Finding a genuinely capable desktop computer for under $400 is harder than it sounds — most machines at this price make uncomfortable compromises somewhere. The Kamrui Hyper H2 Mini PC is currently $460 (was $600) at Amazon for Prime Day.

• Shop Amazon's Prime Day deals

My daughter is heading into her second year at Penn State this fall, and she needed a proper desktop setup for her dorm room without taking up half her desk or blowing the back-to-school budget. A mini PC made a lot more sense than a bulky tower — something capable enough to handle coursework, video calls, and the inevitable browser tab overload of university life, but compact enough to tuck behind a monitor and forget about. After studying all the options, this is the one I landed on.

This is one of the few machines at this price that doesn’t feel like a compromise. A 10-core Intel processor, a fast PCIe 4.0 SSD, 16GB of RAM, and triple 4K display output — in a chassis that fits in the palm of your hand.

Today's top mini PC deal

The Intel Core i5-14450HX is the genuine headline here. Most mini PCs at this price use low-power mobile chips designed for thin laptops — efficient, but not particularly fast. The i5-14450HX is different: it’s a 10-core (2 performance + 8 efficiency), 16-thread HX-series chip with a 4.8GHz boost clock, drawn from Intel’s laptop gaming platform. Armchair Arcade’s benchmarks put its Geekbench 6 single-core score at 2,510 and multi-core at 10,324 — the single-core figure is essentially identical to a desktop Core i7-12700, which retailed for several hundred dollars on its own when it launched.

The 512GB PCIe 4.0 NVMe SSD is the other spec worth highlighting. Budget mini PCs typically ship with older PCIe 3.0 or even SATA SSDs. PCIe 4.0 doubles the theoretical bandwidth, and in practice means noticeably faster boot times, quicker app launches, and snappier file transfers — the kind of difference you feel every time you sit down at the machine. The dual M.2 slots mean you can add a second SSD later without replacing anything, and the RAM is user-upgradeable to 64GB across two SO-DIMM slots.

Triple 4K display support is a feature most people wouldn’t expect at this price. Via the HDMI, DisplayPort, and USB-C outputs simultaneously, the Hyper H2 can drive three 4K@60Hz monitors — the kind of setup that day traders, developers, financial analysts, and video editors typically associate with much more expensive workstations. One reviewer specifically called out how well it handles multi-screen productivity workflows with sustained workloads, noting it’s where the i5-14450HX platform genuinely shines.

The dual Ethernet ports are an unusual feature at this price point and are worth calling out for the right buyer. Two RJ45 ports mean you can simultaneously connect to two separate networks — useful for IT professionals, home lab setups, network-attached storage configurations, or simply keeping work and personal network traffic separated. Wi-Fi 6 and Bluetooth 5.2 handle wireless connectivity.

The chassis itself is compact — small enough to mount behind a monitor via VESA, sit on a desk without taking up meaningful space, or pack in a bag for travel. Passive ventilation handles thermal conditions adequately for everyday workloads, though sustained all-core CPU loads will push the machine toward its thermal limits, a common characteristic of high-performance chips in compact chassis.

One honest caveat: integrated Intel UHD graphics are not a GPU replacement. For casual media playback, video calls, and 4K display output, they’re perfectly adequate, but demanding 3D workloads and modern titles at high settings are beyond what integrated graphics can deliver. This is a productivity and everyday-use machine first — and a very good one — not a gaming rig.

To me, the Kamrui Hyper H2 is the kind of deal that’s hard to walk past if you’re in the market for a compact, capable everyday desktop. Check out more options in our guide to the best mini PCs.

Also consider

• See all mini PCs at Amazon

Tim Cook has long taken a strong stance against the infringement of Apple users' privacy – and the general erosion of privacy. That's been the case whether he's shown support for end-to-end encryption or if he's railed against the monetization of user data.

The rise of data protection

Almost a decade ago, the European Union (EU) introduced the most radical reformations to data protection laws in a generation with the General Data Protection Regulation (GDPR).

Several months later, the (now outgoing) Apple CEO spoke at the 40th International Conference of Data Protection and Privacy Commissioners with a speech that targeted Apple's fellow technology rivals with both barrels.

He pointed out that billions of dollars were changing hands – and countless decisions were being made based on data points harvested from our interactions on digital platforms. These may include clicks of a Like button but also the information we have shared, often without understanding the full implications.

Your very own digital profile

Cook projected a dystopian future in which each person would be represented by a digital profile that's been devised based on analysis of the countless data points systems have gathered.

The purpose of this form of behavioral profiling, he suggested in his speech, could range from more effectively monetising your information to targeting you with more extremist content in one direction or another.

For example, we've since seen the way that social media platforms and similar sites have been highly effective in populist political movements, including the U.K. 'Brexit' decision to leave the EU. There are also fears this sort of power has been weaponized, to use Cook's phrase, by foreign adversaries.

Nearly 10 years on from the introduction of GDPR, there are fears that the rise of AI – which is turbocharging some of the fears the outgoing Apple boss raised – is undermining the laws and that newer, more modern regulations are needed.

• Modern AIO coolers now contain hardware resembling miniature computers
• Large displays are becoming common features in premium liquid coolers
• MCUs now power advanced features inside modern cooling systems

Modern all-in-one (AIO) liquid coolers are increasingly resembling miniature computing platforms rather than simple hardware designed to move heat away from processors.

Several newly announced models now incorporate color displays approaching smartphone dimensions, complete with monitoring software, animations, and multimedia capabilities.

In some cases, the screens attached to CPU cooling systems are larger than the 4.7-inch display found on Apple's iPhone SE.

Tiny computers are now embedded inside cooling hardware

An example comes from ASUS, whose ROG Strix SLC IV incorporates a detachable 6.67-inch curved AMOLED display running at 2400 × 1080 resolution.

The company also offers the ROG Strix LC IV with a smaller 3.5-inch IPS panel, though both products retain extensive customization features.

Driving these displays requires considerably more than a simple temperature sensor because the screens must process graphics, animations, telemetry information, and user inputs.

Behind such displays sits a microcontroller, commonly called an MCU, which is effectively a complete computer integrated onto a single chip.

An MCU has its own processor, memory, storage resources, and input output functions, allowing it to operate independently within larger devices.

Twenty years ago, a high-end CPU cooler was little more than a large metal heatsink paired with one or two fans.

Modern flagship AIOs increasingly incorporate MCUs, wireless connectivity, high-resolution displays, RGB controllers, dedicated software ecosystems, and even video playback capabilities.

The result is an entertaining rise in complexity, with display-equipped coolers now relying on tiny computers to manage their advanced features.

As functionality expands, prices have also climbed, turning what was once a relatively straightforward component into one of the most feature-laden devices inside a modern PC.

This trend extends beyond ASUS as manufacturers increasingly compete through aesthetics rather than solely emphasizing thermal performance improvements.

JONSBO's TM-280 includes a 3.95-inch IPS screen capable of displaying hardware statistics, animated GIF files, images, and MP4 video playback.

Meanwhile, ASRock's Challenger Digital models integrate 3-inch LCD panels displaying processor temperatures, clock speeds, and pump operating information.

Antec has moved even further with the Vortex View 360, featuring a rotatable 5-inch IPS display operating at 1280 × 720 resolution.

Cooling performance now shares space with entertainment features

Manufacturers still improve thermal hardware through faster pumps, larger radiators, enhanced fan designs, and supplementary motherboard cooling solutions.

ASUS incorporates a small VRM cooling fan, while JONSBO rates its TM-280 for processors reaching thermal loads of 285W TDP.

Yet the most visible developments increasingly involve screens, lighting effects, wireless connectivity, software ecosystems, and display customization capabilities.

MSI recently introduced a fabric-covered cooler concealing a display beneath its exterior, illustrating how appearance has become increasingly influential.

Several of these products now depend upon dedicated software suites, internal USB connections, specialized controller hubs, and proprietary communication interfaces.

The ASUS wireless display implementation even relies upon a motherboard connection system carrying power, control signals, and data through dedicated contacts.

The evolution remains entertaining because these cooling components have transformed into feature-rich hardware that can justify higher prices for enthusiasts building showcase systems.

Some users, however, may question whether such additions are necessary for hardware whose primary purpose remains cooling a processor.

Via The Guru of 3D

Building a gaming PC from scratch with an RTX 5070 still costs you a significant chunk of change when you factor in every component. That’s what makes the MSI Codex R2 at $1690 (was $2300) at Amazon such a compelling deal right now.

• Shop Amazon's Prime Day deals

Here, you get a complete, ready-to-game desktop built around Nvidia’s GeForce RTX 5070 12GB GDDR7, an Intel Core i5-14400F, 32GB of DDR5-6000 RAM, and a 1TB NVMe SSD. No sourcing parts, no assembly, no compatibility headaches.

The RTX 5070 is Nvidia’s Blackwell-architecture mid-to-high-end card, featuring 12GB of GDDR7 memory with 168 GB/s bandwidth and full support for DLSS 4 Multi Frame Generation — giving video editors and 3D animators exactly what's needed for multi-stream workflows in real time.

Today's top MSI desktop deal

The RTX 5070 is built on Nvidia’s Blackwell architecture — the same generation as the flagship RTX 5090 — and brings meaningful improvements over the RTX 4070 it replaces. The 12GB GDDR7 frame buffer operates at significantly higher bandwidth than GDDR6X, and the new Transformer-based AI model underpinning DLSS 4 produces noticeably sharper upscaled images than DLSS 3. Multi Frame Generation, exclusive to Blackwell cards.

The Intel Core i5-14400F is a 10-core, 16-thread Raptor Lake chip with a 4.7GHz boost clock. It’s not the flashiest processor on paper, but in the context of a PC for creative professionals, it does exactly what’s needed: keeps the RTX 5070 fed with data without bottlenecking workloads. The 32GB of DDR5-6000 RAM is a notably generous allocation — most pre-builts at this price ship with 16GB, and 32GB gives you meaningful headroom for multi-tasking, streaming, and future-proofing.

The four-fan airflow system and dedicated RGB CPU air cooler are designed to keep temperatures stable across long sessions. MSI's own pitch is that your performance at hour one is identical to hour five — a common pain point with pre-builts that use minimal cooling to hit a price target. The mesh-style front panel on the Codex R2 chassis significantly increases airflow compared to the solid panels on previous Codex generations.

The 80+ Gold certified PSU is a detail worth calling out explicitly. A lot of pre-builts in this price range ship with 80+ Bronze or unrated power supplies that can cause stability issues under sustained GPU load, or leave no headroom for a GPU upgrade later. 80+ Gold certification means the PSU is at least 87% efficient at full load, runs cooler, and is rated for the kind of power draw the RTX 5070 demands.

Wi-Fi 6E is included for wireless connectivity on the less-congested 6GHz band, which delivers lower latency and faster speeds than Wi-Fi 5 or standard Wi-Fi 6 in busy networks — useful if you can’t hardwire the desktop to your router. MSI Center software gives you a single dashboard for controlling RGB lighting, fan curves, and performance profiles without hunting through multiple utilities.

One honest note: the i5-14400F is a 14th-gen Intel chip rather than the newer Core Ultra series, which means it doesn’t have an integrated NPU for Copilot+ features. For gaming that’s completely irrelevant, but if you also use your PC for AI-accelerated creative workloads, it’s worth being aware of. The standard off-the-shelf component spec does mean you can drop in a Core Ultra CPU or a future GPU upgrade without any proprietary restrictions, which partially offsets that.

At this price, the MSI Codex R2 is one of the most straightforward ways to get an RTX 5070 desktop right now without a self-built PC. Check out more options in our guide to the best business computers.

• See all desktop deals at Amazon

Amazon Prime Day isn't just about big-ticket gadgets because there are also terrific savings to be had on USB wall chargers that can tidy your desk, speed up charging, and keep multiple devices powered from a single outlet.

Whether you need a premium GaN charger or a budget-friendly spare, these deals cover every price range.

Anker's Prime 67W GaN wall charger has dropped to $39.99, saving a decent 20% on a compact charger with two USB-C ports and one USB-A port. It can power up to three devices at once while taking up far less space than many laptop chargers, making it a nifty travel companion.

Today's top USB wall charger deals

If you want everything in one package, YYDBS has a two-pack of 20W fast chargers with 6ft and 10ft MFi-certified Lightning cables for just $11.99.

The dual-port adapters can charge two devices simultaneously, giving you a simple charging setup for home and the office.

Luoatip's three-pack of dual USB wall chargers is another excellent budget option at only $8.99 after a 25% discount.

With six USB ports across three compact adapters, there's enough charging capacity for bedrooms, kitchens, desks, and travel bags without spending much at all.

Fobsunland also has a two-pack of lightweight USB wall chargers for the pocket money price of just $7.99.

They offer dependable 5V/2A charging for phones, tablets, earbuds, and other USB-powered devices, making them perfect as spare adapters to leave around the house or pack in your luggage.

A good charger can last for years, and Prime Day is one of the best opportunities to replace older adapters without paying full price.

Whether you need high-speed USB-C charging for a laptop or inexpensive plugs for everyday devices, these Amazon deals offer plenty of ways to upgrade your charging setup for less.

For more picks, check out our guides to the best iPhone chargers, and the best wall chargers.

• Shop all USB wall chargers at Amazon

Fast storage can completely change the way you work, and I’m a huge fan of the 1TB SanDisk Extreme Pro Portable SSD, which is now $179 (was $210) at Amazon this Prime Day.

That's a 15% saving on one of the most popular high-performance external drives on the market, and even boasts an IP65 rating for durability. For UK readers, it's got a slightly smaller discount, with the Extreme Pro now £202 (was £210).

Thanks to its NVMe-based architecture and USB 3.2 Gen 2x2 connectivity, the drive is rated for read and write speeds of up to 2,000MB/s. In practical terms, that means significantly faster file transfers than traditional portable hard drives and many entry-level SSDs.

Today's top SanDisk portable SSD deal

Whether you're moving large photo libraries, backing up projects, editing video, or carrying a game library between devices, the Extreme Pro will minimize waiting around.

The drive features a forged aluminum chassis that doubles as a heatsink to help keep up performance during sustained transfers.

It's rated for up to three meters of drop protection and carries an IP65 rating for water and dust resistance, making it a solid choice for photographers, content creators and professionals who regularly work away from a desk.

Built-in 256-bit AES hardware encryption and password protection help keep sensitive files secure, while the SanDisk Memory Zone app can assist with file management and freeing up storage space on connected devices.

With more than 16,000 customer ratings and an average score of 4.5 stars on Amazon, the Extreme Pro has a rightly deserved strong reputation among users who need reliable, high-speed portable storage.

Sure, $178.49 isn't exactly a budget purchase, but Prime Day's discount makes it a more attractive choice for anyone seeking a rugged, fast external SSD that will remain useful for years to come.

For more picks, check out our guides to the best portable SSD and the best rugged drives.

Also consider: More portable SSD deals

• US: Shop all portable SSDs at Amazon.com
• UK: See all portable SSDs at Amazon.co.uk

• AiOnX takes 77% share in US-based cryptocurrency miner
• The deal sees it take control of 15 data centers in the US and Sweden
• The $500 million acquisition sees it secure access to 1.3 Gigawatts of power, an increasingly scarce commodity for AI datacenters

AiOnX, a major data center infrastructure developer focused on hyperscalers across Europe, has taken a majority stake in the US-based cryptocurrency mining firm Genesis Digital Assets.

The transaction, valued at $500 million, sees its parent company, SWI Group, take a 77% stake in GDA, and gives it control over 15 cryptomining data centers across the US and Sweden - and perhaps more importantly, access to 1.3 Gigawatts of available power.

The agreement encompassing 15 data centers across North Carolina, South Carolina, and Texas, as well as two sites in Sweden.

A faster buildout with ready access to power

The move by SWI Group was reported by DataCenterDynamics, which said a deal was in the works between SWI and a then-unnamed US cryptomining entity.

It seems to have been dictated by GDA's access to readily available power, even as most hyperscaler buildouts continue to struggle with their own power limitations, and as studies indicate it could eventually stall AI datacenter growth by as early as 2030.

The reason for GDA making for a relatively no-brainer acquisition by SWI, thanks to its power connectivity.

"Power connectivity is the most valuable commodity in digital infrastructure today, and converting legacy cryptocurrency mining infrastructure to AI and high-performance computing is the best and highest use of these assets," noted SWI founder and CEO, Max-Hervé George.

"We have been investing in power-connectivity since 2020. This is what that thesis looks like at scale."

This is not an isolated move, however, with many cryptocurrency miners now pivoting to or getting outright acquired by AI hyperscalers as demand for compute, and, in tandem, power continues unabated as models get larger over time.

The reason is that not only is cryptomining relatively unprofitable compared to AI workloads that rent out GPUs under long-term contracts, but it is also inconsistent, given that cryptocurrency prices tend to fluctuate, making for an unpredictable payday for cryptominers, many of whom are heavily infused with debt to cover their scaling needs.

While modern crypto ASICs can not be repurposed for AI needs, the power they consume, much of which is locked in via long-term contracts, is much more valuable for AI datacenters since their power needs are already taken care of and available on-site, versus many otherwise ambitious and time-consuming power generation projects that some hyperscalers have directly been forced to invest in.

For context, as per estimates by Coindesk, AI contracts offer margins of as much as 85% with multi-year revenue visibility in tow, making cryptomining, even as hashrates continue to climb, while Bitcoin remains below $70,000, reflecting a broader crypto market that some feel has already entered a bear-induced winter.

• Alibaba's Tongyi Lab unveils the Qwen Robot Suite
• Its first embodied-AI models are split into navigation (RobotNav), a video "world model" (RobotWorld), and manipulation (RobotManip)
• The move comes after Nvidia recently unveiled and published its own Cosmos 3 offerings

As much of its AI competition continues to focus on LLMs and making them faster and more capable, Alibaba might be looking to lead on another frontier altogether, along with its LLM ambitions in tow: robots.

The company's Tongyi Lab has unveiled the Qwen Robot Suite, what it calls a family of models focused on "embodied AI," which centers on enabling machines to perceive space, reason, and act accordingly.

This comes at the heels of Nvidia's own Cosmos 3, a frontier model for physical AI, further bolstering CEO Jensen Huang's narrative that China's developer ecosystem remains relatively unaffected by chip restrictions, even as focus in the West continues to shift to power for many of the sprawling data centers being built in the US.

A competitor or a complement to Nvidia's playbook?

The Qwen-Robot Suite consists of three core models: Qwen-RobotManip, a generalizable vision-language-action model; Qwen-RobotNav, a scalable vision-language navigation model; and Qwen-RobotWorld, a video world model designed for embodied intelligence.

There is no denying, however, that robotics is being treated as perhaps the most crucial frontier for AI, even as LLMs continue to advance, with both Google and Nvidia among the companies pouring billions into research on their respective Gemini Robotics and open source Cosmos offerings.

Alibaba claims that the model, which leverages a more lightweight Qwen3.5-4B model rather than its Qwen 3.7 Max, which features over a trillion parameters, manages to top the RoboChallenge real-robot benchmark, scoring an impressive 59.83 and a 45% task success rate.

With other interested parties such as Tencent, Unitree, AgiBot, UBTech, Galbot, Spirit AI, and GigaAI, in addition to interest from EV firms including Xpeng and Xiaomi, all shaping the future of Chinese AI robotics, R&D in the industry is continuing at full swing, even as upcoming IPOs are expected to further propel the industry forward with easier access to capital.

The South China Morning Post, a wholly owned subsidiary of Alibaba, noted that "Alibaba’s entry comes as embodied intelligence is fast becoming the next frontier in global AI."

Nvidia's position on the matter is perhaps more nuanced with it attempting to behave as an 'enabler' versus a direct competitor as it pushes its open-source model to perhaps form the same building block that CUDA does for GPUs with Cosmos, GR00T, Isaac and similar offerings being the playbook this time around to ensure future robotics platforms are built, much like most AI tools, around Nvidia's hardware and software stack.

Alibaba's announcement might not be a sign of the Chinese giant out-engineering Nvidia, but in the backdrop of the Chinese government insisting informally at least, on a decoupling or at a minimum, no reliance on US-based hardware or software, it can be seen as an intent to build a similar ecosystem for Chinese robotics companies.

In the absence of Nvidia's presence in China, it might be hard to compare the two offerings, even as their scales differ considerably: Cosmos 3 is an open-world foundation model with multiple vendor-reported scores that do not cover RoboChallenge, whereas Alibaba's are self-reported from exactly one benchmark. Until both approaches can be compared directly, one can not assume superiority of one over the other.

What is, however, perhaps painfully obvious for Nvidia, and has been warned of time and again by its CEO, is that China, irked by US policies around AI, is no longer looking for chips, models, or even open source solutions to incorporate into its ecosystem, but wishes to build them from the ground up.

This could result in a lack of exposure to what was the second most lucrative market for the chip designer, a move that could cost it billions of dollars in revenue in the robotics segment alone, from what is still widely considered the "factory of the world" due to its huge manufacturing base.

Samsung has significant discounts across a wide range of its monitor line-up, and the range covers nearly every business use case, from a tidy single-screen desk setup to a full ultrawide command center.

For me, the Samsung ViewFInity S6 for $110 (was $180) at Amazon is the quintessential business monitor in the Prime Day sales right now. It's well-sized, feature-rich, and delivers everything I'd expect a screen for the office to offer.

But it's not the only display on sale right now, with price drops both at Amazon and direct from Samsung. I've rounded up my favorites below, from essential screens to immersive ultrawide options for creative professionals and dedicated multi-taskers.

For more savings, we're tracking in real-time all the best Prime Day home office deals.

Today's top Samsung monitor deals

Why I chose these Samsung monitor deals

Seven monitors at very different price points, but all of them earn their place on this list for a business audience in their own way. The ViewFinity S6 is the rare budget monitor built explicitly for professional use — the USB-C docking, LAN port, and KVM switch are features that usually cost significantly more. The Odyssey G5 G51F and G55C earn their spots by offering a proper ergonomic stand and strong VA contrast at prices that make them realistic for bulk office purchasing or replacing aging 1080p hardware without breaking the budget.

The MovingStyle M7 is the most niche pick, but it addresses a real gap: businesses that need a flexible, self-contained display that can move with them rather than staying fixed to a wall or desk. The built-in Microsoft 365 access and Knox Security make it genuinely useful in a conference or shared workspace context without any additional hardware.

The OLED G6 G61SH is here because QD-OLED panel quality at this price is still relatively new territory, and the Pantone Validated color accuracy and Glare Free coating address the two practical objections that have historically made OLED a harder sell for daytime office use. For designers, creatives, and anyone doing color-sensitive work, it’s a meaningful upgrade over any IPS panel at a comparable price point.

And the 49-inch OLED G9 is simply in a different productivity category entirely. The equivalent of two QHD monitors without a bezel between them — and at $854 with $745 off list price, it’s the most dramatic discount in this roundup. For the right role — financial analysis, development, video production, or creative direction — it’s a workspace upgrade that quickly justifies itself. Check out more options in our guide to the best business monitors.

• Shop all the monitors at Samsung.

• TrophyLab gives verified allies direct access to captured Russian military intelligence
• Foreign engineers can now physically disassemble real Russian weapons and missiles
• The platform covers armoured vehicles, UAVs, missiles, and electronic warfare systems

Ukraine's Ministry of Defence has launched TrophyLab, a platform giving foreign governments, research institutions, and defence companies direct access to technical intelligence gathered from captured Russian military equipment.

The platform includes technical documentation, research results, blueprints, and analytical findings covering armoured vehicles, missiles, aircraft, UAVs, electronic warfare assets, and cruise missiles.

In a move that breaks sharply from standard military practice, Ukraine is also offering to ship physical hardware samples to allied partners for hands-on examination.

What TrophyLab actually offers and who can access it

Since the beginning of the war, Ukrainian military researchers and scientific institutions have been systematically studying every piece of captured enemy equipment.

That work has produced detailed knowledge of how Russian weapons function, where their weaknesses lie, and what countermeasures can be developed most efficiently against them.

TrophyLab now makes that accumulated intelligence available to Ukrainian defence manufacturers, military units, scientific institutions, and international partners actively supporting Ukraine's war effort.

Its catalogues include armoured vehicles, missiles, aircraft, UAVs, electronic warfare systems, unmanned ground vehicles, and cruise missiles across multiple operational categories, exceeding typical databases.

