TechRadar News

• Meta wants to cut 5% of its headcount
• CEO Mark Zuckerberg wants low performers out, and new talent in
• The cuts, with general attrition, will cut headcount by around 10% this year

Meta is planning to cut 5% of its workforce, according to an internal memo shared by CEO Mark Zuckerberg to employees and acquired by Bloomberg.

Figures put Meta’s current workforce at around 72,500, meaning the layoffs would affect at least 3,600 of the company's “low-performers.”

“We typically manage out people who aren’t meeting expectations over the course of a year, but now we’re going to do more extensive performance-based cuts during this cycle,” Zuckerberg said in the memo.

‘This is going to be an intense year’

“I’ve decided to raise the bar on performance management and move out low-performers faster,” Zuckerberg said, further stating the company would be backfilling the open roles through 2025.

Those to be ousted from the company in the US are expected to be notified on February 10 and will be given “generous severance”, according to Zuckerberg, with overseas workers likely to be notified at a later date. Meta has cut around 21,000 workers between 2022 and 2023, with Zuckerberg cutting 10,000 of these jobs during the company's “year of efficiency” of '23.

As for this year, Meta’s employee numbers are expected to drop 10% as a result of current job cuts and attrition. Going forward, the company is planning to focus heavily on AI, smart glasses, and its social media platforms., with Zuckerberg likely poised to fill the impending gap in the market caused by TikTok's upcoming ban in the US on January 19th.

Zuckerberg also recently announced that Meta would be ceasing its Diversity, Equity and Inclusion programs and that Facebook and Instagram would be switching from “politically biased” fact checking services to a community based notes system, similar to Twitter (now known as X).

You might also like

• We’ve listed the best job sites and best recruitment platforms
• JPMorgan tells all its employees they must return to office full-time
• Upskill to enhance your career prospects with the best online learning platforms

• Microsoft released January 2025 Patch Tuesday cumulative update
• It fixes more than 150 vulnerabilities, including three being actively abused in the wild
• Other details about the flaws are not being disclosed at this time

The first Microsoft Patch Tuesday of 2025 is upon us, and it’s a big one, as the update patches 161 vulnerabilities found in various products, including three zero-day bugs that have been actively abused in the wild.

The three vulnerabilities are tracked as CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. All three have a severity score of 7.8 (high), and all are found in Windows Hyper-V NT Kernel Integration VSP.

"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft said in the advisory for the flaws.

Added to CISA's KEV

Other details are not known right now, as Microsoft gives users enough time to apply the patch without a swarm of hackers going after them. Therefore, we don’t know who the threat actors are, who the victims were, or how the attackers managed to compromise their targets’ IT infrastructure.

However, in its write-up, The Hacker News says the trio are privilege escalation bugs, and, citing Satnam Narang, senior staff research engineer at Tenable, are thus “very likely used as part of post-compromise activity, where an attacker has already gained access to a target system by some other means."

Since the vulnerabilities are being actively exploited in the wild, users are advised to apply the patch immediately. CISA has already added all three to its Known Exploited Vulnerabilities (KEV) catalog, giving federal agencies a deadline of February 4, to apply the patch.

While these three flaws are arguably the most dangerous ones (since they’re being actively used), Microsoft also addressed 11 critical-severity bugs, as well. The remaining 149 are rated as important. Zero Day Initiative says this is the largest Patch Tuesday since 2017. Aside from Patch Tuesday, Microsoft also addressed Edge browser flaws in a separate patch, fixing seven vulnerabilities in the process.

Via The Hacker News

You might also like

• Chinese hackers are switching to new malware for government attacks
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

• New heroes are coming to Marvel Rivals
• Developer NetEase Games wants to release one roughly every six weeks
• This is in addition to other seasonal content like new maps

Developer NeatEase Games has stated that Marvel Rivals will receive a new hero “each half of the season” - or approximately every six weeks.

Game director Guangyun Chen revealed the plans in a recent interview with Metro. He said that “fresh seasonal stories, new maps, and new heroes” are on the way, with each new season broken into “two halves”. In “each half of the season, we will introduce a new hero,” he continued.

The overall goal is to “continue to enhance the experience” and “keep everyone excited in our community.” This means that there are an awful lot of new heroes on the way, indicating a very promising future for the live service hit.

Marvel Rivals launched as a free-to-play title on December 5, 2024. It had an impressive roster of 33 characters on day one, ranging all the way from comic book staples like Captain America and Iron Man in addition to more unusual picks such as Luna Snow and Jeff the Land Shark.

This number has already increased to 35, thanks to the recent additions of Mister Fantastic and Invisible Woman to coincide with the launch of Season 1. They will soon be followed by Human Torch and The Thing in the latter half of the season, but social media is already abuzz with speculation as to who could be next.

The latest leaks and rumors suggest that Blade, Captain Marvel, Deadpool, and Doctor Doom are all on the cards, which would see us through most of the year on this six week schedule if the developer manages to keep up the pace. Beyond that, it's anyone's guess as the studio has shown that it's not afraid to dig deep into its Marvel source material for picks.

If you’re new to Marvel Rivals and want to give it a try, it’s currently available on PC, PlayStation 5, Xbox Series X, and Xbox Series S.

You might also like...

• Marvel Rivals codes and how to redeem them
• Best capture cards in 2025: everything you need to record your gameplay
• The best multiplayer PC games 2025: top competitive titles to play today

• Tekken 8 Version 1.11 is here; the final update before Season 2 begins
• It nerfs guest character Clive Rosfield
• Quality-of-life updates for quick play and customization have been added

The latest Tekken 8 update has arrived, bringing one last batch of changes and improvements before the game's Season 2 content kicks off in Spring 2025.

The patch notes for Version 1.11 can be viewed in full over at the official Tekken 8 website, but the big talking point has to be the changes applied to the game's newest DLC character: Final Fantasy 16's Clive Rosfield.

