Feed aggregator

The musical guessing game returns with even more elaborate animal costumes.

The Jan Breydel Stadium plays host to Wednesday's first UCL playoff game.

New York Times journalist Eric Lipton outlines how Musk's companies are benefiting as he cuts federal jobs and agencies, and reporter Teddy Schleifer explains how Musk's political views turned right.

A 5-year-old giant schnauzer named, Monty, won the Best In Show title at the 149th Westminster Kennel Club Dog Show.

(Image credit: Sarah Stier)

• Nvidia's RTX 5070 is reportedly delayed for a launch in March instead of February
• There are supposedly no embargo details on the RTX 5070, but only for its RTX 5070 Ti variant
• AMD's Radeon RX 9000 series is also set to launch in early March

At CES 2025, Nvidia made its launch plans for the RTX 5070 Ti and RTX 5070 clear: both GPUs were slated for a February release - but new rumors hint at the RTX 5070's launch being pushed back into March, in the same month that AMD plans to launch the Radeon RX 9000 series GPUs.

According to MEGAsizeGPU on X (which is reliable for GPU leaks), Nvidia now supposedly plans to launch the RTX 5070 in early March, leaving the RTX 5070 Ti to launch in February. Just recently, its rival AMD finally announced the Radeon RX 9000 series release date, which surprise, is also in early March - and this could pit both Team Green and Team Red's midrange GPUs up against each other.

The same reports come from VideoCardz, who state that Nvidia's embargo details given to board partners didn't include any information on the RTX 5070, but instead details its Ti variant. Considering how close we are to the rumored February 19 and 20 review and launch dates for the RTX 5070 Ti, it wouldn't be too far of a stretch to say that this rumor may indeed be true.

We know that there's been limited availability for the RTX 5090 and RTX 5080 (both Founders Edition and third-party GPUs), so the reason for the supposed delay could hint at further stock woes - however, for some people, this move appears to prove that Nvidia is dead set on eliminating any traction the Radeon RX 9000 series GPUs could gain.

(Image credit: Shutterstock) It feels like Nvidia and AMD are playing mind games...

While AMD's new GPU lineup was announced at CES 2025, it wasn't fully unveiled, as we didn't get to see any details regarding prices or a release date.

Since then, I feel like Team Red has been biding its time until its rival unveiled and launched all of its main GPU offerings, with hopes that the hype dies down.

The RDNA 4 GPUs were recently set for early March, which came shortly after speculation of Nvidia's RTX xx60-class launch in the same month - and now, this new rumor regarding the RTX 5070 also launching in March instead of February feels like Team Green is doubling down on its stance of kicking its rival out of the race.

It's also worth noting that recent reports point towards AMD working on a 32GB RDNA 4 gaming GPU, despite stating its focus is on midrange GPUs. If you ask me, all of these reports (if accurate) feel like mind games being played by both parties with the attempt to one-up one another - which is great because competition is absolutely necessary. I just hope Team Red can deliver...

You may also like...

• We've barely seen AMD's RDNA 4 GPUs in action yet, but a new rumor suggests we could be getting an Nvidia RTX 5090 competitor at last
• Bring it on Nvidia - AMD confirms new Radeon RX 9000 series GPUs will launch in early March, rivaling Team Green's rumored RTX 5060 Ti and 5060 launch
• The Nvidia vs AMD GPU fight could be about to get really interesting with ‘aggressive’ Radeon RX 9000 pricing amidst RTX 5090 stock woes

It's the last ever Merseyside derby at Goodison Park, before Everton move to their new home in the summer.

Lenovo IdeaPad Slim 3 15IRU9: Two-minute review

(Image credit: Future / James Holland)

You’re not going to be wowed by the Lenovo IdeaPad Slim 3. But, if you’re looking for a laptop that’s “good enough,” a phrase you’ll see me use throughout this review, then you might be a fan of this laptop, especially considering that you can get it for fairly cheap.

In fact, its portability, decent enough performance, and pleasant aesthetics, particularly the Abyss Blue colorway, make it a contender for the best budget laptops out there right now. Considering that this is a slightly older model, you most likely will find it at a discount.

Being a more budget-oriented product does mean that it comes with a whole heap of compromises, from a mostly plastic built to shorter battery life and subpar audio quality. But, if you’re looking for one of the best laptops overall, you’ll probably need to spend a little more to get it.

The Lenovo IdeaPad Slim 3 is purely for those people who just need a laptop and want something that’s new, portable, and comes with Windows.

