Feed aggregator

President Trump has ended collective bargaining rights for more than one million federal workers. Unions have sued to block the move, but agencies are terminating contracts as litigation continues.

(Image credit: Rachel Woolf for NPR)

More than 250 news outlets around the world have signed onto an appeal that calls for the protection of Palestinian journalists in Gaza, and for press to have independent access to the territory.

(Image credit: Anas Baba)

Chinese President Xi Jinping is hosting a high-profile summit with leaders from Russia, North Korea and India gathering among others in a challenge to U.S. influence.

For business leaders right now, two small words seem almost impossible to avoid: AI agents. Built on the ‘brain’ of an AI model, and armed with a specific purpose and access to tools, agents are autonomous decision-makers that are being increasingly integrated into live business processes.

Unlike normal AI tools, which rely on user prompts, agent-based – agentic – AI can execute tasks iteratively, making decisions that carry real business consequences, and real governance risk. In short, agents aren’t tools, they’re teammates. As well as sitting in an organization’s tech stack, they sit on its org chart.

Marc Benioff, cofounder, chairman and CEO of Salesforce, the $260 billion valued software giant, says that today’s CEOs will be the last to manage all-human workforces. (Asked if an agent could replace him some day, Benioff responded, half-joking, “I hope so.”) The sooner businesses recognize this shift, the faster they can move to securing and governing AI for accelerated innovation.

Just as human workers come under the umbrella of human resources (HR), it’s useful to think of agents as non-human resources (NHRs). Just like humans, there are costs to employing NHRs – including computing, architecture and security costs – and they need induction, training and appropriate limitations on what they can do, and how.

This is especially true as these NHRs move up the value chain to perform high-skill tasks that once belonged to mid-senior level talent. For example, autonomous agents are actively managing supplier negotiations, handling payment terms, and even adjusting prices based on commodity and market shifts – functions typically handled by teams of trained analysts.

Businesses can’t secure what they don't understand

Introducing NHRs at the enterprise level is requiring an entire rethink of governance and security. That’s because existing cybersecurity focuses on managing human risk, internally and externally; it’s not built for the realities of always-on, self-directed agents that understand, think, and act at machine speed.

Like the best employees, the most effective agents will have access to enterprise data and applications, from staffing information and sensitive financial data to proprietary product secrets. That access opens the organization up the risk of attacks from outside, as well as misuse from within.

In 2024, the global average cost of a data breach was $4.9 million, a 10% jump on the previous year and the highest total ever – and that was before the introduction of agents. In the AI era, bad actors have new weapons at their disposal, from prompt injection attacks to data and model poisoning.

Internally, a misaligned agent can trigger a cascade of failures, from corrupted analytics to regulatory breaches. When failures stem from internally-sanctioned AI, there may be no obvious attacker, just a compliant agent acting on flawed assumptions. In the age of agents, when actions are driven by non-deterministic models, unintentional behavior is the breach – especially if safeguards are inadequate.

Imagine an agent is tasked with keeping a database up to date, and has access and permissions to insert or delete data. It could delete entries relating to Fast Company, for example, by accurately finding and removing the term ‘Fast Company’.

However, it could equally decide to delete all entries that contain the word ‘Fast’ or even entries starting with ‘F’. This crude action would achieve the same goal, but with a range of unintended consequences. With agents, the question of how they complete their task is at least as important as what that task is.

Onboarding agents like employees

As organizations introduce teams of agents – or even become predominantly staffed by agents – that collaborate to rapidly make decisions and take action with a high level of opaqueness, the risk is amplified significantly.

The key to effective agentic adoption is a methodical approach from the start. Simply rebadging existing machine learning or GenAI activity, such as chatbots, as ‘agentic’ – a practice known as ‘agent washing’ – is a recipe for disappointing return on investment

Equally, arbitrarily implementing agents without understanding where they are truly needed is the same as hiring an employee who is unsuited to the intended role: it wastes time, resources, and can create tension and confusion in the workforce. Rather, businesses must identify which use cases are suitable for agentic activity and build appropriate technology and business models.

The security of the AI model underlying the agent should be extensively red-teamed, using simulated attacks to expose weaknesses and design flaws. When the agent has access to tools and data, a key test is its ability to resist agentic attacks that learn what does and doesn’t work, and adapt accordingly.

From there, governance means more than mere supervision; it means encoding organizational values, risk thresholds, escalation paths, and ‘stop’ conditions into agents' operational DNA. Think of it as digital onboarding. But instead of slide decks and HR training, these agents carry embedded culture codes that define how they act, what boundaries they respect, and when to ask for help.

As autonomous agents climb the (virtual) corporate ladder, the real risk isn't adoption – it's complacency. Businesses that treat AI agents as tools rather than dynamic, accountable team members will face escalating failures, eroding trust among customers.

Build cross-functional governance from day one

No smart business would let a fresh grad run a billion-dollar division on day one. Likewise, no AI agent should be allowed to enter mission-critical systems without undergoing structured training, testing, and probation. Enterprises need to map responsibilities, surface hidden dependencies, and clarify which decisions need a human in the loop.

For example, imagine a global operations unit staffed by human analysts, with AI agents autonomously monitoring five markets in real-time, and a machine supervisor optimizing output across all of them. Who manages whom – and who gets credit or blame?

And what of performance? Traditional metrics, such as hours logged or tasks completed, don't capture the productivity of an agent running hundreds of simulations per hour, testing and iterating at scale and creating compounding value.

To help surface and answer these questions, many businesses are hiring Chief AI Officers and forming AI steering committees that have cross-department representation. Teams can collaboratively define guiding principles that not only align with each sector of the business but the company as a whole.

A well-configured agent should know when to act, when to pause, and when to ask for help. That kind of sophistication doesn’t happen by accident, it needs a proactive security and governance approach.

This isn't just a technical evolution; it's a test of leadership. The companies that design for transparency, adaptability, and AI-native governance will define the next era. NHRs aren't coming, they're already here. The only question is whether we'll lead them or be led by them.

We list the best HR outsourcing service and the best PEO service.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The Samsung Galaxy Watch7 is down to just $199 at Best Buy – that's a better deal than the budget FE.

Another month, another attempt to capture the magic of FromSoft’s genre-defining epic (even if French-Canadian developer Rogue Factor claims it isn’t). Yes, action-adventure game Hell Is Us sits with one foot in the soulslike category, but that's not a criticism; it takes what it needs from Dark Souls and its ilk, discards what it doesn't, then absconds in the night with a suitcase full of dodge-rolls and ominous-sounding characters.

