Feed aggregator

You'll be able to follow Wimbledon and other real-time events.

• Apple continues to fill its Sports tracking app with new sports
• Tennis is the latest entry
• Apple is also adding more customization and granularity

Apple just hit a smashing overhand, adding Tennis to its iPhone-only Sports app just in time for the sport's biggest competition: Wimbledon.

After launching in 2024 with the NBA, NHL, MLS, NCAA basketball, and NCAA football, Apple Sports quickly added the MLB and has since expanded to include the NFL, racing, and other leagues. Tennis, though, was a notable gap.

The sport arrives today and is now part of the free app, which is available in the US, UK, and Canada. As with other sports, game coverage will include live point-by-point coverage but not play-by-play. So don't expect line calls in the coverage.

One of the reasons people like me like Apple Sports is that it lives up to its real-time promise, offering, in baseball, for instance, almost instant updates about runners and the score. Tennis is, perhaps, an even faster-moving game.

In a release about the update, Apple is promising, "live scores delivered incredibly fast." We'll see.

(Image credit: Apple)

Apple Sports will, though, let fans track all matches that occur after the qualifiers. So it won't be just the top match at any given time, Apple Sports will cover all Wimbledon matches. The Tennis coverage will offer custom Sports Cards backgrounds for each match, featuring the grass or clay used in each tournament's courts (Wimbledon uses grass).

Tennis will also benefit from some other app-wide updates, including a refined home screen that now lets you customize the organization by league.

That'll come in handy even if you're not a tennis fan, too. Speaking of which, I'm especially excited about the small update coming to MLB coverage in Live Activities, which will now display the active pitcher and batter details below the score.

This has been a notable gap in Sports' baseball coverage. It's one of the chief reasons that, while I love Sports Live Activities, which can even appear on your lock screen, I've often had to switch to the MLB.com page for details about who's at bat.

Tennis elbowed

(Image credit: Apple)

With two weeks (June 30 to July 13) and dozens of matches, Wimbledon will provide a rich test for the Sports platform. You can't follow individual players, which may make the whole affair feel a little chaotic. Hopefully, Sports will eventually let you do that so you can quickly switch to a match for your "favorite" player.

Sports is still keeping the focus tight on actual league sports events and not yet covering things such as the upcoming MLB All-Star Game (July 15) or the NBA draft (June 25). In a way, this helps keep the app clean and efficient, but it also means that Sports is missing out on key moments in each sports league experience.

Additionally, while Apple Sports is available on the iPhone and visible as Live Activities on Apple Watch, there is no word on plans to bring it to the iPad...yet.

Are you a sports fan or, more specifically, a Wimbledon fan? Let us know what you think of this latest update and why you do or don't use the app in your comments below.

You might also like

• Five years ago Apple silicon changed the world of computing forever, and it was the beginning of the end of my days as a Windows user
• I didn't know how much I loved Apple Sports until the Mets became the best team in baseball
• "If you’re a sports fan, I think you're going to be very happy with it," Apple's Eddy Cue explains how the tech giant made its new Sports app
• Tight layover? United Airlines wants to take the stress out of catching your next flight with AI and maps

A new Pew survey says about a third of US adults have used OpenAI's language model.

The underwhelming Germans need a win in Cincinnati to secure a spot in the last 16.

• Surfshark has had its no-logs policy verified by Deloitte for the second time
• The independent verification, from a Big Four auditing firm, corroborates Surfshark’s no-logging claims
• Existing Surfshark subscribers can access the full report via their Surfshark accounts

Surfshark has reaffirmed its commitment to privacy and transparency with the release of its second no-logs assurance report on June 16, 2025.

Already rated as one of the best VPNs by TechRadar, this is the second time Surfshark has worked with Deloitte to verify its commitment to user privacy by auditing its no-logs policy.

(Image credit: Surfshark )Why Surfshark’s no-logs policy verification matters

Surfshark invited Deloitte to audit its no-logs statement for the first time back in 2023, illustrating the seriousness with which it takes user privacy.

However, a second no-logs assurance report in 2025 “demonstrates Surfshark’s proactive approach to privacy,” said Donatas Budvytis, Surfshark’s Chief Technology Officer.

It's a welcome update in an industry where plenty of VPN providers have yet to prove their own no-logs claims. Some VPNs, particularly free VPN services, do keep logs. In some cases, these can contain personally identifying information, putting user data and privacy at risk.

Only recently, TechRadar’s Chiara Castro reported that some 17 free VPN apps found in Google and Apple app stores have ties with China. VPNs operating in China are subject to strict data retention laws and may be forced to share data with the Chinese government upon request.

Surfshark’s decision to have Deloitte, one of the Big Four auditing firms, take a second look at its no-logs policy provides substantial credibility and, as Budvytis explains, “a big confirmation of privacy and transparency to our current and future users.”

It also proves Surfshark’s claims that it doesn’t monitor user activity or keep logs of their activities. That this is a second independent verification shows that this is an ongoing commitment on the part of Surfshark, and not simply a one-off.

Here’s what Deloitte was looking at

Deloitte’s independent audit provides assurance that Surfshark’s no-logs policy has been properly implemented.

