Feed aggregator

• The Google Pixel 9a is rumored to launch with a pricier storage upgrade than the Pixel 8a
• The phone is expected in March this year, and will likely feature upgraded specs and a new, surprisingly un-Pixel-like design
• We aren't sure how reliable the pricing rumor is, as the source is anonymous

The Google Pixel 9a may keep the same starting price as the Pixel 8a, but come with a price hike for its higher storage variant, if a new rumor is to be believed.

According to a report from Android Headlines that only credits “our sources”, the Google Pixel 9a will launch at $499 in the US for the model with 128GB of storage – that’s the same as the current-gen Pixel 8a, and if prices hold steady elsewhere, that means we’ll see a launch price of £499 / AU$849 in the UK and Australia.

However, the report also suggests that the expanded 256GB model will come in at $599 – that’s a $40 hike on last year’s model. This may be reflected in pricing for the UK and Australia too, in which case we’d expect to see a price of around £599 / AU$1,000, but Google may elect to change regional pricing individually.

For example, the Pixel 8a launched at $499 / £499 / AU$849, which was the same as the Pixel 7a in the US, but £50 more expensive in the UK and $100 more expensive in Australia.

This pricing structure equates the value of 128GB of storage to $100, which is also the basis for the pricing of the flagship Pixel 9 and Pixel 9 Pro models.

A price hike of any kind is never good news, but a stable launch price is perhaps more important for a phone targeting budget-conscious consumers. And as a follow-up to the Pixel 8a – our present choice for the best budget Android phone – the Pixel 9a is likely to offer great value for money regardless.

A leaked render of the Google Pixel 9a, showing the new design with no camera bar (Image credit: Android Headlines / @OnLeaks)

We’ve been reporting on leaks about the upcoming cheaper Pixel phone for months, and, if these rumors are to be believed, we’ll be getting a very capable midrange handset from Google in March 2025.

We previously reported that the Pixel 9a is rumored to have a 6.3-inch 120Hz display, the flagship-class Tensor G4 chipset, and 8GB of RAM.

As for cameras, we’re expecting the Pixel 9a to sport a 48MP main camera, 13MP ultra-wide, and 13MP selfie camera. That main camera might seem like a downgrade on the Pixel 8a’s 64MP snapper, but as T3 reports, this could be the same sensor found on the Google Pixel 9 Pro Fold, which would be considered an upgrade on the 8a.

The Pixel 9a is also expected to get a refreshed design that ditches the iconic Pixel camera bar for an oval cutout, and come equipped with a 5,100mAh battery; that would be larger than the one in the Pixel 9 Pro XL, and even larger than the batteries in the iPhone 16 Pro Max and Samsung Galaxy S25 Ultra.

We shouldn’t have to wait too long for official details about the Pixel 9a, but for now, the above is based on rumors and leaks. The pricing rumor stems from an anonymous source, so we can't say for sure how reliable it is.

If you can’t wait until March to see whether the Pixel 9a is for you, be sure to check out our lists of the best Android phones and best cheap phones for more options.

You might also like

• This case isn't just a rotting banana, it's a window into iconic music history
• The Samsung Galaxy S25 Ultra could get a Bluetooth S Pen after all – but it’ll cost you extra
• The latest iPhone SE 4 leak shows off its rumored redesign next to the iPhone 16

The future of EVs might hinge on a decades-old air pollution law. Whether the law is upheld will have ramifications far beyond the borders of the Golden State.

• MSI says there will be a limited supply of the RTX 5090 at launch
• This shortage reportedly stems from miscommunication with Nvidia
• Scalpers may have the upper hand at launch due to limited availability

Nvidia's RTX 5090 is about to launch at multiple retailers on January 30 and considering the power it packs for providing the best gaming performance across the board, many PC gamers are keen to get hold of one - but unfortunately, that might not be easy.

As reported by Wccftech, MSI claims that the supply of the RTX 5090 will be limited at launch, suggesting a chip shortage on Nvidia's part. While this is only one of Team Green's third-party partners, it certainly doesn't spell good news for other partners and those attempting to purchase Founders Edition GPUs.

Considering the history of scalping surrounding the previous generation's RTX 4090, I’m worried it might turn out to be much worse this time around - with an MSRP of $1,999 / £1,939 / AU$4,039 (along with the combination of a limited supply), we could be seeing a far more dire situation. It's also worth noting that most partner cards will be more expensive than Nvidia's Founders Edition, so this may give scalpers an opportunity to go overboard with pricing if demand is suitably high.