Access to physical samples goes considerably further than document sharing alone, as the platform supports multiple examination formats, ranging from non-destructive analysis through to complete disassembly and destruction of captured equipment.

That level of access allows foreign engineers to test their own countermeasure solutions directly against real Russian hardware, potentially cutting the development cycle for defensive technologies.

The strategic logic behind making Russian secrets public

Governments typically guard captured enemy technology closely for their own strategic advantage, which makes Ukraine's decision to share it openly with allies a genuinely unusual step in modern warfare.

The decision to open this intelligence reflects a deliberate calculation about how to maximize the collective defensive capability of Ukraine's partners against a common adversary.

Every Russian weapon deployed against Ukraine now becomes a potential source of publicly available technical knowledge for the broader defence community of democratic nations.

Ukraine's framing of the initiative is explicit on this point, describing the knowledge as something that "should work for those who create defence" rather than remaining locked away from allied researchers.

The platform is available to verified users only, suggesting some access controls remain in place despite the broadly open-access philosophy behind the project.

Whether TrophyLab accelerates the development of effective countermeasures at meaningful scale will depend on how actively allied governments and defence contractors engage with the available material.

The more extensively Russia deploys its weapons arsenal against Ukraine, the larger and more detailed that shared intelligence base becomes.

This may bring a new dimension to the deployment of Russian technology, since any captured equipment could now instantly become public knowledge through TrophyLab.

• Workday's AI screening software under fire for discriminatory biases
• Hirers usually bear the responsibility, but human-replacing software could be responsible
• The case must also consider AI much more broadly, including historical biases and shifting responsibilities

During a June 2026 hearing, Judge Rita Lin implied she might be likely to reject Workday's latest attempt to dismiss claims brought under California law relating to a 2023 discrimination case.

Three years ago, Derek Mobley accused the company of rejecting him from more than 100 jobs after applying through he company's recruitment systems on the basis that he is black, over 40 years old and has anxiety and depression.

But rather than suing the individual employers, Mobley is pursuing action against Workday itself, arguing its AI-powered hiring software is responsible for discriminatory action.

Workday is on track to face legal action over AI-powered hiring software

Workday has argued that California employment discrimination laws should not apply when applicants live – or jobs are located – outside of California.

Reuters notes that more than four in five US employers and nearly all Fortune 500 companies now use AI-powered hiring or applicant-screening tools, and the ongoing case marks an important potential shift in its regulation.

Previously, employers have been liable for discriminatory hiring, but the lawsuit is now exploring whether software developers and AI vendors should bear some responsibility.

In an earlier 2024 hearing, the judge questioned whether Workday may also qualify as an employer because it performs screening tasks that would usually be carried out by human workers in HR teams.

While this specific case relates to Workday, the court must also explore how training data can affect biases and who bears responsibility for the outcome – the results could have a much bigger impact than just a fine for Workday.

"Our technology looks only at job qualifications, not protected traits like race, age, or disability," the company added in a statement.

• Xsolis confirmed a phishing‑enabled breach on Jan 22, 2026, exposing data of 1.39M individuals
• Stolen info includes names, addresses, DOBs, SSNs, health insurance, and medical treatment details; no ransom demands or dark web leaks yet
• Customers offered free credit monitoring and identity theft protection, with warnings to watch for phishing and fraud attempts

Healthcare technology company Xsolis disclosed a cyberattack in which it lost sensitive data on almost 1.4 million customers.

Xsolis is a company that uses AI to help healthcare organizations make faster and more consistent decisions about patient care and utilization management. Earlier this week, it published a data breach notification on its website, saying that it spotted the intrusion on January 22, 2026.

Apparently, after a successful phishing attack on one of its employees two days earlier, the attackers were able to access a “limited portion” of the Xsolis environment, from which they were able to exfiltrate people’s names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information.

Almost 1.4 million victims

This level of information is more than enough information to target these individuals with phishing or even steal their identity for more disruptive attacks elsewhere.

In a filing with the US Department of Health and Human Services, Xsolis confirmed that 1,396,519 individuals were affected by this breach.

“We have taken steps to address the incident and are committed to protecting the information entrusted to us,” Xsolis said in the announcement. “Upon learning of this incident, we immediately began an investigation and reported the incident to law enforcement. We also implemented additional safeguards to further enhance the security of information in our possession and to help prevent similar incidents from occurring in the future.”

So far, there is no evidence of the data being used in follow-up attacks, or being offered on the dark web. No threat actors have yet claimed responsibility for the attack, and no one has yet demanded ransom in exchange for the files.

Xsolis told its customers to be wary of incoming messages, especially those pretending to be from the company, or using it in any other context. Customers are also offered free credit monitoring and identity theft protection services, as well as fraud alerts and credit freezes.

• Kaspersky warns of a WhatsApp phishing campaign spreading malicious VBScript files disguised as business documents
• Running them installs ManageEngine Endpoint Central, giving attackers remote access; filenames localized boosted global reach
• Victims span Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia, Vietnam, and Malaysia; compromise method remains unknown

WhatsApp users beware - there is a phishing campaign ongoing on the platform, seeking to infect your devices with a legitimate, but unsolicited endpoint security platform.

Security researchers Kaspersky recently published a new report detailing a campaign that starts with a compromised WhatsApp account. They could not determine how these accounts got breached but found that they were being used to reach out to the victims’ contacts and share a VBScript file masquerading as business or financial documents.

People who don’t find it strange that their contacts are suddenly sharing business documents, and end up running them, will get ManageEngine’s Endpoint Central, a unified endpoint management (UEM) and endpoint security platform built to help IT teams manage a fleet of desktops, laptops, servers, mobile devices, and other endpoints, all from a single console.

Two scripts, one malware

In this case, however, they wouldn’t be managing anything - they would just be granting remote system access to the attackers. Kaspersky says that the campaign is rather widespread, with victims located across Brazil, India, Mexico, Singapore, the UK, Spain, Taiwan, Australia, Russia, Vietnam, and Malaysia.

One of the reasons the campaign was so successful on an international level is because the filenames are localized in multiple languages, Kaspersky added.

“Based on evidence collected from multiple victims through social media reports and submitted samples, we can conclude that the threat actor had gained access to several WhatsApp accounts and used them to distribute the malicious VBScript files to contacts on the compromised users’ contact lists,” Kaspersky’s researchers said.

“At the time of writing, the exact method used to compromise these WhatsApp accounts remains unknown.”

Downloading and running the malicious files on Windows result in the deployment of two scripts that first disable UAC protections and then deploy the UEM. Kaspersky also stressed that when users open WhatsApp on the web, they must first download the files, but when they open the desktop client, the files can be executed directly via Windows Script Host.

Via BleepingComputer

• Oracle now has around 141,000 workers, down from 162,000 in 12 months
• The company spent $1.84 billion in severance and related costs last year
• Billions to be raised by means of new debt and equity to fund AI plans

Despite recently confirming record revenues of $67.4 billion in its just-closed fiscal year, marking a 17% rise, Oracle has laid off an estimated 21,000 workers during that same 12-month period.

The company confirmed it had around 141,000 workers on the books as of May 2026, but when it made the same report last year, it had around 162,000 employees.

However despite record revenue and drastic cost-cutting measures, share prices are down around 15% in one year largely due to concerns over massive AI-driven capex.

Inside Oracle's massive AI strategy

In a filing, the company noted that the layoffs had been impacted by various factors, including management and product changes, performance issues, other strategic shifts and business acquisitions. But AI also got its fair share of the blame, both directly and indirectly through shifting company priorities and improving internal efficiency.

During the year, Oracle spent an estimated $1.84 billion on severance packages, restructuring and other employee costs, marking a huge increase over the $374 million it spent on restructuring during the previous year.

But that's nothing compared to how much the hyperscaler plans to spend in capex this coming year – most of the $70 billion projection will be allocated toward data centers and other cloud infrastructure.

The biggest risk that investors worry about could be this funding's source though, because current plans include raising around $40 billion if it through new debt and equity instead of operating cash flow. Around $20 billion will likely come from stock issuance (per Reuters) – the company is currently worth an estimated $503.5 billion.

However, recent high-profile deals with the likes of OpenAI and Meta also speak volumes about confidence in the company from a customer point of view.

All of this while generating electricity via higher-cost natural gas fuel cells "with minimal emissions," as the company stated in its fourth-quarter release.

Amazon’s big Prime Day sale is here, and we’re already seeing some cracking deals – but we've also spotted some cracking bargains on laptops away from Amazon, as rival retailers look to be competitive.

Firstly, we have a Dell 16 laptop, direct from the manufacturer, that has been reduced from $1030 to $500, which is an excellent value proposition given the hardware on board.

Add to that an ASUS Vivobook 14, which is similarly top-notch value direct from the company, with its price reduced from $590.19 to $449.99.

The trouble with cheap laptops is that they often make compromises with hardware that really hamper the experience.

A budget notebook might, for example, cut corners on the components front by sticking in an old, sluggish processor, or not enough system memory. We quite often see laptops that are under $500 running with the likes of ancient Intel Celeron processors, or a paltry 8GB of RAM, or maybe a tiny amount of slow (eMMC) storage.

That’s very definitely not the case with these Dell and Asus. With the Dell 16, you’re getting a plenty powerful mid-range AMD Ryzen processor as the engine of the portable, and a relatively spacious (for this price level) and speedy SSD.

With the Asus notebook, there’s a springy Qualcomm Snapdragon X CPU and again, for the price, storage (and RAM) isn’t stingy at all.

Let’s dive into the specs in more detail and see how these bargains stand out from the crowd of Prime Day laptop price cuts.

Today’s best deals for laptops under $500

For other bargains on quality notebooks, head on over to our roundup of the best laptop deals currently out there, and check out some other options for the Dell Inspiron 15 below.

Identity theft is the number one crime in America, and when it comes to Prime Day sales the crooks are always looking to entice you with too-good-to-be-true deals to steal your financial info, ruin your credit score, and steal your identity.

But right now, LifeLock total is just $29.17/mo (was $34.99/mo) at LifeLock for the first year. When it comes to identity theft protection, there is a reason LifeLock is rated so highly in my guide. In the event your identity is stolen, LifeLock Total can provide up to $1,000,000 in reimbursement for both identity restoration and stolen funds, making it the ideal choice for professionals with multiple financial accounts, investments, or properties.

LifeLock Total also includes a credit lock and 3 Bureau score monitoring & reporting, 401(k) and investment account alerts, stolen wallet protection, automatic data broker removal and dark web monitoring, alongside 24/7 priority customer phone support.

• See all LifeLock deals

Today's top LifeLock deal

LifeLock Total is the pinnacle of identity theft protection, including everything needed to prevent fraud, and restore your life back to normal in the event your identity is stolen.

Your accounts (Credit, Checking, Savings, 401K, Investment) are covered by LifeLock's monitoring services, which will notify you of any suspicious activity or unauthorized transactions and withdrawals. You will also receive annual credit reports from 3 Bureaus, and a monthly report from 1 Bureau to keep you informed on changes to your financials.

I particularly like how LifeLock Total keeps tabs on your home title or property records and provides notification for any fraudulent attempts to change or transfer your property deeds.

LifeLock's automatic data broker removal scans over 30 of the most prolific data brokers every 90 days to submit data removal notices on your behalf to make sure your sensitive information isn't sold to advertisers from their sites. The dark web is also monitored for traces of your credentials, with notifications of any weak or leaked credentials.

Your social media accounts are also protected, with LifeLock monitoring for suspicious activity and account takeovers, helping to preventing account theft and fraud. You will also be sent alerts when a registered sex offender moves into your neighborhood.

LifeLock Total also 100% guarantees identity restoration in the event of identity theft, with a reimbursement of up to twelve months of your subscription payment if your identity isn't restored to good standing. In case you aren't fully satisfied, LifeLock also offer a 60-day money back guarantee.

• Take a look at our full guide to the best identity theft protection

For a long time, security teams have been dealing with the same problem: a constant stream of security alerts, but not enough context.

Missing details like user behavior, asset importance, or related activity, means there’s a heavy reliance on analysts to work out what actually matters.

This doesn’t just slow teams down; it puts real pressure on teams and limits how much they can realistically review or understand.

Agentic AI changes this dynamic.

Instead of looking at alerts in isolation, these systems can piece activity together, understand what’s happening in context, and in some cases take action on their own.

Often, issues are resolved before they ever need to be escalated. That removes a lot of the manual effort that’s shaped security operations for years.

But while a clear improvement, it doesn’t remove risk—it shifts it.

As systems improve, scrutiny declines

A useful comparison is aviation. As systems become more reliable, people naturally step back. Not because they’re careless, but because constantly double-checking something that’s almost always right starts to feel unnecessary. Over time, trust stops being something you actively think about and becomes something you assume.

The same thing is starting to happen in cybersecurity. As these systems prove themselves, teams spend less time questioning individual decisions. The environment feels calmer, and the lack of issues reinforces that sense of control. The real risk isn’t frequent failure, it’s that when something does go wrong, it’s less likely to be challenged.

Alert fatigue comes from having to pay attention to too much, too quickly. What follows is something different: a gradual drop in attention, where growing confidence in the system weakens the instinct to double-check.

A model built on two interdependent layers

The structure of security operations starts to shift as well. Instead of everything hinging on human decision-making, you end up with two connected layers. People set the intent – defining policy, access and boundaries – while agents interpret it and act on it, often much faster than any person could.

Both layers can be influenced. Traditional attacks aimed at people don’t go away, but there’s now another surface to think about: the data, prompts, and workflows that shape agent behavior. If those inputs are manipulated, the system can still produce actions that look valid, because they follow its internal logic.

At the same time, the distance between decision and execution increases. Human operators aren’t as involved in the moment an action happens, which makes it harder to spot when something isn’t quite right. In practice, each layer ends up relying on the other for validation.

When that assumption holds, the system works efficiently. When that works, everything runs smoothly. When it doesn’t, the gap between them can be hard to see in real time.

How risk scales in an agentic environment

Risk doesn’t just increase in this kind of environment, it spreads differently. Each agent has its own identity, permissions, and decision-making logic, and they’re often connected. Actions taken in one part of the system can trigger responses elsewhere, creating chains of automated behavior.

That means a single bad input or flawed decision doesn’t stay contained. It can move quickly across systems without anyone stepping in. The issue isn’t just speed, it’s how connected everything is. Small mistakes can have much bigger consequences because they’re carried through multiple layers of automation.

Why identity and access need to change

How agents are set up today adds another layer of risk. In many cases, they’re treated as extensions of the user, with the same credentials and access. It’s convenient, but it also widens the blast radius if something goes wrong.

A more resilient approach is to treat agents as their own entities. Give them distinct identities, limit what they can do to specific tasks, and make sure their actions can be tracked and reversed if needed, without affecting everything else.

It’s less about efficiency and more about putting the right foundations in place for systems that are increasingly acting on their own.

Maintaining control as reliance increases

One of the trickier aspects is that failure doesn’t always look like failure. Fewer alerts and faster resolutions can make it feel like risk has gone down, when in reality oversight may just be less active.

Staying in control comes down to how these systems are designed and used. High-impact actions still need some form of verification, even if most routine work doesn’t. It also matters that teams can see not just what an agent did, but how it arrived there—what inputs it used and how it interpreted them.

The ability to step in is just as important. If stopping or overriding an automated process is slow or awkward, it probably won’t happen in time when something goes wrong. That kind of intervention needs to be simple enough to use under pressure.

More broadly, the role of the security professional shifts. It’s not just about spotting obvious problems anymore, but recognizing when something that looks fine might still need a second look.

A quieter, more concentrated risk

Agentic AI will do a lot to reduce alert fatigue, which has weighed on security teams for years. The trade-off is that risk becomes less visible and more concentrated in the space between what people intend and what machines actually do.

In systems that work correctly most of the time, the real challenge isn’t constant failure. It’s what happens when something does go wrong and whether the usual signals that would catch it are still there.

We've reviewed, rated, and ranked the best firewall software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Portable power stations have become a must-have for business travel, camping and road trips, and anyone spending time away from a wall socket.

If you've been thinking about picking one up, Amazon Prime Day has delivered a great deal on the Jackery Explorer 240D for $119 (was $179). We enjoyed testing this power station, which is more portable than almost any other option out there - with a built-in braided cable that doubles as a handle. Really cool design here that we love.

Despite its compact size, the Explorer 240D packs a 256Wh battery, equivalent to 80,000mAh of capacity. That's enough power to keep smartphones, tablets, laptops, cameras, drones, and other portable devices running when you're away from a wall socket.

Today's top Jackery portable power bank deal

Four charging ports are included, consisting of three USB-C connections and one USB-A port.

The unit can power up to four devices simultaneously, with up to 200W of total DC output and as much as 140W available from a single port.

Weighing just 4.85lbs, the Explorer 240D is substantially lighter and smaller than many portable power stations with similar capacity, making it easier to slip into a vehicle, backpack, or camping setup.

In his rave review, our expert Collin said "the Explorer 240D is ready for on-the-go adventures with a built-in cable that's more than just a cable." By that he means it "doubles as a handle."

In our roundup of the best portable power stations, we observed the product "is about as portable a power station as you're every going to get," noting that it should be thought of "as the middle-ground between a decent-sized power bank and a full-sized power station."

The power bank supports USB-C charging, solar charging, vehicle charging, and AC-DC dual input charging.

According to Jackery, the unit can reach 80% capacity in around one hour when using AC-DC dual input charging.

The LiFePO4 battery is rated for up to 6,000 charge cycles while retaining at least 70% of its original capacity, and Jackery says it can continue operating for up to a decade of regular use.

One particularly useful feature for travelers is support for high-power USB-C devices. The Explorer 240D can keep a Starlink Mini connected for up to 10 hours while also supporting laptops and other demanding gadgets.

Amazon Prime Day might have just begun today, but at $119, this is one of the best portable power deals I've spotted in a long time.

Also consider: More Jackery portable power station deals

• Shop all the portable power stations at Amazon

• Trump wants to have scientifically relevant quantum computers as soon as 2028
• PQC migration pilot must have been completed by the end of 2027
• Quantum promises to prevent attacks and aid discovery simultaneously

US President Donald Trump has signed two executive orders to push the US forward in quantum tech in a bid to prepare government systems against future cybersecurity risks.

The first EO is to establish a coordinated national effort to "develop the first ever quantum computer powerful enough to initiate the era of quantum-enabled scientific discovery and accelerate quantum capabilities for commercial applications."

The Departments of Energy, War, Commerce, and the Intelligence Community, industry and research leaders are all set to be involved as the country seeks to press on with its quantum plans.

Trump signs executive order to accelerate quantum computing plans

Among the benefits Trump envisions coming from future quantum computers are a number of spatial awareness improvements, including navigation through military environments, detecting submarines, underground structures and other hidden infrastructure, and improving battlefield awareness.

Trump's second EO focuses on the nationwide "nationwide migration to post-quantum cryptography," coordinated between the Office of Management and Budget (OMB) and the National Cyber Director.

The White House warned that quantum developments threaten the security of government networks, banks, healthcare, military systems and other critical infrastructure, ordering a pilot scheme to have been completed by the end of 2027. Some of the earliest migrations are set to have happened by 2030-2031, the administration added.

Quantum also promises some positive impacts spanning manufacturing, drug discovery, energy and agriculture, with the President seeing earlier investment in quantum giving the nation a competitive advantage.

But in as little as two years and before PQC rollout, the administration hopes to achieve scientifically relevant quantum computing, targeting 2028.

There is a growing tendency to frame advances in artificial intelligence through the lens of breakthroughs: new models, new architectures, new capabilities.

Innovation is often measured by what is invented, and how quickly.

But in some domains, this framing misses the point entirely.

Financial crime is no longer a collection of isolated incidents, it has evolved into an organized, adaptive, and increasingly industrialized system.

Criminal networks operate across geographies, leverage automation, and continuously refine their methods: they test, iterate, and scale, just as any high-performing organisation would.

In such an environment, the question is not whether an AI system is innovative. It is whether it can operate at the same level of organisation, speed, and adaptability as the threats it is designed to counter.

When Innovation Meets Reality

Most AI breakthroughs do not survive contact with real-world systems.

In controlled environments, models perform well. Data is structured, assumptions hold, and evaluation metrics are stable. But reality introduces a different set of constraints: incomplete information, shifting behaviors, latency requirements, regulatory oversight, and adversarial actors actively attempting to exploit weaknesses.

Financial and state systems, in particular those related to fraud and risk, represent one of the most demanding environments for AI. Decisions must be made in milliseconds, errors carry direct financial and reputational consequences, and the underlying patterns are constantly evolving. Not randomly, but intentionally.

Fraud is not a static problem. It is an adaptive one.

This is where many innovations fail. Not because the underlying ideas are flawed, but because they are not designed to operate under sustained pressure or with the necessary agility to adapt.

The Complexity of the Problem

The industrialization of frauds changes the nature of the response required.

It is no longer sufficient to detect known patterns or react to past incidents. Systems must identify behaviors that have not been seen before, anticipate emerging tactics, and operate continuously across multiple channels and geographies.

This requires more than isolated innovation. It requires systems that can learn, adapt, and scale, not once, but continuously. And behind those systems, it requires something even more fundamental: a culture capable of producing and sustaining that level of performance over time.

The way of the patent

Innovation that exists only on paper has limited impact. Innovation that survives deployment, that continues to perform as conditions change, is what ultimately defines effectiveness. In financial crime prevention, the gap between these two is critical.

In recent years, the financial sector has significantly increased its investment in AI and machine learning, with a sharp rise in patent activity across the industry. From large banks to specialized technology providers, there is a growing recognition that intellectual property can capture and formalize advances in detection, decisioning, and risk management.

According to recent data, AI-related patent filing in the financial sector grew by over 250% in the past five years: from big banks to small startups working in the space, there is a clear interest in adding the value of patents to the business.

But patents, in this context, should not be understood as an end in themselves.

They are not simply indicators of inventive capacity. They are signals of something more structural: the ability to repeatedly transform ideas into capabilities that operate reliably in real-world systems.

Strong ideas

If you obtain one patent, it suggests a strong idea. If you obtain ten, it suggests a strong team. If you obtain one hundred, it suggests a strong culture.

A culture in which ideas are not only generated, but challenged, tested, refined, and integrated into systems that must function under real-world constraints.

This distinction becomes tangible when looking at what such innovation enables in practice.

It allows financial institutions to analyze behavior across extended time horizons in real time, not only evaluating a transaction in isolation, but understanding how it relates to patterns built over weeks or months. It enables a shift from static rule-based detection to continuous behavioral modelling, improving both the precision of anomaly detection and the speed of response.

In environments where decisions must be made in milliseconds, these capabilities are not incremental improvements. They determine whether institutions can intervene while fraudulent activity is unfolding, rather than reacting after the fact.

Some of these approaches are already being deployed at scale within large financial institutions, enabling significantly faster decision execution and more robust behavioral insight across complex transaction environments.

From this perspective, patents are not about invention alone. They are about building the conditions under which innovation can endure and translate into systems that perform under pressure.

From Invention to System Performance

For an idea to matter in this context, it must pass through several layers of validation. It must be new. It must not be obvious. And it must be useful, not in theory, but in the systems that institutions rely on every day. This last dimension is often overlooked.

Usefulness, in a real-world financial system, means the ability to operate reliably at scale, under constraints, and in the presence of adversarial behavior. It means integrating into complex infrastructures, supporting decision-making in real time, and remaining robust as both legitimate usage and criminal tactics evolve.

In other words, innovation is not defined by invention. It is defined by sustained system performance.

Matching the Scale of the Threat

The industrialisation of financial crime introduces a structural asymmetry. On one side, highly organised networks operate with speed, coordination, and adaptability.

On the other hand, defensive systems have historically been fragmented, reactive, and constrained by legacy architectures. Closing this gap is not a matter of incremental improvement. It requires a shift in how systems are designed, built, and evolved.

The level of innovation required is defined by the level of organisation of the threat.

And as that threat continues to industrialize, the systems designed to counter it must do the same.

Beyond Breakthroughs

This does not diminish the importance of research. On the contrary, it reinforces it. Breakthroughs are necessary, but they are not sufficient.