Lenovo IdeaPad Slim 3 15IRU9: Price and availability

(Image credit: Future / James Holland)

• How much does it cost? Starting at $539.99 / £510 / AU$1,149.00
• When is it available? Available now
• Where can you get it? Available in the US, UK, and Australia

The 15-inch version of the Lenovo IdeaPad Slim 3 is available in the US, UK, and Australia, but, like most things Lenovo, is available in slightly different configurations per territory. For instance, the cheapest version of this laptop, which goes for $539.99 / £510 / AU$1,149.00, is available in the US, whereas the more powerful versions are available in the other territories.

While the highest configuration’s price tag is a bit exorbitant, especially since it’s mostly for more storage, the cheapest configurations make it a good idea for those looking to just get a laptop that’s thin, light, and doesn’t look cheap.

There are other options out there, such as the Acer Aspire 5, that offers a little more in terms of performance and battery life, but is a bit more limited when it comes to ports. It’s also almost half a pound heavier than the IdeaPad Slim 3.

• Value: 4.5 / 5

Lenovo IdeaPad Slim 3 15IRU9: Specs

The Lenovo IdeaPad Slim 3 15IRU9 may be a more budget-oriented model but it still comes with some customizations. For starters, you can choose between three CPUs: the Intel Core 3 100U, Intel Core 5 120U, and the Intel Core 7 150U. The more powerful the processor the snappier the response will be for browsing and day-to-day tasks. There’s also a choice between 8 and 16GB of RAM, though you can only get 8GB with the Intel Core 3 and 16GB with the Intel Core 7 CPU. Lastly, you can choose an SSD ranging from 256GB (there is the ability to just do a 128GB flash drive in the UK) to 1TB of space.

There is some light customization available outside of the internal components as well. You can upgrade from a non-touch to a touch screen. And you can choose whether to pay extra for a fingerprint reader. There’s also a color choice between Abyss Blue (reviewed here) and gray.

Lenovo IdeaPad Slim 3 15IRU9: Design

(Image credit: Future / James Holland)

• Is thin, light, and looks nice, though it’s not the most premium build
• Keyboard and touchpad are fine
• Has some appreciated security features like a webcam privacy shutter

Available in either Abyss Blue or gray, the Lenovo IdeaPad Slim 3 offers up that distinctive Ultrabook aesthetic. It’s thin, light, and, from afar, looks like a MacBook competitor. Of course, upon closer look, its mid-range bones are more apparent, like the fact that its chassis is made out of plastic.

However, it’s a nice option for people who just need a computer and don’t care about getting something expensive or top-of-the-line. It comes with a decently-sized 15.6-inch display that, at 1080p, is good enough for most people. Plus, that display on upgraded models such as the one reviewed is a responsive touchscreen.

The keyboard falls into the “good enough” camp, as it does the job but isn't particularly special. The keys are a bit stiff to the touch, so may not be a favorite of those typing out long essays. And there’s no backlighting either. At least there’s a numpad. The touchpad is equally fine; it’s accurate and responsive, but isn’t the smoothest to the touch.

Image 1 of 2

(Image credit: Future / James Holland)Image 2 of 2

(Image credit: Future / James Holland)

Port-wise, you do get a nice assortment such as there’s an HDMI and SD card reader port, both of which you don’t always get in this caliber of computer. Of course, there’s the typical USB-C and USB-A ports as well as a headphone jack.

Lastly, there are some security features on hand that I do appreciate. Namely, there’s a fingerprint reader on the power button and privacy shutter on the webcam.

• Design: 4 / 5

Lenovo IdeaPad Slim 3 15IRU9: Performance

(Image credit: Future / James Holland)

• Good enough performance for day-to-day work
• Webcam is sufficient but limited
• Audio is underwhelming

When it comes to performance, the bar is somewhat low for the Lenovo IdeaPad Slim 3 in that it doesn’t need to power demanding programs like games or editing software (if you’re looking for that kind of power, there are plenty of other laptops to consider as this is not one). What it needs to do and does well enough is handle day-to-day tasks such as browsing, streaming, emails, word processing, and the like. And it does those just fine. This laptop is meant for people who “just need a computer” at an affordable price.

Lenovo IdeaPad Slim 3 15IRU9: Benchmarks

3DMark: Fire Strike: 4113; Time Spy: 1501; Night Raid: 14442

GeekBench 6.3 2469 (single-core); 8549 (multi-core)

Handbrake 1.8: 14:33

CrossMark: Overall: 1445 Productivity: 1459 Creativity: 1504 Responsiveness: 1308

Web Surfing (Battery Informant): 6:14:04

During use, I was able to use it normally with 15 tabs open in a browser, including some streaming, without much of a slowdown other than a split second refresh when switching tabs. The cheapest configuration, with its 6-core Intel Core 3 100U CPU and 8GB of RAM, will probably start to slow after just a couple years as it already has somewhat weak internals. The review configuration, however, has a 10-core CPU and 16GB of RAM, so should offer an additional year of use, in my opinion, before starting to feel slow.