Review info

Platform reviewed: PC
Available on: PS5, Xbox Series X|S, PC
Release date: August 12, 2025

See, as a big fan of FromSoft’s games, I've come to the conclusion that it's almost impossible to properly capture the magic of a game like Bloodborne or Elden Ring. Many have tried, and there have been some successes; Lies of P and Remnant II were two recent standout examples for me. I think the trick is not trying to mirror exactly what FromSoft does; it's taking the formula and doing your own thing with it.

Does Hell Is Us succeed in this regard? For the most part, yes. If you're a fan of either action-adventure or the best soulslike games - or are curious about getting into the oft-impenetrable latter genre - it's worth a look. The setting is unique and interesting, the gameplay is enjoyable, and it's more forgiving overall than most games within the soulslike genre, even if the underlying DNA is impossible not to notice.

Needless to say, the 'Week of Peace' did not go so well. (Image credit: Rogue Factor / Nacon)Hard times

Straight off the bat, this game is bleak - the world you inhabit feels dark and dangerous, poised to collapse into unmitigated chaos at any moment, with only small glimmers of hope left. Wracked by a long and bloody civil war, the setting of Hadea is an insular, vaguely eastern European nation with a rich history of animosity between two religious factions, the traditionalist Palomists and the more progressive (but still pretty damn zealous) Sabinians.

By 1992, the war has reached a fever point, with brutal pogroms, fighting in the streets, and virtually every crime against humanity you could care to list. Seriously, this game is not for the faint-hearted; you're going to see some pretty visceral evidence of those crimes against humanity.

Yep, that's a mass grave. Don't expect a cheery time in Hadea. (Image credit: Rogue Factor / Nacon)

It's all rather horrible, but it does have a purpose. Although Rogue Factor didn’t seek to evoke any singular real-world conflict, the setting certainly echoes events like the Bosnian War, the Georgian Civil War, and the Croatian War of Independence. There's even a thinly-veiled UN imitator called the Organized Nations, characterised by their blue helmets just like in real life. Considering that Hadea is entirely fictional, there's an unsettling weight of reality to it all that stands as a testament to the quality of the world-building.

Our protagonist, Remi, doesn't really give a shit about any of this, though. He's come back to Hadea to find his parents, from whom he was separated as a young child. Naturally, said parents turn out to be entwined in the core narrative. See, that civil war is merely the backdrop; the real meat of the story here concerns an outbreak of bizarre, violent creatures, an ancient religious order, and a mysterious black-ops group doing nefarious things under the cover of Hadea’s present conflict.

The framing narrative is well-implemented, even if they do use the 'well, that's not how it happened' joke sometimes when you die. (Image credit: Rogue Factor / Nacon)Uncovering the mystery

The story is told via a framing narrative, which sees Remi - immediately recognisable as Elias Toufexis, best known as the iconic baritone of Adam ‘I Never Asked For This’ Jensen in the newer Deus Ex games - being drugged and interrogated by a deeply unpleasant man with a chainsmoking habit and about sixteen chins. See, Hell Is Us loves its classic environmental storytelling, but it's also not above using actual cutscenes. There are also proper dialogue scenes with some (non-player characters) NPCs, which serve to both progress the story and deliver optional exposition about the world.

For the most part, I found the characters believable and (usually) likable. From sardonic war journalist Tania to the kind-hearted Abbot Jaffer, these NPCs inject the world with humanity and authenticity. Unfortunately, Remi himself doesn't have quite the same screen presence. He's the cold, brooding type, which mercifully does mean that he doesn't chatter to himself constantly while you're exploring or solving puzzles, but also results in him feeling a bit flat. Early in the story, it's revealed that he's a diagnosed sociopath with a military past, but this seems to serve mainly as a convenient reason to make him largely unbothered by the insanity unfolding around him.

Best Bit

(Image credit: Rogue Factor / Nacon)

A handful of sections later in the game pit you against literal hordes of weaker enemies, which are so much fun to carve through with reckless abandon.

Many of the people you encounter while journeying across Hadea have side-quests to offer you, though this is usually done in a roundabout way; in typical soulslike fashion, there's no world map or objective markers. Instead, you might hear a soldier complaining about running low on his medication - and wouldn't you know it, later on, you'll find a bottle of the very pills he needs. Sometimes, the clock is ticking; I found a woman with a starving infant hiding from Sabinian soldiers, and by the time I returned with some bottles of baby formula, I was met with a shoebox with a pacifier on top. That hurt a little, honestly.

You can talk to many characters, but don't expect them all to be friendly or helpful - there's a war on, after all. (Image credit: Rogue Factor / Nacon)

There's little handholding here, which admittedly had me wishing for a wiki on a few occasions while I was reviewing the game, but it's not quite as oblique as the average Souls series entry, instead feeling strangely more like a retro point-and-click adventure game. Remi has a chunky tablet device that doubles as an inventory screen and ‘investigation log’, noting down key information you come across and helpfully sorting the stuff you find into quest-critical items and the many, many lore snippets you can uncover.

Often, the pace is slowed by the inclusion of a puzzle, and these range from laughably easy to moderately head-scratching. Thankfully, these puzzles rarely outstay their welcome; even when you're hunting for the right combination of arcane sigils to unlock a door in some ancient ruin, you can expect to be set upon by ravenous monsters at any given moment.

Remi's stolen APC takes you from A to B across Hadea, and also serves as a sort of mobile base of investigations. (Image credit: Rogue Factor / Nacon)Fight for your life

Speaking of monsters: let's talk combat. This is where Hell Is Us cribs from FromSoft’s homework the most, with the classic block-dodge-parry mechanics that should feel immediately familiar to any soulslike enjoyer. Of course, virtually every action consumes stamina, which is tied directly to your health bar, meaning that taking even a single hit immediately makes the fight harder.

Simply put, the combat gameplay is solid. Attacks that can be countered are telegraphed by the enemy pulsing red, with a reasonably generous parry window, but Rogue Factor still manages to distinguish itself from the usual business thanks to the ‘healing pulse’ mechanic. There’s no refillable healing flask here, and actual healing items are relatively sparse; instead, dealing damage to enemies releases particles, which periodically coalesce into a ring around you. At this point, you can tap a button to regain a bit of health based on the damage you’ve dealt, but you have to be fast, as the ring dissipates after barely a second.