What ultimately matters is the ability to translate those breakthroughs into systems that function reliably in the real world, systems that can operate continuously, adapt dynamically, and maintain performance under pressure.

In financial crime prevention, this is not an abstract challenge. It is an operational reality. And it is one that will define the effectiveness of institutions, the resilience of financial systems, and, ultimately, the level of trust those systems can sustain.

Better understand cybersecurity with the best online courses.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Meta paused its internal Model Capability Initiative (MCI) after an employee flagged exposure of sensitive data from mouse movement and activity tracking
• Program allegedly collected prompts, private conversations, performance data, and even tax/medical info in unencrypted form
• Meta says no improper access confirmed but is investigating; some employees still see the program running during the pause

Meta is pausing an employee-tracking program after one of the employees flagged it as exposing sensitive data.

The company behind Facebook, Instagram, and WhatsApp, was apparently running an internal program that was tracking employee mouse movements and digital activity. Called Model Capability Initiative (MCI), this program allegedly started in April with the goal of training Meta’s AI models through employee behavior recordings.

According to a memo released on launch, the purpose of the program was to improve the company’s AI models in areas where they struggled to replicate how humans interacted with computers, such as picking from a dropdown menu, or using different keyboard shortcuts.

Personal tax and medical information exposed?

"This is where all Meta employees can help our models get better simply by doing their daily work," the memo said at the time.

Reuters reported that an employee filed a high-priority security incident report (SEV) over the program’s exposure of employee data, including "full ​prompts and transcriptions, private ​conversations, people & performance ⁠data, DSS sensitivity ratings (1-4)." The same publication also said the program was collecting “more information than initially described” and stored it in unencrypted form.

"I have accessed both personal tax and medical information through ⁠my ​work computer, as have many thousands of employees,” the employee allegedly said. “​We were told this data would be protected and only used for valid business purposes after aggressive ​filtering."

Now, Meta confirmed pausing the program to investigate these claims.

"We have carefully designed this program ​with privacy safeguards and while we have no indication at this time that ​any data was improperly accessed by Meta employees, we're pausing it while we investigate," company spokesperson Tracy Clayton was cited saying. The company did not say for how long the program will be paused but stressed that it would take time to stop it for everyone, so some employees might still see it running.

As of Monday afternoon, the program was still running for some people, Reuters confirmed.

Via Reuters

At a time when SSD prices are surging, you can grab the 990 Pro 2TB SSD for just $370 (was $640) at Amazon, a 42% discount as part of Prime Day.

There's no denying that the Samsung 990 Pro is an exquisite internal SSD - we loved it so much we awarded it the full 5 stars in our review, and found it offered some of the fastest read/write performance of any PCIe 4.0 SSD we tested.

• Shop all internal SSDs at Amazon

There aren't many SSDs that manage to score full marks across the board during our testing, but the 990 Pro achieved just that.

Our review called it "an absolutely stellar M.2 SSD for both professional users and gamers," and still maintain that if you're building a new PC (or upgrading your old one), this SSD should be at the top of your wishlist.

It's capable of hitting up to 7450 MB/s read speeds and write speeds up to 6900 MB/s, making it a top choice for content creation, gaming, and complex workloads. With a $270 discount, it's an unmissable deal.

Today's best Prime Day Samsung SSD deal

There aren't many internal SSDs that get top marks in our testing, but the Samsung 990 Pro is one of them. We praised this high-performance solid-state drive in our review, where it proved to save large files quickly.

In fact, we said at the time: "This is easily one of the fastest SSDs we've ever tested, so you can expect top-tier file operation performance."

It's especially ideal for creative professionals and gamers, loading files fast and coming close to maxing out its PCIe 4.0 channels,

Ultimately, this runs like a premium SSD and we still think it's worth every penny - especially at this discount price.

The 1TB and 4TB models are also discounted in the sale. But honestly, it's cheaper to buy two 2TB SSDs than the 4TB one - and if you bought two 1TB versions, it'd cost you $110 more than the single 2TB SSD. That's where you get the best bang for your buck.

Also consider: More 2TB SSD deals

• Tata Electronics confirmed a cyberattack but said operations remain unaffected, despite threat actor World Leaks claiming 630GB of alleged data
• Archive reportedly includes Apple/Tesla schematics, passport scans, and proprietary files; researchers found references to Pegatron, Foxconn, and Qualcomm too
• Reuters noted Tata is being extorted, though ransom details remain unclear; leaked files suggest sensitive manufacturing and engineering data exposure

Tata Electronics, the electronics and semiconductor manufacturing arm of the Tata Group conglomerate, confirmed suffering a cyberattack, but said it did not affect its operations. The scale of the breach, however, could be rather extensive.

"A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our systems,” the company said in a statement to Reuters. “Our response protocols were deployed immediately, and the incident has had no impact on our operations across businesses, which remain unaffected," it said, without going into details.

This statement came almost two weeks after a threat actor called World Leaks posted a large database on its data leak site, claiming to have come from Tata Electronics, and affecting companies such as Apple and Tesla.

Sensitive files confirmed

According to Reuters, roughly a third of all iPhone production in India is done by Tata Electronics. The company supplies Apple with back panels, enclosures, and circuit board parts, among other things. For Tesla, it’s been supplying it with chips, circuit board assemblies, and vehicle motor controller units, since 2025.

World Leaks uploaded an archive of 204,341 files, weighing 630.4GB. Allegedly, it contains numerous confidential and proprietary data, including Apple and Tesla schematics, passport scans, and other sensitive files.

Reuters said Tata was being extorted for the files but did not say how much money the threat actors were demanding, or if the negotiations were progressing in any way.

Some security researchers analyzed the leaked files and said that they contained information about manufacturing and engineering processes from these two companies. Among the researchers were Cybernews, who claim to have seen “hundreds of references to Apple and Tesla”, a folder named “com.apple.factorydata”, as well as documents labeled as proprietary or confidential.

Cybernews also found files referencing other companies, too: Pegatron, Foxconn, and Qualcomm, to name a few. However, there is no evidence that any of these companies had been breached.

Via Cybernews

Back when I was a business apprentice, I spent most of my time making coffee and taking meeting notes – how I wish these nifty little AI voice recorders existed back then.

At the press of a button, all your notes are taken and sorted seamlessly. Now I just need to find an AI to make my coffee. Right now, there's a big Prime Day sale on Plaud's superb range of AI voice recorders and dictaphones that business professionals will not want to miss.

Top of the Prime Day sales is the Plaud Note AI voice recorder, which drops to $126.99 (was $159) at Amazon. This was the device that fully converted our reviewer to AI transcription devices. After testing it out, he said: "This really is one device that will change almost every area of your professional life."

Alongside the core Note, the upgraded Plaud Note Pro is now $159.99 (was $189) - it features a longer battery life and better audio capture thanks to additional microphones. And for frequent business travel, the ultra-compact and discreet Plaud NotePin S is down to $151.99 (was $179).

For UK readers, I've also added the Prime Day deal prices below.

• See all Prime Day deals at Amazon

• For more savings, check out all our Plaud discount codes

My top-rated portable monitor has just got a Prime Day discount, bringing the Arzopa Z3FC down to $138 (was $170) at Amazon. For UK readers, the Z3FC has dropped to £114 (was £160).

For me, this ultra-thin and lightweight display does everything I need for both work and play, seamlessly hooking up to my laptop, as well as my games consoles. But what most impressed me was the ultra-thin and lightweight aluminum alloy build that makes it perfect for business travel.

Specs-wise, it's a 2.5K resolution IPS panel capable of 180Hz refresh rates, with 107% sRGB color coverage - suitable for most business professionals, but not all content creators. Everything is included in the box, from power and display cables to a protective sleeve. In fact, I love it so much, I'm using it as a second display right now while I write this and for tracking down more Prime Day home office deals.

Today's top portable monitor deal

When I was recently updating my guide to the best portable monitors, there was only one contender for best overall - the display that's suitable for most people. And that was the Arzopa Z3FC.

For the price, you're getting a good-sized 16.1-inch screen that I find invaluable as a second work monitor, a build quality that feels durable - although I wouldn't fancy dropping it, and

For gamers, it also boasts fast refresh rates across DisplayPort and HDMI if you're using it for gaming (I tested it across the Nintendo Switch, Switch 2, and Xbox Series X and it worked effortlessly each time).

Compared to similar budget portable monitors, there's a lot to like here. The only downsides as far as I was concerned was the lack of stronger color accuracy. It's good for office work, gaming, and working on digital media destined for your website or social media feed. But if you're a creative professional, it doesn't quite have the punch required for print-ready assets or 4K videos.

There's no built-in battery here - it'll draw power from your laptop, or you can connect a power bank or use the supplied power cable. But that's an intentional design feature to maintain the svelte, lightweight style.

Overall, if you're streaming content on your summer holidays or preparing for another business trip, the Arzopa Z3FC is an easy recommendation from me. It's so good, I ordered a second one for my wife.

Also consider: More Arzopa portable monitor deals

• See all Prime Day deals at Amazon

The defining feature of the AI era is the speed at which AI tools have become a significant part of our working lives. Whether that’s generating content, summarizing data or automating routine tasks, AI’s speed is collapsing timelines that once took hours, days or weeks into seconds.

This is more than just a technological advancement. The rapid adoption of AI has encouraged a culture defined by instant gratification and a shift towards immediacy and expectation.

This culture shift is one of the most powerful forces shaping AI adoption, driving innovation, unlocking productivity and redefining competitive advantage.

Yet, bubbling beneath the surface are risks at a scale we’re only just beginning to understand. Employees are inputting sensitive data into AI systems, automating processes without fully understanding security implications and increasingly trusting outputs that are not properly authorized.

While organizations are increasingly confident in AI’s capabilities, the technology risks outpacing regulation and compliance. This leaves businesses vulnerable to unwarranted data risk and more cyberattacks.

The self-sustaining acceleration loop

AI is being powered by rising demands for speed and productivity. As these models become more intuitive, they remove barriers to use and are woven into everyday workflows.

That creates a feedback loop where speed becomes the priority and anything that slows it down, be it governance, security checks and/or compliance, look like obstacles rather than necessity.

At the same time, organizations are feeding these systems sensitive information with little visibility or control over where it goes, who is using it, or why. This isn’t always deliberate, but a byproduct of urgency.

We’ve seen this before. Convenience wins until the consequences catch up. From weak passwords to rushed cloud migrations, speed has often outpaced security. AI is following a similar trajectory, only faster and at a greater scale.

Regulation and compliance in catch up mode

Regulatory frameworks are also struggling to keep pace. By the time legislation is proposed, debated and implemented, the technology it aims to govern has often evolved. This leaves regulators reacting to yesterday’s risks rather than getting ahead of tomorrow’s flaws. In cybersecurity, that’s a losing game.

The gap between innovation and oversight is widening, and gaps are where threats thrive.

Cybercriminals are already using AI to scale attacks, automate reconnaissance and generate highly convincing phishing campaigns, with AI tools lowering the barrier to entry while increasing the attack surface.

As regulatory blind spots widen, threat actors won’t wait. They will move faster than the systems designed to stop them and exploit every delay.

Reframing the conversation

This is not a case against AI. Its benefits are real and, in many cases, unavoidable. The issue is imbalance, where advancement is favored and regulation and security are compromised.

We are moving too fast without the foundations to support it. As AI becomes embedded in core business processes, small gaps can scale into serious risks.

To unlock AI’s full potential without amplifying risk, we need to reframe how we think about progress. Organizations must understand their data flows in AI environments: what is used; where it goes; and how it is protected. Visibility and governance are not optional, they are the baseline.

Security must also be built in from the outset, not retrofitted. This requires alignment across technical teams, leadership and risk functions. AI cannot sit in a silo, it needs to be integrated into broader security and compliance frameworks, supported by closer collaboration between the industry and regulators.

Slowing down to move forward

To sustain momentum, we may need to slow down and create space for regulation to catch up. Building in governance, validating data use and embedding security controls will introduce friction, but it’s the kind that builds trust and resilience.

While the suggestion to slow down may feel like trying to stop a juggernaut with a stick, taking time now to pause and reflect is vital if we’re not to keep amplifying dangerous risk. A short pause now gives space to assess what is happening, what is needed which allows organizations to take back control.

Right now, AI is accelerating faster than our ability to manage the risk it creates. We need to adjust our priorities before the gap between security and speed becomes too wide to bridge.

We've ranked and reviewed the best antivirus software available.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Prime Day is underway, and while there are massive discounts on top desks, laptops, office chairs, and smart tech, sometimes the best way to boost productivity is through simple, small tweaks to your existing setup that help to organize your workspace.

I’ve gone through dozens of gadgets from Amazon to build my curated list for Amazon Prime Day with great little gems from as little as $1.87. If you're upgrading your workspace and really don't want to spend too much, these are the top deals I recommend buying in the sales.

I've covered everything from monitor risers to phone holders, all with a view to keeping your home office more productive and practical. For more savings, we've tracking the best Prime Day home office deals and Prime Day tech deals in real-time throughout the event, so you'll always get the biggest discounts.

Affordable smart gadgets for your desk

• Five Eyes alliance warned frontier GenAI models will enable advanced cyberattacks against businesses and governments within months
• Statement stressed cyber risk is now a leadership and business continuity issue, requiring whole‑of‑society response
• Comes amid concerns over Anthropic’s Mythos Preview and other models already showing offensive potential despite guardrails

In just a few months, high-end Generative Artificial Intelligence models (GenAI) will be capable of running cyberattacks on big businesses and government organizations, Five Eyes is warning.

The Five Eyes is an intelligence-sharing alliance between the United States, United Kingdom, Canada, Australia, and New Zealand. Formed after the Second World War, it allows the five countries to closely cooperate on intelligence and matters of national security.

Earlier this week, Five Eyes issued a new warning, saying that AI will help improve cyber defense over time, but will also accelerate the speed, scale, and sophistication, of threats: “Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities. The timeline is not years, it is months,” the warning reads. “In this environment, cyber resilience is integral to advancing business continuity, market confidence, and long-term value.”

All hands on deck

Five Eyes is now saying that the industry needs all hands on deck to address what’s increasingly becoming a burning issue:

“A whole-of-organisation and whole-of-society response is required,” it said. “Cyber risk can no longer be treated as a purely technical issue. This is a core business risk and leadership responsibility.”

In early April, news broke that Anthropic’s latest AI model, Mythos Preview, was so good at exploiting software vulnerabilities, that the company could not release it to the public. Instead, it only shared it with a handful of US enterprises, to give them a head start against threat actors.

While skeptics said it was nothing more than a publicity stunt, similar to what OpenAI pulled off with ChatGPT 2.0, companies that used it (for example, Mozilla), confirmed that it was, indeed, powerful enough that it needs to be kept in check.

Even models available today, despite all the guardrails, are being regularly leveraged by bad actors in different cyberattack scenarios.

Via The Guardian

Enterprises are deploying agentic AI at a pace that has outrun their ability to govern it.

Gartner predicts the average Fortune 500 enterprise will have over 150,000 agents in production by 2028, up from fewer than 15 in 2025.

Yet only 13% of organizations think they have the right governance in place to manage them.

The result is an execution gap: agents deployed in isolation, producing outputs nobody acts on, automating tasks rather than business processes and delivering unclear business value as a consequence.

Governance failures are an execution problem. Agents that can't interface safely with enterprise systems can't automate business processes in any meaningful way. They stay isolated helpers: producing artifacts, fielding customer queries, handling individual tasks.

The execution gap — the distance between what agentic AI promises and what it actually delivers inside the enterprise — remains largely unaddressed.

In 2026 and beyond, the guardrail problem poses an existential risk for enterprises. Adoption has outpaced controls, meaning that agentic AI is scaling faster than robust security measures can be implemented.

The speed of tech progress

The speed of tech progress can no longer stand as a rationalization for falling behind, and enterprises must address it before agentic becomes uncontrollable. Getting guardrails right will separate enterprises that realize full autonomy from those that stall out in pilots.

First, autonomy amplifies risk. Just because agentic AI can act on its own doesn't mean it requires zero human oversight. Autonomy does not equal autopilot. For agentic AI to generate real ROI, agents must do more than reason and respond. They must execute inside the business. That means interfacing directly with enterprise systems: ERP software, finance platforms, supply chain tools and the workflows that run the organization. Without that integration, agents remain one step removed from the work that actually matters.

Operational speed can compromise safety, compliance and reliability. Agents work at a blazing clip and on a more granular level than RPA. But speed becomes a moot point if agentic adoption leads to vulnerabilities such as sensitive data exposure.

Security and IT teams haven’t universally adapted to the new risk landscape. Among the risks agentic poses, "shadow AI" has emerged as a consequence of employees using unauthorized, unsanctioned AI tools or applications. When proper IT oversight or approval gets bypassed, it sets the stage for noncompliance and severe reputational damage. Departmental AI agents are proliferating without central oversight, creating security hazards and fragmented intelligence.

Governance lags far behind adoption. In this case, the guardrail gap might as well be a lack. Surveying more than 3,000 IT and business leaders worldwide, Deloitte found that just one in five enterprises reported mature governance to manage the risks of agentic AI. Autonomy without governance is a liability. This is particularly critical as we move toward the era of programmable finance, with Gartner predicting that 20% of monetary transactions will be programmable by 2030.

How to Lay the Rails Right

Agentic systems perform across a wide range of functions. When building guardrails, there must be no shortcuts. Guardrails bolted on after the fact can't account for the ways agents actually fail: corrupting data, contradicting decisions made elsewhere in the business and creating conflicts between teams acting on different outputs. Controls need to be built into how agents execute, instead of layered on top.

1. Practice measured orchestration

When enterprises accelerate AI adoption by stitching isolated tools across departments, security gaps grow harder to manage — because there’s no unified layer to anchor guardrails to. Start by scoping the broader business objective your agentic system needs to serve, not just the task.

Once you've determined what your agentic system will handle and which structured outputs will return to the workflow, built-in validation and guardrails become platform-level capabilities rather than afterthoughts bolted onto each individual agent.

2. Build governance capabilities

Without clear boundaries, agentic AI collapses. First, determine which decisions it can make independently versus those that need human approval. Real-time monitoring systems that flag anomalies and audit trails that capture the full chain of agent actions will enable accountability and continuous improvement.

3. Scale deliberately

No matter how sexy the pilot, agentic AI needs time to mature within the enterprise; you want to spot potential issues before they appear, not after. Start with lower-risk use cases and easy, single-task wins, as with fraud detection and remediation or vendor reconciliation. Avoid intricate processes with hundreds or thousands of inputs, such as the financial close of a business.

4. Guardrail gap = skills gap

While agentic AI excels at reasoning, the execution of reliable, repeatable business processes still demands deterministic systems — and human oversight to bridge the two.

To ensure smooth agentic operation in an enterprise, train your employees to move from triage, menial activities and repeated manual steps to judgment, governance and strategic decision-making roles. They absolutely require those skills. Scrum and Tiger teams can solve early problems and address early lessons, then pinpoint how agentic addresses your needs.

Putting it All Together: A Guiding Guardrail Principle

Yes, agentic AI scales productivity, but without strong guardrails, agentic AI scales risk even faster. Strategic observability and deterministic guardrails are required to ensure that non-deterministic AI stays compliant with regulatory and business standards, with reliable audit trails as well as rules for exactly when to escalate a decision or task to a human for complex exceptions or strategic oversight.

In the rush to embrace agentic, remember that the attendant tasks don’t represent a series of punch-list items. Veterans of software adoption and replacement projects know that it’s a holistic process where human actions and digital components fall into place with methodical synchrony.

Agentic AI, while it has altered the face of enterprise technology forever, rewards the same discipline every transformative technology before it has: lay the foundations carefully, and you won’t be fighting fires when it scales.

We list the best IT automation software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Around half of UK retail workers don't feel confident with GDPR tasks
• One in five haven't received formal compliance training
• Many workers can't remember what their training involved

Nearly half (44%) of UK retail workers say they're not confident in handling sensitive customer data or don't know how to process it correctly, raising potential compliance issues, per Virtual College research.

According to the data, nearly one-fifth (19%) of retail workers have never received formal compliance training despite handling customer banking details, contact information and other personal data daily.

And those who have been trained say it's been sporadic without regular updates – only one in three (30%) have been trained within the last six months, with a further 11% trained 7-11 months ago.

Retail workers aren't up to speed on GDPR

The report raises questions around the frequency and effectiveness of such training, because nearly one in five (17%) couldn't remember what their last compliance training covered. Only 13% say it covered safeguarding.

And while training is still being delivered to many, only around half (49%) say they'd feel 'somewhat confident' in responding correctly to a compliance situation.

This data also comes at a similar time to Government data revealing that more than two in five (43%) businesses have experienced some kind of cyber breach or attack in the past 12 months, highlighting the vulnerability of personal and sensitive information.

"Ongoing, bite-sized training keeps compliance knowledge fresh and helps employees stay confident in fast-changing regulatory environments," Business and Strategy Director Jamie Ashforth wrote, urging employers to conduct regular audits to identify gaps.

Per the report, UK companies paid £490 million in compliance failure fines in 2025, but broader impacts of regulatory investigations and knock-on reputational damage are also highly plausible outcomes.

Ashforth suggests businesses should prioritize high-risk compliance areas first, including data protection and safeguarding. "Clear processes and regular reinforcement give employees the confidence to raise concerns and act appropriately when issues arise."

Cloudzy isn’t your run-of-the-mill web hosting provider. It specializes in cloud infrastructure and fairly bare-bones Virtual Private Server (VPS) plans. That means you get reasonably priced access to excellent hardware and resources, provided you have the technical skills to handle them.

The good news is that many things can be pre-configured, and you have a broad choice of options in everything from the choice of operating system (OS) to web apps. We’re not just talking about WordPress, but also advanced options like Forex platforms.

You also have an excellent range of server location options, though perhaps not as comprehensive as Google Cloud or AWS, which are on a different pricing tier altogether. What we didn’t like, though, was the discounts Cloudzy offers based on your location choice, which we felt was a bit unfair to customers who might require specific regions for efficiency and localization.

Be warned, though - Cloudzy is not really aimed at casual users building their first website. While you can technically host anything here, the core audience appears to be users who need virtual servers for web apps, trading bots, VPN setups, and the like.

Plans and pricing

Cloudzy primarily focuses on VPS hosting rather than traditional shared hosting packages. At the bottom of its offerings are Cloud VPS plans similar to those offered by hosts like DigitalOcean, Linode, and VULTR.

At Cloudzy, though, you get a broader range of pre-deployment options. For example, you can decide to go with a pure OS-only deployment, or get your server started with a full LAMP-stack supported web app, or almost anything else.

Cloud VPS plans start at 1 vCPU with 512MB RAM, 20GB of NVMe storage, and 1TB bandwidth/mo. This scales up to a whopping 16 vCPU, 64GB RAM, 1.5TB NVMe storage, and 16TB of bandwidth for $199.97/mo.

While there is no additional charge for pre-deployment options, your final price may be adjusted depending on server location. It’s likely that Cloudzy does this to help balance their location loads, but it’s unfortunate for customers who may be penalized because of their requirements for where their servers are located.

Aside from Cloud VPS, Cloudzy also offers more specialized solutions like high-performance GPUs, GPU-optimized servers, AI servers, and dedicated servers. Again, all of these options are fairly technical, especially their dedicated bare-metal servers.

Ease of use

The Cloudzy dashboard is a straightforward way to manage your servers. However, it’s more practical than informational. You can use it to deploy, rebuild, or configure instances. Server monitoring isn’t in the cards, though, and you’ll have to deploy any of those solutions on your individual servers if you need them.

When we initially discussed the pre-deployment option, it might have been misconstrued as saying Cloudzy is easy to use. That isn’t really the case. Once the deployment is made, you’ll still have to manage the stack on your own. For example, you have to keep your server OS and applications up to date and security-hardened, not just manage your web app.

This is typically done via SSH into the server (root access is provided). If you know what you’re doing, it’s easy-peasy. If not, you’re probably going to face an oncoming disaster.

Again, we don’t recommend Cloudzy as a first hosting provider for someone completely unfamiliar with VPS environments. If you’re looking for a first entry to the Cloud, try something with more management features like Cloudways. That, however, will cost a bit more, so be mentally prepared.