The patch notes state that these "changes were made to Clive focusing on suppressing the performance of certain overpowered moves." This includes one of his powerful Heat Engagers and a handful of moves that the patch notes state were "difficult to punish" due to their very quick recovery after use. Changes have been made to make these moves slightly more unsafe when they miss or whiff.

Honestly, this could be a blessing in disguise for Clive mains. Like most other Tekken 8 characters, Clive has a veritable laundry list of great moves that up to this point have been overshadowed by a handful of priority attacks. Now, Clive players should feel encouraged to explore his tool kit in full, which should lead to more varied and creative playstyles for the character.

Thankfully, the patch isn't solely dedicated to nerfing Clive. Version 1.11 has also added a litany of quality-of-life improvements to the game. For non-ranked Quick Match and Tekken Ball, players can now infinitely rematch one another instead of being booted back to standby after the usual best-of-three.

Bandai Namco has also provided a solution for those of you who've run out of customization slots for your favorite characters. Well, sort of. A new 'Shared' customization tab has been introduced, allowing up to 20 more customizations that are shared across the entire roster. It's a shame this hasn't been applied to the entire cast, but if you primarily play as a small handful of characters, this is still a positive change overall.

You might also like...

• Street Fighter 6 gets new gameplay trailer for next DLC character Mai Shiranui
• The Nintendo Sound Clock: Alarmo is coming to participating retailers in March 2025
• Assassins Creed Shadows isn't even out yet, but it seems the game's first DLC may have already leaked online

Netflix has revealed the trailer for its latest reality show, and while the whole thing sounds (and, at first, looks) like a satire, it appears to be honest-to-goodness show that I might not be able to resist.

Celebrity Bear Hunt involves a group of celebrities heading into the Costa Rican jungle to be trained in various survival methods by famous survival maniac Bear Grylls. The celebrities will compete in "epic challenges", and those who lose the challenges won't just be kicked off the show – they'll be sent out into the jungle and hunted down by Grylls, with the goal being to escape his clutches.

It's hosted by UK TV staple Holly Willoughby, and features a group of celebrities probably more familiar as a group to our UK readers. The list is:

• Boris Becker (former tennis player)
• Danny Cipriani (former rugby player)
• Joe Thomas (actor)
• Kola Bokinni (actor)
• Laurence Llewelyn-Bowen (TV host)
• Leomie Anderson (model)
• Lottie Moss (model)
• Mel Brown (musician)
• Shirley Ballas (TV host)
• Steph McGovern (TV host)
• Zuhair Hassan (musician)

The trailer involves plenty of promise of celebrities find themselves and having personal and emotional breakthroughs, but I'm really much more interesting in all the footage of people being swept up in giant nets.

I love a good 'people outsmarting each other', so it's really the hunting side of this show that's drawing me in; seeing what techniques Bear Grylls uses to track people, and what they'll do to avoid him. Apparently, the hunting will happen in an area called 'The Bear Pit', so I have this feeling that it might have a whole The Hunger Games vibe too in the end. I suppose I'll find out on February 5th, when we'll see if it's good enough to rank among the best Netflix shows.

You might also like…

• 4 movies leaving Netflix in January with over 90% on Rotten Tomatoes you won't want to miss
• Netflix could be expanding its use of AI as new patent reveals plans to offer more personalized trailers
• New Netflix movies: the biggest films to stream in January 2025

• Arm could be considering move to selling its own chips
• Details of proposed change revealed as part of Qualcomm’s court win over Arm
• Switch in strategy could prove incredibly lucrative for Arm

Update 01/16/25: This article has been updated with a correction to reflect that Qualcomm bought Nuvia, not Arm.

Original article follows.

Semiconductor technology supplier Arm, which almost certainly has its hardware somewhere in your business smartphone, is known for assisting companies to make their own mobile-suited processors, but that could soon change with a mooted shift into manufacturing its own chips.

A report from Reuters discusses Arm’s so called “Picasso” project; a bid to increase revenue by selling its own chips and competing with its own juggernaut customer base - including Qualcomm and Apple - that it normally sells ready-made Arm intellectual property to in order to assist with chip design.

Arm may also be planning to hike the royalty rates for those customers.

Arm v Qualcomm in brief

Details of the proposed strategy were revealed as part of Qualcomm’s court win over Arm in a royalty dispute brought and lost by the latter in December 2024.

This would nominally have included Qualcomm, but its purchase of the start-up Nuvia, in order to use the company's tech to produce its own chips and gradually break away from the prior agreement, led to Arm filing a complaint in US Federal Court in Delaware over a breach in licensing terms.

In the end, however, a jury ruled that Qualcomm’s Nuvia-tech chips were properly licensed, and ruled the company could continue to sell them as part of its route into the personal computing and AI sectors.

Arm’s future plans to “hose” its customers

Filings in those proceedings, that Reuters claims are still under court seal, reveal that the ‘Picasso’ plan for Arm to sell its own chips (or indeed “chiplets”) came at the behest of Arm CEO Rene Haas, who, before he even took on that role, had generally described the company’s biggest customers as “hosed” in an internal Teams message sent in December 2021.

In fact, court evidence suggests Arm executives had been discussing 300% royalty rate increases for its customers using Armv9 - its latest computing architecture, as far back as 2019, in a bid to boost the company’s smartphone revenue by $1 billion USD over the course of a decade.

It’s ultimately unclear as to whether this rate increase will happen or stick at all; use of Arm’s computing architecture doesn’t necessarily require its ready-made component blueprints.

And, as Reuters points out, many of Arm’s biggest customers-turned competitors could survive without those blueprints and still design their own parts.

You might also like

• Snapdragon CPUs could be over 50% of Windows PCs by 2029, Qualcomm’s CEO predicts – so should Intel be worried?
• Microsoft claims its servers were illegally accessed to make unsafe AI content
• We’ve also listed the best business laptops right now

• The Comet is a blend of Raspberry Pi, Simputer and Project Ara with a hint of Game Boy
• Its standout feature is the use of hardware extensions that can be quickly removed
• It launches on crowdfunding platform, Kickstarter, very soon

Developed in India in the early 2000s, the Simputer, (Simple Inexpensive Mobile computer) was a groundbreaking handheld Linux computer many people believe inspired the Apple iPhone (and by extension, Android devices). It featured a touch interface, stylus input with handwriting recognition, an accelerometer, and a USB master port - all innovations well ahead of their time.

I mention the Simputer now because I’m reminded of it looking at a brand new modular handheld computer set to debut on Kickstarter soon - the Mecha Comet is a portable Linux device aimed at developers, makers, and tinkerers.

Running on open source software, the device features a magnetic snap interface for swappable extensions, which currently include a game controller, keyboard, and GPIO breakout board. Users can also design and build their own extensions using Mecha’s open-source design files and community support.

Mechanix OS

The Mecha Comet is powered by a 1.8 GHz quad-core ARM Cortex-A53 processor with 4GB of LPDDR4 RAM and 32GB of eMMC storage.

Its 3.4-inch IPS LED touchscreen provides a compact yet functional display for various tasks. Connectivity includes dual-band Wi-Fi (2.4 GHz/5.0 GHz), Bluetooth 5.0, two USB 2.0 ports, and a Gigabit Ethernet port. The device also includes a 5 MP camera with autofocus, dual digital microphones, and an HD speaker.

Running Mechanix OS, a Debian-based operating system, the Comet is compatible with over 60,000 software packages from the Debian repository. Users can also port other Linux distributions. Mechanix Shell, built in Rust, supports GPU rendering on Wayland.

Mecha envisions the Comet as a versatile tool for diverse applications, such as a DIY Linux phone, drone launchpad, AI assistant, nanosatellite controller, car diagnostics tool, radio transceiver, DIY robot controller, and even a Tricorder inspired by Star Trek. Some of those ideas might just be wishful thinking, however.

The Comet, which measures 150mm x 73.55mm x 16mm and weighs 220g, has a 3000mAh battery charged via USB-C and includes a gyroscope, real-time clock (RTC), and analog-to-digital converter (ADC) for expanded project possibilities. Its security features include a Trust Anchor with CC EAL 6+ certification and accelerated cryptographic capabilities.

Kickstarter backers will be able to benefit from super early-bird rewards when the project goes live shortly, with pricing for the Mecha Comet starting from $159.

You might also like

• These are the best portable SSDs you can buy
• And these are the best Linux distros right now
• Linux devices hit with malware, this time from Chinese hackers

• OneBlood suffered a cyberattack in July 2024, and has now concluded its investigation
• The analysis has shown OneBlood lost sensitive information on some customers
• Names and Social Security numbers among the details taken

OneBlood, a nonprofit medical organization crucial for the operations of healthcare firms across the Southeastern US, has confirmed it lost sensitive donor information in a ransomware attack.

In July 2024, OneBlood suffered an attack causing an IT system outage and resulted in 250 hospitals activating critical blood shortage protocols.

The move disrupted services across multiple US states, with the organization operating at a ‘significantly reduced capacity’ - meaning whilst OneBlood continued to collect, test, and distribute blood, it had to return to using manual labelling process, which significantly slowed work. The attack also meant surgeries and treatments were impacted across several states as OneBlood looked to get back up to speed.

Names and SSNs

Now, BleepingComputer has published a data breach notification letter that OneBlood allegedly started sending to affected individuals, describing what happened, and what kind of information the attackers compromised.

“On or around July 28, 2024, OneBlood became aware of suspicious activity within its network,” the letter reads. “Our investigation determined that between July 14 to July 29, 2024, certain files and folders were copied from our network without authorization. On or about December 12, 2024, we completed our review and determined that the affected files contained your information.”

The company said the thieves stole people’s names and Social Security numbers (SSN) - but as organizations usually collect a lot more information than this (such as postal addresses, email addresses, phone numbers, demographic data, health information, and more), hackers having stolen “only” names and SSNs could be seen as a silver lining.

Still, even this is enough to engage in phishing, identity theft, and other forms of cybercrime. We don’t know exactly how many people were affected by the incident, but it's best to invest in some identity theft protection tools.

Even though there is no evidence of the data being abused in the wild, OneBlood is providing affected individuals with free credit monitoring services for a year. Users have until April 9 to activate the service, it added, stressing that they should also keep a close eye on their bank statements for suspicious transactions.

Via BleepingComputer

You might also like

• UK Government launches ransomware protection proposals
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

Apple is reportedly still working on an AI health coach, almost two years after we first heard about it. The report comes from journalist Mark Gurman’s Power On newsletter, published Sunday 12 January, in which he mentions (alongside news of the Apple Watch Ultra 3 and SE 3) that: “The company also is increasing its ambitions in the health realm."

Gurman continued: “Apple is planning a revamped health app — as well as an AI-based coaching service — and added capabilities for AirPods. That includes heart-rate monitoring and sensors to measure other health data.”

The news about Apple’s AirPods getting heart rate monitoring is exciting, but the AI health coach is also an enticing nugget of information. It sounds as though the AI companion is likely to live on the iPhone’s Health app, rather than on the best Apple watches. Details are scarce at this point, but other wearables like Oura have AI advisory services in beta, allowing users to ask questions about their habits and having the AI respond using data collected by your wearables.

This is not the first time we’ve heard of Apple’s plans: way back in April 2023, I reported on Apple reportedly developing an AI fitness coach, codenamed Quartz.

The AI coach was said to be able to track emotions via the Apple Watch, although we’ve not heard a peep about the functionality since then. It’s likely now that the Apple Intelligence rollout is in full swing, we could see a first version of this functionality in September 2025, alongside the iPhone 17.

Analysis: Still a bad idea?

AI felt like it was in its infancy a couple of years ago, and I wrote about the prospect of an AI fitness coach with some trepidation. I was afraid that it would hallucinate, offer unhelpful or downright dangerous workout ideas, and health advice that hadn’t been vetted by an expert. In many ways, I still am.

However, after seeing AI infest every corner of the tech world, and trying several such dedicated services like the Oura Advisor chatbot available with the Oura Ring 4, I’m convinced this is simply the way the industry’s going to go, and steps will be taken to ensure the software is safe to use.

I’m not convinced they’re all that useful, especially to experienced exercisers, but I can see the potential - for example, recommending workouts from Apple’s Fitness+ service and tweaking recommended bedtime suggestions based on your sleeping habits, all wrapped up in cosy language like Strava’s encouraging Athlete Intelligence feature.

You might also like...

• Apple Watch Ultra 3: all the leaks and rumors so far
• Apple Watch Ultra 3 could bring a massive health upgrade
• CES 2025 has shown me the future of AI in fitness, and it's hilariously unimaginative

Spend a few minutes on TikTok right now and you'll see that it's filled with goodbyes, heartfelt thank-yous, considerable anger at US politicians, and a lot of chatter about something called Red Note.

Zero hour is fast approaching for TikTok, with the US Supreme Court set to deliver its ruling on whether or not the TikTok ban should be delayed or allowed to take effect on January 19, which happens to be the day before past and future President Donald Trump takes office. Trump has flip-flopped on the TikTok topic. After launching the call for a ban during his first administration he's fallen in deep like with the platform, and now signals that he might want to save it, although if the ban happens it's not clear how he can reverse it.

While Red Note is obviously a workable solution for those who aren't ready to give up TikTok, it's also another Chinese app.

While the Supreme Court has yet to rule, most took the justice's comments during oral arguments as a sign that they were not on TikTok's side. There's been late word that TikTok's parent company, the China-based ByteDance, might agree to let Elon Musk of all people buy up TikTok. Since the company has characterized that report to Mobile World Live as "pure fiction," I'm betting that it's just a lot of wishful thinking on the part of Musk and X (formerly Twitter) fanboys.

Trust me, that won't happen.

An alternative emerges

What is happening, though, is that TikTok users building digital life rafts, and floating over to other platforms. Many creators already cross-post content on Instagram Reels and YouTube Shorts, but nothing feels quite like TikTok… nothing, that is, except for Red Note.

I'd tell you to search for 'Red Note' in the Apple App Store, but you'd quickly run into some confusion. This is a Chinese app. No, I don't mean just another Chinese-owned App. This app has a Chinese-language name in the app store. It's the top result when you enter 'Red Note,' but you'll never see that name anywhere on the official app. When I threw the Chinese characters into a translation app it came back with 'Red Note' or 'Red Book'.

(Image credit: Future)

Naturally, I downloaded the app and got started. At first, setting up an account was, despite the instructions being in English, a bit of a challenge. The app asks you to enter a phone number to set up an account (it allows for all the necessary international prefixes) and to use an SMS PIN code sent to that number to log in. I tried this a few times but no PIN arrived. Then, hours later one did, but the system rejected it. I tried again, and more hours later a useless code arrived. I shelved the app for the night and tried again in the morning. A code instantly appeared, and I used it to quickly activate my account.

Set-up involved entering my age (those under 14 ostensibly have to verify their identity, but I realize that Red Note has no way of knowing if you lied about your age) and selecting some option interests. You should also hop into settings and ensure that your language setting is English.

TikTok Refugees

Red Note is bursting with #TikTokRefugees as they refer to themselves. They're introducing themselves, and being greeted in kind by Red Note veterans enjoying the influx of English-speaking users.

The app looks and works much like TikTok, but it's not an exact match. The For You Page is a grid of jump-off points instead of an instantly scrollable stream of videos. For that, you'd want to check out 'Trending.' I also noted that the video-editing capabilities are minimal compared to the robust tools in TikTok.

There are a lot of Chinese-language posts and, as you would expect from the TikTok crowd, memes about US users trying to quickly learn Chinese. There are also imposters, like a fake Pedro Pascal and a ton of unlicensed US content from TV shows and movies. Comments seem to be a mix of English and Chinese.

While Red Note is obviously a workable solution for those who aren't ready to give up TikTok, it's also another Chinese app. Unlike TikTok, there's been no effort to Amercanize the platform, and there's been no effort to protect our data from the Chinese Communist Party (CCP), which has access to the data of any company operating within its borders.

(Image credit: Future)

The irony is rich here, but I also think that's the point. Angry TikTok users who think the US Government is making a massive mistake are showing them just how quickly they can make an end run around these rules. Take away TikTok and they will not necessarily flood to American companies and their products, i.e., Meta-owned Instagram Reels and Google-owned YouTube Shorts. Also, let's pause for a second to consider the name: Red Note. The Chinese flag features five gold stars on an all-red background. Red is literally a cultural symbol in China.

Red Note's rise as the current number one app (TikTok is now number 13) is especially comical because, unlike TikTok, there's nothing remotely American about this app or the company running it, Xingin. There's no US arm running operations, and no promise of US data protection on US servers. It's the CCP free-for-all US lawmakers feared in the case of TikTok.

What happens next

I envision a rapidly developing game of whack-a-mole. TikTok gets banned, and Red Note takes its place. Red Note Gets banned, and Lemon8 (also owned by TikTok) steps in. And Lemon8 isn't just waiting in the wings – it's already Number 2 on the Top Apps chart, and is also part of the TikTok Refugee conversation. But it too could get banned, and then something else, likely developed in China, will take its place.

I don't know what's going to happen between now and January 19. TikTok might survive, but in a more likely scenario it will eventually disappear. The app will still work on your phone for a time, but that span could be a matter of days or even hours as it becomes a breach of US law for third-party companies to support the platform; Oracle, for instance, will no longer be able to host and store TikTok data. So, while the app won't disappear from your phones it will no longer be operable. But you might not care, because you're already on Red Note, Lemon8, or some other relatively unsanctioned social media platform.