As is typical of soulslike combat, you can lock onto enemies to more easily dodge and parry their attacks. (Image credit: Rogue Factor / Nacon)

You also get a gradually expanding suite of extra abilities. These take three forms: glyphs that can be slotted into your weapons and consume ‘Lymbic Energy' (read: mana), powerful relics with long cooldown timers, and programs for the owl-like tricopter drone that perches on Remi’s shoulder and doubles as your flashlight in dark areas. You get three glyphs each across two equipped weapons, one relic, and four drone slots, making for a total of eleven abilities equipped at once - meaning there's plenty of build diversity available here, even if Remi doesn't have a traditional stat sheet. Most of these abilities are pretty fun - I was particularly partial to the drone skill that let me grab onto it and zoom forward, dealing heavy damage to anything in my path.

The creatures besieging Hadea are invulnerable to conventional weaponry, with the only way to kill them being ‘Lymbic weapons’. Unfortunately, there's not a huge amount of variety here: you get a regular sword, twin axes, a polearm, and a hulking great sword, filling the usual melee weapon archetypes. These can be upgraded and imbued with elements (Grief, Rage, Terror, and Elation), but all this does is make them hit harder and determine which type of glyphs you can equip on them. I quickly settled into using a Polearm of Terror and Twin Axes of Rage, but if you're the sort of gamer who enjoys experimenting with every new weapon you find, you might be disappointed here.

Some of the boss battle arenas are visually striking. (Image credit: Rogue Factor / Nacon)

There's another issue with the combat that doesn't emerge until later in the game, though: some of those special abilities are pretty dang overtuned. For example, once I got my hands on the max-level Rage Spike glyph (an explosive ranged attack), most fights became comically easy, with Remi repeatedly blasting enemies to smithereens from far outside melee range. It's not a massive issue for me, since you have to conquer a good chunk of the game to become that powerful, but it did trivialize the majority of encounters towards the tail end of the story.

Rise to the challenge - or don't

Speaking of difficulty, Hell Is Us isn't overly punishing. I experimented with all three difficulty levels (described as Lenient, Balanced, and Merciless), which purely affect the combat and can be further fine-tuned in the settings to adjust enemy health, damage, and aggression, and found that the highest difficulty gave the ‘truest’ soulslike experience. Yeah, I know that customizable difficulty options are a personal affront to the most die-hard fans of the genre, but I honestly think it's a good inclusion: on ‘Lenient’ difficulty, even someone who has never played a soulslike before could have a good time here.

There's no shortage of ominous tombs to plunder in Hadea. (Image credit: Rogue Factor / Nacon)

There's also no real penalty for dying; you just respawn at your most recent save point, and the enemies you killed remain dead (although there is an optional setting to make death fully reset any progress from your previous save). Hostiles *do* respawn, however, if you leave one of the game’s many areas by travelling between them in the armored vehicle Remi commandeers in the opening act. You can stop this - and render an area permanently safe - by collapsing Timeloops, which are large ferrofluid-looking orbs that sustain the creatures you face.

To do this, you have to track down specific enemies marked as ‘Timeloop Guardians’, kill them, then take a special item to the Timeloop and chuck it inside. These are mostly optional, but you do get loot for each Timeloop you shut down, and doing so is its own reward anyway; there's a lot of backtracking to be done if you're shooting for 100% completion, so it's nice to return to a region and find it free of enemies.

Then again, the hostiles you face are actually pretty fun to fight. The ‘Hollow Walkers’ are a brilliantly creepy piece of enemy design, feeling like something straight out of the SCP Foundation universe, with unsettling, jerky movements and eerie vocalizations. Some Hollow Walkers are paired with a ‘Haze’, a floating ball of the aforementioned elemental emotions which must be slain before its linked Walker can be harmed - and if you're not quick enough, the Haze will reform and you'll have to kill it again.

These are another good example of strong audiovisual design, with the Rage Haze unleashing a barrage of attacks and screaming with fury, while the Elation Haze cackles maniacally as it zooms around. The creatures were unleashed by the negative human emotions that spiked because of the Hadean civil war, and that plays nicely into their design.

That's a Timeloop: kill the guardians nearby to shut it down and stop them from coming back for good. (Image credit: Rogue Factor / Nacon)

Sadly, a lack of diversity again hampers enjoyment a little here, as you basically fight the same measly selection of enemies over and over throughout the game. There are three tiers of enemy threat levels, but only the Hazes actually change in appearance and moveset from tier to tier; the Hollow Walkers merely get bigger health bars and more damaging attacks, and there are only five types of Walker to encounter. There's also a surprising dearth of boss fights - a common staple of both the action-adventure and soulslike genres - with only four real bosses to be found throughout the entire course of the game. The final boss, disappointingly, is just four much bigger versions of a basic enemy type. Clearly, no lessons were learned here from the final boss of the original Destiny campaign.

Hadean tourism

If I’m being honest, though, my criticisms are small. I really enjoyed my time with Hell Is Us, which clocked in at just shy of 30 hours for my review - and I was doing my best to do and see everything, which is possibly why I ended up being so overpowered. I played with both a gamepad and my usual mouse and keyboard, and although the game advises using a controller, I didn’t have any problems playing with the latter.

The biggest issue I have with the game is that I want more, which is quite the double-edged sword. The game is divided into three acts, but the third act is essentially just the underwhelming final battle, followed by a ten-minute cutscene that didn’t quite wrap things up to my satisfaction. Sure, it leaves things open for downloadable content (DLC) or an expansion and perhaps even a sequel (which I genuinely hope we get), but the finale feels a bit rushed, and it’s a shame not to end on a high note.

Arriving on the shores of the peaceful Lake Cynon reminds the player that underneath the violence of the civil war, this world can be quite beautiful. (Image credit: Rogue Factor / Nacon)

Still, it’s a super experience overall that I’d recommend to anyone who enjoys either soulslikes specifically or just dark action-adventure games in general. It runs on Unreal Engine 5 (which may set off alarm bells for some gamers), but I found it to be reasonably well-optimized, with no noticeable performance issues at 1440p on my RTX 5060 desktop or at 1080p on the RTX 4060 gaming laptop I also used for testing. Hadea is genuinely beautiful at times, too. For every dank cave and bombed-out village, there’s a vibrant field of flowers or the crumbling majesty of an antediluvian ruin.

If you like good melee combat and won’t be turned off by graphic depictions of war crimes, Hell Is Us is definitely worth a shot. Just be prepared to consult Google from time to time - or, like I did, keep a pen and notepad handy, so you don’t forget exactly where you were supposed to take those baby formula bottles.

Should you play Hell Is Us?Play it if...

You love brutal melee combat
The combat in Hell Is Us is a definite strength of the game, with a satisfying weight to your strikes and (on higher difficulties) a constant feeling of peril, meaning every enemy needs to be taken seriously.

You’re keen to get into soulslikes
As a sort of almost-soulslike action-adventure with fully customizable difficulty, Hell Is Us could provide a more accessible avenue into the frequently gatekept genre spawned by FromSoft's legendary series.

You want to get lost in a dark world
The setting of Hadea is grim and unsettling in the best of ways, making for a seriously engrossing gameworld - provided you can stomach some of the bleaker stuff on show here.

Don't play it if...

You want in-depth RPG mechanics
One of my main criticisms of Hell Is Us is the lack of diversity in its weapon selection, and with no customizable stats for Remi himself, this isn't a game that encourages deep buildcrafting - though there is a decent range of equippable special abilities.

You’re looking for a chill game
This game is anything but relaxing. The combat is challenging, and the gameworld is bleak and filled with horrors both man-made and beyond human comprehension.

Accessibility

We've got the usual selection of accessibility options here, with three color blind modes - Deuteranope, Protanope, and Tritanope - which can be adjusted to varying degrees of color correction, as well as being able to reduce or disable motion blur and camera shake.

There are also gameplay accessibility options, which let you independently adjust the health, damage, and aggression of enemies, plus some customization options for the HUD and the ability to automate enemy lock-ons.

Of note is a directional audio indicator: this displays an on-screen marker denoting the direction and distance of gameplay-related sounds, including enemy attack sounds in combat and the identifying noise emitted by Timeloop Guardians. Considering how important directional sound can be in Hell Is Us, this is a good inclusion for hearing-impaired players.

How I reviewed Hell Is Us

I played Hell Is Us from start to finish, which took me a little under 30 hours - though I was being very thorough in my exploration, and a speedy player less concerned with 100% completion could likely beat the game far quicker.

I used my gaming desktop, which uses an AMD Ryzen 7 5800X3D and Nvidia RTX 5060 with 32GB of RAM, as well as an Acer Predator gaming laptop with an Intel Core i7, RTX 4060, and 16GB of RAM. On desktop, I used an Asus ROG keyboard and mouse and a Razer Raptor 27 gaming monitor. With the laptop, I used a Scuf Instinct Pro gamepad.

I frequently took the time to adjust both the difficulty level and graphical settings in several in-game locations to get a good idea of both how much challenge the game presents and how well it runs. I naturally also tested out each new weapon and ability the game gave me - though I quickly found my favorites and stuck with those for the majority of the game.

First reviewed August 2025

There’s a ticking clock in the world of cybersecurity and it’s counting down to what experts call Q Day — the day when quantum computers will theoretically become powerful enough to break some of today's cryptographic methods, and render many existing encryption methods obsolete.

Or at least that’s the theory. In truth, nobody can predict with absolute accuracy when, or even if, quantum computers will reach the level of sophistication and practicality to manifest this threat. But that doesn’t mean businesses shouldn’t be thinking about it.

While some are hearing the tick of the Q Day clock, others remain unaware. So, what is Q Day, is it a big deal, and what do businesses need to know to prepare?

Do businesses need to be aware of Q Day?

The short answer is yes. The potential threat that quantum computers could pose to current cybersecurity methods cannot be understated. What was once academic theory, akin to technology you’d see in a science fiction novel, is making strides towards reality.

Big companies like IBM and Google, as well as governments and startups, are racing to build more powerful quantum machines. These computers are still in the early stages, but they’ve already grown from handling a few quantum bits (or “qubits”) to managing hundreds, and they’re getting better at solving complex, specific problems.

While quantum computers can’t yet break the encryption software and protocols that protects the internet, experts seem to be reaching a consensus that the day that this could be a reality is about 10-15 years away. This is the so-called Q Day.

Aside from the obvious threat that breaking current encryption poses, businesses also need to be aware that the rise in quantum technology is being taken seriously by governments and regulators alike.

Agencies like the National Institute of Standards and Technology (NIST) have standardized post-quantum cryptographic (PQC) algorithms, while Europe’s ENISA is focused on standardizing the implementation and certification of PQC through schemes such as EUCC, all in preparation for Q Day.

When is Q Day?

Unfortunately, as with all things quantum, answering when Q Day will be is not simple, because no one knows for sure. It’s all dependent on when (and if) the technology reaches a specific level of capability and practicality. And it’s not only about the number of qubits.

However, the speed at which quantum computing is moving forward has prompted agencies like the UK National Cyber Security Centre (NCSC) to put timelines in place.

The NCSC’s timeline for migrating to a quantum safe method of encryption has three phases: discovery and planning by 2028, early migration by 2031, and full migration by 2035.

That gives businesses a maximum of six years to plan and prepare to migrate their critical assets. But again, this timeline is not set in stone — Q Day could come sooner than 2035, later, or it could never come.

It’s difficult because we are talking about technology that hasn’t realized its theoretical potential yet, and no-one has a crystal ball. Quantum computers don’t follow Moore’s Law; they scale non-linearly, and quality matters more than quantity when it comes to qubits.

What do businesses need to do to prepare?

Staying calm should be step number one. Quantum technologies can sometimes be subject to scaremongering, pushing people to make premature or misinformed decisions. And I hate this FUD; it doesn’t lead to the best security outcomes.

Of course the threat is theoretically coming, but it isn’t imminent. Even if quantum computing does eventually break common encryption methods, it’s unlikely that everything will change in the blink of an eye — there will be time to prepare.

However, the time to prepare is now, not when the first quantum-powered breach makes headlines. And that starts with getting your basic digital hygiene sorted.

Organizations should begin by auditing their IT estate with two aims: the first being to identify what IT assets they have, because you can’t update or protect what you don’t know you have. The second is to identify which of those assets are most at risk, especially those dependent on public-key encryption or requiring long-term data confidentiality.

This is great security practice anyway - building a decent asset inventory will bring you gains beyond just post-quantum migration planning.

The next step is to prepare the inventory; decide what needs to be end-of-lifed, and prioritize what you have to migrate. It’s a short sentence to write, but a very long exercise. Good luck. Annex A of this ETSI standard has a very helpful set of questions to help.

If you want to follow the latest standards, here’s a quick update on where we are. NIST has published 3 PQC standards: FIPS 203, 204 and 205, with two more on the way: FIPS 206 in draft and a new fifth algorithm recently announced.

The mathematics is there, but we’re lacking the integration into protocols and widely used technologies. Instead of tracking NIST now, I’d recommend the best group to follow is ETSI’s Quantum Safe Cryptography Working Group focuses on the practical implementation of quantum safe primitives, and the IETF’s PQUIP group, which summarizes all the post-quantum efforts in internet standardization today.