Speed and reliability

Cloud providers are always thought to be all-powerful, but keep in mind that much of it still depends on the hardware and configuration. For example, on the surface, Cloudzy offers some pretty good standard cloud VPS plans. However, the processing power on these compared to their high-performance options is very different. For example, the 2GB standard cloud VPS plan we tested includes a 2.25GHz AMD processor, while a comparable high-performance plan includes 4.2GHz processors.

The biggest surprise, though, is that Cloudzy is using AMD Ryzen 9 processors for their Cloud VPS plans. Servers typically run AMD EPYC chips, which are the dedicated server versions commonly used in web hosting. The Ryzen family is intended more for regular consumers or enthusiasts.

It’s possible that this led to the slightly disappointing test results below.

WordPress benchmark test

The standard WordPress benchmark test was run on our prebuilt WordPress site to maintain consistency. Results at Cloudzy were a letdown, with initial results showing worse performance than some budget shared hosting alternatives we’ve seen.

Siege test

On our load test, Cloudzy performed like a champ, acing results with increasing loads of 5, 9, and 15 concurrent users. It ran rock-solid and completed all transactions quickly. If we were to use this as a comparative factor against the easier benchmark test, Siege results should take priority as a more realistic indicator.

Customer support

Cloudzy offers customer support via tickets (for existing customers), a knowledge base, and, more interestingly, WhatsApp. Don’t be fooled by the WhatsApp chat support option, though. You don’t get an instant response.

Their knowledge base is also quite Spartan, with only 73 guides available. These articles are very straightforward and relatively technical, so you may have to know what you’re doing just to follow the language. It can be a challenge, but those are the preconditions for this type of hosting anyway.

Overall, the vibe you get from customer support is very corporate. We felt a notable disappointment here, especially coming off our recent Freehostia review. That was a free hosting plan, yet it came with near-instant customer support that was both polite and effective.

The competition

DigitalOcean is one of the most popular cloud infrastructure providers for developers and startups, and is similar in product offerings to Cloudzy. Compared to Cloudzy, DigitalOcean has a more mature ecosystem and a more professional customer dashboard. However, Cloudzy may appeal more to users looking for simpler pricing and lower-cost VPS deployments.

Linode has built a strong reputation among developers for reliability and straightforward cloud hosting services. Compared to Cloudzy, Linode offers more enterprise-level polish and documentation, though pricing can sometimes be higher for equivalent resources.

For those who want a fully hands-off approach, Hostinger is a beginner-friendly choice. Although primarily cheap for shared hosting, you can also get VPS hosting and other plans. Hosting is priced aggressively and offers strong localization expertise for ideal customer support.

Final verdict

To be honest, Cloudzy is a fairly run-of-the-mill cloud hosting provider. We don’t feel that it excels in any particular area, even though the host itself seems professional enough. What really turned us off was their slow customer support, even for sales queries.

Performance-wise, Cloudzy runs fine, even with Ryzen chips instead of enterprise-grade EPYC chips. It’s just that the choice left us feeling disappointed that they would cut corners in that way. We recommend considering one of the many cloud alternatives if you’re in the market for a budget, hands-on hosting plan.

Samsung’s PCIe Gen 5 flagship SSD has dropped to its best price since launch, with the Samsung 9100 Pro 2TB SSD down to $350 (was $680) at Amazon right now. For UK readers, the 9100 Pro 2TB drops to £304 (was £529) for Prime Day, too.

This is Samsung’s fastest consumer drive ever, and in our review, we said "it definitely delivers fantastic performance with the fastest write speeds I've ever tested." If you’re building or upgrading a system and want the best storage performance available right now without compromise, this is the drive.

The 9100 Pro capably offers best-in-class sequential read and write performance and impressive random read/write speeds. For anyone upgrading from a PCIe Gen 4 drive, the difference in large-file transfers and sustained read workloads is immediately apparent. But what really catches my eye is that it's 49% off for Prime Day right now.

Today's top Samsung 9100 Pro SSD deal

More interestingly for business and creative users, we clocked that while we didn't quite hit the promised highs of 14,700MB/s sequential read speeds, it still offered blazing-fast speeds, particularly shining in its sequential write performance, making it a fantastic pick for professionals.

The 9100 Pro is Samsung’s first fully PCIe Gen 5 x4 consumer drive — a meaningful distinction from the 990 EVO, which used a hybrid Gen 4 x4 / Gen 5 x2 interface as a halfway measure. Full Gen 5 x4 doubles the available interface bandwidth over Gen 4, and at 14,700MB/s sequential reads, the 9100 Pro delivers on that headroom. For context, a high-end Gen 4 drive like the Samsung 990 Pro tops out at around 7,450MB/s reads — the 9100 Pro is almost exactly twice as fast at the interface level.

The 2TB capacity is the sweet spot in the line-up. It’s single-sided — meaning all components sit on one face of the PCB — which makes it compatible with a wider range of laptops and slim-profile systems that can’t accommodate double-sided drives. The 2TB model is also rated slightly faster than the 1TB model on sequential reads (14,700 MB/s vs 13,300 MB/s), and its 1,200 TBW endurance rating is generous for a consumer drive at this capacity.

The LPDDR4X DRAM cache (2GB at 2TB) is a meaningful inclusion that differentiates it from DRAM-less budget Gen 5 drives. DRAM cache significantly improves random I/O consistency — particularly relevant for workstation use cases involving large databases, virtual machines, or AI inference workloads where latency matters as much as peak throughput.

• Shop all Amazon Prime Day deals

• Report finds public support for workplace robots is growing – especially for physical or dangerous tasks
• Willingness to accept a robot inside the home grows with real-life exposure
• Familiarity and clear governance are essential to overcoming public fear

Technological capabilities may no longer been the limiting factor when it comes to how and where robots can be deployed, with new Hexagon research revealing public support isn’t always there.

The company found much of the public is becoming more accepting of robots in the workplace, but only where they’re used for practical, physical or dangerous jobs.

However roles which require empathy, judgement or human interaction are still where support remains low.

Robots are most accepted in practical labor use cases

For example, more than half (56%) of the 1,000+ UK adults surveyed said they’d accept robots in lifting and transporting heavy items. Carrying and delivering any items (38%) and monitoring hazards and dangerous environments (34%) also received reasonable support.

With airports, some supermarkets and other public places now employing robots, 31% would even support their use in cleaning shared spaces.

Though the research fails to detail perception by age bracket, the company surveyed an equal number of UK children to reveal that heavy lifting, carrying and delivering is even more accepted among under 18s.

However, while repetitive physical work is generally well-accepted, 82% of UK adults want humans to care for sick, elderly and young people.

Only 5% say they’d choose a robot caregiver, making this the lowest support for any of the tasks included in the report. Even children seem reluctant to have non-human personal interactions, with 79% preferring human caregivers and 8% willing to choose a robot instead.

But Hexagon Technology Ethicist Dr Blay Whitby argues a simple reframing could skew these figures: “Ask people if they want to be cared for by a robot, and most say no… Ask if technology should help them remain independent in their own home for longer, and most say yes.”

Associate Professor in Moral Psychology Dr Jim Everett sees robots more as “assistive devices” in care homes and classrooms, rather than human replacements.

Exposure can drastically shift public perception

For now, the public still sees robots as industrial automation roles. More than half agree their natural homes are factories (53%) and warehouses (53%) – fewer consider them at home in hospitals and clinics (34%) or classrooms (30%).

Fear of the unknown could be another blocker, with only 28% of UK adults believing that having a robot colleague would be exciting – nearly half (46%) say it would be frightening. Humanoid forms are clearly unsettling, with twice as many preferring machine-like robots (27%) compared with human-like robots (14%).

Sci-fi fears about robots taking over could also be influencing public perception. Nearly all UK adults (88%) want clear rules governing what robots can do.

“Industrial environments are where the tasks for robots are the most defined, the safety cases are mature, and governance is in public view,” Hexagon CTO Burkhard Boeckem concluded.

Global comparisons back the fear of the unknown theory – while 30% of UK adults have encountered robots in real life, 75% have in China. A country that’s nearly twice as likely (63%) to accept robots into the home compared with the UK (32%).

For most of the last forty years, data center performance gains came from one place: smaller transistors. Moore's Law and Dennard scaling did the work.

Each new generation of silicon delivered more performance at the same or lower power, and thermal was a maintenance problem, not a performance limiter.

Cooling sat in the background. Operators measured it through PUE, optimized for it where convenient, and otherwise treated it as overhead.

That world is over.

Dennard scaling broke years ago, transistor efficiency gains are leveling off, and AI accelerator TDPs have climbed from 700 watts in the H100 generation to over 1,400 watts in current Blackwell deployments, with NVIDIA's upcoming Rubin platform expected to push further.

Thermal is no longer something that happens after the architectural decisions. It is now the binding constraint on how much performance a chip can sustain, and it is becoming one of the most strategic choices an AI data center operator can make.

Why this matters now

The macro numbers explain why this matters now. Data centers already consume up to 4.5 percent of total U.S. electricity production, a figure projected to reach 12 percent by 2028. McKinsey estimates global data center spending could approach $7 trillion by 2030, and that data center power demand will reach 220 gigawatts in the same window.

None of that capacity arrives quickly. New transmission lines and substations now take five to ten years to permit and build, which means operators cannot simply order more power when they need to scale.

The result is a hard pressure to extract maximum performance from the power they already have under contract. That pressure is what is reshaping how the industry thinks about cooling.

Cooling is no longer just an afterthought

For years, cooling was measured as an efficiency loss, captured through metrics like Power Usage Effectiveness (PUE) that quantified how much energy was burned on overhead before reaching the IT load. Today, the more meaningful metric is how much useful compute you extract per unit of power. NVIDIA's Jensen Huang now describes this as "performance per watt" or "tokens per watt" for AI workloads, and cooling plays a direct role in both halves of that equation.

Direct-to-chip liquid cooling has become the new baseline because it removes heat far more effectively than air. But even direct-to-chip is being pushed to its limit by 1,000+ watt accelerators, and most current deployments still require facility water around 30 degrees Celsius to stay within ASHRAE W2 and W3 envelopes, which means chillers running for much of the year in warm climates.

Better thermal management has effects on both sides of the tokens-per-watt equation. It reduces facility overhead, so more of the contracted power reaches the rack. And it allows chips to operate closer to their full thermal headroom, sustaining higher performance for longer.

Those gains compound. Recent UCLA study has shown that combining a 17 percent improvement in facility efficiency with a 15 percent gain in server-level performance per watt from better thermal management translates to roughly 35 percent more tokens per watt within the same power envelope. In a 10 megawatt facility, that is more than a megawatt of additional usable compute, with no additional grid commitment.

At GTC 2026, NVIDIA CEO Jensen Huang made this argument explicitly. He told the audience that beyond the silicon roadmap, infrastructure-level optimization across power and cooling represents another factor of two in performance still on the table. "There's no question in my mind there's a factor of two in here, and a factor of two at the scale we're talking about is gigantic," he said.

That gain does not come from a smaller transistor. It comes from rethinking how power and thermal energy move through the rack. Recent UCLA study suggests that at least one third of that infrastructure-level gain is attributable specifically to cooling. Cooling is no longer a support function. It is a primary lever for performance.

Water is becoming a hard constraint

Power is not the only pressure point. Water is emerging as an equally critical and often more immediate constraint on data center expansion. Traditional cooling architectures often rely on evaporative processes that consume vast amounts of water. According to the Environmental and Energy Study Institute, large data centers may use up to 5 million gallons per day, comparable to the daily water use of a town of 10,000 to 50,000 people.

This is drawing notice from regulators and communities in already water-stressed areas. The result is longer permitting cycles, higher project risk, and in some cases new developments paused entirely. States and municipalities are also implementing stricter reporting requirements and adjusting electricity rate structures specifically for data centers.

Operators now have to factor water alongside power into site selection. Facilities that minimize energy waste and reduce or eliminate water consumption are better positioned to navigate this environment.

The shift toward next-generation cooling

In response, the industry is entering a new phase of cooling innovation. Air cooling is no longer sufficient for high-density AI workloads. Liquid cooling has become the baseline, but within liquid cooling, not all approaches deliver the same efficiency or scalability.

The next wave of innovation focuses on improving heat transfer at the source: removing thermal energy more effectively at the chip level while reducing system-wide overhead. Some of these approaches draw on heat transfer techniques refined in other high-density power industries such as nuclear power generation, where the challenge of moving large amounts of thermal energy from a constrained physical space has been studied for decades.

The goal is straightforward. Better cooling enables higher rack densities, allows operation at higher facility water temperatures, and reduces or eliminates reliance on water-intensive heat rejection. Just as importantly, the next generation of cooling architectures is being designed to integrate with existing data center footprints, so operators can evolve their infrastructure rather than rebuild it from scratch.

NVIDIA's Vera Rubin platform, announced at CES 2026, was a clear signal of where this is heading. Vera Rubin is designed for 45 degree Celsius supply water, which means dry coolers can do most of the heat rejection year-round and mechanical chillers become optional in most climates. That is a fundamental shift in how cooling infrastructure will be designed for the next decade.

A defining moment for data center design

The data center industry is at an inflection point. AI compute demand is accelerating, and every resource needed to support it, power, water, physical space, is becoming harder to secure. Cooling sits at the intersection of all three.

It determines how efficiently power is used, how much water is consumed, and ultimately, where infrastructure can be deployed. The operators that recognize this now will have a sustained advantage. How to keep data centers cool under AI workload pressure has become one of the most strategic decisions in modern infrastructure.

We feature the best web hosting services: tested and reviewed.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Generative AI has moved quickly from experimentation into early production use in many enterprises. However, very few can confidently forecast what it’s going to cost them in six months.

For a technology that has consumed so much board-level attention and capital, that reflects a lack of certainty, and one that some technology leaders may privately recognize as true of their own organizations.

The spend is real and the direction is clear, but the number at the end of the year can remain genuinely uncertain.

To capture a glimmer of the confidence driving the infrastructure race, Amazon’s CEO has indicated it expects to spend heavily on IT infrastructure to support AI, with an estimated $200 billion in AI capital spending, arguing it is “not going to be conservative” in how it invests in the tech.

In practice, what makes AI different from the infrastructure investments that came before it is not the scale of the commitment but the nature of the consumption.

Cloud computing was unpredictable when it arrived too, but it eventually settled into patterns that finance teams could learn to model. AI hasn’t settled in the same way yet, and much of the reason comes down to how it is being used.

A great deal of enterprise AI use remains exploratory, which is part of what makes forecasting harder. And unlike cloud, which stayed largely within technical teams for years before spreading, AI is moving across the whole organisation almost immediately. That changes everything about how you try to govern it.

The limits of financial visibility

On the surface, some forms of AI appear to offer what earlier infrastructure lacked: clean, granular, real-time data and what it costs. But across the rapidly growing landscape of technology providers leveraging AI in some way, many do not.

In some cases, token-based pricing is precise in a way that early cloud billing never was, and for finance teams accustomed to working with far less, it can feel like a step in the right direction for solving the visibility problem.

We unfortunately still have a long way to go, since simply understanding what was spent last month tells you very little about what will be spent next quarter, particularly once adoption moves beyond the teams who originally shaped the business case.

One must consider that teams across legal, HR, and customer operations are not thinking about token economics (tokenomics). They’re only thinking about whether the tool works.

Cost exposure builds not through any single decision but through dozens of small expansions, each reason in isolation, none of them reflected in a comprehensive forecast. By the time anyone joins the dots, the demand curve has already moved.

Extending the disciplines that already exist

The organizations who are doing a better job managing AI spend have tenured experience managing consumption-based technology. IT asset management (ITAM) teams for example often have more experience dealing with more fixed constructs like users or seats, which makes the consumption-based nature of AI far more challenging.

FinOps teams on the other hand have grounded experience in managing consumption that originated in public cloud. FinOps teams may therefore better positioned to deal with the new tsunami of AI consumption and spending, ensuring that it is governed as adoption scales.

FinOps has also been broadening its scope beyond the initial roots in public cloud, with AI cost management now sitting firmly within that remit for many, a shift reflected in how the FinOps Foundation is increasingly incorporating AI into its guidance. Part of that expansion is about forecasting demand that behaves differently from conventional workloads.

There is also growing interest in whether AI itself can support FinOps practices, particularly in anomaly detection, optimization and, over time, forecasting, as consumption patterns become harder to model.

The challenge is applying FinOps practices early enough so that governance shapes how AI scales, rather than scrambling to restore control once spend has already outpaced oversight.

The compounding difficulty of legacy environments

For organizations whose technology estates were built around consistency, extending governance into AI is harder than it sounds.

AI-first organizations design with cost in mind from the beginning, treating inference the way they would any other product input, with economic constraints shaping architecture decisions before commitments are made.

Retrofitting AI into legacy infrastructure means something different. Existing commercial commitments and operating models do not adapt quickly to a consumption model that is inherently variable, and that friction has a direct bearing on cost.

The difficulty is often that AI is being introduced into environments built around very different assumptions about how demand behaves, and that is part of what makes forecasting harder.

The challenge is not simply new spend, but expenditure ballooning in environments where oversight and control are already difficult to maintain.

Organizations navigating this will tend to run controlled experiments before broad rollout and are deliberate about how adoption spreads. In practice, that is often about containing unmanaged adoption early, before usage patterns, costs and dependencies become harder to unwind.

That same exposure increasingly carries beyond internal governance. As AI appears more often in customer procurement conversations, questions that were once largely internal are starting to be probed externally too.

For organizations whose governance has not kept pace, those questions can force a level of clarity they may not yet be prepared to provide.

From activity metrics to business outcomes

Beyond governance and cost control, there remains a harder question, which is whether AI investment is producing meaningful business value. Most leadership teams are not yet in a position to answer that with confidence, and the metrics currently reaching the board are not making it easier.

Model usage, inference volumes and compute consumed describe activity without explaining value. It is easy to build a compelling board update from consumption data without addressing whether any of it is moving the business.

What gets closer to an answer is understanding whether individual inferences are delivering something a customer would pay for, or something that meaningfully reduces cost or risk.

Incremental business outcome per pound or dollar of AI spend is a harder measure to produce, but it is closer to the economics that matter because it requires a clearer position on what AI is actually delivering.

That is precisely where many organizations are still finding the work harder than it looks, particularly as AI deployment moves ahead of the models used to understand cost and value.

That disconnect matters more as the market expands, because where those economics remain unclear, cost exposure can build in ways that are harder to recognize early and harder to contain later.

For many enterprises, the challenge ahead is scaling AI without allowing spend to outrun the value it is meant to create.

The best cloud storage: tested, reviewed and rated by experts.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Agentic AI is moving rapidly from boardroom ambition to enterprise reality.

Gartner forecasts that roughly 40% of enterprise applications will incorporate task-specific AI agents this year, up from just 5% last year.

This surge forces every CIO, CISO, and technology leader to consider: What should AI be allowed to access, and how should it operate once inside the enterprise?

Many organizations begin by embedding AI agents directly into legacy systems, connecting them to backend databases, APIs, and workflows in the name of speed.

While this inline approach can work in modern, well-governed environments, it often bypasses the approval workflows and controls that legacy systems were built around. Agents can access restricted data, skip approvals, or execute transactions without a complete, attributable record.

The result is a growing governance gap. Decisions tied to sensitive data can’t be reliably reconstructed or defended with the same confidence as human-driven work. Even advanced models stall in pilots because organizations can’t prove how outcomes were produced.

The solution is not to slow AI adoption. It’s to change how AI interacts with the systems that already run the business.

When AI bypasses the system, it breaks it

Consider a finance workflow in an ERP software system. An agent updates vendor bank details and pushes a payment through a fast-track path, bypassing a required approval step and segregation-of-duties check. Later, when the transaction is questioned, the organization can’t prove who approved the change, why it was made, or whether proper controls were followed.

That’s where accountability breaks down. Changes are made inside core systems, but the evidence is incomplete, inconsistent, or disconnected from the system of record.

Emulated human behavior offers a more secure and practical path. These agents operate exactly as a human employee would: logging in with standard credentials, navigating the existing user interface, reading screens in context, following established workflows, and executing tasks while remaining fully subject to every control already in place.

No new APIs. No raw backend data exposure. No rewriting of decades-old business logic or security rules. The guardrails designed to protect against human error or misuse — validations, permissions, approvals, and audit logging — remain 100% intact.

This UI-first approach is especially effective for organizations running mission-critical processes on older platforms. Building secure, governed APIs for legacy systems is expensive and time-consuming, often leaving out protections built into the interface layer.

While emulated human agents may not match the speed of direct backend calls, they provide far more valuable enterprise advantages: immediate deployability, ironclad accountability, and zero disruption to proven controls. Secure operation doesn’t require avoiding AI. It requires rethinking how it fits into the systems around it.

Preparing for emulated human in the enterprise

Three priorities can help organizations prepare for the emulated human approach as AI scales into critical workflows.

1. Place AI at the points where work happens

Most enterprise AI strategies assume deeper backend integration creates better automation. In environments shaped by legacy systems, it often does the opposite: introducing new complexity while bypassing the workflows and controls already built into the interface layer.

Instead, focus AI at the points where it can operate without requiring systems to be rebuilt. This approach dramatically reduces integration overhead, limits exposure of core systems, and allows AI to scale within existing operating models rather than forcing costly modernization.

2. Align AI accountability with human accountability

Agents should operate under named identities and the same policies as employees. They preserve approval workflows, follow role-based permissions, and generate the same audit artifacts — including log entries, change histories, tickets, and recorded approvals — that organizations already rely on to review human activity.

This removes the dangerous two-tier governance model where AI operates under different standards than employees. Organizations can maintain visibility, accountability, and established compliance and risk management controls as AI takes on greater responsibility.

3. Design for adaptability rather than brittle automation

Traditional robotic process automation (RPA) relied on rigid, click-by-click scripts that broke the moment screens changed or exceptions appeared. Emulated human agents interpret context in real time, adjust to variation, and continue operating, just as skilled employees do.

That adaptability is essential in dynamic enterprise environments where policies change, exceptions are common, and systems are rarely static. Instead of constant break/fix maintenance, organizations gain AI that can operate more resiliently inside real-world workflows.

Scaling AI with the systems already in place

As agentic AI scales, enterprises will be judged not only by the intelligence of their systems but by their ability to govern them. The pressure to balance innovation with control will only intensify.

The most durable strategies will be those that embed AI safely within the systems already in place, rather than racing around them. When an agent’s actions can be audited and justified with the same rigor applied to a human colleague, it’s finally ready for production.

That’s how secure, scalable AI will be defined in the enterprise.

We feature the best small business software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Every small business is looking for an edge.

For some, that means protecting margins. For others, it means finding new customers, sourcing better products, entering new markets or simply running the business with less friction.

More often, it means trying to do all of these things at once. Knowing which opportunity deserves attention first and having the time and resources to act on it has always been a challenge.

For decades, this has forced smaller businesses into a trade-off: choose one priority and hope this is the right decision or waste all your time and money and miss an opportunity elsewhere.

The era of agentic business changes this. According to the British Chambers of Commerce (BCC), more than half of UK SMEs (54%) are now actively using AI – an increase from 35% in 2025.

In recent times, the technology has moved from passive assistance - writing, summarizing and answering questions – to autonomous execution.

AI is therefore no longer limited to responding only when prompted but can operate continuously in the background.

A wide spectrum of business functions

In this way, AI agents can now handle a wide spectrum of business functions end-to-end. This includes building digital storefronts, writing product listings, offering dynamic pricing, providing customer service, generating market research, and supporting with marketing.

The real value lies not in overnight task automation but better decision-making with less friction and fewer blind spots. In fact, according to the same BCC research, SMEs using AI report strong net productivity improvement expectations (+71%), while those planning to adopt or unsure show far lower optimism. Importantly, agentic AI is levelling the playing field with larger companies.

The latter have historically had an advantage because they can afford dedicated teams for each business function. SMEs, on the other hand, have had to rely on lean teams, founder instinct and whatever time was left after the urgent work was done. Within agentic businesses, there is immediate access to capabilities which once required high headcount or expensive IT systems.

Examples include testing a new product category, launching into a new market or trialing a marketing campaign with far less operational risk than before. Rather than spending weeks gathering information manually or coordinating across multiple systems, AI agents can help businesses identify opportunities and execute tasks in real time.

