TechRadar News

• New phishing campaign found targeting Google Classroom users
• CheckPoint has detected and blocked the sites
• Hackers often use legitimate services to disguise their attacks

New research by Check Point has revealed a large-scale social engineering campaign which sees hackers using Google Classroom to victimize students and educators across the world.

A range of industries and companies were targeted in five coordinated waves of attack containing over 115,000 phishing emails aimed at 13,500 organizations, with fake invitations sent promoting ‘commercial offers’ such as SEO services or product pitches.

The attack often goes undetected by security software because it piggybacks on Google Classroom’s legitimate infrastructure, bypassing traditional defenses, the experts warned.

Phishing protections

To protect against attacks such as these, CheckPoint reaffirms the need for robust training for employees and members of your organization - and warns users to be very cautious of unexpected invitations or communications.

“This incident underscores the importance of multi-layered defenses,” CheckPoint’s statement confirms. “Attackers are increasingly weaponizing legitimate cloud services—making traditional email gateways insufficient to stop evolving phishing tactics."

The research also recommends using AI-powered detection to analyze content, to extend social engineering protections beyond just messaging and SaaS services, and to continuously monitor cloud applications.

Criminals often utilize legitimate platforms and services to distribute social engineering attacks or malware because it can help to evade detections. Earlier in 2025, hackers were observed bypassing security tools by mimicking legitimate login pages and stealing Microsoft credentials.

Microsoft’s Active Directory Federation Services (ADFS) connects an organization’s internal systems to Microsoft services. In this campaign, malvertising was used to distribute the phishing attack - and since the attack didn’t rely on email, traditional email security filters weren’t effective.

Although social engineering attacks can be potent and convincing, they do primarily rely on human error to be effective - which means that being wary and ensuring all members of your organization are sufficiently trained and tested in spotting attacks is the most effective defense.

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for best antivirus software
• Google warns Salesloft attack may have compromised Workspace accounts and Salesforce instances

• The iPhone 17 could go eSIM-only in more countries
• Changes are tipped for the Apple Clear Case accessory
• The launch is scheduled for Tuesday, September 9

Apple is almost certainly going to make the iPhone 17 official on Tuesday, September 9, but as we count down the days to the big launch event, the leaks are continuing – including fresh rumors around eSIMs and the official Apple Clear Case.

Current iPhone models are eSIM-only in the US, and according to a source speaking to MacRumors, retail employees at Apple Authorized Resellers in the EU are now being told to prepare to handle iPhones without physical SIM cards as well.

We've been hearing for months that the new, super-slim iPhone 17 Air model would only have support for eSIMs and not the physical cards, but it seems that's now going to be extended to other iPhones in more countries.

With eSIMs offering better security and more convenience, the move isn't really much of a surprise. Google has now gone eSIM-only for the first time with the new Google Pixel 10 series, though for now this only applies to phones sold in the US.

New iPhones, new cases

You’ve probably already seen the new iPhone 17 clear case, but here’s another look at it. Would you prefer an all-clear version? pic.twitter.com/jsCPankDkxSeptember 1, 2025

The other iPhone 17 leak doing the rounds today concerns the iPhone 17 Pro Clear Case with MagSafe – one of the official cases Apple is expected to launch for the new handset (and which it already offers for the iPhone 16 Pro).

As per images posted by tipsters @MajinBuOfficial and @SonnyDickson, there will be some tweaks to the design. Less of the case will be transparent, with a panel covering most of the back of the phone and hiding the MagSafe connectors.

We can also see there's a bigger cut-out for the cameras at the top, backing up the leaked renders we've seen of the redesign of this phone. The Apple logo also gets shifted down so it's in the center of the space below the cameras.

It also looks as though the case will support the new Crossbody Strap accessory that's been rumored, which lets you carry your iPhone with a magnetic lanyard. In a little over a week, we'll know for sure what Apple has been working on.

You might also like

• 4 ways the iPhone 17 can improve on the iPhone 16
• There could be a new 3-year plan for the iPhone
• What do you want to see from the iPhone 17?

• Volvo’s XC70 has been designed for China for now, but will hit other markets
• A 1.5-litre engine can be mated to 21.2kWh or 36.9kWh battery packs
• DC fast charging capability will come as standard

Volvo has revealed plans to launch a new XC70 model in China, which will neatly slot between its XC60 and XC90 SUVs, but will be offered in a plug-in hybrid electric vehicle (PHEV) version that’s capable of traveling 124-miles on battery power alone.

While the Swedish company already offers an enticing line up of hybrids in Europe and the US, the company has traditionally opted for smaller and lighter battery packs that offer around 50-miles of range.

Details of the upcoming XC70 suggest that it can be optioned with either 21.2kWh or 36.9kWh battery packs, which is larger than some pure EV city cars, such as the Fiat 500e and the BYD Seagull.

China’s CLTC range test is generally more generous when it comes to efficiency, so you can likely take the 124 miles of range with a pinch of salt in the real world (100-110 miles is more likely), but it is backed up by a 1.5-liter four-cylinder engine should the batteries run dry.

What’s more, Volvo claims the upcoming vehicle is capable of DC fast-charging, so battery packs can be brimmed to around 80 per cent in 28-minutes from the appropriate outlets, while bi-directional charging is also said to feature.

According to Auto Express, the vehicle is destined for China, where long range plug-in hybrids are all the rage, but the Swedish marque hasn’t ruled out bringing it to other markets “at a later date”.

Bridging the gap

(Image credit: Volvo)

Long-range plug-in hybrids, like the Volvo XC70, make a lot of sense — particularly for those with a charging outlet at home. Keeping the battery packs brimmed means the average daily mileage, which is as low as 19 miles per day in the UK, can easily be covered without troubling the engine.

Even much longer commutes can happily be dispatched in EV mode using Volvo’s larger battery packs, meaning only the longest journeys need to resort to fossil fuels.

Currently, public EV charging is expensive in the UK and much of Europe, which has been a key argument for many to not make the switch to EV. If charging is as expensive as filling up with fuel, then what’s the point?

With Volvo’s technology, owners could avoid the eye-watering charging fees found at highway service stations by instead opting to rely on the internal combustion engine. Once at a destination, it then makes sense to seek out cheaper, lower-power charging outlets to refill the battery packs.

Offering this sort of flexibility could be a huge draw for those currently sitting on the pure electric vehicle fence and, so long as it is plugged in and used predominantly as an EV, will reduce local emissions and could save owners money at the pumps.

you might also like

• Leaving Tesla? The Volvo EX30 might just be your ticket
• Volvo’s cars will be the first to get Google Gemini’s ‘conversational’ AI – and I think the in-car tech has massive potential
• Everyone is writing off the new wave of high-performance Chinese EVs – here's why that's a big mistake

For business leaders right now, two small words seem almost impossible to avoid: AI agents. Built on the ‘brain’ of an AI model, and armed with a specific purpose and access to tools, agents are autonomous decision-makers that are being increasingly integrated into live business processes.

Unlike normal AI tools, which rely on user prompts, agent-based – agentic – AI can execute tasks iteratively, making decisions that carry real business consequences, and real governance risk. In short, agents aren’t tools, they’re teammates. As well as sitting in an organization’s tech stack, they sit on its org chart.

Marc Benioff, cofounder, chairman and CEO of Salesforce, the $260 billion valued software giant, says that today’s CEOs will be the last to manage all-human workforces. (Asked if an agent could replace him some day, Benioff responded, half-joking, “I hope so.”) The sooner businesses recognize this shift, the faster they can move to securing and governing AI for accelerated innovation.

Just as human workers come under the umbrella of human resources (HR), it’s useful to think of agents as non-human resources (NHRs). Just like humans, there are costs to employing NHRs – including computing, architecture and security costs – and they need induction, training and appropriate limitations on what they can do, and how.

This is especially true as these NHRs move up the value chain to perform high-skill tasks that once belonged to mid-senior level talent. For example, autonomous agents are actively managing supplier negotiations, handling payment terms, and even adjusting prices based on commodity and market shifts – functions typically handled by teams of trained analysts.

Businesses can’t secure what they don't understand

Introducing NHRs at the enterprise level is requiring an entire rethink of governance and security. That’s because existing cybersecurity focuses on managing human risk, internally and externally; it’s not built for the realities of always-on, self-directed agents that understand, think, and act at machine speed.

Like the best employees, the most effective agents will have access to enterprise data and applications, from staffing information and sensitive financial data to proprietary product secrets. That access opens the organization up the risk of attacks from outside, as well as misuse from within.

In 2024, the global average cost of a data breach was $4.9 million, a 10% jump on the previous year and the highest total ever – and that was before the introduction of agents. In the AI era, bad actors have new weapons at their disposal, from prompt injection attacks to data and model poisoning.