According to IT Home (translated from Chinese), the projected short supply at launch stems from miscommunication between Nvidia and partners, plus the 'Spring Festival' (Chinese New Year) affecting factory opening times. Whilst it's not the end of the world for those intent on purchasing the flagship GPU, it does indeed point towards a potential long (and expensive) wait if scalpers are quick to strike.

(Image credit: Future) So, how do you beat scalpers?

Let's face it: there's not much one can do to beat scalpers other than staring at your screen and constantly refreshing the store page to reach the checkout before everything sells out. The same can be said for those camping outside retailers for the RTX 5090 due to the limited supply as highlighted by IGN - besides this, most of it is left to luck and any measures put in place by Nvidia itself or retailers.

We've seen this occur with the likes of Valve's Steam Deck, which was limited to one order per account when in high demand - and whilst it didn't completely eliminate scalping, it did a great job at softening the blow, though at the cost of customers left on edge when awaiting a new batch of units. If you’re wondering where to buy Nvidia’s RTX 5090, we’ve made a short guide on the best online retailers to keep tabs on.

If scalpers manage to beat customers and units sell out quickly, I'd say it's worth waiting patiently to avoid overpaying - especially if you're still using an RTX 4090, as I promise you, you're perfectly fine for the time being.

You may also like...

• Where to buy Nvidia RTX 5080: I'd check for stock here first
• Are Nvidia’s RTX 5060 GPUs about to arrive? Rumor hints they might be - with the RTX 5060 Ti potentially coming with 16GB VRAM
• AMD looks set to compete with Nvidia in the laptop GPU space - Team Red claims Ryzen AI Max 395+'s iGPU outperforms RTX 4070 laptop GPU

• Apple warns users about use-after-free vulnerability being exploited in the wild
• It affects most products, including iPhones, watches, TVs, and more
• A patch is already available, so update now

Apple has released a patch for its first zero-day of 2025, fixing CVE-2025-24085, a use-after-free flaw affecting the CoreMedia component.

CoreMedia is a framework in Apple's ecosystem that handles multimedia. It is important for the playback, processing, and management of both audio and video files, and is found in devices powered by macOS, iOS, iPadOS, tvOS, and watchOS.

A use-after-free (UAF) flaw is a type of memory vulnerability that occurs when a program continues to use a memory location after it has been freed (deallocated). This can result in unpredictable behavior, such as crashes, data corruption, or execution of malicious code. Attackers can exploit UAF by manipulating the memory space to insert malicious payloads, which the program may execute when it accesses the freed memory.

Patching things up

The issue affects multiple Apple products: iPhones, iPads, macs, TVs, Vision Pro, and watches.

The company said it was being exploited in the wild as a zero-day, but at this time, it did not share any details - although the bug could be exploited through a rogue app, which could grant the attackers more control over the target system.

The relative silence is regular practice for Apple, since it wants to give its users enough time to apply the patch, without tipping potential threat actors off on a new attack avenue.

Speaking of the patch, Apple product users should make sure their devices are updated to the following: iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, and watchOS 11.3.

"A malicious application may be able to elevate privileges," Apple said in a security advisory. "Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.”

Via The Register

You might also like

• Apple forced to patch iOS and macOS security flaw that could have leaked your private info
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

This new Ninja Crispi portable air fryer may be the new best solution to potlucks, office lunch, and maybe tailgating.

• Nintendo Switch 2 Experience invites are now being sent out
• The preview event will be held in cities across North America, Europe, Asia, and Oceania
• Waitlists are scheduled to open on January 29 for those who missed out on an invite

Invites for the Nintendo Switch 2 Experience event are now being sent out.

Following the long-awaited reveal of the Nintendo Switch successor, Nintendo announced that it would be holding an exclusive preview event, offering fans the opportunity to get a closer look at the console ahead of its release.

Sign-ups went live earlier this month and official invites have now been sent out to a selection of lucky members of the public.

Those who did get an invite received confirmation via their emails, verifying their entry and the designated location they registered for, and have since been sharing their excitement through social media.