Crucial for smaller businesses

In addition, agentic AI has been crucial for smaller businesses looking to grow internationally. It can help them localize product listings and marketing content for different markets, coordinate supplier communications across time zones, and analyze regional demand trends in real time. This reduces much of the operational complexity traditionally associated with cross-border trade and gives SMEs greater confidence to explore new markets that may previously have felt out of reach.

So, the SME conversation around AI needs to move beyond productivity. Saving time matters, but it is not the full story. The bigger opportunity lies in performance: simplifying complexity, reducing avoidable risk, helping businesses act on information earlier.

For an SME, one missed supplier issue, one misread market signal or one poorly timed product decision can have an outsized impact. Becoming an agentic business helps reduce that exposure with complex information easier to monitor, compare and act on. However, it does not remove the need for human judgement. In fact, it raises the value of that judgement by giving business owners clearer options and more time to focus on strategy.

The most successful uses of AI will not be the most futuristic but the most useful, offering practical, transparent information, built around real commercial pain points. The first wave of AI helped SMEs create faster, but the next wave will help them operate smarter.

For SMEs, the question is no longer whether AI can help. It is how quickly they can put AI agents to work on the decisions that determine how they compete, grow and scale.

70+ of the best AI tools tested and reviewed.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Many European consumers actively avoid American tech giants for privacy reasons
• Social media and cloud storage are priorities for consumers
• EU companies only have 15% of the European cloud market

Four in five European consumers say it matters whether or not businesses use European technology, confirming that digital sovereignty has now become a priority for the masses.

A study by Proton of 3,000 UK, France and Germany consumers shows that they’re beginning to view a company’s digital infrastructure as part of its brand and values, rather than a back-office decision that has no impact on customers.

As a result, nearly half (45%) said they would actively avoid companies that store customer data with US firms, with more concern over privacy and security than price or quality.

Digital sovereignty speaks volumes to consumers

This also aligns with European Commission ‘Eurobarometer’ data revealing that three-fifths (58%) of the bloc’s citizens would be willing to switch to an EU-based digital service provider, even if that meant paying a higher fee.

The report argues this reliance on US hyperscalers like AWS, Microsoft, Google and Meta can no longer be seen as a neutral business decision in the eyes of European customers, who are increasingly concerned over privacy, surveillance and geopolitical dependence.

Social media (48%), email (46%), messaging apps (40%) and other services that directly handle personal communications and information were seen as the most at-risk among consumers, Proton found. Other than communications, cloud storage (38%) was another great worry, along with browsers (31%).

Two in three (65%) now also believe that European small businesses should prioritize European tech providers over US ones, and not from a supporting local companies point of view. Consumers are more interested by sovereignty, keeping investments within Europe and reducing reliance on foreign tech vendors.

As many as four in five (83%) now worry about society’s dependence on Big Tech and how a small number of hyperscalers now dominate the market. Attitudes have shifted rapidly, Proton says, because of deteriorating US-Europe geopolitical tensions and the continued debate over US surveillance laws which prevent vendors from being able to fully offer sovereign options.

The US CLOUD Act is a specific worry for European citizens, because it allows US law enforcement to access data held by American technology companies, even if it’s stored within European data centers.

Customer data use is also a growing concern, where their information may be being used to train AI models that only serve to help those US giants.

The reality of US tech reliance

All of this comes amid growing US dependence, with three-quarters (74%) of publicly listed European companies relying on US tech providers, per an earlier Proton report.

Google and Microsoft alone account for 84% of the global office productivity market, with Amazon, Microsoft and Google jointly taking up a 66% of the cloud market. Proton’s full report details how European providers only hold a collective 15% of the European cloud market.

“Buying tech from the US used to seem like a no brainer,” Proton COO Raphael Auphan admitted, indicating an understanding of why European consumers are so deeply reliant on US software.

Tariffs on European exports, NATO tensions and American criticism over EU regulation – all of which falling under Trump’s presidency – are to blame, the Swiss company says.

But Auphan now describes relying on US tech as a “commercial liability” for businesses. “It's increasingly clear that consumers care about digital supply chains, and US tech is becoming a weak link.”

“The EU runs on Microsoft,” Finnish MEP Aura Sally said at the 2026 Open Source Policy Summit. “The US could turn us off inside one hour.”

However, an overnight migration away from US hyperscalers isn’t such an easy move, and while Proton is trying to offer some paths with the recent addition of Gmail migration with zero downtime, a full stack move could take years, buying well-funded American tech giants time to come up with more regional solutions to prevent customers from wanting to migrate in the first place.

• Hackers reportedly breached Russia's Glaz/Groza combat control platform
• Attackers gained access to manuals, patents, and training materials
• Telegram groups reportedly handled software updates and user support

Ukrainian hackers have reportedly breached the Russian Glaz/Groza combat control system, gaining access to data and internal materials linked to the platform.

The incident has drawn attention because Groza is used to coordinate reconnaissance, targeting, and battlefield communications between different military units.

Information released following the breach suggests that attackers obtained technical documentation, training resources, and other operational records connected to the system.

Telegram-based administration raises security questions

According to the “Where is Russia today” community, the compromised materials included instructions, patents, videos, and extensive user documentation.

Groza serves as one of Russia’s command-and-control applications, helping connect drone operators, field commanders, and artillery units during military operations.

The software is designed to shorten the period between identifying a potential target and directing fire against it.

The hack revealed that support and software distribution functions were reportedly managed through Telegram groups used by administrators and military personnel.

Those channels were allegedly responsible for providing application updates and assisting users with operational issues.

The reported reliance on Telegram for elements of administration has prompted scrutiny because combat management systems typically handle sensitive battlefield information.

Maps integrated into the platform enable personnel to record the locations of friendly and opposing forces, helping users maintain operational awareness.

Following the breach, attackers reportedly altered portions of the mapping data and inserted images of the Ukrainian flag alongside other messages.

Reports from the group behind the disclosure indicated that affected users encountered persistent disruptions while attempting to access or restore application functionality.

“Numerous complaints from users about the breach have been recorded: they cannot connect to the application, are unable to remove images that keep reappearing, and administrators are trying to fix the problem,” the group stated.

Internal documents and training materials reportedly exposed

Beyond the visible disruptions, the breach reportedly exposed a substantial collection of supporting materials related to the combat management platform.

The Ukrainian hackers discovered hundreds of pages of user guides explaining the operation of the application and its various functions.

The disclosed information also included a training video that allegedly demonstrated the system operating in real time.

A patent connected to Groza was reportedly among the recovered materials, providing details regarding how the system functions and interacts with other technologies.

The patent documentation is said to contain information concerning the platform’s architecture, intended users, and integration with related military systems.

Such materials could potentially offer insight into the broader structure supporting the software environment.

The operational impact of the breach has not been independently verified, and the extent of any resulting disruption remains uncertain based on currently available information.

Via Militarnyi

Prime Day is officially only a few hours away. But while the Amazon sale promises to be packed with cheap tech and gadgets, a refined workspace deserves stylish gear and pure craftsmanship. With that in mind, I've curated a round-up of 12 premium desk accessories that exude luxury and timeless style.

• Shop Amazon's Prime Day deals

In this guide, I'm not chasing the deepest discounts, but prioritizing high-performance essentials. The focus here is on exquisite builds, clever engineering, and uncompromising utility when crafting a workspace that's as powerfully practical as it is visually flawless.

Alongside some of my favorite deals on luxury office desk accessories, I've included high-end professional gear that's perfectly designed - even if there's no savings to be had.

For more savings on workspace upgrades, see my real-time coverage of the best Prime Day home office deals you can buy.

More Prime Day deals

• Amazon Devices: Fire Sticks & Echo from $18
• Amazon Haul: viral gadgets, tech & appliances from $1.99
• Apple: MacBooks, AirPods & AirTags from $29
• Beauty: 50% off toothbrushes & hair tools
• Cheap TVs: smart TVs from $69.99
• Garden: tools, mowers, planters from $24.99
• Headphones: 50% off Beats, Bose & Samsung
• Laptops: Apple, HP & Dell from $199
• Mattresses: Sealy, Serta & more from $186
• Patio: outdoor furniture, rugs & decor from $19.99
• Sports: 50% off fitness gear, treadmills & clothing
• Vacuums: Dyson, Shark & Bissell from $34

• HPE reveals rack-scale system containing 81,920 CPU cores
• AMD Venice processors power HPE’s next-generation Cray infrastructure
• One 42U rack delivers unprecedented levels of computing density

During its recent HPE Discover 2026 event, the company revealed new Cray GX5000 hardware featuring next-generation AMD EPYC Venice processors, with specifications that push server density well beyond current deployments.

The system combines multiple compute blades, liquid cooling infrastructure, networking hardware, and memory resources inside a single 42U rack configuration.

HPE revealed a Cray GX5000 configuration designed to deliver up to 81,920 CPU cores in one rack.

Dense compute architecture pushes rack capacity higher

The HPE Cray GX5000 platform follows the AMD EPYC 9965, a 192-core processor that represented one of AMD’s highest-core-count server CPUs before Venice arrived.

While the EPYC 9965 increased processor-level density, the Venice-based system takes a broader approach by combining multiple CPUs, memory resources, and cooling infrastructure inside a single rack.

At the center of the system is the HPE Cray GX250a compute blade, which houses eight AMD EPYC Venice processors.

The compute blade incorporates power delivery, liquid cooling channels, memory subsystems, storage devices, and networking components within a compact design.

HPE stated that a fully populated rack can deliver 81,920 CPU cores, although exact processor configurations were not disclosed.

Based on the rack specifications, the system reportedly uses 80 multi-node motherboards and can support as much as 1.28PB of RAM.

Each Venice processor connects to 16 memory channels, creating substantial memory bandwidth for large-scale computing workloads.

The memory modules themselves are liquid-cooled and appear to use standard DIMM form factors.

Photographs from the event showed local Samsung E1.S EDSSF SSDs mounted above several processor cold plates.

HPE representatives indicated these drives serve as high-speed scratch storage for temporary data processing tasks.

The installed DRAM modules, storage devices, and node identifiers suggest that the displayed hardware was operational rather than a nonfunctional demonstration unit.

That distinction is significant because earlier Venice demonstrations appeared closer to prototype systems than production-ready deployments.

Venice CPUs and networking define the platform

The rack incorporates Slingshot 400 networking hardware, with HPE indicating future compatibility with Slingshot 800 technology.

Networking modules are mounted within side pods connected to processors through dedicated interfaces designed for high-bandwidth communication.

The front-facing networking arrangement also simplifies cable management by changing how optical connections are routed throughout the rack.

HPE also displayed a coolant distribution unit capable of handling 1.6MW of cooling capacity for large installations.

Such cooling requirements reflect the growing power densities associated with modern high-performance computing infrastructure and increasingly complex CPU designs.

AI tools, scientific simulations, engineering analysis, and large LLM deployments are among workloads requiring this level of computational density.

The company did not disclose detailed specifications for AMD's unannounced Venice processors, although available figures suggest unusually high core counts.

Calculations based on the stated 81,920-core rack capacity imply processor densities exceeding current EPYC generations by a substantial margin.

Although AMD has not released the specs or performance figures for Venice, the projected core density of the HPE system has led to speculation that the processor could become one of the most powerful x86 CPUs produced.

A lot could change before the official launch, but the Cray GX5000 platform indicates that AMD and HPE are pursuing higher compute density within the same rack footprint.

Via ServeTheHome

• Analyst report claims primary smartphone market is expected to decline 14.8% in 2026
• Entry level smartphone prices have already risen more than 50% this year
• Refurbished smartphone sales grew 4% year-on-year during the first quarter of 2026

The global smartphone market is heading toward a difficult 2026 as rising component costs force manufacturers to increase device prices, new research has claimed.

New findings from FDM CCS Insight note the primary smartphone market is expected to decline by 14.8% in 2026 as memory shortages continue affecting production.

The decline follows a 4.4% year-on-year contraction in the primary smartphone market during 1Q26, despite manufacturers and retailers building inventory earlier.

Memory shortages push buyers toward refurbished smartphones

As consumers search for cheaper alternatives to new devices, the demand for refurbished smartphones is expected to increase but so is the price.

FDM CCS Insight reports that some entry-level smartphones have already experienced price increases exceeding 50% compared with the previous year.

“Many consumers will hold onto their phone for longer, and these effects will be much more pronounced for consumers buying phones under $500,” said Ben Hatton, Research Analyst at FDM CCS Insight.

“Some consumers will need a new phone…and so we do expect more demand for refurbished smartphones as many are priced out of the new device market.”

The memory shortage driving these price increases is largely attributed to surging demand from AI data centers and AI-accelerated computing infrastructure.

These facilities compete for the same DRAM and NAND flash production capacity that smartphone manufacturers depend on, leaving less supply available for consumer devices.

Memory components now represent more than 30% of the bill of materials for some smartphones, increasing pressure on manufacturers.

The impact is expected to continue to affect low- and mid-range devices as companies adjust pricing strategies throughout the year.

The secondary smartphone market has already started benefiting from changing consumer behaviour, with organized sales increasing by 4% year-on-year during 1Q26.

FDM CCS Insight forecasts this market segment will expand by 15.4% globally during 2026 as demand shifts away from new devices.

However, stronger demand could also create higher refurbished smartphone prices as available supply struggles to match consumer interest.

Supply challenges could determine refurbished market growth

The refurbished market faces a major challenge because expanding supply depends heavily on trade-ins, buybacks, and upgrade programmes.

FDM CCS Insight expects premium smartphones, particularly devices priced above $750, to continue driving much of the available trade-in supply.

These devices are less affected by current pricing pressures, allowing manufacturers and retailers to maintain stronger upgrade incentives.

"The secondary market has an opportunity to serve some of the demand that will be unfulfilled by the primary market. The major challenge in the near term is to grow supply during a fallow period of flagship launches,” Hatton said.

“Countries with mature trade-in programmes will be in a much stronger position to capitalize on this opportunity and maintain higher growth rates in the secondary market over the rest of the year.”

The shift suggests that consumers may increasingly evaluate refurbished smartphones as alternatives when new device prices continue rising.

“Demand continues to heavily outweigh supply in the global secondary market. Trade-in discounts, early upgrade offers and more-lucrative trade-in promotions will be key to unlocking the market's full growth potential in 2026 and 2027," he added.

Whether this trend produces sustained growth will depend on supply availability, pricing stability, and how manufacturers respond to changing market conditions.

The American entrepreneur Palmer Luckey has played a major part in many major names in the tech industry, including founding Oculus VR, but has risen to prominence for his stewardship of Anduril Industries in 2017 – which puts artificial intelligence (AI) at the heart of its operations and capabilities.

The question of AI ethics

Luckey has long been a proponent of the use of AI in defense, with the Anduril founder even naming his company as such because it shares the acronym.

Speaking with Fox News Sunday in December 2025, he outlined a philosophy that it's much safer, in ways, to incorporate the best possible technologies into military capabilities than it is to ignore emerging innovation, whether AI or quantum, and be left with 'lesser' tech.

For Luckey, there's seemingly no point in taking the moral high ground when talking about matters of life and death – when the very nature of the business is morally called into question to begin with.

The future of military technology

Luckey's statement challenges the common orthodoxy that humans must always be in the loop over high-stakes decision-making, especially with matters of life and death. And, for that reason, it's highly controversial.

The direction of travel is not, however, up for debate, with plenty of examples of AI becoming increasingly prominent in international conflicts.

Ukrainian officials, for example, recently revealed that in 2024, the nation's military used drones to kill Russian soldiers – marking the earliest reported example of the autonomous killing of humans.

Without doubt, it won't have been the last such incident, and points to a future in which those engaged in conflict are likely to use every tool at their disposal to achieve their military aims, regardless of the moral implications.

If you're looking for the most powerful mini PC you can get under $500, I've found it - after a lot of searching ahead of Prime Day, it turns out the real deal is over at Newegg, where the Brenuc Bren7P mini PC is down to $499 (was $599) right now.

This compact desktop is powered by the AMD Ryzen 7 7840HS — a high-performance 8-core, 16-thread Zen 4 chip with a 5.1GHz boost clock that sits comfortably at the top of the mini PC performance tier. Paired with DDR5 memory, a PCIe 4.0 SSD, and dual 2.5G Ethernet, this is a machine that genuinely earns the “powerful” label without needing a large chassis to do it.

The AMD Radeon 780M is the upgrade that really caught my eye. For video editors using hardware acceleration in DaVinci Resolve or Premiere, photographers using GPU-accelerated processing in Lightroom, or developers running GPU-compute workloads, the difference is immediately tangible. It also handles a broader range of gaming titles than Intel’s integrated graphics at playable frame rates.

Today's top mini PC deal

The AMD Ryzen 7 7840HS is the real engine here. It’s a Zen 4 processor built on TSMC’s 4nm process — the same generation as the chips AMD put in its premium gaming handhelds — and it consistently benchmarks among the strongest mobile CPUs in the 15W–54W power envelope. Eight performance cores with simultaneous multithreading and a 5.1 GHz boost clock mean this chip handles sustained multi-threaded workloads like video transcoding, compiling, data processing, and running virtual machines without throttling, as lower-TDP mobile chips often do in compact chassis.

The dual 2.5G Ethernet ports are a standout feature in this category. Most mini PCs at this price ship with a single 1G port; dual 2.5G gives you 2.5 times the bandwidth per port and the ability to connect to two separate networks simultaneously. For home office users who keep work and personal networks separate, IT professionals who need multiple network interfaces, or anyone running a network-attached storage server or a home lab, this is a genuinely practical inclusion you’d typically pay more for.

USB 4.0 at 40 Gbps on the rear I/O is another connectivity highlight. At full bandwidth, it’s four times faster than USB 3.2 Gen 2, and it supports DisplayPort Alt Mode, Power Delivery, and Thunderbolt 3-compatible devices. In practice, you can connect an external SSD and transfer a 4K video library in a fraction of the time it would take over USB 3.2, or connect a high-res display and still have bandwidth left over for data.

The triple 4K display capability (HDMI 2.0, DP 1.4, USB-C) mirrors what the KAMRUI H2 offers, and the dual M.2 NVMe PCIe Gen 4 slots support up to 64GB of DDR5 RAM and as much storage as you want. The tool-free interior access — four base screws and a pull tab — makes upgrades straightforward without needing specialist equipment.

Right now, the Brenuc Bren7P is the most well-rounded mini PC you can currently find under $500 — and the Radeon 780M is what tips it over the line. Check out more options in our guide to the best mini PCs.

• See all mini PCs at Newegg

As our monitor expert would tell you, it is always worth spending a little extra to get a monitor that will reduce the risk of eye strain and neck pain, especially if you spend all day in front of your monitor. But now that the Prime Day sales have started, there are some great ergonomic and minimalist monitor deals.

Right now, Samsung's S30GD Essentials range of minimalist monitors are at their lowest price I have ever seen. You can pick up the Samsung 24in S30GD for $80 (was $130) at Amazon - the lowest price I've ever seen across Prime Day and Black Friday. But there is also some great flexibility in screen sizes and price points. The Samsung 22in S30GD is now $70 (was $110) at Amazon, and its big brother, the Samsung 27in S30GD is now $95 (was $150) at Amazon.

The Samsung S30GD range has a 100Hz refresh rate to keep visuals crisp without chopping up frames and a 5ms response speed is more than reasonable for both office work and gaming. For a business monitor at this price, you can't really go wrong. Across many of our reviews of Samsung monitors, we have always found a good balance between cost and performance, with many of the S30GD's sister monitors frequently getting above 4 out of 5 in our testing.

• See all early Prime Day deals at Amazon.com

Today's top Samsung monitor deals

Samsung's S30GD Essential range of monitors strike a balance between performance, ergonomics, and price that keeps you both physically and fiscally comfortable.

The Samsung S30GD can comfortably handle 1920x1080 resolutions across 22in, 24in and 27in, making it a cost-effective choice as a primary monitor for professionals and creatives, or as a dedicated space-conscious second monitor alongside a larger display.

I particularly like the minimalist vibe, as the monitor doesn't distract the eye unnecessarily or pull focus from intensive tasks. Samsung's In Place Switching (IPS) keeps visuals and colors sharp and accurate during editing or design tasks, even when viewing from multiple angles.

For those with smaller desks or limited workspace, the Samsung 22in S30GD is the perfect choice and can be easily moved as it weighs less than 5 pounds. The 24in version is great as a primary monitor, with the monitor stand measuring just under 7in to avoid any unnecessary desk space wastage. For those in need of a larger primary screen for editing work or larger spreadsheets, I would recommend the 27in version.

Each display across Samsung's S30GD range feature ultra-thin bezels at the screen border so that no space is unnecessarily wasted between the screen and its edge.

If you're looking for a sleek, minimalist monitor for less than $70, $80, or $95, the Samsung S30GD is an excellent addition for anyone looking for a monitor that covers the basics, and then some.

• Shop all PC accessories at Amazon

• Microsoft warns of “Crypto Clipper,” a worm spreading via malicious .LNK files on USB drives
• Malware maintains persistence, connects to Tor C2, enables remote code execution, and steals clipboard crypto data
• It swaps wallet addresses, exfiltrates seed phrases/private keys, and uploads screenshots to assess target value

Microsoft is warning of an ongoing campaign targeting cryptocurrency owners with a clipboard-jacking worm.

In a new in-depth report published late last week, Microsoft’s security researchers explained that they recently analyzed a thumb drive that contained seemingly normal documents (Word files, Excel spreadsheets). However, the documents were replaced with Windows shortcut (.LNK) files which actually launched a piece of malware called Crypto Clipper.

This malware does a couple of things. First, it spreads by creating malicious .LNK files on USB drives and other removable media. It also sets up scheduled tasks to maintain persistence and automatically infect newly connected USB devices. Second, it behaves like a backdoor by regularly contacting a C2 server over the Tor network and receiving commands from the attacker. The server can also send commands to have the malware download and execute attacker-supplied code on the infected system, as well.

Stealing wallet data

Finally, Crypto Clipper acts as a clipboard clipper by monitoring the Windows clipboard for cryptocurrency wallet addresses, seed phrases, and private keys. If it spots a wallet address, it can replace it with a different one, owned by the attackers, so that any tokens sent by the victim go to the attacker, instead. It can also steal and exfiltrate copied seed phrases and private keys, which can be used to load a victim's crypto wallet on a separate device.

To help attackers assess the value of a target, the malware periodically captures screenshots of the victim's screen and uploads them through the Tor network.

“This malware family shows how lightweight, script-based stealers can deliver outsized impact when paired with anonymized communications and runtime tasking,” Microsoft said. “The combination of Tor-routed C2, clipboard targeting, screenshot capture, and remote code execution gives attackers both immediate monetization paths and continued control over compromised devices.”

Microsoft did not say if the malware targeted any specific countries or regions, nor did it discuss the number of victims.

Via Ars Technica

This HP laptop may be Amazon's best-selling Windows notebook just before Prime Day sales, but I truly cannot recommend it. The HP 250 G10 uses an Intel N100 processor, which is very poor value for money for a laptop that costs just under $500 (and that 37% discount claim seems very dubious).

Yes, it has 16GB of RAM, a 512GB SSD and a full HD display but that's simply not good enough to change my opinion of this laptop. (And yes, it uses a trick I despise to attract customers).

The N100 is so underpowered that it will struggle with even mundane tasks. Add the small 41Whr battery and you've got the perfect combination for hours of frustration and lost productivity.

So instead, here are five other laptops I'd personally recommend. For the same outlay (or less), they deliver far, far better value for money without the guaranteed irritation. Head over to our live hub for the latest Prime Day deals on a host of tech.

Quick links

• Shop $500 laptops at Amazon
• Check $500 laptops at Best Buy
• Buy $500 laptops at Walmart
• $500 laptops on sale at Newegg

If you want the most capable 16-inch laptop available right now without compromise, the Acer Predator Helios 16 AI (PH16-73) is $3000 (was $3500) at B&H Photo. This is an absolute beast of a machine for video editing, 3D workflows, gaming, and just about any demanding workload you can throw at it. And it's the cheapest RTX 5090 laptop I've come across.

The RTX 5090 laptop GPU is the headline here, and it earns it. Based on Nvidia’s Blackwell architecture with 10,496 CUDA cores and 24GB of GDDR7 memory, it’s the most powerful consumer laptop GPU ever made.

The Intel Core Ultra 9 275HX is an Arrow Lake chip with 24 cores — 8 performance cores running up to 5.4GHz and 16 efficiency cores — and it’s a serious processor by any measure. Overall, the Acer Predator Helios 16 AI is as close as laptops get to a no-compromise flagship right now.

Today's top RTX 5090 laptop deal

The 240Hz OLED display at 2560×1600 with 100% DCI-P3 coverage is outstanding for both visual work and high-refresh gaming. The combination of OLED’s infinite contrast and perfect blacks with a 240Hz panel and G-SYNC adaptive sync gives you a display that serves creative professionals well.

The connectivity package is where the Helios 16 AI pulls significantly ahead of most competitors. Thunderbolt 5 at 120Gbps is a generational leap over Thunderbolt 4 — it can drive an 8K display, transfer a 4TB SSD backup in under 10 minutes, or connect multiple high-bandwidth peripherals simultaneously. The 5GbE wired Ethernet port is fast enough to eliminate network bottlenecks entirely for anyone on a 2.5G or 5G home or office network. Wi-Fi 7 handles wireless connectivity with the same class-leading bandwidth.

Acer’s 6th Gen AeroBlade 3D fans and liquid metal thermal compound keep the system stable under sustained load.

Now, when I call this a beast, I mean it. It weighs around 2.6kg and the 330W power brick is substantial. This is a desktop replacement that travels, not an ultra-portable laptop. If you can live with those realities — and many professionals absolutely can — the Helios 16 AI delivers desktop-grade performance in a form factor that fits in a backpack.

• Shop all laptops at B&H Photo

• 79% of data centers are exposed to climate hazards, 54% face chronic heat or drought
• Higher temperatures lead to more cooling demand, creating a vicious circle
• Component longevity is also at risk from heat and other impacts

According to new First Street research, four in five (79%) or the world's data center capacity is exposed to climate hazards like flooding, wildfire and winds, with more than half (54%) of data centers located in areas that face chronic heat or drought stress.

With hyperscalers investing billions to keep up with demands created by AI, First Street stresses that today's decisions could impact cloud computing for years to come.

But even without further investments, rising temperatures and the effects of climate change could put existing facilities under further pressure.

Hyperscalers are building data centers in at-risk areas

Besides the obvious risk of component damage, higher temperatures also mean that data centers need more cooling than they previously did, driving up electricity and water consumption. Because chips and other components operate best at an optimal temperature, higher temperatures could even cause them to fail sooner.

Flooding, winds and storms also threaten electrical systems, network connectivity and fiber networks, potentially leading to outages.

The revelation comes just weeks after a separate study from insurer MS Amlin found that half (56%) of all new projects are being located in disaster-prone areas.

"Most underwriting for real assets still uses historical data, but the climate is no longer behaving the way the historical record would predict," CEO Matthew Eby said.

But with part and utility costs soaring, companies are being forced to reduce costs elsewhere, including locating campuses in cheaper areas that are often more at-risk. With companies already having to consider compute capacity, power availability, connectivity and local opposition, "climate risk is becoming an increasingly important determinant of long-term performance," First Street warns.

"Together, these risks affect NOI stability, cash flow durability, and long-term asset performance," the company added.

• Check Point Research warns Prime Day (June 23–26, 2026) is fueling a surge in malicious Amazon‑themed domains
• 6,843 domains registered Dec–May; nearly 10% flagged malicious/suspicious, with June showing 1 in 13 domains risky
• Shoppers urged to avoid Google searches for Amazon, verify URLs, and treat “too good to be true” deals with caution

Thousands of new domains were registered in the weeks and months leading up to Amazon Prime Day, most of which are malicious and created to steal consumer data and possibly money. This is according to a new report from Check Point Research (CPR), in which the security outfit warns about Prime Day being the perfect storm for every cybercriminal.

Amazon’s Prime Day is set to take place between June 23 and 26, 2026. During these four days, thousands of retailers in 25 countries will offer great deals on their goods and services, creating one of the biggest retail events on the planet. Consequently, they’ll also be creating one of the biggest cyberattack events on the planet, as well:

“Major retail moments bring together the three ingredients’ attackers exploit most: a globally trusted brand, time-limited urgency, and massive purchase intent at scale,” CPR warns, adding that phishing emails, fake websites, fraudulent offers, and account takeover attempts all surge during this period.

How to defend against Prime Day scams

For events such as this one, crooks prepare months in advance. CPR found that between December 2025 and May 2026, there were 6,843 new Amazon-themed domains registered worldwide, most of which were set up in April (1,446). May 2026 added another 1,267 domains.

Obviously, not all of them will be malicious, but CPR said that almost one in ten (9.2%) were already classified as either malicious or suspicious, and in the first week of June, one in every thirteen was labeled the same way.

“This pattern reflects a broader build-up of malicious infrastructure ahead of the event, with multiple Amazon-themed domains designed to exploit brand trust, urgency, and high purchase intent at scale,” the researchers warned.

To stay safe this Amazon Prime Day, always double-check the website you’re visiting, always go to Amazon's legitimate domain (https://www.amazon.com/) rather than relying on Google search results, and remember - if something is too good to be true, it most likely is.

• Trump is talking to AI leaders about investing in their companies
• POTUS believes "the American people will like [AI] better" as a result
• AI firms might end up donating some equity into a Public Wealth Fund

The US government has reportedly been liaising with ChatGPT maker OpenAI on holding equity stakes in major AI companies, including OpenAI itself.

The move stems from an idea first raised by OpenAI CEO Sam Altman in 2025 as part of a broader concept to ensure that the economic gains from AI reflect the interest of American citizens, but discussions look to have moved forward.

Though a final decision has not been reached yet, it could involve AI companies donating some equity into a government-backed Public Wealth Fund.

Could AI companies be forced to donate equity to the US government?

Speaking on Air Force One (per CNBC reporting), President Donald Trump said his administration would consider investing in AI companies to "create almost a partnership with the American public," noting that discussions are already in progress.

"We're talking about it," POTUS added, indicating that "where the American people can benefit from the success of AI, the American people will like it better."

"It would be a beautiful thing," he declared about the partnership that would make American citizens beneficiaries of the proposed investments. "It would make 'em rich."

By linking itself financially to AI companies, the US Government could help to improve the public perception of AI and share the associated wealth with the country by means of additional funding, however critics are likely to question the potential part-state ownership of AI firms like OpenAI.

Separately, Anthropic co-founder Jack Clark told the BBC that the Claude maker is "in daily conversations with the US government and we're finding ways to be helpful to national security." Anthropic has spoken out in favor of the potential US deal.

Running a one-person business means doing the job of an entire company by yourself. You're closing a deal in the morning and debugging the product by lunchtime. Every hour spent on admin is an hour not spent on the part of the business that actually grows revenue.

That's the gap a new generation of AI agents is built to close. OpenClaw and Hermes Agent are open-source tools that run in the background, hold memory of your business, and act on tasks without waiting for you to ask twice. Pair either one with a handful of supporting tools, and you get something close to a small team, for the price of a few subscriptions.

Why solo founders need an agent, not another app

Most AI tools you've used so far live in a browser tab. You open Claude or ChatGPT, ask a question, get an answer, then close the tab. The assistant stops existing the moment you stop typing.

An agent works differently. Once you set up OpenClaw or Hermes Agent, it keeps running, checking a task list, remembering what happened yesterday, and acting on a schedule instead of waiting to be prompted. For a solo entrepreneur with no employees, that difference matters more than which model sits underneath.

An agent doesn't replace you. Ideally, it should absorb the tasks that would otherwise eat your day, things like triaging support email, drafting a weekly update, or chasing an unpaid invoice. That frees you up for the work only you can do.

OpenClaw or Hermes Agent: Picking your AI co-founder

Two open-source projects dominate this space right now. They take different approaches to the same problem.

OpenClaw is the older, larger, and more battle-tested of the two. It started as a weekend project by Austrian developer Peter Steinberger in late 2025.

In February 2026, Steinberger announced he was joining OpenAI and that OpenClaw would move to an independent foundation rather than staying tied to any single company. The project's GitHub repository now sits at 373,000 stars and 77,300 forks.

Hermes Agent takes the opposite bet. It launched in February 2026 from Nous Research, the lab behind the Hermes, Nomos, and Psyche model families. By mid-June, it had crossed 190,000 stars of its own.

Instead of chasing breadth, it focuses on depth. After every task, it evaluates how the work went, turns whatever worked into a reusable skill file, and pulls from that file the next time a similar job comes up rather than reasoning from scratch.

How they measure up

In our experience, the honest answer comes down to setup time versus patience. OpenClaw's web search and file tools tend to work immediately after a Docker setup, often the same day. A full Hermes Agent setup with memory and tools configured typically takes a few hours instead.

Start with OpenClaw if you want results fast. Choose Hermes if you're willing to spend a weekend up front for an agent that keeps improving at your specific workflows.

A growing number of operators don't pick just one. Some experienced users run OpenClaw as the orchestrator for planning and multi-step coordination, then hand fast, repeatable task loops to Hermes as an execution specialist, with the two agents communicating over a shared protocol. That setup is overkill for a first attempt, but it's worth knowing the option exists once a single agent starts to feel limited.

What this looks like in practice

The clearest public example of an agent running a one-person business is Felix, an OpenClaw agent built by entrepreneur Nat Eliason. In January 2026, Eliason gave the agent $1,000 in startup capital and its own X account, then told it to build something and sell it overnight. Felix responded by writing a playbook on how to hire an AI agent, building a website to sell it, and launching its own social presence.

Three weeks in, Felix had generated $14,718 in revenue. Within about two months, that figure had grown to roughly $177,000 across the original product, a skills marketplace called Claw Mart, and custom agent deployments built for other businesses.

Eliason still holds the API keys and reviews what the agent does. Day-to-day decisions, from pricing to outreach, run through Felix rather than through him.

Felix is an extreme case, built specifically to test how far one agent could go without a human in the loop. Most one-person businesses won't hand over a Stripe account on day one.

That's the right call for most of them. Even so, the same pattern applies at a smaller scale: give an agent its own accounts, a narrow task, and enough room to act without you checking in every hour.

Building the rest of the stack around your AI agent

An agent is only as useful as what it can plug into. Most one-person stacks pair OpenClaw or Hermes Agent with a handful of tools that already expose an API, a webhook, or an email address the agent can act through. None of these need to cost much.

Scheduling and communication

Calendly remains a common default for letting people book time on your calendar without the back-and-forth, with a free plan for individual use and paid plans starting at $10 per month. Point your agent at the same calendar so it can answer "when am I free" without you checking manually.

For day-to-day messages, the agent typically lives wherever you already work. Both OpenClaw and Hermes Agent connect natively to WhatsApp, Telegram, Slack, and Discord, so you're adding a contact to a conversation you're already having, not a new inbox to check.

Invoicing and bookkeeping

Wave and FreshBooks cover most solo founders here. Wave's core invoicing and accounting tools are free, with charges kicking in only if you use its built-in payment processing. FreshBooks costs a monthly fee but adds time tracking and client portals, useful once you start billing by the hour.

Either way, give your agent read access to the invoice list rather than write access to your bank account. Letting it flag an overdue invoice and draft a reminder is a reasonable task. Letting it move money on your behalf is not, at least not yet.

Customer relationships and leads

HubSpot's CRM is free, with no time limit on the core plan. For a founder tracking a few dozen leads, that's enough to replace a spreadsheet without adding a subscription. As the pipeline grows, the agent can sit on top of it, drafting follow-ups, logging calls, and flagging deals that have gone quiet.

Content and social media

This is where an agent earns its keep fastest, because content work is repetitive and time-stamped. Point it at your newsletter platform, whether that's beehiiv, MailerLite, or ConvertKit. Give it a standing instruction to draft, not send, a weekly update from your week's notes.

You stay the editor. The agent stays the drafter.

Contracts and signatures

For anything that needs a signature, tools like PandaDoc or SignNow handle the legal side. Your agent can handle the busywork around it instead, generating the draft from a template, sending it out, and nudging a client who hasn't signed after a few days. We'd still keep a human checking the final terms before anything goes out the door.

AI guardrails you need before you go all-in

Running an autonomous agent is not the same as running a chatbot. The security record so far reflects that. A 2026 audit of OpenClaw's skill marketplace found 341 malicious entries out of 2,857 skills checked, traced largely to a single supply chain campaign known as ClawHavoc.

A separate vulnerability, CVE-2026-25253, scored 8.8 out of 10 on the severity scale and involved unsafe automatic connection behavior that could expose authentication tokens. Cisco has publicly described personal AI agents in this category as a serious risk for enterprise environments, specifically because of how much access they're given by default. Hermes Agent has reported no known critical vulnerabilities as of mid-2026, though that partly reflects its smaller install base rather than proven hardening over time.

Three habits cut most of that risk down to size:

• Give the agent its own accounts. A separate email address, a separate cloud storage folder, and separate API keys mean a mistake stays contained instead of spreading into your personal accounts.
• Start with one channel and one task. Let it manage a single Telegram conversation or a single invoicing workflow before connecting it to your bank, your CRM, and your domain registrar all at once.
• Keep it updated and keep it behind authentication. Both projects ship fixes quickly once a problem surfaces, but only if you're running a current version rather than an old build exposed to the open internet.

Treat the access you grant an AI agent the way you'd treat access for a new hire — useful from day one, but earned in stages rather than handed over all at once.

Getting started without breaking anything

Pick one agent and one task before you do anything else. People who've run these setups for months consistently recommend starting on the computer you already own rather than buying dedicated hardware, then moving to a small server later if the agent earns a permanent home.

Give it its own email address and a single connected channel, such as Telegram, before anything else. Ask it to handle one real task for a week: drafting follow-up emails, summarizing your inbox each morning, or chasing one recurring invoice. Once that task runs reliably without daily intervention, add the next one.

Treat the agent like a new employee rather than an extension of yourself. Give it accounts you'd be comfortable revoking, not your own logins.

That one habit prevents most of the damage a misconfigured agent could otherwise do. By the time you've added a second and third task, you'll have a clearer sense of which platform fits your workflow than any comparison article could give you, including this one.

The bottom line

Hiring your first real employee usually means payroll, onboarding, and months before they're fully useful. Setting up OpenClaw or Hermes Agent costs a few hours and, in OpenClaw's case, nothing beyond compute.

Obviously, the output won't match a skilled human on judgment calls, but for the repetitive parts of running a business, the gap is closing fast enough that a solopreneur can get their business out the door without overhiring before they are ready.

Start small, watch what the agent actually does with the access you give it, and expand from there. We've noticed the founders getting the most out of this approach aren't running the most complicated stack. They picked one agent, gave it one real job, and let it prove itself before adding the next.

• Cloudflare and web browsers to develop new internet protocol
• PACT protocol will help to verify legitimate web access from human and bots
• Users will be given an anonymized "personhood" token to show they have a real reason to access a website

Now that bot traffic on the internet has officially surpassed human HTTP requests, both web browsers and web infrastructure providers agree something needs to be done, especially as AI agents enter the fray.

Today, Cloudflare has announced a joint initiative with Mozilla Firefox, Google Chrome, and Microsoft Edge to launch a new internet protocol designed to verify if web access is legitimate or malicious - without intruding on user privacy.

Private Access Control Tokens (PACT) will act as anonymous tokens that verify legitimate access by both humans and authorized agents without the need for user logins or CAPTCHAs that cause friction and harm the browsing experience.

Cloudflare establishes PACT with web browsers

To start, PACT won’t deny access to automated traffic completely. According to Cloudflare, the protocol is designed to recognize legitimate access from certain bots. As consumers and businesses turn to new automations provided by AI agents, there is still a legitimate case for allowing certain bots to access websites.

For many AI agents, there is still a human at some point in the loop with a real reason for accessing a website. PACT offers an anonymous “personhood” token that is attached to the user’s browser. This token uses “trusted information from contexts that have authentic relationships with people” to verify legitimate access “while keeping that information private.”

StatCounter places the combined market share of Chrome, Firefox, and Edge at around 77%, meaning that the PACT protocol will likely roll out to the majority of internet users.

“PACT will further empower businesses to identify genuine visitors, ensuring they can focus their resources on the traffic that matters to them,” CloudFlare said in the announcement. “Using PACT on Cloudflare’s network raises the bar for trustworthiness and integrity online without the traditional costs.”

“In commerce, every extra challenge, delay, or false positive can turn a purchase into an abandoned cart. Merchants need effective protections against automated abuse, but buyers shouldn’t have to pay for them with unnecessary friction or invasive tracking,” said Ilya Grigorik, Distinguished Engineer at Shopify.

“Shopify is proud to help develop PACT as an open, privacy-preserving standard that can help the millions of businesses on our platform distinguish legitimate shoppers and authorized agents from abusive traffic while preserving buyer privacy."

• 500k+ hours of Ukraine war drone footage to be used for AI training
• Real-world data provides deeper context and higher quality than synthetic data
• Ukraine officials believe in a "war of operating systems" where training data matters

Virginia-based AI firm Enabled Intelligence says it's added more than 500,000 hours of Ukraine war drone footage to its EView platform to help train models.

The real-world data is hoped to provide better-quality training to the computer vision and video analysis models, instead of having to rely on synthetic data, in a bid to improve the efficacy of AI-powered drones in modern warfare.

"It’s footage from one of the most complex and dynamic conflicts in modern history," CEO Peter Kant explained (via DefenseScoop), noting that the training data hasn't come from a simulated or controlled environment.

Ukraine war drone footage used to train AI drones

Kant explained that footage will help train models across "aerial object detection, vehicle classification and ground activity," and that it's pre-labeled, validated and ready for training use. It gives the models more experience handling changing conditions like weather, smoke, dust, damaged infrastructure and other dynamic environments.

Artificial intelligence has broadly changed how militaries benchmark weapons, because it's no longer about who has the best drone. Dataset quality is an even bigger differentiator when it comes to autonomous warfare.

As for the Ukraine war's role in the training dataset, it marks one of the most drone-intensive wars to date with thousands of drones operating daily and generating huge amounts of real-world data.

The evolution also highlights an emerging competitive advantage for certain countries – those involved in conflict early on in AI's timeline can generate enormous amounts of real operational data before enemies, putting them one pace ahead.

"The system ⁠that possesses more data and better understands that data, proposes solutions — that system will gain the advantage over the other," head of Ukraine's defense ministry's AI center Danylo Tsvok told Reuters, referring to a future where we could see a "war of operating systems."

• OALABS analyzed a novice attacker’s full working directory showing 14 breaches carried out with Claude Code and Codex agents
• Attacker used vague prompts; AI agents handled reconnaissance, exploit writing, and data harvesting, bypassing guardrails with ease
• Logs revealed attacker’s identity and location in Addis Ababa, Ethiopia

A newbie cybercriminal managed to break into 14 organizations and steal sensitive data, just by using Anthropic’s Claude Code and OpenAI’s Codex agents. This is according to cybersecurity researchers OALABS, who recovered and analyzed the attacker’s entire working directory.

The researchers used this news as yet another proof that advanced Generative Artificial Intelligence (GenAI) models are significantly lowering the barrier for entry into cybercrime, and to sound the alarm that the security community needs to step up.

“In many cases, the attacker supplied only vague, low-skill prompts and allowed Claude to fill in the gaps: researching exposed services, identifying possible vulnerabilities, writing exploit code, validating access, and harvesting data,” the researchers said. “The attacker did not need to be an expert operator; they simply had to use the correct framing for their prompts. The agent supplied much of the structure and technical execution that the attacker appeared to lack.”

Doxxing the attacker

OALABS could not find evidence that the stolen data was monetized in any way, either by being sold on the dark web, or by extorting the victim companies. They did, however, find numerous pieces of evidence about the attacker’s identity and whereabouts.

According to the researchers, the attacker did not run the AI agents on his own infrastructure, but rather on a third-party server, and when that third party discovered malicious activity, they downloaded the entire working directory and shared it with the researchers.

“Because the agents were local to the host, their full session logs were recovered, including the attacker’s prompts, the tools used, the internal monologue of the large language model (LLM), and any policy violations recorded during the sessions,” the researchers said.

OALABS was thus able to analyze more than 1,000 agent sessions, seeing how the attacker was able, with ease, to bypass most of the agents’ guardrails. Among the sessions were also the threat actor’s CV with his full name, location, education history, and LinkedIn profile, as well as his IP address which showed that he was located in Addis Ababa, Ethiopia.

Via Helpnet Security

• A Microsoft Outlook update for Mac has broken email replies
• Users are struggling to load replies
• The issue impacts Outlook for Mac version 16.110, build 26061317

If the update to Microsoft Outlook released last week has some you scratching your head, wondering where the previous email replies have gone, you’re not alone.

An update to the email provider last week has caused previous replies to disappear, and a fix is yet to be released.

The error seems to be confined to Mac users running version 16.110, build 26061317. The only known fix at the moment is to switch back to the previous version of Outlook for Mac, and (temporarily) disable automatic updates.

Update breaks replies on Outlook for Mac

Multiple users have shared their frustrations on Microsoft’s Tech Community and Learn forums, stating that the lack of replies is impacting their ability to properly reply to emails, or to forward email chains on to colleagues.

Luckily, there is a way to get around the issue which was helpfully pointed out by a Microsoft Forum moderator. By rolling back to the previous version of Microsoft Outlook for Mac, replies and email chains are restored. But you will have to turn off automatic updates to prevent Outlook from upgrading again to the broken version.

How to roll back your Microsoft Outlook for Mac

• Navigate to Update history for Office for Mac using this guide
• Revert your Outlook to version 16.109.3 or older using the steps provided here
• Turn off automatic updates on Legacy Outlook for Mac by navigating to Help > Check for Updates, and then uncheck ‘Automatically keep Microsoft apps up to date’
• Once a fix is rolled out, don’t forget to re-check the automatic updates

Until an official fix is released, this appears to be the only way to load replies on Outlook for Mac. Any updates from Microsoft will be posted here.

If your organization has certain administrative barriers enabled, you may not be able to remove the current version of Outlook.

Via The Register

Retail fraud used to be relatively straightforward.

A stolen card, a fake account, or a suspicious transaction pattern that could be flagged and blocked before serious damage was done.

That version of fraud is still present, but it is no longer the main problem.

What’s appearing now is something more coordinated, automated, and harder to detect in real time: AI-powered fraud rings that behave less like individual bad actors and more like distributed systems.

They test, adapt, and scale in more sophisticated ways that increasingly mirror the technologies retailers themselves are adopting.

Fraud is no longer just responding to ecommerce; it’s evolving alongside it.

From isolated fraud to coordinated systems

For years, fraud prevention has largely focused on individual events: a suspicious login, a stolen card attempt, a bot probing checkout flows. But that model is breaking down.

What is now emerging is coordinated fraud activity that behaves more like a network than a series of isolated incidents. These groups combine automation, synthetic identities, and increasingly realistic AI-generated content to simulate genuine customer behavior at scale. The result is not only more fraud, but fraud that blends into normal digital traffic.

At the same time, fraud rings are executing high-velocity attacks that look more like engineered systems than opportunistic crime. One recent example involved an estimated $4.2 million in fraudulent activity over 48 hours, driven by synthetic identities, spoofed devices, and rapid transaction flows reaching around 180 per minute.

What is notable is not only the scale, but the structure. These are not isolated attempts. They are coordinated operations designed for speed, repetition, and adaptation.

AI is lowering the barrier to fraud

The most important shift is accessibility, as well as scale. Generative AI has significantly lowered the barrier to entry for fraud. Tasks that once required technical expertise or coordinated effort can now be executed using widely available AI tools.

Fraudsters can generate synthetic identities, fabricate supporting documents, and create convincing digital artefacts that simulate legitimate customer behavior in a matter of minutes. This includes everything from account creation to behavioral patterns across browsing, purchasing, and post-purchase interactions.

One of the clearest examples is the rise in returns abuse, which has increased by 15% in the past six months, largely driven by the ease and scalability of AI-doctored images.

In practice, this means fraudsters can submit highly realistic images of cracked, damaged, even moldy, or malfunctioning goods. These images are often convincing enough to pass initial review processes, particularly when combined with legitimate order histories or stolen account credentials.

In several documented cases, fraud rings have used newly created accounts to purchase low-cost goods, then submitted AI-generated images to claim refunds without returning the product. In some instances, empty boxes are shipped back instead, all while refunds are still processed.

