Feed aggregator

Leaked audio recordings broadcast Friday reveal remarks by Israel's former chief of military intelligence about the price he believed Palestinians should pay for Hamas' Oct. 7, 2023, attack.

(Image credit: Jehad Alshrafi)

• Biwin unveils Mini SSD offering 512GB, 1TB, and 2TB in a tiny footprint
• Mini SSD reads at 3,700MB/s and writes at 3,400MB/s using PCIe 4x2
• The device is smaller than a U.S. penny but rivals traditional M.2 drives in speed

Chinese storage company Biwin has unveiled a new storage format called the “Mini SSD,” designed for laptops, tablets, phones, and cameras.

At just 15 x 17mm and 1.4mm thick, it is smaller than a US penny, while offering storage options of 512GB, 1TB, and 2TB.

Biwin claims sequential read speeds of 3,700MB/s with writes of 3,400MB/s over a PCIe 4x2 connection, making the Mini SSD a contender against traditional M.2 drives.

Mini SSD slots resemble smartphone SIM trays

To contextualize its performance, a standard MicroSD Express card compatible with devices like the Nintendo Switch 2 tops out at a theoretical 985MB/s.

Full-size SD Express cards can reach 3,940MB/s, nearly matching the Mini SSD but at almost twice the physical size.

M.2 drives remain faster, with 2230 variants approaching 8,000MB/s and 2280 models reaching up to 14,000MB/s.

The Mini SSD also compares to nano-SIM cards, which are smaller but designed for communication rather than storage.

While Biwin’s creation is compact, it does not appear to be a universal standard, leaving questions about broader adoption.

The Mini SSD features a dedicated slot that functions like a smartphone SIM tray - users can remove the storage by inserting a pin, which could simplify swaps and upgrades for certain devices.

This device supports IP68 water and dust resistance, along with the ability to survive three-meter drops.

Two new Chinese gaming portables have already incorporated the Mini SSD - the GPD Win 5, known for its large battery and Strix Halo chip, and OneNetbook’s OneXPlayer Super X hybrid laptop/tablet both feature dedicated slots for the Mini SSD.

Although these devices have been announced, none of them has revealed pricing or other commercial product listings.

While traditional M.2 drives still outperform the Mini SSD in raw speed, the new format offers a balance of size and performance that may appeal to mobile users.

Its compact dimensions, combined with fast read and write speeds, position it as a contender for the largest SSD capacities in a minimal footprint.

For users seeking a practical portable solution, the Mini SSD could be considered among the best external SSD options in its category.

Its very small size also means users need to handle the device with care, since it can easily be misplaced.

Via The Verge

You might also like

• Here are the best mobile workstations around today
• Take a look at some of the best external hard drives
• Canada's House of Commons hit by cyberattack, data possibly leaked online

At Gamescom 2025, the company unveiled some major upgrades to its cloud gaming service and more.

• Nvidia is bringing its GeForce RTX 5080 to GeForce Now, for its 'Ultimate' tier membership
• Prices will remain the same, with improved game performance
• Multi Frame Generation will also be available on GeForce Now

Gamescom 2025 is finally here, with plenty of new triple-A games to look forward to, and Nvidia has been hard at work behind the scenes to further strengthen its local and cloud gaming offering.

Nvidia has announced that the Blackwell RTX 5080 GPU along with Multi Frame Generation (MFG), will be coming to GeForce Now's (GFN) 'Ultimate' tier membership, set for launch in September. Team Green's driver-level Frame Generation tool, Smooth Motion, will also be available for RTX 4000 series GPU users, starting in beta this August.

While the RTX 5080 will enhance performance on the cloud gaming service, prices for GFN memberships won't increase, as some may have expected. It's worth noting that cloud-based RTX 5080 support will only be available for select games – and that seems set for more graphically demanding titles.

And that’s not all the cloud gaming fans can look forward to. The new Cinematic Quality Streaming (CQS) feature will arrive on GFN, with Nvidia claiming that this will deliver ”next-gen image quality that rivals local PC gaming”. Seeing it first hand in Black Myth Wukong screenshots, the enhancements in texture quality on foliage are clear to see.

Titles like Call of Duty Black Ops 7, Borderlands 4, Dying Light: The Beast, and Hell Is Us will be available once launched.

(Image credit: Nvidia)

As for Smooth Motion, GeForce RTX 4000 series users have been waiting a long while for this feature, and it's finally on its way.

This will essentially allow gamers to enable driver-level Frame Generation for games that don't have built-in Nvidia Frame Generation support. It acts in the same manner as AMD's Fluid Motion Frames, and is designed to improve performance with AI-generated frames.

It will be available initially during Gamescom 2025 via beta on the Nvidia app, and is due to roll out to all users by the end of August.

There's no word on whether Smooth Motion will be coming to older RTX generations just yet, and it's worth noting that Frame Generation is currently limited to RTX 5000 and RTX 4000 series GPUs.

Analysis: Cloud gaming just keeps getting better and better...

(Image credit: Nvidia)

If I didn't have a gaming setup already, GeForce Now would be right up my alley. This is because it's widely available on multiple devices, and is now using the second-most powerful GPU on the market for cloud gaming.

I’ve not been a particular fan of of cloud gaming, as it requires good internet connection, which isn't always a guarantee (depending on where you're located). However, with additions such as Low Latency Streaming (LLS), lag and stutter should be a lot less of an issue.

Handheld PC gamers are going to benefit from this significantly – particularly those using the likes of the Steam Deck or Lenovo Legion Go S (Z2 Go model), as they’ll be able to play games on the cloud at higher graphics settings.

I love to see updates like this from Team Green, and it’s good to know that if I ever need to use GFN one day, I’ll be able to enjoy the benefits of these new features.

You might also like...

• I think the Asus ROG Zephyrus G14 is the only gaming laptop I'd spend money on – and it's all thanks to Nvidia's powerful RTX 5070 Ti
• Rockstar and Nvidia aren't done with GTA 5 just yet, and I'm not either – now it's getting DLSS 4 Multi Frame Generation support
• I didn’t think 4K gaming handhelds were possible, but this DIY Nvidia RTX 4090 model has proved me wrong

• Nvidia's DLSS 4 will feature in Capcom's Resident Evil Requiem with path tracing
• DLSS 4 will also be present in multiple upcoming games like Phantom Blade 0 and Borderlands 4
• More of Resident Evil Requiem will be showcased at Gamescom 2025

It's been a long time coming, but Capcom and Nvidia have finally collaborated on one of the Japanese developer's biggest franchises ever, in a move that's bound to be beneficial to in-game performance – and it's shaping up to be a game-changer.

For the first time, Nvidia's DLSS 4 technology will be officially available in Capcom's survival horror franchise, starting with Resident Evil Requiem with path tracing included when it launches on February 26, 2026. DLSS 4 will also be notably featured in Borderlands 4, Phantom Blade Zero, Pragmata, and Hell Is Us.

This is a huge leap for Capcom, since gamers have relied on community mods on PC for Nvidia's DLSS; AMD's FSR has been used through the franchise's recent titles, like Resident Evil Village and Resident Evil 4 remake. While FSR isn't bad, it pales in comparison to Team Green's DLSS, and players have been limited to FSR 2 instead of FSR 3 in Village and RE4.

With advanced upscaling via DLSS 4, players will be able to enjoy a new chapter in Capcom's beloved survival horror franchise. Not just DLSS 4 with standard ray tracing, but path tracing, which takes lighting in-game to a new level entirely.

It's what we've seen in Cyberpunk 2077, providing bright and immersive visuals, but it's important to note that Requiem's path tracing model will also likely be demanding on hardware, which is why DLSS 4's Frame Generation will come in handy.

Gamescom 2025 is already here, and fortunately, Resident Evil Requiem will be center stage with Capcom ready to showcase what's in store for fans.

Analysis: hopefully game performance isn't an issue

(Image credit: Nvidia)

I'm incredibly pumped for Resident Evil Requiem, especially considering rumors that suggest Leon S. Kennedy will be a second playable character.

The only fear that I have at this stage is regarding the game's performance on PC, because if Monster Hunter Wilds or Dragon's Dogma 2 are anything to go by PC players might be in for a rough time.

It seems Requiem will be Capcom's most ambitious title in the Resident Evil franchise, with the latest chatter pointing towards a potential semi-open world experience, unlike any previous entry. We heard similar discussions before Monster Hunter Wilds' launch, and it turned out to be legitimate.

Perhaps the presence of DLSS 4 gives me a little more confidence that Capcom has taken greater care to ensure PC performance isn't an issue; Gamescom attendees will have an opportunity to test Requiem – I just hope my newfound faith on the game's performance isn't in vain.

You might also like...

• Capcom Fighting Collection 2 is an unmissable compilation of some of the greatest fighting games ever
• I'm almost certain that Capcom is holding a major character surprise for Resident Evil Requiem – and if it's who I think it is, I'll be stoked for launch
• After seeing Resident Evil Requiem in action, I'm convinced it'll be another groundbreaking entry in the horror series

Lai is accused of colluding with foreign forces under the controversial national security law, which Beijing imposed.

(Image credit: Vincent Yu/AP)

• Samsung could be adding a more vivid camera filter in OneUI 8
• According to IceUniverse, the feature will force a watermark on your image
• There's no release date yet

Samsung’s camera app is set to get a new vivid filter, according to leaks, which showcase it producing more striking and vibrant images. The catch? It’ll force you to watermark your photo.

Photo filters are nothing new, but one feature you might not be taking advantage of is that Samsung’s camera app can pre-apply filters to your snap – helping you to better visualize the final product in the moment.

It recently updated the tool to tweak the existing filters and allow you to create a custom filter based on another photo, thanks to AI assistance.

BREAKING！For Samsung users, here's a major discovery!Yesterday, I mentioned that the next version of One UI 8 would introduce two "Chinese-style" photo watermarks. But it turns out there's more to it—Samsung has tied its new "Vivid" style to the watermark. Look, all my… pic.twitter.com/zKx6jAgJc1August 18, 2025

Another change is apparently set to launch with a OneUI 8 update in the future, according to tipster IceUniverse. The update will usher in a new, vivid photo filter profile, but it will also put a border around your snap in a so-called “Chinese-style photo watermark.”

The border makes the snap look kinda like a Polaroid, with a thick bar at the bottom including info like the camera settings, date, and time when the picture was taken, as well as a note saying it was taken on a Samsung Galaxy phone.

This kind of watermark is common on phones from Chinese brands like Xiaomi and OnePlus.

(Image credit: Future)

Some people think the extra information is handy; unfortunately, for me, I’m not in that boat. I believe the watermark comes across as a blatant hijacking of my photos for marketing.

So, as a Samsung Z Fold 7 user, I’ll be steering clear of the vivid filter if this update rolls out as expected. I say that because, as with all leaks, we don’t know how the software update will materialize until it launches.

I’ll also hope the other filters aren’t ruined by a watermark, but we’ll have to wait and see what Samsung delivers.

You might also like

• The Google Pixel 10 could come with 60W charging – and I hope Apple and Samsung are taking notes
• Two key specs leak for the Galaxy S26 – and we may get a battery upgrade at last
• The S26 Edge could be even thinner than the S25 Edge

The Wedding Banquet in London, March 19, 2025.'/>

Growing up with immigrant parents, first in Canada and then in the U.S., Yang was "obsessed" with pop culture and Saturday Night Live. Now he's up for an Emmy for his performances on the venerated sketch series.

(Image credit: Scott A Garfitt)

• First portable color ePaper monitor offers 13.3-inch screen, wireless connections and stand
• Bigme B13 provides multiple refresh modes, adjustable lighting and dual audio options
• Priced at $699, B13 targets early adopters seeking eye-friendly portable productivity

The world’s first portable color ePaper monitor has gone on sale, marking a new step for ePaper beyond e-readers like the Amazon Kindle.

The Bigme B13 is a 13.3-inch device that combines the familiar look of paper with the flexibility of a modern monitor.

Unlike LCD or OLED panels, ePaper is easier on the eyes for long use, making it appealing for work and study. The B13 supports both wired and wireless connections. It can be connected to a laptop, desktop or mobile device using HDMI or USB-C, or it can mirror content wirelessly.

Different user modes

If you require a dual-screen experience, an optional stand allows the monitor to magnetically attach to a laptop, for a compact portable productivity setup.

The stand is adjustable, with a universal backplate designed to fit laptops between 13 and 17 inches. Auto gravity adaptation means the screen rotates automatically when repositioned.

With its 4:3 aspect ratio and 3200x2400 resolution, the monitor is built for reading documents, editing text and browsing the web.

It won't be of interest to people whose work depends on creative projects, advanced data visualization, or tasks requiring color-critical business displays, but professionals handling reports, contracts, and lengthy text documents may find it useful.

Color output is rated at 150PPI while black and white reaches 300PPI. At 660g and just 6mm at its thinnest point, the B13 remains lightweight and highly portable.