When should businesses prepare for Q Day?

The NCSC timelines are very clear: prepare and plan by 2028, so that you can migrate by 2031. But the uncertainty on when/if Q Day will arrive complicates this slightly.

Prepare too early and you risk adopting immature technologies and standards, potentially increasing vulnerabilities. Wait too long and you may leave critical systems exposed.

The key is finding the timing that’s just right — it’s what I call the Goldilocks Theory and again, it comes down to preparedness: making a good asset inventory, while staying on top of the latest post-quantum standards.

Q Day may be uncertain, but your preparation shouldn’t be. Start planning now — not out of fear, but out of foresight.

We list the best software asset management (SAM) tool.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

AI is having its moment, reshaping how developers work. While the best AI tools enable faster app development and anomaly detection, they also fuel faster, more sophisticated cyberattacks.

The latest headlines are making it clear – no sector is immune. As organizations race to deliver apps at an unprecedented pace, the rise of freely available AI tools with sophisticated capabilities has made it easier than ever for threat actors to effortlessly reverse engineer, analyze, and exploit applications at an alarming scale.

Gartner predicts that by 2028, 90% of enterprise software engineers will utilize AI code assistants to transform software development – placing the promise of lightning speed productivity gains in the hands of every developer and the welcome ability to automate repetitive, tedious tasks.

However, despite massive investments in AI, security continues to be a reluctant effort due to the perception that protection measures have the inverse effect, slowing down software innovation and application performance. The fact is AI has already amplified the threat landscape, especially in the realm of client applications, a primary cyberattack target.

Long considered outside the realm of a CISO’s control, software applications --particularly mobile apps --are a preferred entry point for attackers. Why? Because users tend to be less vigilant and the apps themselves “live” in the wild, outside of the enterprise network. CISO’s can no longer afford to ignore threats to these apps.

It’s an App-Happy World

Consumers have a voracious appetite for apps, and they use them as part of their daily routines; the Apple App Store today has nearly 2 million apps and the Google Play Store has 2.87 million apps. According to recent data, the average consumer uses 10 mobile apps per day and 30 apps per month. Notably, 21% of millennials open an app 50 or more times per day, and nearly 50% of people open an app more than 11 times a day.

As organizations race to deliver apps at an unprecedented pace, the rise of freely available AI tools with sophisticated capabilities have also made it easier than ever for hackers to effortlessly analyze, and reverse-engineer at an alarming scale. In fact, the majority (83%) of applications were attacked in January 2025, and attack rates surged across all industries, according to Digital.ai’s 2025 State of App Sec Threat Report.

Dozens of apps are installed on each of the billions of smartphones in use worldwide. And each app in the wild represents a potential threat vector. Why? Because applications contain working examples of how to penetrate access to back-end systems. The billions of dollars spent every year on security perimeters is rendered useless in the world of mobile applications.

Every application made and released to customers increases a business's threat surface. Developing multiple mobile apps means more risk—and leaving even one app unprotected isn’t an option. AI tools have made it that much easier for even amateur threat actors to analyze reverse engineered code, create malware, and more.

If adversaries have access to the same robust productivity tools, why wouldn’t they use them to get even better and faster at what they do?

New nefarious attacks are having a moment

New research from Cato Networks threat intelligence report, revealed how threat actors can use a large language model jailbreak technique, known as an immersive world attack, to get AI to create infostealer malware for them: a threat intelligence researcher with absolutely no malware coding experience managed to jailbreak multiple large language models and get the AI to create a fully functional, highly dangerous, password infostealer to compromise sensitive information from the Google Chrome web browser.

The end result was malicious code that successfully extracted credentials from the Google Chrome password manager. Companies that create LLMs are trying to put up guardrails, but clearly GenAI can make malware creation that much easier. AI-generated malware, including polymorphic malware, essentially makes signature-based detections nearly obsolete. Enterprises must be prepared to protect against hundreds, if not thousands, of malware variants.

The Dark Side of LLMs for Code Generation

A recent study by Cybersecurity Ventures predicts that by 2025, cybercrime will cost the world $10.5 trillion annually, a massive increase from $3 trillion in 2015, with much of the rise attributed to the use of advanced technologies like LLMs.

Take attribution - many have used an LLM to write “in the voice of”- but attribution is that much more difficult in an AI world, because threat actors can mimic the techniques, comments, tools, and TTPs. False flag events become more prevalent, such as the attack on U.S. service member wives.

LLMs are accelerating the arms race between defenders and threat actors, lowering the barrier to entry, and allowing attacks to be more complex, more insidious, and more adaptive.

Protecting Apps Running in Production

Enterprises can increase their protection by embedding security directly into applications at the build stage: this involves investing in embedded security that is mapped to OWASP controls; such as RASP, advanced Whitebox cryptography, and granular threat intelligence.

IDC research shows that organizations protecting mobile apps often lack a solution to test them efficiently and effectively. Running tests on multiple versions of an app slows the release orchestration process and increases the risk of delivering the wrong version of an app into the wild.

By integrating continuous testing and application security, software teams gain the game-changing ability to fully test protected applications, speeding up and expanding test coverage by eliminating manual tests for protected apps. This helps solve a major problem for software teams when testing and protecting apps at scale.

Modern enterprise application security is not a nice to have-- while CISOs certainly don’t need more work added to their plates, vectors that used to be outside of their control are now creating fissures inside what they do control.

The good news is that there are now robust, baseline protections that balance the need for security with the need for speed of innovation and performance. These features can be added instantly to almost any app in the wild and go right back into the app store.

1. The ability to protect by inserting security into DevOps processes without slowing down developers by adding security after coding and before testing

2. The ability to monitor via threat monitoring and reporting capabilities for apps in production

3. The ability to react by building apps with runtime application self-protection (RASP)

AI is accelerating code production, breeding applications, and reshaping app security – it’s time to stop thinking like a white knight and think like a hacker.

We list the best online cybersecurity courses.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

In today’s work-anywhere culture, people are more connected than ever. As work becomes more mobile and meetings more virtual, one form of cyber threat is quietly becoming more common: audio surveillance.

Cybersecurity now extends far beyond protecting email accounts and stored files. In a hybrid working environment, where conversations happen over video conferencing, voice messages and shared screens, it’s not only your data that is at risk. The conversation itself can become a target.