Since this fits into that category of devices that look like an Ultrabook, but are more of a budget laptop, there are some compromises elsewhere. The webcam, for instance, is good enough but at 720p @ 30 fps, is not the sharpest or smoothest. Plus, it does have a little grain to the image in low light settings.

More egregiously, the audio is underwhelming. While this is somewhat typical for budget and mid-range laptops, it’s worth pointing out. There’s not much in the way of bass or high-end, leaving you with a boxy, mid-range quality, like hearing something through a phone. Considering how many people simply stream stuff onto their laptops these days, it’s surprising that this isn’t better.

Lastly, it should be mentioned that, like most budget laptops, this comes with some bloatware.

• Performance: 4 / 5

Lenovo IdeaPad Slim 3 15IRU9: Battery life

• Decent but not great battery life
• Has fast charging on hand

With a benchmark of six hours and almost 15 minutes, the Lenovo IdeaPad Slim 3 is not going to win any awards. That length of time is good enough if you need to do a little work on the road, but not enough to get through a full work day without a charge. And it’s pretty low compared to what a lot of thin and light laptops, particularly Ultrabooks (that happen to be a little pricier on the whole), are able to achieve. The only laptops that this really beats out are gaming laptops that have to also supply power to dedicated graphics cards and older models that you probably wouldn’t compare this to in the first place.

On the bright side, there is fast charging on hand so that you can quickly get some extra juice with a short trip to an outlet. I was able to charge back up from 55% after about 40 minutes. So, if you want to go untethered to work while in front of the TV, you have enough battery life on hand and get a quick charge for more while taking a quick break.

• Battery life: 3.5 / 5

Should I buy the Lenovo IdeaPad Slim 3 15IRU9?  Buy it if…

You just want a computer

I’m not trying to be facetious. Some people want the Honda Civic equivalent of a laptop that looks good enough and does its job. The Lenovo IdeaPad Slim 3 fits that bill.

You want the portability of an Ultrabook without the price or small screen

This laptop offers the kind of portability most people want in a laptop without breaking the bank or limiting screen size.

You’re laptop hunting on a budget

If you’re worried about cash and don’t have any niche needs, you’ll find this laptop to be more than enough for the price.

Don't buy it if...

You want an Ultrabook

Considering that this is a solidly budget product masquerading as a premium one, you might be underwhelmed if you’re expecting an Ultrabook. It might be worth spending the difference for a MacBook Air.

You need long battery life

The battery life for this type of laptop is not what one would expect. It’s just good enough, but won’t make it through an entire day of work on a single charge.

Also Consider

If our Lenovo IdeaPad Slim 3 15IRU9 review has you considering other options, here are two laptops to consider...

Acer Aspire 5

If you’re willing to deal with a little more weight and a poorer port selection, not to mention skip the attractive Abyss Blue colorway, then the Acer Aspire 5 offers more in terms of performance and battery life than the IdeaPad Slim 3 does.

Read our full Acer Aspire 5 review

Apple MacBook Air 13-inch (M3)

If you actually want an Ultrabook, particularly something that still packs a punch in terms of performance and battery life, you’re better off paying a little more and getting the Apple MacBook Air 13-inch (M3). It also provides an intuitive user experience the way most Apple products do. Of course, its base configuration comes with just 8GB of RAM and a 256GB SSD, and upgrading either adds quite a bit to the price tag.

Read our full Apple MacBook Air 13-inch (M3) review

How I tested the Lenovo IdeaPad Slim 3 15IRU9

• Tested for a couple weeks
• Used it for work, gaming, and streaming
• Tested its webcam and audio

I used the Lenovo IdeaPad Slim 3 15IRU9 for a couple weeks, doing some light gaming, watching some online content, and working on it. I also used it on the go and tested its various features like the webcam and audio.

The Lenovo IdeaPad Slim 3 15IRU9 is one of those laptops meant for people who don’t need crazy powerful computers, but instead just need a decent sized screen, good portability, and enough power for normal day-to-day work without costing too much money.

I’ve spent the last few years reviewing tech gear for gaming and otherwise, where I’ve gotten a feel for what to look for and how to put a piece of kit through its paces to see whether it’s worth the recommendation.

• First reviewed December 2024

• Google Chrome is testing automatic password changes that would follow data breaches
• Google is calling this an ‘AI innovation’, but I’m not convinced
• Chrome already generates and stores passwords, plus checks databases for compromise passwords, and this would put those all together… using an algorithm… maybe?

Google Chrome could be about to implement AI tools to identify passwords found in data breaches, as well as being able to generate and store stronger alternatives.

That’s according to Twitter user Leopeva64, who found the feature in a Chrome Canary test build (via Ars Technica), writing, ‘Another AI-powered feature is coming to Chrome, “Automated password change,” the description mentions that “when Chrome finds one of your passwords in a data breach, it can offer to change your password for you when you sign in’.

That sounds nifty on paper, though it’s worth noting that the best password managers such as Bitwarden and Nordpass have implemented similar features before; so it’s reasonable to suggest that ‘AI’, whatever that umbrella term means here, isn’t actually living up to what Google is calling an ‘innovation’ here.

Chrome’s password ‘AI innovation’

Leaked password databases like ‘Have I Been Pwned’ have previously fulfilled this function, and aGoogle Chrome already uses this repository to inform users when their passwords have been compromised without resorting to ‘AI’.

Password generation is also a feature common to essentially every password manager under the sun, and storing those passwords for easy access (which Google Chrome has also done for some time) is literally the point of having a password manager; they do what they say on the tin!

It’s entirely possible that Chrome’s process of generating passwords is different - and, perhaps, more secure - using some kind of algorithm, but until security researchers explore this, the change amounts to Chrome offering to change a user’s password immediately following a breach. It’s convenient, but I’m also thinking - this is nothing new, and, truthfully, neither is putting ‘AI’ in the feature description.

In case you missed it, Google recently announced that the Enhanced Protection mode in its Chrome web browser’s Safe Browsing settings is protecting 1 billion users (via 9To5Google) from phishing and malware attacks.

You may also like

• Businesses want to turn to AI for more specialized tasks, but aren't always sure how
• Hackers offer 20 million OpenAI credentials for sale, but it says there's no evidence of a breach
• Google's stronghold on search is loosening ever so lightly, report finds, but don't expect it to crumble down overnight

Aiken has several internet service providers offering service in the city. These are the best internet plans, including options from AT&T Fiber.

India's Prime Minister Narendra Modi, a nationalist criticized over India's democratic backsliding, has welcomed President Trump's return to the White House. India so far has been spared new tariffs.

(Image credit: Manish Swarup)

• Netflix has announced a new epic samurai series as part of its 2025 Japanese content slate.
• The show is a cross between Shōgun and Squid Game, according to the Netflix Japan content head.
• Last Samurai Standing revolves around samurai warriors battling it out for a huge cash prize.

Thanks to Netflix, I've found my next binge-watch after Squid Game season 3 ends with its new upcoming Japanese samurai battle series Last Samurai Standing.

Last Samurai Standing was announced as part of Netflix's Japanese content slate for 2025 and follows samurai warriors who compete for a huge cash prize. The new historical epic is gearing up to become one of the best Netflix shows, as Netflix Japan content head Kaata Sakamoto compared Last Samurai Standing to one of the best Disney Plus shows, Shōgun, and the streamer's biggest TV show ever Squid Game.

Sakamoto said to Variety: “When most people think about samurai, they think about this very glamorous period in Japanese history. But what a lot of people don’t realize is that, towards the end of the Edo period, the samurai lost a lot of their glamour and their power. Last Samurai Standing is about what would happen if these warriors – the toughest and best in Japan – all of a sudden became common people and had to fight for their lives. Think Shōgun meets Squid Game.”

What is Last Samurai Standing about?

Based on the novel Ikusagami by Shogo Imamura, Last Samurai Standing already has a resemblance to Shōgun and Squid Game based on its similar premise. The official logline reads: "In the Meiji period, at Tenryuji Temple in Kyoto, 292 skilled warriors gathered at nightfall, lured by the promise of a huge cash prize. The rules are simple: whoever can steal the wooden tags distributed to each of them and reach Tokyo will win the prize money. Among them is Shujiro Saga, who enters the deadly game with one goal: to save his ailing wife and child."

Going off the plot, Last Samurai Standing has similarities to the record-breaking FX series Shōgun and Squid Game, which broke all kinds of records that even Stranger Things couldn't beat.

The series, which is set to premiere on the best streaming service in November 2025, also features Junichi Okada in the lead role as well as action choreographer and producer. That means it will debut after the next installment Squid Game is released.

Indeed, Squid Game season 3 is set to be released on June 27, and its first clip teases a new mini-game that'll have a big impact on Gi-hun and his fellow contestants. As for Shōgun season 2, the critically-acclaimed series is currently in development at FX studios, so there's plenty to binge-watch between Netflix and Hulu (or Disney Plus for international readers).

You might also like

• Netflix's #1 movie Kinda Pregnant is kinda bad – here are 3 better comedies with over 95% on Rotten Tomatoes to watch instead
• Netflix's new crime drama Apple Cider Vinegar is the latest female fraudster series that I can't get enough of
• 3 movies leaving Netflix with over 85% on Rotten Tomatoes that you won't want to miss

Inflation remained stubbornly high in January, as grocery, gasoline and shelter costs all rose. Egg prices saw their biggest price hike in almost a decade.

(Image credit: Andrew Caballero-Reynolds)

• OpenAI Deep Research is coming to Plus and free tier users
• CEO Sam Altman has all-but-confirmed Plus users will get 10 uses a month and free tier users will get two uses a month
• The release date of Deep Research outside of ChatGPT Pro is still TBD

OpenAI's new AI agent, Deep Research, will be coming to ChatGPT Plus and Free users shortly, and now we know just how many times a month you'll be able to use the research analyst.

Sam Altman, OpenAI's CEO, shared the info on X, all-but-confirming that Plus users ($20/month) will get to use Deep Research 10 times per month while free users will be able to use it two times per month.

Not only that, Altman also hinted at a future increase in the usage on Plus and free tiers by saying they have the "intent to scale these up over time."

ChatGPT Deep Research launched at the start of February and is currently only available to ChatGPT Pro users to the tune of $200/month (100 queries per month). The AI agent is an incredible tool that OpenAI says can "accomplish in tens of minutes what would take a human many hours."

With the ability to do work for you, by simply asking the AI tool to conduct research and report its findings, Deep Research is an absolute game-changer for productivity and it's incredible that we're going to be getting access to its power for free.

i think we are going to initially offer 10 uses per month for chatgpt plus and 2 per month in the free tier, with the intent to scale these up over time.it probably is worth $1000 a month to some users but i'm excited to see what everyone does with it! https://t.co/YBICvzodPFFebruary 12, 2025

$1000 a month in value?

Altman's announcement was in response to an X user who said, "ok, OpenAI Deep Research is worth probably $1000 a month to me. This is utterly transformative to how my brain engages with the world. I'm beyond in love and a little in awe."

To which Altman responded, "It probably is worth $1000 a month to some users but I'm excited to see what everyone does with it!"

We're yet to try Deep Research ourselves, but considering the examples shown on OpenAI's website, this new AI agent could completely revolutionize the way we interact with AI. OpenAI's website says, "Deep research is OpenAI's next agent that can do work for you independently – you give it a prompt, and ChatGPT will find, analyze, and synthesize hundreds of online sources to create a comprehensive report at the level of a research analyst." That may sound like a professional tool, just for professional use, but some of the examples which you can read about in my article, 3 reasons why I can’t wait to use OpenAI Deep Research, showcase just how useful this tool could be for everyone, not just those using it for work.

While Altman has confirmed Deep Research will come to Plus and free tiers, we still don't have a timeframe on when that will be. Here's hoping it's sooner rather than later.

You may also like

• I tried ChatGPT Search and now I might never Google again
• If you want to know who will win the AI wars, just watch these two Super Bowl ads from Google and ChatGPT
• OpenAI's Deep Research smashes record for the world's hardest AI exam

Vision Pro and M4 MacBook Air announcements are also expected in the coming weeks.

Just 30% of EU member states have nationally implemented The Network and Information Security Directive (NIS2). While this is not unusual given that attention is divided among NIS2, the Digital Operations Resilience Act (DORA), and the European Cyber Resilience Act (CRA), target deadlines are being missed. This puts businesses on the back foot and risks falling even further behind the adoption curve.

NIS2 is the biggest cybersecurity legislation in over a decade, setting the stage for secure digital infrastructure across the EU. The directive's deadline has passed, as of 17 October 2024, but like many other EU regulations, NIS2 is taking a phased approach across Europe — much like when GDPR was introduced in 2016.

Although businesses in the UK are not obligated to comply with these regulations, those with EU-based clients or those that make up part of EU supply chains will come under its thumb.

A view of NIS2

The driver for this legislation is clear. Recent high-profile cyber incidents have caused major disruption — like the cyberattack on the NHS, the CrowdStrike outage, and the SolarWinds fiasco. As society increases its dependency on software, software developers increasingly rely on open source to ship new products quickly. Open source makes up 90% of modern software, with consumption reaching a staggering 6.6 trillion downloads in 2024. Cyber resilience must improve commensurately to meet software consumption.