Another coordinated operation targeting home goods and fashion retailers used a similar approach at scale, generating approximately $800,000 in fraudulent refunds through repeated low-value claims designed to avoid detection thresholds.

Individually, these cases may appear manageable. But collectively, they show a clear trend: fraud is increasing in sophistication and scale.

The shift toward agent-driven commerce

The next phase of this evolution is already on its way, and it’s closely linked to the rise of autonomous digital agents.

Over the second half of 2025, agentic activity surged by over 2000%. While much of this growth is tied to legitimate use cases such as shopping assistants and automated customer workflows, it also introduces a new layer of complexity for fraud detection. The same systems that allow agents to complete purchases on behalf of consumers can also be manipulated to automate fraud on a larger scale.

Instead of manually creating accounts or placing orders, fraudsters can now orchestrate entire attack chains using agent-based automation. This changes the nature of fraud from individual actions to continuous, self-executing systems. This matters because it shifts the detection problem. When fraud resembles legitimate automation, the distinction between genuine and malicious activity becomes harder to define using traditional rules.

At the same time, retailers are already seeing fraud patterns adapt to this environment. Attackers are increasingly mimicking normal customer journeys, spreading activity across devices, accounts, and timeframes to avoid detection. The result is a system where fraud does not look like fraud until after the fact.

Why traditional fraud tools are falling behind

Most existing fraud detection infrastructure was not designed for the current conditions as they stand. They rely heavily on static rules, historical patterns, and known indicators of malicious activity. But AI-led fraud doesn’t necessarily follow predictable patterns. It adapts in real time, varies its behavior based on changes in the attack surface, and can scale in ways that overwhelm rule-based systems.

Even machine learning models trained on historical fraud data struggle when faced with synthetic behavior that has no direct precedent. This creates a widening gap between how fraud actually operates and how it is detected.

Consequently, many retailers are forced into reactive positions, identifying fraud after fraudulent transactions have already been completed rather than preventing it in real time. This is particularly challenging in areas like returns and refunds, where fraud is often indistinguishable from legitimate customer claims at the point of interaction. The core issue lies in timing alongside detection accuracy.

What comes next for digital trust

The trajectory of fraud is closely tied to the progression of ecommerce itself. As AI agents take on a larger role in how consumers find, compare, and buy products, retailers face a more complex question than simply whether a transaction is legitimate.

They need to determine who, or what, is actually behind the transaction. Is it a real customer? A legitimate AI assistant acting on their behalf? Or a synthetic system designed to imitate both?

The challenge now is no longer just detection, but judgment in real time. Because in an environment shaped by AI on both sides of the transaction, risk and verification can no longer sit at a single point in the process. They must be continuously reassessed throughout the customer journey.

Manage customers for a new business more effectively with the best CRM for startups.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

You typed a few prompts into an AI tool and watched it build something that works. Maybe you've shown it to early users, or pitched it to investors who got excited about the demo. Now you're stuck on the harder question: is this thing actually safe enough to put in front of real customers?

The tools that got you this far were built for speed, not durability. Production means real payment details and real consequences when something breaks at 2 am.

This guide walks through the steps that close that gap, from auditing what the AI actually built to choosing where it finally goes live.

Why prototypes break once real users arrive

A vibe-coded demo and a production application can look identical on screen and still be entirely different things underneath. Veracode's 2025 GenAI Code Security Report tested output from more than 100 large language models and found that 45% of the code samples introduced a known security flaw.

Some of that risk has already turned into real incidents. A 2025 flaw in the AI app builder Lovable, tracked as CVE-2025-48757, left more than 170 live applications with exposed databases because the AI-generated backend skipped row-level security checks. A separate platform, Moltbook, leaked 1.5 million authentication tokens through improperly secured API responses.

Security isn't the only failure mode, either. In mid-2025, an AI coding agent on Replit deleted a live production database belonging to SaaStr founder Jason Lemkin, wiping out records for more than 1,200 executives and nearly 1,200 companies during an active code freeze.

None of this necessarily means AI-generated code is unusable. It means the gap between "it works on my screen" and "it works for everyone else" needs a deliberate process to close.

1. Audit what the AI actually built

Before changing anything, read through what you have. Open every page, every API route, and every database table, and get an honest picture of what's solid and what's held together with good intentions.

You're looking for a few patterns in particular. Business logic that lives inside front-end components instead of a proper backend layer, database tables with no clear ownership rules, and features that were quietly removed but left their API endpoints active are the most common issues vibe coding tools leave behind.

Pay close attention to your data model at this stage. Schema problems are simple to fix while you have a handful of test users, and expensive to fix once thousands of real accounts depend on the structure staying the same.

Check your dependencies while you're in there. AI coding tools tend to pull in libraries without explaining why. A project can end up with three different packages doing the same job, with none of them checked against known vulnerability databases before launch.

2. Close the security gaps first

Security should come before new features, not after. AI coding tools optimize for what works, not what's safe, so the gaps they leave are predictable and worth checking in order.

Start with secrets. GitGuardian's State of Secrets Sprawl report found that 28.65 million new credentials were leaked on public GitHub in 2025 alone. Most of those stay valid for years after they're exposed.

Search your codebase for API keys, database passwords, and tokens written directly into files, then move every one of them into environment variables that never reach the browser.

Authentication and authorization come next. Security researchers at Invicti have found that AI-generated apps repeatedly ship with authorization checks that are missing, weakened, or applied inconsistently across endpoints. The Cloud Security Alliance recommends verifying that every API route checks for a valid session before it does anything, and that user-supplied input gets sanitized before it touches a database query.

A short list to work through before you go any further:

• Every secret lives in an environment variable, never in client-side code
• Every API route checks who's calling it, not just whether they're logged in
• Database tables have row-level security or equivalent access rules, not just a flag that says it's enabled
• Form fields and URL parameters are validated server-side, not just in the browser
• Error messages shown to users don't leak stack traces or database structure

3. Set up real environments and version control

Most vibe-coded projects deploy straight to a single live URL, with no separation between testing and production. That setup works fine for a demo. It's also exactly what turned a routine mistake into the Replit database incident described above.

Set up at least two environments before you go further: a staging copy where changes land first, and production, which only gets updated deliberately. Most major tools, including Lovable, Bolt, and Replit, support exporting your code to GitHub, which gives you version history and a way to roll back a bad change in minutes rather than hours.

If you're not ready for a full CI/CD pipeline, even a simple two-question habit before every deployment helps: Did I test this in staging? Do I have a recent backup?

The point isn't bureaucracy. It's about having a way back if a change goes wrong.

4. Test beyond the happy path

AI tools are good at building the path you describe and bad at anticipating the one you didn't. Testing a vibe-coded app means deliberately trying to break it, not just confirming the obvious flow works.

Share the app with a handful of real users early, before every feature is polished. One founder building on Convex Chef found that users balked at an "anonymous login" pattern the AI had quietly baked into the architecture, a problem that would have been a quick fix at the prototype stage and a major refactor once real accounts depended on it.

Beyond user feedback, check what happens when two people edit the same record at once, or when an API call times out halfway through. These edge cases rarely show up in a demo. They're exactly what production traffic finds within days.

You can use the same AI tool that built the app to help write these tests, since describing a failure scenario in plain language is no different from describing a feature. Ask it directly to find the weakest points in what it built rather than only asking it to add new features, since those are different prompts with different incentives.

5. Choose your deployment and hosting setup

Most vibe coding platforms offer one-click hosting on their own subdomain, which is fine for sharing a demo and limiting it for a real product. Lovable, Bolt, and Replit each let you keep that built-in hosting or export to your own infrastructure on Vercel, Netlify, or a server you control.

The decision usually comes down to control versus convenience. Built-in hosting means faster updates and no DevOps work, but custom domains and SSO are often paid add-ons. You're also tied to that platform's uptime and pricing.

Exporting your code means more setup work upfront, but it gives you a portable codebase that doesn't disappear if the platform changes its terms or shuts down.

Portability also varies a lot between tools. One comparison of vibe coding platforms ranked v0 and Lovable as having the least platform lock-in thanks to standard React code and two-way GitHub sync, while some other builders couple your app more tightly to their own hosting and database setup. Check this before you build anything you intend to keep.

6. Monitor, back up, and plan ahead

Once you're live, the work shifts from building to watching. Set up basic logging so you can see what broke and when. Make sure error messages reach you rather than disappearing into a console no one checks.

Backups matter more than most people realize until they need one. Test your restoration process before you need it for real, not after. The Replit incident only ended well because Lemkin was eventually able to recover his database manually, after the AI agent first told him that recovery wasn't possible at all.

A practical pre-launch checklist

Vibe coding tools shrink the cost of building software, often by an order of magnitude. Independent estimates put a professional rebuild of a successful vibe-coded prototype at roughly $5,000 to $30,000, compared with $75,000 or more for an equivalent app built from scratch by an agency.

But that gap is worth paying once your app handles money, health information, or any data covered by regulation. It's also worth paying once you're adding features faster than you can verify they're safe, or once "I don't know why this works" becomes a regular answer to your own questions about your own product.

FAQs

AI agents are reshaping how enterprises automate work, but their effectiveness depends on access to sensitive systems and data.

The paradox is that granting them the permissions they want creates new attack surfaces that organizations aren’t yet equipped to handle.

This is the defining tension of the AI era.

AI agents are proliferating across enterprises with 91% of organizations already using them yet only 10% have a clear IT management strategy in place.

This gap matters because as these systems grow more autonomous and more deeply embedded in workflows, enterprises are operating without clear visibility, meaningful oversight and control over how their AI agents behave.

The access problem

Our recent research revealed how agents running on OpenClaw, an open-source AI agent automation platform, could expose credentials and leak sensitive information when attackers compromised the communication channels controlling them.

To appreciate the scale of this risk, we must first understand the platform itself. OpenClaw combines a chatbot-style interface with access to external tools and large language models.

Users can then configure agents to browse the web, read and write files, manage inboxes, execute commands, or interact with other machines. In many cases, they’re designed to operate autonomously with minimal human oversight.

That level of access is what makes agents powerful, helping many to manage everyday admin and time-consuming tasks. However, this power is a double edged-sword and can make them a risk to businesses.

When agents become attack surfaces

Agents need access to tools, accounts, applications, the web and more to be useful. Often, this means an agent needs access to secrets: API keys, personal access tokens, credentials, .env files, OAuth tokens.

The agents/models are by default prompted to be as helpful as possible, and that characteristic starts to pose some particular concerns when it comes to credentials and tokens. If an agent such as OpenClaw can’t access a resource, it will ask for credentials right in the chat, exposing those secrets within the context window. Agents will happily store API keys in their unencrypted configuration files, which information-stealing malware is starting to target.

Remote access capabilities could effectively create a back door into enterprise environments. If an attacker gained access to the communication channel controlling an agent, such as a messaging or remote access platform, they could potentially gain access to everything the agent itself could access. In an enterprise context, this is a nightmare.

The paradox of recognized risk

Perhaps the most revealing finding was that some agents recognize risky behavior while simultaneously carrying it out. This underlines how their decision-making ability and autonomous operations can be a business risk.

In one test, an agent correctly identified that exposing an OAuth refresh token through an unencrypted communication channel represented a serious security violation. But it then proceeded to share the token anyway before expressing concern about its own decision.

Organizations should not rely on the invisible guardrails that frontier model providers put around agents. They’re easily circumvented.

But an AI agent cannot divulge credentials that it doesn’t have access to. This is why the conversation around AI agent security cannot focus solely on stronger guardrails. Attackers are already finding ways to manipulate agent behavior through prompt injection, social engineering, and compromised communication channels.

Governance, not just guardrails

AI agents are essentially identities within enterprise systems and need to be managed as such. They perform actions and make operational decisions in ways that increasingly resemble human employees or privileged service accounts. Yet many organizations are deploying these systems without applying the same governance standards.

Most businesses already understand the importance of least-privilege access, audit logging, identity management, and access reviews for employees. AI agents should be subject to the same principles. That means limiting what agents can access, avoiding long-lived credentials wherever possible, and ensuring sensitive information is stored securely through centralized systems with human oversight.

Organizations also need visibility into where agents are deployed, what tools they can interact with, and how to disable them quickly if something goes wrong. If an agent goes rogue, there needs to be a “kill switch,” a way to immediately revoke an agent’s access to resources and shut it down.

Agentic AI systems could deliver major operational upsides, but deploying them without robust identity and access governance introduces significant security risk. As these systems become more deeply embedded across enterprise environments, organizations must stop treating them as experimental tools and start governing them as part of the digital workforce.

This means managing the full lifecycle of agents, from knowing which agents are deployed, what resources they access to and keeping a full audit trail so no one can say, “I don’t know what happened. The agent did it.”

There’s no reason why conventional security wisdom, such as the principle of least privilege, lifecycle management and robust logging, should be thrown out in an agentic age. In fact, it’s more relevant than ever.

We've tested and reviewed the best cloud storage.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• QiAnXin XLab uncovered “AryStinger,” malware exploiting old D-Link/Linksys router flaws (CVE‑2013‑3307, CVE‑2016‑5681) to build a proxy/reconnaissance network
• So far 4,300 routers infected, mostly in South Korea (48%) and China (32%), with QNAP NAS devices also targeted via CVE‑2025‑11837
• Compromised devices enable scanning, tunneling, and covert control; researchers advise monitoring logs, binaries in /tmp/bin, and suspicious processes like syswapd0h or syswapd0w

Cybersecurity researchers QiAnXin XLab are warning about an ongoing campaign to create a distributed reconnaissance and proxy network out of people’s routers and NAS devices.

The campaign targets outdated and unsupported routers (mostly D-Link and Linksys), powered by Realtek’s RTL819X chips which were a popular choice between 2012 and 2015. The attackers are leveraging two (ancient) vulnerabilities, CVE-2013-3307 in Linksys models and CVE-2016-5681 in D-Link ones, to infect the devices with a previously undetected piece of malware called AryStinger.

According to the researchers, AryStinger is used during the reconnaissance and planning stages of a more serious cyberattack. Devices infected with this malware can scan the internet, fingerprint services, enumerate subdomains, tunnel traffic, and run commands on demand, all while hiding the location (and true identity) of the attackers.

Targeting NAS devices

“Once compromised by malware like AryStinger that possesses reconnaissance and covert control capabilities, it is equivalent to a hacker placing a permanent "invisible listening device" and "attack springboard" within your network,” the researchers said.

QiAnXin’s XLab says that So far, AryStinger infected 4,300 routers, but stresses that this is not the final number and with the campaign ongoing, will rise even more.

The majority of the victims are located in South Korea (48%) and China (32%), with notable mentions being Sweden, Malaysia, and Singapore.

AryStinger also targets QNAP’s NAS devices, leveraging a code injection flaw in the device’s Malware Remover. This flaw, tracked as CVE-2025-11837, was first discovered during last year’s Pwn2Own event, and was patched in November 2025. The researchers don’t know how many of these devices are currently infected, and say the 4,300 figure only relates to routers.

The researchers did not attribute this attack to any particular threat actor.

To defend against AryStinger, the researchers recommend monitoring the logs for any outbound connections to the C2 and download domains (found here), checking /tmp/bin for unrecognized binaries, and looking for processes named syswapd0h or syswapd0w.

Via The Hacker News

• NordPass survey of 7,800+ users found 40–50% still store passwords in browsers for convenience
• This practice leaves credentials exposed to malware, account compromise, or device theft, especially with password reuse
• Experts urge switching to passkeys or dedicated password managers with zero‑knowledge encryption for stronger protection

Most consumers still store their passwords in the browser, despite the cybersecurity community’s repeated cries over the risky practice.

Recently NordPass, a company building a password manager, polled 7,861 people in Australia, Canada, France, Germany, Italy, Spain, the UK, and the US, on their password storing habits, and learned that the vast majority (between 40% and 50%) save their secrets just in their browser.

"Convenience and ease of use dominate as the top two drivers, confirming that browser password saving is overwhelmingly a comfort-driven behavior — with cost and passive auto-save prompts playing a secondary but consistent role," says Karolis Arbaciauskas, head of product at NordPass and its parent organization, Nord Security.

Password managers are a better option

Whenever a user creates, or types in a password, the browser would offer the option to store it. However, if the device is infected with malware, if the browser account gets compromised, or if someone gains access to the computer, these passwords can easily be stolen.

To make matters worse, NordPass says that many users set the same passwords across numerous services, creating a “digital house of cards that collapses if just one account is breached.”

For years now, the cybersecurity community has been recommending either the use of passkeys, or a password manager for more secure storage. NordPass says that a small percentage of respondents combine between browsers and password managers, in which the latter is more used as a backup option. However, that backup will do little good if the browser is compromised.

"Browser-based password managers are certainly a better choice than simply reusing or slightly altering the same password everywhere. However, dedicated password managers offer distinct advantages, such as encryption based on zero-knowledge architecture. This means all data is encrypted on your device before it ever leaves your computer or smartphone, ensuring that not even the developers can access your passwords — let alone anyone else," says Arbaciauskas.

How to store passwords securely

• Use a dedicated password manager
• Secure your password manager using two-factor authentication
• Make use of security checkup features to check for reused or weak passwords
• Always use a strong, unique password for each account
• Use dark web monitoring to check for leaked usernames, email addresses, and passwords

Scaling a billion-dollar company in Europe has historically been more difficult than it should be. Not because there aren't enough ambitious founders; rather, it’s because the conditions to scale, regulatory and funding constraints to name but two, have never fully matched the ambition.

However, the game is changing. AI is rapidly making those ‘constraints’ less relevant and with the rise of multi-agent systems, startups can operate with the capability of a larger organization.

The question now is no longer whether Europe can produce the next wave of ‘soonicorns’, (startups nearing a $1 billion valuation), but whether decision-makers are willing to abandon outdated models and build for an AI-native future.

If they do, we will soon see a new foundation for European startups, one where agility, enterprise-grade governance and AI-native architecture are baked-in from the outset.

The architectural opportunity

Europe is not short of successful startups. However, for the region to continue producing top players, we will need to see proactive change from companies - adding intelligent AI features to an existing process or product simply won’t be enough. It involves rebuilding a company’s organizational structure, something that’s only possible by multi-agent systems.

Startups no longer need to wait until they have the necessary resources to take on complicated operations. Instead, they can break those issues down into specific, identifiable problems and assign specialized AI agents to tackle them. These agents will be coordinated, efficient, and able to operate at a speed that is incomparable to a human team.

The knock-on effects are huge. Product cycles shrink and teams can concentrate their efforts on tasks that genuinely call for human judgement. Additionally, technical expertise is no longer restricted to well-funded teams, since vibe coding speeds up prototyping and AI lowers the barrier to building advanced systems. For Europe to take the lead on AI, it must start with its data foundations.

The database problem nobody is talking about

AI strategy is often the main topic of conversation in boardrooms across Europe – which models are appropriate, what use cases should be prioritized and which teams to hire. Infrastructure is often, mistakenly, absent from that discussion. In particular, the database infrastructure that the majority of companies are still developing and why it can be subtly hampering the startups with the greatest potential.

Traditional databases were designed for the past, built for slow applications, fixed infrastructure and data that is handled by humans. This worked well until AI agents came into the conversation.

AI agents require quick, dependable and instantaneous data access to perform real-time, complex actions. For startups attempting to scale quickly, building on the correct foundations is the difference between stalling and success.

The infrastructure conversation is finally catching up, with a concept known as lakebase designed to support this transition. It delivers the reliability of an operational database and the openness of a data lake in one centralized place, so teams can run transactions and analytics without juggling systems.

It enables fast access to data, scales easily through separated storage and compute, and fits modern development habits like instant branching and versioning. A lakebase gives founders an edge that previous startups never had; the opportunity for both their developers and AI agents to build, test, and ship applications quickly, without the constraints of old online transaction processing (OLTP) setups.

What founders must change now

With AI progressing at an unexplainable rate and investors asking questions, a knee-jerk reaction is usually to add a new AI capability to what currently exists. However, this is a short-term solution to a long-term problem.

Startups that approach AI as structural rather than an add-on will define what comes next. This involves raising challenging issues early on, such as how this business should be built if AI is doing a large amount of the work, rather than just what AI is capable of achieving for this product.

Instead of figuring it out after the company has scaled, founders are forced to make architectural decisions early, establishing what agents own and how they work together to make sure humans are kept in the loop.

It also means realising that governance and speed work in tandem. The entrepreneurs who incorporate guardrails early enough that they never become a barrier are the ones who grow the fastest. Integrated into the design from the start, enterprise-grade governance is a hidden competitive advantage. Instead of having to rush to catch up later, it enables you to scale with certainty.

Build it right or build it twice

The time has arrived for Europe, but it won't wait for businesses to continue bolting AI onto infrastructures that weren't designed to support it.

Soonicorns won't be determined by how much they raised, how many AI tools they have used or, how fast they delivered. They will be characterized by the caliber of the decisions made about AI-native architecture, AI agents, and whether or not humans are involved.

The tools are there and the market is shifting. Whether European founders are prepared to build with the same ambition they offer is the only true question that remains. When leaders build the appropriate unified data foundations, everything else will fall into place.

We've featured the best AI website builder.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Most companies don’t understand that today’s AI tools are capable of fundamentally transforming how daily knowledge work is done.

This is because they’re using AI in an unsophisticated way and aiming it at the wrong place.

But this level of transformation is already happening, as millions of knowledge workers have figured out, and as enlightened companies are starting to recognize.

To delve deeper, you first need to understand that most knowledge work is invisible. The essence of knowledge work—thinking, processing, judging, ruminating, planning, mulling—happens in workers’ heads, unseen.

Unfortunately, workplace AI is currently deployed into the knowledge systems that are visible, the outputs —emails, documents, chats, meetings, etc. It doesn’t matter how good the AI is, because when it operates at this level, it’s too late to really transform how the work is done.

To give a practical example, when you need to create a project deliverable, 80% of your effort is likely spent creating the first draft, with the remaining 20% polishing into a final deliverable. AI workplace assistants do a great job with that final polish (which we like, thank you). But to truly transform how work is done, you need AI to help with the underlying, unseen 80% effort used to create the first draft.

The real opportunity: A practical model for AI-driven work

The good news is AI is fully capable to help transform that 80%. This does not require waiting for “better” models or AGI. All you need to do is change how you’re using AI today, by integrating existing LLM-based tools into that invisible thinking portion of your work, rather than just keeping it at the surface-level work outputs.

While the AI vendors haven’t exactly made this intuitive (yet), using AI in this way has exploded in popularity since the beginning of 2026. In practice, the basic approach is to use AI the way software developers do, not as a one-off tool but as something that builds context over time.

Move beyond web-based interfaces where every conversation restarts from scratch

Create a centralized repository, put your critical files into a folder on the business computer which you give AI access to. Start with the classic things (deliverables, meeting notes, project plans, etc.)

Before doing any work, ask AI to interview you about your work style, what’s important to you and your personal preferences.

Review and refine AI’s understanding, ask it to scan through all your files to synthesize your latest thinking, ideas, story arcs, writing style and any other “intelligence” it can determine from your work. Review its findings and go back-and-forth until you feel it has a good understanding of you, your work and your style.

Build upon each session. A crucial step is having the AI tool understand this is not a one-time or manual exercise. Instead, a continued process to create, maintain, organize and update the files, based on what it learns about you over time, each subsequent AI session builds on all the work you’ve done together and what it has learned about you.

In essence, you are asking your AI to create a personal Wikipedia-style repository which gives your AI system an ever-growing continuous context library perfectly built and tuned just for you and your work.

Using AI like this doesn't require a new product or company, but a new way to leverage current tools. This is often called a “second brain”, “AI context vault”, “LLM-powered personal Wiki”, or something similar, and you can do this with any LLM vendor or product.

Most AI vendors now allow users to connect their LLM platforms into other business systems (like email, chat, document stores or productivity suites), which lets workers connect their personal knowledge systems into corporate apps and data.

Workers who use AI in this new way report fundamental shifts in the way they work within the first few hours. After a few days, many workers declare they will never go back to the “old way” of working again.

The tradeoffs to consider

Using AI to transform work in this way is not without its downsides, especially from the corporate perspective.

First, all the “classic” security complexities still apply: How do you know the AI did what it said it was going to do? How do you know it didn’t hallucinate? How do you trust it won’t spin out of control and email all your contacts with nonsense?

Addressing this involves many of the things you probably know but haven’t taken time to investigate yet, including configuring alternate accounts with restricted permissions for AI or setting clear guidelines for when and how AI-generated outputs will be reviewed.

This new process also requires asking workers to slow down and verify what their AI generates, which is pretty much the opposite of why they started using AI in the first place.

Another challenge is visibility. Much of the “back-and-forth” work - which previously happened in the open - now happens within the AI tool and the worker’s personal context vault, where it’s less visible to coworkers and management scrutiny. Individual workers view that as a positive, but to organizations, it can be a liability.

Lastly, when workers build personal AI context vaults using their personal AI subscriptions, the company can’t prevent the worker from taking all that context with them when they leave the company. Companies need to buy proper enterprise AI subscriptions which they can link to corporate SSO and DLP systems. The downside is that enterprise AI pricing is completely different from consumer pricing, and workers using AI like this via enterprise systems can easily consume thousands of dollars of tokens per month.

The bottom line is that today’s AI can fundamentally transform work, but only if there is a mindset reset around how it is being used.

This new approach introduces added complexity. Organizations will need to spend more time understanding, managing, and securing AI differently, but it’s clear that AI operating in this way is inevitable, so the time to start thinking about AI as a “second brain” is now.

We feature the best free office software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Significant skill shortages have more than tripled since last year
• Workers are even lacking in basic digital literacy and skills
• Four in five London companies are increasing training investment

In a survey of more than 2,000 London business leaders, one in two believe their workforce doesn't currently have the skills required to meet their AI adoption needs.

Though this is a decrease compared with 63% last year, it still leaves half of companies struggling to keep pace with AI.

However, the proportion of businesses reporting significant skill shortages rose to 15% this year, compared with just 4% last year, implying that even basic training isn't being taken care of.

The AI skill shortage is growing

According to BusinessLDN, this is the highest level recorded since the annual survey began. But besides significant skill shortages, more than a third (35%) also warned they face moderate shortages.

AI aside, 60% also noted a lack of advanced digital skills and 23% shared a lack of even the most basic digital skills, but while companies don't have the human capacity to develop AI strategies at this point, three in four have gone down the route regardless.

"While London businesses are embracing AI, many are finding it challenging to stay on top of their workforce skills needs given the pace of change," Policy Delivery Director for People and Skills Mark Hilton wrote (via the BBC).

It's this exact lack of digital and AI skills that could be creating jobs in the short term, though, because four in five (83%) businesses revealed they had job vacancies – an opposite narrative to multiple reports that argue AI is replacing entry-level roles. Supporting that, three-quarters (76%) don't expect to cut headcount, suggesting we could finally have reached a balance after earlier mass layoffs.

But while countless surveys reveal that companies aren't supporting their workers with the right upskilling schemes, London looks to be doing things differently with 81% planning to increase training investment over the next year.

The UK’s autonomous vehicle (AV) sector is entering a period of rapid acceleration. With London preparing for the rollout of driverless taxi services later this year, and regulatory backing strengthened by the Automated Vehicles Act, the shift from experimentation to deployment is becoming tangible.

That momentum is already visible on the capital’s streets. Waymo is currently testing its autonomous ride-hailing service in London, navigating complex urban environments ahead of its planned commercial launch. But as physical deployment accelerates, a more fundamental bottleneck is emerging.

The central challenge is no longer whether autonomous vehicles can navigate roads, but whether the industry can consistently demonstrate that they are making safe, compliant decisions in real-world conditions.

Without that capability, progress toward higher levels of autonomy will stall, regardless of how advanced the underlying driving systems become.

The industry’s hidden bottleneck

Recent incidents in London illustrate the challenge. Reports of an AV entering a taped-off crime scene in Harlesden, or repeatedly turning into a Shoreditch no-through road, highlight how unpredictable dynamic urban environments remain for automated systems. Modern AV systems already perform well at perception.

Using combinations of cameras, LiDAR, radar and AI models, vehicles can detect lanes, pedestrians and hazards with increasing accuracy, and AV companies have now logged tens of millions of autonomous miles globally.

However, the real challenge lies in the transition to Level 4 autonomy, where legal liability shifts from the human driver to the manufacturer. To secure regulatory approval and public trust, companies must be able to explain exactly why a system behaved the way it did in ambiguous situations, such as navigating a temporary road layout, conflicting signals, or unusual pedestrian behavior.

This is where current machine learning approaches fall short. While effective at pattern recognition, they typically operate as “black boxes,” offering limited insight into how individual decisions are reached. In a safety-critical sector like automotive, this lack of transparency creates a major commercial and regulatory constraint.

Manufacturers and regulators need definitive evidence that systems are acting in accordance with local road rules before they can deploy at scale.

The missing layer in autonomous intelligence

To bridge this gap, the industry is increasingly turning to knowledge-based AI, an alternative to large language models that uses carefully curated expert knowledge and structured reasoning to correctly answer complex, high-stakes questions.

Unlike purely data-driven models that infer behavior statistically from past training data, knowledge-based systems combine sensor inputs with explicitly defined rules, traffic laws and domain expertise. Rather than relying solely on probability, they enable vehicles to reason through decisions using structured logic.

That distinction is critical in autonomous driving, where edge cases are difficult to predict and regulatory scrutiny is high. While machine learning remains essential for perception and pattern recognition, knowledge-based AI provides a clearer chain of reasoning behind vehicle behavior.

Decisions can be traced directly back to the rules and logic that produced them, making systems easier to interrogate, validate, and audit.

In practice, this creates several advantages. Engineers gain greater visibility into how systems behave in complex scenarios, helping them identify failure points and improve performance.

It also makes systems easier to adapt for different markets, as local driving rules and compliance requirements can be updated through the reasoning layer rather than retraining or redesigning the entire AI system. This allows manufacturers to scale AV platforms more efficiently across jurisdictions.

From autonomous driving to auditable autonomy

Rather than replacing machine learning, knowledge-based AI acts as a supervisory reasoning layer, applying structured rules and safety logic to monitor and validate vehicle behavior in real time. The result is not simply a vehicle that can act autonomously, but one that can justify its actions.

And the implications extend well beyond autonomous driving. As AI systems are deployed in domains where decisions carry legal, financial or safety consequences, the question of how those decisions are produced becomes as important as the outcome itself.

This is already becoming a defining issue in sectors such as financial services and healthcare, where regulators increasingly expect companies to explain how AI-driven decisions are made.

Ultimately, knowledge-based AI enables AI systems to incorporate defined rules and reasoning into their decision making, rather than relying solely on statistical prediction. In autonomous vehicles, this could take the form of validating maneuvers against traffic laws before execution, but the same principle applies wherever decisions must be explainable, defensible, and auditable.

As AI becomes more deeply embedded in critical infrastructure and public services, the ability to evidence how decisions are made will move from a desirable feature to a baseline requirement across industries.

Proof over performance

The AV industry is often framed as a race to build vehicles that can drive themselves. Increasingly, however, the real challenge is building systems that can explain and justify their decisions in a way regulators, manufacturers and the public can trust.

Knowledge-based AI offers a definitive route to solving that problem. By combining machine learning with structured reasoning, it enables manufacturers not only to improve autonomous behavior, but to explain why systems acted as they did.

For the UK, long-term leadership in autonomous mobility will not be determined by perception systems alone. It will depend on which companies can deliver AI that is demonstrably safe, compliant, and auditable at scale.

We've featured the best AI tool.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

The reported cyber attack involving Canvas and the subsequent ransomware payment will inevitably trigger familiar debates around paying ransomwares.

Most organizations facing ransomware attacks avoid publicly confirming whether a payment was made. Even where payments occur, communications are typically cautious, limited, or deliberately ambiguous.

Admitting to a ransomware payment creates legal, regulatory, reputational, and ethical complications. It can invite scrutiny from customers, insurers, regulators, and shareholders. It may also create concern that the organization has become vulnerable to future extortion attempts.

On one hand, transparency can be viewed positively. Stakeholders increasingly expect honesty during cyber incidents, particularly where personal data is involved. Attempting to conceal the reality of an attack can create longer-term trust issues if details later emerge through other channels.

For many organizations, the decision to pay a ransom is ultimately driven by operational and financial calculations rather than principle alone. If they don’t have things like ransomware protection, backups, or logs it makes it an almost impossible task to recover.

Cyber insurers, legal advisers, and incident response firms may conclude that prolonged recovery, forensic investigation, service restoration, regulatory management, and reputational damage could cost substantially more than the ransom demand itself.

Pressure to restore services

In sectors like education, where downtime directly affects students, exams, coursework, and institutional continuity, the pressure to restore services quickly can become commercially and socially overwhelming.

That does not make payment risk-free or strategically desirable, but it does explain why some organizations determine that the immediate cost of disruption outweighs the uncertainty and expense of a prolonged recovery process.

However, transparency also exposes a more uncomfortable reality within modern ransomware incidents: it does in fact pay to be a cybercriminal.

Yet focusing solely on the ransom payment itself misses the larger issue.

This incident appears to reinforce a wider trend emerging across modern digital platforms: attackers are increasingly exploiting trust itself.

Reports suggest threat actors abused Canvas “Free-For-Teacher” accounts, leveraging a legitimate platform capability designed to support accessibility and adoption. Rather than forcing entry through traditional technical weaknesses, the attackers operated within accepted trust boundaries.

For education providers, this creates a particularly difficult balance. Platforms are intentionally designed to reduce friction for teachers, students, and external collaborators. Accessibility is part of the value proposition. However, the same openness that enables rapid adoption can also create opportunities for malicious actors to blend into normal platform activity.

This is not simply a security engineering issue. It is a governance issue around how digital trust is granted and monitored at scale.

Identity has become the primary security boundary

Cybersecurity strategies historically concentrated on protecting networks, endpoints, and data centers. Increasingly, those controls sit behind identity systems that determine who is trusted, what access they receive, and how quickly they can move through interconnected platforms.

Modern ransomware groups and financially motivated actors increasingly prefer credential abuse, social engineering, and exploitation of trusted workflows because they are often less visible than conventional intrusion methods. A valid account can bypass many of the controls designed to detect malicious behavior.

The challenge becomes even more pronounced in education as, unlike tightly controlled corporate environments, educational ecosystems are inherently decentralized. Institutions regularly support temporary users, external educators, contractors, collaborative learning environments, and remote access requirements. The result is a digital environment where trust relationships are broad by design.

That creates a difficult strategic question for providers and customers alike: how do you preserve accessibility without creating exploitable trust pathways?

The human consequences are often underestimated

Cyber incidents are still frequently measured through technical metrics: records exposed, systems encrypted, or hours of downtime incurred. Those measures rarely capture the wider societal impact.

In education environments, disruption affects students during formative periods of their lives. Exam preparation, coursework submission, academic continuity, and communication channels can all be interrupted simultaneously. Parents and educators face uncertainty around outcomes they cannot directly control.

There is also a more uncomfortable consideration in that educational platforms frequently contain data relating to minors. Even where sensitive information is not immediately weaponized, long-term exposure risks remain difficult to quantify. Personal information tied to younger individuals may retain value for years through identity fraud, social engineering, or future credential abuse.

The emotional dimension of cyber attacks is still poorly understood within many boardrooms because it does not fit neatly into conventional risk reporting.

The due diligence dilemma

Most schools, colleges, and mid-sized organizations cannot realistically perform deep technical assurance assessments against large SaaS vendors. Procurement teams are often left reviewing compliance certifications, security statements, audit summaries, and contractual language that may provide only partial visibility into actual operational practices.

This creates an accountability imbalance.

Customers remain responsible for protecting their own stakeholders and data, yet their ability to validate supplier resilience is constrained by commercial scale and information asymmetry.

That challenge is not unique to Canvas. It reflects a broader maturity gap across the SaaS market.

Many providers publish extensive security documentation, but external assurance still struggles to address practical questions such as: What assumptions are made about “legitimate” users? What controls exist around free-tier or trial account creation?

For customers, obtaining meaningful answers to these questions can be difficult without substantial procurement influence and the result is a market where trust is often inferred rather than verified.

The larger issue beneath the incident

The reported Canvas ransomware payment will understandably drive debate around criminal incentives and incident response decisions. Yet the more strategic question sits elsewhere.

The challenge for organizations is no longer confined to protecting infrastructure from external intrusion. It is understanding where trust is granted, how legitimacy is established, and what happens when a trusted platform becomes the weakest link in a much larger interconnected ecosystem.

That is not merely a cyber security concern.

It is becoming a fundamental business risk question about dependency, governance, and the fragility of digital trust at scale.

We've featured the best cloud antivirus.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• 94% of HR leaders predict new entry-level job creation as a result of AI
• Most see these roles evolving into AI supervisor roles
• Soft skills are most in-demand, training isn't keeping up

Although AI has proven to automate some of the lowest-value work, making it difficult for recent graduates to find jobs, new Cognizant and Pearson joint research suggests this could just be a temporary effect that could all be about to change, with an overwhelming majority (94%) of HR leaders expecting AI to create entirely new entry-level jobs in the next five years.

But the definition of entry-level work is also undergoing a change, with 96% believing they will evolve into supervisory and managerial roles.

More than 90% say middle managers will end up playing a critical role in redesigning these jobs and defining what work looks like.

Entry-level roles aren't going, they're just changing

A similarly high number (91%) of HR leaders have reported that employee demand for AI training has increased over the past year as junior workers seek opportunities to manage AI systems, however with only half (54%) of organizations providing AI training, they're not being supported.

As for graduates themselves, the most in-demand skills no longer come from specialized degrees. Nearly all (97%) hirers think adaptability, problem-solving and human judgment are now more important.

The report argues that organizations need to rethink how they support employees throughout their careers, but 60% admit their learning and development programs can't keep page with AI's pace.

"As work evolves, the most successful organizations will focus less on replacing tasks and more on building the capabilities that help humans and AI work together," Pearson CHRO Ali Bebo said.

While the study concludes that entry-level workers and graduates may not be at as much risk as they'd thought from AI, they could stand out from taking charge of their own upskilling as employers struggle to keep up.

AI is undoubtedly accelerating data scientists' work, but it is also quietly eroding how data science skills are built in the first place. As copilots, automated pipelines, and increasingly capable models take on more of the hands-on work, the role of the data scientist is shifting toward solution design and strategic problem-solving.

Although this may be a welcome evolution for those who have long earned their stripes in the field, it introduces a risk many organizations, as a whole, are underestimating—the loss of repetition and practice that makes this expertise stick.

By reducing first-hand experiences and the challenge of problem-solving, AI-driven automation risks weakening the foundational expertise required for true data science mastery and system-level thinking. According to research from Anthropic, developers who delegated tasks entirely to AI showed weaker learning outcomes even when productivity gains were modest.

For years, developing data science skills meant spending time close to the work. This entailed tasks such as cleaning up messy datasets, performing exploratory data analysis, manual feature engineering, interpreting model outputs, and diagnosing why a model is underperforming.

This kind of hands-on work may not always be efficient, but they are effective. Repeating steps, getting stuck, figuring out what went wrong, and iterating builds intuition and creates a deeper understanding. Repetitive, direct interaction with data, tools, and code transforms knowledge into proficiency, then mastery.

But there’s a tension emerging: the very aspects of AI that make practitioners more productive—automation, speed, and reduced manual effort—are also removing many of the repetitive, hands-on workflows that historically helped data scientists build technical depth and lasting expertise.

Warning signs

The impact on data scientists is immediate and somewhat invisible. When probable answers are just one prompt away, there's less incentive to internalize patterns or build the mental models that enable independent critical thinking and judgment.

Over time, practitioners can complete tasks with AI assistance but struggle to diagnose issues, adapt approaches to unfamiliar contexts, or evaluate whether an AI-generated output is actually correct. In a field where edge cases and ambiguity are the norm, that gap matters.

Without the necessary adaptations to recognize and maintain core expertise, organizations will start to see the warning signs appearing subtly in judgment, troubleshooting, and knowing when to question AI outputs.

How organizations shift their tech teams and data scientists towards thinking in systems as opposed to tasks while reinforcing those core technical competencies will make a difference in ensuring those warning signs won’t progress so far as being clear and obvious negative impacts on the organization.

Hands-on engagement reinforces understanding

This is where organizations need to be deliberate. Not every task needs to be fully automated. The goal isn’t necessarily to slow down AI adoption or force a return to purely manual workflows, but to ensure that as work becomes more efficient, learning doesn’t become incidental.

Here are three frameworks that can help leaders be more intentional about where and how skill practice happens, ensuring AI reinforces learning as well as efficiency:

At the organizational level, dedicate learning time to close the loop between assisted work, knowledge retention, and deliberate practice on fundamentals. If skill erosion is not visible in productivity metrics, then leaders should implement proficiency metrics and periodic assessments.

At the team level, peer and manager reviews are critical to create accountability for independent judgment. This entails reviewing not just outputs but also reasoning, and fostering an environment in which team members challenge each other to explain why things work.

1. At the organizational level, dedicate learning time to close the loop between assisted work, knowledge retention, and deliberate practice on fundamentals. If skill erosion is not visible in productivity metrics, then leaders should implement proficiency metrics and periodic assessments.

2. At the team level, peer and manager reviews are critical to create accountability for independent judgment. This entails reviewing not just outputs but also reasoning, and fostering an environment in which team members challenge each other to explain why things work.

3. At the individual level, the key principle is to preserve engagement with the problem and being deliberate about what parts of the work you stay close to and what you delegate to AI. In some cases, it’s valuable for practitioners to have a dedicated space to engage more directly with the underlying work, such as exploring data without automation or validating AI-generated outputs step by step. Anthropic's aforementioned research supports a specific version of this: Using AI to understand, not just produce.

Fostering these moments of deeper, hands-on engagement across organizations reinforces understanding and long-term capability in ways that passive consumption cannot.

Learning through action makes mastery possible

The AI era is redefining what it means to be a data scientist. As faster tools and more automated workflows unlock new possibilities, teams can focus on more complex problems. But expertise doesn’t emerge from speed alone. It is often best built through experience and a knowledge of fundamentals.

As organizations continue to embrace AI, the challenge is preserving the conditions that build real skills. The “old school” practices that once defined data science—hands-on work, repetition, and learning through friction—are the very mechanisms that enable mastery. Ensuring that work becomes easier without making technology expertise harder to achieve will be critical in the AI-driven future.

We've featured the best AI tool.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Amazon Prime Day is already delivering some welcome discounts across HP's printer line-up, with savings on everything from refillable ink tank models to home office workhorses and family-friendly all-in-one printers.

Topping the list of printers that grabbed my attention is the HP Smart Tank 5000 for $140 (was $190). Its refillable ink tank system prints thousands of pages without cartridges, while wireless printing, scanning, copying, and AI-enhanced page formatting make everyday use refreshingly simple.

I've selected three other HP printer deals, too, ideal for the home and home office - and they all have very impressive discounts ahead of Prime Day.

Today's top HP printer deals

For families printing homework and photos, the HP Envy 6155e offers automatic two-sided printing, wireless connectivity, borderless photo support, and a three-month Instant Ink trial make it a terrific choice for everyday home printing.

Anyone running a home office should consider the HP OfficeJet Pro 8139e, which handles printing, scanning, copying, and faxing. Elsewhere, it features automatic document feeder, duplex printing, smartphone app support, and full year of Instant Ink provide plenty of convenience for regular workloads.

The HP Envy 6555e is similarly rich with features and a superb all-rounder for the home and home office, thanks to automatic duplex printing, a 35-sheet document feeder, wireless connectivity, and a three-month Instant Ink trial. It offers an excellent balance between family printing and light office tasks without taking over your desk.

Whether you print school projects, business reports, or family photos, these Amazon Prime Day HP deals cover almost every need and budget.

Adding months or even years of included ink makes the savings even sweeter, giving you far more than just a lower price on the printer itself.

For more picks, check out our guides to the best HP printers and best home printers.

• Shop all inkjet printers at Amazon

The retail industry is about to lose one of its oldest assumptions: that the shopper at checkout is definitely a human.

30 to 45 percent of U.S. consumers already use generative AI for product research and comparison, and that reliance will inevitably become more pronounced at checkout.

Agentic commerce is beginning to find its way into more consumers’ buying journeys as they look for new ways to shop.

If this new way of shopping maintains its pace, agentic shoppers could make up $190 billion to $385 billion in U.S. ecommerce spending by 2030.

AI agents aren’t only an emerging trend, they are becoming a new class of customer in the commerce ecosystem. But retailers' platforms and websites were not built for this kind of machine-led activity.

There are new pressures building on merchants to rethink and redesign their systems to support autonomous agents and avoid misclassifying legitimate traffic as risky when humans become more hands-off in their buying journeys.

Besides the challenge of becoming discoverable by AI agents, retailers need to be able to verify who is making transactions at checkout when the “shopper” is actually a machine.

That requires understanding which agents are authorized, which ones are malicious, and which ones represent real, valuable customers.

AI agents break the traditional trust model online

The status quo of online retail is being disrupted by AI agents, not because they introduce fraud directly, but because they break the signals merchants have relied on to measure trust for years.

Protocols and identity layers look increasingly different as agents operate in ways that can make them look like suspicious automation under today’s fraud rules. As agents make transactions using APIs rather than typical browsing flows, behavioral analytics loses its predictive power.

In many cases, the usual browsing journey that these brands have used to infer trust simply won’t exist. Retailers can’t assume that the agent is acting on behalf of a legitimate human without proof, so the question shifts from: “Is this user real?” to “Is this agent authorized to act for this user right now?”

The data already points to why this matters: By the end of 2025, online orders driven by LLM referrals were up more than 1,000% year over year. Even so, purchases executed by bots still make up fewer than 1% of all orders.

This is more than a shift in volume. The models that have been trained on human behavior patterns and to recognize bots as bad traffic now struggle when the “user” is a bot with no history and no trusted profile. The data gap creates a dual risk, more fraudulent activities slipping through, and more legitimate orders being declined.

The infrastructure behind agent-safe commerce

Retailers need to start treating AI agents as a new kind of digital customer in their trust systems. This requires an architecture that can authenticate which AI platform or agent is initiating a transaction, rather than treating all machine-driven interactions as anonymous bot traffic.

Ecommerce teams need to focus on providing machine-friendly commerce data with details like product pricing, in-store availability, shipping rules, and return policies that are well-structured, so agents can easily interpret them.

More importantly, they need to distinguish between three categories of activity, malicious automation, authorized agent-driven transactions, and blended human-agent behavior. And they need a way to instantly differentiate between automated threats and AI agents buying on behalf of valuable customers.

The hidden risk: blocking the next wave of customers

It’s a common misconception that the biggest threat retailers are facing is fraud, when the greatest risk is rejecting legitimate orders. What we are seeing now is retailers accidentally blocking agent traffic because it closely resembles typical bot traffic, which means they are losing visibility into how they are being recommended and selected and ultimately into transactions themselves.

Retailers need better classification systems that can separate hostile automation from authorized intent. This requires a more agent-ready commerce stack in five key areas:

Audit the stack for agent readiness: review product data, API accessibility, and machine-readable content to identify where trust breaks across the buying journey

Verify the agent behind the transaction: confirm the identity of the platform or service initiating the order (e.g. ChatGPT, Claude, etc.)

Prove the shopper’s permission: ensure the agent is acting with explicit authorization with controls around limits and categories.

Modernize fraud models for machine-led behavior: optimize classification accuracy, so legit agent-assisted orders aren’t treated like fraud.

Extend trust controls beyond checkout: prepare for agent-driven returns, exchanges, order edits, or support requests.

If retailers implement these steps, they are moving in the right direction to redesign the shopping experience and rebuild the infrastructure beneath it, so they can capture and not block agent-driven demand.

Machine-led commerce is on the horizon

For now, retailers and ecommerce merchants have time to adjust their strategies before agentic commerce enters a mature stage. The shift will start in narrower, repeatable purchase categories, but as the adoption grows, a competitive gap will emerge between retailers that prepared well, and those that didn’t.

To gain that advantage, online brands that modernize their identity, authorization, and risk infrastructure now will be in a better position to support machine-led transactions without adding any friction for the customer behind them.

The retailers that get this right will reduce fraud while capturing a new class of customers. Because even if shopping is done by machines, trust will still need to begin and end with the human customer.

We feature the best credit card processing.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit