TechRadar News

If Zero Trust actually worked like the industry said it would, VPNs would’ve disappeared years ago. Instead, they’re booming. We’ve all heard the warnings, seen the vendor pitches, and read enough LinkedIn posts to fill several lifetimes: Zero trust is supposed to be here.

And yet, despite all that hype, the business VPN market isn’t just alive — it's thriving, projected to nearly double from $5.7 billion in 2024 to well over $10 billion by 2033.

The Comfort of the Familiar

I wrote my first VPN — Tunnel Vision — back in 1998, for the first customer of my first startup. Later we replaced it with an IPsec key manager. Then I wrote sshuttle, a sort of VPN built on top of SSH. At Google, I ended up writing a multicast VPN tool we called "frobnicast" (don’t ask). And finally, I co-founded yet another VPN company to try fixing this once and for all. That makes it five VPNs so far. As the meme goes, we have become exceedingly efficient at it.

Why do we keep writing new VPNs? Because the old ones suck. But honestly, it's not just VPNs that suck — it’s TCP/IP that sucks. If IPv4 had been encrypted by default and access-controlled from the beginning and didn't run out of IP addresses and IPv6 had successfully rolled out, we wouldn’t need VPNs. Every generation of these tools has been a workaround for something broken further down the stack.

Still, businesses don’t let go of familiar tools easily. I once wrote that “not changing stuff is amazingly powerful as a product strategy.” VPNs are dependable. Or at least, they’re the devil we know. They’re built into enterprise security bundles, they’re in the onboarding checklist, and they’ve been “good enough” for long enough that most teams have figured out how to live with them.

But when a tool sticks around long after its design goals are obsolete — like my old dialer program WvDial, still popular decades after modems became irrelevant — it’s worth asking why. In WvDial’s case, the answer was simple: everything else was worse. That story still applies to VPNs.

When Security Gets in the Way

According to recent research, this comfort comes at a cost. Over 83% of engineers admit to bypassing their company's security controls simply to get work done. Worse yet, 68% retain access to internal systems after leaving their employers, exposing critical gaps in the security lifecycle. Yet, despite these clear risks, only 10% of professionals feel their current VPN "works well."

So, VPNs linger not because they're ideal, but because migrating fully to zero trust isn’t trivial. It’s not a product you can buy; it’s a shift in how you think. Continuous verification, least privilege access, and identity-first networking sound simple until you try to retrofit them into a sprawling, 20-year-old IT architecture.

The VPN Misconception

There’s a common belief that VPNs are fundamentally insecure. They’re not. But the traditional enterprise VPN model, the one that drops you inside the perimeter and lets you wander freely, is dangerous. That’s like giving everyone a master key to your office building.

A better model grants access one step at a time, based on who you are, what you need right now, and where you’re coming from. Microsegmentation. It’s not about banning tunnels — it’s about more, smaller tunnels, each with its own control valve.

Where Zero Trust Really Begins

The most secure approach is one where identity management is everything. Not where you are, not what subnet you’re on, not whether you’re in the office. Identity. Strong authentication, hardware-backed keys, just-in-time access.

But identity isn’t easy. Our survey found only 29% of organizations have adopted identity-based access control at scale. Even fewer use automation. Many still rely on spreadsheets and service account credentials that outlive the employees who set them up.

So security becomes a tax. It slows people down. And when security gets in the way, people route around it. That’s why VPN fatigue is real — and growing.

Yet, there's hope. Nearly half of surveyed companies are consolidating fragmented tools, embracing automation, and experimenting with adaptive policies. But more interestingly, they're starting to rethink their whole approach.

Security and engineering teams are collaborating instead of clashing. They're designing systems that work with people, not against them. AI tools are emerging — not to replace humans, but to help notice the things humans miss: a sudden pattern change, a weird login time, an unexpected access request.

More companies are adopting modular, policy-driven systems. Instead of writing 50 firewall rules, they define intent: "this kind of app talks to that kind, under these conditions." That’s not Zero Trust as a checklist — it’s Zero Trust as infrastructure.

A Pragmatic Path Forward

Zero trust isn’t a product you install. It’s a direction you walk in.

Start by reducing implicit trust — wherever you find it. Use strong identity through encryption, not IP addresses. Make credentials short-lived. Assume the worst. Break your network into zones. Shrink the blast radius.

But do it gradually. Nobody rips out all their networking in a day. Choose one high-value system and zero-trustify it. Learn. Repeat.

VPNs will stick around a while, not because they’re good, but because everything else is hard or immature. But as we’ve seen with tools like WvDial, still in use long after its time, familiarity isn’t the same as fitness. The future belongs to systems that embrace the complexity of real-world access — and make it feel simple.

I don't want to write VPNs, I don't want to deploy VPNs, I just want to solve real problems. But we can't solve the real problems without a working network. So here I am with a $1.5B company still selling VPNs. Sure it's maybe the best VPN. But it looks like I'll be continuing to do it for years, so that other people can finally solve real problems.

And if we finally get it right this time, maybe we can stop reinventing the same broken tunnel — one VPN at a time.

We've listed the best VPN deals.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Three in five firms would pick UK over Europe, APAC and US for tech investments, Barclays report finds
• Tech companies saw cash flows and savings rise, overdrafts reduce
• Further government support is needed for long-term support

New research from Barclays has claimed tech firms are increasingly seeing the UK as an attractive place to invest, with 62% of tech leaders favoring the UK over Europe and nearly as many favoring the UK over APAC (61%) and the US (60%).

A strong customer base, skilled workers with a diverse talent pool and fast consumer adoption of tech were cited as key influencers behind the UK’s potential success.

Three in four also noted the UK’s economic climate supports growth (76%) and that its political landscape will help over the next three years (75%).

Tech firms are investing in the UK

Half of the 500 UK-based technology leaders surveyed said they now plan to increase AI investments by 20% over the next 12 months with almost all of them (95%) reporting increasing client demand for AI products and services.

Thanks to the healthy landscape in the UK, 70% of the tech firms surveyed plan to increase capex by an average of 8.9% this year.

Separate Barclays data found that tech business cash flows rose by 1.7% between Q1 2024 and Q1 2025, and the tech sector had the higher increase in savings account balances, up 21.5%. Overdraft usage also fell 26.2% despite borrowing remaining relatively flat, suggesting increased financial health.

“There’s a clear sense that the UK is holding its own on the global tech stage, with founders and leaders increasingly seeing the UK as one of the best places in the world to grow and scale,” Head of Technology, Media & Telecoms & Innovation Banking Helena Sans commented.

Looking ahead, 72% agree that government backing is essential to long-term growth. This includes specialized funding programs (44%), support to attract international investors (37%), enhanced tax incentives for equity investments (36%) and startup and SME grants (36%).

You might also like

• We’ve listed the best AI tools and best AI writers
• The best online collaboration tools can help make you more efficient
• UK firms are investing heavily in new tech - but will it make any difference?

From the war in Ukraine, to the Middle East, and escalating tensions in the South China Sea, the threat of conflict is forcing governments and businesses to confront an uncomfortable truth that digital systems are not immune to geopolitical pressure.

At London Tech Week recently UK Prime Minister Keir Starmer said that the way that war is being fought “has changed profoundly,” adding that technology and AI are now “hard wired” into national defense. It was a stark reminder that IT infrastructure management must now be viewed through a security lens and that businesses need to re-evaluate data management technologies and practices to ensure they are not left out in the cold.

Easier said than done. According to recent research from Civo, 83% of UK IT leaders say geopolitics threatens their ability to control data and 61% view sovereignty as a strategic priority, yet only 35% know exactly where their data resides. That’s not just a compliance gap. It’s a sign that infrastructure, policy and strategy are still out of sync.

Data sovereignty used to be a conversation for the policy teams and legal departments. Not anymore. Regulatory fragmentation, rising cyber risk, and increasingly complex data ecosystems are forcing organizations to treat sovereignty as a live operational concern. Whether it’s knowing who can access your AI training data or ensuring a healthcare provider meets national residency requirements, data sovereignty now defines what businesses can and cannot do.

The EU Data Act, the UK's evolving position (the UK is no longer bound by the EU Data Act but it remains closely aligned in practice to preserve data adequacy and ensure the continued free flow of data with the EU), and the increasing stringency of critical infrastructure policies, are starting to shape what enterprise resilience should look like.

As Lord Ricketts noted in the House of Lords in October last year, “the safe and effective exchange of data underpins our trade and economic links with the EU and co-operation between our law-enforcement bodies.” That trust depends on demonstrating a clear and enforceable approach to data control.

For many, public cloud services have created a false sense of flexibility. Moving fast is not the same as moving safely. Data localization, jurisdictional control, and security policy alignment are now critical to long-term strategy, not barriers to short-term scale. So where does that leave enterprise IT? Essentially, it leaves us with a choice - design for agility with control, or face disruption when the rules change.

Modern infrastructure needs to be sovereignty-aware

Sovereignty-aware infrastructure isn’t about isolation. It’s about knowing where your data is, who can access it, how it moves, and what policies govern it at each stage. That means visibility, auditability, and the ability to adjust without rebuilding every time a new compliance rule appears.

A hybrid multicloud approach gives organizations the flexibility while keeping data governance central. It’s not about locking into one cloud provider or building everything on-prem. It’s about policy-driven control across environments, managing workloads through the context of data.

For example, a financial services firm may need to keep customer transaction data within UK borders, but still wants to run analytics in the cloud. With the right architecture, workloads can move, but sensitive data stays governed. That’s sovereignty in practice, not theory.

Of course, generative AI introduces a new layer of complexity. Training models on private data, deploying inference at the edge, or simply sharing prompts between locations adds pressure to already stretched governance models.