Internally, a misaligned agent can trigger a cascade of failures, from corrupted analytics to regulatory breaches. When failures stem from internally-sanctioned AI, there may be no obvious attacker, just a compliant agent acting on flawed assumptions. In the age of agents, when actions are driven by non-deterministic models, unintentional behavior is the breach – especially if safeguards are inadequate.

Imagine an agent is tasked with keeping a database up to date, and has access and permissions to insert or delete data. It could delete entries relating to Fast Company, for example, by accurately finding and removing the term ‘Fast Company’.

However, it could equally decide to delete all entries that contain the word ‘Fast’ or even entries starting with ‘F’. This crude action would achieve the same goal, but with a range of unintended consequences. With agents, the question of how they complete their task is at least as important as what that task is.

Onboarding agents like employees

As organizations introduce teams of agents – or even become predominantly staffed by agents – that collaborate to rapidly make decisions and take action with a high level of opaqueness, the risk is amplified significantly.

The key to effective agentic adoption is a methodical approach from the start. Simply rebadging existing machine learning or GenAI activity, such as chatbots, as ‘agentic’ – a practice known as ‘agent washing’ – is a recipe for disappointing return on investment

Equally, arbitrarily implementing agents without understanding where they are truly needed is the same as hiring an employee who is unsuited to the intended role: it wastes time, resources, and can create tension and confusion in the workforce. Rather, businesses must identify which use cases are suitable for agentic activity and build appropriate technology and business models.

The security of the AI model underlying the agent should be extensively red-teamed, using simulated attacks to expose weaknesses and design flaws. When the agent has access to tools and data, a key test is its ability to resist agentic attacks that learn what does and doesn’t work, and adapt accordingly.

From there, governance means more than mere supervision; it means encoding organizational values, risk thresholds, escalation paths, and ‘stop’ conditions into agents' operational DNA. Think of it as digital onboarding. But instead of slide decks and HR training, these agents carry embedded culture codes that define how they act, what boundaries they respect, and when to ask for help.

As autonomous agents climb the (virtual) corporate ladder, the real risk isn't adoption – it's complacency. Businesses that treat AI agents as tools rather than dynamic, accountable team members will face escalating failures, eroding trust among customers.

Build cross-functional governance from day one

No smart business would let a fresh grad run a billion-dollar division on day one. Likewise, no AI agent should be allowed to enter mission-critical systems without undergoing structured training, testing, and probation. Enterprises need to map responsibilities, surface hidden dependencies, and clarify which decisions need a human in the loop.

For example, imagine a global operations unit staffed by human analysts, with AI agents autonomously monitoring five markets in real-time, and a machine supervisor optimizing output across all of them. Who manages whom – and who gets credit or blame?

And what of performance? Traditional metrics, such as hours logged or tasks completed, don't capture the productivity of an agent running hundreds of simulations per hour, testing and iterating at scale and creating compounding value.

To help surface and answer these questions, many businesses are hiring Chief AI Officers and forming AI steering committees that have cross-department representation. Teams can collaboratively define guiding principles that not only align with each sector of the business but the company as a whole.

A well-configured agent should know when to act, when to pause, and when to ask for help. That kind of sophistication doesn’t happen by accident, it needs a proactive security and governance approach.

This isn't just a technical evolution; it's a test of leadership. The companies that design for transparency, adaptability, and AI-native governance will define the next era. NHRs aren't coming, they're already here. The only question is whether we'll lead them or be led by them.

We list the best HR outsourcing service and the best PEO service.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The Samsung Galaxy Watch7 is down to just $199 at Best Buy – that's a better deal than the budget FE.

There’s a ticking clock in the world of cybersecurity and it’s counting down to what experts call Q Day — the day when quantum computers will theoretically become powerful enough to break some of today's cryptographic methods, and render many existing encryption methods obsolete.

Or at least that’s the theory. In truth, nobody can predict with absolute accuracy when, or even if, quantum computers will reach the level of sophistication and practicality to manifest this threat. But that doesn’t mean businesses shouldn’t be thinking about it.

While some are hearing the tick of the Q Day clock, others remain unaware. So, what is Q Day, is it a big deal, and what do businesses need to know to prepare?

Do businesses need to be aware of Q Day?

The short answer is yes. The potential threat that quantum computers could pose to current cybersecurity methods cannot be understated. What was once academic theory, akin to technology you’d see in a science fiction novel, is making strides towards reality.

Big companies like IBM and Google, as well as governments and startups, are racing to build more powerful quantum machines. These computers are still in the early stages, but they’ve already grown from handling a few quantum bits (or “qubits”) to managing hundreds, and they’re getting better at solving complex, specific problems.

While quantum computers can’t yet break the encryption software and protocols that protects the internet, experts seem to be reaching a consensus that the day that this could be a reality is about 10-15 years away. This is the so-called Q Day.

Aside from the obvious threat that breaking current encryption poses, businesses also need to be aware that the rise in quantum technology is being taken seriously by governments and regulators alike.

Agencies like the National Institute of Standards and Technology (NIST) have standardized post-quantum cryptographic (PQC) algorithms, while Europe’s ENISA is focused on standardizing the implementation and certification of PQC through schemes such as EUCC, all in preparation for Q Day.

When is Q Day?

Unfortunately, as with all things quantum, answering when Q Day will be is not simple, because no one knows for sure. It’s all dependent on when (and if) the technology reaches a specific level of capability and practicality. And it’s not only about the number of qubits.

However, the speed at which quantum computing is moving forward has prompted agencies like the UK National Cyber Security Centre (NCSC) to put timelines in place.

The NCSC’s timeline for migrating to a quantum safe method of encryption has three phases: discovery and planning by 2028, early migration by 2031, and full migration by 2035.

That gives businesses a maximum of six years to plan and prepare to migrate their critical assets. But again, this timeline is not set in stone — Q Day could come sooner than 2035, later, or it could never come.

It’s difficult because we are talking about technology that hasn’t realized its theoretical potential yet, and no-one has a crystal ball. Quantum computers don’t follow Moore’s Law; they scale non-linearly, and quality matters more than quantity when it comes to qubits.

What do businesses need to do to prepare?

Staying calm should be step number one. Quantum technologies can sometimes be subject to scaremongering, pushing people to make premature or misinformed decisions. And I hate this FUD; it doesn’t lead to the best security outcomes.

Of course the threat is theoretically coming, but it isn’t imminent. Even if quantum computing does eventually break common encryption methods, it’s unlikely that everything will change in the blink of an eye — there will be time to prepare.

However, the time to prepare is now, not when the first quantum-powered breach makes headlines. And that starts with getting your basic digital hygiene sorted.

Organizations should begin by auditing their IT estate with two aims: the first being to identify what IT assets they have, because you can’t update or protect what you don’t know you have. The second is to identify which of those assets are most at risk, especially those dependent on public-key encryption or requiring long-term data confidentiality.

This is great security practice anyway - building a decent asset inventory will bring you gains beyond just post-quantum migration planning.

The next step is to prepare the inventory; decide what needs to be end-of-lifed, and prioritize what you have to migrate. It’s a short sentence to write, but a very long exercise. Good luck. Annex A of this ETSI standard has a very helpful set of questions to help.

If you want to follow the latest standards, here’s a quick update on where we are. NIST has published 3 PQC standards: FIPS 203, 204 and 205, with two more on the way: FIPS 206 in draft and a new fifth algorithm recently announced.

The mathematics is there, but we’re lacking the integration into protocols and widely used technologies. Instead of tracking NIST now, I’d recommend the best group to follow is ETSI’s Quantum Safe Cryptography Working Group focuses on the practical implementation of quantum safe primitives, and the IETF’s PQUIP group, which summarizes all the post-quantum efforts in internet standardization today.

When should businesses prepare for Q Day?

The NCSC timelines are very clear: prepare and plan by 2028, so that you can migrate by 2031. But the uncertainty on when/if Q Day will arrive complicates this slightly.

Prepare too early and you risk adopting immature technologies and standards, potentially increasing vulnerabilities. Wait too long and you may leave critical systems exposed.

The key is finding the timing that’s just right — it’s what I call the Goldilocks Theory and again, it comes down to preparedness: making a good asset inventory, while staying on top of the latest post-quantum standards.

Q Day may be uncertain, but your preparation shouldn’t be. Start planning now — not out of fear, but out of foresight.

We list the best software asset management (SAM) tool.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

AI is having its moment, reshaping how developers work. While the best AI tools enable faster app development and anomaly detection, they also fuel faster, more sophisticated cyberattacks.

The latest headlines are making it clear – no sector is immune. As organizations race to deliver apps at an unprecedented pace, the rise of freely available AI tools with sophisticated capabilities has made it easier than ever for threat actors to effortlessly reverse engineer, analyze, and exploit applications at an alarming scale.

Gartner predicts that by 2028, 90% of enterprise software engineers will utilize AI code assistants to transform software development – placing the promise of lightning speed productivity gains in the hands of every developer and the welcome ability to automate repetitive, tedious tasks.

