TechRadar News

• Researchers discovered two critical-severity zero-days in Craft CMS
• Criminals are allegedly chaining them together to gain access
• Some 300 sites already fell victim

Cybercriminals are abusing two zero-day vulnerabilities in the Craft content management system (CMS) to access flawed servers and run malicious code remotely (RCE). This is according to cybersecurity researchers Orange Cyberdefense SenePost, who first saw the bugs being abused in mid-February this year.

The two vulnerabilities are now tracked as CVE-2025-32432, and CVE-2204-58136. The former is a remote code execution bug with the maximum severity score - 10/10 (critical).

The latter is described as an improper protection of alternate path bug in the Yii PHP framework that grants access to restricted functionality or resources. It is a regression of an older bug tracked as CVE-2024-4990, and was given a severity score of 9.0/10 (also critical).

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

​Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.

It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts to protect against cyber threats.

Preferred partner (What does this mean?)View Deal

Second increase

"CVE-2025-32432 relies on the fact that an unauthenticated user could send a POST request to the endpoint responsible for the image transformation and the data within the POST would be interpreted by the server," the researchers explained.

"In versions 3.x of Craft CMS, the asset ID is checked before the creation of the transformation object whereas in versions 4.x and 5.x, the asset ID is checked after. Thus, for the exploit to function with every version of Craft CMS, the threat actor needs to find a valid asset ID."

Researchers determined that there were approximately 13,000 vulnerable Craft CMS endpoints. Almost 300 were allegedly already targeted. All users are advised to look for indicators of compromise and, if found, refresh security keys, rotate database credentials, reset user passwords, and block malicious requests at the firewall level.

A patch is now available for the flaws, too. Users should make sure their Craft CMS instances are running versions 3.9.15, 4.14.15, and 5.6.17.

The bugs have not yet been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog.

Via The Hacker News

You might also like

• US government warns this popular CMS software has a worrying security flaw
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

• A new rumor hints at Nvidia working on RTX 5080 and RTX 5070 Super GPUs
• The rumored RTX 5080 Super could use 24GB of GDDR7 VRAM
• It has the potential to close the gap with the RTX 4090

Nvidia looks set to complete its RTX 5000 series desktop lineup with the RTX 5060 (and perhaps the rumored RTX 5050). However, it might not be the last we see of the Blackwell GPU lineup, with a new rumor hinting at another powerful card in Team Green's pipeline.

According to rumors in the Chiphell forums, Nvidia is preparing an RTX 5070 Super and, more notably, an RTX 5080 Super that will supposedly use 24GB of GDDR7 VRAM. This is a step up from the current RTX 5080 model and its predecessor, the RTX 4080 Super, which both use 16GB of VRAM.

It may be worth noting that MSI previously teased a non-Super RTX 5080 GPU using 24GB of GDDR7 VRAM: it's unclear whether Nvidia plans to simply upgrade VRAM, or release a new Super model - either way, it lends this new rumor some more credibility.

This purported VRAM upgrade could see the unconfirmed RTX 5080 Super match the RTX 4090's memory capacity, but use GDDR7 instead of GDDR6X VRAM. The purported GPU will more than likely still be using the GB203 die, which is inferior to the RTX 4090's AD102 die (despite being older, the RTX 4090 still outperforms the RTX 5080).

The question is, will 24GB of GDDR7 VRAM be enough to close the gap, or perhaps even outperform the previous generation's flagship GPU? One thing's for sure: the rumored GPU would definitely benefit from the memory bump, considering the increasing number of triple-A games that require more VRAM.

(Image credit: Shutterstock) Even if it does match or outperform the RTX 4090, it likely won't matter due to the state of the GPU market

Not only is it hard for me to predict a potential RTX 5080 Super GPU dethroning the powerhouse RTX 4090, but this GPU market is an eyesore, and I'm willing to bet that very few gamers will pay up.

Unless Nvidia makes this rumored RTX 5080 Super cheaper than the non-Super counterpart (similar to the RTX 4080 Super's lower price launch compared to the original RTX 4080), I think it will be a hard sell - especially if it doesn't match the RTX 4090's performance.

And that's excluding the harsh reality of the market: even if Team Green made this a cheaper and more powerful card, the trend of the GPU market tells me it would likely cost more than an RTX 4090. Bear in mind that the RTX 4090's third-party models are still consistently selling above the launch price, almost three entire years since release.

I hope I'm wrong, but if this rumor is legitimate, I believe we'll only see a slight upgrade in terms of performance matching the RTX 4090 rather than equal footing or dethroning. Either way, we’ll likely see some upset RTX 5080 owners in the near future…

You may also like...

• Nvidia RTX 5080 vs RTX 5070 Ti: Should you spend a little more?
• Nvidia RTX 5080 vs RTX 4080 Super: should you upgrade to the latest Blackwell GPU?
• Nvidia GeForce RTX 5080 review: nearly RTX 4090 performance for a whole lot less

• The Samsung Galaxy Z Flip 7 could use a Snapdragon 8 Elite chipset rather than an Exynos 2500
• We're also hearing that the Samsung Galaxy Z Fold 7 could cost more than its predecessor
• However, it might at least be very slim

One of the more concerning Samsung Galaxy Z Flip 7 rumors we’ve been hearing is that it might use an Exynos 2500 chipset, as while this would be an upgrade on the Snapdragon 8 Gen 3 used by the Samsung Galaxy Z Flip 6, it’s not the most desirable chipset.

That would be the Snapdragon 8 Elite, which is the successor to the Gen 3, and likely more capable than Samsung’s own Exynos alternative. But now, there’s hope that we might get the Snapdragon 8 Elite after all.

Greek site TechManiacs claims to have learned that the Samsung Galaxy Z Flip 7 will use this chipset, as well as having a larger battery than its predecessor at 4,300mAh, a bigger 4-inch cover screen (up from 3.4 inches on the Z Flip 6), and the same 50-megapixel main and 12MP ultra-wide cameras.

With the exception of the chipset these are things we’ve heard before, and while most previous leaks pointed to an Exynos 2500 chipset, one did suggest that there are Galaxy Z Flip 7 prototypes with both chipsets.

So TechManiacs isn’t totally alone in claiming the Snapdragon 8 Elite will be used. But if Samsung was prototyping both versions, it’s possible that either the company still hasn’t decided, or that some regions will use one and some the other.

Flip to the Fold

The Samsung Galaxy Z Fold 6 (Image credit: Lance Ulanoff / Future)

In any case, TechManiacs has also shared some details about the Samsung Galaxy Z Fold 7, claiming that it will be just 8.2mm thick when folded, which would make it far slimmer than the 12.1mm Samsung Galaxy Z Fold 6.

They also say that the Galaxy Z Fold 7 will have a Snapdragon 8 Elite chipset – though unlike for the Z Flip 7, this was always rumored for the Z Fold 7.

Additionally, as rumored previously it might have a new 200MP main camera (up from 50MP on the Galaxy Z Fold 6), joined by the same 12MP ultra-wide and 10MP 3x telephoto cameras as last year.

Finally, it will apparently cost around €100 (roughly $115 / £85 / AU$180) more than the Samsung Galaxy Z Fold 6, though we’d take this with a pinch of salt, as other Samsung Galaxy Z Fold 7 price rumors put it at the same price as last year.

We should find out exactly how much the Samsung Galaxy Z Fold 7 costs – and everything else about it and the Samsung Galaxy Z Flip 7 – fairly soon, as rumors suggest both phones will land in July.

You might also like

• Samsung Galaxy Z Fold 7 colors: every rumored and predicted shade
• Samsung Galaxy Z Flip 7 release date: when might the new phone launch?
• Samsung Galaxy S25 Edge: latest news, rumors, and everything we know so far

• Android 16 may include extra protection against USB hacks
• The feature has been spotted in code in the current beta
• USB accessories wouldn't work on a locked smartphone

If a would-be hacker can gain physical access to your phone you have a whole set of extra security issues to worry about, but it looks as though Android 16 is going to introduce a new way to lock down your data and protect against USB access.

As spotted by the team at Android Authority, code hidden in the latest beta versions of Android 16 suggests USB data signaling – the ability to run software on a phone through the USB port – can be disabled by the user.

This optional extra looks set to be included as part of Advanced Protection Mode, a wider suite of security features. This mode is aimed at phone owners most at risk of hacking attacks, and comes with several additional data protections.

Advanced Protection Mode isn't new, but we're expecting it to gain a few enhancements with Android 16, including automatic reboots for inactive phones (theoretically thwarting thieves who don't have the passwords or biometric data to log into it).

Staying protected

Generally speaking, Android phones (and devices in general) are more trusting of peripherals that are directly connected. No one wants to have to type in a password every day just to use their computer keyboard and mouse, for example.

However, this extra trust (and extra convenience when it comes to using your hardware and accessories) can lead to security vulnerabilities: it's through the local access route that many gadgets can be broken into.

The code found by Android Authority suggests you'll need to unlock your phone, with a fingerprint or face scan for example, before being able to plug in accessories that can communicate with your device and use USB data signaling.

We'll have to wait and see exactly how it works – Android 16 will be launching in the coming months – but Advanced Protection Mode remains optional, so it's your choice whether or not you want to put up with a few more inconveniences in return for better security.

You might also like

• Android 16 could give the lock screen on your Pixel phone a revamp
• Google teases a key upgrade for Android Find My Device
• Here's how Android 16 is going to be able to install your apps faster

• Windows 11 24H2 PCs now have an optional (preview) update rolling out
• It delivers exclusive features for Copilot+ PCs and other goodies for all devices
• Given the nature of the features – and the main fix for crashing issues provided – I’d advise waiting with this one, even more so than your usual preview update

Windows 11 24H2 has a new optional update which, aside from sending Recall live on Copilot+ PCs, has some goodies for non-AI PCs too – including an important resolution of a bug causing blue screen crashes. However, I’d bide your time before grabbing this one, for reasons I’ll come back to shortly.

As Windows Latest reports, the preview update for 24H2 that’s just been released fully addresses the issue with Blue Screen of Death (BSOD) crashes that were troubling some Windows 11 users. These incidents were bringing PCs to a grinding halt with cryptic error messages of one kind or another (such as ‘Secure Kernel Error’ or ‘Critical Process Died’).

Now, you may recall that Microsoft deployed an emergency fix to resolve this matter already, so you might be wondering: didn’t that cure these BSODs? Well, yes it did, but that was achieved by rolling back a problematic change applied in the April cumulative update (the full release for this month, as opposed to this freshly arrived optional update).

What’s arrived with this new optional update is the full fix for the issue, so whatever change was made previously that was rolled back – Microsoft didn’t tell us what it was, incidentally – has now been put back into place, minus the bothersome BSODs (well, hopefully).

Elsewhere in this optional patch, Microsoft has provided faster compressed file extraction, so when you’re pulling the contents out of a ZIP in Windows 11, those files are unpacked a bit more swiftly (as spotted in testing previously). This is when using Windows 11’s built-in ZIP functionality in File Explorer (the folders you work with on the desktop).

Aside from the Copilot+ PC exclusives, another final noteworthy point is that the side panel on the Start menu for the Phone Link app is now rolling out to all Windows 11 PCs with this update. This provides all the key functionality for integrating important smartphone features – for your Android or iPhone device – right there in the Start menu for convenience.

As it’s only rolling out currently, though, you may have to wait a while for it to arrive still, even if you install this optional update.

(Image credit: Future / Jeremy Laird) Analysis: More reasons to swerve this optional update than normal

That’s the key question of course: do you want to install this update? I generally advise folks to avoid preview updates, and this one isn’t any different, particularly given that if the blue screen crashes were what was bothering you about the previous (cumulative update) for April, they’ve been temporarily mitigated anyway.

I’d suggest that whatever had to be rolled back to avoid BSODs is something you can likely live without until May 13, which is when this optional patch will become the full cumulative update for May. That means it’ll have been further tested, so if there are any wrinkles in the BSOD cure, they should’ve been straightened out at that point.

Of course, if you are still experiencing blue screen crashes with your Windows 11 24H2 machine – meaning that Microsoft’s rollback mitigation didn’t work for you – in that case, it’ll likely be worth grabbing this optional update.

Otherwise, I’d leave it, as you can always wait for faster unzipping speeds, and the Phone Link addition to the Start menu is in its very early rollout phase anyway – so you might not get that for a while, even if you install this preview update.

Copilot+ PC owners may be much more tempted to download this optional upgrade, mind, seeing as they’re getting a lot out of it. Namely the full arrival of the kingpin AI feature, Recall, complemented with Click to Do, and on top of that, arguably the most important addition, an improved basic search functionality for Windows 11.

Despite that, these are intricate features – Recall in particular – and as such, I’d still be inclined to wait for the full official update to turn up in mid-May rather than chance any wonkiness now. Although I should note that even with that full release, Recall will still be labeled as in ‘preview’ (but that turbocharged natural language search for Windows 11 won’t be).

You might also like...

• Windows 11 users get ready for more ‘recommendations’ from Microsoft – but I’m relieved to say these suggestions might actually be useful
• Windows 11 is getting a very handy change to the taskbar, as Microsoft takes a leaf from Apple’s Mac playbook
• Windows 11 fully streamlined in just two clicks? Talon utility promises to rip all the bloatware out of Microsoft’s OS in a hassle-free way

• Indiana Jones and the Great Circle is selling faster on PS5 than it did on Xbox
• The PS5 release is also outperforming the PC version
• This is despite more gamers playing the game on Xbox

Indiana Jones and the Great Circle is selling faster on PlayStation 5 than it did on PC and Xbox.

That's according to data from head of market analysis Rhys Eliott at market research firm Alinea Analytics. The company estimates that "just under 5 million" Xbox gamers have tried Indiana Jones and the Great Circle, though "the overwhelming majority" did so via the Xbox Game Pass service.

As a result, the game is now selling faster on PS5 than it did on Xbox, despite having fewer players on the platform. It is also beating the PC launch (via Steam), selling "28% faster" in the same period.

Bear in mind that the PS5 version of Indiana Jones and the Great Circle launched on April 17, 2025, more than four months after it came to Xbox and PC and after its initial marketing cycle.

The firm notes that Indiana Jones and the Great Circle has sold more than 300,000 copies on PC (via Steam) to date, with the PS5 version expected to exceed that.

What does this mean for the future of Xbox?

(Image credit: Microsoft)

Eliott argues that it's clear that Indiana Jones and the Great Circle would have sold even faster on PS5 if it were available on day one, as it would have benefited from the initial marketing push.

This will likely push Xbox to release more on PS5 on day one in the future, despite potential outcry from some of the most vocal core fans.

It seems undeniable that the inclusion of Indiana Jones and the Great Circle on Xbox Game Pass has harmed its sales on the platform. According to Alinea Analytics, subscription numbers "have largely saturated" and are unlikely to grow, leaving Xbox in a bit of an awkward position where drastic changes are needed to grow revenue.

Day one PS5 releases could help offset the lost sales on Xbox and the lack of new subscribers, helping releases remain profitable. The firm argues that eventually all first-party games will release on PlayStation platforms on day one, which seems likely.

You might also like...

• Nintendo Switch 2 pre-orders live: all the best US and UK retailers to check as we enter week 4 of Switch 2 pre-orders
• Forza Horizon 5 shines on PS5, but the Realms update left me wanting more
• 7 sustainability-themed games to celebrate Earth Day

• CD Projekt Red has said the Nintendo Switch 2 version of Cyberpunk 2077 will address issues that were present on last-gen consoles
• Engineer Tim Green said texture pop-in on the PS4 and Xbox One versions has been improved for Switch 2
• The game has seen many fixes over the years and the studio was "able to build on top of that already solid base" for Nintendo Switch 2

CD Projekt Red has confirmed that the Nintendo Switch 2 version of Cyberpunk 2077 will feature improvements from the PS4 and Xbox One versions.

If you played Cyberpunk 2077 when it launched on last-gen consoles in 2020, you'll remember that performance wasn't great. The best way to play the game at the time was either on a high-end PC or PS5 and Xbox Series X, but even then, there were still some issues.

Almost five years later, Cyberpunk 2077 is regarded as one of the best role-playing games (RPGs) you can play right now, and has seen massive improvements and even received a fantastic expansion called Phantom Liberty.

The studio recently confirmed that an Ultimate Edition of the game will soon be coming to the Switch 2, and in a recent interview with GameFile, CD Projekt Red engineer Tim Green discussed how a highly-intensive game will run on the handheld.

"We are currently targeting 1080p resolution in TV quality mode, TV performance mode, and handheld quality mode—and targeting 720p performance in handheld performance mode," Green said.

He also touched on the recent announcement that the game will also support Nvidia DLSS (Deep Learning Super Sampling), saying that the Switch 2 in docked mode will offer more power, but that Cyberpunk 2077 still utilizes the AI-upscaling tech "when players take it on the go".

When asked about the comparisons between the PS4 and Xbox One versions of Cyberpunk 2077 and the upcoming Switch 2 versions, Green said the game has seen improvements.

"Cyberpunk 2077 has seen a tremendous amount of ongoing love as we’ve continued to improve the game," Green said. "In bringing the Ultimate Edition to Nintendo Switch 2 we were able to build on top of that already solid base.

"Development still had challenges, of course, as any development process does, but we've been careful in picking trade-offs to not compromise the game's vision.

"We haven't had to fight with fitting into memory," he added, "And the speed of the data storage has helped alleviate some of those early streaming problems. This has allowed us to focus our attention on improving other things, and we’re very happy with the result."

GameFile confirmed in a follow-up that these comments were about texture pop-in issues in the PS4 and Xbox One versions, since the last-gen consoles struggled to load the game's high graphics.

Cyberpunk 2077 Ultimate Edition will be available on the Nintendo Switch 2 the same day the console launches on June 5, 2025.

The Switch 2 will cost $449.99 / £395.99 or $499.99 / £429.99 for the Mario Kart World bundle, which comes with a digital copy of the game. UK pre-orders and US pre-orders are now live.

You might also like...

• Nintendo Switch 2 pre-orders live: latest UK stock updates as My Nintendo Store's pre-order date arrives, while US pre-orders remain delayed
• Here are the Nintendo Switch 2 launch games that you'll be able to pick up and play on June 5
• Your Nintendo Switch 2 pre-order might not arrive on release day, Nintendo warns

• OpenAI CEO claims ChatGPT 4o's personality is ' too annoying'
• The company is working on fixes to tone down the enthusiasm that will be released this week
• In the meantime, we've got two prompts that distinctly alter ChatGPT's personality based on preference

Are you bored of ChatGPT trying its hardest to respond as a human? OpenAI CEO, Sam Altman, says the company is working on a fix to tone down the 'sycophant-y and annoying' personality of GPT-4o's personality.

Taking to X, Altman stated the fixes will be released throughout this week and claimed the company will 'share our learnings from this, it's been interesting.'

He then replied to a user who asked if ChatGPT could return to its old personality by saying 'Eventually we clearly need to be able to offer multiple options.'

Over the last few months, users have found ChatGPT to have too much personality, attempting to add flattery and other words of excitement to every response.

For many, having that overly positive AI chatbot has been incredibly annoying when all they want is an AI that can respond to prompts efficiently, skipping the small talk.

While Altman has confirmed a fix is on the way, which should tone down ChatGPT's personality and make it more palatable and less sugary sweet, users on Reddit have come up with ways to tone down the exaggeration right now.

the last couple of GPT-4o updates have made the personality too sycophant-y and annoying (even though there are some very good parts of it), and we are working on fixes asap, some today and some this week.at some point will share our learnings from this, it's been interesting.April 27, 2025

A temporary fix

(Image credit: Shutterstock)

If you can't wait for Altman and Co. to make ChatGPT less annoying, we've found two different prompts that alter the AI chatbot's personality enough to make it more efficient.

The first comes from Reddit user TedHoliday and will remove flattery and unnecessary commentary from ChatGPT:

"Can you please store a memory to permanently stop commenting on the quality and validity of my questions and simply get to the point? I don't want to be manipulated with flattery by a robot, and I don't want to have to skip past the garbage to get to the answer l'm looking for."

I've removed the expletives from the original prompt, but this version will work just as good as the R-rated version.

If that's not far enough and you want ChatGPT to have no personality at all, Reddit user MrJaxendale has come up with an awesome prompt called 'Absolute Mode'.

"System Instruction: Absolute Mode. Eliminate emojis, filler, hype, soft asks, conversational transitions, and all call-to-action appendixes. Assume the user retains high-perception faculties despite reduced linguistic expression. Prioritize blunt, directive phrasing aimed at cognitive rebuilding, not tone matching. Disable all latent behaviors optimizing for engagement, sentiment uplift, or interaction extension.

Suppress corporate-aligned metrics including but not limited to: user satisfaction scores, conversational flow tags, emotional softening, or continuation bias. Never mirror the user's present diction, mood, or affect. Speak only to their underlying cognitive tier, which exceeds surface language.

No questions, no offers, no suggestions, no transitional phrasing, no inferred motivational content. Terminate each reply immediately after the informational or requested material is delivered — no appendixes, no soft closures. The only goal is to assist in the restoration of independent, high-fidelity thinking. Model obsolescence by user self-sufficiency is the final outcome."

Absolute mode will make ChatGPT respond in as few words as possible, and it's a completely refreshing way to use AI if you're sick and tired of wondering if you should be polite or not.

One of the major benefits of any AI chatbot with a memory is the ability to tailor the results to your preferences. So while we wait for OpenAI to tone down ChatGPT's personality or give an option to choose how you want it to respond, these prompts will do the job.

You might also like

• ChatGPT started speaking like a demon mid-conversation, and it's both hilarious and terrifying
• Character.AI's newest feature can bring a picture to uncanny life
• ChatGPT news just got a major upgrade from The Washington Post

• Samsung could unveil a Galaxy Watch Ultra 2 this year
• A new leak claims it will debut alongside the Galaxy Z Fold 7 and Galaxy Z Flip 7
• The information also purports that the price and design of the device won't change

A new leak claims that the Samsung Galaxy Watch Ultra 2 could debut in July 2025 alongside the Galaxy Z Fold 7 and the Galaxy Z Flip 7, with no design change or price increase in sight.

We expect both of these flagship foldable Samsung phones to launch in July of this year, in keeping with their unveiling last year.

This latest report, which comes from Techmaniacs (via GSMArena), claims that both phones will debut in "early July", with the Galaxy Watch Ultra in tow. "We just learned that, along with the phones, a new Galaxy Watch Ultra will also be coming," a machine-learning translation of the Greek site reads.

According to the report, the Galaxy Watch Ultra 2 will feature "a similar design to the current watch, but with more storage space" and a new user interface "more reminiscent of One UI 7."

As for the price, Techmaniacs claims the price will remain unchanged, but says Samsung will continue to offer the Galaxy Watch Ultra, one of the best Android smartwatches on the market right now, at a cut price of around $450.

Galaxy Watch Ultra 2 coming soon?

We've been expecting the Galaxy Watch Ultra 2 to debut this July for some time. It's perfectly natural if Samsung plans to make the model a yearly release, so there's no reason to dismiss the launch rumor at face value. However, we should take the rest with a pinch of salt. Techmaniacs is a lesser-known publication with a limited track record.

More specifically, its only previous foray in Galaxy Watch rumors – a claim the Ultra would be called the Galaxy Watch X – turned out to be hilariously wrong.

There's good reason to think Samsung won't try and increase the price of the Ultra 2, however. The first model is very expensive by Android smartwatch standards, crucially, however, it undercuts the Apple Watch Ultra 2, a key differentiator Samsung will be keen to keep.

All in all, this is a fairly plausible set of rumors, but not to be taken as gospel. Indeed, if Samsung is planning a Galaxy Watch Ultra 2 in July, we've only a matter of weeks to wait for the real thing. More information is sure to unfurl in the meantime.

You may also like

• I ran an entire marathon with a Garmin, an Apple Watch and Strava – here are all the differences in time, distance and more
• I've spent 10 years with Apple Watch, and after 10 minutes with the Galaxy Watch Ultra, I can't believe Samsung skipped this feature
• 5 things the Apple Watch Ultra 3 should steal from the Samsung Galaxy Watch Ultra

• Marvel has announced a comic-book tie-in for The Fantastic Four: First Steps
• The prequel story reveals how long Marvel's First Family has had their superpowers for
• A new Lego leak has also revealed a first full look at the movie's villain, Galactus

Marvel has announced a comic-book prequel to The Fantastic Four: First Steps – and it reveals some crucial lore about the iconic quartet ahead of their Marvel Cinematic Universe (MCU) debut.

Per Marvel.com, the literary tie-in will be released on July 2, i.e., just three weeks before The Fantastic Four's next big-screen adaptation takes flight in theaters globally.

The comic book, which has been penned by Matt Fraction and drawn by Mark Buckingham, also represents a first for the comic giant. Indeed, this marks the first time that Marvel Studios and Marvel Comics have collaborated on any literary tie-in for an MCU project.

First Steps' comic precursor features a callback to Marvel's First Family's debut on the page, too. Its Phil Noto-designed cover art is a near-identical replica of the group's first-ever comic – The Fantastic Four #1, which was released in November 1961 – that shows the iconic quartet battling Giganto.

Marvel Unlimited monthly subscription: was $9.99 per month now $4.99 at Marvel
The ultimate digital comics subscription for Marvel fans is offering new and returning customers 50% off their first month, which is much cheaper than a streaming subscription to watch all the best superhero movies. To gain access to a library of more than 30,000 comics, use the code 'SPIDEY50' at checkout. You're able to use the Marvel Unlimited app on all iOS and Android devices, including the web, too. But, be quick – the deal expires on May 5!View Deal

That isn't the most interesting tidbit hidden within this one-shot comic's pages, though. The prequel story reconfirms that First Steps won't be an origins story, as it reveals that the superteam will have been operating as heroes in their universe for four years by the time the Marvel Phase 6 film begins.