And while many organizations have rushed to build or adopt AI tools, few have aligned these efforts with data residency or compliance. Sovereignty isn’t just about storage anymore. It’s about compute, access patterns, and understanding how third-party models interact with your data.

Building with sovereignty in mind

Edge and sovereign cloud capabilities will be essential here. But they only work if infrastructure teams are given the mandate and support to build with sovereignty in mind. That means cross-functional collaboration between legal, compliance, and IT. It also means choosing platforms that support location-aware deployment and policy enforcement from day one.

According to Nutanix’s recent public sector sovereignty research, 94% of public sector organizations are already using GenAI tools, yet 92% say they could do more to secure those workloads, and 81% say their infrastructure needs improvement to support sovereignty requirements. That says everything you need to know about the challenges facing both public and private organizations. Complexity has clouded judgement and capability.

And yes, customers want to know where their data is, of course they do. Partners also want to understand how it’s being used. With regulators increasingly expecting transparency, not just tick-box compliance, sovereignty, in this context, becomes a proxy for trust.

This is particularly important in sectors like healthcare, education, and government. But it’s not limited to them. Any business operating in or across regulated markets needs to demonstrate control. Not because it’s a checkbox, but because it’s now fundamental to continuity and reputation.

So where do you go from here?

First, get clear on where your data is and what laws apply. That’s not always simple. Next, review your infrastructure to see if it can support location-aware controls, hybrid deployment, and detailed auditing.

Then, consider where GenAI and future workloads are headed. Are you prepared to scale them without breaching sovereignty requirements? Can your teams adapt quickly as policies change?

Finally, treat sovereignty not as a constraint, but as a core part of your design strategy. The organizations that do this well won’t just be compliant, they’ll be more resilient, more transparent, and better prepared for what comes next.

Because in a world where data moves faster than policy, the ability to stay in control isn’t just good governance, it’s good business. And when geopolitics forces the issue, it might just be the nudge needed to get sovereignty right.

We list the best data migration tools to help manage your files.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Picture the scene. The head of IT security at a major business has just managed their team through several weeks of grueling work in containment and recovery after the latest ransomware attack. Their critical systems are back online, but after constant crunch time and sleepless nights, the team is visibly fraying; morale is low, anxiety is high, and there is more than one empty desk where senior personnel have taken extended sick leave.

This kind of scenario rarely gets attention in the press, where the focus of cyberattacks is on profit and loss, the impact on customers and the bottom line. But serious attacks take their toll on security teams too, and the aftermath can persist for months, leaving the organization even more vulnerable to future threats.

True cyber resilience, then, cannot be measured solely by systems restored or data decrypted - it must also factor in the people whose well-being determines not just how swiftly an organization recovers but whether it can withstand the next digital onslaught.

The hidden internal impact of an attack

The impact of an attack is typically weighed by system downtime, lost business, and potential reputational, legal and regulatory damage. Successful cyber strategies are measured in terms of key metrics like mean time to detect and respond to incidents.

But when the smoke clears and systems are back online, the human cost to personnel dealing with the attack is rarely tallied in stakeholder reports.

A landmark RUSI and University of Kent study found that cybersecurity personnel frequently experience PTSD-like symptoms, from panic attacks to insomnia, long after a crisis has been resolved.

This results in a second wave of disruption as sick leave and diminished morale ripples through the department and goes on to impact the rest of the company. Burnt-out IT and security teams will struggle to keep up the company’s baseline security, further increasing its risk exposure.

One major financial services firm in the University of Kent’s study reflected that placing its exhausted engineers on gardening leave immediately after a ransomware crisis could have averted “months and months” of subsequent sickness absence and spared the organization the hidden costs of burnout.

In short, serious attacks like ransomware don’t just hold data hostage; they also trap people in a cycle of exhaustion and fear. If organizations treat staff wellbeing as an afterthought rather than a key element in the front-line defense, they risk allowing human capital to become the weakest link in their cyber-resilience strategy.

The growing cyber leadership crisis

While the personnel on the frontline of incident response and containment are suffering from stress and overwork, things are often even worse higher up the chain. CISOs and other senior security leaders are usually held ultimately accountable for any failure to prevent or contain a breach, and it’s a responsibility that weighs heavily.

Leaders may be held personally responsible for crises they may lack the budget, headcount or organizational clout to address. Adding to the strain, success in this field frequently remains invisible: a CISO and their team may stop hundreds of daily attack attempts without fanfare, yet a single breach can spell career-ending catastrophe.

Putting in extra hours to stay on top of this workload is standard practice and our research found that 98% of security leaders admit to routinely logging an extra nine hours a week on top of contracted time as they attempt to keep ahead, with 15% pushing beyond sixteen hours overtime.

Soberingly, over half of the respondents said they are actively exploring new roles. This would be a troubling statistic for any industry, but it’s especially damaging in the cybersecurity field grappling with a long-term skills drought. When an IT security leader leaves, they take years of hard-won experience and knowledge with them, leaving the company’s security on less stable footing.

Organizations must protect their security talent

If the individuals responsible for your defenses are exhausted, no firewall can effectively prevent the relentless tide of burnout. Enterprises must integrate human resilience into their incident-response framework, a process that commences well before an alert is triggered.

However, it need not be a resource-heavy exercise for the organization. For example, our research found that 65% of organizations already offer flexible hours and 62% enable hybrid or remote working as standard. Simple measures like this grant staff a sense of control and space to recharge.

On a larger scale, enterprises need to ensure they have a framework in place to protect security personnel, especially leadership roles where the heaviest burden falls. CISOs need to feel empowered on a strategic level with the tools and influence to properly protect the company, not left struggling to make do.

When an incident does occur, the aftermath and recovery phase should focus on forward-looking conversations about what happened and what can be improved for next time. This support is even more important as we see a growing trend towards personal accountability and legal liability when procedures for reporting are not followed.

Removing the stigma of security stress

Alongside specific security processes, there’s a strong psychological element here too. The high-stress nature of cybersecurity should be openly acknowledged and accommodated, not treated as a burden that CISOs should conceal. Conversations around mental health should be normalized, and companies should consider wellbeing checks to spot early warning signs of burn out.

Communication is a key part of this. During an incident, the security team should feel connected to the company they are protecting, not in isolation, and should have a reporting process for feeding back on challenges and concerns if they need additional support.

When an attack has been resolved, a team wellbeing check should be a standard part of the post-incident process. Not every team member will have the same resilience in the face of a stressful crisis, and not every incident will hit the same. Businesses must be aware of who is struggling and provide support to them as needed.

Resilience beyond recovery

Ransomware may be a security issue, but its true impact plays out in human terms: sleepless nights, frayed nerves, and the talent exodus that follows unaddressed burnout.

By incorporating people-first measures into your cyber-resilience strategy, you can ensure that your organization won’t be weakened from within after a breach. The true test of resilience shouldn’t be solely about restoring systems quickly; it should also assess how effectively you protect and preserve the individuals who defend them.

We list the best firewall for small business.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

For many years, application security (AppSec) occupied a small technical niche within cybersecurity and was rarely seen as a critical boardroom-level priority. Today, though, we can see awareness shifting.

In recent research conducted by Checkmarx, nearly half of CISOs said they believe buyers now factor AppSec into purchasing decisions, showing its increased strategic weight in business operations.

Yet there’s still a stark disconnect between how AppSec is seen and how it’s put into practice. Just 39% of respondents felt that their business operations currently run on secured applications.

With AppSec now recognized as critical to business resilience, it often falls short in execution. To close the implementation gap, CISOs must lead a charge in rethinking governance, culture, and scale.

AppSec ownership is shifting but visibility is suffering

As software development cycles accelerate and architectures grow more complex, security responsibilities are moving closer to the code, and in nearly half of software-based companies, security oversight has moved outside the CISO’s office.

Instead, our research found that development or product teams are now just as likely to own AppSec decisions. This shift makes operational sense: embedding security earlier in the SDLC enables scalable protection without sacrificing delivery speed, but it can introduce visibility gaps across teams and pipelines.

Decentralizing AppSec typically introduces fragmentation. On average, organizations juggle more than 11 security tools, many of which are not integrated into a coherent workflow. Without central oversight, CISOs risk losing track of how security is being applied - or where it’s falling short. Inconsistent practices, “shadow security” workarounds, and gaps in coverage become more likely when security policies aren't uniformly applied.

This shift also alters the flow of influence within the company. Developers increasingly have veto power over tools that interrupt their workflows, which means security can take a back seat if the two teams aren’t able to collaborate effectively.

If AppSec is to scale effectively, governance must evolve along with it. That means enabling secure practices without enforcing bottlenecks and without losing visibility in the process. CISOs have a critical role to play here, ensuring that security is implemented smoothly as a set of guardrails rather than roadblocks.

DevSecOps maturity remains low

Despite the push for “shift left” practices and the proliferation of AppSec tools, most organizations lack maturity in their security integration. Of the CISOs in our research just 20% reported “high” or “very high” DevSecOps maturity. Meanwhile, 70% said that at least half of their applications still lack adequate security coverage. This is an alarmingly high figure when considering how important applications have become to most operations.

Part of the problem is that early-stage security integration doesn’t extend far enough. Many teams focus on scanning during development but neglect the runtime and deployment phases where vulnerabilities can still emerge. Others adopt tools without embedding them into daily workflows, leading to alert fatigue or missed risks.

A lack of training also compounds the issue. Developers are not typically trained in security practices and often lack the context or time to triage and fix security findings. This is made even more challenging when results are delivered through disconnected tools or outside their environment. The result is a culture of firefighting, responding to issues late in the lifecycle instead of designing resilient code from the start.

To close the maturity gap, organizations must adopt a layered approach: automated scanning at every stage, context-aware training, and close collaboration between platform engineering and AppSec teams. Maturity isn’t an issue of coverage, it’s about consistency, scalability, and trust between disciplines.