However, despite massive investments in AI, security continues to be a reluctant effort due to the perception that protection measures have the inverse effect, slowing down software innovation and application performance. The fact is AI has already amplified the threat landscape, especially in the realm of client applications, a primary cyberattack target.

Long considered outside the realm of a CISO’s control, software applications --particularly mobile apps --are a preferred entry point for attackers. Why? Because users tend to be less vigilant and the apps themselves “live” in the wild, outside of the enterprise network. CISO’s can no longer afford to ignore threats to these apps.

It’s an App-Happy World

Consumers have a voracious appetite for apps, and they use them as part of their daily routines; the Apple App Store today has nearly 2 million apps and the Google Play Store has 2.87 million apps. According to recent data, the average consumer uses 10 mobile apps per day and 30 apps per month. Notably, 21% of millennials open an app 50 or more times per day, and nearly 50% of people open an app more than 11 times a day.

As organizations race to deliver apps at an unprecedented pace, the rise of freely available AI tools with sophisticated capabilities have also made it easier than ever for hackers to effortlessly analyze, and reverse-engineer at an alarming scale. In fact, the majority (83%) of applications were attacked in January 2025, and attack rates surged across all industries, according to Digital.ai’s 2025 State of App Sec Threat Report.

Dozens of apps are installed on each of the billions of smartphones in use worldwide. And each app in the wild represents a potential threat vector. Why? Because applications contain working examples of how to penetrate access to back-end systems. The billions of dollars spent every year on security perimeters is rendered useless in the world of mobile applications.

Every application made and released to customers increases a business's threat surface. Developing multiple mobile apps means more risk—and leaving even one app unprotected isn’t an option. AI tools have made it that much easier for even amateur threat actors to analyze reverse engineered code, create malware, and more.

If adversaries have access to the same robust productivity tools, why wouldn’t they use them to get even better and faster at what they do?

New nefarious attacks are having a moment

New research from Cato Networks threat intelligence report, revealed how threat actors can use a large language model jailbreak technique, known as an immersive world attack, to get AI to create infostealer malware for them: a threat intelligence researcher with absolutely no malware coding experience managed to jailbreak multiple large language models and get the AI to create a fully functional, highly dangerous, password infostealer to compromise sensitive information from the Google Chrome web browser.

The end result was malicious code that successfully extracted credentials from the Google Chrome password manager. Companies that create LLMs are trying to put up guardrails, but clearly GenAI can make malware creation that much easier. AI-generated malware, including polymorphic malware, essentially makes signature-based detections nearly obsolete. Enterprises must be prepared to protect against hundreds, if not thousands, of malware variants.

The Dark Side of LLMs for Code Generation

A recent study by Cybersecurity Ventures predicts that by 2025, cybercrime will cost the world $10.5 trillion annually, a massive increase from $3 trillion in 2015, with much of the rise attributed to the use of advanced technologies like LLMs.

Take attribution - many have used an LLM to write “in the voice of”- but attribution is that much more difficult in an AI world, because threat actors can mimic the techniques, comments, tools, and TTPs. False flag events become more prevalent, such as the attack on U.S. service member wives.

LLMs are accelerating the arms race between defenders and threat actors, lowering the barrier to entry, and allowing attacks to be more complex, more insidious, and more adaptive.

Protecting Apps Running in Production

Enterprises can increase their protection by embedding security directly into applications at the build stage: this involves investing in embedded security that is mapped to OWASP controls; such as RASP, advanced Whitebox cryptography, and granular threat intelligence.

IDC research shows that organizations protecting mobile apps often lack a solution to test them efficiently and effectively. Running tests on multiple versions of an app slows the release orchestration process and increases the risk of delivering the wrong version of an app into the wild.

By integrating continuous testing and application security, software teams gain the game-changing ability to fully test protected applications, speeding up and expanding test coverage by eliminating manual tests for protected apps. This helps solve a major problem for software teams when testing and protecting apps at scale.

Modern enterprise application security is not a nice to have-- while CISOs certainly don’t need more work added to their plates, vectors that used to be outside of their control are now creating fissures inside what they do control.

The good news is that there are now robust, baseline protections that balance the need for security with the need for speed of innovation and performance. These features can be added instantly to almost any app in the wild and go right back into the app store.

1. The ability to protect by inserting security into DevOps processes without slowing down developers by adding security after coding and before testing

2. The ability to monitor via threat monitoring and reporting capabilities for apps in production

3. The ability to react by building apps with runtime application self-protection (RASP)

AI is accelerating code production, breeding applications, and reshaping app security – it’s time to stop thinking like a white knight and think like a hacker.

We list the best online cybersecurity courses.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

In today’s work-anywhere culture, people are more connected than ever. As work becomes more mobile and meetings more virtual, one form of cyber threat is quietly becoming more common: audio surveillance.

Cybersecurity now extends far beyond protecting email accounts and stored files. In a hybrid working environment, where conversations happen over video conferencing, voice messages and shared screens, it’s not only your data that is at risk. The conversation itself can become a target.

And here is the reality, according to Forbes, an overwhelming 95% of all cybersecurity breaches are caused by human error. This includes everything from sharing sensitive information without proper safeguards to joining calls over unsecured networks.

It doesn’t always take a sophisticated hack to cause real damage. Sometimes, the risk comes from the tools we trust, the places we connect from or the assumptions we make about who’s listening.

The illusion of safety

Imagine opening your laptop at a coffee shop, putting on your headset and jumping into a client meeting. The connection seems strong, the audio is crystal clear and everything feels just right. But what if someone else is eavesdropping?

In hybrid work, we often step outside the secure walls of the office and into environments we can’t control. That flexibility is a defining feature of modern productivity, but it also opens the doors to silent risks. An unsecured café Wi-Fi network, for instance, can make it remarkably easy for malicious actors to intercept audio streams or access shared content without detection.

Every call, screen share and calendar invite can include sensitive materials, such as financial data, customer details, upcoming campaigns, or internal strategy. A breach of confidential information could result in serious consequences, including regulatory penalties, disciplinary action, financial and reputational liability, or even job loss.

Recent research published in ScienceDirect highlights just how vulnerable virtual collaboration can be. A comprehensive review of video conferencing platforms revealed persistent security flaws, including weak encryption protocols and insufficient access controls, that leave meetings open to unauthorized access and potential surveillance.

For hybrid professionals working from hotels, shared spaces or home networks, this means even the most routine call could be silently compromised if the right safeguards aren’t in place.

More than just a call

In hybrid work, our headsets, webcams and conferencing tools have become the new endpoints of trust. But here’s the uncomfortable truth; a headset isn’t just a device, it’s a data hub that carries voice, client queries, business sensitive information and, in many cases, biometric data like tone, speech patterns and emotional cues.

The risks aren’t just external either. With the rise of AI, even internal tools are learning from the voices of everyone in a company. If not built securely, they could share that information with more than just your team. We live in a world where what we say can be stored, analyzed and even weaponized.

That’s why companies are rethinking how they protect their people, not just their files. Security isn’t just about firewalls anymore, and IT teams need to consider about everything from what a headset hears to how your video bar streams to the cloud.

The quietest threats are the loudest warnings

It’s easy to spot a phishing email or a suspicious link. But the more subtle threats, like unsecured pairing between a headset and a laptop, or a public connection masking malicious intent, are the ones that slip through the cracks.

Imagine walking into a crowded room and announcing your company’s quarterly results out loud. You’d never do it. But working unprotected in a public space can be equally as revealing.

As reported by Comparitech, cybercrime is projected to cost the global economy $10.5 trillion USD annually by 2025. Businesses need to think beyond whether they will be targeted or not, it’s an inevitability.

Raising the Standard

Business leaders need to adopt the ethos that the only individuals who should be on a call are the ones who’ve been invited. That’s why all devices need to have an emphasis on security.

This includes encrypting conversations, implementing secure device pairing and building-in automated defenses against man-in-the-middle attacks. And implementation alone isn’t enough, IT teams need to stress-test solutions with in-house and contracted ethical hackers. This ensures customer trust is built into the very fabric of the tools we use.

Hybrid work is here to stay, and that’s a good thing. It gives workers freedom, flexibility and balance. But with that freedom comes a new kind of responsibility: to protect the digital spaces businesses occupy, the voices employees share and the people they connect with.

The next time you plug in your headset, ask yourself “who else might be listening?”. The biggest risks don’t always come with red warning signs; sometimes, they arrive quietly, just like a spy among us.

We list the best business phone systems.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Encryption has been on a long journey, transcending centuries, from leather scrolls to quantum-resistant algorithms. But if we look at security requirements for businesses 25 years ago, the world was very different then. I sold encryption software back in 2000 when no one apart from the Government knew they needed it. It was free for home or personal use, so trying to sell encryption in a world where users borrowed it free of charge was tough.

One of the most notable examples at the time was OpenSSL, an open-source project that provided free encryption tools for securing internet communication. Another popular tool was PGP (Pretty Good Privacy), which had both free and commercial versions. The free version was widely used by privacy advocates, journalists, and tech-savvy users to encrypt emails and files.

However, eventually, public-key cryptography and tools like PGP started to gain traction for secure email and online communication. It was a pivotal moment as encryption moved from being a nice-to-have to becoming essential for privacy and trust online.

Unlocking Encrypted Data Without Compromising Security

Fully Homomorphic Encryption (FHE) has also been in the mix for about 15 years. But it has been labelled as too complicated, requiring too much processing, too much disk space, being too slow and more.

But we’ve seen a breakthrough in FHE whereby customers are using it not just to encrypt data, but to query, decrypt and use it. They can also search data faster when it's encrypted than when it's not!

Without going into lengthy explanations as to how the integers (the raw material that makes encryption possible) and cryptographic algorithms work, in simple terms, it’s only the user who has access to and can understand and read the data. Where anyone else is concerned, the data is just garbage.

Why is this so important? If we look at how encryption tools work today, we create data, which we then encrypt. Every time we search, every time we move, we decrypt – because that’s the only way to make the data work for us. Once we have decrypted it, we must re-encrypt it to ensure it is safe. Therefore, we have multiple touch points where data, which we tell users is encrypted, isn’t encrypted.

This might be okay for data-at-rest, but once you migrate data from A to B, in many cases, we send the encryption keys with it. This is the equivalent of sending the keys to the castle with the castle. Also, the moment the user wants to do anything with that data (which is arguably when it is most useful) then all that safeguarding is gone.

Therefore, for us to be able to allow customers to use data whilst it still has a safety net around it and ensure data remains confidential is a huge leap forward. Most importantly, we don't have encryption keys travelling with the data; the keys are generated at the point of login.

Is Bootstrapping FHE The Answer?

Many in the industry advocate bootstrapping FHE as a workaround. This is a clever trick that allows encrypted data to be refreshed so it can be used in computations without becoming too noisy to decrypt. But it’s important to recognize both its promise and its challenges.

Done properly, bootstrapping has significant potential if implemented efficiently. It could unlock powerful capabilities in computation, especially in domains where data sensitivity is paramount.

However, bootstrapping remains computationally intensive. Even with optimized schemes, it can take seconds per operation, which means it cannot be used for real-time applications. Bootstrapping implementations are highly complex.

That said, dismissing bootstrapping outright may be premature. As research and engineering efforts continue - including our own - there’s reason to believe that more efficient, scalable implementations are within reach.

We live in a data-driven world, and FHE is going to be the key to enabling access to data and the use of technology like AI tools. However, I recently read an article in which Elon Musk discussed the fact that we’re running out of real-world data to train AI models.

This idea (often called the “peak data” theory) suggests that the internet no longer offers enough fresh, high-quality data to improve large AI models meaningfully.

In other words, we will hit a point where data is not going to develop in a way that is useful to organizations because of all the rules we put around it, some of which are self-imposed, others which are required by regulators.

Many Cast Caution Aside

Many regulations are vague, which means organizations will interpret these in a way that enables them to reduce risk by taking a more cautious approach. Other companies throw caution to the wind. We're seeing that play out in real-time.

Take Meta as an example. The company has faced multiple fines recently. The most notable in 2025 is a €200 million penalty from the European Commission under the Digital Markets Act (DMA). The fine was issued because Meta’s “pay-or-consent” model, where users had to either pay for ad-free access or consent to data tracking, was found to violate users’ rights to genuine choice.

Regulators argued that this setup pressured users into giving up their data, undermining the DMA’s goal of fair digital competition.

Improving Lives

I would argue that we must make data more usable, particularly where data helps make the world a better place. Clinical trials, for example, have faced challenges due to disparate data, which hampers progress. If a trial is quite niche, the organization needs to be able to get a decent data set to perform tests and analyze the results in a meaningful way.

We are helping organizations keep the data in the jurisdiction it is supposed to be in and still collaborate without moving the data around and without plain text data ever flying across the internet. This means we can make people's lives better; we can stop people dying of illnesses we could prevent because we understand more.

Of course, we want to be able to use data in a way that still respects privacy. This is where we see FHE being an enabler. We can have AI using data that is encrypted to make better decisions without affecting the underlying owner of the data from a user level. It's a brave new world – but an exciting one.

We list the best data recovery software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Looking to access BBC Sounds – the BBC's podcast, radio and music app – from outside the UK? If you're visiting the US, Canada, Australia or indeed anywhere else, you can use a VPN – NordVPN works best – to unblock BBC Sounds and listen as normal.

We'll go into detail below and explain why the BBC's recent announcement that it would block international access to the BBC Sounds app saddened (and angered) many listeners around the world.

Here's a full (and quick) guide to how to get BBC Sounds from abroad...

When did the international BBC Sounds block come into force?

International access to BBC Sounds was shut down on Monday, July 21.

Can I still access BBC Sounds from abroad or on holiday? 

Yes. UK residents will be able to continue accessing the BBC Sounds app from abroad with a VPN. We recommend Nord, which comes with a 30-day trial and over 70% off when you use our deal below...

How to unblock BBC Sounds with a VPN

If you're outside the UK at the moment and blocked from using BBC Sounds, you can still access the app thanks to the wonders of a VPN (Virtual Private Network).

The software allows your devices to appear as if they're back in your home country regardless of where in the world you are. So ideal for listeners away for work or on vacation wanting a taste of home.

NordVPN is our favorite:

Editors Choice

NordVPN – get the world's best VPN
We regularly review all the biggest and best VPN providers and NordVPN is our #1 choice. It unblocked every streaming service in testing and it's very straightforward to use. Speed, security and 24/7 support available if you need – it's got it all.

The best value plan is the two-year deal, which sets the price at $3.39 per month and includes an extra 3 months absolutely FREE. There's also an all-important 30-day no-quibble refund if you decide it's not for you.

- So, try NordVPN 100% risk-free for 30 daysVIEW DEAL ON

Is there a BBC Sounds alternative?

Listeners based outside the UK can now access a limited selection of BBC audio programming via the BBC.com website and the BBC app (iOS / Android).

To put it mildly, however, they're nothing at all like BBC Sounds!

The only live services available through BBC.com and the BBC app are BBC Radio 4 and the BBC World Service English. They also host select podcasts, and news and history programming, such as Global News Podcast, You're Dead to Me and Infinite Monkey Cage.

Although you can listen via BBC.com and the BBC app without an account, you have to sign in on order to download, follow and save shows.

Can I listen to BBC 6 Music and other radio stations from outside the UK?

All, however, is not yet lost. You can still listen to BBC Radio stations from outside the UK by visiting their individual websites directly, through a web browser (links listed below).

It's a crude workaround, but it works.

However, these websites don't support key BBC Sounds features, such as the option to set a radio station as your alarm or even the ability to view a station's schedule.

Furthermore, only select radio content will be made available on-demand through the websites.

BBC Radio 1

BBC 1Xtra

BBC Radio 2

BBC Radio 3

BBC Radio 4 Extra

BBC Radio 5 Live

BBC Asian Network

BBC 6 Music

Click for more BBC Radio stations▼

BBC Live News

BBC Radio Scotland

BBC Radio Scotland Extra

BBC Radio Orkney

BBC Radio Shetland

BBC Radio nan Gaidheal

BBC Radio Ulster

BBC Radio Foyle

BBC Radio Wales

BBC Radio Wales Extra

BBC Radio Cymru

BBC Radio Cymru 2

Local radio

BBC Radio Berkshire

BBC Radio Bristol

BBC Radio Cambridgeshire

BBC Radio Cornwall

BBC CWR

BBC Radio Cumbria

BBC Radio Derby

BBC Radio Devon

BBC Essex

BBC Radio Gloucestershire

BBC Radio Guernsey

BBC Hereford & Worcester

BBC Radio Humberside

BBC Radio Jersey

BBC Radio Kent

BBC Radio Lancashire

BBC Radio Leeds

BBC Radio Leicester

BBC Radio Lincolnshire

BBC Radio London

BBC Radio Manchester

BBC Radio Merseyside

BBC Radio Newcastle

BBC Radio Norfolk

BBC Radio Northampton

BBC Radio Nottingham

BBC Radio Oxford

BBC Radio Sheffield

BBC Radio Shropshire

BBC Radio Solent

BBC Radio Solent Dorset

BBC Radio Somerset

BBC Radio Stoke

BBC Radio Suffolk

BBC Radio Surrey

BBC Radio Sussex

BBC Radio Tees

BBC Three Counties Radio

BBC Radio Wiltshire

BBC Radio WM

BBC Radio York

Further BBC Sounds troubleshooting tips

If you still can't access BBC Sounds, even with the aid of a VPN, there are a few more things you can try.

Make sure your BBC account is associated with a valid UK post code, such as W1A 1AA.

The BBC Sounds app (iOS / Android) won't appear in the Play Store or the App Store outside the UK, but you may be able to get around that by changing your phone's region in the settings menu.

The BBC, like most broadcasters and networks, is engaged in a neverending cat-and-mouse battle with VPN providers.

Although we've ranked the best iPlayer VPNs, something we've worked out through thorough testing, if one of them works today there's no guarantee the same will be true tomorrow, in which case you can raise the issue with your VPN provider's customer support team, and ask them to recommend the best server to connect to.

Why did BBC Sounds get blocked? What's the full story?

So what would compel the corporation to cut one of its most popular and beloved exports? The decision was taken without a consultation, and BBC management has rebuffed calls for an explanation to be provided.

For weeks following the announcement, Andrea Catherwood, the presenter of the BBC Radio 4 podcast Feedback, endeavoured to get a BBC spokesperson onto her show in order to justify the move, without success.

The move has been met with widespread anger and sadness, but above all disbelief. BBC Sounds doesn't just provide a connection to home for Brits living abroad, it's an invaluable purveyor of culture, education and entertainment, which has served as a key platform for musicians, artists and performers, some of whom owe their entire careers to radio.

BBC Sounds' demise has also caused a political storm in Ireland, where listeners north of the border retain full access to the app.

The memorandum of understanding agreed by the UK and Irish governments in 2010 stressed the importance of public service broadcasting on both sides of the border, for "promoting cultural diversity, in providing educational programming, in objectively informing public opinion, in guaranteeing pluralism."

The subject at the time was Irish-language channel TG4, with the MoU advocating its availability in Northern Ireland as well as the Republic of Ireland. However, listeners in the Republic of Ireland have now had their access to BBC Sounds blocked.

We test and review VPN services in the context of legal recreational uses. For example:1. Accessing a service from another country (subject to the terms and conditions of that service).2. Protecting your online security and strengthening your online privacy when abroad.We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.

• DocumentDB started as a Postgres add-on before evolving into a standalone project
• The Linux Foundation’s adoption signals a new era for open document databases
• MongoDB’s restrictive licensing decisions created openings for DocumentDB’s permissive approach

For years, open source databases have been described as either traditional relational systems or newer NoSQL alternatives.

The emergence of DocumentDB, first introduced by Microsoft and now adopted under the Linux Foundation, is blurring that divide.

By combining PostgreSQL with document-oriented storage through extensions, DocumentDB positions itself as both familiar to developers and disruptive to existing NoSQL players.

From PostgreSQL extensions to a full project

Its adoption under the permissive MIT license signals a push for wider community participation.

"It's great that Microsoft, AWS, and others are joining forces to work on DocumentDB, an open source implementation of a MongoDB-compatible API on top of PostgreSQL,” said Bruce Momjian, founding member of the PostgreSQL core development team.

"We built DocumentDB with a simple goal: give developers an open document database with the flexibility of NoSQL and the power, reliability, openness, and ecosystem of Postgres," said Kirill Gavrylyuk, vice president at Microsoft.

DocumentDB began in 2024 as a pair of PostgreSQL add-ons for handling BSON data models and document queries.

Within a year, the project expanded into a standalone database that still depends heavily on PostgreSQL’s reliability and ecosystem.

This dual identity, part relational engine and part document store, makes DocumentDB attractive for developers seeking a common interface.

Yet skeptics point out that layering document features onto PostgreSQL does not erase the structural limitations of relational systems.

The move to bring DocumentDB into the Linux Foundation has attracted support from Amazon Web Services, Google, and others.

Their endorsement signals a rare moment of alignment among major cloud vendors, particularly given the licensing disputes that fractured the database world in recent years.

"AWS is excited to contribute to the open source DocumentDB project, now stewarded by the Linux Foundation," said Adam Abrevaya, director, Amazon DocumentDB.

"It is great to see the DocumentDB project joining the Linux Foundation, which assures customers and the community have an openly governed, open source option available to them," said Sailesh Krishnamurthy, vice president of engineering, Google Cloud.

Still, critics recall that vendor neutrality has often been more symbolic than practical.

A project backed by hyperscalers can easily become shaped by their priorities, leaving smaller contributors to wonder how much influence community governance will genuinely hold.

The adoption of DocumentDB can also be seen as a response to MongoDB’s decision to embrace restrictive licensing models.

By offering a permissive alternative, the Linux Foundation hopes to push toward a more interoperable standard for document databases.

Industry veterans argue that such a standard is long overdue, but the timing is contentious.

However, MongoDB continues to dominate the market, and its defenders insist that bolting document capabilities onto PostgreSQL is no substitute for a native design.

"DocumentDB fills a critical gap in the document database ecosystem, attracting contributors, users, and champions. It provides an open standard for document-based applications," said Jim Zemlin, executive director of the Linux Foundation.

For developers working on Linux distros or configuring laptops for programming, DocumentDB may appear as another tool promising simplicity and openness.

Enterprises considering mobile workstations or SaaS integrations may also see appeal in a standardized, Postgres-based NoSQL option.

Yet the reality is less straightforward because success depends on technical merit and the community's resistance to tilting toward the largest vendors.

You might also like

• Check out the best 3D modeling software for 3D printing and more
• We've rounded up the best portable monitors available now
• Adobe Firefly and Express are getting a Gemini AI boost, making ad campaigns flashier than ever

• Microsoft has revealed how it protects Azure with an Integrated HSM chip
• Azure security stack includes Azure Boost, Hydra BMC and Caliptra 2.0
• Cybercrime reportedly worth $10.2 trillion annually, making it the world’s third-largest economy in 2025

Microsoft has revealed more on the custom-built security chip it deploys across every Azure server, aiming to counter what it calls a cybercrime “pandemic” now costing $10 trillion annually.

The Azure Integrated HSM, which was first announced in late 2024, is the centerpiece of a wider security architecture the company outlined at the recent Hot Chips 2025 event.

A slide Microsoft showed there claims the global cost of cybercrime is currently $10.2 trillion - meaning it now ranks as the equivalent of the third-largest economy in the world.

(Image credit: Microsoft)Azure security measures

The trillion-dollar estimate places cybercrime behind the United States and China, but ahead of Germany and Japan, and also far bigger than the entire AI market.

Microsoft said the scale of the threat requires both architectural and operational changes.

As ServeTheHome reports, the company listed a number of statistics at the event, including that Azure already spans more than 70 regions and 400 data centers, supported by 275,000 miles of fiber and 190 network points of presence, along with employing 34,000 engineers dedicated to security.

To take on the cybersecurity problem at a hardware level, Microsoft moved from a centralized hardware security module model to its own Azure Integrated HSM.

The custom ASIC is designed to meet FIPS 140-3 Level 3 requirements, providing tamper resistance and local key protection within servers.

By embedding the chip in each system, cryptographic functions no longer need to pass through a centralized cluster, reducing latency while enabling tasks such as AES, PKE and intrusion detection locally.

ServeTheHome noted building an in-house chip required trade-offs. Instead of scaling hardware security modules at a cluster level, Microsoft had to size them for individual servers.

The result, the company argued, was a balance between performance, efficiency and resilience.

The tech giant also presented its “Secure by Design” architecture at Hot Chips, part of its Secure Future Initiative.

This includes Azure Boost, which offloads control plane services to a dedicated controller and isolates them from customer workloads, and the Datacenter Secure Control Module, which integrates Hydra BMC, and enforces a silicon root of trust on management interfaces.

Confidential computing, backed by trusted execution environments, extends protection to workloads in multi-tenant environments.

Caliptra 2.0, developed in collaboration with AMD, Google and Nvidia, anchors security in silicon and now incorporates post-quantum cryptography through the Adams Bridge project.

(Image credit: Microsoft)You might also like

• These are the best data recovery tools you can use right now
• Microsoft struggling to sell Copilot to corporations because they want ChatGPT
• Windows 11 Pro vs Windows 11 Home: which version is right for you?

• FADU secures SSD controller supply deals with two hyperscalers and expects to sign a third
• Meta seen as likely early adopter after appearing with FADU at FMS 2025 keynote
• Korean company outlines PCIe 6.0 roadmap with 512TB capacity and 28GB/s speeds

South Korea’s FADU has announced it has signed deals to supply its next-generation SSD controllers to two of the world’s largest cloud service operators.

The Korea Herald reports at a press conference in Seoul marking the company’s 10th anniversary, CEO Lee Ji-hyo revealed the news, saying, “We have been confirmed for mass production supply for two of the four global hyperscalers."

"We are also in talks with another hyperscaler, and we expect to finalize that deal by the end of this year," he added, "within two to three years, we are confident we will be supplying to all four major companies.”

Sierra controller

The four hyperscalers in question are of course AWS, Google, Microsoft and Meta - and while FADU has not said which two of these are under contract, Meta is widely viewed as a strong candidate to be one of them after appearing alongside the company at the recent Future of Memory and Storage 2025 conference.

At that event, FADU unveiled its PCIe 6.0 controller, codenamed Sierra, which supports capacities up to 512TB and sequential speeds of 28GB/s.

The product delivers random read performance of 6.9 million IOPS while operating under 9W.

ChosunBiz reported at the time that Meta engineer Ross Stenfort shared the keynote stage with Lee as FADU introduced the controller and detailed new energy monitoring features developed with industry partners to reduce costs in large-scale data centers.

Lee took the opportunity during the keynote to also underline the company’s long-term vision.

“Since our establishment in 2015, FADU has dedicated the past 10 years to technology development, striving to create the fastest and most innovative SSD controllers in the world targeting the global market, and we have validated our technological prowess with global clients,” he said.

“We will lead the storage market with SSDs that offer greater capacity, faster performance, and higher efficiency as demanded by the AI era.”

FADU shipped its Gen5 controller in late 2024 and expects its Gen6 line to launch in 2026.

You might also like

• These are the fastest SSDs you can buy right now
• And these are the largest HDDs and SSDs on the market at the moment
• AMD, Meta are working on revolutionary tech that could recycle petabytes worth of RAM

• AI impersonation scams use voice cloning and deepfake video to convincingly mimic trusted people
• Cybercriminals target people and businesses through calls, video meetings, messages, and emails
• Experts say that independently verifying identities and using multi-factor authentication are key to protecting yourself

Imagine getting a frantic call from your best friend. Their voice is shaky as they tell you they’ve been in an accident and urgently need money. You recognize the voice instantly; after all, you’ve known them for years. But what if that voice isn’t actually real?

In 2025, scammers are increasingly using AI to clone voices, mimic faces, and impersonate people you trust the most.

The rise in this type of scam has been staggering. According to Moonlock, AI scams have surged by 148% this year, with criminals using advanced tools that make their deception near-impossible to detect.

So how can you stay safe from this growing sci-fi threat? Here's everything you need to know, including what cybersecurity experts are recommending.

What are AI impersonation scams?

AI impersonation scams are a fast-growing form of fraud where criminals use artificial intelligence to mimic a person’s voice, face, or typing style with alarming accuracy.

These scams often rely on voice cloning, which is a technology that can recreate someone’s speech patterns with just a few seconds of recorded audio.

The samples aren’t hard to find; you can often spot them in voicemails, interviews, or social media videos. According to Montclair State University, even short clips from a podcast or online class can be enough to build a convincing AI impersonation of someone’s voice.

Some scams take this even further, using deepfake video to simulate live calls. For instance, Forbes reports that scammers have impersonated company executives in video meetings, convincing staff to authorize large wire transfers.

(Image credit: Getty Images / Tero Vesalainen)

Experts say the rapid growth of AI impersonation scams in 2025 comes down to three factors: better technology, lower costs, and wider accessibility.

With these digital forgeries at their side, attackers assume the identity of someone you trust, such as a family member, a boss, or even a government official. They then request valuable, confidential information, or skip the extra step and ask for urgent payments.

These impersonated voices can be very convincing, and this makes them particularly nefarious. As the US Senate Judiciary Committee recently warned, even trained professionals can be tricked.

Who is affected by AI impersonation scams?

AI impersonation scams can happen across phone calls, video calls, messaging apps, and emails, often catching victims off guard in the middle of their daily routines. Criminals use voice cloning to make so-called "vishing" calls, which are phone scams that sound like a trusted person.

The FBI recently warned about AI-generated calls pretending to be US politicians, including Senator Marco Rubio, to spread misinformation and solicit a public reaction.

On the corporate side of "vishing," cybercriminals have staged deepfake video meetings posing as company executives. In a 2024 case threat actors posed as the CFO of UK-based engineering company Arup, and tricked its employees into authorizing transfers totaling a whopping $25 million.

These attacks generally scrape pictures and videos from LinkedIn, corporate websites, and social media in order to craft a convincing impersonation.

AI impersonation is getting more sophisticated, too – and fast. The email provider Paubox found that nearly 48% of AI-generated phishing attempts, including voice and video clones, successfully sidestep detection by current email and call security systems.

How to stay safe from AI impersonation scams

Experts say that AI impersonation scams succeed because they create a false sense of urgency in their victims. Criminals exploit your instinct to trust familiar voices or faces.

The most important defense is to simply slow down; take your time to confirm their identity before you act. The Take9 initiative says that simply pausing for nine seconds can go a long way toward staying safe.

If you receive a suspicious call or video from someone you know, hang up and call them back on the number you already have. As cybersecurity analyst Ashwin Raghu told Business Insider, scammers count on people reacting in the moment, and calling back eliminates that urgency.

It’s also important to watch for subtle red flags. Deepfake videos can have a few tells, such as unnatural mouth movements, flickering backgrounds, or eye contact that feels a little 'off'. Similarly, AI-generated voices can have unusual pauses or inconsistent background noise, even if they sound convincing at first.

Adding extra layers of security can help, too. Multi-factor authentication (MFA) makes it harder for scammers to get into your accounts even if they successfully steal your credentials.

Cybersecurity expert Jacqueline Jayne told The Australian that your best bet is to pair direct verification with some form of MFA — particularly during periods of high scam activity, such as during tax season.

AI offers a ton of mind-boggling capabilities, but it also gives scammers powerful new ways to deceive. By staying vigilant, verifying suspicious requests, and talking openly about these threats, you can reduce the risk of being caught off guard — no matter how real the deepfake may seem.

You might also like

• AI is fueling the biggest financial scams ever—cyber safety experts are fighting back
• Avast launches another free scam protection tool, but this one is powered by AI – here's what it offers
• AI voice scams are on the rise – here’s how to stay safe, according to security experts

• UK startup Somni claims to have invented the world's first "battery-free streaming earbuds for sleep"
• The earbuds are small and wireless, made to be comfortable to use in any sleeping position
• According to SomniBuds, these sleep buds never need to be charged — but a few things remain unclear

A British startup claims to have found the perfect solution to many sleeping woes. Whether you struggle with insomnia or need a little white noise to fall asleep, these new earbuds could potentially help.

SomniBuds are flat and small streaming earbuds that are made to be used while sleeping. Thanks to their unusual shape, they're apparently optimized for every sleeping position. And although they're completely wireless, SomniBuds also claims that you'll never have to go out of your way to recharge them.

So are these sleep buds a strong new alternative to the likes of the Loop Dream, and how do they work? Here's everything we know so far.

What are SomniBuds, and how do they work?

SomniBuds are streaming earbuds for sleeping, made by UK startup Somni. They're not the only sleeping earbuds or earplugs out there – alternatives, such as the Bose Sleepbuds II, have been around a while, alongside newer contenders like the aforementioned Loop Dream. However, Somni claims that its new buds have a few things that the competition doesn't offer.

The biggest standout feature is the fact that these earbuds don't have a battery. They're also wireless, which might make for a confusing combination. How can battery-free hardware be wireless and yet never need to be recharged?

(Image credit: Somni)

Admittedly, the technical details are still pretty scarce here, but Somni claims that you won't need to use a charging case or a similar device. Instead, you'll place the SomniMat, which is a charging mat made specifically for these earbuds, under your pillow or your mattress. While you sleep, the earphones will wirelessly connect to the charging mat, enabling them to run all night long.

On paper, this sounds fantastic. However, it's unclear just how reliable the connection between the mat and the earbuds will be. Will this charging style work in every sleeping position? What if you roll over to the other side of the bed? Those are some of the things we're looking forward to exploring during some in-person listening, but the signs from our friends at Shortlist(who have been trying out a pair) are very promising.

SomniBuds are 3mm thin and have a flat, unobtrusive design that looks like it'd be comfortable to sleep in – well, at least as comfortable as sleeping with something in your ears can ever be. The startup claims that the earphones are a quarter of the size of traditional Bluetooth sleepbuds.

SomniBuds won't require an app to use and can be paired with any kind of audio, including Spotify, podcasts, movies, and white noise apps.

How can you try SomniBuds?

So, how can you actually try these out? This is where more questions start cropping up. The earbuds are not yet available for sale, but we do know a few things about what's in store for them this year.

Somni promises that the SomniBuds will be available through Kickstarter in "late summer", so we can't have too long to wait now.

However, if you're really excited about these, you can pay $1 to get a 33% discount that you can use when they do come out. You just need to reserve a spot, although Somni says that only 300 early backers will be allowed to sign up.

(Image credit: Somni)

The SomniBuds (presumably complete with the charging mat) will be priced at $229 / £224 (around AU$465) without the discount, and $199 / £149 (about AU$310) with the 33% off deal. Early backers will also receive a bonus pair of earbuds.

As with any Kickstarter or crowdfunded project, all of the usual caveats apply and it's important to be cautious. We have no guarantee that these earbuds will make it to market at all, and it's unclear when they'll be fully available for sale.

However, if you're struggling for shuteye and are looking for some earbuds that are designed specifically for sleep, they could be a new contender to watch out for –particularly if those charging-free claims hold up during real-world use.

You might also like

• Sure, noise-cancelling headphones are great for work but they saved my sleep (and sanity) and several vacations too – here’s how
• The best earbuds for every budget, all TechRadar tested and recommended
• iOS 26 will soon give your AirPods a smart sleep trick – and Beats headphones could join the pajama party

• Details of the OnePlus 15 have leaked
• We also have new renders of the design
• The phone could launch in November

We haven't heard too much about the successor to the OnePlus 13 so far, but a fresh batch of leaks gives us a good idea of what's on the inside and on the outside of the OnePlus 15 (the number 14 is being skipped, due to its associations with bad luck in China).

First up, the team at Android Headlines has pulled together some interesting information about OnePlus 15 benchmark scores that have appeared online. The scores indicate that the phone will be powered by the Qualcomm Snapdragon 8 Elite 2 chipset.

The scores themselves are actually pretty low, but at this stage in the phone's development, it's not worth paying much attention to them – they're unlikely to match the real world performance levels of the handset once it sees the light of day.

It also looks as though the OnePlus 15 is going to come with 16GB of RAM, or at least the option of 16GB of RAM, based on this benchmark listing. The OnePlus 13 is available with 12GB, 16GB, or 24GB of RAM, though that last option isn't available in many places.

Renders and colors

OnePlus 15 storage & color options, as per DCS- 12GB+256GB, 12GB+512GB, 16GB+256GB, 16GB+512GB, and 16GB+1TB- Black, Purple, and Titanium color options pic.twitter.com/Do9n9Uhaw9August 29, 2025

We've also seen some unofficial renders from tipster @Sudhanshu1414 (via Notebookcheck), though as always nothing is certain about these leaks – not until OnePlus actually gets around to launching the flagship phone.

There are three colors on show here, which are black, silver, and a dark purple. The outer camera module is a square, rather than a circle as it is on the OnePlus 13 – and it looks like there are three rear cameras here again, matching the current model.

Interestingly, an executive from OnePlus parent company Oppo has gone on record as saying that the design of the OnePlus 15 is one of his favorites in recent years, although there doesn't look anything too out of the ordinary.

The standard OnePlus 13 was launched in China at the start of November 2024, before becoming more widely available in January 2025, and it's likely that the successor is going to follow a similar sort of schedule but 12 months further on.

You might also like

• The OnePlus Open 2 won't launch in 2025
• OnePlus AI Plus Mind may be the best use of AI on a phone
• Exclusive: OnePlus reveals the OnePlus Nord 5

When Apple launched the Studio Display in March 2022, it seemed that its purpose was to be an advanced monitor for creative pros who didn’t want to shell out for the $4,999 Pro Display XDR. Since then, though, it’s been over three years without a single update, leaving it suspended in an uncomfortable limbo.

When we initially reviewed the Apple Studio Display, we thought it was good but not great, with a few glaring omissions and frustrating oversights marring its final score. It’s fallen further behind in the years since, and with rival monitors offering OLED panels and higher refresh rates for lower prices, the Studio Display is in a tough spot.

Fortunately, there are rumors that Apple is working on several new monitors, one of which is likely to be a new Studio Display. Rumors have suggested it could arrive in 2026 with a mini-LED panel, making it four years between hardware updates.

And while that mini-LED screen would be a serious upgrade over the LCD panel in the current Studio Display, there’s one thing that I’d love to see above all else in the new model: a higher refresh rate. This isn’t just about gaming, although that’s part of it – this upgrade would benefit a wide range of users and scenarios, making it a change that could finally bring the Studio Display right up to date.

Gains for gamers

(Image credit: Future)

Let’s start with the elephant in the room, the aspect that, on the surface, perhaps makes the least sense: gaming. The Studio Display is not a gaming monitor, and Apple never claimed it was in the first place. The clue is in the name, after all: Studio Display. It’s meant for designers, photographers, and videographers – creatives, in other words, not gamers.

But in the years since the Studio Display’s 2022 launch, Apple’s gaming prowess has gone from strength to strength. We can no longer scoff when someone suggests that a MacBook is a gaming machine – it’s genuinely true. Apple has also demonstrated more of a commitment to gaming on Mac, with a new Metal dev toolkit and triple-A games featuring more frequently in Mac event presentations.

That’s mostly thanks to Apple’s in-house chips, with the latest editions offering bona fide gaming performance. Throw in frame generation, and even the most demanding games can run at high resolution and high frame rates on a Mac.

Yet right now, the Studio Display is singularly unsuited to take advantage of that. That’s because it’s limited to a measly 60Hz refresh rate, which Apple chips can go blast past these days. Pair up a Studio Display and a powerful Mac, and it’s the screen that will let you down, not the chip – and who thought we’d be saying that a few years ago?

Increasing the Studio Display’s refresh rate – ideally to the 120Hz of the latest MacBook Pros and iPhones – would significantly improve the gaming experience for Apple users. After all, Apple has already added this smooth refresh rate tech to other Macs. Why not the Studio Display?

Creative license

(Image credit: Apple)

A higher refresh rate wouldn’t just be good for gamers – creatives would feel the benefits too. Despite the recent advances in gaming performance, Apple’s products are still primarily aimed at designers, artists, and other creatives. Upping the refresh rate could therefore bring noticeable benefits to a significant chunk of Apple’s target audience.

For example, what if you’re editing high-refresh-rate video footage on a Studio Display? Right now, you’re limited to playing it back at 60 frames per second on your monitor, which could be well below what your video is set to. That’s an obvious flaw that is likely to prompt creatives to look for alternatives. The same applies to many professionals working in game design; if you need to verify the performance of a test build, you can't be limited by your monitor's refresh rate.

Unlike gaming, this is a problem for the Studio Display’s core audience, which highlights the importance of fixing this issue. There’s no way that Apple can pitch the Studio Display as a great solution for creatives if it can’t serve them on such a basic level. Considering its $1,599 price tag, that’s a major problem.

It’s time for change

(Image credit: Apple)

Whether it’s a core use case like creative work or an incidental one such as gaming, upping the Studio Display’s refresh rate would improve life for a large swathe of Apple’s users.

With the company aiming to appeal more strongly to gamers, the good news for Apple is that both creatives and gamers can benefit from smoother on-screen motion. That means it can effectively kill two birds with one stone by improving this aspect of the Studio Display.

As I mentioned earlier, current rumors suggest that Apple is looking to add mini-LED tech into the Studio Display’s monitor, but there’s no word yet on whether the refresh rate will change. We can only hope that this, too, is coming, given how much of a difference it could make – and how much it’s really needed in Apple’s monitor.

Apple already has the technology in place to make this a reality, and you can get it today in the MacBook Pro and pro-level iPhones. Now, the company just needs to bring it to the Studio Display. If it does, Apple’s device could become one of the best monitors around, for both creatives and, perhaps, gamers.

You might also like

• It's high time the Studio Display joined the mini-LED party, and rumors suggest Apple could use the tech in its next monitor for creative pros
• Best Apple Studio Display alternatives of 2025: top monitors from 4K to 8K
• Here's an Apple Studio Display alternative for the rest of us - the oddly-named Dough Spectrum Canvas offers 6K resolution

Looking for a different day?

A new Quordle puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Sunday's puzzle instead then click here: Quordle hints and answers for Sunday, August 31 (game #1315).

Quordle was one of the original Wordle alternatives and is still going strong now more than 1,100 games later. It offers a genuine challenge, though, so read on if you need some Quordle hints today – or scroll down further for the answers.

Enjoy playing word games? You can also check out my NYT Connections today and NYT Strands today pages for hints and answers for those puzzles, while Marc's Wordle today column covers the original viral word game.

SPOILER WARNING: Information about Quordle today is below, so don't read on if you don't want to know the answers.

Quordle today (game #1316) - hint #1 - VowelsHow many different vowels are in Quordle today?

• The number of different vowels in Quordle today is 4*.

* Note that by vowel we mean the five standard vowels (A, E, I, O, U), not Y (which is sometimes counted as a vowel too).

Quordle today (game #1316) - hint #2 - repeated lettersDo any of today's Quordle answers contain repeated letters?

• The number of Quordle answers containing a repeated letter today is 0.

Quordle today (game #1316) - hint #3 - uncommon lettersDo the letters Q, Z, X or J appear in Quordle today?

• No. None of Q, Z, X or J appear among today's Quordle answers.