As part of its evaluation, Deloitte examined internal systems and processes, conducted interviews with Surfshark staff, and reviewed supporting evidence.

Deloitte looked at Surfshark’s standard, static, and multiport servers while also analyzing how these servers are configured and deployed. Privacy settings and operational procedures were closely inspected to ensure they align with Surfshark’s privacy commitments.

Ultimately, Deloitte confirmed that the no-logs policy is consistently applied across all relevant Surfshark infrastructure.

If you’re already a Surfshark user, you can read the detailed report, ISAE 3000, which is accessible via your account.

Which VPN providers have had their no-logs policies independently audited?

Surfshark isn’t the only VPN provider to have subjected its no-logs policy to an independent audit.

NordVPN had its no-logs claims verified by PwC in 2018 and 2020 before having Deloitte conduct independent reviews in 2022, 2023, and 2025.

The VPN that has undergone more audits than most is ExpressVPN, having published 19 third-party audit reports to date.

You might also like

• Iran is discouraging its people from using free VPNs
• VPNs cannot protect against browser fingerprinting – but this new web browser could be the fix
• A US law firm is taking NordVPN to Court over "deceptive" auto-renewal pricing – here's what we know

• SonicWall is warning hackers are distributing malicious VPN software
• NetExtender is being modified and distributed through fake websites
• The malicious software steals credentials and VPN configurations

Hackers have been spotted spoofing the SonicWall NetExtender SSL VPN client and distributing it through bogus webpages which mimic the official SonicWall site.

SonicWall and Microsoft Threat Intelligence (MSTIC) spotted the trojanized application and issued an advisory to warn users against downloading the fake software.

As NetExtender is used as a remote access VPN client, stolen VPN configuration data and VPN credentials can put both employees and businesses at risk of compromise.

Spoofed VPN client distributed through fake website

The fake VPN client is signed by "CITYLIGHT MEDIA PRIVATE LIMITED," giving it a limited level of authenticity which can fool some low level cyber protections.

The file was distributed using SEO poisoning and malvertising techniques which can make the fake website appear above the authentic site, especially in sponsored results.

(Image credit: SonicWall)

Therefore, SonicWall has reminded users to only download software from legitimate sources, in this case, sonicwall.com and mysonicwall.com.

In the research conducted by SonicWall and MSTIC, they found two modified binaries of their product being distributed by the fake website; NEService.exe which was modified to bypass digital certificate checks; and NetExtender.exe was modified to steal the configuration data and credentials.

(Image credit: SonicWall)

When all the necessary details are entered and the user clicks connect, the data which includes username, password, domain, and more, is extracted and sent to a remote server controlled by the hackers.

Both SonicWall’s and Microsoft’s cybersecurity tools can now detect the malicious software, but other third party software may not yet be configured to detect the files. It’s always a good idea to consult the best antivirus software to protect your devices from modified software and malicious files.

You might also like

• The best malware removal can dislodge dodgy files
• Protect your credentials with the best password manager
• 2024 saw a surge in malicious free VPN apps

For the last month, I’ve had the not-so-arduous task of comparing the shiny new Sony WH-1000XM6 against their biggest rivals. Yep, I’ve tried wireless headphones from everyone, including all the big hitters like Apple, Bose Sonos…you name it! But as the headline has already spilled, there’s only one pair of headphones I’d recommend to all – and that’s Sony’s latest flagship cans.

In my Sony WH-1000XM6 review I made it clear – these are an exceptional pair of headphones that serve up a delicious cocktail of spectacular sound quality, a delightful design and, most importantly, class-leading noise cancellation. And so, it will be of little surprise that the XM6 swiftly pushed their way into our list of the best headphones.

Still, some of the competition is incredibly fierce. Models such as the Bowers & Wilkins Px7 S3 earned a glowing five-star review from us – and believe me, they’re the real deal. But I can’t help but feel that the Sony WH-1000XM6 are the better pick for most people. Why? I’ll break it down into three key reasons.

1. Shutting off the outside world

If we’re talking ANC, there’s simply no one out there that can top Sony right now. That's right, the WH-1000XM6 offer the best noise cancelling I’ve ever tested on a pair of over-ear headphones. Yes, even better than the Bose QuietComfort Ultra. And substantially superior to Sony’s previous effort, the Sony WH-1000XM5.

That’s because Sony’s latest cans harness the power of a new and improved QN3 HD noise cancelling processor, which fine tunes 12 microphones in real time to shut off the outside world. Oh, there’s also AI onboard, which does a bit of extra legwork to keep pesky external sounds from creeping in.

Whether I was walking near a traffic-heavy road, working in a chatter-filled room or vacuuming my apartment, the XM6 induced silence – or at least, near-silence. So, whether you’re looking to make those morning commutes a bit more bearable or perhaps just feeling a little anti-social, you can trust the XM6 to keep you locked into your favorite tracks and movies.

Oh, one more thing about that phenomenal mic system. It also helps to offer crystal-clear calling, with six beamforming mics helping to bring the focus to your mouth. Again, AI is at hand to carve out clamors from your surroundings, and this works incredibly well.