And here is the reality, according to Forbes, an overwhelming 95% of all cybersecurity breaches are caused by human error. This includes everything from sharing sensitive information without proper safeguards to joining calls over unsecured networks.

It doesn’t always take a sophisticated hack to cause real damage. Sometimes, the risk comes from the tools we trust, the places we connect from or the assumptions we make about who’s listening.

The illusion of safety

Imagine opening your laptop at a coffee shop, putting on your headset and jumping into a client meeting. The connection seems strong, the audio is crystal clear and everything feels just right. But what if someone else is eavesdropping?

In hybrid work, we often step outside the secure walls of the office and into environments we can’t control. That flexibility is a defining feature of modern productivity, but it also opens the doors to silent risks. An unsecured café Wi-Fi network, for instance, can make it remarkably easy for malicious actors to intercept audio streams or access shared content without detection.

Every call, screen share and calendar invite can include sensitive materials, such as financial data, customer details, upcoming campaigns, or internal strategy. A breach of confidential information could result in serious consequences, including regulatory penalties, disciplinary action, financial and reputational liability, or even job loss.

Recent research published in ScienceDirect highlights just how vulnerable virtual collaboration can be. A comprehensive review of video conferencing platforms revealed persistent security flaws, including weak encryption protocols and insufficient access controls, that leave meetings open to unauthorized access and potential surveillance.

For hybrid professionals working from hotels, shared spaces or home networks, this means even the most routine call could be silently compromised if the right safeguards aren’t in place.

More than just a call

In hybrid work, our headsets, webcams and conferencing tools have become the new endpoints of trust. But here’s the uncomfortable truth; a headset isn’t just a device, it’s a data hub that carries voice, client queries, business sensitive information and, in many cases, biometric data like tone, speech patterns and emotional cues.

The risks aren’t just external either. With the rise of AI, even internal tools are learning from the voices of everyone in a company. If not built securely, they could share that information with more than just your team. We live in a world where what we say can be stored, analyzed and even weaponized.

That’s why companies are rethinking how they protect their people, not just their files. Security isn’t just about firewalls anymore, and IT teams need to consider about everything from what a headset hears to how your video bar streams to the cloud.

The quietest threats are the loudest warnings

It’s easy to spot a phishing email or a suspicious link. But the more subtle threats, like unsecured pairing between a headset and a laptop, or a public connection masking malicious intent, are the ones that slip through the cracks.

Imagine walking into a crowded room and announcing your company’s quarterly results out loud. You’d never do it. But working unprotected in a public space can be equally as revealing.

As reported by Comparitech, cybercrime is projected to cost the global economy $10.5 trillion USD annually by 2025. Businesses need to think beyond whether they will be targeted or not, it’s an inevitability.

Raising the Standard

Business leaders need to adopt the ethos that the only individuals who should be on a call are the ones who’ve been invited. That’s why all devices need to have an emphasis on security.

This includes encrypting conversations, implementing secure device pairing and building-in automated defenses against man-in-the-middle attacks. And implementation alone isn’t enough, IT teams need to stress-test solutions with in-house and contracted ethical hackers. This ensures customer trust is built into the very fabric of the tools we use.

Hybrid work is here to stay, and that’s a good thing. It gives workers freedom, flexibility and balance. But with that freedom comes a new kind of responsibility: to protect the digital spaces businesses occupy, the voices employees share and the people they connect with.

The next time you plug in your headset, ask yourself “who else might be listening?”. The biggest risks don’t always come with red warning signs; sometimes, they arrive quietly, just like a spy among us.

We list the best business phone systems.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The 6.0 magnitude quake late Sunday hit a series of towns in the province of Kunar, near the city of Jalalabad in neighboring Nangahar province, causing extensive damage.

(Image credit: AP)

Encryption has been on a long journey, transcending centuries, from leather scrolls to quantum-resistant algorithms. But if we look at security requirements for businesses 25 years ago, the world was very different then. I sold encryption software back in 2000 when no one apart from the Government knew they needed it. It was free for home or personal use, so trying to sell encryption in a world where users borrowed it free of charge was tough.

One of the most notable examples at the time was OpenSSL, an open-source project that provided free encryption tools for securing internet communication. Another popular tool was PGP (Pretty Good Privacy), which had both free and commercial versions. The free version was widely used by privacy advocates, journalists, and tech-savvy users to encrypt emails and files.

However, eventually, public-key cryptography and tools like PGP started to gain traction for secure email and online communication. It was a pivotal moment as encryption moved from being a nice-to-have to becoming essential for privacy and trust online.

Unlocking Encrypted Data Without Compromising Security

Fully Homomorphic Encryption (FHE) has also been in the mix for about 15 years. But it has been labelled as too complicated, requiring too much processing, too much disk space, being too slow and more.

But we’ve seen a breakthrough in FHE whereby customers are using it not just to encrypt data, but to query, decrypt and use it. They can also search data faster when it's encrypted than when it's not!

Without going into lengthy explanations as to how the integers (the raw material that makes encryption possible) and cryptographic algorithms work, in simple terms, it’s only the user who has access to and can understand and read the data. Where anyone else is concerned, the data is just garbage.

Why is this so important? If we look at how encryption tools work today, we create data, which we then encrypt. Every time we search, every time we move, we decrypt – because that’s the only way to make the data work for us. Once we have decrypted it, we must re-encrypt it to ensure it is safe. Therefore, we have multiple touch points where data, which we tell users is encrypted, isn’t encrypted.

This might be okay for data-at-rest, but once you migrate data from A to B, in many cases, we send the encryption keys with it. This is the equivalent of sending the keys to the castle with the castle. Also, the moment the user wants to do anything with that data (which is arguably when it is most useful) then all that safeguarding is gone.

Therefore, for us to be able to allow customers to use data whilst it still has a safety net around it and ensure data remains confidential is a huge leap forward. Most importantly, we don't have encryption keys travelling with the data; the keys are generated at the point of login.

Is Bootstrapping FHE The Answer?

Many in the industry advocate bootstrapping FHE as a workaround. This is a clever trick that allows encrypted data to be refreshed so it can be used in computations without becoming too noisy to decrypt. But it’s important to recognize both its promise and its challenges.

Done properly, bootstrapping has significant potential if implemented efficiently. It could unlock powerful capabilities in computation, especially in domains where data sensitivity is paramount.

However, bootstrapping remains computationally intensive. Even with optimized schemes, it can take seconds per operation, which means it cannot be used for real-time applications. Bootstrapping implementations are highly complex.

That said, dismissing bootstrapping outright may be premature. As research and engineering efforts continue - including our own - there’s reason to believe that more efficient, scalable implementations are within reach.