What CISOs must prioritize in 2025

CISOs are best placed to close the gap between strategy and execution in AppSec. Achieving this requires a new strategy built around four key factors: governance, collaboration, alignment and scalability.

Setting down governance

CISOs can no longer manage AppSec through centralized control alone. Instead, they must define a clear governance model for their teams, setting policies, KPIs and risk thresholds that can be embedded into automated workflows.

That means guiding platform teams to select tools that enforce policies programmatically, reducing the need for manual intervention. Security should be part of the pipeline, not a separate gate at the end of it.

Fostering collaboration

With ownership moving closer to developers, CISOs need to use their influence to establish a strong collaborative culture that works for everyone. Start by aligning KPIs across security and development teams to avoid competing incentives.

Then invest in enablement: training tailored to different skill levels, just-in-time guidance, and workflows that stay inside the IDE. Security champions and mentor programs can speed up cultural change, embedding expertise where it matters most.

AppSec risk is business risk

We consistently find that too few CISOs are translating AppSec risks into business terms. While 62% report metrics to the board, only 25% frame those risks in terms of business impact, such as reputational damage, regulatory exposure or lost revenue.

Without this alignment, security will remain a siloed concern until it’s too late and a breach occurs. CISOs must strengthen the AppSec link to wider business goals, reinforcing its role in customer trust, product resilience and competitive differentiation.

Driving scalability with the right technology

Fragmented tooling is one of the biggest barriers to effective AppSec. Consolidating around a platform approach that spans legacy and modern environments enables consistency, reduces noise and enhances developer productivity.

Scalable models should use automation where possible, with human input where needed. That’s how you keep pipelines moving fast - without losing control or visibility over security.

Taking AppSec from bottleneck to enabler

AppSec’s evolution from technical concern to business priority is undeniable, but implementation still lags. As ownership shifts to development teams, the role of the CISO must also evolve to keep security front and centre.

The challenge is no longer about control, but coordination. Governance, culture and technology must all align to embed security where it counts without creating friction. CISOs who lead with vision, build developer trust and champion scalable solutions can transform AppSec from a potential bottleneck into a force multiplier for resilience, speed and long-term business value.

We feature the best DevOps tools.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Let’s be clear: the UK is no longer preparing for hybrid threats; we’re already living through them. What happened at RAF Brize Norton wasn’t just a protest gone too far. It was an act of sabotage against operational military aircraft, carried out using scooters, paint, and basic hand tools.

The fact that it succeeded tells us everything we need to know about the state of our national security posture: fragmented, reactive, and dangerously misaligned with the threat landscape.

If we neglect the physical layer, we risk undermining all the effort, investment, and capability built into our digital resilience. Security must be holistic—from the perimeter fence to the network firewall, from the patrol route to the SOC dashboard.

And right now? That cohesion simply doesn’t exist.

Hybrid Threats Are No Longer Theoretical

Driven by geopolitical instability and evolving warfare tactics, hybrid threats, where physical and cyber attacks are combined, are becoming the norm.

Across the Middle East and Eastern Europe, digitally coordinated sabotage operations (like drone strikes on critical infrastructure) have exposed the weaknesses in siloed defenses. These aren’t one-off incidents; they’re deliberate, repeatable attack models.

And the UK is not immune. Intelligence sources point to repeated probing of our critical infrastructure, with Russia frequently suspected. Whether it's energy, transport, or defense, our infrastructure is now part of the battlefield.

Why Security Must Be Holistic

Securing critical infrastructure isn’t just a technical challenge, it’s a leadership one.

You wouldn’t install a high-end alarm system at home and then leave the front door wide open. But that’s exactly what many organizations are doing: investing millions in cybersecurity while physical security is neglected or under-tested.

Across defense, utilities, transport hubs, and data centers, the weakest links are often the most mundane: an unchecked fence, a blind CCTV angle, an unmanned gate. These gaps may seem small until they’re exploited.

The reality is stark: we are now in the grey zone, where adversaries operate below the threshold of open conflict, using disruption, ambiguity, and deniability to advance strategic goals.

Brize Norton: Exposing Systematic Failures

The breach at RAF Brize Norton was not complex or sophisticated; it succeeded because no one expected it.

Two individuals, using basic tools and repurposed fire extinguishers, accessed an active runway, disabled aircraft engines with paint, and left undetected. These aircraft support critical UK combat operations, including missions in Ukraine.

This wasn’t symbolic; it had real tactical impact. And it exposed systemic failures, not just in physical security, but in how cyber and physical defenses fail to align.

This is exactly what modern adversaries exploit: seams, blind spots, and bureaucratic silos.

Heathrow: Civil Infrastructure, Same Problem

Just weeks earlier, a fire at a 1960s-era substation shut down Heathrow, cancelling over 1,300 flights and stranding 300,000 passengers.

The cause remains under investigation, but the implications are clear: fragile systems, single points of failure, and national disruption caused by one overlooked asset.

Whether accidental or deliberate, this is the playbook for hybrid adversaries: exploit basic vulnerabilities to cause disproportionate impact.

Commercial Organizations Are Not Exempt

It’s a dangerous fallacy to assume that only critical national infrastructure is being targeted. Commercial organizations—from logistics and manufacturing firms to data centers, retail giants, and tech companies—are increasingly in the firing line. The same hybrid tactics being used against government and military targets are being adapted and deployed against the private sector, often with devastating results.

Why? Because attackers don’t care about sector boundaries. They care about impact, access, and leverage. A warehouse fire, a compromised fulfilment center, or a disabled payment gateway network can ripple into national disruption. These aren’t just economic losses; they’re strategic vulnerabilities.

Commercial supply chains are deeply intertwined with national resilience. A major cyber-physical incident at a privately owned port, a cloud provider, or a high-throughput distribution hub could disrupt the economy, erode public trust, or even compromise defense readiness.

Yet too many businesses still view security as a compliance checkbox rather than a strategic function. The result is a security architecture that assumes peace while operating in a contested domain.

To ignore this is to misread the modern threat landscape. Commercial entities must be just as prepared, because when disruption is the goal, anyone with critical throughput becomes a target.

What the UK Is Failing to Grasp

The critical misunderstanding across much of UK security leadership is this: these threats don’t operate in silos. So why do we defend them as if they do?

Many boards still treat cyber and physical security as entirely separate disciplines, with different teams, budgets, and reporting lines. That’s not resilience. That’s friction. And attackers thrive in that friction.

Here’s what’s driving the risk:

Fragmented defenses: Physical security teams don’t have visibility into digital threats, and vice versa.

Poor system segmentation: A cyber breach often leads straight to operational control. A physical breach often exposes the network.

Leadership indecision: Waiting for a regulation to act is like waiting for a break-in to install locks.

What Must Change Now

We don’t need more strategy documents. We need decisive, integrated action. Here’s where to start:

1.Unify Security Governance

Cyber and physical security must be led from a unified framework. Shared threat models. Shared reporting. Unified response protocols.

2.Design for Containment, Not Just Prevention

Breaches will happen. What matters is whether they cascade. Resilience requires segmentation, isolated backups, manual overrides, and tested recovery drills.

3.Treat OT as a Primary Attack Surface

Operational Technology (OT) and Industrial Control Systems (ICS) can no longer be afterthoughts. They must be logged, monitored, and secured like your most sensitive data environments.

4.Train for Real-World, Blended Threats

Exercises must mirror reality: power loss during a cyberattack, disinformation campaigns during a physical breach. Complexity is the new normal. Ensure your teams are ready.

5.Conduct Regular Physical Penetration Testing

Just as networks are stress-tested through red teaming, physical sites must be tested through controlled breaches.

These exercises reveal blind spots in perimeter security, access control, and response protocols, and turn “security theatre” into actual resilience.

6.Act Without Waiting for Mandates

If Brize Norton didn’t drive change, what will? The next incident may come at a greater cost. Waiting for regulatory change is a dereliction of leadership.

Hybrid threats are real. The UK is already a target. Our critical infrastructure, both military and civilian, as well as commercial, is being tested.

Brize Norton and Heathrow are not anomalies. They are indicators of systemic failure: a lack of joined-up thinking, a failure to treat physical and cyber risk as inseparable.

If we don’t act now and build holistic defenses from the fence to the firewall, we are set to learn the next lesson at a much higher cost.

The best internet security suites and the best antivirus software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

I spent a year wrestling with MagSafe cases on my Google Pixel 9, from misaligned rings to hot, flaky charging. That’s why Pixelsnap (native magnets plus Qi2) is the only Pixel 10 feature I care about.

While my colleagues wax lyrical about camera and AI upgrades, I’m just here reliving a year with the Pixel 9. I’ve always envied Apple’s MagSafe wizardry, but adding compatibility with third-party cases is an exercise in frustration.

Sure, the overly rigid dust- and smudge-prone case I ordered from Google alongside my Pixel 9 last year works just fine. But of the eight others from less exacting brands, seven misaligned the magnetic ring and charging failed or limped along while getting uncomfortably hot.

My magnetic car mount barely held, my favorite accessories went flying and even Google’s own non-magnetic bedside charger was fussy about case thickness and alignment.

Robust, reliable magnetic wireless fast charging in the car was surprisingly hard to achieve with the Pixel 9 (Image credit: Lindsay Handmer)

I found workarounds for most issues, but my white whale was tougher: MagSafe wireless charging in my car that could keep up with navigation and music streaming.

After months of trial, error and too many Amazon returns, I finally found a combination that worked. It’s good, but not great, and needs to hog an air vent in summer to avoid overheating.

So as far as I’m concerned, Pixelsnap is the headline Google act this year and everything else is just nice to have.

Finally, there's better charging and the freedom to do without a magnetic case! Or, for people like me (who tussle with gravity a lot), the relief of knowing that even if using a case, proper alignment is now baked into the design.

Pixelsnap 101

Pixelsnap wireless charger with stand (Image credit: John Velasco)

Not sure what I'm on about? You can read more about all the new features in our Pixel 10 review or check out our deeper dive on the new tech, but I've included the key Pixelsnap points below.

• Pixelsnap is on the Pixel 10, Pixel 10 Pro, Pixel 10 Pro XL and Pixel 10 Pro Fold.
• Uses built-in magnets, plus Qi2 for MagSafe-compatible wireless charging and accessories.
• Automatic alignment, faster charging, stronger hold.
• Charge speeds: 15W or up to 25W on the Pixel 10 Pro XL.
• Backward compatibility with most MagSafe chargers and accessories.

So what’s the bad news?

Pixelsnap is a big step up, but it’s not perfect. While not a feature I used too often, Google has removed wireless power sharing to make the new magnetic setup work.

Pixelsnap wireless charging speeds aren't consistent either – it maxes out at 25W on the Pixel 10 Pro XL, but the rest of the lineup is limited to a slower 15W.

MagSafe cross-compatibility is a huge win, but the magnetic accessory landscape is still messy, and older non-Qi2 chargers won’t hit full speed, so you’ll likely need to upgrade.

Not to mention, Qi2 is still hard to find. Case in point: I collect power banks like Pokémon for our best portable chargers guide and comparatively few models currently support 15W or 25W charging on the Pixel 10.

Now, while Pixelsnap is what I care about most, for everyone else, it might not be the standout reason to upgrade to the Pixel 10. But it does remove one of my biggest annoyances with the Pixel lineup, and for that I'm grateful.

Have a MagSafe-compatible or Qi2 setup that just works? Drop the model in the comments and I’ll add it to my test list.

You might also like...

• The Pixel 10 Pro and Pro XL have bonus AI features I didn't expect to love
• I'm a die-hard iPhone fan, but these 5 things from the Pixel 10 launch made me jealous
• Google Pixel 10 vs Google Pixel 9: all the biggest differences

Perplexity enhanced its AI-powered Comet browser with a new $5 monthly subscription service called Comet Plus, which, at first glance, seems like Perplexity looked out at the bleak, ad-choked wasteland of modern digital publishing and decided it could offer something better to consumers and publishers. It's a simple pitch. With Comet Plus, you get AI access to premium news content, such as Gannett and Der Spiegel, with 80 percent of subscriber fees paid directly to those publishers.

And Perplexity is paying publishers in three ways: when people visit a story from the browser, when their content is cited in a search answer, and when an AI agent uses their content to complete a task for you. The idea is that if content is valuable to us in that context, publishers should be paid for that value, and consumers should get something special.

But I'm skeptical this model serves either the people creating the premium content or Comet Plus users. It feels like Comet Plus feeds the paywalled journalism into the AI sausage grinder just like any other content. Perhaps it's paying the farmer a fairer share instead of taking it outright. However, despite the inclusion of links and payment for people visiting the articles, it's hard to believe most people will consume the article and not just the digested result from the AI. Distilled answers engineered for brevity and speed and stripped of voice, structure, and context. All the things that made the writing worth paywalling to begin with. And it almost certainly won’t encourage people to read the original work. In fact, it arguably gives them less reason to do so. People who prioritize efficiency and prefer bullet points to narratives might use the AI browser assistant to synthesize the top five articles on a subject instead of reading all five original sources, for instance. That’s great for task completion. Terrible for the authors whose works are buried somewhere in the output.

This is not some nostalgic plea to support writers regardless of quality. However, I won't pretend that this model addresses concerns about how AI treats work published online or the people who write it (and that's before considering how AI has rendered the em-dash and some of my other favorite style choices unusable, leading to unfair accusations).

Comet Plus

Comet Plus at least tries to address the problem, but it's a thin veneer of respectability that ignores the mess underneath. Perplexity argues that this is a fairer model than the current click-and-ads approach. I don’t disagree. But if you genuinely want to rebuild it in a way that helps writers, then you have to design for visibility, not just monetization. And if you want people to care about human-written articles, stripping articles of context for simplistic short sentences won't help.

No matter what Comet Plus might claim, it makes the same mistake every AI platform has made since 2022 in treating original work as a raw material to be mined, not an experience to be preserved. The cold truth is this: most people will never know whose work their AI assistant just summarized. They won’t know the name of the Pulitzer winner or brilliant, if tired, freelancer cogitating on the future of publishing. They might get the facts, but they’ll miss the point, even if they pay $5 a month to do so.

You might also like

• AI web browsers are the new trend, but will ChatGPT and Perplexity Chrome competitors turn out to be a fad?
• Perplexity AI's Comet browser will streak across the web this month
• Perplexity's voice assistant offers a Siri alternative for iPhones

Squarespace website builder review

Squarespace is a top website builder known for its elegant designs and robust features. With over 100 premium, mobile-optimized templates, it’s a favorite for creatives and businesses seeking visually stunning, professional websites.

Pros

• Beautiful, customizable templates
• AI website builder included
• Unlimited products on all plans
• 24/7 expert support
• All-in-one platform approach

Cons

• Higher starting price
• No free plan available
• Limited third-party integrations
• Steeper learning curve

GoDaddy website builder review

GoDaddy Website Builder is a popular choice for beginners, offering a user-friendly interface and quick setup. With many templates and marketing tools, it’s designed to help small businesses and entrepreneurs create functional websites with ease.

Pros

• Lower starting price
• Free plan available
• Simple drag-and-drop editor
• Fast setup process
• Strong marketing tools

Cons

• Basic template designs
• Limited customization options
• Commerce features cost extra
• Less design flexibility

Squarespace and GoDaddy are both reliable website builders for beginners in 2025. They help businesses establish an online presence quickly, with limited creative freedom but a much quicker set up time. Each platform also offers hosting, templates, and other tools.

That said, there are some differences. Squarespace emphasizes just a little bit more on creative control. It's no WordPress or Webflow, but you still get really aesthetic templates and more flexible customization tools. GoDaddy prioritizes simplicity and affordability above all. So you only get basic customization tools in the site editor, but a whole lot more additional add-ons and integrations that can help small businesses with different online tasks.

We've tested both platforms multiple times. This guide will help you choose based on your comfort level, functional requirements, and creative focus.

Squarespace vs GoDaddy: A detailed breakdown

Feature

Squarespace

GoDaddy

Starting price

$16/month

$9.99/month

Free plan

No

Yes (limited)

Templates

100+ award-winning designs

Basic customizable themes

Editor type

Fluid Engine drag-and-drop with pixel precision

Simple click-and-drag interface

AI website builder

Blueprint AI with personalized content

Basic AI creation via questionnaire

E-commerce

Built-in on all plans with unlimited products

Available on higher-tier Commerce plans only

Payment methods

Credit cards, PayPal, Apple Pay, Afterpay, ACH

Credit cards, PayPal, Apple Pay, Google Pay

SEO tools

Built-in with AI SEO report and optimization

Standard SEO features, advanced requires add-on

Email marketing

Integrated with AI-assisted writing

Built-in basic email marketing

Mobile optimization

Automatic responsive design

Mobile-friendly templates

Customer support

24/7 award-winning support

24/7 support

Domain included

Free for first year on annual plans

$0.01 for first year with 3-year plan

Analytics

In-depth traffic and commerce analytics

Basic analytics with GoDaddy InSight score

Social integrations

Instagram, Facebook selling and marketing

Facebook, Instagram, Yelp, Google My Business

Blog features

Robust CMS with AI writing tools

Basic blogging with email updates

App market

Extensive third-party extensions

Limited integrations

Squarespace vs GoDaddy: Features

Squarespace packs a solid feature set that spans beyond basic website building. You get built-in e-commerce capabilities on every plan. That means unlimited products right from the start. The platform's AI tools include Blueprint for site creation and Design Intelligence for brand consistency. Recent updates also brought enhanced AI content support with tone adjustment and audience targeting.

GoDaddy takes a different approach with features. Its Airo AI handles product listings, pricing recommendations, and social content creation. The platform includes email marketing on all plans, from 100 emails monthly on Basic to 100,000 on Commerce. GoDaddy Studio creates branded videos and social ads using AI. However, advanced e-commerce features require plan upgrades.

Both platforms offer mobile optimization and SEO tools. Squarespace provides more sophisticated analytics and reporting. GoDaddy focuses on marketing automation and social media integrations. The key difference: Squarespace includes premium features across all tiers. GoDaddy uses a freemium model with paid add-ons.

Winner: Squarespace offers more features out of the box, making it better for users who want everything included. GoDaddy suits those who prefer starting basic and adding features later.

Squarespace vs GoDaddy: Ease of use

A lot of independent testing shows Squarespace as the easiest builder to use in 2025. Drag-and-drop editing offers pixel-perfect placement. Its section-based approach keeps sites structured and professional. Plus, Blueprint AI generates complete websites in under four minutes. However, the platform still has a steeper learning curve for advanced use than some competitors.

GoDaddy prioritizes simplicity above all else. The setup takes minutes with AI-guided questionnaires. You answer basic questions and get a ready-to-edit site. The interface works well for total beginners. But this really limits customization options. Once your site is built, making major changes becomes very challenging.

Both platforms offer decent editors. Squarespace provides more control but requires longer to master. GoDaddy gets you online faster but with less flexibility. For design-conscious users, Squarespace's section-based system prevents layout mistakes. GoDaddy's rigid structure helps maintain consistency but frustrates creative users.

Mobile editing differs significantly between the two. Squarespace offers responsive design that works across devices. GoDaddy provides basic mobile optimization but less fine-tuning options for power users.

Winner: GoDaddy wins for absolute beginners who need to get online immediately. Squarespace takes the crown for users willing to invest a little more time learning a more powerful system.

Squarespace vs GoDaddy: Integrations

Squarespace offers a curated selection of integrations focused on quality over quantity. Popular options include Google Maps, PayPal, MailChimp, and social media platforms. The platform connects seamlessly with creative tools like Flickr and SoundCloud. However, the app market remains limited compared to other builders. Third-party extensions like Spark Plugin add customization options.

GoDaddy provides essential integrations for small businesses. You get Facebook, Instagram, Google My Business, and Yelp connections. The platform integrates with major marketplaces like Amazon, eBay, and Etsy. Email marketing tools connect with popular services. But advanced integrations require higher-tier plans or separate subscriptions.

Their integration philosophy differs a lot. Squarespace maintains tight control to ensure stability and design consistency. This means fewer options but better reliability. GoDaddy opens more third-party connections but with varying quality levels.

For e-commerce, both platforms handle payment processors well. Squarespace supports more payment methods natively. GoDaddy focuses on marketplace integrations for broader product distribution.

Winner: Neither platform is that great at integrations. Squarespace offers better-curated options for creative professionals. GoDaddy provides more business-focused integrations for traditional commerce needs.

Squarespace vs GoDaddy: Security

Squarespace and GoDaddy both give you essential security features for peace of mind. SSL certificates come standard, so every site runs safely over HTTPS. Both platforms support PCI compliance, which is critical if you’re selling online—your customer data stays protected. They also offer two-factor authentication, making it harder for hackers to get in.

GoDaddy does score an extra point for its automated routine backups. You don’t have to remember to save your work or worry about losing changes. This is perfect for anyone who wants more redundancy. Squarespace offers basic backup options, but not as frequent or reliable as GoDaddy. Both builders update your site automatically, though, shielding you from vulnerabilities and threats.

In direct comparison, GoDaddy’s overall security score is higher, mostly thanks to those regular backups and a slightly broader set of protective tools. Squarespace still keeps things strong and simple, so it’s secure enough for most business users.

Winner: GoDaddy edges out Squarespace thanks to better backup routines and a slightly more robust security suite. It’s the better choice if you want maximum protection without fuss.

Squarespace vs GoDaddy: Support

Support is priority #1, especially if you’re new to websites. Squarespace offers 24/7 help through live chat and email. Response times are solid and the team knows their stuff. You also get a rich knowledge base with guides and tutorials for DIY learning. Sadly, there's no phone support option.

GoDaddy gives you round-the-clock support, with phone access included. If you prefer talking to someone, this is a big advantage. They also offer live chat and have lots of self-help resources and guides available. Feedback from users suggests GoDaddy’s support is fast and friendly, especially for setting up domains and basic sites.

For more specialized help, Squarespace has better design advice and creative troubleshooting. GoDaddy is unbeatable for issues around domains and web hosting, especially if you prefer speaking to agents on the phone.

Winner: GoDaddy wins for anyone who wants phone support and fast setup help. Squarespace appeals to users who favor email and live chat, especially those who need more advanced creative support.

Squarespace vs GoDaddy: Pricing and plans

GoDaddy is the easy pick for budget-conscious users. You can start with a free basic website and scale up only if you need more features. Paid plans start at $9.99/month, which includes ecommerce, marketing, and other upgrades as you go. Extras like email, domain management, and premium security cost more, but you don’t have to pay for features you’ll never use.

Squarespace does not offer a free plan, just a trial. Monthly plans begin at $16, but you get access to all core templates and features from day one. Every account includes hosting, unlimited bandwidth, and e-commerce, with no hidden fees or surprise upgrades. The main tradeoff is price. You’ll pay more, but you get everything upfront.

GoDaddy uses an à la carte system: start cheap, pay more as your needs grow. Squarespace is “all-inclusive”: higher entry fee, but full power from the start. Annual plans on both platforms include a free custom domain for the first year, giving your site a professional look as soon as you launch.

Winner: GoDaddy is the clear choice for users who want the lowest possible price or prefer a pay-as-you-grow model. Squarespace is best for those happy to invest a bit more for immediate access to every design and feature.

Squarespace vs GoDaddy: Final verdict

Squarespace takes the crown for most users in 2025. It offers superior design templates, comprehensive features from day one, and better creative control. The platform excels for creative professionals, service businesses, and anyone who wants a polished, professional website without compromises. You'll pay more upfront, but get everything included.

GoDaddy works best for budget-conscious beginners who need something online quickly. Its free plan and low starting prices make it accessible to everyone. The AI setup process gets you launched in minutes. However, you'll hit limitations fast if your needs grow beyond basic websites.

Squarespace vs GoDaddy: FAQsCan I transfer my website from GoDaddy to Squarespace?

You can move between platforms, but it's not automatic. Squarespace doesn't offer direct migration tools from GoDaddy. You'll need to rebuild your site using Squarespace's templates and manually transfer content like text, images, and product listings. The process takes time but gives you a chance to improve your design.

GoDaddy also lacks automated import tools from Squarespace. Moving from Squarespace to GoDaddy means starting fresh with GoDaddy's simpler templates. You'll lose some design sophistication but gain cost savings. Both platforms let you export content, but expect some manual work regardless of direction.

Which platform is better for SEO?

Both platforms include basic SEO tools, but Squarespace offers more advanced options than GoDaddy. You get built-in SEO guidance, AI-powered content suggestions, and better control over meta tags and URLs. Squarespace templates are also cleaner and load faster for search engines.

GoDaddy provides standard SEO features like custom titles and descriptions. However, advanced SEO tools require paid add-ons through their Marketing subscription. For serious SEO efforts, Squarespace gives you more control out of the box. GoDaddy works fine for basic local business SEO needs.

Do I need coding skills to use either platform?

Neither platform requires coding knowledge. Both offer drag-and-drop editors that work visually. That said, Squarespace provides more design flexibility without code than GoDaddy. Its learning curve is slightly steeper but still manageable.

Which platform offers better value for e-commerce businesses?

Squarespace includes unlimited products and full e-commerce features on every plan. You get inventory management, multiple payment options, and detailed analytics from the start. Its cost pays for itself if you're serious about online selling.

GoDaddy requires upgrading to Commerce plans for proper e-commerce features. Basic plans limit your selling capabilities significantly. However, GoDaddy integrates well with marketplaces like Amazon and eBay, which can boost sales.

What happens to my website if I stop paying for the service?

Both platforms will take your website offline if you stop paying. Squarespace gives you a grace period to reactivate, but your site becomes inaccessible to visitors during downtime. You can export some content, but lose the design and functionality.

GoDaddy also disables websites for non-payment, though they may keep your domain active briefly. Neither platform offers permanent free hosting, so budget for ongoing monthly costs with either choice.

• Corsair just launched a new 14.5-inch touchscreen display, the Xeneon Edge
• It's built for multitasking as a secondary screen for desktop PC users
• It's available now on Corsair's online store, $250 / £219.99 / around AU$385.99

Multitasking is a prominent factor for many PC users, and one that can easily be achieved with dual monitor setups using some of the best monitors on the market, but it can take up a significant amount of desk space. Fortunately, Corsair has provided a one-stop solution.

As reported by TweakTown, Corsair has launched the Xeneon Edge, a 14.5-inch touchscreen display with a 2560x720 resolution, designed for multitasking with easy system monitoring, access to web browsers, and apps like Discord (serving as a second screen), as well as its iCUE software, which provides functionality similar to Elgato's Stream Deck.

It's now available on Corsair's online store for $250 / £219.99 / approximately AU$385.99. While I think that's a hefty price tag to pay for a secondary display, the benefits of keeping tabs open on activities on a small display are too great for me to ignore.

The Xeneon Edge can be mounted on the side panel of your PC case or simply placed under your primary monitor. System and game information, Discord notifications, wallpapers, and other iCUE software widgets can be used, freeing your main display from clutter.

The same can be done with a dual monitor setup, but desktop space becomes a concern, and it's not exactly ideal to leave your game window to address other tasks. With the Xeneon Edge, it can all be done with one touch, and it seems like this should work without interfering with controls while you're in-game.

Analysis: yes there are cheaper alternatives, but I'd rather trust Corsair

(Image credit: Corsair)

There's no denying that the $250 / £219.99 / around AU$385.99 is a bit of a sting, and it'd be easier to buy a cheaper alternative on AliExpress. Even so, I'd rather go with a more reliable brand, and Corsair is the prime example of that.

The Xeneon Edge is a niche product for some, but considering how often I'm keeping track of other notifications and videos simultaneously, it's the perfect secondary screen to purchase.

I've gradually grown tired of 32:9 super ultrawide displays, as they take up significant amounts of desk space, and the performance hit going from the 3440x1440 resolution to 5120x1440 is noticeable – and to me, the Xeneon Edge answers both space concerns and eliminates visual clutter, so it's a no-brainer.

You might also like...

• Early Asus ROG Xbox Ally X benchmark suggests excellent power efficiency and cooling – but I'm still not sold on the handheld
• Watch out, Nvidia: AMD's FSR 4 tech offers a big leap for PC games – but there's a catch
• Asus unveils ridiculously fast 720Hz gaming monitor – but it’s the Tandem OLED tech I’m interested in

• Yet another leak has emerged about AMD's next-gen GPUs
• It shows a powerful flagship, one that could potentially rival the RTX 5090
• Other models include a mid-ranger, along with two lower-end offerings

Another rumor has outlined AMD's apparent plans for its next-gen range of graphics cards, again indicating that Team Red intends to compete at the high-end this time around.

Of course, that's an area that RDNA 4 skipped, with its top offering being the upper-mid-range RX 9070 XT; however, there have long been rumors that AMD isn't going to shy away from producing a beefy GPU with RDNA 5. Or UDNA, as it may alternatively be called, which I'll return to shortly.

Wccftech reports that well-known GPU leaker Kepler spilled the beans on the Anandtech forums in an ongoing, rambling discussion thread (which was started late last year, in fact).

Kepler believes that the flagship RDNA 5 GPU will have 96 Compute Units (CUs), and that the range will drop down with the next tier having 40 CUs, followed by 24 CUs and 12 CUs, respectively, for the lower-end graphics cards.

As Wccftech further notes, this is tentatively backed up by ZhangZhonghao, a regular leaker posting on the Chiphell forums in China, who theorizes there will be an 'extra-large' GPU - in other words, a flagship high-end model - followed by medium (mid-range), small, and tiny graphics cards.

(Image credit: Shutterstock / DC Studio)Analysis: how long is a rendering pipeline?

Obviously, season this heavily, as even if this is true - based on the leaked diagram Kepler shares (and the backup theory from Chiphell) - it could just be AMD's current thinking, which may change down the line.

So, how powerful might an RDNA 5 graphics card with 96 Compute Units be? As it's less than a previous rumor indicated, which was 154 CUs. However, this is a bit of a 'how long is a piece of string' question as there's a whole load of variables involved, including how much difference the new architecture makes to the overall performance of AMD's next-gen GPUs, and how much cache is used (with some big increases potentially in the cards there, Kepler notes elsewhere).

However, all rumors suggest that AMD is making significant changes to the next generation of its Radeon graphics cards, which is why they might adopt the UDNA architecture rather than RDNA 5. The 'U' of UDNA refers to a 'unified' architecture, as this would supposedly represent the joining of RDNA (gaming) and CDNA (data center) architectures, all under one umbrella - a huge move.

So, in some ways, it makes sense that AMD would be planning a power move in terms of a proper flagship graphics card, given such a major shift in its GPU landscape. And so it's easy to believe that the intention will be to compete with the top-end of Nvidia's GeForce range.

Generally speaking, then, trying to pin down the spec of the possible RX 10090 XT (the logical progression for naming, although I think the flagship will be called something entirely different) at this point is a waste of time. That spec is likely to be fluid and changing, anyway, as we are some way off the realization of AMD's next-gen Radeon products (which are slated to arrive late in 2026, if not 2027).

All we need to know is that it's looking increasingly like AMD is going to offer a compelling rival to the RTX 5090 (as previous performance estimations have broadly suggested).

Although it is conceivable that Nvidia may have an RTX 6090, or equivalent, on the table by the time the next-gen Radeon flagship turns up, Team Red should beat its rival to the punch based on current chatter from the grapevine. And indeed, maybe this could spur Nvidia into making an RTX 5090 Super, but I'm getting carried away with the wild speculation (and besides, such a GPU would cut into the supply of chips that Team Green could use for much more profitable AI graphics cards).

Suffice it to say that AMD is looking towards producing a very powerful GPU with its next-gen range, one that'll please enthusiast gamers with plenty of money to spend - and Nvidia will have to sit up and take notice of that, should these rumors pan out. Especially if AMD can undercut with pricing, which shouldn't be too big an ask given how much Nvidia demands for its top dog GeForce graphics card.

You might also like

• The best AMD graphics card in 2025: top GPUs from Team Red
• The GPU market is an absolute mess right now, and I don't blame console players for staying away
• Top gaming PCs: great rigs for serious PC gaming

Apple is reportedly in discussion with Google to add Gemini to Private Cloud Compute, ready to power Siri with Apple Intelligence.

The news came from top insider Mark Gurman, who said, "A few weeks ago, Apple approached the search giant about making a version of its Gemini AI models."

Gurman even said Google was developing this custom model right now with Apple's involvement, pointing towards the potential for a Google Gemini-powered, Apple Intelligence-branded Siri.

As TechRadar's Senior AI Writer, I test out all of the best AI models, and Google Gemini is up there with my favorite chatbots on the market.

Apple's AI strategy has been underwhelming, to say the least, but reports of the Cupertino-based firm bringing in Google to superpower Apple Intelligence could be the best thing to happen to the iPhone in years.

Here are five reasons why I really hope Apple adds Google Gemini to Siri.

1. Gemini Live is best in class

(Image credit: Future)

AI voice assistants are everywhere these days, yet we're still waiting for Apple to truly supercharge Siri with Apple Intelligence.

While OpenAI's ChatGPT Advanced Voice Mode is good, it falls short of Google's Gemini Live, which I believe is the best AI-powered voice assistant on smartphones at the moment.

I like Gemini Live so much, in fact, that I've assigned the voice assistant to my iPhone 16 Pro Max's Action button, using it frequently instead of activating Siri on my device.

If Apple is looking to power Siri through an AI model from another tech giant, then Gemini Live is proof that Google is the perfect partner to do so.

Apple has a ready-made Siri replacement staring it in the face, and all it needs is some swanky branding and compliance with Apple's strict privacy vision.

2. Gemini reads your email and calendar already

(Image credit: Getty Images)

One of the best ways to use Gemini at the moment is by asking it questions based on your other Google services, such as Gmail and Google Calendar.

Adding Gemini into Siri would allow iPhone users to ask questions about these incredibly popular services, taking us one step closer towards the AI personal assistant everyone hopes for.

Considering the AI model is already able to tap into Google services, you'd expect it to be relatively easy for Apple and Google to offer similar abilities with Apple's most popular apps, such as Mail, Notes, and Calendar.

When Apple revealed Apple Intelligence last year, Siri was able to listen to your requests and implement them across iOS. Gemini basically does that on Android already, so why not allow it to do the same on iPhone?

3. A smooth transition

The AI options available are endless, so having some parity between iPhone and Android would actually be a great thing for smartphone users.

Think about it, Gemini powers the AI in the best flagship Android devices like the Samsung S25 and the Google Pixel 10. But what if a similar experience was bundled into every iPhone, just with a little bit more Apple polish?

I'd love to use Gemini as my go-to AI assistant on my iPhone, and quite frankly, I already do. However, having it built into Siri would make it feel even more at home on iPhone, and best yet, for consumers, it means the switch to Android or vice versa, from an AI perspective, would be incredibly smooth.

4. It's ready to go

I don't know about you, but I'm bored of waiting for a new version of Siri that's capable of what I want from a voice assistant.

And quite frankly, the thought of purchasing an iPhone 17 without any Siri improvements makes me feel a bit sour towards the upcoming iPhone.

Gemini works, and it's already good to go, so adding implementation into Siri and powering Apple's voice assistant with Google's hard work would mean an intelligent Siri sooner rather than later.

Currently, I have no hope for an AI-powered Siri by the end of the year, and quite honestly, that's a real disappointment, considering I bought the iPhone 16 Pro Max with the promise of "AI for the rest of us."

If Apple opted to use Gemini, we could get the AI Siri we've wanted for what feels like an eternity very soon, and that's only a good thing for Apple users who are getting impatient waiting for a voice assistant that knows what year it is.

5. There's already a fruitful partnership

(Image credit: Shutterstock)

Google and Apple have been working together for a very long time, with Google Search as the default search engine on Safari.

That relationship could be in jeopardy with a multi-billion-dollar antitrust case soon to be decided in the US. Following that lawsuit, there could be a big shift in iPhone's moving forward, and it might require new agreements between the two companies.

Could AI and Gemini be at the forefront of the discussions? Gurman says the companies haven't discussed this matter yet, but he believes that "if Apple and Google come to an agreement, it would be the basis of a new arrangement around search as well."

Apple might choose to steer clear of using a Gemini AI model to power Apple Intelligence, but considering what we've seen so far, I hope Tim Cook and co are at least contemplating it.

You might also like

• I tried Google's new AI mode powered by Gemini, and it might be the end of Search as we know it
• Google previews AI Mode for search, taking on the likes of ChatGPT search and Perplexity
• Google Gemini's new model is the brainstorming AI partner you've been looking for

• Exabeam report claims AI is driving insider threats, that are now outpacing external cyberattacks
• Most firms have insider programs, but lack advanced behavioral analytics needed for early detection
• Generative AI agents create faster, stealthier risks that traditional defenses cannot easily catch

How organizations view insider risk is changing, according to a new report from Exabeam which claims insider threats have overtaken external attacks to become the number one security concern, and it’s mostly down to AI.

Nearly two thirds (64%) of respondents said they now see insiders, whether malicious or compromised, as a bigger danger than outside actors - and Generative AI is behind a rise in faster and stealthier attacks that are far harder to detect.

“Insiders aren’t just people anymore," warned Exabeam Chief AI and Product Officer, Steve Wilson. "They’re AI agents logging in with valid credentials, spoofing trusted voices, and making moves at machine speed. The question isn’t just who has access - it’s whether you can spot when that access is being abused.”

AI-enhanced phishing and social engineering

Over half of organizations reported an increase in insider incidents in the past year, with most expecting that growth to continue.

Government, manufacturing, and healthcare are among the sectors bracing for sharper rises, while Asia-Pacific and Japan are anticipating the biggest regional increases.

The Middle East region is the outlier here, with nearly one-third of organizations expecting a decline, something Exabeam suggests could be down to either stronger defenses or an underestimation of new AI risks.

AI-enhanced phishing and social engineering are now among the top insider tactics, able to adapt in real time and mimic trusted communications at scale.

Unauthorized use of generative AI makes the challenge facing firms even harder, with three-quarters of organizations reporting unapproved activity.

Technology, government, and financial services show the highest levels of concern.

Despite widespread adoption of AI in security tooling, insider threat programs remain a mixed bag, as Exabeam found while 88% of organizations have such programs in place, only 44% actually make use of user and entity behavior analytics.

“AI has added a layer of speed and subtlety to insider activity that traditional defenses weren’t built to detect,” said Kevin Kirkwood, CISO, Exabeam. “Security teams are deploying AI to detect these evolving threats, but without strong governance or clear oversight, it’s a race they’re struggling to win. This paradigm shift requires a fundamentally new approach to insider threat defense.”

Exabeam's report noted its findings "point to a clear and consistent challenge” in which “organizations are aware of insider threats, but most lack the visibility and cross-functional alignment needed to address them effectively.”

“As AI becomes more embedded in enterprise workflows, the emergence of AI agents adds a new layer of complexity. These agents are not inherently malicious, but their ability to act independently introduces risks that traditional controls may miss. To keep pace, organizations must evolve their insider threat strategies”, the report concludes.

You might also like

• This is the best encryption software available today
• Insider risk on the rise as survey finds 50% of employees have too much privileged access
• Underestimating the dangers within: mitigating the insider cyber threat

• The iFi's Go Blu Air is a small battery-powered Bluetooth DAC
• Three-stage processing for optimal audio
• $129 / £129 / AU$229, available now

iFi has announced a new super-portable Bluetooth DAC, the iFi Go Blu Air. It's extremely small even by iFi's usual standards: if the firm's portable DACs get much smaller, they'll be able to sell them to ants.

The Go Blu Air may be small – it's only 5cm tall – but its specification isn't. It packs iFi's signature three-stage audio system and both 3.5mm and balanced 4.4mm headphone outs, with iFi's anti-crosstalk system on the 3.5mm output. And it puts out a very respectable 256mW of power, to connect to a range of the best wired headphones and best wired earbuds.

There's also an integrated microphone for your calls and your phone's digital assistant, and for wireless connectivity to your phone or other device, there's LDAC and aptX Adaptive as well as regular Bluetooth.

(Image credit: iFi Audio)iFi Go Blu Air: key features and pricing

iFi likes to keep the Bluetooth processing and the audio processing separate to deliver the best possible audio, and to achieve that the Qualcomm QCC5144 Bluetooth 5.2 chipset handles Bluetooth reception and nothing else.

The audio data is processed by a hi-res Cirrus Logic MasterHiFi DAC, which in turn passes the signal onto a dual-mono amplifier.

According to iFi the amp circuitry features "discrete, high-grade components to maximize sonic purity – from TDK C0G and muRata multilayer capacitors, to custom OV Series operational amplifiers with ultra-low distortion (0.0001%)."

In addition to the DAC, iFi has added its own analog XBass and XSpace systems and given them hardware controls so you don't have to reach for your phone. There's also a combined volume control and navigation dial for the same reason.

At just 30g in weight this is a real go-anywhere DAC, and in a nice touch it comes with a magnetic clip that you can use to attach it to your jacket, bag or belt. And according to iFi you can expect a decent 10 hours between charges.

The iFi Go Blu Air is available now with a recommended price of $129 / £129 / AU$229.

You might also like

• 3 of the best wireless DACs to seriously upgrade music from your smartphone
• This tiny Fiio DAC made me reconsider listening to Bluetooth audio on my iPhone
• The best headphone DACs 2025: top desktop and portable DACs tested by our experts

• Vacancy rates plummet as data centers struggle to match unprecedented demand
• Northern Virginia dominates capacity while emerging markets grow at an explosive pace
• Developers rush projects, yet 73% of new capacity is already preleased

Data centers are becoming the backbone of digital infrastructure, with vacancy rates in North America now at an all-time low of 2.3%, new JLL research has claimed.

Despite inventory reaching 15.5GW in mid-2025, the pace of absorption continues to outstrip available capacity.

This mismatch is fueled by surging reliance on AI, digital transformation, and cloud storage services, which have created a supply crunch across both established and emerging markets.

Demand rising faster than supply

JLL claims North America could see as much as $1 trillion in new data center development by 2030.

"There was a significant increase in the amount of capital deployed into data center projects under construction or reaching stabilization in the first half of 2025 compared to the previous year,” said Carl Beardsley, Senior Managing Director, Data Center Leader, JLL Capital Markets.

“We’re seeing developments with long-term leases achieving up to 85% loan-to-cost from senior lenders at competitive spreads... North America could see $1 trillion of data center development between 2025 and 2030.”

Also, more than 100GW of colocation and hyperscale capacity is expected to break ground or come online within the next five years.

Though construction is rushed to meet rising demand, 73% of these projects are preleased, leaving limited flexibility for enterprises seeking new space.

Northern Virginia leads with a planned 5.9GW, followed by Phoenix at 4.2GW, Dallas-Fort Worth at 3.9GW, and Las Vegas/Reno at 3.5GW.

Secondary markets are also experiencing striking growth. Columbus has expanded 1,800% since 2020, while Austin/San Antonio has grown 500% from a smaller base over the same period.

This spread reflects developers seeking new opportunities as established hubs struggle with power constraints and rising costs.

“The days of build-it-and-they-will-come are long gone. What we’re seeing now is ‘commit-before-it’s-built-or-you-won’t-get-in,’” said Matt Landek, Division President, U.S. Data Center Work Dynamics and the lead of JLL’s Data Center Project Development and Services.

Power availability has become the defining challenge for data center development, as the average commercial electricity rates have risen nearly 30% since 2020, reaching 9.7 cents per kilowatt-hour.

Developers are increasingly targeting areas such as Salt Lake City and Denver, where rates remain below the national average.

Even so, the wait time for grid connections is now roughly four years, delaying projects and slowing the pace at which supply can meet demand.

Industry analysts argue power is now “the new real estate,” with access to affordable and reliable energy dictating where capacity can expand.

“Power has become the new real estate. With vacancy effectively at 0%, virtually all absorption is the result of preleasing with delivery times extending beyond 12 months,” said Andrew Batson, Head of U.S. Data Center Research at JLL.

“The market has been growing at a remarkable 20% CAGR since 2017, and our development pipeline data suggests this pace will continue through 2030, with the colocation market potentially expanding to 42GW of capacity.”

This bottleneck may prevent speculative overbuilding but also ensures that shortages will persist for years.

Via HPC Wire

You might also like

• How GenAI complacency is becoming cybersecurity’s silent crisis
• Check out our pick of the best secure routers on offer
• We've rounded up the best portable monitors available now

• Neurophos develops photonic AI chips replacing electrons with light for efficiency
• Pilot with Terakraft aims to demonstrate sustainable ultra-efficient optical computing
• Single chip promises 100 GPUs performance using 1% energy consumption

An American startup is preparing to test an experimental processor which could deliver performance at a scale never before achieved on a single chip.

Neurophos, which was spun out of Duke University with backing from incubator Metacept, is partnering with Norwegian data center operator Terakraft to run a pilot of its optical AI inference platform in 2027.

Combining photonics with metamaterials to shrink optical modulators by a factor of 10,000x, the company’s technology uses optical systolic arrays that replace electrons with light, removing latency bottlenecks while running at clock speeds above 100GHz.

Overcoming energy walls

By combining this with compute-in-memory architectures, Neurophos believes its chips could overcome the energy walls that limit conventional GPUs and TPUs.

Neurophos, which raised $7.2 million in late 2023, claims its technology will allow a single chip to deliver the compute power of 100 GPUs while using only 1% of the energy.

The planned collaboration will see Neurophos’ optical processing units deployed at Terakraft's green data center in Norway. Previously part of the Sauda I hydropower plant (decommissioned in 2008), the facility ranks as one of the most efficient in the world.

“By hosting Neurophos’ ultra-efficient optical chips in our green data center for select enterprise clients, we not only reduce our carbon footprint but also raise the bar for energy-efficient AI infrastructure,” said Giorgio Sbriglia, chairman of the board of Terakraft. “Our mission has always been to power the future responsibly, and this collaboration brings that vision to life.”

Patrick Bowen, Neurophos founder and CEO added, “Terakraft’s commitment to renewable energy and innovative technologies aligns perfectly with our mission to democratize high-performance AI. By deploying our 100x more efficient inference chips in Terakraft’s green data center, we’re proving that AI’s exponential growth can be achieved sustainably, together.”

If everything goes as planned, the pilot in Norway could mark an early step toward sustainable ultra-efficient AI hardware designed to handle future workloads at scale.

Neurophos claims that end-to-end simulations validate its technology’s performance, with a roadmap targeting exaflop-class computing on a single chip.

Via eeNews Europe

You might also like

• Cooling high-density data centers with coolant distribution units
• New fanless cooling technology enhances energy efficiency for AI workloads
• Liquid cooling gains momentum as AI workloads turn up the heat in data centers

• A $199 hacking device is reportedly being used to steal cars
• Specially-developed patches allow thieves to exploit security vulnerabilities
• Widespread attacks have affected Kia and Hyundai models in the past

A diminutive orange-and-white device, which costs just $199 in the US (around £150 / AU$310), is reportedly being used to remotely unlock modern vehicles.

An in-depth report by 404 Media found that underground hackers have developed and are now selling software patches that can be loaded onto the device to unlock all manner of cars, including those from major brands like Ford, Audi Volkswagen, Kia and many more.

The Flipper Zero is marketed as a "multi-tool device for geeks" and can be programmed to "explore any kind of access control system, RFID, radio protocols and debug hardware using GPIO (general-purpose input/output) pins", according to the company’s website. It's previously been used for everything from flipping TV channels in public places to confusing iPhones.

Much like the widely-reported 'Kia Boys' – a band of teenage hackers that gained notoriety for stealing Kias using just USB cables – the Flipper hack works by intercepting and cloning a vehicle’s key fob’s radio signal.

According to 404 Media, underground hackers have developed firmware that can be purchased for a fee of between $600 and $1000, uploaded to the device and then used to unlock a variety of vehicles.

The patches are currently limited to merely opening the vehicle, which presents its own risks, but individuals quoted in the report warn that it won’t be long before they can be developed to override any sort of security system to start and drive the modern cars away.

This Flipper is not so fabulous

(Image credit: Flipper Zero)

This isn’t the first time the Flipper Zero has hit the headlines, as there is an entire Reddit thread dedicated to pranksters remotely opening Tesla charge ports with their devices.

The Drive also reported on a YouTuber that managed to hack his Flipper to change traffic lights from red to green. Overall, they are very good at highlighting security vulnerabilities in many modern systems, but are so often used for nefarious means.

A worrying example is exploiting a flaw in today’s vehicles that increasingly eschew the relatively reliable key-and-lock for fancy remote fobs.

Relay attacks have plagued the likes of Jaguar Land Rover in the past, with older Range Rovers particularly vulnerable to the attacks, forcing owner’s insurance premiums through the roof.

In the US, local police forces have warned Kia and Hyundai owners to install kill switches or resort to steering locks after a 2022 Tik-Tok video revealed just how easy it is to steal a number of the brand’s vehicles.

As a result, groups like The Kia Boys emerged online, filming themselves stealing cars for internet views. A host of copycats have since followed suit and continue to cause problems.

Today’s automakers have been busy instating security patches to try and improve customer confidence, but it seems it is very difficult to stay ahead of the hackers.

Currently, the Flipper Zero patches have only been sold to a small number of users, but 404 Media warns that this could become a more widespread problem should they become open source or free to download.

You might also like

• Digital car keys could finally get safer and more popular soon – here's why
• Major hack against car-sharing firm Zoomcar sees 8.4 million users at risk
• Hackers expose serious Subaru security flaws that allow them to remotely start cars

Spoilers for The Summer I Turned Pretty season 3 episode 8 ahead.

This week, it's wedding bells: successfully for Taylor Swift and Travis Kelce's real life engagement (yay), and not-so-successfully for Belly (Lola Tung) and Jeremiah's (Gavin Casalegno) called-off wedding in The Summer I Turned Pretty season 3 episode 8.

It's the move we all saw coming, with Jeremiah admitting he's known about Belly's attraction to brother Conrad (Christopher Briney) from the very beginning. He's been waiting for her to bring it up, stating Belly cannot marry him if it's merely to cover up feelings she doesn't want to have. Belly immediately begs him to understand the classic chestnut 'but what we have is real!' – but her bachelorette party and, well, every other scene in the Prime Video show tells us otherwise.

Obviously, that's not been the only major news this week, though Swift and Kelce's engagement comes with a much better ring. The news was announced via a shared post on the pair's Instagram accounts, with the caption: "Your English teacher and your gym teacher are getting married." If you've managed to avoid it, the internet has gone absolutely nuts with various teacher memes, ring dupes and where to get them, and much agreement that this will be America's version of a Royal wedding.

A post shared by Taylor Swift (@taylorswift)

A photo posted by on

So, what do I-do's have to do with one another? Thanks to The Summer I Turned Pretty's soundtrack history, coupled with season 3 episode 8 specifically, quite a lot. It was inevitable that the show was going to use more Taylor Swift songs in future scenes, but the choices for Belly and Jeremiah's wedding week were devastatingly perfect.

'Us' and 'Cardigan' are the Taylor Swift songs that headline The Summer I Turned Pretty season 3's wedding week

Yes, there is an engagement ring somewhere on Belly's finger. (Image credit: Amazon Prime Video)

Get ready to weep tears or sadness and joy simultaneously, people. It's incredible (and overdue) news that Jeremiah and Belly won't be getting hitched after all, but Amazon has opted to use Swift's ultimate tearjerker 'Cardigan' to soundtrack Jeremiah leaving Belly crying in her dressing room pre-ceremony, with only her mom on hand to comfort her.

But that's not the only dose of Swift we guess! 'Us', her collaboration with Gracie Abrams, is used earlier on in the episode (basically, when it was assumed there would still be a wedding). It's the perfect choice, and one I could certainly seeing playing in the background of Swift's own magical moment, though she chose 'High School' to go with her announcement.

Taylor Swift songs have a long history of being featured on The Summer I Turned Pretty episodes, including the week of the TS12 announcement, so the fact some have been chosen for season 3 episode 8 isn't a surprise. However, it's the choice of exact songs that have had me taken aback. Showrunner Jenny Han and her team not only vividly understand what the show's fans and scenes need, but their comprehension of exactly which song to pick from Swift's bulging back catalog never fails to miss. There's the right level of poignancy in every choice, and that's no mean feat.

My head is still spinning from the double dose of Taylor Swift-themed engagements this week, but while things likely won't involve vows of a ring in The Summer I Turned Pretty, we're not shot of the dastardly duo. There are three episodes of season 3 left to go, and I'll eat my hat if we won't be working through more of her albums. Especially given Belly has just spotted Conrad at the airport before boarding her flight to Paris... personally, I'd be queuing up something from 'Fearless'.

You might also like

• Stand ready for Invincible season 5's arrival, worm: Amazon confirms the hit Prime Video show's fourth chapter won't be its last
• Ballard season 2 would have a ‘very exciting’ arc says Maggie Q – but the Bosch spin-off might not return, despite being Prime Video’s #1 show
• New to Prime Video? Here are 5 movies and TV shows with over 90% on Rotten Tomatoes to get you started

• Reflective LCD reduces energy use while raising doubts about mainstream adoption
• Eazeye Monitor 2.0 consumes only 7 watts during operation under normal use
• Outdoor performance improves with ambient light instead of artificial backlight

The Eazeye Monitor 2.0 is a 24-inch reflective LCD screen designed to function as an energy-efficient alternative to traditional LCDs and expensive e-ink monitors.

Unlike standard panels which depend on backlighting, this unit reflects ambient light to create its image.

The manufacturer promotes this approach as more comfortable for extended viewing and as a way to reduce strain. It also lowers energy usage, with reported consumption averaging 4W and peaking at 7W.

Full HD resolution and 60Hz refresh rate capability

The main appeal of the Eazeye Monitor 2.0 reflective LCD technology lies in visibility in bright environments.

Conventional laptop panels often wash out under direct sunlight, even when brightness is maximized.

In contrast, reflective LCD designs are meant to gain clarity from ambient light.

The manufacturer provides demonstration images suggesting that the Eazeye 2.0 maintains legibility outdoors where a standard display appears dim.

While this could make it practical as a business monitor for travel or fieldwork, actual performance may depend heavily on lighting conditions and user expectations.

From the perspective of installation, the device behaves much like a portable monitor, and its power is supplied through a separate USB-C connection.

The Eazeye Monitor 2.0 ships with HDMI and USB-C cables, a stand, and a power adapter. Users open the kickstand, adjust the tilt, and connect through either HDMI or USB-C for video input.

At 2.2kg and measuring just over 54cm in width, it remains light enough to move between desks or to pair with a laptop outdoors. There is also an audio jack that supports external speakers if needed.

The company positions the Eazeye 2.0 as an alternative to costly e-ink products.

Alternative models, such as the 23.5-inch DASUNG and BIGME color monitors, exceed $1,650, whereas this reflective LCD is listed at $999.

However, it only delivers a 1920x1080 resolution with a 60Hz refresh rate, which is lower than some premium e-ink options but higher in responsiveness.

For certain tasks like office work or casual use, that may be sufficient. But whether it can serve as a reliable monitor for video editing or as a primary business monitor is less certain, given its color reproduction limits and modest resolution.

The Eazeye Monitor 2.0 combines paper-like readability with reduced power draw, qualities that might suit users who work outdoors or require an energy-saving secondary screen.

Yet at nearly $1,000, it sits in an uncertain space between affordable portable displays and specialized e-ink panels. It may attract professionals seeking a niche tool, but broad adoption remains questionable.

Via CNX-Software

You might also like

• Check out the best 3D modeling software for 3D printing and more
• We've rounded up the best portable monitors available now
• FBI warns Russian hackers are targeting an old Cisco security flaw, so patch now

• Researchers discover new PromptLock ransomware
• PromptLock is AI powered - presenting new concerns for security teams
• AI is already shaking up the cyber landscape

Security researchers from ESET have identified the first known AI-powered ransomware, which serves as a warning for security teams as generative AI has, and will, continue to make cyberattacks much more accessible for criminals.

Researchers Peter Strycek and Anton Cherepanov discovered the proof of concept, which they dubbed ‘PromptLock’, which, ‘leverages Lua scripts generated from hard-coded prompts to enumerate the local filesystem, inspect target files, exfiltrate selected data, and perform encryption.’

"Although multiple indicators suggest the sample is a proof-of-concept (PoC) or work-in-progress rather than fully operational malware deployed in the wild, we believe it is our responsibility to inform the cybersecurity community about such developments," the researchers wrote.

Use in the wild

The PromptLock malware uses OpenAI’s gpt-oss:20b model - an open weight model released in August 2025, and this is run locally through the Ollama API to generate malicious Lua scripts ‘on the fly’.

Lua scripts are cross-platform compatible, the researchers point out, meaning they function on macOS, Linux, and Windows. The malware can then exfiltrate, encrypt, and potentially destroy any data it chooses after scanning user files, presumably to determine which would be most valuable.

Security teams have been warning for months that the AI-powered future of ransomware is coming soon, and although PromptLock has not yet been observed targeting victims in the wild, it’s clear it's only a matter of time before this happens.

Not only does GenAI make life a lot easier for wannabe hackers by lowering the barrier of entry, but LLM’s also spit out different results even when given the same prompt. This makes them unpredictable and particularly difficult for defenders to detect, as the pattern of behavior is more erratic and hard to spot.

Via:The Register

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for best antivirus software
• Weaponized AI is making hackers faster, more aggressive, and more successful