I attended a demo at Sony’s 5020 Studio in Madrid, where someone walked into an artificially noisy environment, but after placing the XM6 on and making a call, the only thing I could hear was their voice. You really are getting next-level clarity with these headphones – and yes, they’re considerably better in this area than previous models like the Sony WH-1000XM4.

The Sony WH-1000XM6 beside their ancestor, the WH-1000XM4 (Image credit: Future)2. Fluid, fool-proof controls

So, Sony’s come on significantly in the realms of ANC and call quality. But something else that’s been refined is the touch controls. On the XM6, swiping forwards and back to skip or return to a track, flicking and holding to adjust volume, and double tapping to pause or play music feels so incredibly smooth.

In fact, the XM6 supply the most intuitive, fluid touch controls I’ve ever seen on a pair of headphones. You can even cover the right earcup to enable passthrough mode – how cool is that?!

And after testing some rival models, I came to appreciate those touch controls even more. I absolutely adore the open, expansive, yet coherent sound of the Bowers & Wilkins Px7 S3 – I think for the money, they arguably offer the best sound quality on the market right now. Yep, maybe even a bit better than the XM6 which, by the way, sound absolutely fantastic! But unfortunately for the Px7 S3, they’re limited to basic button controls which felt like such a downgrade to me after extensively using the XM6. This alone kept me going back to the Sony contender.

For reference, if you want to skip tracks on the Bowers headphones, you’ve got to double press the play button – and it’s three presses to go back. That, to me, feels a little rigid…and behind the times. Similarly, the Apple AirPods Max, which offer enticingly expansive audio, a beautiful design and excellent usability for iPhone users, are held back by physical controls (among other things).

I appreciate that some may find touch controls a little irritating. Perhaps you’ll accidentally skip a track when taking the headphones off. Maybe you’ll pause your music when adjusting your luscious locks. But the XM6 handle touch beautifully. I’m yet to experience any accidental playback alterations or the like. Touch controls – when done right like this – are so much more than a nice-to-have now.

(Image credit: Future)3. All the features you could ever want…and then some

I could cap this off by talking about the beautifully balanced, dynamic sound of the XM6. I could even talk about their slim, comfortable design which brings foldability back to the fore. But instead, I want to talk about the insanely broad, yet detailed feature-list you get on these Sony headphones.

Yes, of course you get that phenomenal ANC and calling. But with the Sound Connect app, you unlock so much more. There’s scene-based listening and adaptive audio, which adjusts depending on your environment. There’s LDAC and DSEE for accessing higher-resolution audio over Bluetooth. And now, there’s a 10-band EQ tab, which comes with a Find Your Equalizer listening test too.

But I’m only scratching the surface! There’s even more, from Auracast through to a Cinema listening mode that really help to set the XM6 apart from their rivals. They truly have everything you could want from a pair of the best noise cancelling headphones and more.

Combine that with the above reasons and you’re looking at a pair of true all-rounders. The Sony WH-1000XM6 have every base covered, and nail all the fundamentals like sound quality and noise cancellation. So, if there’s one pair of the best over-ear headphones I recommend to everyone…it has to be these.

But wait – this is an open discussion rather than a final decision! Do you agree? If you already have the Sony WH-1000XM6, what are your impressions thus far? I’d be interested to hear from you, so feel free let me know your thoughts in the comments. Most of all, enjoy the music.

You might also like

• Sony WH-1000XM6 vs Bose QuietComfort Ultra
• Sony WH-1000XM6 vs Bowers & Wilkins Px7 S3
• Sony WH-1000XM6 vs Sony WH-1000XM4

Prime Video's newest most-watched show We Were Liars has received a mixed response from the critics, so it's had audiences talking for better or worse.

The new addition to one of the best streaming services is currently the number one most-watched show on Prime Video. It's closely followed behind by another thriller called The Better Sister, which I also recommend you watch.

Despite both TV shows being popular, neither will make the cut for our best Prime Video shows list unfortunately, and that's because of the mixed reviews. However, while We Were Liars currently has a 67% Rotten Tomatoes score from the critics, I still think you should watch it.

Its score isn't too low, but it does deserve better, in my opinion, which is why I'm recommending it today. Read on to find out why.

Why I recommend We Were Liars on Prime Video

I was immediately hooked by the plot of this series, as it follows a young woman named Cadence who experiences a head injury during her fifteenth summer on her family's private island, leaving her with amnesia.

At first, she seems to have it all. She lives a privileged life and an enviable one, but she soon finds herself in the dark as she has to piece together all the memories she's lost, which leads her down a shocking path.

It's based on the young adult novel of the same name, which is billed as a psychological horror. While the TV adaptation takes a more thriller route and feels more widely accessible, I think it's a very strong retelling of the novel.

If you're in the mood to unravel a mystery and get to the bottom of what happened during "summer fifteen", as it's referred to, you'll likely find yourself glued to the screen. It's only eight episodes, so it's very easy to get lost in the story.

I loved the performances here too. I've been a fan of Emily Alyn Lind's work since she starred in the Netflix slasher The Babysitter, and she's very good at bringing complex characters to life. Cadence is going through a lot, and Lind's performance as her is very layered and compelling.