NIS2 introduces stringent cybersecurity reporting standards across banking, manufacturing, and public administration. UK businesses working with EU partners are already being asked to meet these standards and contracts are being rewritten to demand adherence to NIS2 standards to protect shared systems and data. Remember that the rising tide lifts all boats.

Under the NIS2 directive, companies have 24 hours to report major cybersecurity incidents, with updates due within 72 hours and a final report needed in 30 days. They must also implement and document policies, from vulnerability monitoring to information security training, which exceeds previous requirements.

Vulnerabilities in software supply chains spread rapidly. Even though NIS2 isn’t law in the UK, the underlying principles of the directive are good cybersecurity best practices to observe. Non-compliance not only puts UK companies at greater risk of security incidents, but as with GDPR, we see cybersecurity legislation trending in this direction. Adapting early to these changes avoids unnecessary operational strain, especially for those at risk of being pulled into scope by upcoming EU legislation such as the CRA and Product Liability Directive.

The observability conundrum

Software supply chain security has become a major target for bad actors, with open source malware, or malicious packages living in open source repositories, surging 156% in 2024. Bad actors often target third-party vendors as a gateway into larger organizations, proverbially killing several birds with one stone. Recent high-profile incidents show that their methods are becoming more sophisticated.

One such example is the April 2024 attack on the open source XZ Utils compression tool, where a bad actor posed as a legitimate contributor for two years, embedding malicious code that, if undiscovered, could have caused widespread global disruption.

NIS2 has been introduced specifically to combat these occurrences by imparting personal responsibility for cybersecurity to businesses themselves. Rather than being able to skirt accountability by blaming incidents on suppliers, companies are now personally liable for their cybersecurity. This development is sorely needed, as the rate of software consumption dwarfs the rate at which components are observed and tracked, and that gap is only widening. In the past 12 months, only 60,000 Software Bills of Materials (SBOMs) were published versus 6.9 million new open source components released. This gulf is a ticking time bomb, with businesses facing no-fault liability and harsh financial penalties.

What would Anne Robinson say?

When we think of software, we think of it as one system. The reality is that all software is an interdependent mesh of open and closed source components, and one weak link can be disastrous. On average, each application contains 180 components, with repeated updates, patches, and multiple versions. It's impossible to track every single change manually. Automation and proper tooling are needed to keep up with the pace of consumption that modern software development demands.

If just one component is compromised, the ripple effect can be devastating. This is precisely why regulations are coming thick and fast to identify and remedy the weakest links in software supply chains.

UK businesses, while not directly under NIS2, should be mindful of its implications. Even though the EU is the first to draw a line in the sand on this issue, it will not be the last. Businesses stand to benefit by being proactive rather than reactive. Preparing for the upcoming CRA Bill helps companies stay competitive amid the changing legislative landscape.

The risk of being the weakest link far outweighs the compliance challenges, as protecting partners from costly cybersecurity incidents, compliance failures, and reputational damage safeguards a company's long-term resilience and, ultimately, its bottom line.

We've featured the best business VPN.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Bishop Fox found a way to abuse a SonicWall VPN flaw
• It allows threat actors to bypass authentication and hijack sessions
• There are thousands of vulnerable endpoints

A major vulnerability in the SonicWall VPN which can be exploited to hijack sessions and access the target network has now seen its first proof-of-concept (PoC) attack, meaning it’s only a matter of time before cybercriminals start exploiting it in the wild.

In early January 2025, SonicWall raised the alarm on a vulnerability in SonicOS and urged its users to apply the fix immediately. The flaw is tracked as CVE-2024-53704, and described as an Improper Authentication bug in the SSLVPN authentication mechanism. It was given a severity score of 9.8/10 (critical) and was said it could be abused to allow a remote attacker to bypass authentication.

It impacted SonicOS versions 7.1.x (up to 7.1.1-7058), 7.1.2-7019, and 8.0.0-8035. SonicWall released versions SonicOS 8.0.0-8037 and later, 7.0.1-5165 and higher, 7.1.3-7015 and higher, and 6.5.5.1-6n and higher, to address the bug. At the time, there were more than 4,500 internet-exposed endpoints.

Protect yourself from identity theft online

Go Incogni and get 55% off using code TECHRADAR. Incogni erases you and your family from the sites that expose your personal information to identity thieves and robocalls.View Deal

Proof of Concept

Now, since SonicWall users were given enough time to patch, security researchers from Bishop Fox came forward with more details about the vulnerability, as well as a PoC. After a “significant” reverse-engineering effort, Bishop Fox said the vulnerability could be exploited by sending a custom-built session cookie containing a base64-encoded string of null bytes to the SSLVPN authentication endpoint.

This results in the endpoint assuming the request was associated with an active VPN session and incorrectly validates it. As a result, the target is logged out, while the attacker gets access to the session, including the ability to read the victim’s Virtual Office bookmarks, access VPN client configuration settings, open a VPN tunnel, and more.

"With that, we were able to identify the username and domain of the hijacked session, along with private routes the user was able to access through the SSL VPN," the researchers said.

Via BleepingComputer

You might also like

• This major firmware flaw is affecting Intel-powered PCs across the world
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

• Apple has unveiled a major new health study
• The company wants to better understand how technology can improve physical health, mental health, and overall wellbeing
• You can take part using your iPhone, Apple Watch, or AirPods

Apple has unveiled a major new medical study that could completely change the way we think about technology, health, research, and medicine.

The Apple Health Study "aims to further understand how technology can play a role in advancing and improving physical health, mental health, and overall wellbeing." That includes Apple's own best iPhones, Apple Watches, and AirPods. The new study is available in Apple's Research app, and "will also explore relationships between various areas of health, such as mental health’s impact on heart rate, or how sleep can influence exercise."

The study is being conducted in collaboration with leading research outfit and Harvard teaching affiliate Brigham and Women's Hospital.

Apple says it hopes to help tackle one of the biggest issues with medical research – limited numbers of participants and data. The company says that more than 350,000 people in the US have taken part in previous studies for women's health, hearing, and heart health and movement. Here are the details and how you can get involved.

The most ambitious Apple Health Study yet?

The Apple Watch Series 10's humble heart rate monitor could power medical studies for years to come. (Image credit: Future)

Apple says the new study "aims to understand how data from technology – including Apple and third-party devices – can be used to predict, detect, monitor, and manage changes in participants’ health," and will also explore the connections between different areas of health.

It spans a multitude of different health and disease areas, including activity, aging, cardiovascular health, circulatory health, cognition, hearing, menstrual health, mental health, metabolic health, mobility, neurologic health, respiratory health, and sleep. Previously, Apple has focused its studies on one such area, like hearing, making this new study the most ambitious yet by some margin.

Apple says the new study "is designed to explore changes in health and how technology can help identify important insights for future product development," noting that when an aspect of health changes the body can emit a physical or emotional signal. Identifying these changes can help to offer a more proactive approach to health, with monitoring performed using health features like sleep apnea detection on the Apple Watch Series 10.

The best bit? If you live in the US you can take part. If you meet the minimum age requirements, you can sign up for enrolment through Apple's Research app. Participants can perform tasks and ask questions, as well as read research. As you'd expect with Apple, you can chose exactly what data you do and don't share, and you can withdraw at any time.

You may also like

• The Apple AI health coach sounds like it's no longer stuck in development hell
• I've spent 10 years with Apple Watch, and after 10 minutes with the Galaxy Watch Ultra, I can't believe Samsung skipped this feature
• Three Apple Watch features you're probably not using, but should be – according to Apple's VP of Fitness Tech

Netflix's hit reality show is nearly back.

• Ivanti patches four bugs found in Connect Secure, Policy Secure, and Cloud Services Applications
• All four could be used in RCE attacks
• Patches are available, and users are advised to apply them ASAP

Ivanti has released patches for four critical-severity vulnerabilities discovered in a number of its products.

The vulnerabilities are tracked as CVE-2024-38657, CVE-2025-22467, CVE-2024-10644, and CVE-2024-47908. All of these were given a severity score of 9.1/10 (critical). Different bugs impact different solutions, including Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Applications (CSA).

Since they can be used for highly disruptive cyberattacks, users are advised to apply the patches without hesitation - and a security advisory containing more details about the above-mentioned flaws can be found on this link.

Protect yourself from identity theft online

Go Incogni and get 55% off using code TECHRADAR. Incogni erases you and your family from the sites that expose your personal information to identity thieves and robocalls.View Deal

Stepping stones

All of the bugs can be used to execute arbitrary code, remotely. The first clean versions are Ivanti Connect Secure 22.7R2.6, Ivanti Policy Secure 22.7R1.3, and Ivanti CSA 5.0.5, and users are advised to upgrade to these versions straight away.

Ivanti said there is no evidence of in-the-wild abuse. However, the company’s products are quite popular in both enterprises and small and medium businesses (SMB), and as such are often targeted and used as an initial entry point.

"While these products are not the ultimate target, they are increasingly the route that well-resourced nation state groups are focusing their effort on to attempt espionage campaigns against extremely high-value organizations," Daniel Spicer, Ivanti CSO, said.

"We have enhanced internal scanning, manual exploitation and testing capabilities, increased collaboration and information sharing with the security ecosystem, and further enhanced our responsible disclosure process, including becoming a CVE Numbering Authority."

In late January 2025, the US Cybersecurity and Infrastructure Security Agency (CISA) added four Ivanti vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, suggesting they were being abused in the wild. The bugs, found in Ivanti Cloud Service Appliance (CSA) and patched in September and October 2024, are being used in two attack chains to gain initial access, conduct RCE, obtain credentials, and impact webshells.

Via The Hacker News

You might also like

• Hackers are still using old Ivanti bugs to break into networks
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

• Leica's next M-series camera could be the first of its kind with an EVF
• It could be the smallest, lightest and most versatile Leica M-series camera yet
• Rumors suggest it'll launch later this year

Now here's a Leica rumor with plenty of potential avenues to navigate – Leica is apparently working on a new M-series camera that will ditch the rangefinder experience that the series is famed for, in favor of an electronic viewfinder (EVF).

The details recently shared by Leica Rumors are few and far between, leaving me with plenty of questions – so let's explore where Leica could be going with this potential new model.

Leica's M-series, both analog and digital models, utilize an optical rangefinder to compose and manually focus shots, using a hard-to-master split-image guide to nail sharp focus on your subject. It's not for everyone, but Leica's rangefinder is the soul of the series, a shooting experience you can't find elsewhere (besides the Pixii rangefinder).

Practically speaking, an EVF will be much more useful than a rangefinder – you would get exposure preview and the supremely helpful 'focus peaking' manual focus assist tool. Such a design change should make this mystery model Leica's smallest and lightest digital M-series camera to date too, and also the cheapest.

Rumors suggest this is not a next-gen Leica M12, but a new series within Leica's M-mount ecosystem. An M-series camera with EVF sounds to me a lot like a Leica Q3 / Q3 43 premium compact (see above), but with interchangeable lens mount. I loved testing the Leica Q3, but it is an altogether different and modern camera experience versus the M-series.

The M11 is one of a legendary series of digital Leica cameras that utilizes a rangefinder for composing shots and manual focusing, whereas the rumored new model could be the first-ever M-series camera with electronic viewfinder. Could the mystery model pave the way for autofocus too? (Image credit: Leica) A new dawn for Leica's M-series?

Swapping out the rangefinder for an electronic viewfinder might sound like a small change, but it would mark the single biggest design overhaul that Leica's M-series has ever seen. It would also take away Leica's unique selling point – the rangefinder experience.

Some feel that rangefinders are stuck in the past – a split-image manual-focus only shooting experience that is hard to master, while other mirrorless camera systems by the likes of Sony and Canon enjoy autofocus that's so effective that you, the photographer, barely need focusing skills anymore. For others, the rangefinder experience is the exactly the challenge they enjoy, a charm they can't get elsewhere (notwithstanding the Pixii, which is the only other digital rangefinder in the market).

Let's consider the possibilities of an M-series camera with an EVF. If it is indeed an M-series camera, it will use Leica's M-mount, for which there are many manual-focus lenses available, both pricey Leica options and cheaper third-party alternatives. The lenses are tiny, and would suit what could potentially be Leica's smallest ever M-series camera.

When I picture the mystery M-series camera as a Q3 with Leica M-mount, my mind turns to one feature the Q3 has that the M-series lacks: autofocus. Could a new Leica M camera ever get autofocus? The lens mount would need a fresh redesign, and new autofocus lenses would need to be made, but it seems plausible, even if it would mark a new direction for Leica.

Then there's the Leica SL-series to consider, the latest generation being the Leica SL3. It's a DSLR-style full-frame camera with L-mount, complete with autofocus skills. There's an enticing case for a compact, M-series style camera with an EVF and the autofocus-equipped L-mount.

However, the rumors point to an M-series model with an EVF, a particularly large touchscreen and no rear buttons, and I don't expect any of the seismic changes dreamed up above. This will likely also be a manual focus-only camera, making the most of the assist tools an EVF delivers, and presumably Leica's latest 61MP sensor. In-body image stabilization would be helpful addition, but again, doubtful.

What is the most exciting direction that you think Leica could take its M-series with its next launch? Let us know in the comments below.

You might also like

• Leica Q3 43 review: a stunning premium compact with a unique focal length
• Street photography with the Leica M11-D is the closest experience I’ve had to analog using a digital camera
• Leica's new iPhone camera grip could have been great, but has 3 frustrating drawbacks