Quordle today (game #1316) - hint #4 - starting letters (1)Do any of today's Quordle puzzles start with the same letter?

• The number of today's Quordle answers starting with the same letter is 2.

If you just want to know the answers at this stage, simply scroll down. If you're not ready yet then here's one more clue to make things a lot easier:

Quordle today (game #1316) - hint #5 - starting letters (2)What letters do today's Quordle answers start with?

• R

• B

• S

• S

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

Quordle today (game #1316) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle, game #1316, are…

• RECAP
• BRIDE
• SMACK
• SPOIL

After crashing out yesterday I was delighted to just finish today's Quordle unscathed.

Three-letter-combinations were the key to my success, with I-D-E leading to BRIDE and O-I-L leading to SPOIL. My only lucky guess was for SMACK which, at that stage, could have been “scamp”.

Daily Sequence today (game #1316) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle Daily Sequence, game #1316, are…

• FLASH
• THEME
• DAIRY
• CONDO

Quordle answers: The past 20

• Quordle #1315, Sunday, 31 August: MORAL, ENTER, FOIST, TESTY
• Quordle #1314, Saturday, 30 August: RHINO, FLUNG, JUICY, DROVE
• Quordle #1313, Friday, 29 August: FLAIR, TAROT, FRAIL, PRUNE
• Quordle #1312, Thursday, 28 August: AFOOT, TANGO, LUMEN, NAVAL
• Quordle #1311, Wednesday, 27 August: TWEED, SCRAP, SHEIK, AWOKE
• Quordle #1310, Tuesday, 26 August: BEGET, WRATH, HEARD, INDEX
• Quordle #1309, Monday, 25 August: GEEKY, SHALT, CHIEF, JIFFY
• Quordle #1308, Sunday, 24 August: ROVER, GONER, ANTIC, OUTDO
• Quordle #1307, Saturday, 23 August: DEMON, GRATE, FLYER, SHEEP
• Quordle #1306, Friday, 22 August: TROOP, SCOPE, TORSO, BRINY
• Quordle #1305, Thursday, 21 August: QUEST, SPARK, WHITE, ACUTE
• Quordle #1304, Wednesday, 20 August: DOLLY, MERRY, BUGLE, WORST
• Quordle #1303, Tuesday, 19 August: KNAVE, SMART, CARRY, MAMMA
• Quordle #1302, Monday, 18 August: FIBER, TRADE, RAYON, TEASE
• Quordle #1301, Sunday, 17 August: FUNGI, AMITY, DRIER, CHECK
• Quordle #1300, Saturday, 16 August: OWING, QUAKE, SLIDE, ELITE
• Quordle #1299, Friday, 15 August: WHALE, PRISM, DRAKE, TEPEE
• Quordle #1298, Thursday, 14 August: LAPEL, IDIOM, RENEW, LIVER
• Quordle #1297, Wednesday, 13 August: CACTI, HOMER, EMAIL, ALBUM
• Quordle #1296, Tuesday, 12 August: SPOOL, TITLE, JAUNT, OVINE

Looking for a different day?

A new NYT Connections puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Sunday's puzzle instead then click here: NYT Connections hints and answers for Sunday, August 31 (game #812).

Good morning! Let's play Connections, the NYT's clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need Connections hints.

What should you do once you've finished? Why, play some more word games of course. I've also got daily Strands hints and answers and Quordle hints and answers articles if you need help for those too, while Marc's Wordle today page covers the original viral word game.

SPOILER WARNING: Information about NYT Connections today is below, so don't read on if you don't want to know the answers.

NYT Connections today (game #813) - today's words

(Image credit: New York Times)

Today's NYT Connections words are…

• PRESIDENT
• MOTHER
• BISHOP
• BIRD
• CLERGY MEMBER
• PREMIERE
• M.L.B. PLAYER
• POPE
• SAINT
• VALENTINE
• INTRODUCTION
• N.F.L. PLAYER
• LORDE
• LAUNCH
• BURNS
• SAINT PATRICK
• DEBUT

NYT Connections today (game #813) - hint #1 - group hints

What are some clues for today's NYT Connections groups?

• YELLOW: When it begins
• GREEN: National day 
• BLUE: Wordsmiths
• PURPLE: Linked by a word associated with red

Need more clues?

We're firmly in spoiler territory now, but read on if you want to know what the four theme answers are for today's NYT Connections puzzles…

NYT Connections today (game #813) - hint #2 - group answers

What are the answers for today's NYT Connections groups?

• YELLOW: FIRST APPEARANCE 
• GREEN: ONES CELEBRATED WITH HOLIDAYS 
• BLUE: FAMOUS POETS 
• PURPLE: WHAT "CARDINAL" MIGHT REFER TO 

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Connections today (game #813) - the answers

(Image credit: New York Times)

The answers to today's Connections, game #813, are…

• YELLOW: FIRST APPEARANCE DEBUT, INTRODUCTION, LAUNCH, PREMIERE
• GREEN: ONES CELEBRATED WITH HOLIDAYS MOTHER, PRESIDENT, SAINT PATRICK, SAINT VALENTINE
• BLUE: FAMOUS POETS BISHOP, BURNS, LORDE, POPE
• PURPLE: WHAT "CARDINAL" MIGHT REFER TO BIRD, CLERGY MEMBER, M.L.B. PLAYER, N.F.L. PLAYER

• My rating: Hard
• My score: Fail

Congratulations to anyone who completed today’s Connections. A round for me which bordered on the impossible.

In part, my difficulty with today’s game fell down to two areas of ignorance – American sports and poetry. I’m sure I wasn’t the only person who thought we were looking for a connection to the New Zealand singer LORDE as opposed to the poet Audre Lorde. But this wasn’t too much of an issue, as I was unaware of BISHOP and POPE too.

After comfortably getting the yellow group I struggled to make headway and fell into the obvious trap of trying to put together a group connected by religion and then leadership.

I did manage to put together ONES CELEBRATED WITH HOLIDAYS, but with one mistake left and completely clueless I crashed out after letting a shuffle do the guessing for me.

Yesterday's NYT Connections answers (Sunday, August 31, game #812)

• YELLOW: CRITICIZE HARSHLY BASH, BLAST, FLAME, ROAST
• GREEN: COMMON COMPONENTS OF BOARD GAMES BOARD, CARDS, DICE, PIECES
• BLUE: HETERONYMS AXES, BASS, COORDINATE, DOES
• PURPLE :___STICKS CHOP, DRUM, FIDDLE, FISH

What is NYT Connections?

NYT Connections is one of several increasingly popular word games made by the New York Times. It challenges you to find groups of four items that share something in common, and each group has a different difficulty level: green is easy, yellow a little harder, blue often quite tough and purple usually very difficult.

On the plus side, you don't technically need to solve the final one, as you'll be able to answer that one by a process of elimination. What's more, you can make up to four mistakes, which gives you a little bit of breathing room.

It's a little more involved than something like Wordle, however, and there are plenty of opportunities for the game to trip you up with tricks. For instance, watch out for homophones and other word games that could disguise the answers.

It's playable for free via the NYT Games site on desktop or mobile.

Looking for a different day?

A new NYT Strands puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Sunday's puzzle instead then click here: NYT Strands hints and answers for Sunday, August 31 (game #546).

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #547) - hint #1 - today's themeWhat is the theme of today's NYT Strands?

• Today's NYT Strands theme is… Be my guest

NYT Strands today (game #547) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• COME
• SEEM
• MITRE
• STEER
• HIVE
• BRAVE

NYT Strands today (game #547) - hint #3 - spangram lettersHow many letters are in today's spangram?

• Spangram has 11 letters

NYT Strands today (game #547) - hint #4 - spangram positionWhat are two sides of the board that today's spangram touches?

First side: left, 5th row

Last side: right, 5th row

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #547) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #547, are…

• GREET
• SERVE
• INVITE
• EMBRACE
• RECEIVE
• WELCOME
• SPANGRAM: HOSPITALITY

• My rating: Hard
• My score: Perfect

The theme automatically triggered thoughts of Angela Lansbury and company singing “Be our guest, be our guest/Put our service to the test” from Beauty and the Beast. 

Although today’s Strands wasn’t about pressed napkins, or dancing teacups, it was in a similar area.

My first two words – GREET and SERVICE – were easy to find, but everything else was quite tricky, including the arching spangram HOSPITALITY. And despite it being my final word it still took me a while to put together RECEIVE. 

Yesterday's NYT Strands answers (Sunday, August 31, game #546)

• PAIL
• TUMBLING
• FETCH
• WATER
• AFTER
• CROWN
• BROKE
• SPANGRAM: JACK AND JILL

What is NYT Strands?

Strands is the NYT's not-so-new-any-more word game, following Wordle and Connections. It's now a fully fledged member of the NYT's games stable that has been running for a year and which can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.