You might also like

• Nobody wants this, but a TikTok ban is starting to seem inevitable
• I gave up my TikTok addiction for a month, and my life is so much better
• Should I delete TikTok? Well, yes, if you care about your privacy

• Metal Gear Solid Delta, Assassin's Creed Shadows, and more AAA games are reportedly coming to Nintendo Switch 2
• Final Fantasy 7 Rebirth is expected to arrive in 2026
• Its claimed Ubisoft is "doing more than half a dozen games for the Switch 2"

A new report suggests that many third-party games are coming to Nintendo Switch 2.

According to leaker 'NatetheHate' (via VGC) Metal Gear Solid Delta: Snake Eater will be among the first AAA titles to arrive on the Switch 2, alongside Final Fantasy 7 Remake and Final Fantasy 7 Rebirth, the latter of which is said to arrive in 2026.

In a recent podcast, it was also claimed that there has been support from Ubisoft to bring two of its Assassin's Creed games to the next-gen console, including 2023's Assassin's Creed Mirage and Assassin's Creed Shadows.

"One title that will be there within the launch window comes from Ubisoft, and it’s going to be Assassin’s Creed Mirage," said the leaker.

Assassin's Creed Shadows isn't expected to be released until March 20 following its recent delay from February 14, for PC, PS5, Xbox Series X, and Xbox Series S, but it's claimed that the game will be making its way to the Switch 2 at a later date.

"To my understanding, Assassin’s Creed Shadows is one of those in development ports, it just won’t be ready for launch, and it probably won’t be ready for the launch window," they said.

It was also claimed that Ubisoft is "doing more than half a dozen games for the Switch 2" and "a lot of them are going to be late ports", including some popular multiplayer titles like The Division and Tom Clancy's Rainbow Six Siege.

"There was also some discussion and consideration of doing a Mario Rabbids collection, so it would have one and two in a single package," they added. "It’s just a question of when will these games come out, and I think for Ubisoft, if they can port the game, they will port the game."

The Nintendo Switch 2 doesn't have a release date just yet, but recent reports suggest that the Nintendo Switch 2 announcement could finally happen this week after months of leaks and rumors.

You might also like...

• The best Nintendo Switch games
• New Nintendo Switch 2 accessory listings at GameStop seem to provide us with more info on the unannounced console
• The Nintendo Sound Clock: Alarmo is coming to participating retailers in March 2025, no Switch Online membership required

• Cortini loves Campfire IEMs so much, he approached founder Ken Ball
• The result is Clara, a hybrid driver configuration elite set of IEMs
• Clara IEMs are now available, priced $1,999 / £1,999 (around AU$3,900)

Sometimes the story of a beautifully symbiotic hi-fi partnership and how it came into being feels just a tad too good to be true. The tale as it's being told (and according to committed audiophile and mutual friend of both parties, John Darko) involves long-time lover of Campfire Audio products, Rock and Roll Hall of Fame-inductee and celebrated NIN synth/bassist, Alessandro Cortini. The story goes that Cortini humbly pitched the idea of a collaborative in-ear monitor effort to CA's founder, Ken Ball, just over a year ago. No, not the other way around; this isn't like that. And he said yes, folks!

Look, when the resulting product is one of the most stunning-looking pairs of IEMs I've seen in many years – not to mention a set of wired earbuds that can be worn in support of a musician who's been on heavy rotation in my ears since 1988 – I don't care if the story's been embellished a little.

I've also long been a fan of the niche Portland Oregon IEM maker's output since I discovered it 2018, including the excellent Trifecta, Fathom, the Solaris Stellar Horizon (which still sit pretty in TechRadar's best wired earbuds buying guide) and more recently the Moon Rover.

But Campfire Audio x Alessandro Cortini – specifically Ken Ball on design and production; Cortini on headshell type and overall sound? This is different. This might just be the perfect drug.

Clara: no, you can't take it

(Image credit: Campfire Audio)

So what's (ahem) underneath it all? That'll be the latest iteration of Campfire’s dual-magnet dynamic driver. Then, there's the advanced dual-diaphragm balanced armature driver for mids, plus Campfire’s signature dual super-tweeters, paired with the brand’s proprietary Tuned Acoustic Expansion Chamber (TAEC) tech.

This is Campfire Audio so I'd expect some visual theatrics, and sure enough, they don't disappoint aesthetically. The Clara IEM has a printed transparent acrylic finish with navy internal elements, so you can see the insides and feel closer to its multiple drivers.

Pricing? Of course, but take a deep breath. You're looking at $1,999 / £1,999 (around AU$3,900 where sold).

Something I can never have? Quite possibly. But I'm not hurt about it – I'd absolutely love to test them if I possibly can. Watch this space…

You might also like

• Record Store Day 2025 has been announced, as if you needed an excuse to buy more records
• This modern cassette player might've been my favorite music experience at CES 2025
• I'd like to be, under the sea, with Ringo Starr's Studer 80 recorder, in the shade

• Microsoft reveals in-depth analysis of a flaw it recently found in macOS
• The bug is potentially dangerous since it allows threat actors to bypass SIP
• SIP is a security feature designed to protect critical system files

Microsoft has released an in-depth technical analysis on CVE-2024-44243, a medium-severity macOS vulnerability which could allow attackers to deploy “undeletable” malware.

macOS devices come with System Integrity Protection (SIP), (AKA "rootless") a security feature designed to protect critical system files and processes from being modified, even by users with root privileges. It was first introduced in macOS El Capitan, and is designed to restrict access to system directories and enforce code integrity.

SIP can be temporarily disabled for specific tasks, but doing so requires restarting the system in recovery mode and using Terminal commands.