This might not be everyone's cup of tea, admittedly, especially if you're not really into young adult dramas. But I was pleasantly surprised by just how engaging this one is, and I feel it does enough to stand out among other thriller titles.

If you need more Prime Video recommendations, why not check out these six most-watched TV shows that you absolutely have to stream.

You might also like

• Apple TV+ had multiple new streaming hits in 2025, but these 4 are actually worth watching
• Can't decide between Netflix and Prime Video? Here's which streaming service I'm keeping in June 2025
• Prime Video added 50 new movies in June including three of my all-time favorites

• US stores see equipment prices rise by around 10%
• Canon EOS R1 price has increased by $500
• Further tariff-led increases could be on the way soon

Earlier this year, both Canon and Nikon warned consumers that prices of their products would be affected by US tariffs – and now those price hikes have begun in earnest. As reported by DP Review, who have been tracking the US prices of Canon and Nikon gear on the companies’ own websites as well as Amazon, there has been a clear spike in prices in recent weeks.

Nikon cameras and lenses, for instance, have risen by an average of 10.5%. Canon prices have jumped by as much as $500 on certain items (over the price listed when the product was first announced), and on average have increased by 9.7%. Other manufacturers have made similar increases; Sigma, for instance, bumped up its lens prices in the US by 10% earlier in June.

For Canon, the products that have most increased in price are higher-end cameras such as the Canon EOS R1 and Canon EOS R3, which have risen by $500 and $400 respectively over their launch prices. However, both models had been significantly discounted from their launch prices ahead of these recent rises, so the increases are actually much larger than they seem.

Nikon, meanwhile, seems to have hiked prices on all its lenses manufactured in China, with the biggest percentage increase going to the AF Nikkor 50mm f/1.8D prime: $134.95 to $199.95. That’s a price increase of almost 50%.

Nikon's China-manufactured lenses, such as the 50mm f/1.4G, have had significant price hikes this week. (Image credit: Future / Tim Coleman)More rises on the way?

Not all items have been affected, but this could potentially due to stock from the pre-tariff era being still available. Once this has been sold and new stock needs to be imported from outside of the US, this stock could also be subject to price increases.

It’s a somewhat bleak picture for US-based camera consumers, and sadly it could yet get worse. On 9 July, the 90-day pause on reciprocal tariffs is due to end, which could mean countries where camera gear is manufactured, such as Japan, Thailand and Vietnam, could be subject to tariffs as high as 24%, 37% and 46% respectively. Companies may choose to absorb some or all of the tariff-led increases, of course; they could also hike prices even further in order to maintain their profit margin.

So, what does this mean for the US consumer? In all likelihood, it means that prices on cameras and lenses will rise even further – and that now might be the best time to invest in that piece of equipment you need. If you’re based in the US and are thinking of buying new gear, make sure to check out our buying guides for the best beginner mirrorless cameras, best compact cameras, best cameras for photography, best cameras for vlogging, best travel cameras and more.

You might also take the price hikes as a sign that you should master and maximise the equipment you already have rather than replace it with expensive new gear. Check out our camera how to guides and learn how to get more from your existing gear, whether it’s perfecting your astrophotography or using Adobe Photoshop to make your shots sing.

You might also like...

• ‘We will raise prices’: Canon sends camera price hike warning as DJI’s best vlogging camera doubles in price due to US tariffs
• Canon reportedly U-turns on price drops for two of its most popular cameras – and it could be the tip of the tariffs iceberg
• Camera rumors for 2025: new gear we're expecting soon from DJI, Sony, Canon and more

Your lunch might be feeding you a mouthful of microplastics with each bite. Here are some microplastic-prone foods that you can avoid.

• Sophos surveys organizations which have suffered ransomware attacks
• On average, they paid 85% of the demands
• The average demand has dropped to $1.3 million this year so far

New research from Sophos has found as ransomware attacks have become more prolific than ever, more and more companies are caving to demands, with organizations in paying an average of 85% of the ransom.

The median ransom demand has dropped from $2 million in 2024, to $1.3 million in 2025. Around half (53%) of those who paid, gave over less than half of the initial demand, but worryingly, 18% paid more than was originally asked for - with the UK paying an average of 103%

Recently, ransomware attacks have been soaring to new highs and costing more than ever, not just in payments, but also in lost data, downtime, and regulatory fines - with Sophos’ survey revealing an average of $1.83 million in recovery costs for firms with between 1,00-5,000 employees.

Data at risk

Just under half (49%) of organizations surveyed chose to pay the ransom, a slight increase from the 56% in 2024.

This is despite some Governments implementing a ransomware payment ban, which forbids public sector organizations from handing any money over to ransom gangs - and private organizations are urged to do the same.

In a ransomware attack, the primary goal for criminals is data, and the survey found data encryption is at its lowest level in six years - with 50% of attacks resulting in data encryption, down from 70% in 2024.

If criminals get a hold of your data and encrypt it they can essentially hold your systems hostage and seriously disrupt your operations - so fewer encryptions the better.