We live in a data-driven world, and FHE is going to be the key to enabling access to data and the use of technology like AI tools. However, I recently read an article in which Elon Musk discussed the fact that we’re running out of real-world data to train AI models.

This idea (often called the “peak data” theory) suggests that the internet no longer offers enough fresh, high-quality data to improve large AI models meaningfully.

In other words, we will hit a point where data is not going to develop in a way that is useful to organizations because of all the rules we put around it, some of which are self-imposed, others which are required by regulators.

Many Cast Caution Aside

Many regulations are vague, which means organizations will interpret these in a way that enables them to reduce risk by taking a more cautious approach. Other companies throw caution to the wind. We're seeing that play out in real-time.

Take Meta as an example. The company has faced multiple fines recently. The most notable in 2025 is a €200 million penalty from the European Commission under the Digital Markets Act (DMA). The fine was issued because Meta’s “pay-or-consent” model, where users had to either pay for ad-free access or consent to data tracking, was found to violate users’ rights to genuine choice.

Regulators argued that this setup pressured users into giving up their data, undermining the DMA’s goal of fair digital competition.

Improving Lives

I would argue that we must make data more usable, particularly where data helps make the world a better place. Clinical trials, for example, have faced challenges due to disparate data, which hampers progress. If a trial is quite niche, the organization needs to be able to get a decent data set to perform tests and analyze the results in a meaningful way.

We are helping organizations keep the data in the jurisdiction it is supposed to be in and still collaborate without moving the data around and without plain text data ever flying across the internet. This means we can make people's lives better; we can stop people dying of illnesses we could prevent because we understand more.

Of course, we want to be able to use data in a way that still respects privacy. This is where we see FHE being an enabler. We can have AI using data that is encrypted to make better decisions without affecting the underlying owner of the data from a user level. It's a brave new world – but an exciting one.

We list the best data recovery software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Here are hints and the answers for the NYT Connections: Sports Edition puzzle for Sept. 1, No. 343.

Here are the answers for The New York Times Mini Crossword for Sept. 1.

As a U.S. federal judge blocked the deportation of unaccompanied Guatemalan children, the government of Guatemala says in a statement it suggested the U.S. return its children to their home country.

(Image credit: Anna Moneymaker)

Looking to access BBC Sounds – the BBC's podcast, radio and music app – from outside the UK? If you're visiting the US, Canada, Australia or indeed anywhere else, you can use a VPN – NordVPN works best – to unblock BBC Sounds and listen as normal.

We'll go into detail below and explain why the BBC's recent announcement that it would block international access to the BBC Sounds app saddened (and angered) many listeners around the world.

Here's a full (and quick) guide to how to get BBC Sounds from abroad...

When did the international BBC Sounds block come into force?

International access to BBC Sounds was shut down on Monday, July 21.

Can I still access BBC Sounds from abroad or on holiday? 

Yes. UK residents will be able to continue accessing the BBC Sounds app from abroad with a VPN. We recommend Nord, which comes with a 30-day trial and over 70% off when you use our deal below...

How to unblock BBC Sounds with a VPN

If you're outside the UK at the moment and blocked from using BBC Sounds, you can still access the app thanks to the wonders of a VPN (Virtual Private Network).

The software allows your devices to appear as if they're back in your home country regardless of where in the world you are. So ideal for listeners away for work or on vacation wanting a taste of home.

NordVPN is our favorite:

Editors Choice

NordVPN – get the world's best VPN
We regularly review all the biggest and best VPN providers and NordVPN is our #1 choice. It unblocked every streaming service in testing and it's very straightforward to use. Speed, security and 24/7 support available if you need – it's got it all.

The best value plan is the two-year deal, which sets the price at $3.39 per month and includes an extra 3 months absolutely FREE. There's also an all-important 30-day no-quibble refund if you decide it's not for you.

- So, try NordVPN 100% risk-free for 30 daysVIEW DEAL ON

Is there a BBC Sounds alternative?

Listeners based outside the UK can now access a limited selection of BBC audio programming via the BBC.com website and the BBC app (iOS / Android).

To put it mildly, however, they're nothing at all like BBC Sounds!

The only live services available through BBC.com and the BBC app are BBC Radio 4 and the BBC World Service English. They also host select podcasts, and news and history programming, such as Global News Podcast, You're Dead to Me and Infinite Monkey Cage.

Although you can listen via BBC.com and the BBC app without an account, you have to sign in on order to download, follow and save shows.

Can I listen to BBC 6 Music and other radio stations from outside the UK?

All, however, is not yet lost. You can still listen to BBC Radio stations from outside the UK by visiting their individual websites directly, through a web browser (links listed below).

It's a crude workaround, but it works.

However, these websites don't support key BBC Sounds features, such as the option to set a radio station as your alarm or even the ability to view a station's schedule.

Furthermore, only select radio content will be made available on-demand through the websites.

BBC Radio 1

BBC 1Xtra

BBC Radio 2

BBC Radio 3

BBC Radio 4 Extra

BBC Radio 5 Live

BBC Asian Network

BBC 6 Music

Click for more BBC Radio stations▼

BBC Live News

BBC Radio Scotland

BBC Radio Scotland Extra

BBC Radio Orkney

BBC Radio Shetland

BBC Radio nan Gaidheal

BBC Radio Ulster

BBC Radio Foyle

BBC Radio Wales

BBC Radio Wales Extra

BBC Radio Cymru

BBC Radio Cymru 2

Local radio

BBC Radio Berkshire

BBC Radio Bristol

BBC Radio Cambridgeshire

BBC Radio Cornwall

BBC CWR

BBC Radio Cumbria

BBC Radio Derby

BBC Radio Devon

BBC Essex

BBC Radio Gloucestershire

BBC Radio Guernsey

BBC Hereford & Worcester

BBC Radio Humberside

BBC Radio Jersey

BBC Radio Kent

BBC Radio Lancashire

BBC Radio Leeds

BBC Radio Leicester

BBC Radio Lincolnshire

BBC Radio London

BBC Radio Manchester

BBC Radio Merseyside

BBC Radio Newcastle

BBC Radio Norfolk

BBC Radio Northampton

BBC Radio Nottingham

BBC Radio Oxford

BBC Radio Sheffield

BBC Radio Shropshire

BBC Radio Solent

BBC Radio Solent Dorset

BBC Radio Somerset

BBC Radio Stoke

BBC Radio Suffolk

BBC Radio Surrey

BBC Radio Sussex

BBC Radio Tees

BBC Three Counties Radio

BBC Radio Wiltshire

BBC Radio WM

BBC Radio York

Further BBC Sounds troubleshooting tips

If you still can't access BBC Sounds, even with the aid of a VPN, there are a few more things you can try.

Make sure your BBC account is associated with a valid UK post code, such as W1A 1AA.

The BBC Sounds app (iOS / Android) won't appear in the Play Store or the App Store outside the UK, but you may be able to get around that by changing your phone's region in the settings menu.

The BBC, like most broadcasters and networks, is engaged in a neverending cat-and-mouse battle with VPN providers.

Although we've ranked the best iPlayer VPNs, something we've worked out through thorough testing, if one of them works today there's no guarantee the same will be true tomorrow, in which case you can raise the issue with your VPN provider's customer support team, and ask them to recommend the best server to connect to.

Why did BBC Sounds get blocked? What's the full story?

So what would compel the corporation to cut one of its most popular and beloved exports? The decision was taken without a consultation, and BBC management has rebuffed calls for an explanation to be provided.

For weeks following the announcement, Andrea Catherwood, the presenter of the BBC Radio 4 podcast Feedback, endeavoured to get a BBC spokesperson onto her show in order to justify the move, without success.

The move has been met with widespread anger and sadness, but above all disbelief. BBC Sounds doesn't just provide a connection to home for Brits living abroad, it's an invaluable purveyor of culture, education and entertainment, which has served as a key platform for musicians, artists and performers, some of whom owe their entire careers to radio.

BBC Sounds' demise has also caused a political storm in Ireland, where listeners north of the border retain full access to the app.

The memorandum of understanding agreed by the UK and Irish governments in 2010 stressed the importance of public service broadcasting on both sides of the border, for "promoting cultural diversity, in providing educational programming, in objectively informing public opinion, in guaranteeing pluralism."

The subject at the time was Irish-language channel TG4, with the MoU advocating its availability in Northern Ireland as well as the Republic of Ireland. However, listeners in the Republic of Ireland have now had their access to BBC Sounds blocked.

We test and review VPN services in the context of legal recreational uses. For example:1. Accessing a service from another country (subject to the terms and conditions of that service).2. Protecting your online security and strengthening your online privacy when abroad.We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.

A federal district judge issued a temporary restraining order after the U.S. attempted to deport hundreds of unaccompanied Guatemalan children without proper immigration proceedings.

(Image credit: Johan Ordonez)

• DocumentDB started as a Postgres add-on before evolving into a standalone project
• The Linux Foundation’s adoption signals a new era for open document databases
• MongoDB’s restrictive licensing decisions created openings for DocumentDB’s permissive approach

For years, open source databases have been described as either traditional relational systems or newer NoSQL alternatives.

The emergence of DocumentDB, first introduced by Microsoft and now adopted under the Linux Foundation, is blurring that divide.

By combining PostgreSQL with document-oriented storage through extensions, DocumentDB positions itself as both familiar to developers and disruptive to existing NoSQL players.

From PostgreSQL extensions to a full project

Its adoption under the permissive MIT license signals a push for wider community participation.

"It's great that Microsoft, AWS, and others are joining forces to work on DocumentDB, an open source implementation of a MongoDB-compatible API on top of PostgreSQL,” said Bruce Momjian, founding member of the PostgreSQL core development team.

"We built DocumentDB with a simple goal: give developers an open document database with the flexibility of NoSQL and the power, reliability, openness, and ecosystem of Postgres," said Kirill Gavrylyuk, vice president at Microsoft.

DocumentDB began in 2024 as a pair of PostgreSQL add-ons for handling BSON data models and document queries.

Within a year, the project expanded into a standalone database that still depends heavily on PostgreSQL’s reliability and ecosystem.

This dual identity, part relational engine and part document store, makes DocumentDB attractive for developers seeking a common interface.

Yet skeptics point out that layering document features onto PostgreSQL does not erase the structural limitations of relational systems.

The move to bring DocumentDB into the Linux Foundation has attracted support from Amazon Web Services, Google, and others.

Their endorsement signals a rare moment of alignment among major cloud vendors, particularly given the licensing disputes that fractured the database world in recent years.

"AWS is excited to contribute to the open source DocumentDB project, now stewarded by the Linux Foundation," said Adam Abrevaya, director, Amazon DocumentDB.

"It is great to see the DocumentDB project joining the Linux Foundation, which assures customers and the community have an openly governed, open source option available to them," said Sailesh Krishnamurthy, vice president of engineering, Google Cloud.

Still, critics recall that vendor neutrality has often been more symbolic than practical.

A project backed by hyperscalers can easily become shaped by their priorities, leaving smaller contributors to wonder how much influence community governance will genuinely hold.

The adoption of DocumentDB can also be seen as a response to MongoDB’s decision to embrace restrictive licensing models.

By offering a permissive alternative, the Linux Foundation hopes to push toward a more interoperable standard for document databases.

Industry veterans argue that such a standard is long overdue, but the timing is contentious.

However, MongoDB continues to dominate the market, and its defenders insist that bolting document capabilities onto PostgreSQL is no substitute for a native design.

"DocumentDB fills a critical gap in the document database ecosystem, attracting contributors, users, and champions. It provides an open standard for document-based applications," said Jim Zemlin, executive director of the Linux Foundation.

For developers working on Linux distros or configuring laptops for programming, DocumentDB may appear as another tool promising simplicity and openness.

Enterprises considering mobile workstations or SaaS integrations may also see appeal in a standardized, Postgres-based NoSQL option.

Yet the reality is less straightforward because success depends on technical merit and the community's resistance to tilting toward the largest vendors.

You might also like

• Check out the best 3D modeling software for 3D printing and more
• We've rounded up the best portable monitors available now
• Adobe Firefly and Express are getting a Gemini AI boost, making ad campaigns flashier than ever

Still recovering from devastating July flash flooding, the Kerrville community gathered for the Texas tradition of high school football Friday night. As Texas Public Radio's David Martin Davies reports, the Tivy Antler varsity football team took on Del Rio in their season opener at Kerrville's Antler Stadium, the same location that was a volunteer hub after the July 4th flooding and where a recent massive memorial was held.

Former New York City Mayor Rudy Giuliani has been hospitalized with a broken vertebra after a car accident in New Hampshire, according to his spokesperson.

(Image credit: Ted Shaffrey)

Former New York City Mayor Rudy Giuliani has been hospitalized with a broken vertebrae after a car accident in New Hampshire, according to his spokesperson.

(Image credit: Ted Shaffrey)