Impacting entire OS security

The bug allows local attackers with root privilege to mount low-complexity attacks through which they can bypass SIP root restriction, even if they don’t have physical access to the target endpoint. As a result, they can install rootkits, malware that “cannot be deleted”, and work around Apple’s Transparency, Consent, and Control (TCC) security framework.

In its writeup, Microsoft described how destructive bypassing SIP can be: "Bypassing SIP impacts the entire operating system's security and could lead to severe consequences, emphasizing the necessity for comprehensive security solutions that can detect anomalous behavior from specially entitled processes," Redmond said.

“The challenge of detecting such threats is compounded by the inherent limitations in kernel-level visibility on macOS, making it difficult for traditional security measures to spot and mitigate these sophisticated attacks.”

The flaw was first discovered in late 2024 by both Microsoft and a separate security researcher, Mickey Jin, both of whom responsibly disclosed it to Apple, which addressed it on December 11, 2024, through macOS Sequoia 15.2.

While there is no word of abuse in the wild, users are still advised to apply the patch as soon as possible.

Via BleepingComputer

You might also like

• Microsoft claims it found a major macOS security bug that could put all your data at risk
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

• A new Apple Watch Ultra 3 and Series 11 are tipped for launch in September
• Both could feature high blood pressure detection
• It would work similarly to Apple's sleep apnea detection, without giving specific readings

The Apple Watch Ultra 3 and Apple Watch Series 11 tipped for launch in September 2025 could both feature Apple's long-awaited high blood pressure detection feature, according to the latest reports.

This week, Bloomberg's Mark Gurman revealed that Apple's 2025 slate includes plans to upgrade all three of the best Apple Watch models on the market, the Series line, Ultra, and Apple Watch SE. The Apple Watch SE 3 might be the only one getting a redesign, but Gurman says the more premium models may both benefit from a hefty health upgrade.

Gurman says "it's likely" both will feature Apple's rumored high blood pressure detection, along with bolstered satellite tech and 5G, but what could the health upgrade mean for Apple Watch?

Apple Watch Ultra 3's biggest upgrade

(Image credit: Future)

This isn't the first time we've heard about high blood pressure monitoring on the Apple Watch, but this latest leak might be our clearest sign yet that 2025 is the year.

Gurman outlined details about the high blood pressure monitoring late in 2024 and admitted it'll work a lot like the sleep apnea detection feature.

Crucially, the Apple Watch Ultra 3 and Series 11 won't be able to give you specific readings for blood pressure, either diastolic or systolic levels, likely due to the limitations of LED readings. Most smartwatches struggle with accurate blood pressure readings, with the exception of the Huawei Watch D2, which uses a physical cuff. Instead, Apple Watches will apparently be able to inform users if they're in a state of hypertension, without specifics.

As Gurman outlines, Apple is also still hard at work on noninvasive blood-glucose tracking, the holy grail of smartwatch innovation that continues to allude Cupertino.

You may also like

• Apple Watch Ultra 3 and SE 3 both leaked for 2025, but only one is set for a redesign
• The next Apple Watch Ultra might get a lifesaving iPhone feature for the first time, and I couldn’t be more excited
• Just got your first-ever Apple Watch? Here are five things you should try straight away

Ah, CES… the first big tech event of the year, and, if you're a tech journalist, likely the last thing you think about as the clock strikes midnight on New Year's Eve. Does it fill us with dread? Absolutely. Still, it's the first glimpse we get of the tech and gadgets that will define the year ahead, and CES 2025 did not disappoint.

The latest episode of the TechRadar podcast features me and our motley crew of tech experts, cozied up in a charmingly intimate broadcast room on the show floor discussing the biggest news from the show floor, analyzing the most interesting trends, and cutting through the hype.

From AI to robot vacuums, display technology to PC components, wearables to the downright weirdables, we've got plenty of ground to cover.

You can catch the episode by watching the embedded video above, or you can stream it directly via our YouTube channel, Spotify or Apple Podcasts.

While you’re there, you can catch up on all of our earlier podcast episodes if you haven’t tuned in before, or browse all our other YouTube content.

Make sure to subscribe too so that you can catch our next episode, in which we'll be talking about all the latest and greatest tech news. See you there!

You might also like…

• The 25 best gadgets we saw at CES 2025, from next-gen TVs to better portable gaming to a smart grill
• CES 2025 proves AI is everywhere, unstoppable, and perhaps just how you want it
• CES 2025 day 3: the 11 best gadgets we've seen, from Lenovo's rollable laptop to Panasonic's new flagship OLED TV

TechRadar will be extensively covering this year's CES, and will bring you all of the big announcements as they happen. Head over to our CES 2025 news page for the latest stories and our hands-on verdicts on everything from 8K TVs and foldable displays to new phones, laptops, smart home gadgets, and the latest in AI.

And don’t forget to follow us on TikTok and WhatsApp for the latest from the CES show floor!

People in Venezuela can now use Telegram without a VPN service.

Authorities restricted access to the popular messaging app starting Friday, January 10, 2024 and blocked its official website across all the country's main internet service providers (ISPs).

Despite the Telegram ban being lifted, the internet in Venezuela remains restricted. Most notably, the video-sharing app TikTok has entered its seventh day of blockage.

⚠️ Confirmed: Live metrics show messaging app Telegram is now disrupted in Venezuela, corroborating user reports of issues accessing the service; the incident comes as Nicolas Maduro is sworn in for a third presidential term, a move identified by the opposition as a coup #10Ene pic.twitter.com/7SonpVuAzNJanuary 11, 2025

Venezuelan digital rights group VE sin Filtro shared the news with a post on X (formerly Twitter).

As per VE sin Filtro data, some ISPs (CANTV, Inter, Airtek, Digitel, G-Network, and Movistar) began to lift the ban between Saturday evening and Sunday morning – about a day after the block was enforced. All the rest of the ISPs slowly unblocked Telegram by Monday, January 13.

"It's not the first time Telegram is blocked [in Venezuela]. Telegram was blocked for one day on September 2, 2024, during the wave of post-election censorship," wrote the experts, adding that encrypted messaging app Signal is also currently blocked in the country.

Increased internet censorship

Venezuela's latest wave of restrictions kicked off last week when authorities restricted TikTok on January 8 for failing to appoint a local representative.

The government's decision provoked a surge in VPN usage across the country as citizens looked for ways to bypass disruptions.

Internet disruptions were then extended to the official websites of some of the best VPN providers a day after, to prevent citizens from overcoming government-imposed restrictions.

The blockage targets over 20 VPN websites, including the likes of Proton VPN (which has been blocked since before the July 2024 elections), NordVPN, Surfshark, ExpressVPN, and IPVanish. Despite this, all the providers contacted by TechRadar confirmed their VPN apps are still working as usual in Venezuela at the time of writing.

For the first time, the government even decided to block Canva, a free online graphic tool that can be used to create social media posts and other graphics to share online. Signal, the Tor Browser, and over 30 DNS services are also reportedly blocked.

Proton VPN recorded a spike in sign-ups at 5000% above baseline on January 9, 2025, a day before the contested Maduro’s inauguration ceremony. (Image credit: Proton)

• The gameplay trailer for Street Fighter 6's next fighter Mai Shiranui has been revealed
• Mai Shiranui will be released on February 5
• Mai's will be the second guest character to be added to a Street Fighter game

Capcom has revealed a gameplay trailer for Street Fighter 6's next downloadable content (DLC) character, Mai Shiranui.

Originating from SNK's Fatal Fury series, Mai Shiranui will be added to the fighting game's roster on February 5, 2025, making her the second guest character to ever grace a Street Fighter game.

Mai's debut trailer provided everything players will need to know about the upcoming fighter, including a helpful breakdown of her moveset and abilities.

As a master of ninja trickery and aerial attacks, Mae utilizes her fan as her primary weapon. With Kachousen, she can use it as a fireball to attack opponents, as well as Ryuuenbu, which allows her to spin forward in a fiery blaze for combos or to control space.

With Hissatsu Shinobi Bachi, Mai can cartwheel toward her enemies while her Hishou Ryuuenjin allows her to execute a "dragon punch". There's also a dive tackle ability that lets her come at enemies from the air.

As for Mai's Super Art ability, Level One allows her to set the immediate vicinity on fire, Level Two executes Chou Hissatsu Shinobi Bachi, letting her rush forward and avoid projectiles, while Level Three, Shiranui Ryuu: Enbu Ada Zakura, executes a series of elegant fan strikes.

Mai will also get a secondary outfit inspired by her new look in Fatal Fury: City of the Wolves, which comes out this April and can be bought with Fighter Coins or by maxing out her bond in World Tour.

Mai Shiranui will automatically become available to owners of the Year 2 Character Pass or Ultimate Pass when she releases. Alternatively, Mai can be purchased individually with Fighter Coins.

You might also like...

• Best fighting games 2024 - top fighters to push you to the limit
• Assassins Creed Shadows isn't even out yet, but it seems the game's first DLC may have already leaked online
• The Nintendo Sound Clock: Alarmo is coming to participating retailers in March 2025, no Switch Online membership required

• Attackers access storage buckets with exposed AWS keys
• The files are then encrypted and scheduled for deletion after a week
• Halycon says it observed at least two victims being attacked this way

Cybercriminals have started exploiting legitimate AWS S3 features to encrypt victim buckets in a unique twist to the old ransomware attack.

Researchers from Halycon recently observed multiple victims, all AWS native software developers, being attacked this way. In the attack, the group, dubbed Codefinger, accessed their victims’ cloud storage buckets through publicly exposed, or otherwise compromised, AWS keys with read and write permissions.

After accessing the buckets, they would use AWS server-side encryption with customer provided keys (SSE-C) to lock down the files.

Marking files for deletion

But that’s not where creativity ends with Codefinger. The group does not threaten to release the files to the public, or delete it. Instead, it marks all the encrypted files for deletion within a week, also using AWS S3 native features.

Speaking to The Register, VP of services with the Halcyon RISE Team, Tim West, said this was the first time someone’s abused AWS native secure encryption infrastructure via SSE-C.

"Historically AWS Identity IAM keys are leaked and used for data theft but if this approach gains widespread adoption, it could represent a significant systemic risk to organizations relying on AWS S3 for the storage of critical data," he told the publication.

"This is unique in that most ransomware operators and affiliate attackers do not engage in straight up data destruction as part of a double extortion scheme or to otherwise put pressure on the victim to pay the ransom demand," West said. "Data destruction represents an additional risk to targeted organizations."

Halcyon did not want to name the victims, and instead urged AWS customers to restrict the use of SSE-C.

Amazon, on the other hand, told The Register it does what it can, whenever it spots exposed keys, and urged customers to follow best practices when it comes to cybersecurity.

You might also like

• This new open-source tool is hunting for public AWS S3 buckets to spy on
• Here's a list of the best antivirus tools on offer
• These are the best endpoint protection tools right now

• Sigma launches existing 16mm F1.4 and 23mm F1.4 DC DN Contemporary lenses for Canon RF mount
• The lenses cost $439 / £389 / AU$617 and $549 / £479 / AU$817 respectively
• That makes six Sigma RF-S lenses, but none yet for full-frame

Sigma has launched two fast-aperture prime lenses for Canon mirrorless cameras; the 16mm F1.4 DC DN Contemporary and 23mm F1.4 DC DN Contemporary. They join four other Sigma lenses available for the Canon RF mount, all of which are designed for crop sensor (APS-C) models such as the Canon EOS R7 and Canon EOS R100.

The new lenses increase the total number of Sigma 'RF-S' lenses to six in all, and are the first wide-aperture primes; the 16mm lens has an equivalent 24mm focal length, while the 23mm lens has a 35mm equivalent focal length.

Both lenses offer popular focal lengths with fast f/1.4 apertures, ideal for working in low light and for creating shallow depth of field portraits – I personally relied on a 35mm f/1.4 Sigma lens for a number of years while doing documentary photography in East Africa.

Sigma has set the price of the 16mm F1.4 lens at $439 / £389 / $617, while the 24mm F1.4 costs $549 / £479 /AU$817. These are reasonable prices when you consider the proven optical performance from Sigma Contemporary lenses, plus the fact that Canon equivalents would likely be pricier – should Canon ever launch them.

Four Sigma DC DN Contemporary prime lenses available for the Canon RF mount, from left to right; 23mm F1.4, 50mm F1.4, 30mm F1.4 and 16mm F1.4 (Image credit: Sigma) 6 and counting, but what about full-frame?

Canon kept its lens mount closed to third-party lenses makers longer than rival brands, a move that frustrated some fans, especially given how few lenses Canon has launched for its APS-C cameras. That all changed in April 2024 when Canon gave the key to its RF-mount door to Sigma and Tamron, and we have six existing Sigma lenses rolled out for the RF-mount already.

All of these lenses are for Canon's APS-C cameras, which somewhat addresses the biggest strike against beginner mirrorless Canon models like the EOS R10: limited lens choice.

The 'new' 23mm F1.4 DC DN Contemporary attached to the Canon EOS R7. (Image credit: Sigma)

Meanwhile, Canon has been very active in launching new lenses for its full-frame cameras, like our 2024 Camera of the Year, the EOS R5 Mark II. However, we're yet to see full-frame lenses from Sigma and Tamron.

To us, it looks like Canon is taking care of its full-frame lenses while leaving the APS-C lenses to third-party manufacturers like Sigma. That's not a bad approach; however, it's only a matter of time before Canon fans demand that the likes of Sigma start making affordable full-frame lenses for Canon.

You might also like

• Best Canon RF lenses 2024: the best lenses for Canon's mirrorless EOS R cameras
• Sigma is working on a unique telephoto lens that has "never existed before" – here's what it could be
• Sigma's first Canon RF lens is finally here – and it could be the best zoom for APS-C fans

Global IT infrastructure has become increasingly interconnected and interdependent. As a result, operational resilience has continued to climb up CISOs’ agendas. While organizations have matured their handling of software threats, many are struggling with poor visibility and inadequate tools to defend against lower-level threats targeting hardware and firmware, which is proving to be a barrier to resilience.

Supply chain attacks can come in many forms, from ransomware groups compromising suppliers’ infrastructure, to tampering with hardware and firmware. Beyond disruption, the reason why these attacks are so damaging is because they undermine the hardware and firmware foundations of devices, often in ways that are difficult to detect and fix, meaning that software and data cannot be trusted to be secure.

Regulators have begun to move to strengthen supply chain security. The UK has implemented new IOT cybersecurity regulations and is drafting a Cyber Security and Resilience Bill to “expand the remit of regulation to protect more digital services and supply chains”. In the US, Executive Order 14028 accelerated the development of software supply chain security requirements for government procurement, explicitly including firmware. The EU is introducing new cyber security requirements at every stage of the supply chain, starting with software and services with the Network and Information Systems (NIS2) directive, and extending to devices themselves with the Cyber Resilience Act to ensure safer hardware and software.

A survey from HP Wolf Security found that 30% of UK organizations say that they or others they know have been impacted by state-sponsored actors trying to insert malicious hardware or firmware into PCs or printers, highlighting the need to address physical device security risks.

Hardware and firmware attacks have major ramifications

The impact of failing to protect the integrity of endpoint hardware and firmware is high. A successful compromise at these lower layers can hand attackers unparalleled visibility and control over a device. The attack surface exposed by hardware and firmware has been a target for skilled and well-resourced threat actors like nation-states for years, offering a stealthy foothold below the operating system (OS). But as the cost and skill of attacking hardware and firmware falls, this capability is trickling down into the hands of other bad actors.

Given the stealthy nature and complexity of firmware threats, real-world examples are not as frequent as malware targeting the OS. Examples like LoJax, in 2018, targeted PC UEFI firmware to survive OS reinstalls and hard drive replacements on devices lacking protection. More recently, the BlackLotus UEFI bootkit was designed to bypass boot security mechanisms and give attackers full control over the OS boot process. Other UEFI malware such as CosmicStrand can launch before the OS and security defenses, allowing attackers to maintain persistence and facilitate command-and-control over the infected computer.

Firms are also concerned about attempts to tamper with devices in transit, with many reporting being blind and unequipped to detect and stop such threats. 75% of UK organizations say they need a way to verify hardware integrity to mitigate the threat of device tampering.

Maturing the approach to endpoint hardware and firmware security

In recent years, IT teams have gotten better at managing and monitoring the software security configuration of devices, and are improving their ability to track software provenance and supply chain assurance. Now, it’s time to bring the same level of maturity to managing and monitoring hardware and firmware security across the entire lifespan of endpoint devices.

Organizations can start by taking the following steps:

• Securely manage firmware configuration throughout the lifecycle of a device, using digital certificates and public-key cryptography. By doing so, administrators can begin managing firmware remotely and eliminate weak password-based authentication.
• Make use of vendor factory services to enable robust hardware and firmware security configurations right from the factory
• Adopt Platform Certificate technology to verify hardware and firmware integrity once devices have been delivered
• Monitor ongoing compliance of device hardware and firmware configuration across your fleet of devices – this is a continuous process that should be in place as long as devices are in use.

Ultimately, endpoint security depends on strong supply chain security, which starts with the assurance that devices, whether PCs, printers, or any form of IoT, are built and delivered with the intended components. This is why organizations should increasingly focus on securing the hardware and firmware foundations of their endpoints, by managing, monitoring and remediating hardware and firmware security throughout the lifetime of any device in their fleet.

We've featured the best online cybersecurity course.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro