Technology

Purism's phone, made almost entirely in the US, is similar to the Trump Organization's promise of a phone that might someday be manufactured domestically.

I compared two of CNET’s favorite VPNs. Clear distinctions between the two can help you choose the best option for your needs.

Looking for fast and reliable internet in Long Beach? CNET's experts have found the top ISPs in the area.

• International critics of Russia and academics have received phishing emails
• Slow rapport building with fake US State Department teams
• Victims are tricked into sharing Google app-specific passwords

Google Threat Intelligence Group (GTIG) has shared details of a new threat actor tracked as UNC6293, believed to be a Russian state-sponsored group, targeting prominent academics and critics of the country.

Victims have reportedly been receiving phishing emails using spoofed '@state.gov' addresses in the CC field to build credibility, but instead of being hit with immediate malicious payloads, the attackers are using social engineering tactics to build rapports with their targets.

Google's researchers uncovered the slow-paced nature attackers used to build rapports with their victims, often sending them personalized emails and inviting them to private conversations or meetings.

Academics and critics are being targeted by Russia

In one screenshot shared by Google's threat intelligence team, Keir Giles, a prominent British researcher on Russia, received a fake US Department of State email believed to be part of the UNC6293 campaign.

"Several of my email accounts have been targeted with a sophisticated account takeover that involved impersonating the US State Department," Giles shared on LinkedIn.

In the attack email, victims receive a benign PDF attachment designed to look like an invitation to securely access a (fake) Department of State cloud environment. It's this website that ultimately gives the attackers, which Google believes could be linked to APT29 (aka Cozy Bear, Nobelium), access to a user's Gmail account.

Victims are guided to create an app-specific password (ASP) at account.google.com, and then share that 16-character ASP with the attackers.

"ASPs are randomly generated 16-character passcodes that allow third-party applications to access your Google Account, intended for applications and devices that do not support features like 2-step verification (2SV)," Google explained.

Google highlights users can create or revoke ASPs at any time, and a pop-up on its site even advises users that ASPs "aren't recommended and are unnecessary in most cases."

More importantly, though, is that while attacks come in all different flavors, social engineering and phishing remain highly effective vectors – and yet they're typically comparably easy to detect, with a bit of prior understanding and training.

The standard advice, then, remains – avoid clicking on attachments from email addresses you're unfamiliar with, and certainly never share account credentials with unknown individuals.

You might also like

• This dangerous new phishing scam spoofs a top Google program to try and hack Facebook accounts
• The best password managers and best authenticator apps keep your credentials safe
• Downloaded something dodgy? Here's the best malware removal

The DeLorean and more commemorative items will arrive at this year's San Diego Comic-Con event.

Ironheart will bring down the curtain on Marvel Phase 5 in the very near future, and, with the Dominique Thorne-starring TV show set to launch on Disney+ in less than 72 hours, you'll want to know when you can watch it.

Below, I'll reveal the release date and launch time for its three-episode premiere in numerous countries (NB: if your nation isn't listed below, you can use one of the following dates and/or times to determine when you can stream it).

There's also a full release schedule at the end of this article, which confirms when its final three chapters will air. So, engage your thrusters and let's dive in.

What is the release date for Ironheart on Disney+?

Ironheart will launch with a three-episode premiere (Image credit: Marvel Studios/Disney+)

Ironheart will make its debut on one of the world's best streaming services on Tuesday, June 24 in the US, and Wednesday, June 25 in the UK and Australia.

Don't worry if you don't reside in any of those countries, though. The next Marvel TV Original will also air on Disney+ across the globe, so read on to find out what its launch date is in other nations via the list below:

• US – Tuesday, June 24
• Canada – Tuesday, June 24
• Brazil – Tuesday, June 24
• UK – Wednesday, June 25
• India – Wednesday, June 25
• Singapore – Wednesday, June 25
• Japan – Wednesday, June 25
• Australia – Wednesday, June 25
• New Zealand – Wednesday, June 25

What is the launch time for Ironheart episodes 1 to 3?

You don't need to be a chaos-magic wielder like Parker Robbins to find out when Ironheart will premiere in your country (Image credit: Marvel Studios/Disney+)

Unlike most Marvel Cinematic Universe (MCU) TV shows, which have debuted with two-episode premieres, the first three chapters of Ironheart will be released on launch day. That unique release format was confirmed at the end of Ironheart's first trailer, and reiterated by Marvel when it revealed Ironheart's full episodic release schedule on social media.

So, what time will Ironheart's first three entries arrive on the dates outlined in the previous section? Read on for more details:

• US – 6pm PT / 9pm ET
• Canada – 6pm PT / 9pm ET
• Brazil – 10pm BRT
• UK – 2am BST
• India – 6:30am IST
• Singapore – 9am SGT
• Japan – 10am JST
• Australia – 11am AEST
• New Zealand – 1pm NZST

What is the release date for Ironheart episodes 4 to 6?

Ironheart's final three episodes will be released on the same daye (Image credit: Marvel Studios/Disney+)

As I've outlined in my dedicated Ironheart guide, episodes 4, 5, and 6 will be released simultaneously one week after its first three chapters have premiered. Here's a full rundown of when they'll air in the nations I've included in this guide:

• US – Tuesday, July 1
• Canada – Tuesday, July 1
• Brazil – Tuesday, July 1
• UK – Wednesday, July 2
• India – Wednesday, July 2
• Singapore – Wednesday, July 2
• Japan – Wednesday, July 2
• Australia – Wednesday, July 2
• New Zealand – Wednesday, July 2

For more information on Ironheart, check out the articles linked below. Be sure to check in with TechRadar over the next few days, too, for our review and other exclusive coverage.

You might also like

• Ironheart cast and character guide: Dominique Thorne, Anthony Ramos, and who else you'll see in the Marvel TV show
• New Ironheart trailer reveals Riri Williams' magic suit upgrade and appears to tease long-awaited Marvel villain
• Ironheart's first clip has been revealed, and Marvel fans are already praising Anthony Ramos' take on The Hood

You're going to be walking a lot so you might as well put your best foot forward.

This is Hideo Kojima's most relaxing game yet.

Bandwidth and latency are often confused, but they aren't the same thing. Though both can impact the speed and quality of your home internet experience.

Believe it or not, there’s been a massive reduction in scam robocalls over the past few years. According to according to stats we gathered across millions of data points, scam calls are down roughly 75% since the Fall of 2021-- from more than 2 billion every month to roughly 500 million every month currently. That’s a massive decline, and it appears to be great news.

So why does it feel like we’re in more danger, not less?

Because we are.

Total losses

In 2021, the Federal Trade Commission reported the total losses from scams starting with a phone call were approximately $692 million, with a median loss of about $1,200 per victim. By 2024, those numbers had risen to $948 million, and a median loss of $1,500. Simple back-of-the-envelope math shows 25% of the calls led to 37% higher losses. In other words, the scammers have become roughly five to six times more efficient in their scamming ability from phone calls. They are making more money, with fewer calls and taking more from every victim.

That’s not great.

How do scammers do this? The answer is surprisingly simple: they became very efficient marketers.

Scammers used to simply “dial for dollars,” calling one number after another, hoping to find vulnerable targets. That approach meant making calls to a lot of people who were irrelevant to the scam. Now, they are much smarter and more strategic.

They often use curated lists of potential victims. If they want to run a banking scam, they can call everyone hoping to find customers of the bank, or scammers can obtain that bank’s customer list and launch a call campaign in which they impersonate that particular bank.

And that’s exactly what they’re doing.

Getting information

Where do scammers get this information? They can simply go to the dark web, to find the results of data breaches that have exposed the personal details of millions. Breaches provide scammers with names, phone numbers, email addresses and even account details—everything they need to convincingly impersonate a trusted entity such as a bank. If scammers want to target an enterprise, they can easily get a list of employees, and call their personal cell phones.

The sheer volume of data breaches in recent years means much of our personal information is essentially public. Phone numbers, e-mail addresses, Social Security numbers, credit card details, account numbers, medical records—the list goes on. With all that data in hand, it’s not hard to find the right targets with the right information to sound legitimate. After that, scammers can follow their script and pressure victims to transfer funds quickly or take some other problematic action.

So what to do?

Short answer

The short answer for individuals is that you must assume your identity is already out there. The genie is out of the bottle, and pretending otherwise only puts you at greater risk. The real question isn’t how to hide your identity-- it’s how to operate safely in a world where your personal and professional information is already exposed.

Assume attackers know more than they should. They’re using publicly available data to impersonate company leaders, target employees, and launch social engineering campaigns that feel alarmingly real. Add in voice cloning and A.I.-generated deepfakes, and the risk multiplies quickly.

That means you need to be skeptical, not scared. Focus less on chasing privacy and focus more on proactive protection. Assume that all unexpected inbound calls are potential fraud. Use technology like smart call blockers that can help filter out scams.

And always validate the caller by hanging up and calling their institution on a number provided to you by a legitimate source. If they say they’re a bank, call the bank directly. If a caller says they’re from your company, make a call to a number provided by your employer.

Conclusion

While individuals must take those actions to protect themselves, business also play a major role in reducing the risks of scams. That should start with programs educating employees on how to recognize suspicious calls and impersonation tactics. Encourage employees to verify any unexpected requests, especially anything related to financial transactions and sensitive data. A quick phone call to a supervisor can prevent a costly mistake.

The bad guys are only going to get better at their jobs. Your private information is only going to become more public. But if you stay vigilant and take the right precautions, you can protect yourself and avoid becoming the next victim.

We list the best identity theft protection.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Footage purportedly showing the campaign of the next Battlefield game has leaked
• It shows a firefight on a massive dam and some dramatic destruction
• The video was allegedly found in the Battlefield Labs client

A reliable dataminer has leaked footage that purportedly shows part of a mission from the upcoming Battlefield 6 campaign.

In an earnings call bac in February this year, we learned that the next Battlefield title will be released before March 31, 2026. Judging by this timeframe, a reveal is likely set for this summer, and testing is currently underway as part of the ongoing Battlefield Labs initiative.

Described by publisher Electronic Arts (EA) as the “most ambitious community development collaboration ever,” the program allows select players to try parts of the next game and influence its development through feedback.

As you might expect, this means that there has been a steady stream of leaks from those either playing these early builds or combing through them for data.

The latest snippet of info comes from X / Twitter user 'temporyal', who has a strong track record as a leaker, and concerns the game's campaign. It takes the form of a short video file, purportedly found in the Battlefield Labs client.

Here's a short clip from the Battlefield 6 singleplayer campaign in the latest BF Labs update.This work-in-progress footage shows the explosive finale of a mission to destroy a dam in Tajikistan. pic.twitter.com/n9ikBpUrmQJune 19, 2025

In it, we see what appears to be a brief segment from the campaign in which the player boards a military truck in the shadow of a huge dam. Fire is exchanged briefly with some oncoming enemies before the scene reaches a climax as the dam dramatically explodes while the player flees in the back of the truck.

It's the kind of showstopping destruction that you would want from a Battlefield and reminds me of some of the classic set-piece moments from older titles like Battlefield 4. Considering the fact that the latest entry in the series, Battlefield 2042, didn't even come with a single-player campaign component, this already seems like a massive improvement, and I can't wait to see more.

The footage is obviously from a very early build of the game, though, as textures, lighting, and character animation are clearly unfinished. Still, it's easy to imagine how the scene might look in the finished product.

Of course, you should bear in mind that there is no guarantee that anything shown in this leak will appear in the final game - or that it's even from the campaign in the first place. Games can change a lot throughout development, so we'll have to wait for some official details from EA for more concrete information.

The leaker does go on to share some interesting titbits, though, including the fact that the campaign may comprise of a prologue and eight separate missions. These will allegedly take place in a range of global locations, including Egypt, Tajikistan, the US, and Gibraltar.

You might also like...

• Call of Duty: Black Ops 7 is expected to launch just one year after its predecessor, and I’m worried it’ll repeat these three Modern Warfare 3 blunders
• I've replaced my Switch OLED with a Nintendo Switch 2 for two weeks now - here are the biggest improvements I’ve noticed in my time with the new console
• Don't buy a mobile controller without these six expert considerations

• Microsoft Teams is working on variable notification sizes
• The new addition should hopefully minimize disruption while working
• All Microsoft Teams users should benefit upon launch

Being distracted by unruly Microsoft Teams pop-ups could soon be a thing of the past, thanks to a new update coming to the service soon.

The video conferencing platform has revealed it is working on adding a feature which will allow users to tweak the size of Teams notifications.

Once released, this tool should mean users are safe from having distracting pop-ups catch the corner of their eye when working - something I know I've definitely fallen victim to in the past.

Microsoft Teams notification sizes

In a Microsoft 365 roadmap post, the company explained the feature will, quite simply, give users the chance to "change the size of Teams notifications".

This includes a new "compact" size, which the company says, "takes up less space on the user's screen and offers a clean, minimalist design."

That's all the detail we currently have on the feature itself, which we're guessing will be accessible from the Settings menu or preferences list.

The feature is listed as being "in development", but has a scheduled rollout start date of July 2025, so users don't have too long to wait. When released, it will be available to users across the world using Teams on Windows, Mac, Android, and iOS.

The launch is the latest in a series of recent improvements to Microsoft Teams announced by the company as it looks to improve the experience for users.

This includes a tweak that will allow multiple people to control slides being presented in a meeting or call.

Microsoft says the addition will mean that presenters are able to maintain "a smooth flow during meetings or webinars" - hopefully meaning the end of manual slide changes - and hopefully, the phrase "next slide please".

It also recently announced it would be adding noise suppression for participants dialing in to a call, which should spell an end to potentially ear-splitting call interruptions, or participants being deafened by background noise from another person on the call.

The platform also revealed it is rolling out "enhanced spell check", giving users the tools to make sure their messages are as accurate as possible.

You might also like

• Microsoft Teams is finally adding a tiny but crucial feature I honestly can't believe it never had
• Microsoft Teams will now let companies block people for good — so you'd better behave
• We've rounded up the best productivity tools around right now

• iPadOS’s Stage Manager feature is coming to more iPads
• That could improve multitasking capabilities for iPad users
• But iPadOS 26 brings even better features to iPad than Stage Manager

If you’re a fan of multitasking on any of the best iPads, you were probably heartened to see all the new features Apple brought to iPadOS 26 at its Worldwide Developers Conference (WWDC). But while those additions are sure to make a splash for productivity power users, the company is also extending the existing Stage Manager feature to even more iPads.

In case you missed it, Stage Manager lets you group apps into sets and then switch between those sets as needed. It’s designed to help you focus on one task and all the windows you need to complete it, then change to a different task and group of apps after. It’s available on both iPadOS and macOS.

With iPadOS 26, Stage Manager will be available on more iPads than before. Previously, it only worked on the 13-inch iPad Pro with M4 chip, the 12.9-inch iPad Pro (third generation or later), the 11-inch iPad Pro (first generation or later), and the iPad Air (fifth generation or later).

As noted on Reddit, in addition to those tablets, Stage Manager now also works with the third-generation iPad Air or later (not just the fifth-generation model), the iPad mini (fifth generation or later), and the entry-level iPad (eighth-generation or later). In essence, Stage Manager works with any iPad that can run iPadOS 26.

Better than Stage Manager

(Image credit: Apple)

Stage Manager has proven to be a somewhat divisive feature since it was released – not helped by a buggy launch – and it’s struggled to establish itself as a must-have element of iPadOS. Although I was intrigued by it at first, I quickly found Stage Manager to be a little half-baked, and it never became a regular part of my setup on either my iPad or my Mac.

What looks to be far more interesting is the range of productivity tools Apple has added to iPadOS 26. That includes a Mac-like menu bar, full overlapping app support, window resizing, and even the “traffic light” buttons used to close, minimize or maximize app windows. Window tiling in particular is an excellent addition to the iPad, as you get a lot more window position options than just using an older feature like Split View.

Being able to use an iPad like a Mac offers much more appeal to me than Stage Manager. That’s partly because the Mac-like interface is just much more familiar to anyone who has used a computer before – there’s no new system to learn, as there is with Stage Manager. And gaining these new tools now makes it much more comfortable to work on the go with my iPad, as I no longer need to sacrifice capability in the name of portability.

Still, with Stage Manager coming to more iPads than before, it could still find an audience among Apple fans who have never had access to it. In any case, combined with iPadOS 26’s new multitasking features, it’s clear that Apple is taking productivity and user interface management a little more seriously.

You might also like

• 'Our biggest iPadOS release ever' – iPadOS 26 has landed, here are the 10 biggest upgrades
• Don't call it a Mac – I went hands-on with iPadOS 26, here's what you need to know
• How to use Stage Manager on a Mac in macOS Ventura

• The recent 16 billion record breach may not be as bad as it sounds
• The datasets most likely contain previously leaked information
• Nevertheless, those affected could still be at risk, so be on your guard

Following the recent reports of over 16 billion records being leaked in an ‘unimaginable’ major data breach, further research has claimed the reality of the incident might not be as disastrous as first thought.

Following significant speculation about the effects and origins of the breach, new findings from BleepingComputer suggest this “breach” may not be new, or even a breach - but instead just a compilation of existing leaked credentials.

The inital datasets discovered by the researchers included hordes of personal information, with each of the 30 datasets containing between tens of millions, to over 3.5 billion data points - totaling 16 billion records. It now looks likely this was a series of datasets simply containing breached credentials assembled by a cybersecurity firm (or by criminals) which was then exposed online.

Save up to 68% on identity theft protection for TechRadar readers!

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)View Deal

Infostealers to blame

“Despite the buzz, there's no evidence this compilation contains new or previously unseen data,” BleepingComputer confirms.

The information from these datasets has likely been circulating for a while, and the layout of the breached information suggests that it was collected using infostealers - a type of malware that has become one of the most prolific threats to security teams and internet users alike.

The information found in these datasets is formatted in such a way that points the finger firmly at infostealers, with credentials appearing in a one per line format (URL:username:password) all compiled in one ‘log’.

One attack from an infostealer can exfiltrate all of the credentials stored on a browser, and the logs are then uploaded and usually sold on the dark web.

Criminals will often upload samples of their stolen data as a ‘taster’ to prove the information is legitimate.

Since these breaches can sometimes contain billions of records, these samples frequently hold tens of thousands of credentials - and this data breach is most likely a compilation of these tasters.

What to do next

New or not, leaked credentials pose a huge threat to those affected. If your information has been leaked, make sure to take a look at some identity theft protection software, as criminals can use your name, address, and details to take out credit cards or loans in your name.

HaveIBeenPwned? is probably the best resource only to check if your details have been affected, offering a run-down of every big cyber incident of the past few years.

As a business, enabling multi-factor authentication (MFA) and ensuring all staff are thoroughly trained on the dangers and signs of social engineering attacks is key. Using business password managers can also help ensure all user passwords are secure.

And if you save passwords to a Google account, you can use Google's Password Checkup tool to see if any have been compromised, or sign up for one of the best password manager options we've rounded up to make sure your logins are protected.

"If this news frightens you, then your security program probably has some fundamental gaps,” argues James Shank, Director of Threat Operations at Expel.

“Let this be the fuel you need to position yourself and your department for solving the problem systematically, rather than defending against the news du jour. There will always be another breach, with even more passwords, and emergency handling will continue if you don't have systematic defenses in place."

You might also like

• Take a look at our picks for the best endpoint protection tools around
• Check out our choice for best antivirus software
• Hackers claim 64 million leaked T-Mobile records, but it denies breach

Apple removed the bar from the iPhone's lock screen in 2022, but you can bring it back in a few easy steps.

• The iPhone 17 Pro and Pro Max are again rumored to have a vapor chamber
• However, the base iPhone 17 and iPhone 17 Air might not have one
• A vapor chamber could prevent overheating, allowing for better sustained performance and improved battery life

A few months ago, we heard that the iPhone 17 series could gain a vapor chamber to help prevent overheating, and now another source has echoed these claims – and even provided some evidence.

Leaker Majin Bu (via MacRumors) claims to have learned from an “internal source” that both the iPhone 17 Pro and iPhone 17 Pro Max will have a vapor chamber. This will supposedly be a Pro-exclusive upgrade, which is at odds with that earlier leak, which pointed to all four models getting a vapor chamber.

In any case, we’d take this latest tip with a pinch of salt, as Bu has a mixed track record, but they’ve supplied an image of what they claim is part of a vapor chamber intended for these upcoming phones (below).

A leaked image of a vapor chamber component (Image credit: Majin Bu)

That supposedly leaked image – coupled with the fact that multiple sources have now mentioned a vapor chamber – suggests that at least some iPhone 17 models may well be getting this upgrade.

Keeping it cool

In layman's terms, a vapor chamber should be able to cool these phones more effectively than the graphite sheets used for heat dissipation in current iPhones.

A vapor chamber is a small metal chamber full of liquid, and that liquid turns to vapor when it heats up, allowing the heat to dissipate across the chamber’s surface area. It works as a way of pulling heat away from internal components, which has several advantages.

For one thing, this prevents damage to components from overheating, but it should also reduce the need for thermal throttling – that is, performance reductions to cool the phone down. So, even if you’re pushing the iPhone 17 Pro hard with gaming or other demanding applications, it should be able to stay relatively cool and maintain its performance better.

This should also make the phone more energy efficient, so battery life could be improved too.

Clearly, there are a lot of potential advantages to a vapor chamber, so we hope this leak proves accurate. We should find out in September, as that’s when the iPhone 17 series is likely to launch.

You might also like

• Apple is rumored to be picking one of these two new colors for the iPhone 17
• I've used every iPhone and can promise you don't need to wait for the iPhone 17
• Will Apple never learn? I'm convinced that the iPhone 17 Air will repeat the mistake of the iPhone mini series – here's why

• Businesses don't trust the accuracy of their AI/ML models, but it's due to poor data foundations, report claims
• Only one in three have implemented or optimized data observability programs
• Observability should be standard across the whole data lifecycle

New research from Ataccama has claimed a considerable proportion of businesses still don't trust the output of AI models - but this could simply be because their data isn't in order yet.

The study found two in five (42%) organizations don't trust their AI/ML model outputs, yet only three in five (58%) have implemented or optimised data observability programs.

Ataccama says this could be a problem, because traditional observability tools are not designed to monitor unstructured data, such as PDFs and images.

Don't trust AI? A lack of suitable data could be the problem

The report also revealed the ad-hoc approach that businesses often take, with observability often implemented reactively, resulting in fragmented governance and silos across the organization.

Ataccama defined an effective program as proactive, automated and embedded across the data lifecycle. More advanced observability could also include automated data quality checks and remediation workflows, which could ultimately prevent further issues upstream.

"They’ve invested in tools, but they haven’t operationalized trust. That means embedding observability into the full data lifecycle, from ingestion and pipeline execution to AI-driven consumption, so issues can surface and be resolved before they reach production," CPO Jay Limburn explained.

However, ongoing skills shortages and limited budgets are still presenting challenges along the way. Ataccama also noted that unstructured inputs continue to grow as a result of increased generative AI and RAG adoption, yet currently, fewer than one in three organizations feed unstructured data into their models.

The report goes on to explain: "The most mature programs are closing that gap by integrating observability directly into their data engineering and governance frameworks."

With proper observability in place, businesses can expect improved data reliability, faster decision-making and reduced operational risk.

You might also like

• These are the best AI tools and best AI writers
• Many businesses are thinking twice on using AI bots
• Check out our roundup of all the best cloud hosting providers

• Cyber Monitoring Centre says it is treating M&S and Co-op attacks as a single, combined event
• M&S was hit by a major cyberattack earlier in 2025, Co-op hit weeks after
• Cost of attacks could hit as high as £440 million, CMC estimates

The recent cyberattacks against Marks and Spencer (M&S) and the Co-op supermarket have been combined into a single incident by a major UK investigatory group.

The Cyber Monitoring Centre (CMC), an independent, non-profit body established to categorize major cyber events by the insurance industry, has declared it is treating the two incidents as one event by the same attacker - Scattered Spider.

"Given that one threat actor claimed responsibility for both M&S and Co-op, the close timing, and the similar tactics, techniques, and procedures (TTPs), CMC has assessed the incidents as a single combined cyber event," the CMC said.

Save up to 68% on identity theft protection for TechRadar readers!

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)View Deal

Combined attack

The CMC says it has categorized the attacks as a "Category 2 systemic event," and estimated the security breaches will have a total financial impact of between £270 million to £440 million ($363 million to $592 million) on the two firms.

It added the effects of the attacks had been classified as "narrow and deep", with "significant implications" not only for the two retailers, but their suppliers, partners and service providers as well.

This definition is opposed to “shallow and broad” events such as the 2024 CrowdStrike incident, which affected a large number of businesses across the economy, but the impact to any one company was much smaller.

"Although both of the targeted companies suffered business disruption, data loss, and costs for incident response and IT rebuild, business disruption drives the vast majority of the financial cost," the CMC added.

"Most of the estimated disruption cost is faced by the two companies, but our analysis seeks to estimate the wider cost to partners, suppliers and others."

Despite happening around the same time, the CMC has said the cyberattack on Harrods, another major British retailer, will not been included at this stage, citing a lack of adequate information available about the cause and impact.

M&S was apparently hit by the attack on April 22, revealing news of the incident several days later. The Co-op revealed news of its event on April 30, saying it had been forced to take down parts of its IT systems in an attempt to mitigate the effects.

M&S has forecast the attack could cost it around £300 million in lost operating profit in its financial year.

M&S has not confirmed whether it has paid a ransom to the hackers, but did admit some customer data was stolen in the attack. This did not include any passwords or card or payment details, but home addresses, phone numbers and dates of birth may have been affected.

Anyone concerned their data may have been taken, we recommend using a dark web monitoring service, or using a breach monitor such as Have I Been Pwned to check for potential exposures.

Via InfoSecurity

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for best antivirus software
• Mystery of M&S hack deepens as TCS claims none of its systems were compromised

The hype around generative AI (GenAI) is impossible to ignore in most industries, and cybersecurity is no exception. The potential for cybercriminals enhancing their attacks with AI looms large in industry discussions. At the same time, the security world is gripped by the promise of faster, smarter defenses, from AI-powered EDR to co-pilot-enabled SOC teams.

But here’s the uncomfortable truth: none of it matters if your patching is months out of date, your cloud assets are misconfigured, or your employees freeze under pressure. The security fundamentals are still what really makes the difference in preventing a breach.

While security teams race to bolt on the latest GenAI tools, basic cyber hygiene is in danger of being overlooked.

So how can organizations ensure their cyber skills are up to the challenge in the age of AI?

GenAI is making the basics more urgent - not obsolete

It’s easy to assume that the widespread use of GenAI requires an entirely new approach to security and it’s undeniable that AI-assisted threats are evolving fast. But the real danger isn’t that GenAI changes the game, it’s the way it accelerates the same tactics that already work.

Attackers are primarily using GenAI to scale up familiar playbooks. Social engineering, reconnaissance, and privilege escalation aren’t new, they’re just happening faster and at greater volume.

In many cases, using AI tools can also be a security risk in and of itself. Immersive’s research found that 88% of users could fool a GenAI system into leaking sensitive information, with the machines being surprisingly vulnerable to human psychological tricks. As with any other software tool, misconfigurations and poor access controls also expose GenAI to greater exploitation.

Rather than replacing hygiene, GenAI makes it more essential. If anything, organizations need to double down on the fundamentals.

Cyber hygiene is still the frontline defense

The security landscape may be changing rapidly, but the fundamentals aren’t. Most breaches today still stem from issues that are entirely preventable: an unpatched server, a poorly configured firewall, an admin account with excessive privileges. These aren’t sophisticated zero-days that require experienced threat actors to exploit. They’re hygiene failures.

Yet too many organizations treat cyber hygiene as a legacy concern, something solved once they’ve rolled out the latest AI-powered tools. That mindset is dangerous because hygiene fundamentals aren’t something you graduate from; they’re the baseline that allows advanced defenses to function effectively.

If core defenses such as access permissions and configurations are weak, AI-powered tools are just watching the breach happen in high definition. Security starts with doing the basics well and doing them consistently.

Why poor training is the real weak link

If your security fundamentals are slipping, it’s worth asking: is the problem your tools, or your training?

For most organizations, it’s the latter. Legacy training still dominates, often reduced to short videos and multiple-choice quizzes that check boxes but fail to build capability.

The issue isn’t that people don’t care about security. It’s that they’ve been taught to memorize, not to respond. Training is too often generic, passive, and disconnected from the reality of a live incident. As a result, critical cyber hygiene habits like patch management or recognising phishing attempts fall apart in the moments they matter most.

These issues are intensified when a crisis rears its head. It’s no surprise that teams struggle to respond under pressure, because most have never been given the chance to prepare in a meaningful way.

If we want better outcomes, we need to stop blaming individuals and start fixing the systems that fail to prepare them. No amount of AI will compensate for a team that doesn’t know what to do when the alert goes off.

Drills build muscle memory and enforce hygiene

We wouldn’t expect someone to be ready to fight a fire or fly a plane just because they’d watched a video and taken a quiz, and the same is true for responding to a cyberattack.

This is where cyber drills come in. Unlike traditional training, drills place people in realistic, high-pressure scenarios where they must act, not just observe. They test judgment, coordination, and the ability to follow protocols under stress. Crucially, they reinforce both crisis handling and the importance of essential cyber hygiene through repetition and lived experience.

Cyber drills also expose weaknesses that would otherwise remain hidden. A playbook that looks perfect on paper might collapse under real-time pressure. A confident team might struggle when roles blur in the heat of an incident.

Real cyber readiness isn’t achieved through once-a-year compliance exercises, it’s built into the daily rhythm of how teams work, communicate, and make decisions. That requires more than technology. It takes culture.

Don’t bet everything on the shiniest tools

GenAI is continuing to change the security landscape in unpredictable ways, but it hasn’t changed the fundamentals. Most breaches still come down to human error and poor hygiene, regardless of the tools surrounding them.

Advanced tools won’t protect you if your team isn’t ready. True cyber resilience means training for the basics, testing under pressure, and building a culture where readiness is second nature.

We list the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Here are the answers for The New York Times Mini Crossword for June 23.