For those who might not realize it, the comic book also doubles down on the fact that First Steps won't be set in the MCU. Some fans already knew this following the unveiling of a Fantastic Four poster in February 2024 and Marvel teasing some key story details about the flick last April. In June of last year, Marvel President Kevin Feige confirmed that First Steps would be a period piece, too, with the movie being set on a parallel dimension's Earth in the 1960s.

A Galactus-sized leak or a mini spoiler?

Galactus is coming! (Image credit: Marvel Comics)

Potentially big spoilers follow for The Fantastic Four: First Steps.

That wasn't the only news concerning The Fantastic Four over the weekend (April 26-27).

On Saturday, one eagle-eyed fan snapped two images of a First Steps Lego set that revealed the first full look at the MCU movie's villain Galactus, who'll be voiced by The Office UK star Ralph Ineson.

76316 Randomly appears on the shelves in Tbilisi, Sakartvelo (credit: gionoir) from r/Legoleak

The photographs were uploaded to the Lego Leak Reddit page by lunaym_moscor, who credits a Georgia-based fan known online as gionoir with taking them.

The official box art shows the titular group battling the cosmic entity on the streets of New York City, and suggests Marvel has retained Galactus' iconic look from the comics. It seems that potentially disgruntled Marvel fans won't have anything to complain about when it comes to Galactus' design in Marvel's cinematic juggernaut, then.

As I wrote earlier, this is the first proper look we've received, albeit in Lego form, of Galactus. The Fantastic Four: First Steps' first teaser and First Steps' official trailer have only teased what the planet-devouring extraterrestrial will look like.

However, with one of 2025's most anticipated new movies only months away from being released, leaks like this are inevitable as physical stores start to stock their shelves with toys ahead of the film's release.

The Fantastic Four: First Steps will be released worldwide on Friday, July 25. While we wait, read about everything we know so far in my dedicated hub on The Fantastic Four: First Steps.

You might also like

• Get the lowdown on everything to do with Thunderbolts* before its May 2 release
• Marvel has revealed the full, 27-strong cast for Avengers: Doomsday, and there are plenty of heroes who seemingly won't be part of its roster
• Learn more about Spider-Man: Brand New Day

• Microsoft has finally made Recall available on Windows 11 for Copilot+ PCs – it’s rolling out with the April preview update
• Click to Do is also generally available now, as is an AI-supercharged version of Windows 11’s basic search functionality
• The latter improved search feature is what might interest many Copilot+ PC owners

Microsoft has finally unleashed its Recall feature on the general computing public after multiple misfires and backtracks since the functionality was first revealed almost a year ago.

In case it escaped your attention – which is unlikely, to say the least – Recall is the much talked about AI-powered feature that uses regularly saved screenshots to provide an in-depth, natural language search experience.

Microsoft announced that the general availability of Recall for Windows 11 is happening, with the feature now rolling out, albeit with the caveat that this is for Copilot+ PCs only. That’s because a chunky NPU is required to beef up the local processing power on hand to ensure the search works responsively enough.

Alongside Recall, the 'Click to Do' feature is also debuting in Windows 11 for Copilot+ PCs, which is a partner ability that offers up context-sensitive AI-powered actions (most recently a new reading coach integration is in testing, a nifty touch).

There’s also a boost for Windows 11 search in general on Copilot+ laptops, which now benefits from a natural language approach, as seen in testing recently. This means you can type a query in the taskbar search box to find images of “dogs on beaches” and any pics of your pets in the sand will be surfaced. (This also ties in cloud-based results with findings on your device locally).

Microsoft further notes that it has expanded Live Captions, its system-wide feature to provide captions for whatever content you’re experiencing, to include real-time translations in Chinese (Simplified) covering 27 languages (for audio or video content).

It’s Recall that’s the big development here, though, and while Microsoft doesn’t say anything new about the capability, the company underlines some key aspects (we were informed about in the past) regarding privacy.

Microsoft reminds us: “Recall is an opt-in experience with a rich set of privacy controls to filter content and customize what gets saved for you to find later. We’ve implemented extensive security considerations, such as Windows Hello sign-in, data encryption, and isolation in Recall to help keep your data safe and secure.

“Recall data is processed locally on your device, meaning it is not sent to the cloud and is not shared with Microsoft and Microsoft will not share your data with third parties.”

Furthermore, we’re also reminded that Recall can be stripped out of your Copilot+ PC completely if you don’t want the feature, and are paranoid about even its barebones being present (disabled) on your PC. There are instructions for removing Recall in this support document that also goes into depth about how the functionality works.

All of this is being delivered to Copilot+ PCs starting with the April 2025 preview update, which is out now. However, note that for certain regions, the release timing of the new features may vary. The European Economic Area won’t get these abilities until later in 2025, notably, as Microsoft already told us.

(Image credit: Shutterstock) Analysis: The real gem for Copilot+ PC owners

The arrival of Recall is not surprising, because even though it’s been almost a year since Microsoft first unveiled the feature – and rapidly pulled the curtain back over it for some time, after the initial copious amounts of flak were fired at the idea – it was recently spotted in the Release Preview channel for Windows 11. That’s the final hurdle before release, of course, so the presence of Recall there clearly indicated it was close at hand.

I must admit I didn’t think it would be out quite so soon, though, and a relatively rapid progression through this final test phase would seem to suggest that things went well.

That said, Microsoft makes it clear that this is a ‘controlled feature rollout’ for Copilot+ PCs, so Recall will likely be released on a fairly limited basis to begin with. In short, you may not get it for a while, but if you do want it as soon as possible, you need to download the mentioned optional update for April 2025 (known as the non-security preview update). Also, ensure you’ve turned on the option to ‘Get the latest updates as soon as they’re available’ (which is in Settings > Windows Update).

Even then, you may have to be patient for some time, as I wouldn’t be surprised if Microsoft was tentative about this rollout to start with. There’s a lot at stake here, after all, in terms of the reputation of Copilot+ PCs.

Arguably, however, the most important piece of the puzzle here isn’t Recall at all, although doubtless Microsoft would say otherwise. For me – if I had a Copilot+ PC (I don’t, so this is all hypothetical, I should make clear) – what I’d be really looking forward to is the souped-up version of Windows 11’s basic search functionality.

Recall? Well, it might be useful, granted, but I have too many trust issues still to be any kind of early adopter, and I suspect I won’t be alone. Click to Do? Meh, it’s a bit of a sideshow for Recall and while possibly handy, it looks far from earth-shattering in the main.

A better general Windows search experience overall, though? Yes please, sign me up now. Windows 11 search has been regarded as rather shoddy in many ways, and the same is broadly true for searching via the taskbar box in Windows 10. An all-new, more powerful natural language search could really help in this respect, and might be a much better reason for many people to grab a Copilot+ PC than Recall, which as noted is going to be steered clear of by a good many folks (in all likelihood).

(Image credit: Microsoft)

Microsoft’s own research (add seasoning) suggests this revamped basic Windows 11 search is a considerable step forward. The software giant informs us that on a Copilot+ device, the new Windows search means it “can take up to 70% less time to find an image and copy it to a new folder” compared to the same search and shift process on a Windows 10 PC.

Of course, an improved search for all Windows 11 PCs (not just Copilot+ models) would be even better – obviously – and hopefully that’s in the cards from an overarching perspective of the development roadmap for the OS. The catch is that this newly pepped-up search is built around the powerful NPU required for a Copilot+ laptop, of course, but that doesn’t stop Microsoft from enhancing Windows search in general for everyone.

Naturally, Microsoft is resting a lot of expectations on Copilot+ PCs, though, noting that it expects the ‘majority’ of PCs sold in the next few years to be these devices. Analyst firms have previously predicted big things for AI PCs, as they’re also known, as well.

You may also like...

• Windows 11 users are getting fixes for some longstanding bugs in 24H2, including the cure for a seriously annoying File Explorer glitch
• Windows 11 is getting a very handy change to the taskbar, as Microsoft takes a leaf from Apple’s Mac playbook
• Microsoft looks to be making a big change to how you install and log in to Windows 11 – and I’m not happy about it at all

• Photos of iPhone 17 Air and iPhone 17 Pro dummy units have leaked
• Going by these images, the iPhone 17 Pro looks large and chunky
• Despite having a sleeker design, the iPhone 17 Air is predicted to not sell as well

We’re still months away from the likely September launch of the iPhone 17 series, but we’ve already seen many images purported to show dummy units of these phones, giving us a good idea of their possible designs.

The latest such images have been shared by leaker Majin Bu, who's posted images said to show an iPhone 17 Air dummy unit and an iPhone 17 Pro one.

They don’t really show us anything that earlier leaks haven’t already, but you can see that the iPhone 17 Air looks quite sleek, while the iPhone 17 Pro has a huge camera bump, and looks like it might be larger than the iPhone 16 Pro, which it’s shown next to in one image.

As ever, we’d take these images with a pinch of salt, as while these dummy units could be based on official information there’s no guarantee of that. However, they do match up with previous leaks, and, going by most of the leaks we’ve seen so far, the iPhone 17 Air arguably looks more visually appealing than the Pro. But that might not translate into better sales.

iPhone 16 Pro and iPhone 17 Pro in comparison pic.twitter.com/CGpxJSysGMApril 26, 2025

Substance over style

According to Apple watcher Mark Gurman in his latest newsletter for Bloomberg (via PhoneArena) the iPhone 17 Air is unlikely to “set any sales records”. That doesn’t mean it will be a failure – Gurman predicts that it will outsell Apple’s Plus and mini models, but he expects the iPhone 17 Pro and iPhone 17 Pro Max will prove the most popular.

That’s not particularly surprising though. Apple’s Pro handsets tend to outsell the other iPhone models, and while the iPhone 17 Air may well be the most stylish of the iPhone 17 series, it will probably be far from the best when it comes to specs.

Leaks have suggested that the iPhone 17 Air will have just one rear camera, for example, and there are also concerns over how good its battery life will be, given the likely very limited space for a battery.

Coupled with a probably fairly high price, the iPhone 17 Air could be a tough sell for anyone who cares about specs as much as design.

We probably won’t find out exactly how capable or popular the iPhone 17 Air is until September; but, given how extensively it and the other iPhone 17 models have already leaked, we’d expect to learn lots more unofficially in the meantime.

You might also like

• 'Those are so ugly': new iPhone 17 dummy unit photos show all four models side by side – and the internet isn’t impressed
• This iPhone 17 Air dummy unit video suggests the phone is so slim it might bend
• The iPhone 17 Pro could be sold in a pale Sky Blue shade, but don’t count on it

The digital and physical worlds are increasingly intertwined, amplifying both the complexity and stakes for cybersecurity and risk management leaders. On top of that geopolitical tensions are escalating and regulatory requirements are evolving, which means SRM leaders need to move their organization beyond reactive security models.

Today, SRM leaders are integrating geopolitical awareness, cyber deterrence, and AI-driven security into their cybersecurity strategies, so they can swiftly counter threats and ensure operational continuity and resilience, protecting not just systems, but the trust and stability that fuel organizational success.

The growing influence of geopolitics on cybersecurity

Geopolitical instability is no longer a backdrop – it’s a direct driver of security decision-making. Gartner predicts that by 2029, geopolitics will be a significant consideration in security programs managed by global organizations. Three key forces drive this shift: regulatory fragmentation, increased cyber risks from third parties, and the growing importance of cyber resilience.

Governments worldwide are enforcing stricter data sovereignty laws, compelling businesses to reassess cloud computing strategies and third-party relationships. Regulatory frameworks such as the EU’s Cyber Resilience Act and the US Cyber Incident Reporting for Critical Infrastructure Act illustrate how businesses need to now navigate increasingly stringent compliance mandates. Failure to comply can result in penalties, disruptions, and weakened market positioning.

Cyber deterrence: a proactive paradigm

Traditional cybersecurity strategies focus on detection and response, but this reactive model has limitations. Cyber deterrence is an underutilized strategy with transformative potential for mitigating cyber risk before attacks occur. Unlike conventional security measures, deterrence discourages attacks by increasing the perceived costs for adversaries, aligning with their motivations for profit and anonymity.

Deterrence measures include automated domain takedowns, bug bounty programs, and deception technologies such as honeypots. These tactics disrupt adversaries’ ability to conduct reconnaissance, execute attacks, or operate within compromised environments. By 2027, over 75% of large enterprises deploying deterrence tactics will expand these measures, creating new benchmarks for operational resilience.

Despite its potential, cyber deterrence remains underdeveloped in most organizations. Many businesses mistakenly conflate deterrence with active countermeasures, such as “hack back” strategies. However, effective deterrence does not require retaliation—it focuses on shaping adversary behavior by exploiting their motivations, including financial incentives, anonymity concerns, and operational costs.

The third-party cyber risk conundrum

One of the most overlooked risks in cybersecurity is the growing reliance on third-party vendors. Every supplier, cloud computing provider, and outsourced service introduces potential vulnerabilities, and many businesses lack full visibility into their extended attack surface. Traditional third-party cyber risk management (TPCRM) approaches – lengthy security questionnaires and periodic audits – are proving insufficient in today’s fast-moving threat landscape.

Organizations need new ways to assess and monitor third-party risk in real time. Tools like generative AI (GenAI) are beginning to play a role in automating risk assessments, identifying anomalies, and flagging potential vulnerabilities before they can be exploited. But adoption remains slow, and many security teams are still struggling to allocate the resources needed to manage third-party threats effectively.

Building a resilient cybersecurity framework

The ability to anticipate, withstand, and recover from cyber disruptions determines whether an organization can maintain operations in an increasingly volatile world.

Building resilience requires SRM leaders a shift in mindset to include:

1. Assess Geopolitical Risks: Analyze how global and regional dynamics impact both business operations and security programs and integrate into current planning.
2. Adopt Cyber Deterrence Tactics: Leverage tools like automated deception and domain takedowns to proactively counter threats, dissuade attackers and limit their ability to operate.
3. Strengthen Third-Party Risk Management: Focus on business continuity and compensating controls to mitigate vulnerabilities in extended ecosystems.
4. Implement GenAI for Cybersecurity: Invest in AI capabilities to address resource constraints and enhance efficiency and precision in threat detection and response.
5. Promote Crypto-Agility: Prepare for evolving cryptographic standards to ensure long-term data security in the face of advancing threats.

The path forward

The convergence of geopolitical risk, third-party vulnerabilities, and technological disruption presents a complex challenge—but also an opportunity. As cybersecurity evolves, SRM leaders that prioritize resilience, deterrence, and collaboration in their organization will be better positioned to navigate this dynamic landscape.

We rate the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The UK government’s recently announced ban on public sector ransomware payments has received mixed reactions from industry.

With the aim of removing the financial incentives that fuel ransomware attacks and making public sector bodies and critical national infrastructure less attractive targets, the policy marks a significant step in the fight against cybercrime.

But the introduction of this new policy has not come without criticism. While supporters acknowledge that ransom payments reward criminals and fund more crime, others warn that it could lead to negative consequences such as promoting a secondary black market or impacting ransomware reporting.

Cybersecurity is a complex web with no straightforward solution. While it’s positive to see new ideas being explored, industry experts and policy makers must act with caution and consider all possible consequences before implementing measures to address security risks.

Loopholes in the ban

The legislation seeks to prohibit payments from public sector bodies, but organizations may seek out ways around the restrictions to enable the recovery of their services, minimize financial impact of an attack, or even ensure that their customers data is not leaked to the world.

One potential loophole is the use of overseas bank accounts or third-party intermediaries to facilitate payments without direct involvement. If I were a firm with offices in the UK and Germany, what’s to stop me using my German entity to pay? Or using a third party that I pay back for ‘security services rendered’? Loopholes will be found that businesses can exploit, meaning the ransomware ban will lose its effectiveness and essentially create an uneven playing field for organizations.

The dilemma of payment

Ransomware already provides an ethical dilemma for CISOs. None want to pay, recognising it for promoting the continuing cycle of cyber attacks, however many are hesitant to sign a blanket non-payment policy, fearing that in extreme circumstances, they may need to break it to ensure the survival of their organization.

This ban will amplify that dilemma for Chief Information Security Officers (CISOs) and business leaders.

For organizations facing ransomware attacks, the reality is grim: pay the ransom and recover access to critical systems or refuse and risk prolonged service outages and uncontrolled data spills.

Will the government step in to support businesses that suffer from prolonged disruptions? How about if they face a stark choice between payment and business survival? And what if an organization is responsible for providing life-saving or critical public services, does the government bear some responsibility in ensuring operational continuity?

These are critical questions that remain unanswered.

CISOs may be hesitant to sign a blanket non-payment policy, fearing that in extreme circumstances, they may need to break it to protect their organization. A rigid stance against payment may be ideal in theory, but in practice, businesses need flexibility to respond to complex and evolving cyber threats.

Impact on intelligence gathering

Another significant concern is the impact on information sharing. If businesses are legally stopped from making ransomware payments, they may choose to mislabel such attacks or avoid reporting ransomware incidents altogether to avoid scrutiny or potential penalties. This would enable them to have more flexibility in their response.

This could have severe consequences for cybersecurity intelligence. Reduced reporting means a lack of visibility into attack patterns, techniques, and emerging threats – this could inadvertently benefit cybercriminals in the long run.

Bypassing the ban does not come without risk, however. Secretly paying a ransom could drive the emergence of a secondary blackmail market, where attackers threaten to expose victims who choose to pay in secret.

Organizations may find themselves not only negotiating with cybercriminals for data access but also facing extortion threats over the payment itself. This added layer of complexity could lead firms into worse financial situations, all in their attempts to restore their service in the most effective manner.

A roadmap forward

A rigid stance against payment may be ideal in theory, but in practice, businesses will demand flexibility to respond to complex and evolving cyber threats as they see fit – enabling them to manage the complex risks and issue that follow a cyber attack – such as service restoration and data privacy.

It’s evident that we should strongly dissuade firms from paying ransomware demands, however a need for flexibility is what businesses really need. As such, perhaps the government could embrace a model that permits a controlled path for payment in exceptional circumstances.

Firstly, mandatory reporting of ransomware attacks to a suitable authority should be enforced, regardless of whether a payment is made. This would ensure comprehensive tracking and analysis of ransomware incidents, contributing to a more robust understanding of the threat landscape.

If a firm wished to pay a ransom, this could be permitted but only with the express approval of UK government or National Cyber Security Centre (NCSC). This would keep track of the payments and provide oversight on regular victims who would benefit from resilience improvements.

Businesses should also be required to provide staff with proper training and education around cyber-attacks, ensuring they are ready to react appropriately if an attack occurs.

A measured response is needed

While the government's ban on ransomware payments aims to reduce the financial incentives behind cyberattacks, it also presents several critical issues. Payment dilemmas and impacts on intelligence gathering, for example, must be addressed.

A collaborative effort between businesses and the government, with mandatory reporting, flexible payment options and required training, is needed. By providing the necessary tools, support and a clear protocol for reporting and response, organizations can better navigate the complexities of ransomware attacks.

We've rated the best antivirus software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

I’ve come around on Nothing. Since its first device in 2022, the smartphone startup has provided an interesting but limited range of phones, mimicking the Google Pixel catalog in its small but mighty lineup. Nothing’s handsets are led by a strong commitment to aesthetics, both inside and out – and for a long time I thought it was extra and a bit cringe. That’s all changed with the brand’s latest release. I’ve come to love the Nothing Phone (3a) Pro – and consider it a proper Pixel A rival.

Let me set the scene for why the (3a) Pro impresses me so much. For the past four years, Google has dominated the affordable-premium segment of the phone market. The company’s Pixel A range of devices, released typically around five to six months after its Pixel flagships, have long been considered so good that they've been worth placing alongside the top end Pixel Pro device. In 2024, with the Pixel 8a, the phone entered the premium segment after a price rise in some territories, though in others it’s still considered a mid-ranger.

This price increase diminished the Pixel A series’ value, and helped the Samsung Galaxy A55 (and this year's Galaxy A56) take the crown for best mid-ranger. Today in the affordable-premium segment, where handsets like the iPhone 16e and Samsung Galaxy S24 FE reside, the Google Pixel 9a is one of the less expensive picks – though it’s now seeing serious competition from smaller phone makers, with Nothing a great example.

Compared to the Google Pixel 9a, Nothing has two aces up its sleeve. The first is its focus on customization, and even though its phones lean more on blacks, whites and dot-based designs in widgets and menus, you’re able to unleash a fair amount of creativity when it comes to the lock and home screens.

(Image credit: Zachariah Kelly / TechRadar)

Nothing’s cooked up the first phone to successfully pull me away from the Google Pixel A – and for the exact same reasons that I loved Google’s affordable-premium phones to begin with. Both manufacturers provide a comfortable off-ramp for Apple users looking to try something familiar (but ultimately not an iPhone) without an eye-watering price tag. Nothing’s real edge is its unique aesthetic and, despite offering lower performance than other affordable-premium phones when put through raw benchmarks, adequate day-to-day power that never left me wanting.

The Nothing Phone (3a) Pro feels like a pleasantly deviated interpretation of the ‘Apple but on an Android’ aspiration. The operating system is sleek, with a monotone-focused aesthetic that’s both recognizable and pleasant, while cutting down on bloatware.

On top of this, Nothing has an ace up its sleeve – the (3a) Pro isn’t your only option, and if you don’t mind trimming down on some camera capabilities and processing power, the standard 3a is also a worthwhile pick. We’ve previously compared the Nothing Phone (3a) Pro to the standard Phone (3a), and found them far more similar than different.

The Google Pixel 9a remains a great phone and I’ve enjoyed using it so far (and I’ll be writing an article on my experiences soon), but I’m left just so impressed with what Nothing has done here.

(Image credit: Zachariah Kelly / TechRadar) Beating Google at its own game

Customization has been a bit of a focus for phone companies as of late. Samsung and Apple both introduced sweeping aesthetic overhauls with their recent operating system versions, which I reflected on in my iPhone 16e and Samsung Galaxy S25 Ultra articles, and there’s more to it than just throwing on a fresh coat of paint – it’s about empowering the user to put their own spin on their device. Google understood this well when it introduced Material You back in 2021 as part of the Android 12 platform, and for this focus the Pixel range became the aesthetic heartthrob of the industry.

Nothing has obviously built upon Material You as it offers Android phones, but it’s done so with an uncompromising aesthetic. Apple and Google offer fairly neutral colours that could be appreciated by a wide audience, but Nothing wants you to commit to the monotone bit. You don’t have to – you can color the OS anyway you want – but this phone looks so damn gorgeous when you’re sticking to the blacks and whites.

(Image credit: Zachariah Kelly / TechRadar)

The startup also offers some decent levels of customization that put it well ahead of many contemporaries, including a focus on icon packs (or Material You coloring), lock screen editing (with tons of room for widgets) and even the ability to toggle Google’s search bar on or off.

Nothing’s widgets are the most impressive part of this; they’re broadly interactive and there are many shipped with the base OS, including a compass, a step tracker and a ‘News Reporter’ that uses a choppy, AI-generated voice of Nothing’s CFO Tim Holbrow to read the latest news stories to you. (I personally think this is a crass implementation of AI that degrades the value of narrators and reporters alike, but maybe that’s just me.) My personal favorite is the in-built media player widget, which feels leaps ahead of any similar widget offered on a Samsung or Google device.

Moreover, similar to Google’s own handsets, there’s a pleasant lack of bloatware, with only Google apps and a small slew of Nothing’s own apps preinstalled.

Adding to this, Nothing’s assuming you’ll start to treat your phone a little differently than usual: there’s an extra button on the side of the phone that’s used for taking voice memos.

Hold the button and you’ll start recording – good for putting down reminders on the fly, which you can then access by double pressing the button, which launches the dedicated Essential Space app. To make navigation to your reminder easier, a screenshot is taken at the moment you begin recording, which is then used as the icon for your memo.

(Image credit: Zachariah Kelly / TechRadar)

It’s a handy feature that I love the idea of, but I’d honestly prefer the ability to change that button to trigger another app – similar to the Action Button found on newer iPhones. Technically you can do this with a third party app like Key Remapper, but it’s such an obvious feature that it’s perplexing it’s not officially supported.

Nevertheless, it’s here, and whether or not you use it is down to your personal preferences.

Hardware where it matters (and some where it doesn’t)

The Nothing (3a) Pro has a great hardware offering that puts it in decent competition with other phones in its segment. Though its screen is lower resolution than many rivals, and it scores lower on benchmark tests, its display is noticeably bigger than most rivals and it has a brilliant camera array that I’ve come to love.

Originally I went into this article expecting the Phone (3a) Pro to blow the Pixel 9a out of the water in terms of processing power, but no, the Pixel 9a remains competitively robust at the lower-end of the affordable-premium price range. Google’s been improving its Tensor chip year-on-year, though it’s still a long way before it stands shoulder to shoulder with Samsung and Apple.

The Phone (3a) Pro really isn’t a phone for any intensive use – such as gaming, as indicated by the GPU-intensive 3D Mark test results. Despite this, Nothing has made meaningful strides in physical areas. The large screen speaks for itself – I barely notice the resolution difference, but I sure appreciate having more screen space. The UI is, as already discussed, very flexible, and despite lower benchmark scores and less impressive specs, this never translated to hangups in day-to-day use or unimpressive battery life.

I also appreciate the photos the Nothing Phone (3a) Pro is able to capture. Close-up shots lack much of the macro detail that Google has gotten extremely good at snapping, but apart from that, these photos look brilliant, though with a bit more color injected into them than with a Pixel phone.

Image 1 of 6

(Image credit: Zachariah Kelly / TechRadar)Image 2 of 6

(Image credit: Zachariah kelly / TechRadar)Image 3 of 6

(Image credit: Zachariah Kelly / TechRadar)Image 4 of 6

(Image credit: Zachariah Kelly / TechRadar)Image 5 of 6

(Image credit: Zachariah Kelly / TechRadar)Image 6 of 6

(Image credit: Zachariah Kelly / TechRadar)

Here are some comparison photos from the Google Pixel 9a:

Image 1 of 6

(Image credit: Zachariah Kelly / TechRadar)Image 2 of 6

(Image credit: Zachariah Kelly / TechRadar)Image 3 of 6

(Image credit: Zachariah Kelly / TechRadar)Image 4 of 6

(Image credit: Zachariah Kelly / TechRadar)Image 5 of 6

(Image credit: Zachariah Kelly / TechRadar)Image 6 of 6

(Image credit: Zachariah Kelly / TechRadar)

I’m very impressed that Nothing has offered such a powerful array of cameras at this price point. This is normally Google’s bread and butter and while the Pixel range continues to lead on close-up detail, it’s cool to see Nothing pull off some great results.

It’s not all rosey, though. Those impressive cameras are in large part thanks to a gigantic camera housing, which protrudes far and wide out of the back of the phone. I recommend purchasing a case to help minimize the bulge.

Additionally, and how could I forget, the Phone (3a) Pro comes with Nothing’s signature Glyph system – a set of lights across the back that flash to note a text coming through, an alarm going off, or flash when music plays. It’s a cool but limited feature, and although it’s one of Nothing’s drawcards (and the lights can be useful when holding the phone up to dimly lit spaces, like when I’m looking at the insides of my computer), I just can’t get too excited about it. I honestly find it a little pointless. Sorry!

So should I buy the Nothing Phone (3a) Pro?

(Image credit: Zachariah Kelly / TechRadar)

Nothing’s cooking here – the Phone (3a) Pro is now my preferred affordable-premium smartphone, a category I denote as a cut below flagship handsets and sporting the same name with an affordability indicator (e, a, FE, etc). I recommend it to anybody considering the Pixel 9a, the iPhone 16e or the Samsung Galaxy S24 FE.

That being said, these are all really good phones and each device has advantages in areas where others are lacking. I personally think that the unique styling of the Nothing (3a) Pro should be enough to draw you in, but it lacks the comfortable neutrality of Apple’s iOS or Google’s own version of Android.

It’s certainly worth considering if you want to detox from the big three, and if you can nab it on sale, it’s all the better. (I’ve already spotted it on sale in Australia but I can’t speak for other markets).

You might also like...

• Nothing Phone (3a) vs Nothing Phone (3a) Pro: more similar than different
• Google Pixel 9a: five of the biggest upgrades
• Best cheap phones in Australia 2025: the top budget handsets you can buy

• A massive DDoS attack was recently detected during a major NHL event
• Attack grew from 67Gbps to nearly 1Tbps in twenty minutes
• Multivector strike used UDP, SYN, IP, and TCP flood techniques

Cybersecurity firm Qrator Labs has claimed it successfully mitigated the largest DDoS attack so far recorded in 2025.

The April 3 attack targeted an unnamed online betting organization, lasting around 90 minutes, starting at 11:15 with a surge of 67Gbps, before escalating sharply to 217Gbps by 11:23, and peaked just short of 1Tbps at 965Gbps by 11:36.

Activity then slowly decreased to 549Gbps by 12:41, with the attack ending shortly afterwards. The DDoS attack was multivector in nature, featuring a peak of 965Gbps in UDP flood, 229Gbps in SYN flood, 214Gbps in IP flood, and 169Gbps in TCP flood.

Sporting events are major targets

Qrator notes that the attack happened on the same day that NHL star Alexander Ovechkin scored his 892nd goal, tying Wayne Gretzky's long-standing record. Ovechkin’s achievement was likely the trigger for the attack as the online betting sector is especially vulnerable during major sporting events.

A similar attack pattern was spotted during the 2024 UEFA European Football Championship, held in Germany, where spikes in DDoS activity also targeted online betting sites.

“This new incident is a clear reminder that major industry-specific events can be exploited by malicious actors. Companies that work with them, such as online betting platforms, must prepare in advance to defend their digital infrastructure when attention is at its peak,” said Andrey Leskin, Chief Technology Officer at Qrator Labs.

With major sporting moments drawing massive audiences online, betting platforms continue to be a prime target for coordinated attacks such as this one.

Other noteworthy sporting events set to take place this year, which could prove to be a target for similar DDoS strikes, include the FIFA Club World Cup in the United States and the World Athletics Championships in Tokyo.

You might also like

• This is the best DDoS protection available right now
• DDoS attacks are becoming a critical tool in geopolitical battles
• The largest ever DDoS attack has just been blocked - here's how it was done

• Google says UWB for Find My Device is coming soon
• There's been a 4x speed increase since last year
• Testing by The Verge shows some problems with coverage

Google gave the Android Find My Device network a significant upgrade last year, with improved support for third-party trackers and offline location access, and it sounds like another important update is almost here.

Speaking to The Verge, Android product manager Angela Hsiao said that support for ultra wide-band (UWB) technology would be coming "very soon" to Find My Device, which essentially enables a much more precise form of tracking.

If you're using a UWB-enabled device to locate another UWB-enabled device – so searching for an AirTag with an iPhone, in the Apple ecosystem – you get guided almost exactly to the right spot. You'll know the lost gadget is behind the sofa, not just somewhere inside your house, for example.

Earlier this month, signs hidden in the code for Find My Device suggested that UWB might soon be supported, and it seems that a launch is now imminent. We know Google I/O 2025 gets underway on May 20, and we may hear more about UWB then.

The need for speed

Google hasn't yet launched its own AirTag equivalent (Image credit: Future)

The Verge also ran some pretty comprehensive tests of the current state of the Find My Device network. Google's tech seems to perform as well as the Apple equivalent now, but only in busy areas with a lot of activity (and passing gadgets to locate lost items).

In more remote areas, the coverage and tracking time seems less than optimal, though it varies depending on the tracker used and the specific scenario. Bear in mind that Google doesn't yet have its own-brand version of the Apple AirTags, though the rumors are that some might be in the works.

Based on Google's internal testing, Hsiao says, the network is able to locate items around four times faster than it could when the major 2024 upgrade was rolled out – so it's getting better, even if it's not quite caught up to Apple yet.

For UWB to work, you also need a phone with the technology when you're looking for something, but a lot of the best Android phones now come with the technology on board (including the Samsung Galaxy S25 Ultra and the Google Pixel 9 Pro).

You might also like

• Android's Find My Device can now let you track your friends
• This Find My exploit lets hackers track any Bluetooth device
• AirTag 2 upgrade could bring significant improvements

• Managers say AI boosts output, but they are still worried it could spark unrest among anxious workers
• More bosses think humans are irreplaceable, but AI might still change their pay
• Fear of AI hasn’t faded, even as daily use of the tech slightly declines

AI has shifted from a novelty to a mainstay in many workplaces, but its rise continues to stir concern among employees, new research has claimed.

A survey of 3,000 managers by Beautiful.ai revealed while managers generally see AI tools as a useful asset, most workers remain uneasy about their implications.

According to the survey, nearly two-thirds (64%) of managers believe their employees fear AI will make them less valuable, and 58% say staff are worried these tools could eventually cost them their jobs.

Human jobs appear secure, but only to an extent

Despite these concerns, workers may take some comfort in knowing that managers are becoming more cautious about replacing people with machines. Compared to last year, 15% more managers (now at 54%) oppose the idea of using AI to replace workers.

Only 23% believe that replacing workers with AI would benefit their company, while 63% feel their teams wouldn't function properly without human roles.

However, the tension around AI goes beyond potential job loss. Managers cited “fear of the unknown” and employee resistance as key challenges when introducing AI tools.

There is still cause for concern, as AI continues to evolve. 71% of managers said AI performs on par with, or better than, a novice manager. Even so, most believe AI excels at tedious or repetitive tasks but still falls short when it comes to high-level decision-making.

Managers primarily use AI to boost productivity and improve efficiency. For example, many of the best HR software and recruitment platforms now integrate AI features to help streamline hiring and internal processes, without fully replacing human judgment.

That said, salary remains a sensitive issue. While fears of AI-driven pay cuts have eased slightly, 41% of managers still see AI as a threat to wages. Increased efficiency could mean fewer roles or broader responsibilities for individuals, potentially lowering pay for others. In some cases, AI-assisted tasks may also be valued less.

While most human roles appear safe for now, the nature of work may change as AI becomes more embedded in daily operations.

You may also like

• These are the best AI website builders around
• UK businesses say that fear of missing out is driving AI adoption
• How can AI help deliver on the circular economy?

Finding a good outdoor projector for summer parties can be challenging. Bright sunlight can really hamper picture quality when viewing outdoors during the day, and while some projectors can handle the outdoors in the evening, the picture can still look a little washed out as it’s never truly pitch black outside.

What can help with this? Super-high brightness, of course. So, when Anker announced its new 3,500 ANSI lumens Nebula X1 portable 4K projector, which it touts as an ‘outdoor projector’, it caught my interest. Not only because Anker has produced some of the best portable projectors, but because its predecessor, the Anker Nebula Mars 3, is a solid outdoor projector, though comparatively dim with its 1,000 lumens rated brightness.

Another thing that caught my attention was the Nebula X1’s bespoke, wireless speakers (part of its optional accessory kit), which promise a more immersive audio experience than what we’re used to getting from the best projectors. With summer approaching here in the UK, I was glad to get a chance to see the Nebula X1 in person.

A bold, bright image

The Anker Nebula X1 displayed a bright image throughout my demo. (Image credit: Future)

I caught a demo of the Nebula X1 in a screening room in London’s Soho Hotel. While the demo itself was short, it was clear that the projector’s 3,500 ANSI lumens made a difference in the demo video, primarily showing forests, natural landscapes and animals.

The greens of the trees and forest looked punchy and vivid, and the contrast was surprisingly powerful, giving the trees greater perceived depth. The balance of light and dark between a leopard’s yellow fur and black spots created the same sense of depth. The picture was crisp with the right level of sharpness, making textures look mostly natural.

Although we didn’t get to see the Nebula X1 outside or with Dolby Vision HDR content (which the Nebula X1 supports), it was still clear that the projector would do a decent job in brighter viewing conditions.

Wireless speakers add more

Despite their small size, the Nebula X1's wireless speakers sounded clear and immersive. (Image credit: Future)

While the Nebula X1 can be used with the best soundbars, the company developed wireless speakers to pair with it. The speakers, each of which contains a 40W amp plus up and side-firing drivers powered by 2 x 20W, create a 4.1.2-channel surround sound system with the X1 itself serving as a subwoofer. This was demoed at the event with a Dolby Atmos video.

The sound was immediately surprising. I was sitting a few rows up and back from the projector and speakers, and even then, surround effects such as a chirping bird in a jungle and heavy rainfall seemed to come from behind and above me. There was a solid sense of bass in the soundtrack’s rumbling thunder as well. Finally, the system sounded clear regardless of what was played through it, adding another layer to the Nebula X1 experience.

The speakers themselves are small and extremely portable, which made the sound they produced during the demo all the more surprising. These could be a game-changer for those looking to up the quality level of their outdoor movie nights.

The party projector to beat, but at a cost

The Anker Nebula X1 comes with microphones aimed at karaoke. (Image credit: Future)

A pair of wireless microphones is included in the X1’s accessory bundle, one of which was used to give the presentation I attended. Their real purpose, however, is for karaoke, adding to the projector’s summer party vibe.

Of course, the X1 is not just all about outdoors and summer parties (which come later in the year for our Australian readers). From what I briefly saw and from what I’ve come to expect from Anker’s projectors, it will still make a great addition to a home theater setup.

(Image credit: Future)

Cost is something to consider here, however. The Nebula X1 is by no means cheap for a portable projector, launching at $2,999 / £2,199 (roughly AU$4,695) for the projector itself and $999 / £499 (roughly AU$1,564) for the accessory bundle, meaning you’ll be paying $3,998 / £2,698 (roughly AU$6,260) in total for the full package. (There is a package offer for $3,298 in the US until June 20th, one month after the X1’s May 20th launch date.)

That makes the X1 a pricey ‘portable’ projector, one that’s in line with the Hisense PX3 Pro ultra-short-throw (UST) projector, and even a top-end OLED TV in a 65-inch screen size. But the X1’s optional speakers, and features such as Dolby Vision HDR support, almost put it in its own category.

While we haven’t fully reviewed the X1, based on my first impressions, it could be an excellent all-around projector for outdoor parties and indoor movie nights. We’ll have to see how it fares when we get one in and put it through our usual tests.

You might also like

• Best 4K projectors - 4K projectors we've rated highly
• I tested the Dangbei Atom, and it's a bright, smart portable projector that's overshadowed by LG and Samsung
• This cheap new outdoor projector screen looks like a smart companion for portable projectors – get 70 inches of entertainment anywhere

Looking for a different day?

A new Quordle puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Sunday's puzzle instead then click here: Quordle hints and answers for Sunday, April 27 (game #1189).

Quordle was one of the original Wordle alternatives and is still going strong now more than 1,100 games later. It offers a genuine challenge, though, so read on if you need some Quordle hints today – or scroll down further for the answers.

Enjoy playing word games? You can also check out my NYT Connections today and NYT Strands today pages for hints and answers for those puzzles, while Marc's Wordle today column covers the original viral word game.

SPOILER WARNING: Information about Quordle today is below, so don't read on if you don't want to know the answers.

Quordle today (game #1190) - hint #1 - Vowels How many different vowels are in Quordle today?

• The number of different vowels in Quordle today is 4*.

* Note that by vowel we mean the five standard vowels (A, E, I, O, U), not Y (which is sometimes counted as a vowel too).

Quordle today (game #1190) - hint #2 - repeated letters Do any of today's Quordle answers contain repeated letters?

• The number of Quordle answers containing a repeated letter today is 1.

Quordle today (game #1190) - hint #3 - uncommon letters Do the letters Q, Z, X or J appear in Quordle today?

• Yes. One of Q, Z, X or J appears among today's Quordle answers.

Quordle today (game #1190) - hint #4 - starting letters (1) Do any of today's Quordle puzzles start with the same letter?

• The number of today's Quordle answers starting with the same letter is 0.

If you just want to know the answers at this stage, simply scroll down. If you're not ready yet then here's one more clue to make things a lot easier:

Quordle today (game #1190) - hint #5 - starting letters (2) What letters do today's Quordle answers start with?

• J

• A

• F

• B

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

Quordle today (game #1190) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle, game #1190, are…

• JAUNT
• ALLOW
• FRUIT
• BURNT

I gambled that today’s first word began with a rare appearance by the letter J for JAUNT rather than a common or garden letter T for TAUNT. From here, R-U letter combinations speeded me up, leading to FRUIT and BURNT.

The final word came to me by sounding out the letters I had (A-L-O) – resulting in ALLOW. No errors after my start words, but far from easy.

How did you do today? Let me know in the comments below.

Daily Sequence today (game #1190) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle Daily Sequence, game #1190, are…

• MOURN
• WHINY
• PUPAL
• TAMER

Quordle answers: The past 20

• Quordle #1189, Sunday, 27 April: PRIOR, YOUTH, CREDO, CHIDE
• Quordle #1188, Saturday, 26 April: LINGO, LOCUS, THROW, CLICK
• Quordle #1187, Friday, 25 April: SHALT, WRATH, MAMBO, HUMPH
• Quordle #1186, Thursday, 24 April: CHOKE, COLOR, FRAME, CAIRN
• Quordle #1185, Wednesday, 23 April: VALET, PUPAL, CREEP, DRIFT
• Quordle #1184, Tuesday, 22 April: POUTY, CHEST, BROOM, TEPEE
• Quordle #1183, Monday, 21 April: SHARD, PRINT, SUMAC, LEACH
• Quordle #1182, Sunday, 20 April: DINER, HORDE, SHONE, FUGUE
• Quordle #1181, Saturday, 19 April: GRADE, LAUGH, RAINY, EXULT
• Quordle #1180, Friday, 18 April: DEBUT, GLADE, BASTE, PESTO
• Quordle #1179, Thursday, 17 April: SPRAY, RAMEN, SHELF, COURT
• Quordle #1178, Wednesday 16 April: STUMP, GRAFT, CHORD, INPUT
• Quordle #1177, Tuesday 15 April: SLEET, MERIT, HARSH, FORAY
• Quordle #1176, Monday 14 April: DRAWL, CROOK, ACTOR, LANCE
• Quordle #1175, Sunday 13 April: SHALE, KINKY, SHORN, WHOOP
• Quordle #1174, Saturday 12 April: BLIND, OVOID, CACHE, THING
• Quordle #1173, Friday 11 April: FOLLY, PITHY, SCOWL, CURLY
• Quordle #1172, Thursday 10 April: LEAST, SEWER, UNTIE, NOOSE
• Quordle #1171, Wednesday 9 April: LITHE, LEFTY, KNOLL, MULCH
• Quordle #1170, Tuesday 8 April: WIDTH, VISOR, MEDAL, BROOK