YOOO I GOT IN!!! Oh my god, against all the odds I actually did it! I can’t wait to see the switch 2 in person!! Now I’m trying to get my best friend irl a ticket so we can go together, but other than that if any of my mutuals or cool people are going at this time, hit me up! pic.twitter.com/yLMGrku14HJanuary 27, 2025

For fans who were rejected, Nintendo has now confirmed that there could be an opportunity to attend the preview event in the case of cancellations. Waitlists are also scheduled to open on January 29 and will be available on a "first-come, first-served basis".

The Nintendo Switch 2 Experience is scheduled to kick off in New York on April 4 and will run until June, though the specific date has yet to be announced.

You can check out the list of locations and dates below.

North America

• New York: April 4 - April 6
• Los Angeles: April 11 - April 13
• Dallas: April 25 - April 27

Europe

• Paris: April 4 - April 6
• London: April 11 - April 13
• Milan: April 25 - April 27
• Berlin: April 25 - April 27
• Madrid: May 9 - May 11
• Amsterdam: May 9 - May 11

Oceania

• Melbourne: May 10 - May 11

Asia

• Tokyo (Makuhari): April 26 - April 27
• Seoul: May 31 - June 1
• Hong Kong: To be announced
• Taipei: To be announced

You might also like...

• Nintendo Switch OLED - review
• The best Nintendo Switch games to play in 2025
• Nintendo Switch 2 backwards compatibility is ‘the best direction to take’ for players, Nintendo says

This review first appeared in issue 357 of PC Pro.

TelephoneSystems.Cloud stands out from the crowd of VoIP providers as its automated quote system lets you set your entire business service up without having to speak to any representatives. We tested this by visiting the main website (given away by the company name) and clicking on the “Get Quote” button, after which we were guided through a set of questions asking about our requirements.

For our VoIP testbed, we requested four users, chose to use our own internet provider, opted for softphones and our existing desk phones, skipped the optional Webex Teams+ and Presenter, asked for new UK phone numbers and selected the automated installation service. TelephoneSystems.Cloud presented us with an itemized bill showing a £60 setup fee and monthly charges of £11 per user, which we agreed to by completing the transaction with our banking details and setting an admin account password.

You’re nearly there now; the next web page asks for a preferred area code, details of the services required such as call groups and queues, plus auto-attendants and the MAC addresses of existing desk phones. Lastly, you add details of your users, provide passwords and choose their extension numbers.

On completion, we received an email and SMS advising us the account was being created. It was ready for action two hours later, and at no time during this process did we speak to anyone.

From our account dashboard, we saw that all our users had already been assigned a direct inbound dial (DID) number from the block we’d requested. Onboarding is simple: you issue an email invitation from the dashboard that provides a link to the Webex client and mobile apps, along with instructions on setting them up.

The order process and the admin dashboard are both very slick (Image credit: Future)

After installation, users sign in with the Webex email address and password the system assigned to them and they’re ready to start making and receiving calls. This is the standard Webex app so it offers plenty of useful features, including personal contact lists and a quick access dial pad. Integral videoconferencing lets users make video calls with consummate ease.

Pre-configured desk phones can be ordered online, with choices including Yealink, Jabra and Polycom. For our own Yealink T42S models, instructions were emailed to us so we just entered the supplied provisioning URL in their web consoles and, after a firmware upgrade, they were automatically assigned to each user.

Voice prompts for services such as the auto-attendant, voicemail, holiday greetings and on-hold messages can be added, and TelephoneSystems.Cloud goes a step further than many providers with its AI text-to-speech service, which costs £10 per message. Alternatively, you can upload your own audio files to an online library, and the company even offers professional voice actors to create them for you, with online quote services provided.

The Webex app supports audio and video calls (Image credit: Future)

The dashboard presents plenty of account information and a call history graph for the past six months, while the billing section keeps you posted on the latest invoices and upcoming payments. All the action takes place in the account portal, which lists your sites, assigned numbers, all users and associated devices such as desk phones and mobile apps.

An incredible range of call-handling services are available and include an auto-attendant, call center, call parking, groups for ringback, hunt and pickup and much more. Rules control the numbers and countries to which outbound calls can be made, while group contacts are synced to Webex so they appear in the apps.

TelephoneSystems. Cloud is a great choice for businesses that know what they want from cloud-hosted VoIP services. The quote process is impressively smooth, and it offers a wealth of easily accessible call features at a competitive price.

We've also rated the best PCs for businesses.

• PS5 exclusive Rise of the Ronin is coming to PC
• It will have a range of exclusive features, including 8K support
• It's also cheaper than the PS5 version

PlayStation 5 exclusive Rise of the Ronin is finally coming to PC. Developer Koei Tecmo has officially revealed that the game will arrive on Steam on March 11, 2025.

Interestingly, the PC version will benefit from quite a few exclusive features in the graphics department. This includes support for 8K resolution, DirectX 12 Ultimate, ultra-wide and super ultra-wide displays, 120fps support, ray tracing, and 3D audio. This is on top of a menu UI that has been reworked for mouse controls, plus customizable keyboard and mouse inputs.

In my experience, the original release of Rise of the Ronin often struggled to run on the base PS5 - with a few persistent stutters and a rather muddy looking picture at times. The developer has confirmed that the PC release will benefit from the addition of AMD Fidelity FX Super Resolution and Nvidia DLSS and Reflex support, which might prove a reliable way to smooth out those issues.

The PC release is currently available for pre-order and comes in significantly cheaper than the PS5 version, which retailed for $69.99 / £69.99 when it launched on March 22, 2024. It costs just $49.99 / £39.99, which in my eyes is a great price for such an expansive and unique open world game.

Those who pre-order the PC version will receive the same pre-order bonus as PS5 players did, a pack of Ninja Gaiden inspired items. This includes the Iga Ninja's Katana and Iga Ninja Armor Set, plus early access to four in-game combat styles. Overall, not the most essential addition, but a neat little bonus for those eager to dive in on day one.

In our Rise of the Ronin review, we praised its superb action combat and the sheer number of things to discover in its world. Although it suffers a bit from some samey mission design, it’s still well worth experiencing and the ability for more players to do so can only be a good thing.

You might also like

• I think now could be the best time to buy a Nintendo Switch instead of waiting for the Nintendo Switch 2, here’s why
• Marvel Snap is finally back online in the US and all players are getting a huge number of free in-game items as compensation
• Xbox games are coming to Nintendo Switch 2, per Phil Spencer

• Some older Apple Watch models have been unable to update properly
• The problem means they may not be able to sync with your iPhone
• It’s almost certainly a mistake by Apple and will hopefully be fixed soon

If you have an older Apple Watch and have noticed that it’s been unable to update properly, you might not be alone. According to info circulating on social media, Apple has mistakenly excluded many Apple Watch users from upgrading their devices to a more recent version of watchOS.

Specifically, the concerns center on the Apple Watch Series 4, Series 5 and first-generation SE models. For instance, X user @MasterMike88 claimed that if one of these Apple Watches is running a watchOS version prior to 10.6.1, it will not be able to update to that version.

This is a problem because it means that users of older Apple Watch models will not be able to get potentially important security and feature upgrades included in watchOS 10.6.1.

We’d always recommend ensuring your Watch is running the latest version of Apple’s software, but in this instance, it looks like that’s not possible. Hopefully Apple will push out a fix soon.

That syncing feeling

(Image credit: Future)

There’s another potential problem: an Apple Watch running an older version of watchOS 10 might not be able to pair with an iPhone if it is affected by this issue. If you can’t pair them, you won’t be able to sync data between the two devices.

It appears that this issue is only limited to Apple Watch models that can run watchOS 10 but not watchOS 11 – in other words, the Series 4, Series 5 and original SE editions that we mentioned earlier. More recent Apple Watches should be unaffected.

Back on X, @MasterMike88 believes that the problem stems from Apple changing the update requirements from CV (Compatibility Version) 22 to 24, which is normally associated with late versions of watchOS 11. Since the affected Watch models can’t run watchOS 11, they can’t install an update that they should have access to (that is, watchOS 10.6.1).

Because of that, we suspect that this is a mistake on Apple’s part rather than any deliberate plan, and that means it’s likely that Apple will fix this issue soon. If you’re affected, you’ll have to hang tight until Apple sorts this issue out.

You might also like

• watchOS 11: new fitness features, Vitals app, and more coming to the Apple Watch 10
• watchOS 11 is available right now — here are the 5 biggest health and fitness upgrades
• Here's why the Apple Watch Series 10 is now my favorite big-screen smartwatch

This review first appeared in issue 357 of PC Pro.

On its website, Samsung lists this monitor as the S90PC ViewFinity 5K Smart Monitor, but it feels more like a smart TV on first “boot”. It asks to be connected to your Wi-Fi network, and once you’ve jumped through various hoops you’ll find yourself in Samsung’s TV Plus section with a huge selection of live channels. Just to hammer home the point, your first interactions are via a remote control rather than an OSD.

The remote offers dedicated buttons for Disney Plus, Netflix and Prime Video. We watched the first few minutes of Top Gun: Maverick and the detail was so rich on the 5K panel that we picked up several details we didn’t spot in the cinema. Samsung backs up the visuals with the best speakers here by some distance. Whisper it, but there’s even bass on show.

You can also play games via Samsung’s Gaming Hub, with an option to sync your Amazon account via Luna. It supports Xbox Game Pass and Nvidia’s GeForce Now services, too. Games look great, despite the S9’s modest 60Hz refresh rate.

But we’re getting this the wrong way round, for Samsung is promoting the ViewFinity S9 as a work first, play later monitor, so let’s head to the Workplace area of its Tizen OS interface. Here, you can wirelessly connect to a PC, a Samsung phone (using DeX) and even log in to your Microsoft 365 workspace.

A detachable 4K webcam can be attached to the top of the stylish S9 (Image credit: Future)

The latter is aggravatingly slow, though, and there’s also annoying lag on the wireless connections to your PC and phone, so you’ll reach for the Thunderbolt cable where possible. And at this point, finally, it becomes a normal monitor. Albeit one with a 5K (5,120 x 2,880) resolution, which gives a quite stunning 218ppi density. Overkill, but photographers will love the detail, and it makes the 109ppi of a 1440p 27in screen feel distinctly average.

At this price we expected mini-LED technology, but IPS is in place as usual.

It’s an 8-bit panel with FRC, giving 1.07 billion colors, but what will matter for professional users is that it comes pre-calibrated for sRGB and DCI-P3. Not Adobe RGB, though, which is a surprise as the ViewFinity S9 lists Pantone validation among its many features.

A 5K resolution makes everything look incredibly detailed (Image credit: Future)

There are also two slots available in the OSD for hardware calibration via recent Samsung phones. Using the Smart Things app, you can opt for a simple 30-second calibration for basic colors and brightness, or complete a ten-minute “professional” calibration to either the sRGB or DCI-P3 color spaces. The result was little better than the pre-calibrated versions, but could be useful if the colors drift over the years.

Most of the time, though, you’ll find the default “Eco” mode does the job, which uses the panel’s native color profile and covers 99% of the DCI-P3 space. We’re not sure “Eco” is the correct term, however, as this is the most power-intensive 27in display here, consuming 42W at 200cd/m2 and 61W at its peak 629cd/m2. Films benefit from even higher peaks thanks to support for HDR.

The monitor itself looks stunning. Its thin bezels and stylish finish remind us of Apple’s Studio Display, and while we would have liked more tilt than 15° back and 2° forward, at least it includes 120mm of height adjustment. Only an ambient light sensor interrupts the clean lines of the front display, with the traditional OSD controls tucked next to a sprinkling of connectors at the rear: a miniDisplayPort, one USB-C input (complete with Thunderbolt 4 support), and three USB-C connectors for peripherals. The main USB-C port delivers 98W of power but the others a miserly 4.5W, which is surprising when you consider the gigantic power brick – think cigar case – that you’ll want to hide under your desk.

The stand offers a limited amount of tilt (Image credit: Future)

There’s one final bonus here: a 4K webcam. It comes with a privacy cover, albeit one that’s easy to lose, but for ultimate privacy simply disconnect it. The slimline unit attaches magnetically to the rear of the panel via pogo pins, so you can chuck it in a drawer when not in use. When it’s time for calls, its superb detail capture will surely impress.

Whether it’s great enough to justify the price is a different matter. If it included mini-LED technology we could understand the £999 tag, but the S9 – while a lovely monitor – only makes sense for those with money to spare and the need for a 5K work screen during the day and an entertainment center at night.

We've also ranked the best business smartphones.

The bookseller is applying its sales model—where online purchases support indie bookstores—to digital books. It has also released a mobile app for shopping and reading ebooks.

• DeepSeek says it is suffering from a huge cyberattack
• The attack has prevented new users from registering
• A DDoS attack is rumored to be the cause of the outage

DeepSeek has had to temporarily pause new signups to its generative AI chatbot due to “large-scale malicious attacks” against the platform.

The open source model was recently released to the public, causing ripples across the technology industry, sending US markets into freefall.

The relatively new platform has shot to number one on the US app store, replacing ChatGPT as the most popular free app, and has been rumored to have cost as little as $5.6 million to develop.

No new users

This growth has apparently resulted in some unwanted attention, and DeepSeek has not shared any details about the attack, but due to the systems the attack is affecting, it is possibly a distributed denial of service (DDoS) attack against the platform’s API and Web Chat services.

The DeepSeek status page simply states, “Due to large-scale malicious attacks on DeepSeek's services, we are temporarily limiting registrations to ensure continued service. Existing users can log in as usual. Thanks for your understanding and support.”

While registering for new users is currently unavailable the service can still be accessed by signing in with a Google account, with a user's email, language preference and profile picture being shared with DeepSeek in return.

Despite numerous sanctions enacted by the Biden administration aimed at depriving China of the latest semiconductors, initial tests suggest that the DeepSeek model outperforms its US counterparts despite being developed for a fraction of the cost.

Being released as open source means that the model is free to download and use by other AI developers, significantly disrupting the AI market in the US and causing huge sell-offs of shares in US tech companies. Whether the US will face this new-found competition in the AI arms race with innovation or increased sanctions remains to be seen.

Via CNBC

You might also like

• These are the best AI tools and best AI writers
• Take a look at our guide to the best AI website builders
• Could Oracle be about to take over TikTok? Trump reportedly backs plans for shock deal

Some worry the Chinese startup’s impressive tech indicates the US is losing its lead in AI, but it may really be a sign that a new approach to building models is gaining traction.

Suryakumar Yadav's team look to claim an unassailable lead as the series moves to Rajkot.

• Microsoft Teams is finally introducing a phishing alert function
• The feature will be generally available in mid-February 2025
• Hackers have been abusing external comms to hit organizations with malware and ransowmare

Microsoft Teams has long been a favorite target for hackers looking to infiltrate organizations by impersonating brands or network administrators, but that is all finally about to change.

Numerous threat actors have abused external access, with one Russian group ‘bombing’ a user's email inbox with thousands of emails before pretending to be an IT support worker calling to help fix the spam, before gaining remote access and deploying malware.

A phishing warning for external messages has therefore been a long time coming, with the feature set to be introduced by Microsoft in mid-February 2025.

Phishing detector

The phishing threat alert was first rumoured in October 2024 in the Microsoft 365 roadmap, with a subsequent advisory added to the Microsoft 365 service update page stating the system would be generally available around mid-February 2025.

“This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to update any relevant documentation. We recommend that you educate your users on what the new high-risk Accept/Block screen means and remind users to proceed with caution.”

Phishing checks will happen every time a user receives a message from an external source for the first time, Microsoft added, further explaining that an ‘Accept or block’ prompt will appear over suspicious chats, with the user being reminded to recognize that the message could be phishy if they choose to click accept.

External access can be disabled in the Microsoft Teams Admin Center, preventing risky external communications entirely, but those who regularly need to use external messaging will have to remain extra vigilant until mid-February. Microsoft recommends that organizations train their employees to spot and report suspicious phishing emails and messages.

Via BleepingComputer

You might also like

• Keep your organization secure with the best business VPN
• These are the best firewalls around today
• Ransomware crew pose as Microsoft Teams IT support to steal logins and passwords

• OCR and image recognition data are being stored insecurely in OneDrive for Business, expert claims
• Locally stored data is putting companies at risk of leaks
• Hybrid working amplifies the security challenges

Security expert Brian Maloney has criticized Microsoft for storing OneDrive for Business files insecurely on users’ devices.

He claims the popular cloud storage tool allegedly stores data obtained from image OCR in an unsecured database on account holders’ PCs, putting them at risk of data exfiltration.

Although there are benefits to storing data locally, it can pose security concerns if the storage is inadequately protected, Maloney has claimed.

OneDrive for Business storing files locally, but insecurely

Microsoft, together with other companies like Apple, uses OCR (optical character recognition) and image recognition to enhance search and other features.

In a series of X posts, Maloney wrote: “Just a heads up. M$ is OCRing all your images in OneDrive for business in an unsecured database on your desktop/laptop. Happy Friday. #DFIR.”

Because OCR is stored in plain text, attackers who are successful in obtaining access to the databases can acquire potentially sensitive information from unknowing victims.

vx-underground.org added to Maloney’s work on X, sharing: “Any image saved with OneDrive is stored locally in a SQLite file (for offline mode, or something).”