Different modes allow you to adjust performance depending on the task. Text mode sharpens words, web mode smooths scrolling, image mode boosts color richness and video mode improves motion handling.

If ghosting occurs, which is a possibility, the refresh button clears the screen instantly. A 30Hz refresh rate helps the panel handle video playback with greater clarity than older ePaper screens.

The B13 includes a front light that can be customized for brightness and warmth, ranging from cool white to warm yellow. This light can also be turned off entirely, depending on your needs.

The monitor has built-in dual speakers and a headphone jack for video calls or casual audio playback without extra equipment.

The Bigme B13 is positioned as an early adopter product and priced at $699 although you can save 15% off the price using coupon code B13SAVE.

You might also like

• These are the best business monitors you can buy right now
• And these are the best monitors for home working
• This 34-inch business monitor is curved, fast, has Ethernet, Smart KVM, and a webcam

Parts of North Carolina's Outer Banks are under mandatory evacuation orders, as the National Hurricane Center warns that Hurricane Erin could bring tall waves topping 15 to 20 feet.

Interested in meal delivery? Also vegan? These are the best meal kits and meal delivery services for your plant-based diet.

• Researchers uncover two packages carrying an infostealer
• The victims are apparently Russian, and attackers American
• This prompted the researchers to speculate if the targets were Russian crypto hackers

Two malicious packages were recently discovered on the npm package manager platform targeting software developers on the Solana ecosystem.

However the discovery, attribution, and potential targets of the malware have made researchers speculate if this was a state-sponsored attack.

Solana is a blockchain designed for decentralized applications and cryptocurrencies. It is similar to Ethereum in many aspects, which is why it is often described in the crypto community as the “Ethereum killer”.

Targeting devs? Or hackers? Or both?

Recently, security researchers from Safety found two npm packages: “solana-pump-test” and “solana-spl-sdk”.

Both were submitted by the same author, and both contained identical code - and according to Safety, when these packages were installed, they ran scripts that exfiltrated sensitive information from compromised devices, including private keys that granted the attackers access to crypto funds.

Safety says that the victims - the developers that downloaded and ran the infostealers - were located in Russia.

The attackers, on the other hand, seem to be located in the United States, based on the IP addresses where the exfiltrated data was relayed.

These things were enough for the researchers to ask if this was a US-backed threat actor targeting Russia, probably due to currently strained geo-political relations between the two powers.

But npm, as a platform, is not Russian, or managed by the Russians. The npm platform is run by npm, Inc., a company that was originally independent but is now a subsidiary of GitHub, which itself is owned by Microsoft.

Still, Russia has multiple state-sponsored and affiliated threat actors known to target cryptocurrency users, or large enterprises which are then forced to make ransom payments in crypto. Groups such as Evil Corp, Sandworm, and APT28 (Fancy Bear) have been linked to campaigns that either exfiltrate cryptocurrency or deploy ransomware for financial gain.

Therefore, it is not too far-fetched to speculate if this attack was aimed at crypto criminals, as well as regular crypto developers.

Via The Register

You might also like

• Crypto hacker steals $14.5 billion in Bitcoin using a gaming PC and nobody notices for five years
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

The move would enable Apple to shine spotlights on both models, and have two iPhone launch events every year.

While they look very similar to the Galaxy Buds 3 Pro, the new $150 Galaxy Buds 3 FE leave off a few features and don't have the same drivers.

• Four in five companies knowingly ship vulnerable code, survey warns
• One-third say 60% of their code is now AI-generated
• Orgs need to use AI to identify vulnerabilities

A study of 1,500 CISOs, AppSec Managers and developers conducted by Checkmarx has claimed four in five (81%) companies knowingly ship vulnerable code, putting them and their users at risk of attack.

An estimated one in two respondents already use AI security code assistance, with around one-third (34%) admitting that more than 60% of their code is AI-generated – which can often contain known vulnerabilities by default.

An overwhelming majority (98%) have experienced a breach due to vulnerable code in the past year, and yet they continue to ship vulnerable code without implementing the right protective measures.

Companies are shipping vulnerable, AI-generated code

The report outlines how generative AI has now eroded developer ownership with code less likely to be affiliated with any particular individuals. It has also expanded the attack surface by reopening vulnerabilities that could previously have been avoided with proper coding expertise.

The trend has largely been blamed on artificial intelligence, with vibe coding on the rise and many developers now opting to edit AI-generated code rather than write their own from the ground up.

The lack of governance around this has created what the company describes as the perfect storm.

Fewer than half of the respondents were found to be using foundational security tools like DAST and IaC scanning, with a similar number using DevSecOps tools.

Looking ahead, Checkmarx stresses security should be built into projects right from coding level, with organizations urged to establish policies for AI tool usage. Acknowledging that developers are now actively using AI, Checkmarx suggests that, instead of banning it, companies should also utilize agentic AI to analyze and fix issues across projects.

"AI generated code will continue to proliferate; secure software will be the competitive differentiator in the coming years," Checkmarx VP of Portfolio Marketing Eran Kinsbruner concluded.

You might also like

• We've listed the best IDEs for Python
• Fancy an upgrade? Check out the best laptops for programming
• Google issues official internal guidance on using AI for coding - and its devs might not be best pleased

EPL action returns to Elland Road as Daniel Farke's men host the Toffees.

Guillermo del Toro's Frankenstein will be coming to Netflix on November 7, with the streamer confirming the news alongside a first look at two of the new movie’s promotional posters (see below). We’ve already seen a few preview snaps of what’s to come as well as a two-minute trailer, showing Oscar Isaac as Victor Frankenstein, Mia Goth as Elizabeth Lavenza and Charles Dance as Leopold Frankenstein. However, Jacob Elordi’s monster largely still hides in the shadows, only appearing as a black silhouette shrouded with furs and claws as dark as night.

FRANKENSTEIN, a film by Guillermo del ToroStarring Oscar Isaac, Jacob Elordi, Mia Goth, and Christoph Waltz. Coming to select theaters October 17 and on Netflix November 7. pic.twitter.com/zdYFoq9cURAugust 18, 2025

It goes without saying that this is another adaptation of the famed novel by gothic author Mary Shelley, with Frankenstein’s monster (which isn’t called Frankenstein, though we often get that mixed up) appearing in countless movies since way back in 1915. This is neither Netflix’s first foray into bringing the tale to life (remember Creature?), nor is it del Toro’s first original creation for one of the best streaming services around, having previously made an animated version of Pinocchio for Netflix in 2022.

But a version of Frankenstein made by del Toro! What a world we get to live in. The upcoming move has been my most-anticipated film of 2025 since last year, and thankfully, there’s a way I can see it before it hits Netflix in November (where I’ll watch it again, obviously).

Netflix quietly confirms October 17 theatrical release date for Del Toro’s Frankenstein before it drops on streaming

If you look closely at the above posters, you’ll see that Frankenstein is showing in select theaters from October 17. While that doesn’t mean everyone will have direct access, it does mean global hotspots will get the movie early (think New York, Los Angeles and London). Frankly, it’s a clever move, and addresses the one piece of feedback Netflix has received time and time again over the years: give your original movies a theatrical release, too.

Think of KPop Demon Hunters, the monster smash hit (pun intended) nobody expected is now playing catch-up with singalong screenings after the fact. On top of this, said screenings are typically only playing for two days in very limited locations, which basically defeats the point of letting fans enjoy the experience in the first place. Netflix has to do theatrical screenings before a streaming release for the strategy to work, for both struggling cinemas and the platform itself.

Given the two minutes of footage we’ve seen tells us as much information as a blank piece of paper, anybody seeing Frankenstein in cinemas first is essentially walking in blind. Sure, we’ll have likely had some reviews before then, but these showings will drum up the hype and engagement would Netflix chew its own hand off for, in the most organic way possible (by word of mouth from audiences). By the time Frankenstein then hits Netflix, it’ll be an explosion of views, with people likely racing to be able to see it first. It’s a marketing masterstroke, and a generous one too.

Speaking about the film, del Toro said in a statement: “The most important figure from English legacy is, incredibly, for me, a teenager by the name of Mary Shelley, and she has remained a figure as important in my life as if she were family. And so many times when I want to give up, when I think about giving up, when people tell me that dreaming of the movies and the stories I dream are impossible, I think of her.” Thank you Shelley, and del Toro, for your service.

You might also like

• Night Always Comes has just hit Netflix, and Julia Fox is unironically the best part of Vanessa Kirby’s complex caper
• Netflix releases the official trailer for Wednesday season 2 part 2 – and it's a shock-filled teaser worth dying for
• Monster season 4: everything we know so far about the hit show's return to Netflix

Google confirmed the 100 million milestone exclusively to CNET. Here's what's coming next for Flow and its AI-assisted creators.

• Two new leaks claim future Garmin watches will be getting LTE connectivity
• This feature allows you to add smartwatches to a data plan, allowing you to make calls and stream without a phone
• It's a feature included on Apple and Samsung watches, usually on more expensive models

Two new leaks claim we could soon be able to make calls, stream music and answer texts from some of the best Garmin watches yet to be announced – even without an attached phone.

Yes, LTE connectivity is coming to Garmin watches, according to separate reports from leak sites Garmin Rumors and The5Krunner. Garmin Rumors partnered with a site called AppSensa, which digs into code to discover in-development features. Garmin is reportedly going "all-in" into cellular connectivity, according to the site.

Listed features include emergency satellite SOS messaging, two-way messaging, LiveTrack location sharing without a phone, and voice calling with contacts.

Garmin Messenger, the watch-to-watch satellite messaging service, is also reportedly being expanded. Perhaps Garmin Messenger will now be Garmin's principle messaging client, able to text using your data plan and reaching phones as well as other Garmin watches?

The5KRunner also reports these claims, stating that the obvious starting point is a rumored Fenix 8 Pro, in which the "Pro" stands for the inclusion of LTE connectivity. The best Apple Watches and best Samsung watches often come in cheaper Bluetooth-only and more expensive LTE-capable variations, so it would make sense for Garmin to follow this pattern.

A big step forward

(Image credit: Future)

Garmins have long been considered separate entities to smartwatches, as they're more like adventure companions or training tools than everyday communications devices. However, certain ranges such as the Garmin Venu series already blur the lines a little.

Making the watches capable of no-phone communications would mean a huge change in strategy, and would enable more smartwatch-like models, such as the Garmin Venu X1 to seriously compete with the likes and the Apple Watch Ultra 2 and Samsung Galaxy Watch Ultra.

If true, I'm intrigued to see which future models get this rumored LTE option. The Garmin Venu 4 seems like a no-brainer. One commenter on our Garmin Venu 4 rumors hub agreed, stating: "If the Garmin Venu 4 ever came with LTE and text message response that would definitely be a gamechanger. So many current iPhone users would jump on the Venu 4 – it would be a dream watch."

Perhaps we'll see Forerunner Pros with LTE options in future too, as phoneless LiveTrack seems like a great safety tool for triathletes and trail runners doing solo training.

You might also like...

• 3 gadgets came in handy on my multi-day canoe trip, including a Garmin Epix Pro
• I review fitness trackers for a living – here's the best one I've tried in 2025
• Apple Watch Ultra 2 vs Garmin Venu X1: How does Garmin's latest superpower smartwatch compare with Apple's best?

• Cisco found a 10/10 flaw in Secure Firewall Management Center
• It released a patch and advised on possible mitigations
• No evidence of in-the-wild abuse so far, but users should still be on guard

Cisco recently fixed a maximum-severity vulnerability in its Secure Firewall Management Center (FMC) product, and urged users to apply either the patch, or the mitigation, as soon as possible.

FMC is a centralized platform for configuring, monitoring, and analyzing Cisco Secure Firewalls, where users can manage policies, track threat intelligence, and monitor their deployments across endpoints.

As per Cisco’s new security advisory, the vulnerability was discovered in the RADIUS subsystem implementation of FMC. RADIUS (Remote Authentication Dial-In User Service) is a protocol used to authenticate, authorize, and account for FMC administrators and VPN users by integrating with an external identity server.

Fixes and mitigations

The flaw is described as an “improper handling of user input during the authentication bug” which could allow an unauthenticated remote attacker to inject arbitrary shell commands.

In theory, this could be done by sending crafted input when entering credentials - however the caveat here is that FMC must be configured for RADIUS authentication for the web-based management interface, SSH, or both, for the bug to be exploitable.

The bad news is that, according to BleepingComputer, this configuration is “commonly used” in enterprise and government networks where administrators want centralized login control and accounting for network device access. Therefore, the attack surface could be rather large, and the victims high in profile.

It is now tracked as CVE-2025-20265, and was given a severity score of 10/10 (critical).

Cisco released a patch to fix the issue, and said those that cannot apply it should disable RADIUS authentication and replace it with a different method, such as local user accounts, external LDAP, or similar. The company also said that the mitigations proved good in testing, but warned customers to run the tests themselves.

Via BleepingComputer

You might also like

• Cisco warns of a serious security flaw in comms platform - and that it needs patching immediately
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers