillars and stainless steel side panels. They all add weight but, again, add to that rigidity, which is needed for a CoreXY machine.

Looking over the machine, the overall build is good and solid, with a high-quality glass door at the front and a touchscreen for easy navigation and control of the machine. One of the pitfalls of this type of machine is that a door or top needs to be removed or opened when printing filaments such as PLA, and that's certainly a case here—some of the latest machines have started to incorporate other manual or automatic vent systems. Considering the price, the build and design is very high, so to not featuring a vent at this level isn't an issue. For a machine of this type, the display is just about standard at 4.3 inches, offering a full-colour screen that is nice and bright and extremely responsive.

Inside, due to the design of the machine, everything is neatly packed away, so it looks like a really refined 3D printer. It would have been considered premium had it been released a year ago, but now it sits just at the upper end of the entry-level price point. From the outset, it just seems like superb value for money, considering the quality and the number of features that you get.

There's a lot here that is reminiscent of the old bed-slinger Cartesian printers, so we have the large 256 × 256 × 256 mm print area, and as standard, there is a flexible magnetic build plate. This enables easy model removal when needed.

(Image credit: Alastair Jennings)

On the outside of the machine, you have your USB port so that you can transfer files offline to and from the machine, and the right-hand side of the machine features the filament holder, which is pretty standard and not enclosed. These days, it's more common to put your filament into a dry box of some type, and the design of this machine actually makes that next to impossible, so if a dry box is added, it will be an external module.

When it comes to the nozzle, there is a standard 0.4 mm option fitted by default, and as is now standard, this can be swapped and changed for a range of other diameter nozzles depending on the type of work you're doing. When it comes to the maximum temperature, this can reach up to 320°C—perfect for specialist materials—and there is plenty of flexibility over the adjustment of the temperature when needed. This is the Carbon model, so you guessed it, as standard out of the box, it's Carbon ready. Likewise, the bed temperature can also rise up to 110°C, again ideal for specialist materials.

• Design: 4.5/5

Elegoo Centauri Carbon: Features

(Image credit: Alastair Jennings) Specs

(Image credit: Alastair Jennings)

Build Volume: 256 × 256 × 256 mm
Nozzle Diameter: 0.4 mm (default)
Max Nozzle Temperature: 320°C
Max Bed Temperature: 110°C
Filament Compatibility: PLA, PETG, TPU, ABS, ASA, PLA-CF, etc.
Printing Speed: ≤500 mm/s
Acceleration: 20,000 mm/s²
Slicing Software: ELEGOO Slicer, supports third-party slicers
Connectivity: USB, Wi-Fi
Display: 4.3-inch full-color touch screen
Power: 1100 W @ 220 V, 350 W @ 110 V

This is Elegoo's first CoreXY motion machine, and if we look at the quality of their previous 3D printers, this first launch sets a pretty good standard when it comes to entry-level machines of this type for others to follow.

Starting out with the build area, at 256 × 256 × 256 mm, this is big all things considered and will give you plenty of flexibility over the type of model that you print. When it comes to the actual size and weight of this machine, it measures 398 × 404 × 490 mm, which again really isn't that large for a machine of this type and build area. When you compare that with the traditional bed slinger, it actually takes up a lot less space. However, when it comes to weight, these machines are in a different league compared with the older bed-slinging Cartesian models and has a weight of 17.5 kg. So, despite that relatively small footprint, with the strength and quality of the construction, the weight of this machine is far greater.

Just taking a quick run-through of the tool head, and it's fitted with a 0.4 mm nozzle diameter, and this can be swapped out and changed for others. It's heated by a 60 W heater, which is quite powerful, meaning that the hot end will heat up quickly. Inside the tool head there's that filament cutter, which helps to avoid filament clogs but also lends to the belief that this is going to be a multifilament machine in the not-too-distant future, and as standard, it takes 1.75 mm filament—so good standards all around.

The build plate is a double-sided flexible magnetic plate, which again is pretty standard, and it can reach temperatures up to 110°C. Along with the nozzle's maximum temperature and the enclosed design of the machine, that will enable plenty of flexibility over the type of materials that you print.

The CoreXY kinematics enable several advantages over the previous Cartesian design. Primarily, they are a lot faster and also more accurate. When it comes to speed, it has a maximum tool head speed of 500 mm/s, which is impressive, and a maximum tool head acceleration of 20 m/s²—again, exceptionally fast. But as I've come to realise, speed isn't everything, and whilst it might not match up to the likes of the Creality K2 Plus or the Anycubic S1 with those speeds, the speed at which it does its self-checks and heats the hot end could make all the difference.

As we've seen with the likes of the Bambu Lab P1P and many other machines on the market, cooling is as important to print quality as heating, and Elegoo has really tackled this with a high-speed 5020 cooling fan, an internal enclosure cooling system, and an auxiliary cooling fan—all to help with the efficient cooling of models as they're being printed. In addition to cooling, there is also a filtration system, so if you are using toxic filament such as ABS, then the built-in nano mineral crystals should help to reduce the odours and particles coming out of the machine.

One of the touches that I really like is the built-in camera, which enables timelapse recording as well as monitoring. While this is possible on most modern machines, it isn't always the case that the camera is included as a standard part when you buy the kit, so it's great to see that it's standard for the Elegoo Centauri Carbon.

• Features: 4.5/5

Elegoo Centauri Carbon: Performance

(Image credit: Alastair Jennings)

Setting up the Elegoo Centauri Carbon took me around 10 minutes, with the most effort being lifting the 3D printer out of the box. The reason for this was that, while it looked small, it was actually surprisingly heavy, and I wasn't quite prepared for that weight. At 17.5 kg, it is about average for a CoreXY machine, but with its slightly smaller footprint than most, it was still a bit of a surprise.

Placing the printer onto a work surface, and it all looks extremely neat with assembly essentially consisting of plugging in the small LCD and removing all the packaging.

Switching it on, the printer ran through its setup process and auto-levelling, with all checks running through relatively quickly and smoothly. Feeding in the filament and following the load instructions, and all was complete.

Starting out, I ran a few of the test prints from Elegoo, and the machine quickly proved just how efficient and fast it could be. While this isn't the fastest 3D printer on paper, when it actually came to use, it seemed to be incredibly quick. Using the example 3DBenchy, it produced this in a little over 15 minutes, and to be honest, the quality of that print was really good.

As the test went on and I produced more prints, I became increasingly impressed with the precision and speed that the Elegoo Centauri Carbon was capable of when printing with a variety of different materials. One thing that really struck me was that, because of its size and quality of the physical machine's construction, there was very little vibration. Although it caused a little bit more noise than some, the speed at which it printed and the consistency and reliability it was capable of were really impressive.

Again, when it came to checking over those prints for print quality, there was little to fault. The test models showed that it handled negative space, overhangs, bridging, and dimensional accuracy exceedingly well.

(Image credit: Alastair Jennings)

This is the fourth 3D printer that I have looked at in as many weeks that shows complete separation between the older Cartesian printers that I was reviewing a year ago and this new wave of CoreXY machines. The main thing here is that the Elegoo Centauri Carbon is far cheaper than many of its rivals.

When reviewing this machine, you can't help but make comparisons with the Bambu Lab X1 Carbon, which sits side by side with it on the workbench. The Elegoo Carbon actually takes the lead, mainly due to the time it takes to do its safety checks and the speed at which the nozzle gets up to temperature. Otherwise, when it comes to actual print quality, both are actually very similar. I would say that while they compete, the X1 Carbon is still a more premium machine and, in the long run, is the better machine, but considering the price of the Centauri Carbon, it gives the X1 Carbon a run for it's money.

• Performance: 4.5 / 5

Elegoo Centauri Carbon: Final verdict

(Image credit: Alastair Jennings)

It's incredible how far things can come in a year, with the Elegoo Centauri Carbon really being a competitor against the far more expensive Bambu Lab X1 Carbon. The print size is exactly the same, but with the Elegoo Centauri Carbon, you have those faster speeds due to the fact that the nozzle gets up to temperature really quickly, spends less time doing safety checks, and, ultimately—no doubt due to the rigid, high-quality build—it seems to be incredibly reliable.

The more I used the Centauri Carbon, the more I could see how this design has developed. What Elegoo has done is focus on the quality of the print and the hardware of the machine to ensure that it's able to compete in an increasingly competitive and advanced market.

I recently looked at the Anycubic S1, and that machine was capable of producing some of the most accurate prints that I've ever seen from a 3D printer of its type and price range. While printing some specialist materials, the S1 does require a nozzle upgrade. The Elegoo Centauri Carbon, however, comes ready and equipped to print with carbon fibre materials straight out of the box, and there is no other machine at present in this price range that can do that.

Its main competitor is really the Bambu Lab X1 Carbon, but with that model costing over £1,000, there's a huge difference in price. So if you are looking to print with carbon fibre materials, whereas a few weeks ago I would have recommended the Bambu Lab X1 Carbon without a doubt, now you're spoilt for choice with the X1 Carbon, Original PRUSA Core One or now this ultra-cheap entry-level Elegoo Centauri Carbon.

Should you buy the Elegoo Centauri Carbon? Buy it if...

You want an outstanding printer

This smallish CoreXY machine pitches itself at a level that is well beyond it's price point. The build is outstanding, and the quality of prints and speed absolutely excels.

You want outstanding prints

While speed is the core of these new machines, dial down the pace and the print quality, utilising a huge variety of prints, including carbon, is outstanding.

Don't buy it if...

You need multifilament now

Although it looks like eveything is in place for multifilament printing, at launch this is a single filament machine.

You want to print at scale

While the build area is pretty good, there are plenty of machines that are now offering 300mmx300mmx300mm build areas.

For more 3D printing devices, I've also tested and reviewed the best 3D printers for miniatures and the best hobby 3D printers.

A team at the University of Oxford succeeded in getting two quantum processors to connect to each other and work together with particle entanglement.

• Nosferatu is arriving on Peacock on February 21
• Subscribers will be able to watch both the theatrical and extended cut
• If you don't have Peacock, Nosferatu can also be rented or bought

Nosferatu has found a streaming home in Peacock, so you can now watch one of Robert Eggers' celebrated new movies in the comfort of your own home. Many horror fans have eagerly awaited its arrival, and Peacock has confirmed it will be available on February 21, so there's not long to wait if you want to dive into the excellent horror adaptation. While you wait, here's all the ways you can watch the original Nosferatu movie.

If you don't have a Peacock subscription (it's only available in the US and certain US territories), then I've got bad news because Nosferatu is not currently available on any of the best streaming services in the UK or Australia. So if you want to watch it outside of Peacock, you'll have to rent or buy it from services like Apple TV, Prime Video or Sky Store. If that changes, I'll be sure to let you know!

Was Nosferatu a critical success?

Yes, it was, and it has been a very good year for horror movies. Nosferatu was nominated for several BAFTAs and Academy Awards, even if it missed out on being one of the 2025 Best Picture nominees. Fellow horror hit The Substance has been flying lately, but that doesn't mean Nosferatu is any less deserving of praise.

The movie received 84% from the critics on Rotten Tomatoes and has joined some of the best horror movies in getting that coveted approval. Personally, I'm delighted that the genre has been so celebrated this awards season and can't wait to see what the rest of the year brings, as I'm yet to see some of my most anticipated horror movies of 2025. If they're as good as Nosferatu, we'll be truly spoiled.

If you've already seen Nosferatu, it's worth rewatching because Peacock is also releasing the extended cut, which includes extra scenes that weren't included in the theatrical cut. I just hope I'll be able to stream the extended cut of Nosferatu when it eventually gets a streaming release in the UK.

You might also like

• 5 new horror movies to stream on Netflix, Shudder, Max and more in February 2025
• How to watch Yellowjackets season 3 online and on TV – stream twisted survival horror from anywhere
• Best horror games: the scariest titles to play in 2025

The best part is that you probably already have some of these foods in your fridge and pantry.

• Microsoft has spotted a new phishing attack vector in the wild
• Storm-2372 is stealing access tokens through Microsoft Teams
• The group has been linked to Russia with medium confidence

A new phishing campaign has been spotted using ‘device code phishing’ through Microsoft Teams to target governments, NGOs, and other industries across Europe, North America, Africa, and the Middle East.

The attack, spotted by Microsoft itself, leverages Teams video conferencing meeting invitations which prompt the victim to enter a device code generated by the attacker which results in the victim handing over valid access tokens, giving the attacker access to victims emails and sensitive data.

Microsoft assesses with a medium level of confidence that the group, tracked as Storm-2372, is acting in line with Russian tactics and interests.

Data theft and lateral movement

Microsoft says the threat actor would first build up a rapport with the victim through messaging services such as WhatsApp, Signal, and Microsoft Teams, positioning themselves as an important figure within the victim’s industry. The attacker then invites the victim to an online meeting, where the victim is prompted to complete a device code authentication request.

(Image credit: Microsoft)

The actor will generate a legitimate device code authentication request, and then send the code to the victim. The victim enters the code into the legitimate authentication service page which allows the attacker to capture access and refresh tokens to maintain control over the account.

From there, the attacker will often attempt to move laterally using the valid access tokens, using a keyword search in the messaging service to harvest sensitive data including usernames and passwords, as well as data related to the admin, teamviewer, anydesk, credentials, secret, ministry, and gov keywords.

(Image credit: Microsoft)

The attacker can also use the compromised account to message or email colleagues with additional phishing messages. Storm-2372 has also been observed using the specific client ID for Microsoft Authentication Broker to request additional tokens that allows the attacker to register their own devices as an authentication device through Entra ID.

In order to protect against the specific attack vector used by Storm-2372, Microsoft recommends:

• Disabling device code flow wherever possible.
• Provide phishing training to all users.
• Revoke access tokens when Storm-2372 activity is suspected using revokeSignInSessions.
• Introduce a sign-in risk-based policy to to block access or force multi-factor authentication for high-risk sign ins.

The full list of defenses and mitigation can be found here.

You might also like

• Take a look at the best password managers
• These are the best authenticator apps
• SonicWall firewalls hit by worrying cyberattack

After meetings in Israel, Secretary of State Marco Rubio is in Saudi Arabia to push President Trump's plan for Gaza and to meet with Russian counterparts on steps to ending the war in Ukraine.

(Image credit: EVELYN HOCKSTEIN/POOL)

You need aluminum to make an iPhone, but Trump's 25 percent tariff shouldn't directly affect the price.