Although business-issued hardware typically involved additional layers of security, such as encrypted storage, biometric security, and access to company systems via protected networks such as VPNs, the rise of hybrid working now means that more workers are accessing their business accounts, including OneDrive for Business, from their own personal hardware, which might not have such strong protection.

TechRadar Pro has asked Microsoft to comment on its decision not to protect OCR databases, but we have not received an immediate response.

In the meantime, users should consider only enabling features that they intend to use in order to minimize risk. Employees should also be vigilant to attacks, including avoiding clicking on suspicious links and sharing credentials online.

You might also like

• We’ve rounded up the best OCR software around
• Did you download something dodgy? Consider the best malware removal
• Still keeping data in unlicensed Microsoft OneDrive? Act now or lose it forever

A goat farmer in rural Minnesota, estranged from her biological children, finds new purpose as a surrogate grandparent.

• Google is making the code for now-discontinued smartwatch Pebble available to download
• Pebble founder Eric Migicovsky claims to be working on a new smartwatch using PebbleOS
• The smartwatch is still in early development, but will adhere to Pebble’s core tenets

Before the Apple Watch, before the Samsung Galaxy Watch, and before the Google Pixel Watch, there was Pebble. The iconic smartwatch was eventually bought by Fitbit and discontinued in 2016 (and in a cruel twist, the same fate befell many of the best Fitbits after Fitbit was bought by Google), but many users still have fond memories of their Pebbles, and an active community of users are still maintaining functional Pebbles.

Now, it seems like Pebble is ready for a comeback. Google, with no plans to disrupt sales of the Google Pixel Watch 3 and Fitbit’s best fitness trackers, don’t seem to care to release an official Pebble, but they are throwing a bone to the community by preparing to make PebbleOS open source, according to a recent blog post.

For the uninitiated, open source means that anyone will be able to download the source code for Pebble watches, make changes, and publish their versions to the internet for free. This will allow tech-savvy Pebble fans to keep their watches operational - and pave a way for the iconic smartwatch’s return under a new name.

Eric Migicovsky, Pebble’s founder, told TechCrunch that he’s devoted himself full time to creating a new third-party smartwatch. In a blog post on his own website, he writes; “The company behind it failed but millions of Pebbles in the world kept going, many of them still to this day.

(Image credit: Future / Lance Ulanoff)

“I wear my Pebble every day. It's been great (and I'm astounded it’s lasted 10 years!), but the time has come for new hardware.”

Migicovsky is the project’s only current full-time employee. Using PebbleOS, the future smartwatch, which will be released under a different name than Pebble, will (according to Migicovsky’s blog post) conform to the following tenets:

• Always-on e-paper screen
• Long battery life
• Simple "and beautiful" UX "around a core set of features [Migicovsky uses] regularly (telling time, notifications, music control, alarms, weather, calendar, sleep/step tracking)"
• Buttons
• Hackable

You can sign up for information on the project at rePebble.com.

Analysis: Migicovsky’s perfect watch

Migicovsky’s ideal watch, on the surface, certainly sounds like one I’d wear in rotation. I love the memory-in-pixel screen you can get on the best Garmin watches and other digital watch-style aesthetics, so the e-paper screen with minimal distractions, long battery life and physical buttons are music to my ears.

With watches reaching a sort of inflection point, I believe we’ve already hit ‘peak smartwatch’ and future models are going to look more and more similar from hereon out. A back-to-basics, open source approach sounds like the breath of fresh air this form factor needs. What’s old is new again.

However, I’m acutely aware the project isn’t really off the ground yet, and may never come to fruition. The smartwatch industry has moved on from Pebble, and as much as some users might see it as a welcome change, there’s every chance most users will be too comfortable with their pre-existing watches to give an upstart any time of day. We’ll continue reporting on the new Pebble as new information comes to light.

You might also like...

• 50 best Apple Watch apps: from health apps to games and everything in between
• Best cheap fitness trackers 2025: track your steps, heart rate and workouts for less
• Fitbit issues battery overheating warning over two of its most popular watches

Take advantage of APYs up to 4.65% while they're still here.

Trump said the diversity programs discourage merit and leadership, and discriminate on the basis of race and sex. The directive was among a series of orders that seeks to reshape the U.S. military.

(Image credit: Anna Moneymaker)