It’s not all doom and gloom though, as 97% of organizations that had data encrypted were able to recover it.

The initial technical root of attacks was most commonly (32%) through exploited vulnerabilities, with malicious emails (23%) and compromised credentials (30%) close behind.

Unfortunately, a lack of expertise was the most common operational root cause - with 40% of respondents citing this - as well as unknown security gaps (40%) and a lack of necessary cybersecurity products or expertise (39%). This shows that organizations are fundamentally underprepared for the ever-growing threat of ransomware.

“For many organizations, the chance of being compromised by ransomware actors is just a part of doing business in 2025. The good news is that, thanks to this increased awareness, many companies are arming themselves with resources to limit damage. This includes hiring incident responders who can not only lower ransom payments but also speed up recovery and even stop attacks in progress,” says Chester Wisniewski, director, field CISO, Sophos.

“Of course, ransomware can still be ‘cured’ by tackling the root causes of attacks: exploited vulnerabilities, lack of visibility into the attack surface, and too few resources. We’re seeing more companies recognize they need help and moving to Managed Detection and Response (MDR) services for defense. MDR coupled with proactive security strategies, such as multifactor authentication and patching, can go a long way in preventing ransomware from the start.”

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for the best AI tools on offer
• This new ransomware could be deadly for your most precious files - here's how to stay protected

• A researcher has developed a new social engineering attack
• The attack, a variant of the existing ClickFix issue, has been called FileFix
• Windows users are at risk, so be on your guard

A new version of popular social engineering tool ClickFix has been developed, potentially putting Windows users at risk.

A cybersecurity researcher who goes by the name mr. dox has developed a new version of ClickFix, a browser-based attack often disguised as captchas to trick victims into pressing a button which then copies a command to Windows Clipboard. From there, users are encouraged to paste the command into a prompt to ‘fix’ an issue.

The new tool, dubbed FileFix, allows cybercriminals to execute commands on the victim system through the File Explorer address bar in Windows,” - this new attack is a similar premise, but uses Windows File Explorer to create a ‘highly plausible scenario’.

Sophisticated social engineering

This version of the phishing page is not based on a captcha, but rather a fake notification telling users a file has been sent to them, urging them to paste the path into File Explorer to find it.

This method could quite possibly be weaponised to trick users into downloading malicious payloads. “However, there is a downside to this variation that should be considered,” argues mr. dox.

“Microsoft Defender SmartScreen & Google Safebrowsing will usually warn users prior to saving executables so more clicks might be required from the user to make it work. However, I still included this method in case someone finds a good use for it or wants to use in a different social engineering scenario”

The ClickFix attack has been used by criminals to bypass antivirus software, with new malware variants observed targeting macOS, Android, and iOS users. Any new social engineering attack is dangerous as users won’t be wide to the method - so be sure to be wary of any unexpected pop-ups and close any windows you don’t trust.

Via BleepingComputer

You might also like

• Pegasus spyware is still targeting top business leaders
• Take a look at the best encrypted messaging apps
• Check out our choice for best malware removal software around

Far-Flung Postcards is a weekly series in which NPR's international team shares snapshots of moments from their lives and work around the world.

Israeli Prime Minister Benjamin Netanyahu wanted to attack Iran for decades, but the U.S. and his own security chiefs deterred him. Now he's basking in the moment.

(Image credit: Richard Drew)

In modern enterprise environments, networks are in a constant state of flux. Devices are provisioned, policies adjusted, architectures refactored. Configuration drift is inevitable. Yet while change is essential, unmanaged change is a liability. Misconfigurations are one of the most persistent sources of security incidents, and even well-intentioned modifications can disrupt operations when made without a proper structure in place.

Configuration and network change management, when treated as a formal discipline rather than a background process, provides the guardrails needed to maintain security, reliability and scalability. In this way, mistakes can be avoided, but more importantly, repeatability, accountability and operational confidence is embedded into the network evolution process.

Establishing centralized control

Effective change management begins with control, and that control requires visibility. Distributed tools and team silos lead to inconsistencies and blind spots. A centralized system for configuration management creates a single, authoritative source of truth. This allows teams to baseline the current state of devices, track changes in real time, and identify deviations from expected configurations as they occur.

Centralization also enables correlation. Rather than reviewing logs in isolation, teams can compare device states across the network, identify systemic drift, and trace issues back to specific change events. In the event of an outage or a security incident, this traceability shortens the path from diagnosis to recovery. Rollbacks are faster because configurations are versioned and controlled. Post-change validation becomes an inherent part of the process, not an afterthought.

Driving consistency through automation

As infrastructure grows more distributed, manual processes become harder to manage and more prone to error. Inconsistent configurations, drift, and undocumented changes create operational risk—and make regulatory compliance more difficult to sustain. Automation introduces the structure needed to scale securely.

Automated configuration management enforces standard baselines, identifies deviations, and applies corrective actions with consistency. It reduces reliance on manual intervention while enhancing auditability—ensuring that every change is recorded, traceable, and aligned to policy.

This level of control is essential in regulated environments. Automation tools can continuously validate device configurations against defined security standards, surfacing non-compliant states and triggering remediation workflows. Instead of preparing for audits in bursts, teams maintain a steady state of compliance readiness.

Automation ensures that network changes are not only executed consistently but documented in a way that satisfies both operational and regulatory expectations.

Enforcing security through access governance

In many organizations, configuration access remains too broad, poorly segmented, or loosely monitored. This exposes the network not just to external threats, but to accidental misconfigurations and insider risk. Restricting access to configuration interfaces must be non-negotiable.

Granular, role-based access control frameworks are essential. Users should only be able to modify the devices or parameters relevant to their responsibilities, with every action logged and tied to an identity.

When change is linked to identity, and identity is controlled through policy, the risk of unauthorized or unintended changes is substantially reduced.

How misconfigurations undermine network security

Once a change is deployed, the assumption is often that the hardest part is over. But without the right controls and safeguards, even routine configuration updates can introduce risk. In practice, many of the most damaging security incidents stem not from sophisticated threats—but from small, avoidable errors in configuration.

A single misstep—whether it’s a rule applied too broadly, a service left exposed, or a default setting left unchanged—can compromise an otherwise secure environment. These errors often go unnoticed because they don't trigger alarms or immediately disrupt functionality. But they quietly weaken the network's security posture.

Misconfigurations can lead to unauthorized access, where internal systems become reachable from outside the network or from unintended internal segments. They can create gaps in firewall enforcement, allowing traffic that should be blocked. And they can expose sensitive services to external discovery, widening the organization's attack surface.

Crucially, these issues don’t always stem from a lack of knowledge. In many cases, they result from an absence of process: missing validation steps, inconsistent application of policies, or a lack of visibility into the cumulative effect of changes over time. In distributed environments, small deviations quickly add up. Without a clear baseline or continuous oversight, it becomes increasingly difficult to verify that the intended state of the network matches the actual state on the ground.

Discipline that delivers

When change management is poorly implemented, problems compound. Downtime increases. Vulnerabilities persist. Teams lose confidence in their tools and processes. Business units lose confidence in IT.

But when treated as a structured, technical discipline, configuration and change management becomes a force multiplier. By embedding controls that catch drift early, by enforcing consistency across environments, and by building in opportunities for validation and rollback, organizations can reduce the risk that misconfiguration becomes the root cause of a major incident.

Networks aren’t fragile because of change. They’re fragile because they change without structure.

We've featured the best online cybersecurity course.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The technology sector has reached a crossroads. While innovations like AI and cloud computing promise transformative business benefits, a shadow looms over their adoption, namely uncertainty and concern about their environmental impact.

We quizzed UK business leaders about how they think emissions impact their plans and discovered that 62% of them fear a public backlash if their tech stack emissions are deemed too high. Even more worrying is that 43% admit they are reluctant to even measure their full digital carbon footprint.

The figures underlined what we already suspected, that there is a sustainability paradox that is fuelling a crisis for UK business leaders. They know they need to innovate, yet the fear of sustainability scrutiny is creating an impasse that threatens to stall progress across industries.

The transparency crisis in tech emissions

So how have we reached this juncture? Well, there may have been a media backlash in recent months against sustainability and strategies that aim for net zero carbon emissions. Yet for businesses across Europe sustainability remains very high on their agendas. They continue to face ongoing pressure from regulators, investors, and consumers to demonstrate environmental responsibility.

However, our 2025 Emissions Blindspots Report, which surveyed 1,200 European decision-makers, uncovered a troubling reality. We found that 47% of UK businesses distrust the emissions data provided by their tech vendors.

The main concern is over Scope 3 emissions, those that originate indirectly from value chain activities, like the emissions produced by a company’s technology infrastructure. While these often represent the largest portion of a company’s carbon profile, they are also the element of emissions that companies have least visibility over. Ultimately UK businesses rely on accurate and transparent data from their supplier. The irony is that there are still a significant number of UK businesses that believe they can not accurately measure these tech-related emissions.

As Archana Venkatraman of IDC notes, “Innovation is a top priority for leaders, but concerns about inconsistent sustainability data are directly impacting companies’ ability to invest confidently.”

This is not about compliance, it is about maintaining momentum and developing competitive advantages. Businesses attempting to harness AI or migrate to cloud infrastructure have a difficult choice to make. Do they move forward blindly and risk a sustainability backlash? Or should they delay adoption and potentially cede ground to competitors? At a time when bold innovation is most needed, neither option is ideal. Sustainability plays a key role in determining which tech suppliers businesses choose. They are hamstrung without reliable, accurate information.

The problem with inconsistent data

The heart of the issue lies in fragmented responsibility. There has been clear progress in recent years with most businesses now reporting improved emissions tracking. Yet that progress is undermined by inconsistent vendor data.

There are a whole host of reasons why companies are not getting the data they desperately need. Firstly, some companies are simply not tracking the data. They have not yet made the move to incorporate the wide range of tools that are available to help them, then those that are may not always be willing to release it for fear of backlash. There are also companies who argue that they do not have enough internal resources to capture and analyze the data to paint an accurate picture.

Even if companies do have the data there are still issues to overcome. In particular proprietary systems and unstandardized metrics make cross-platform comparisons nearly impossible, meaning that figures are often estimated rather than having hard data to hand.

Standards and transparency pledges

How then can businesses break this deadlock? Firstly, governments must collaborate with the corporate world to agree on industry-wide standards for tech emissions measurement. These should be easy to implement and quantify, perhaps similar to financial reporting requirements.

As we’ve seen with recent changes to the climate disclosure mandates from the EU’s CSRD regulation, enforcing emission measurements can be considered a burden if not well-considered. So, regulators and businesses must work together to find a framework that supports both sustainability progress and economic growth.

Once the standards are agreed businesses need to play their role in agreeing transparency pledges. Ideally these should be supported by enforceable accountability mechanisms.

Lastly technology has a role to play in creating ever more sophisticated and indeed simple tools to enable every company from startups to enterprises to easily track emissions across hybrid/multi-cloud environments.

As businesses balance growth mandates with sustainability goals, they deserve partners who provide clarity. For the sake of the planet, the cloud and AI revolutions must not come at the cost of environmental progress. By demanding and delivering transparent emissions data, the tech industry can turn sustainability from an innovation barrier into an accelerator.

The message from European businesses is clear. Measure accurately, report transparently, and innovate fearlessly. The vendors who embrace this challenge will power the next wave of progress, while those who do not will find themselves left behind.

We've featured the best productivity tool.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Free cyber tools for US critical infrastructure are no longer available
• The project was initially set up after the Russian invasion of Ukraine
• A lack of uptake since then has resulted in the sunsetting of the project

A free cybersecurity service set up to help protect critical infrastructure in the wake of the Russian invasion of Ukraine has quietly shut down.

The Critical Infrastructure Defense Project was pioneered by Cloudflare, CrowdStrike and Ping Identity, and allowed organizations in “vulnerable sectors” could access four months of cybersecurity services for free, including a zero trust security model to help US hospitals and water and power utilities secure their networks, endpoints and identities.

The program also offered critical threat intelligence to cybersecurity teams likely to be targeted.

Critical infrastructure protection shuts down

A Crowdstrike spokesperson explained that the project has shut down as its usage has tapered off from the initial threat levels experienced since early 2022.

The services offered by the trio of cybersecurity firms “aligned with a period of initial heightened threats and that its use has since subsided,” the spokesperson told Nextgov/FCW.

The end of the project couldn’t come at a worse time, with the reports suggesting that the Trump administration may have paused efforts to counter Russian cyber operations, and NATO warning Russia is again mapping critical infrastructure including subsea internet cables.

When trying to access the Critical Infrastructure Defense Project, the website now redirects you to the Cloudflare homepage.

Following the recent turmoil in the Middle East, there is a distinct possibility that Iran could ramp up its cyber operations against the US.

Iran has previously targeted critical infrastructure including US water treatment plants on several occasions, indicating that the need for a free cybersecurity program for US critical infrastructure could still remain.

You might also like

• The best antivirus software keeps your computer protected
• Secure all your credentials with the best password managers
• NATO plans to send internet to space if subsea cables are cut

• The delayed Android 14 update is rolling out now to Chromecast with Google TV devices
• It's available to devices running Android 12 and the short-lived previous Android 14 update
• The largest download is 809MB

Back in March we reported that Chromecasts were getting a free update to Android 14 – and they were, for a while, until Google pulled the over-the-air update. But now the update is back! Back! BACK!

There are two versions of the update: a small one for anyone who downloaded the initial Android 14 update before it was pulled, and a larger one for anyone who didn't and whose device is still running Android 12.

The Chromecast with Google TV has been superseded by the Google TV Streamer (Image credit: Google)Chromecast with Google TV and Android 14: what's new?

The update includes the January 2025 security patch; Find My Remote and Customizable Button for the Google TV Streamer Voice Remote; various bug fixes; and system optimizations. But the most important thing is that it updates the operating system from Android 12 to Android 14.

According to Google that means "a snappier, more responsive TV experience".

The previous version of the update was pulled amid reports that external drives, some USB devices and some Ethernet adaptors weren't working properly but judging by reports on Reddit's r/Chromecast subreddit, the new update isn't causing similar – although it seems that some users are still encountering some minor glitches.

The new Android 14 update is rolling out to Chromecast with Google TV (4K) users now.

You might also like

• Our in-depth Chromecast with Google TV review
• Why Google has stopped selling the Chromecast with Google TV
• Google TV Streamer: release date, price and everything you need to know

• The iFi GO Pod Max cost £599 / $599 (about AU$1,254)
• They add aptX Lossless and K2HD support to wired IEMs
• Separate Bluetooth, DAC and amp stages for hi-fi audio

The downside of even the best wired IEMs is that, of course, they're not wireless: in the search for the ultimate audio experience, lossy Bluetooth just doesn't deliver. But what if you could get hi-res wireless audio into those IEMs without the cables? That's what the iFi GO Pod Max delivers.

The GO Pod Max is a new flagship for iFi, designed specifically for the most demanding IEM owners. And while they're not exactly cheap, the specification justifies the price tag.

(Image credit: iFi)iFi GO Pod Max: key features and pricing

The GO Pod Max are made from precision-machined aluminum and include the Qualcomm QCC5181 chipset, which streams CD-quality audio without data loss over aptX Lossless. It also supports LDAC and aptX Adaptive.

You already know about aptX and LDAC, but you might not be familiar with K2HD. Developed by JVCKENWOOD, it's an audio mastering technology that first appeared back in 2007 with the promise of improving the sound of music at CD quality, delivering an experience that comes closer to the original master recording at up to 96kHz throughput.

In addition to the aptX Lossless and K2HD, the GO Pod Max has automatic impedance matching at 16-ohm, 32-ohm, 64-ohm and 300-ohm, built-in mics for clear calls, UV lights to sanitize your IEMs, and separate Bluetooth, DAC (in this case, a Cirrus Logic MasterHIFI) and fully balanced amp stages to deliver the best audio quality.

The GO Pod Max promise seven hours of playback, plus another 28 from the aluminum charging case, and they're IPX5 rated for water and sweat resistance. The interchangeable ear loops have 2-pin and MMCX connectors to cater for most IEMs, and there are also options including T2, Pentaconn Ear and A2DC ear loops.

The iFi GO Pod Max is available now with a list price of £599 / $599 (about AU$1,254).

You might also like

• iFi's GO pods might finally convince me that audiophile wireless earbuds are worth it
• iFi iDSD Valkyrie DAC review: a headphone amp capable of staggeringly complete sound
• The best wireless earbuds, all real-world tested

• Marvel has released one final trailer for The Fantastic Four: First Steps
• The first MCU Phase 6 movie launches in theaters worldwide on July 25
• Its latest teaser hasn't eased my worries about the potential fate of one character

The Fantastic Four: First Steps is officially one month away (at the time of publication) from being released on July 25. And, to celebrate the countdown to launch, Marvel has debuted one final trailer that makes it look even more *ahem* fantastic than I already expected it to be.

Unveiled on June 25, the Marvel Cinematic Universe (MCU) movie's new trailer puts the titular team's efforts to save their world from the planet-devouring cosmic entity known as Galactus front and center. Check it out below:

Excited though I am for one of 2025's most anticipated new movies, it's only served to heighten my concerns about the possible fate of the group's strongest individual: Sue Storm.

Storm, aka The Invisible Woman, is considered to be one of the most powerful beings in Marvel Comics. If she's been adapted as authentically as possible for this flick, she'll be just as potent in the MCU, too.

Okay, but why would that mean she could die in First Steps? After all, Vanessa Kirby, who's playing Storm in the MCU, was among the 27-strong initial cast for Avengers: Doomsday, i.e. the next Marvel Phase 6 film that'll arrive after this movie. So, Storm must survive the events of First Steps to appear in that film, right?

Anybody else worried about what's going to happen to Sue Storm? (Image credit: Marvel Studios)

Not necessarily. Given she's the matriarch of Marvel's First Family and the mother of Franklin Richards (the baby we see in the latest trailer) who, if rumors are to be believed, is who Galactus is after, she'll do what any mom would do and lay her body on the line to save her first-born.

It's possible, then, that Storm could sacrifice herself to not only protect Franklin and the rest of the team, but also defeat Galactus – or, at the very least, prevent him from taking Franklin. That could be a good way to set up part of Avengers: Doomsday's story, especially if Robert Downey Jr's Doctor Doom persuades Pedro Pascal's Reed Richards/Mister Fantastic to help him if it means Richards gets his wife back. Hey, stranger things have happened!

#TheFantasticFour: First Steps Only in theaters July 25. Get tickets now: https://t.co/qy8qR71712 pic.twitter.com/nlsCfCUTHYJune 25, 2025

The Fantastic Four: First Steps' latest teaser is the fourth of its kind to be publicly unveiled ahead of the movie's release.

Indeed, First Steps' inaugural trailer achieved lift-off in early February and revealed first-looks at the group, as well as teasing the movie's Big Bad and John Malkovich's mystery character. It was followed by an official trailer in mid-April, which showed off Richards' stretchy powers and The Silver Surfer, and confirmed a big fan theory concerning Sue Storm, too. More recently, another First Steps trailer also verified two of the worst-kept secrets about the superhero flick.

The Fantastic Four's latest big-screen reboot – the group's previous films are available to stream on Disney+ – will aim to be Marvel Studios' biggest money-spinner since last year's Deadpool and Wolverine. The pressure is certainly on after poor box office runs for Captain America: Brave New World and Thunderbolts*.

Ahead of the comic titan's final movie release of 2025, read my ultimate guide on The Fantastic Four: First Steps for more on its cast, story, and potential MCU impact.

You might also like

• The Fantastic Four: First Steps' runtime has been revealed – and so have some huge spoilers about the Marvel Phase 6 movie's plot
• The Fantastic Four: First Steps is reportedly getting a sequel – and it isn't the only thing I've just learned about my most anticipated Marvel movie of 2025
• Marvel announces The Fantastic Four: First Steps prequel story as Lego leak reveals first full look at the MCU movie's villain Galactus