• AWS becomes the first cloud provider offering rentable PCIe 6.0 processors
• Graviton5 combines 192 Arm cores with 96 PCIe lanes
• Memory bandwidth exceeds 800GB/s across AWS's latest server platform

AWS has quietly achieved a milestone that neither AMD nor Intel reached first in commercially available cloud infrastructure by deploying a PCIe 6.0-capable processor.

The company's Graviton5 CPU is now generally available through Amazon EC2 M9g and M9gd instances, allowing customers to rent PCIe 6.0 hardware by the hour.

While that development sounds significant on paper, practical benefits remain difficult to identify for most users at the current stage of deployment.

PCIe 6.0 arrives in the cloud before it reaches most hardware

Graviton5 was developed by Annapurna Labs and adopts a chiplet design built on TSMC's 3nm manufacturing process technology.

The processor combines four compute dies containing 48 Arm v3 cores each, bringing the total core count to 192.

AWS says each core carries 1MB of dedicated cache, while the platform integrates 12 DDR5 memory channels operating at speeds up to DDR5-8800.

According to company figures, the memory subsystem can deliver more than 800GB/s of aggregate bandwidth across demanding workloads.

The processor also includes 96 PCIe 6.0 lanes, making it the first cloud CPU customers can actively access with PCIe 6.0 connectivity.

Communication between chiplets relies on a coherent interconnect capable of transferring data at 420GB/s while maintaining unified operation.

AWS claims Graviton5 can deliver performance improvements reaching 25% compared with earlier generations deployed across its infrastructure.

Additional figures suggest application workloads may run 35% faster, while database operations improve by 30% under suitable conditions.

Network bandwidth reportedly increases by as much as 15%, while storage bandwidth rises by approximately 20% across instance categories.

For larger deployments, AWS says network throughput can double compared with previous offerings available through its cloud platform.

Why PCIe 6.0 may not matter much yet

The challenge is that PCIe 6.0 alone does not automatically transform application performance unless the surrounding hardware can exploit the added bandwidth.

This limitation becomes clearer when examining storage devices capable of taking advantage of the newer interface standard today.

Micron's 9650 NVMe SSD is among the first PCIe 6.0 drives reaching commercial availability, though its audience remains hyperscale operators.

The SSD can reportedly achieve sequential read speeds of 28GB/s, almost twice the throughput commonly associated with PCIe 5.0 storage.

Even so, these drives are largely intended for AI inference environments rather than conventional enterprise or cloud computing workloads.

The same pattern appears in Teamgroup's recently announced PCIe 6.0 SSD, which reaches 28GB/s yet remains far from mainstream deployment.

For many AWS customers, processor architecture, memory bandwidth, cache capacity, and software optimization will likely matter far more.

The M9gd instances also include local SSD storage reaching 11.4TB capacity and delivering 30% higher IOPS than predecessors.

Although PCIe 6.0 gives AWS an early technological distinction, meaningful gains will depend heavily on broader ecosystem adoption.

At present, the achievement appears more important as an infrastructure milestone than as a feature that immediately changes everyday cloud workloads.

Via The Guru of 3D / Wccftech

Wondering where your online order ended up may soon be a thing of the past thanks to a new launch from Samsara which makes tracking your deliveries easier than ever.

At its Samsara Beyond event, the company revealed the Samsara Tracking Label: a smart, single-use Bluetooth adhesive label that is able to provide near-real-time visibility on where a shipment actually is.

From dispatch to delivery, the label can dial into the company’s Samsara Network along its route, allowing accurate tracking at all times - particularly useful for areas such as pharmaceuticals, where companies need to know exactly where a delivery is at all times.

Samsara Tracking Label

The Tracking Label is an adhesive-backed, flexible, paper-thin label which can have a a 45-day battery life after being activated. The battery contains no lithium or hazardous materials, meaning it can be cleared for air, ground, and rail shipments, and is suitable for disposal without special handling.

Samsara says the launch goes beyond typical trackers, which can be lost or damaged in transit, leading to a lack of information or insight into where a delivery actually is, with its network covering 99% of major US roads and tens of thousands of worksites.

“This is no longer science fiction, this is reality,” David Gal, VP of Connected Equipment at Samsara, told attendees at Samsara Beyond.

The company says cargo theft costs US businesses roughly $35 billion annually, a figure which is only set to increase over the coming years as online shopping continues to grow.

It notes how current solutions such as RFID and cellular connectivity, can struggle with cost and coverage problems - but Bluetooth can go beyond that and gives much more insight.

The label process can be scaled up easily depending on customer demand - and although specific pricing information isn’t available yet, the move could help companies of all sizes save time, money and stress on tracking their deliveries.

The Tracking Label can be managed within Samsara’s new Shipment Center and Shipment App, which seamlessly plug into an organization's existing infrastructure, regardless of which shipping carrier they use.

This platform allows customers to not only see the real-time delivery schedule and deter theft, but also let them spot issues or delays before they happen, track deliveries across borders, and provide easier dispute resolution, helping keep their customers happy.

• UN calls on AI companies to declare environmental cost of AI
• New energy projects and data centers are contributing to pollution
• UN sets up AI Environmental Transparency Initiative to provide insight into the impacts of water usage, carbon emissions, and land usage

Multiple studies on the direct and indirect impact of AI have predicted that the technology is damaging local and global environments, and contributing to man-made climate change.

But the full extent of the damage should be publicly disclosed by AI companies themselves, the United Nations has said.

Speaking during London Climate Action Week, UN Secretary-General António Guterres said, “If AI is to help build a better ​future, it must be honest about what it costs us now.”

Reveal the full environmental cost of AI

“By 2030, they could use ⁠more power than all but five countries – and enough water to meet the basic needs ​of all 1.3 billion residents of sub‑Saharan Africa for an entire year,” he said.

His speech (via Reuters) also included the launch of the UN’s AI Environmental Transparency Initiative, which offers AI companies the opportunity to publicly disclose water, the environmental impacts of their water usage, carbon emissions, and land use.

Some AI companies have agreed to net-zero commitments and decarbonization through renewable energy projects, but these commitments are largely voluntary and do not subject companies to any repercussions if they fail to meet targets.

This has been exacerbated in the US — where many of the largest AI companies operate — with President Trump stripping away environmental commitments, obstructing planned renewable energy projects, removing legislation on the construction of fossil fuel energy production, and even deleting the US government’s comprehensive archive of climate resources.

As AI now accounts for 80-90% of the world’s compute resources, there has been an explosion in new data center construction projects to meet demand. Many sites have turned to on-site natural gas burning turbines to supply their energy, which has been linked to health issues and neurological symptoms in local populations. In other regions, data centers have been linked up to nearby energy networks causing local resident’s bills to skyrocket.

The total environmental cost of AI is not known, but estimates for the US have placed the total cost at around $25 billion per year, which includes the health costs of residents living in the polluted vicinity of data centers. The UN hopes that the AI Environmental Transparency initiative will provide direct insight into the fiscal, human, and environmental costs of AI.

• NordStellar found 924 dark‑web posts about deepfakes‑as‑a‑service (DFaaS) Jan–May 2026, up 39% year‑on‑year
• Rising interest driven by generative AI advances, enabling hyper‑realistic “fake boss” scams and lowering barriers for attackers
• Experts urge prevention through employee education and monitoring for leaked company data to reduce risk of targeted deepfake attacks

The interest in deepfakes-as-a-service (DFaaS) among criminals is growing, and the cybersecurity community is worried it might fuel the next wave of “fake boss” scams.

This is according to a new report from threat exposure management platform, NordStellar. Analyzing discussions on the dark web, the researchers found that between January and May this year, there were 924 posts about DFaaS, up 39% compared to the same period last year, when there were 663 similar posts.

“The rapid growth in popularity of deepfakes as a service is likely accelerated by advancements in generative AI, which help cybercriminals in two ways — by speeding up the creation of deepfakes and making them hyper-realistic,” says Vakaris Noreika, cybersecurity expert at NordStellar. “Ultimately, this service lowers the barrier to entry for deepfake technology, enabling threat actors to deploy highly deceptive attacks at a larger scale, regardless of their personal technical skill set.”

How to defend against convincing deepfake attacks?

Experts are worried the rising interest might result in more “fake boss” scams which, at that, would be even more difficult to spot. Business Email Compromise (BEC), a “fake boss” scam that primarily uses written emails, has for years been among the most lucrative tactics in the criminal underworld. According to the FBI, BEC was the second costliest tactic last year, with company losses exceeding $3 billion (up 11% compared to 2024).

Defending against highly convincing deepfake images and videos might not be easy, but it certainly isn’t impossible. Noreika suggests businesses should focus on prevention and employee education, since they cannot control whether crooks target them or not.

“The more details and access attackers obtain, the easier it is for them to craft highly realistic, targeted attacks,” says Noreika. “Monitoring the dark web for leaked company information is a critical step in preventing cybercriminals from finding credentials to breach accounts or data to use as intel.”

• Pilot describes drones moving in a unified jellyfish-like aerial formation
• Intelligence officials remain divided over the accuracy of combat sighting
• A concussion during the crash raises questions about the pilot's perception reliability

A US F-15 pilot was shot down over Iranian territory during the US-Israel war against Iran in April 2026, and he spent several hours on the ground before special operations forces completed his rescue.

During a subsequent debriefing, the pilot reportedly described unusual aerial activity involving Iranian drones during the combat operations that preceded his downing.

He claimed the drones assumed a formation resembling a jellyfish, with multiple units moving together in coordinated patterns across the airspace above him.

Debrief Account and Contested Interpretation

Intelligence officials reportedly debated the account at length, with one source describing the scene internally as “real alien sh*t.”

Officials disagreed sharply on how to interpret the events, noting the pilot had suffered a concussion during the crash itself.

He had also previously been involved in a friendly fire incident earlier in the conflict, so some analysts questioned whether he had accurately perceived events, or whether sensory distortion under extreme stress shaped his account.

Some intelligence analysts, however, also considered whether the reported pattern could reflect an emerging form of coordinated drone control rather than a misperception.

The technical concept referenced throughout internal analysis was described as one-to-many meshed networking, a system allowing several drones to be commanded simultaneously.

Questions over meshed networking capability

Reports suggested Iran may have received external assistance from China and Russia in developing its drone technologies during the broader conflict period.

Iranian forces had reportedly used attack drones as asymmetric weapons throughout weeks of operations against US, Israeli, and Gulf state forces.

Defense expert Emma Bates told CNN that countering this kind of coordination would demand enormous resources.

“We will spend huge, huge dollars, like a lot of blood and treasure, protecting ourselves from something that can coordinate like that,” said Emma Bates, a drone warfare and defense modernization expert.

She noted that drones maintaining a coordinated shape while carrying explosives, and reserving capacity for follow-up strikes, would represent a genuinely capable approach.

Officials separately noted that meshed networking could theoretically support internet connectivity in remote regions lacking infrastructure, though such civilian applications remain largely hypothetical for now.

The Office of the Director of National Intelligence declined to comment publicly on the pilot's account or any ongoing internal assessment.

Whether the pilot witnessed genuine drone coordination, misperceived events under extreme stress, or described something intelligence agencies have yet to fully understand remains unresolved.

Via CNN

A ‘digital hire’ won’t replace a skilled employee, but it can help automate many of the time-consuming tasks that eat up their day.

Until recently, AI chatbots like ChatGPT and Gemini answered questions, did research, and made suggestions – offering advice, but not actually taking action. Now, thanks to AI agents like OpenClaw and Hermes, AI can interact with other platforms, allowing it to take action like writing and sending emails, updating your schedule, or scheduling social media posts.

In this guide, we explore everything you need to get started with a 'digital employee'.

Getting started

You’ll need a few things before you can get going with your new ‘digital employee’.

First, you’ll need to pick an AI assistant. There are a few available; OpenClaw is the most popular, closely followed by Hermes. To run your AI agents safely, you’ll likely want to host them on a Virtual Private Server (VPS). Once this is set up, you can then communicate with it via a platform of your choice, such as WhatsApp, Telegram, or Slack.

The VPS is the ‘computer’ doing the heavy lifting, and you can communicate with your AI agent via an app on your phone. So, you don’t really need a powerful computer to run your agents. However, investing in a decent laptop will make it easier to manage workflows, along with the rest of your business, whilst on the go.

Getting AI working for you

Exactly what you have your agent do for you will depend on the nature of your business and your own unique set of skills. Here are a few platforms you may want to explore pairing your agent with, depending on what you want to achieve:

A note on security

Giving AI agents access to sensitive business information, such as financial data, customer data, and emails, carries risks. Using a dedicated VPS goes some way to protecting you.

However, it is important that you take the time to fully understand the risks associated with using AI agents and the steps you can take to mitigate them.

• Senator Mark Warner testified NSA confirmed Mythos Preview identified vulnerabilities in nearly all classified systems within hours during a controlled exercise
• US officials clarified Mythos found flaws rapidly rather than exploiting them, but the capability still raises major concern
• Anthropic withheld public release, sharing only with select firms; Mozilla and others validated its potency, with thousands of critical bugs uncovered in weeks

We now have another witness claiming Mythos Preview is able to break into protected systems fast and this one is none other than a high-ranking member of the US Government.

According to the Associated Press, Senator Mark Warner of Virginia testified in front of a congressional hearing this month, saying he was informed by National Security Agency (NSA) chief Joshua Rudd that Mythos “broke into almost all of our classified systems, not in weeks, but in hours.”

It’s worth mentioning here that the break-in was controlled, since it was part of an exercise done by the Anthropic team and the intelligence agency.

How powerful is Mythos?

The Associated Press dug deeper, and was informed by an unidentified US official that Mythos merely found vulnerabilities within hours, not necessarily exploited them. Still, identifying a vulnerability that theoretically can be exploited for attacks against protected US Government systems should be cause for concern on its own.

Mythos is an advanced AI model built by Anthropic, first introduced in early April this year. However, the company decided not to share it with the general public because it was apparently too capable of discovering and leveraging software vulnerabilities.

Instead, Anthropic shared it with a handful of major corporations, to help them secure their systems before cybercriminals can use the tool. Since then, multiple companies came forward to confirm Mythos’ potency, including Mozilla, which said the tool was “every bit as capable” as the world’s best security researchers.

Mozilla said that with the help of Mythos, it was able to ship more than 400 Firefox security bugs in April alone.

A month later, Anthropic said the 50 companies using the tool discovered more than 10,000 critical and high-level security vulnerabilities in roughly two months’ time.

“Several have told us that their rate of bug-finding has increased by more than a factor of ten,” the company said. “For instance, Cloudflare has found 2,000 bugs (400 of which are high- or critical-severity) across their critical-path systems, with a false positive rate that Cloudflare’s team considers better than human testers.”

Via Reuters

• The White House is worried about AI's cybersecurity implications
• Meta urged to submit frontier AI models for review before release
• OpenAI and other major developers have already signed up to do this

The White House is reportedly urging Meta to voluntarily submit its most advanced AI models to the government for security reviews before they get released publicly, per New York Times reporting.

Doing so would allow US policymakers to assess model capabilities, security risks and vulnerabilities, with the administration likely focusing on military implications like cyber warfare and attacks on critical national infrastructure.

According to the report, Meta is one of the few major AI developers that has not yet agreed to participate in the voluntary review program.

Meta pressed to submit AI models to US government for review

Companies like OpenAI, Anthropic, Google, Microsoft and xAI have already entered similar arrangements with the US government, and Meta could be next to sign up.

"We share the administration's goal of advancing U.S. leadership on robust and secure frontier AI," a company spokesperson said (via Reuters).

"While we are working through the details, we hope to sign the agreement soon."

The news follows the signing of an executive order to establish a framework for the government evaluation of advanced AI models before public deployment.

"Advanced AI capabilities make our Nation stronger, but also introduce new national security considerations that require coordinated action," the order reads.

The Five Eyes intelligence alliance (US, UK, Canada, Australia and New Zealand) also recently declared that AI systems are now more capable than ever at launching highly sophisticated cyber attacks. "Frontier Al models are anticipated to exceed current industry expectations," the alliance wrote.

If Meta signs up to participate, it means that virtually all major US frontier AI developers will be voluntarily submitting models for review prior to public release.

Professionals end every day feeling behind or burnt out, but not because they haven’t worked hard enough or clocked off earlier that day.

It’s because the volume of information, decisions, and context-switching is moving faster than the pace humans can realistically handle.

A recent Microsoft report put numbers to what people are feeling.

Eight in 10 of the global workforce say they lack enough time or energy to do their work, and 60% of meetings are happening as ad hoc calls or quick chats outside the pre-scheduled day-to-day.

This isn’t a motivation problem, it’s a capacity one - and it's created one of the defining contradictions of modern work. Businesses have never had more ideas, expertise, or ambition at their disposal, yet the people inside them are increasingly starved of the time and clarity needed to turn that potential into progress.

The smartphone makes this contradiction impossible to ignore. It is one of the most consequential inventions of the 21st century, yet also one that many people actively try to use less. Screen-time limits and digital detoxes are not anti-technology trends. They are signs that people are trying to regain control over a tool that has become indispensable, but increasingly overwhelming.

The message is simple: the market isn't asking for more technology. It's asking for relief.

Technological exhaustion

People are adopting or looking at things like digital assistants, wearable AI, focus apps, and workflow automation, not because the technology is impressive. They're doing it because they're exhausted.

That distinction matters because cognitive overload has become a workplace crisis. And the first wave of wearable AI missed the opportunity to solve it.

Instead of building practical tools, companies chased futuristic visions. Early wearable AI products asked "what can AI do?" instead of "what problem needs solving?"

The Humane Pin is the most obvious and probably the most well-known industry example. The vision was compelling, but the execution wasn't there. It positioned itself as a complete phone replacement before proving it could do even just one thing better than a phone. Ultimately, it tried to be everything and ended up being nothing.

This approach didn't reduce cognitive overload - it created more. Another device to manage. Another thing running in the background of an already overwhelming life.

The wrong question asked was: "How do we replace the phone entirely?"

A much better question is: “Where are people losing the most time, energy, and clarity — and how can technology give some of it back without demanding more from them?”

Useful technologies

The most useful technologies rarely arrive by replacing everything at once. The calculator didn't try to replace the accountant - it eliminated one specific source of friction and became indispensable.

It’s the same with wearable AI assistants. Progress is made in practice, not promises.

The wearables gaining real traction share one quality: users can explain their value in a single sentence. "This device exists so I can stop worrying about X." That clarity isn't a constraint - it is the product.

The future of this category will not be defined by the devices with the boldest premise. It will be defined by those who understand where people are most overloaded and remove that pressure without asking for much in return.

Does the technology make someone feel more capable or more managed? Does it reduce the number of things they have to remember, check, repeat, and translate? Does it create clarity, or simply another stream of information?

Those questions are less glamorous than asking whether AI can replace the smartphone. But they are also far more useful.

The wearables that will actually help aren't the ones with the boldest premise; they're the ones that solve one real problem but do it well.

In a world drowning in information, that may be the most ambitious thing technology can do.

Simplify work with the best AI tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• US government ordered Anthropic to pull frontier models for foreign nationals
• Legal AI startup claims it had contractual access to those models
• Anthropic doesn't agree with the White House – but complies

Legal AI startup Legion LegalTech Corp has filed a lawsuit challenging a June 12 government order that forced Anthropic to restrict access to its most advanced AI models, Fable 5 and Mythos 5, for foreign citizens (via Reuters).

According to the complain, the Bureau of Industry and Security (BIS) gave Anthropic around 90 minutes to comply with the order, or face civil and criminal penalties.

All foreign nationals, including those living inside and outside of the US, and even Anthropic's own employees, are said to be affected by the order.

Government order to ban Anthropic models internationally legally challenged

Legion LegalTech Corp acknowledges that the order was triggered because of concerns that users could jailbreak models into reviewing software code and identifying vulnerabilities, but the startup argues this is a common capability of all frontier models and doesn't just affect Anthropic's models.

The company says it had contractual access to Anthropic's Fable 5 model, and was actively integrating it into its products that draft and manage cases. Because the company employs Canadian developers working remotely from Canada, it lost access to the model once restrictions took effect.

"Anthropic took no independent action to restrict Legion’s access; it complied with the government’s command under threat of enforcement consequences," the lawsuit reads.

The lawsuit argues that no current export control classifications cover access to cloud-hosted AI models. It also references an independent reviewer, who sees the government's action as disproportionate and "way out of line."

Anthropic announced the frontier models on June 9. By June 12, it had released a statement in response to the government directive, criticizing the government for "not provid[ing] specific details of its national security concern."

"We are complying with the government’s legal directive and are removing access to Fable 5 and Mythos 5 for all users."

For most of the world, the 2026 FIFA World Cup will be remembered as a sporting event. For cybersecurity teams, it will function more like a live multinational stress test.

Spanning three countries, 16 host cities, and thousands of miles of transportation corridors, the tournament depends on an interconnected ecosystem of physical and digital infrastructure operating under sustained pressure for more than a month.

Airports, rail systems, hotels, fan festivals, credentialing platforms, broadcast operations, rideshare services, and public-facing digital services will all be strained simultaneously.

That scale fundamentally changes the security equation.

From a threat intelligence perspective, the defining challenge of the 2026 World Cup is the convergence of physical, cyber, social, and geopolitical risks across shared IT infrastructure and compressed operational timelines. Security teams are no longer managing isolated threats — they are forced to manage cascading disruption, where pressure in one domain can rapidly affect another.

A phishing campaign targeting transportation staff could disrupt rail operations moving tens of thousands of fans. A localized protest could overwhelm nearby transit systems and alter executive movement plans. A ransomware incident affecting a hospitality provider could create physical security concerns if communications or access systems fail during peak crowd periods.

This is the reality of large-scale global events in 2026: the attack surface is no longer just the venue, it’s the infrastructure surrounding the whole event.

At the time of writing, Flashpoint has not identified any specific, credible threats targeting the tournament. That should not be mistaken for a low-risk environment. Events of this scale consistently attract opportunistic criminal activity, fraud operations, extremist messaging, coordinated protest movements, and attempts to exploit operational strain.

The Security Perimeter Extends Far Beyond the Stadium

Historically, security planning for major sporting events has centered on venue protection. For the 2026 FIFA World Cup, that model is no longer sufficient.

With matches spread across three countries and 16 cities, much of the risk now sits outside controlled environments across transit systems, hotels, fan zones, entertainment districts, and the broader infrastructure moving people, information, and services between them.

In many cases, these environments carry greater uncertainty than the stadiums themselves. Security visibility is uneven, access controls are inconsistent, and crowd density, alcohol consumption, and movement constraints create conditions where relatively minor incidents can escalate quickly.

Protests are likely to add another layer of complexity. Demonstrations tied to immigration policy, labor concerns, geopolitical tensions, and broader political movements are expected to occur across multiple host cities during the tournament. Most demonstrations will likely remain lawful and localized.

While most demonstrations will likely remain lawful and localized, the risk emerges when protest activity intersects with transportation choke points, fan movement patterns, or already strained public infrastructure.

Threat intelligence teams should pay close attention to how online rhetoric translates into physical coordination.

Many of the indicators that matter most during events like the World Cup appear early through fragmented digital activity: encrypted messaging channels, localized social media conversations, extremist propaganda ecosystems, fraud marketplaces, and open-source coordination efforts.

The intelligence challenge is rarely a lack of data. It is identifying which signals indicate a meaningful shift in operational risk.

Crowd Dynamics and Operational Disruption

Crowd behavior remains one of the most persistent, and often underestimated, security challenges at large-scale events.

Mass gatherings create conditions where panic can spread faster than verified information. Overcrowding, pyrotechnics, aggressive supporter behavior, or sudden movement within confined transit areas can trigger cascading safety incidents without any organized attack occurring.

Recent years have also shown increasing coordination among certain supporter networks and hooligan groups, including the use of encrypted communications and reconnaissance activity to organize around less-secured gathering points outside official venues.

These risks matter because they place pressure on the systems surrounding the event, not solely the event itself. The same convergence is visible across the cyber threat landscape.

We are likely to see elevated levels of phishing activity, ticket fraud, domain impersonation, social engineering, and opportunistic attacks targeting tournament-related infrastructure. Threat actors understand that large events create urgency, emotional decision-making, and predictable behavior patterns. Fans searching for tickets, transportation, accommodations, or livestreams become easier targets for spoofed domains and fraudulent communications.

The operational implications extend well beyond consumer fraud losses.

A disruptive cyber incident affecting transportation systems, hospitality providers, third-party vendors, or venue operations during a high-attendance match day can rapidly create downstream physical security challenges. Delayed transit systems increase crowd concentration.

Failed communications systems complicate emergency response coordination. Access-control outages create confusion at security checkpoints. Small technical failures can compound quickly in dense environments operating on fixed timelines.

What Security Teams Should Prioritize Before the Tournament

Organizations supporting personnel, executives, vendors, or operations during the World Cup should prepare for an environment where physical and digital disruptions increasingly overlap.

That preparation starts with visibility.

Security teams should establish continuous monitoring around transportation disruptions, protest coordination, fraud infrastructure, and emerging operational incidents across both open and closed online sources. Threat indicators tied to major events often surface first through fragmented local reporting, encrypted messaging channels, social media coordination, and opportunistic criminal communities.

Travel security planning should also extend beyond venue access and hotel bookings.

Organizations should review how employees handle credentials, travel itineraries, executive movement, and event-related content online. During high-profile international events, threat actors routinely collect publicly available information to support impersonation attempts, social engineering campaigns, and physical targeting.

Employees, contractors, media personnel, and attendees frequently expose operationally sensitive information online without recognizing the downstream implications. Credential badges, transportation routes, executive locations, hotel details, and backstage access procedures often appear publicly across social media within minutes. Threat actors increasingly use these fragmented disclosures to map security procedures, identify soft targets, or facilitate social engineering operations.

Third-party dependencies deserve particular attention.

Hospitality providers, transportation vendors, temporary staffing organizations, event technology platforms, and local service providers will all operate under elevated pressure during the tournament. Security incidents affecting those organizations can rapidly create downstream operational disruption for attendees, sponsors, media teams, and corporate travelers.

Finally, security leaders should prepare for disruption scenarios that fall below the threshold of a major crisis but still create operational consequences. Delayed transportation, localized unrest, communications outages, credentialing issues, and short-duration cyber incidents can all affect executive movement, employee safety, and business continuity during compressed event timelines.

The Organizations That Adapt Fastest Will Be Best Positioned

Events like the 2026 FIFA World Cup place unusual strain on security teams because disruption rarely stays contained within a single domain.

A cyber incident can create immediate physical consequences. Protest activity can disrupt transportation and executive movement. Crowd-management failures can generate downstream operational strain across hospitality, communications, and emergency response systems.

For security leaders, the challenge is maintaining visibility across these interconnected environments as conditions evolve in real time.

The organizations best positioned during the tournament will not necessarily be those with the largest physical security footprint. They will be the organizations capable of continuously correlating cyber indicators, physical activity, online narratives, and emerging operational disruptions into a coherent picture of risk.

Threat intelligence creates decision advantage in environments where conditions evolve by the minute.

We feature the best internet security suites: ranked and rated by experts.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• IO research shows 87% of UK cybersecurity managers doubt the credibility of speed‑focused certification programs
• Rapid, automated compliance creates a false sense of security, with certifications like ISO 27001 not guaranteeing resilience
• Experts stress continuous monitoring and human oversight, as automated recommendations and evidence still need validation and interpretation

Speed-focused compliance programs could help businesses get cybersecurity certifications quicker, but security professionals are skeptical if the speed comes at the expense of actual business resilience.

This is according to new research from resilience specialists IO, which claims that 87% of senior cybersecurity managers in the UK believe the speed at which certification is achieved affects its credibility.

According to the report, compliance initiatives that are either heavily automated or compressed into short timeframes are creating a false sense of security. Certifications like ISO 27001 might help companies win contracts and maintain an image, but researchers are warning that certification alone does not guarantee actual operational resilience.

Gaps in security posture

“Organizations that focus on achieving certification as quickly as possible are at risk of leaving gaps in their security posture,” says Chris Newton-Smith, CEO of IO. “Certification can open doors to new contracts and demonstrate commitment to recognised standards but treating certification as the end goal rather than the outcome of establishing and embedding effective compliance is more often than not at the expense of long-term resilience. Businesses must treat compliance not as a tick-box exercise but an evolving, iterative, and business critical project.”

Polling 251 cybersecurity managers in the UK, IO found that 31% consider continuous controls monitoring as the strongest indicator of compliance resilience. At the same time, a fifth (21%) said certifications could reflect security controls at the time of an audit, but could soon after become obsolete.

IO also stressed the importance of human expertise in these programs. Almost half (45%) of the respondents said human involvement is still essential when evaluating if automated compliance recommendations are still relevant and accurate, and another third (33%) said complex regulations still need human interpretation.

Finally, 32% stressed the importance of human in validating compliance evidence generated by automated systems.

• Huntress report highlights “EvilTokens” PhaaS scaling phishing attacks 1,380% in early 2026 compared to last year
• AI integration enables per‑victim personalization at scale, bypassing MFA, with subscription tiers from $600 to $1,500
• Service sold openly on Telegram, showing how PhaaS now operates like a startup with cheap, powerful attack capabilities

Cybercriminals offering phishing-as-a-service (PhaaS) are increasingly operating like a tech startup, and a good one, at that. They are also using Artificial Intelligence (AI), which helped them scale significantly. This is according to a new report from cybersecurity researchers Huntress, called “EvilTokens and the Rise of AI-Powered Phishing”.

In the report, Huntress claims that this particular PhaaS operation, called EvilTokens, was used to run 1,380% more phishing attacks in early 2026 compared to the same period last year.

“We’re seeing a clear maturation of the phishing-as-a-service (PhaaS) market as threat actors increasingly integrate AI workflows into their product offerings,” the report reads. “The result is directly observable in our telemetry: a 1,380% increase in device code phishing attacks detected between July–December 2025 and January–April 2026, with over 50% of those incidents linked to two major waves of correlated incidents.”

A cheap service

“Furthermore, across hundreds of incidents associated with EvilTokens, no two phishing lures were identical. This level of per-victim personalization was previously limited to targeted, manually crafted campaigns. Now, it’s achievable at scale by any threat actor at the price of a subscription service”

So, AI is not only used to scale the operation, but it is also used for personalization at an unprecedented level. At the same time, the service is relatively cheap to use: it is being sold on Telegram for as little as $600.

If this sounds like a lot, keep in mind that a single successful phishing attack is enough to steal data worth hundreds of thousands on the black market, or even millions - in ransom negotiations.

EvilTokens’ service is tiered, too. The cheapest package costs $600, while two more expensive ones cost $1,000 and $1,500, respectively. For criminals, it is likely worth the investment, since this PhaaS is capable of bypassing multi-factor authentication, as well.

• Meta's end-to-end ads platform takes care of creation, testing and launching
• With access to context, ads can be highly customizable
• Users are already seeing 4x ROI

Meta says marketing has now crossed the 'AI threshold', pushing its suite of tools as an end-to-end platform that covers ad creation, testing and launching.

The company is now positioning product data as a key element, with AI capable of building and optimizing the most effective ad format for each individual viewer in real time thanks to the context and knowledge it gets from sellers' catalogs.

As a result, Meta envisions advertisers' roles evolving from content generation to managerial roles focused on providing the right context via product catalog data, brand assets and other creative materials.

Meta's AI changes marketing for good

At Cannes Lions 2026, the company announced a series of improvements designed to position its AI-powered marketing tools as an end-to-end platform, including a shared space where marketers can collaborate and make changes to campaigns.

Meta is also introducing brand memory, enhanced text generation tools and translations.

A collaboration with WPP has also opened up the platform to agencies so that third parties can step in to run ads for their clients.

According to Meta's blog post, advertisers are now seeing a $4.13 revenue return on their $1 advertising investments, marking a 25% increase since 2022.

At the event, the company also stressed the importance of creators in today's economy. Creator Marketplace and Partnership Ads Hub are now merging into the Meta Creator Marketing Hub so it's easier for creators to run schemes and work with brands.

Facebook creators are also being added to the Creator Marketplace, which previously only included Instagram creators.

"With these new updates, we’re accelerating our ecosystem and giving marketers, advertisers, and agencies a platform that compounds performance," Meta concluded.

Enterprises built their early AI strategies in a world that assumed relative freedom of data movement. That world no longer exists, so how do they adjust to the new world?

While it’s a cliché that data is the new oil, the truth is that data does need to be able to flow around an organisation and come to rest in some central location, where it can be refined to extract insight and value.

In recent years, that refining has come, of course, via AI.

But if we really think that analogy through, it also captures some of the problems enterprises currently face managing data.

Recently, the world has seen what happens when the free flow of oil, gas, and other fundamental resources is disrupted. Governments and companies are scrambling to work around supply chain interruptions in the short term and looking for energy sovereignty and resilience in the long term. In this case, centralization has become a liability, thanks to a single, but critical, chokepoint.

In the same way, the upheaval created by AI, paired with governments’ and regulators’ attempts to manage its impact, means companies need to rethink how they architect and manage their data. The difference is that the ways traditional data flows around organizations are changing.

After all, a centralized approach made sense when moving data was straightforward. Now, however, governance and sovereignty concerns and data movement costs have changed the calculus.

AI transformation

AI alone has transformed the equation when it comes to the volume of data that must be managed. It’s not just training models that require massive amounts of data. Those models need constant updating and tuning with fresh data. And, if those models are to deliver value to the business, companies will be constantly running inference, which requires more data, and generates more data.

Unsurprisingly, governments and regulators have an interest in AI governance. This includes existing concerns about data residency and the possibility of new problems, such as data leakage into LLMs.

In Europe, for example, the regulatory landscape laid out by the GDPR mandate has been complicated by the rollout of the EU AI Act, which comes fully into force from August this year. In the US, companies face multiple federal and state-level regulations. Any, or all, of these could come into play as data is moved to that central refinery.

Governments also have an understandable strategic interest in developing sovereign AI, further complicating matters when it comes to both data and the models that work on it.

Once we consider this, it’s clear that only a few organizations are architected to handle the sheer scale of data involved in AI, and the governance it requires.

Companies grow messily, whether organically or through M&A, inheriting different infrastructures – and different governance regimes - as they sprawl across borders.

Data in the old world

In the old world, free-flowing data might have been seen as efficient. Now, given the vast amount of data involved, generating copies of data and moving data across borders is both fraught with risk from a governance perspective. And with escalating cloud egress fees, data movement becomes extremely expensive. At the same time, moving or copying on-prem presents both a financial challenge, and imposes a burden on already stretched technology teams.

What are our options in this new world? Few technology leaders have the option of simply opting out of the whole AI revolution. Whatever your personal views on the technology, few C-suites are prepared to sidestep the AI race.

But we can lay out a roadmap for how to manage data – and compute – in this new world.

To start with, we need to understand the environment we’re really operating in. This may well include accepting that a hybrid or multi-cloud architecture is going to be the normal state of affairs. The very nature of AI, with companies needing to access multiple models and multiple services, means that traditional monolithic, central approaches simply won’t scale.

This, in turn, means every technology leader needs to be crystal clear on what governance means for their organisation and its data, whether that’s data privacy or residency requirements. And it’s imperative that governance is embedded in the AI workflow from the outset. It’s too important to be an afterthought or kicked down the road as other priorities arise.

What this makes clear is that it will normally make more sense to bring compute and those critical AI models to the data, not the other way round.

This isn’t just about reducing data movement costs or producing multiple copies of data. It’s about reducing the friction that comes with reconciling governance requirements as data moves around organizations and across borders. But it can also mean reduced latency and fresher data, making AI more effective.

That’s not to say that it’s not sometimes necessary to move data. But if that’s the case, let’s be mindful and deliberate about it.

But while data becomes increasingly decentralized, it’s imperative that we centralize the management of data access and build the platform accordingly. This lays the groundwork for clear data governance and sovereign AI alike.

By rethinking how they manage data movement, technology leaders can bypass the escalating egress costs and compliance traps embedded in the old way of doing things. The result is an AI strategy that is both scalable and sustainable, enabling enterprise-grade AI, wherever their data lives.

We feature the best data migration tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• LastPass confirmed a supply chain breach via Klue, where stolen OAuth tokens let attackers access its Salesforce environment
• Customer names, contact details, and CRM data were exposed, but master passwords were not; phishing risk remains high
• Threat actor Icarus claimed responsibility; other firms including Recorded Future, Tanium, Jamf, Sprout Social, Gong, and Insurity also impacted

Password manager LastPass confirmed that it lost sensitive customer data in a supply chain attack that struck a third party.

As LastPass explained in a newly released incident report, unnamed threat actors first targeted Klue, a third-party market intelligence platform that integrates with its Salesforce and Gong systems. After obtaining its OAuth tokens, the attackers were able to access LastPass’ Salesforce environment and exfiltrate sensitive data stored there.

“On June 12th, LastPass was made aware of an incident that occurred at Klue (klue.com), a third-party market intelligence platform utilized by our go-to-market teams, which integrates with our Salesforce and Gong systems,” LastPass said.

Compromising names and emails

"We immediately launched an investigation and learned that, as part of this incident, an unauthorized actor was able to obtain OAuth tokens Klue held for many of its customers, including LastPass.”

“The threat actor then used these credentials to access LastPass customer data within our Salesforce environment.”

Further in the report, the password manager said the attackers most likely accessed customer names, phone numbers, email addresses, postal addresses, support case information, and sales/CRM-related data.

Passwords, including the master password, were most likely not exposed. However, criminals can use the data they obtained to launch phishing attacks, through which they might trick the victims into sharing those secrets, as well.

LastPass is now urging customers to remain vigilant and be careful with incoming messages, particularly those claiming to come from the company.

According to BleepingComputer, the Klue supply chain attack was claimed by a threat actor called Icarus, which apparently used compromised legacy credentials for an integration service to breach the intelligence platform.

Besides LastPass, a number of other organizations are affected as well, the publication further reported, including Recorded Future, Tanium, Jamf, Sprout Social, Gong, and Insurity. LastPass has now disabled employee access to Klue.

Via BleepingComputer

Most executives have no idea how much of their website traffic comes from AI agents.

If you were to ask which AI agents are legitimate and which are impersonating trusted names to scrape data, they’d struggle to tell them apart, a problem that’s growing by the day.

In early 2026, AI and bots generated billions of requests, outpacing internet traffic from humans.

This is no longer a fringe activity; AI agents are now a persistent, substantial portion of the traffic hitting websites.

Yet most organisations can’t tell you what that traffic is doing, where it’s really coming from, and whether it’s helping or hurting their business.

The Volume Trap

When organisations hear that AI agent traffic is creating billions of requests, the instinct is often to treat it as a monolithic category. It’s not. Lumping all AI agents together is like treating all humans as identical users; it misses the nuance that determines value.

Take two agents from the same company: one built to improve search relevance, potentially driving referral traffic back to a website, and another designed purely for large-scale data extraction to train AI models, offering zero benefit to organisations.

Both show up in traffic reports, both generate similar volumes, but only one has any upside for businesses. Without the ability to distinguish between them, companies can’t make informed decisions about either. Organisations are flying blind, and the cost of that blindness is steep.

The Trust Problem

Here is where it gets trickier: even when an AI agent identifies itself, organisations can’t trust it. Recent data shows that well-known, trusted AI agent names are being actively impersonated at scale. Meta-ExternalAgent was spoofed over 16 million times in early 2026. ChatGPT-User saw nearly 8 million fraudulent requests using its name. PerplexityBot had nearly 2.4% of all requests claiming to be legitimate turn out to be fake.

If website allowlists – approved lists granted automatic access - certain AI agents by name, assuming they are legitimate crawlers, a fake agent string is essentially a skeleton key. Bad actors know this and are using trusted agent identities as cover to bypass defenses and extract whatever data they want.

The exposure isn’t theoretical. Testing across 700k high-traffic websites revealed that the vast majority return full access to spoofed AI agent requests with no verification whatsoever.

The Agentic Browser Challenge

Traditional AI crawlers are only part of the story. A newer, more sophisticated vector is emerging: agentic browsers. These tools don’t just request a page, they simulate full browser sessions and interact with a site like a human user.

They’re harder to detect and harder to distinguish from legitimate traffic, and they are showing up in force across the industries with the most valuable transactional data.

In February 2026, agentic browser traffic was concentrated in ecommerce and retail (about 20% of volume) and travel and tourism (15%). These sectors hold some of the most valuable transactional data on the internet: pricing data, inventory information, customer behavior patterns, and competitive intelligence.

For businesses in any of these sectors it’s time to start actively monitoring for agentic browser activity, as organisations may be leaking data without realising it.

What This Means for Decision Makers

The implications of this visibility gap are immediate and material. Invisible traffic is unmanaged traffic. Companies that can’t identify traffic can’t decide what to do with it. Should it block it? Throttle it? Allowlist it? Monetise it? Without clear visibility, decisions become guesswork.

High volume does not equal high value. Some AI agents drive search visibility and referral traffic. Others extract data and contribute nothing in return. By treating them the same, organisations are subsidising data collection efforts with no upside for a business.

Relying on basic bot detection doesn’t cut it anymore. Agentic browsers behave like real users and simple signal-based detection misses them. Organisations need behavioural analysis that accounts for session patterns, timing, interaction signatures, and other contextual indicators.

Where to Start

Getting control of AI agent traffic starts with visibility. Organisations need to log and classify what is hitting sites, by agent type, behaviour, and claimed identity without relying solely on user-agent strings, as they’re easy to spoof.

Agent classification is an ongoing practice. As the AI agent ecosystem evolves quickly, with new agents appearing regularly and existing ones changing behaviour, in-time assessments go stale fast.

Establish a tiered access framework, but make it session-specific, not agent-specific. The same AI agent can exhibit legitimate behaviour in one session and extractive behaviour in another.

Intent-based detection evaluates what an agent is doing in real time, not just what it claims to be. Is it browsing product pages at a human pace or scraping an entire catalogue? The behaviour in each session should determine the response.

Companies should stop assuming that because something identifies itself as a known agent, it is legitimate. The cost of blind trust is too high. Verify everything.

AI agents are not going away. Their traffic will continue to grow, and their behaviour will continue to evolve. The organisations that thrive in this environment will be the ones that can see clearly what is happening on their websites and make deliberate, informed decisions about what to allow and what to block.

Right now, most organisations can’t, and that needs to change. AI agents are already interacting with websites. The question is whether organisations know what they’re doing while they’re there.

We feature the best website builders.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• NATO seeks technologies capable of shutting down enemy airfields longer
• Competition focuses on aircraft, runways, fuel depots and infrastructure
• Proposed systems must survive electronic warfare and navigation disruptions

NATO and Ukraine have launched a €250,000 (~$287,000) competition seeking technologies capable of denying adversaries the use of airfields for extended periods.

The initiative, known as Persistent Airfield Denial, focuses on disrupting aviation infrastructure used to support military operations against Ukraine.

Organizers are looking for practical solutions that can damage aircraft, runways, fuel facilities, ammunition storage sites, and supporting ground infrastructure.

Search for technologies capable of long-term airfield disruption

The competition is being organized by NATO Allied Command Transformation together with the NATO-Ukraine Joint Analysis, Training and Education Centre, commonly known as JATEC.

According to Ukraine’s Ministry of Defense, the effort stems from the importance of airfields in supporting Russian aerial operations against Ukrainian territory.

The ministry stated that “Every Russian aviation sortie to strike Ukraine begins at an airfield,” explaining why the search concentrates on restricting access to aviation infrastructure.

Officials are seeking concepts capable of sustaining operational pressure against enemy airfields rather than conducting only short duration strikes.

Proposed systems may rely on drones, loitering munitions, swarm technologies, or alternative methods for delivering destructive payloads across significant distances.

The competition rules allow virtually any technological architecture provided the proposed solution can achieve the required operational outcomes.

Entrants must also demonstrate effectiveness in electronic warfare environments where communications may be degraded or entirely unavailable during missions.

Solutions are expected to continue functioning without direct operator control or access to satellite navigation services under challenging battlefield conditions.

Organizers additionally require systems capable of operating throughout the year and in varying weather conditions without significant performance degradation.

The initiative follows previous NATO-backed innovation challenges that sought responses to guided bomb threats and fiber-optic drones increasingly used in combat.

Prototype requirements and emphasis on rapid deployment

The organizers require technologies that can move quickly from development into operational deployment after testing has been completed successfully.

The desired Technology Readiness Level falls between 5 and 7, indicating prototype stage capabilities rather than purely theoretical concepts.

Participants are expected to provide an initial minimally functional version within six weeks, demonstrating practical progress toward deployment objectives.

The proposal submission window remains open until July 20, 2026, while selected finalists will be announced on August 11.

Ukrainian miltech companies, startups, engineering teams, and defense developers are being encouraged to submit candidate technologies for evaluation.

Many of the concepts likely to emerge could involve autonomous systems designed to function independently when communications become unavailable.

Developers may also employ AI tools to improve navigation, coordination, and decision-making during contested operations.

Last year, Ukraine's Security Service carried out Operation Spiderweb, a coordinated drone attack against five Russian airfields.

Kyiv claimed the operation destroyed or damaged 41 aircraft and caused roughly $7 billion in damages, though Russia says it lost 11 planes and about $26 million.

Though Ukraine already operates cheap drones such as the Hornet and other modified AI-assisted UAVs capable of reaching targets hundreds of kilometers away, it is now seeking 'Spiderweb-type' technologies capable of delivering similar or greater effects.

Via Defense Express

• Airbnb scams have surged 30x since 2023, including a sharp rise this year
• Criminals hijack legitimate host accounts to to trick holidaymakers
• Staying safe isn't so straightforward as threats evolve

Airbnb-related scam activity has increased 30x since the first half of 2023, according to new research from Saily and NordStellar, confirming that cybercriminals continue to go after holidaymakers seeking the best deals amid rising prices.

The report ultimately concludes that attackers are now targeting the trust built by larger platforms, saving them from having to build new identities from scratch.

And to top it all off, the nature of scams is also changing, as instead of using suspicious websites to obtain victim payments or information, criminals are now targeting legitimate Airbnb host accounts which have spent years amassing positive reviews and high ratings.

Exploiting legitimate accounts and hijacking trust

While the end goal remains high volumes of vulnerable consumers, scammers have added an extra layer of victim in their pipeline. Verified Airbnb hosts are now valuable assets for criminals because they already have identity verifications, positive reviews, booking histories, years of activity and established credibility.

Once the verified account is compromised, attackers can then go on to scam higher volumes of unsuspecting victims by posting – and charging for – fake property listings.

“Travelers are getting better at spotting obvious scams,” Saily Head of Product Matas Cenys said. “Criminals know this, so they are increasingly trying to steal trust instead of building fake trust from scratch.”

Where this type of attack differs from others, though, is that the victims never leave the platform. Rather than falling victim to phishing attacks and being redirected to malicious external sites, they interact fully with supposed legitimate hosts on the Airbnb platform.

While Airbnb attacks have seen a 30x increase in around three years and a sharp rise in the last year alone, they reflect a much broader trend of attackers compromising existing trusted accounts.

The recent ramp-up in attacks could also be tied to the summer season, with holidaymakers looking to book last-minute deals in the run-up to the summer season. Urgency and pressure to keep costs low also adds to criminals’ success.

“Everything looks normal until they arrive at their destination and discover the accommodation never existed," Cenys added.

How to protect yourself from booking scams

Saily is recommending that all communication stays within the booking platform and that customers avoid payment methods suggested outside of official channels. Unusually attractive listings in high-demand destinations could also be taken with a pinch of salt, and savvy shoppers may choose to reverse image search a property to double check its authenticity.

“As travel booking becomes increasingly digital, trust becomes one of the most valuable currencies in the travel ecosystem,” Cenys warned.

As for abusing victim trust, researchers also argue that AI has aided attacks by allowing criminals to produce better fake listings more quickly.

More generally, Airbnb revealed that two in five Americans have fallen victim for an online scam, with the average loss totalling nearly $2,000. The company has introduced measures to remind its users how to avoid scams, including introducing identity verification and reminders not to leave the platform, but account takeovers can still slip under the radar.

Airbnb also holds guest payments until 24 hours after check-in to ensure that everything is as described. Anti-fraud tech also prevented around 265,000 suspicious listings from appearing on the platform in 2025, the company boasted.

The company posted a comprehensive eight-step list of how to avoid scams on its platform online, calling out pressure tactics and unusual deals.

• Senao built a full Intel Xeon server that lives inside your PCIe slot
• 38 Xeon cores and 64GB RAM on a single network card
• Dual NVMe SSDs, 64GB RAM, and 200Gbps — all on one card

Senao SmartNIC SX906 was one of the more quietly remarkable exhibits on display at Computex 2026 — a PCIe card which functions less like a network adapter and more like a fully equipped server that somehow forgot it was supposed to fit inside a slot.

Built around Intel's Xeon 6 SoC processor in the Granite Rapids-D architecture, the card delivers up to 200Gbps of network performance from a dual-slot form factor.

It weighs 1kg, measures 266 x 98.4 x 40.6mm, and draws power through a PCIe edge finger and a 16-pin 12VHPWR connector — the same connector that feeds power-hungry graphics cards.

More server than network card

This device comes with three processor configurations, including the Xeon 6523P-B, 6553P-B, and the flagship 6563P-B.

The Xeon 6523P-B brings 24 cores running at 2.5GHz with a 295W power envelope, the 6553P-B steps up to 36 cores at 2.6GHz, consuming 355W, and the 6563P-B pushes to 38 cores at 2.4GHz — also at 355W.

All three SKUs support up to 64GB of 4-channel DDR5-4600 ECC memory, carry two M.2 2280 NVMe SSD slots, and include up to 128GB of eMMC storage for good measure.

The 36 and 38 core variants go further still, adding a media transcode accelerator that makes them considerably more capable than the entry-level configuration.

Network connectivity runs through dual 100G QSFP28 ports, though the 24-core SKU is capped at 100GbE total throughput while the two larger variants unlock the full 200GbE.

An ASPEED AST2600 BMC oversees out-of-band management through OpenBMC, with an AST1060 controller handling Intel Platform Firmware Resilience — security infrastructure that belongs in a data centre rack, not a PCIe slot.

A card that refuses to stay in its lane

The I/O configuration is where the SX906 stops making conventional sense entirely.

Alongside the expected networking interfaces, the SX906 carries a MiniDP display output, an RJ45 1GbE management port, and a USB3.0 Type-C port.

That Type-C port is functional enough to charge a smartphone on a workbench while the card simultaneously processes network security workloads at 200Gbps.

A second Type-C console port and two PCIe Gen5 x8 MCIO connectors expose 24 PCIe Gen5 lanes for further expansion, giving engineers considerable room to extend the card beyond its base capabilities.

The SX906 runs Ubuntu 22.04 or 24.04 natively and supports TPM2.0 Secure Boot, completing a security profile that most standalone servers would be proud to claim.

Whether it carves out a clear commercial niche beyond AI edge deployments and specialised network security remains an open question.

What is harder to argue with, however, is that Senao has packed an entire server's worth of infrastructure into something that slots into a PCIe bay.

Via ServeTheHome

Tim Cook has long taken a strong stance against the infringement of Apple users' privacy – and the general erosion of privacy. That's been the case whether he's shown support for end-to-end encryption or if he's railed against the monetization of user data.

The rise of data protection

Almost a decade ago, the European Union (EU) introduced the most radical reformations to data protection laws in a generation with the General Data Protection Regulation (GDPR).

Several months later, the (now outgoing) Apple CEO spoke at the 40th International Conference of Data Protection and Privacy Commissioners with a speech that targeted Apple's fellow technology rivals with both barrels.

He pointed out that billions of dollars were changing hands – and countless decisions were being made based on data points harvested from our interactions on digital platforms. These may include clicks of a Like button but also the information we have shared, often without understanding the full implications.

Your very own digital profile

Cook projected a dystopian future in which each person would be represented by a digital profile that's been devised based on analysis of the countless data points systems have gathered.

The purpose of this form of behavioral profiling, he suggested in his speech, could range from more effectively monetising your information to targeting you with more extremist content in one direction or another.

For example, we've since seen the way that social media platforms and similar sites have been highly effective in populist political movements, including the U.K. 'Brexit' decision to leave the EU. There are also fears this sort of power has been weaponized, to use Cook's phrase, by foreign adversaries.

Nearly 10 years on from the introduction of GDPR, there are fears that the rise of AI – which is turbocharging some of the fears the outgoing Apple boss raised – is undermining the laws and that newer, more modern regulations are needed.

• Modern AIO coolers now contain hardware resembling miniature computers
• Large displays are becoming common features in premium liquid coolers
• MCUs now power advanced features inside modern cooling systems

Modern all-in-one (AIO) liquid coolers are increasingly resembling miniature computing platforms rather than simple hardware designed to move heat away from processors.

Several newly announced models now incorporate color displays approaching smartphone dimensions, complete with monitoring software, animations, and multimedia capabilities.

In some cases, the screens attached to CPU cooling systems are larger than the 4.7-inch display found on Apple's iPhone SE.

Tiny computers are now embedded inside cooling hardware

An example comes from ASUS, whose ROG Strix SLC IV incorporates a detachable 6.67-inch curved AMOLED display running at 2400 × 1080 resolution.

The company also offers the ROG Strix LC IV with a smaller 3.5-inch IPS panel, though both products retain extensive customization features.

Driving these displays requires considerably more than a simple temperature sensor because the screens must process graphics, animations, telemetry information, and user inputs.

Behind such displays sits a microcontroller, commonly called an MCU, which is effectively a complete computer integrated onto a single chip.

An MCU has its own processor, memory, storage resources, and input output functions, allowing it to operate independently within larger devices.

Twenty years ago, a high-end CPU cooler was little more than a large metal heatsink paired with one or two fans.

Modern flagship AIOs increasingly incorporate MCUs, wireless connectivity, high-resolution displays, RGB controllers, dedicated software ecosystems, and even video playback capabilities.

The result is an entertaining rise in complexity, with display-equipped coolers now relying on tiny computers to manage their advanced features.

As functionality expands, prices have also climbed, turning what was once a relatively straightforward component into one of the most feature-laden devices inside a modern PC.

This trend extends beyond ASUS as manufacturers increasingly compete through aesthetics rather than solely emphasizing thermal performance improvements.

JONSBO's TM-280 includes a 3.95-inch IPS screen capable of displaying hardware statistics, animated GIF files, images, and MP4 video playback.

Meanwhile, ASRock's Challenger Digital models integrate 3-inch LCD panels displaying processor temperatures, clock speeds, and pump operating information.

Antec has moved even further with the Vortex View 360, featuring a rotatable 5-inch IPS display operating at 1280 × 720 resolution.

Cooling performance now shares space with entertainment features

Manufacturers still improve thermal hardware through faster pumps, larger radiators, enhanced fan designs, and supplementary motherboard cooling solutions.

ASUS incorporates a small VRM cooling fan, while JONSBO rates its TM-280 for processors reaching thermal loads of 285W TDP.

Yet the most visible developments increasingly involve screens, lighting effects, wireless connectivity, software ecosystems, and display customization capabilities.

MSI recently introduced a fabric-covered cooler concealing a display beneath its exterior, illustrating how appearance has become increasingly influential.

Several of these products now depend upon dedicated software suites, internal USB connections, specialized controller hubs, and proprietary communication interfaces.

The ASUS wireless display implementation even relies upon a motherboard connection system carrying power, control signals, and data through dedicated contacts.

The evolution remains entertaining because these cooling components have transformed into feature-rich hardware that can justify higher prices for enthusiasts building showcase systems.

Some users, however, may question whether such additions are necessary for hardware whose primary purpose remains cooling a processor.

Via The Guru of 3D

• AiOnX takes 77% share in US-based cryptocurrency miner
• The deal sees it take control of 15 data centers in the US and Sweden
• The $500 million acquisition sees it secure access to 1.3 Gigawatts of power, an increasingly scarce commodity for AI datacenters

AiOnX, a major data center infrastructure developer focused on hyperscalers across Europe, has taken a majority stake in the US-based cryptocurrency mining firm Genesis Digital Assets.

The transaction, valued at $500 million, sees its parent company, SWI Group, take a 77% stake in GDA, and gives it control over 15 cryptomining data centers across the US and Sweden - and perhaps more importantly, access to 1.3 Gigawatts of available power.

The agreement encompassing 15 data centers across North Carolina, South Carolina, and Texas, as well as two sites in Sweden.

A faster buildout with ready access to power

The move by SWI Group was reported by DataCenterDynamics, which said a deal was in the works between SWI and a then-unnamed US cryptomining entity.

It seems to have been dictated by GDA's access to readily available power, even as most hyperscaler buildouts continue to struggle with their own power limitations, and as studies indicate it could eventually stall AI datacenter growth by as early as 2030.

The reason for GDA making for a relatively no-brainer acquisition by SWI, thanks to its power connectivity.

"Power connectivity is the most valuable commodity in digital infrastructure today, and converting legacy cryptocurrency mining infrastructure to AI and high-performance computing is the best and highest use of these assets," noted SWI founder and CEO, Max-Hervé George.

"We have been investing in power-connectivity since 2020. This is what that thesis looks like at scale."

This is not an isolated move, however, with many cryptocurrency miners now pivoting to or getting outright acquired by AI hyperscalers as demand for compute, and, in tandem, power continues unabated as models get larger over time.

The reason is that not only is cryptomining relatively unprofitable compared to AI workloads that rent out GPUs under long-term contracts, but it is also inconsistent, given that cryptocurrency prices tend to fluctuate, making for an unpredictable payday for cryptominers, many of whom are heavily infused with debt to cover their scaling needs.

While modern crypto ASICs can not be repurposed for AI needs, the power they consume, much of which is locked in via long-term contracts, is much more valuable for AI datacenters since their power needs are already taken care of and available on-site, versus many otherwise ambitious and time-consuming power generation projects that some hyperscalers have directly been forced to invest in.

For context, as per estimates by Coindesk, AI contracts offer margins of as much as 85% with multi-year revenue visibility in tow, making cryptomining, even as hashrates continue to climb, while Bitcoin remains below $70,000, reflecting a broader crypto market that some feel has already entered a bear-induced winter.

• Alibaba's Tongyi Lab unveils the Qwen Robot Suite
• Its first embodied-AI models are split into navigation (RobotNav), a video "world model" (RobotWorld), and manipulation (RobotManip)
• The move comes after Nvidia recently unveiled and published its own Cosmos 3 offerings

As much of its AI competition continues to focus on LLMs and making them faster and more capable, Alibaba might be looking to lead on another frontier altogether, along with its LLM ambitions in tow: robots.

The company's Tongyi Lab has unveiled the Qwen Robot Suite, what it calls a family of models focused on "embodied AI," which centers on enabling machines to perceive space, reason, and act accordingly.

This comes at the heels of Nvidia's own Cosmos 3, a frontier model for physical AI, further bolstering CEO Jensen Huang's narrative that China's developer ecosystem remains relatively unaffected by chip restrictions, even as focus in the West continues to shift to power for many of the sprawling data centers being built in the US.

A competitor or a complement to Nvidia's playbook?

The Qwen-Robot Suite consists of three core models: Qwen-RobotManip, a generalizable vision-language-action model; Qwen-RobotNav, a scalable vision-language navigation model; and Qwen-RobotWorld, a video world model designed for embodied intelligence.

There is no denying, however, that robotics is being treated as perhaps the most crucial frontier for AI, even as LLMs continue to advance, with both Google and Nvidia among the companies pouring billions into research on their respective Gemini Robotics and open source Cosmos offerings.

Alibaba claims that the model, which leverages a more lightweight Qwen3.5-4B model rather than its Qwen 3.7 Max, which features over a trillion parameters, manages to top the RoboChallenge real-robot benchmark, scoring an impressive 59.83 and a 45% task success rate.

With other interested parties such as Tencent, Unitree, AgiBot, UBTech, Galbot, Spirit AI, and GigaAI, in addition to interest from EV firms including Xpeng and Xiaomi, all shaping the future of Chinese AI robotics, R&D in the industry is continuing at full swing, even as upcoming IPOs are expected to further propel the industry forward with easier access to capital.

The South China Morning Post, a wholly owned subsidiary of Alibaba, noted that "Alibaba’s entry comes as embodied intelligence is fast becoming the next frontier in global AI."

Nvidia's position on the matter is perhaps more nuanced with it attempting to behave as an 'enabler' versus a direct competitor as it pushes its open-source model to perhaps form the same building block that CUDA does for GPUs with Cosmos, GR00T, Isaac and similar offerings being the playbook this time around to ensure future robotics platforms are built, much like most AI tools, around Nvidia's hardware and software stack.

Alibaba's announcement might not be a sign of the Chinese giant out-engineering Nvidia, but in the backdrop of the Chinese government insisting informally at least, on a decoupling or at a minimum, no reliance on US-based hardware or software, it can be seen as an intent to build a similar ecosystem for Chinese robotics companies.

In the absence of Nvidia's presence in China, it might be hard to compare the two offerings, even as their scales differ considerably: Cosmos 3 is an open-world foundation model with multiple vendor-reported scores that do not cover RoboChallenge, whereas Alibaba's are self-reported from exactly one benchmark. Until both approaches can be compared directly, one can not assume superiority of one over the other.

What is, however, perhaps painfully obvious for Nvidia, and has been warned of time and again by its CEO, is that China, irked by US policies around AI, is no longer looking for chips, models, or even open source solutions to incorporate into its ecosystem, but wishes to build them from the ground up.

This could result in a lack of exposure to what was the second most lucrative market for the chip designer, a move that could cost it billions of dollars in revenue in the robotics segment alone, from what is still widely considered the "factory of the world" due to its huge manufacturing base.

• TrophyLab gives verified allies direct access to captured Russian military intelligence
• Foreign engineers can now physically disassemble real Russian weapons and missiles
• The platform covers armoured vehicles, UAVs, missiles, and electronic warfare systems

Ukraine's Ministry of Defence has launched TrophyLab, a platform giving foreign governments, research institutions, and defence companies direct access to technical intelligence gathered from captured Russian military equipment.

The platform includes technical documentation, research results, blueprints, and analytical findings covering armoured vehicles, missiles, aircraft, UAVs, electronic warfare assets, and cruise missiles.

In a move that breaks sharply from standard military practice, Ukraine is also offering to ship physical hardware samples to allied partners for hands-on examination.

What TrophyLab actually offers and who can access it

Since the beginning of the war, Ukrainian military researchers and scientific institutions have been systematically studying every piece of captured enemy equipment.

That work has produced detailed knowledge of how Russian weapons function, where their weaknesses lie, and what countermeasures can be developed most efficiently against them.

TrophyLab now makes that accumulated intelligence available to Ukrainian defence manufacturers, military units, scientific institutions, and international partners actively supporting Ukraine's war effort.

Its catalogues include armoured vehicles, missiles, aircraft, UAVs, electronic warfare systems, unmanned ground vehicles, and cruise missiles across multiple operational categories, exceeding typical databases.

Access to physical samples goes considerably further than document sharing alone, as the platform supports multiple examination formats, ranging from non-destructive analysis through to complete disassembly and destruction of captured equipment.

That level of access allows foreign engineers to test their own countermeasure solutions directly against real Russian hardware, potentially cutting the development cycle for defensive technologies.

The strategic logic behind making Russian secrets public

Governments typically guard captured enemy technology closely for their own strategic advantage, which makes Ukraine's decision to share it openly with allies a genuinely unusual step in modern warfare.

The decision to open this intelligence reflects a deliberate calculation about how to maximize the collective defensive capability of Ukraine's partners against a common adversary.

Every Russian weapon deployed against Ukraine now becomes a potential source of publicly available technical knowledge for the broader defence community of democratic nations.

Ukraine's framing of the initiative is explicit on this point, describing the knowledge as something that "should work for those who create defence" rather than remaining locked away from allied researchers.

The platform is available to verified users only, suggesting some access controls remain in place despite the broadly open-access philosophy behind the project.

Whether TrophyLab accelerates the development of effective countermeasures at meaningful scale will depend on how actively allied governments and defence contractors engage with the available material.

The more extensively Russia deploys its weapons arsenal against Ukraine, the larger and more detailed that shared intelligence base becomes.

This may bring a new dimension to the deployment of Russian technology, since any captured equipment could now instantly become public knowledge through TrophyLab.

• Workday's AI screening software under fire for discriminatory biases
• Hirers usually bear the responsibility, but human-replacing software could be responsible
• The case must also consider AI much more broadly, including historical biases and shifting responsibilities

During a June 2026 hearing, Judge Rita Lin implied she might be likely to reject Workday's latest attempt to dismiss claims brought under California law relating to a 2023 discrimination case.

Three years ago, Derek Mobley accused the company of rejecting him from more than 100 jobs after applying through he company's recruitment systems on the basis that he is black, over 40 years old and has anxiety and depression.

But rather than suing the individual employers, Mobley is pursuing action against Workday itself, arguing its AI-powered hiring software is responsible for discriminatory action.

Workday is on track to face legal action over AI-powered hiring software

Workday has argued that California employment discrimination laws should not apply when applicants live – or jobs are located – outside of California.

Reuters notes that more than four in five US employers and nearly all Fortune 500 companies now use AI-powered hiring or applicant-screening tools, and the ongoing case marks an important potential shift in its regulation.

Previously, employers have been liable for discriminatory hiring, but the lawsuit is now exploring whether software developers and AI vendors should bear some responsibility.

In an earlier 2024 hearing, the judge questioned whether Workday may also qualify as an employer because it performs screening tasks that would usually be carried out by human workers in HR teams.

While this specific case relates to Workday, the court must also explore how training data can affect biases and who bears responsibility for the outcome – the results could have a much bigger impact than just a fine for Workday.

"Our technology looks only at job qualifications, not protected traits like race, age, or disability," the company added in a statement.

• Xsolis confirmed a phishing‑enabled breach on Jan 22, 2026, exposing data of 1.39M individuals
• Stolen info includes names, addresses, DOBs, SSNs, health insurance, and medical treatment details; no ransom demands or dark web leaks yet
• Customers offered free credit monitoring and identity theft protection, with warnings to watch for phishing and fraud attempts

Healthcare technology company Xsolis disclosed a cyberattack in which it lost sensitive data on almost 1.4 million customers.

Xsolis is a company that uses AI to help healthcare organizations make faster and more consistent decisions about patient care and utilization management. Earlier this week, it published a data breach notification on its website, saying that it spotted the intrusion on January 22, 2026.

Apparently, after a successful phishing attack on one of its employees two days earlier, the attackers were able to access a “limited portion” of the Xsolis environment, from which they were able to exfiltrate people’s names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information.

Almost 1.4 million victims

This level of information is more than enough information to target these individuals with phishing or even steal their identity for more disruptive attacks elsewhere.

In a filing with the US Department of Health and Human Services, Xsolis confirmed that 1,396,519 individuals were affected by this breach.

“We have taken steps to address the incident and are committed to protecting the information entrusted to us,” Xsolis said in the announcement. “Upon learning of this incident, we immediately began an investigation and reported the incident to law enforcement. We also implemented additional safeguards to further enhance the security of information in our possession and to help prevent similar incidents from occurring in the future.”

So far, there is no evidence of the data being used in follow-up attacks, or being offered on the dark web. No threat actors have yet claimed responsibility for the attack, and no one has yet demanded ransom in exchange for the files.

Xsolis told its customers to be wary of incoming messages, especially those pretending to be from the company, or using it in any other context. Customers are also offered free credit monitoring and identity theft protection services, as well as fraud alerts and credit freezes.

• Kaspersky warns of a WhatsApp phishing campaign spreading malicious VBScript files disguised as business documents
• Running them installs ManageEngine Endpoint Central, giving attackers remote access; filenames localized boosted global reach
• Victims span Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia, Vietnam, and Malaysia; compromise method remains unknown

WhatsApp users beware - there is a phishing campaign ongoing on the platform, seeking to infect your devices with a legitimate, but unsolicited endpoint security platform.

Security researchers Kaspersky recently published a new report detailing a campaign that starts with a compromised WhatsApp account. They could not determine how these accounts got breached but found that they were being used to reach out to the victims’ contacts and share a VBScript file masquerading as business or financial documents.

People who don’t find it strange that their contacts are suddenly sharing business documents, and end up running them, will get ManageEngine’s Endpoint Central, a unified endpoint management (UEM) and endpoint security platform built to help IT teams manage a fleet of desktops, laptops, servers, mobile devices, and other endpoints, all from a single console.

Two scripts, one malware

In this case, however, they wouldn’t be managing anything - they would just be granting remote system access to the attackers. Kaspersky says that the campaign is rather widespread, with victims located across Brazil, India, Mexico, Singapore, the UK, Spain, Taiwan, Australia, Russia, Vietnam, and Malaysia.

One of the reasons the campaign was so successful on an international level is because the filenames are localized in multiple languages, Kaspersky added.

“Based on evidence collected from multiple victims through social media reports and submitted samples, we can conclude that the threat actor had gained access to several WhatsApp accounts and used them to distribute the malicious VBScript files to contacts on the compromised users’ contact lists,” Kaspersky’s researchers said.

“At the time of writing, the exact method used to compromise these WhatsApp accounts remains unknown.”

Downloading and running the malicious files on Windows result in the deployment of two scripts that first disable UAC protections and then deploy the UEM. Kaspersky also stressed that when users open WhatsApp on the web, they must first download the files, but when they open the desktop client, the files can be executed directly via Windows Script Host.

Via BleepingComputer

• Oracle now has around 141,000 workers, down from 162,000 in 12 months
• The company spent $1.84 billion in severance and related costs last year
• Billions to be raised by means of new debt and equity to fund AI plans

Despite recently confirming record revenues of $67.4 billion in its just-closed fiscal year, marking a 17% rise, Oracle has laid off an estimated 21,000 workers during that same 12-month period.

The company confirmed it had around 141,000 workers on the books as of May 2026, but when it made the same report last year, it had around 162,000 employees.

However despite record revenue and drastic cost-cutting measures, share prices are down around 15% in one year largely due to concerns over massive AI-driven capex.

Inside Oracle's massive AI strategy

In a filing, the company noted that the layoffs had been impacted by various factors, including management and product changes, performance issues, other strategic shifts and business acquisitions. But AI also got its fair share of the blame, both directly and indirectly through shifting company priorities and improving internal efficiency.

During the year, Oracle spent an estimated $1.84 billion on severance packages, restructuring and other employee costs, marking a huge increase over the $374 million it spent on restructuring during the previous year.

But that's nothing compared to how much the hyperscaler plans to spend in capex this coming year – most of the $70 billion projection will be allocated toward data centers and other cloud infrastructure.

The biggest risk that investors worry about could be this funding's source though, because current plans include raising around $40 billion if it through new debt and equity instead of operating cash flow. Around $20 billion will likely come from stock issuance (per Reuters) – the company is currently worth an estimated $503.5 billion.

However, recent high-profile deals with the likes of OpenAI and Meta also speak volumes about confidence in the company from a customer point of view.

All of this while generating electricity via higher-cost natural gas fuel cells "with minimal emissions," as the company stated in its fourth-quarter release.

For a long time, security teams have been dealing with the same problem: a constant stream of security alerts, but not enough context.

Missing details like user behavior, asset importance, or related activity, means there’s a heavy reliance on analysts to work out what actually matters.

This doesn’t just slow teams down; it puts real pressure on teams and limits how much they can realistically review or understand.

Agentic AI changes this dynamic.

Instead of looking at alerts in isolation, these systems can piece activity together, understand what’s happening in context, and in some cases take action on their own.

Often, issues are resolved before they ever need to be escalated. That removes a lot of the manual effort that’s shaped security operations for years.

But while a clear improvement, it doesn’t remove risk—it shifts it.

As systems improve, scrutiny declines

A useful comparison is aviation. As systems become more reliable, people naturally step back. Not because they’re careless, but because constantly double-checking something that’s almost always right starts to feel unnecessary. Over time, trust stops being something you actively think about and becomes something you assume.

The same thing is starting to happen in cybersecurity. As these systems prove themselves, teams spend less time questioning individual decisions. The environment feels calmer, and the lack of issues reinforces that sense of control. The real risk isn’t frequent failure, it’s that when something does go wrong, it’s less likely to be challenged.

Alert fatigue comes from having to pay attention to too much, too quickly. What follows is something different: a gradual drop in attention, where growing confidence in the system weakens the instinct to double-check.

A model built on two interdependent layers

The structure of security operations starts to shift as well. Instead of everything hinging on human decision-making, you end up with two connected layers. People set the intent – defining policy, access and boundaries – while agents interpret it and act on it, often much faster than any person could.

Both layers can be influenced. Traditional attacks aimed at people don’t go away, but there’s now another surface to think about: the data, prompts, and workflows that shape agent behavior. If those inputs are manipulated, the system can still produce actions that look valid, because they follow its internal logic.

At the same time, the distance between decision and execution increases. Human operators aren’t as involved in the moment an action happens, which makes it harder to spot when something isn’t quite right. In practice, each layer ends up relying on the other for validation.

When that assumption holds, the system works efficiently. When that works, everything runs smoothly. When it doesn’t, the gap between them can be hard to see in real time.

How risk scales in an agentic environment

Risk doesn’t just increase in this kind of environment, it spreads differently. Each agent has its own identity, permissions, and decision-making logic, and they’re often connected. Actions taken in one part of the system can trigger responses elsewhere, creating chains of automated behavior.

That means a single bad input or flawed decision doesn’t stay contained. It can move quickly across systems without anyone stepping in. The issue isn’t just speed, it’s how connected everything is. Small mistakes can have much bigger consequences because they’re carried through multiple layers of automation.

Why identity and access need to change

How agents are set up today adds another layer of risk. In many cases, they’re treated as extensions of the user, with the same credentials and access. It’s convenient, but it also widens the blast radius if something goes wrong.

A more resilient approach is to treat agents as their own entities. Give them distinct identities, limit what they can do to specific tasks, and make sure their actions can be tracked and reversed if needed, without affecting everything else.

It’s less about efficiency and more about putting the right foundations in place for systems that are increasingly acting on their own.

Maintaining control as reliance increases

One of the trickier aspects is that failure doesn’t always look like failure. Fewer alerts and faster resolutions can make it feel like risk has gone down, when in reality oversight may just be less active.

Staying in control comes down to how these systems are designed and used. High-impact actions still need some form of verification, even if most routine work doesn’t. It also matters that teams can see not just what an agent did, but how it arrived there—what inputs it used and how it interpreted them.

The ability to step in is just as important. If stopping or overriding an automated process is slow or awkward, it probably won’t happen in time when something goes wrong. That kind of intervention needs to be simple enough to use under pressure.

More broadly, the role of the security professional shifts. It’s not just about spotting obvious problems anymore, but recognizing when something that looks fine might still need a second look.

A quieter, more concentrated risk

Agentic AI will do a lot to reduce alert fatigue, which has weighed on security teams for years. The trade-off is that risk becomes less visible and more concentrated in the space between what people intend and what machines actually do.

In systems that work correctly most of the time, the real challenge isn’t constant failure. It’s what happens when something does go wrong and whether the usual signals that would catch it are still there.

We've reviewed, rated, and ranked the best firewall software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Trump wants to have scientifically relevant quantum computers as soon as 2028
• PQC migration pilot must have been completed by the end of 2027
• Quantum promises to prevent attacks and aid discovery simultaneously

US President Donald Trump has signed two executive orders to push the US forward in quantum tech in a bid to prepare government systems against future cybersecurity risks.

The first EO is to establish a coordinated national effort to "develop the first ever quantum computer powerful enough to initiate the era of quantum-enabled scientific discovery and accelerate quantum capabilities for commercial applications."

The Departments of Energy, War, Commerce, and the Intelligence Community, industry and research leaders are all set to be involved as the country seeks to press on with its quantum plans.

Trump signs executive order to accelerate quantum computing plans

Among the benefits Trump envisions coming from future quantum computers are a number of spatial awareness improvements, including navigation through military environments, detecting submarines, underground structures and other hidden infrastructure, and improving battlefield awareness.

Trump's second EO focuses on the nationwide "nationwide migration to post-quantum cryptography," coordinated between the Office of Management and Budget (OMB) and the National Cyber Director.

The White House warned that quantum developments threaten the security of government networks, banks, healthcare, military systems and other critical infrastructure, ordering a pilot scheme to have been completed by the end of 2027. Some of the earliest migrations are set to have happened by 2030-2031, the administration added.

Quantum also promises some positive impacts spanning manufacturing, drug discovery, energy and agriculture, with the President seeing earlier investment in quantum giving the nation a competitive advantage.

But in as little as two years and before PQC rollout, the administration hopes to achieve scientifically relevant quantum computing, targeting 2028.

There is a growing tendency to frame advances in artificial intelligence through the lens of breakthroughs: new models, new architectures, new capabilities.

Innovation is often measured by what is invented, and how quickly.

But in some domains, this framing misses the point entirely.

Financial crime is no longer a collection of isolated incidents, it has evolved into an organized, adaptive, and increasingly industrialized system.

Criminal networks operate across geographies, leverage automation, and continuously refine their methods: they test, iterate, and scale, just as any high-performing organisation would.

In such an environment, the question is not whether an AI system is innovative. It is whether it can operate at the same level of organisation, speed, and adaptability as the threats it is designed to counter.

When Innovation Meets Reality

Most AI breakthroughs do not survive contact with real-world systems.

In controlled environments, models perform well. Data is structured, assumptions hold, and evaluation metrics are stable. But reality introduces a different set of constraints: incomplete information, shifting behaviors, latency requirements, regulatory oversight, and adversarial actors actively attempting to exploit weaknesses.

Financial and state systems, in particular those related to fraud and risk, represent one of the most demanding environments for AI. Decisions must be made in milliseconds, errors carry direct financial and reputational consequences, and the underlying patterns are constantly evolving. Not randomly, but intentionally.

Fraud is not a static problem. It is an adaptive one.

This is where many innovations fail. Not because the underlying ideas are flawed, but because they are not designed to operate under sustained pressure or with the necessary agility to adapt.

The Complexity of the Problem

The industrialization of frauds changes the nature of the response required.

It is no longer sufficient to detect known patterns or react to past incidents. Systems must identify behaviors that have not been seen before, anticipate emerging tactics, and operate continuously across multiple channels and geographies.

This requires more than isolated innovation. It requires systems that can learn, adapt, and scale, not once, but continuously. And behind those systems, it requires something even more fundamental: a culture capable of producing and sustaining that level of performance over time.

The way of the patent

Innovation that exists only on paper has limited impact. Innovation that survives deployment, that continues to perform as conditions change, is what ultimately defines effectiveness. In financial crime prevention, the gap between these two is critical.

In recent years, the financial sector has significantly increased its investment in AI and machine learning, with a sharp rise in patent activity across the industry. From large banks to specialized technology providers, there is a growing recognition that intellectual property can capture and formalize advances in detection, decisioning, and risk management.

According to recent data, AI-related patent filing in the financial sector grew by over 250% in the past five years: from big banks to small startups working in the space, there is a clear interest in adding the value of patents to the business.

But patents, in this context, should not be understood as an end in themselves.

They are not simply indicators of inventive capacity. They are signals of something more structural: the ability to repeatedly transform ideas into capabilities that operate reliably in real-world systems.

Strong ideas

If you obtain one patent, it suggests a strong idea. If you obtain ten, it suggests a strong team. If you obtain one hundred, it suggests a strong culture.

A culture in which ideas are not only generated, but challenged, tested, refined, and integrated into systems that must function under real-world constraints.

This distinction becomes tangible when looking at what such innovation enables in practice.

It allows financial institutions to analyze behavior across extended time horizons in real time, not only evaluating a transaction in isolation, but understanding how it relates to patterns built over weeks or months. It enables a shift from static rule-based detection to continuous behavioral modelling, improving both the precision of anomaly detection and the speed of response.

In environments where decisions must be made in milliseconds, these capabilities are not incremental improvements. They determine whether institutions can intervene while fraudulent activity is unfolding, rather than reacting after the fact.

Some of these approaches are already being deployed at scale within large financial institutions, enabling significantly faster decision execution and more robust behavioral insight across complex transaction environments.

From this perspective, patents are not about invention alone. They are about building the conditions under which innovation can endure and translate into systems that perform under pressure.

From Invention to System Performance

For an idea to matter in this context, it must pass through several layers of validation. It must be new. It must not be obvious. And it must be useful, not in theory, but in the systems that institutions rely on every day. This last dimension is often overlooked.

Usefulness, in a real-world financial system, means the ability to operate reliably at scale, under constraints, and in the presence of adversarial behavior. It means integrating into complex infrastructures, supporting decision-making in real time, and remaining robust as both legitimate usage and criminal tactics evolve.

In other words, innovation is not defined by invention. It is defined by sustained system performance.

Matching the Scale of the Threat

The industrialisation of financial crime introduces a structural asymmetry. On one side, highly organised networks operate with speed, coordination, and adaptability.

On the other hand, defensive systems have historically been fragmented, reactive, and constrained by legacy architectures. Closing this gap is not a matter of incremental improvement. It requires a shift in how systems are designed, built, and evolved.

The level of innovation required is defined by the level of organisation of the threat.

And as that threat continues to industrialize, the systems designed to counter it must do the same.

Beyond Breakthroughs

This does not diminish the importance of research. On the contrary, it reinforces it. Breakthroughs are necessary, but they are not sufficient.

What ultimately matters is the ability to translate those breakthroughs into systems that function reliably in the real world, systems that can operate continuously, adapt dynamically, and maintain performance under pressure.

In financial crime prevention, this is not an abstract challenge. It is an operational reality. And it is one that will define the effectiveness of institutions, the resilience of financial systems, and, ultimately, the level of trust those systems can sustain.

Better understand cybersecurity with the best online courses.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Meta paused its internal Model Capability Initiative (MCI) after an employee flagged exposure of sensitive data from mouse movement and activity tracking
• Program allegedly collected prompts, private conversations, performance data, and even tax/medical info in unencrypted form
• Meta says no improper access confirmed but is investigating; some employees still see the program running during the pause

Meta is pausing an employee-tracking program after one of the employees flagged it as exposing sensitive data.

The company behind Facebook, Instagram, and WhatsApp, was apparently running an internal program that was tracking employee mouse movements and digital activity. Called Model Capability Initiative (MCI), this program allegedly started in April with the goal of training Meta’s AI models through employee behavior recordings.

According to a memo released on launch, the purpose of the program was to improve the company’s AI models in areas where they struggled to replicate how humans interacted with computers, such as picking from a dropdown menu, or using different keyboard shortcuts.

Personal tax and medical information exposed?

"This is where all Meta employees can help our models get better simply by doing their daily work," the memo said at the time.

Reuters reported that an employee filed a high-priority security incident report (SEV) over the program’s exposure of employee data, including "full ​prompts and transcriptions, private ​conversations, people & performance ⁠data, DSS sensitivity ratings (1-4)." The same publication also said the program was collecting “more information than initially described” and stored it in unencrypted form.

"I have accessed both personal tax and medical information through ⁠my ​work computer, as have many thousands of employees,” the employee allegedly said. “​We were told this data would be protected and only used for valid business purposes after aggressive ​filtering."

Now, Meta confirmed pausing the program to investigate these claims.

"We have carefully designed this program ​with privacy safeguards and while we have no indication at this time that ​any data was improperly accessed by Meta employees, we're pausing it while we investigate," company spokesperson Tracy Clayton was cited saying. The company did not say for how long the program will be paused but stressed that it would take time to stop it for everyone, so some employees might still see it running.

As of Monday afternoon, the program was still running for some people, Reuters confirmed.

Via Reuters

• Tata Electronics confirmed a cyberattack but said operations remain unaffected, despite threat actor World Leaks claiming 630GB of alleged data
• Archive reportedly includes Apple/Tesla schematics, passport scans, and proprietary files; researchers found references to Pegatron, Foxconn, and Qualcomm too
• Reuters noted Tata is being extorted, though ransom details remain unclear; leaked files suggest sensitive manufacturing and engineering data exposure

Tata Electronics, the electronics and semiconductor manufacturing arm of the Tata Group conglomerate, confirmed suffering a cyberattack, but said it did not affect its operations. The scale of the breach, however, could be rather extensive.

"A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our systems,” the company said in a statement to Reuters. “Our response protocols were deployed immediately, and the incident has had no impact on our operations across businesses, which remain unaffected," it said, without going into details.

This statement came almost two weeks after a threat actor called World Leaks posted a large database on its data leak site, claiming to have come from Tata Electronics, and affecting companies such as Apple and Tesla.

Sensitive files confirmed

According to Reuters, roughly a third of all iPhone production in India is done by Tata Electronics. The company supplies Apple with back panels, enclosures, and circuit board parts, among other things. For Tesla, it’s been supplying it with chips, circuit board assemblies, and vehicle motor controller units, since 2025.

World Leaks uploaded an archive of 204,341 files, weighing 630.4GB. Allegedly, it contains numerous confidential and proprietary data, including Apple and Tesla schematics, passport scans, and other sensitive files.

Reuters said Tata was being extorted for the files but did not say how much money the threat actors were demanding, or if the negotiations were progressing in any way.

Some security researchers analyzed the leaked files and said that they contained information about manufacturing and engineering processes from these two companies. Among the researchers were Cybernews, who claim to have seen “hundreds of references to Apple and Tesla”, a folder named “com.apple.factorydata”, as well as documents labeled as proprietary or confidential.

Cybernews also found files referencing other companies, too: Pegatron, Foxconn, and Qualcomm, to name a few. However, there is no evidence that any of these companies had been breached.

Via Cybernews

The defining feature of the AI era is the speed at which AI tools have become a significant part of our working lives. Whether that’s generating content, summarizing data or automating routine tasks, AI’s speed is collapsing timelines that once took hours, days or weeks into seconds.

This is more than just a technological advancement. The rapid adoption of AI has encouraged a culture defined by instant gratification and a shift towards immediacy and expectation.

This culture shift is one of the most powerful forces shaping AI adoption, driving innovation, unlocking productivity and redefining competitive advantage.

Yet, bubbling beneath the surface are risks at a scale we’re only just beginning to understand. Employees are inputting sensitive data into AI systems, automating processes without fully understanding security implications and increasingly trusting outputs that are not properly authorized.

While organizations are increasingly confident in AI’s capabilities, the technology risks outpacing regulation and compliance. This leaves businesses vulnerable to unwarranted data risk and more cyberattacks.

The self-sustaining acceleration loop

AI is being powered by rising demands for speed and productivity. As these models become more intuitive, they remove barriers to use and are woven into everyday workflows.

That creates a feedback loop where speed becomes the priority and anything that slows it down, be it governance, security checks and/or compliance, look like obstacles rather than necessity.

At the same time, organizations are feeding these systems sensitive information with little visibility or control over where it goes, who is using it, or why. This isn’t always deliberate, but a byproduct of urgency.

We’ve seen this before. Convenience wins until the consequences catch up. From weak passwords to rushed cloud migrations, speed has often outpaced security. AI is following a similar trajectory, only faster and at a greater scale.

Regulation and compliance in catch up mode

Regulatory frameworks are also struggling to keep pace. By the time legislation is proposed, debated and implemented, the technology it aims to govern has often evolved. This leaves regulators reacting to yesterday’s risks rather than getting ahead of tomorrow’s flaws. In cybersecurity, that’s a losing game.

The gap between innovation and oversight is widening, and gaps are where threats thrive.

Cybercriminals are already using AI to scale attacks, automate reconnaissance and generate highly convincing phishing campaigns, with AI tools lowering the barrier to entry while increasing the attack surface.

As regulatory blind spots widen, threat actors won’t wait. They will move faster than the systems designed to stop them and exploit every delay.

Reframing the conversation

This is not a case against AI. Its benefits are real and, in many cases, unavoidable. The issue is imbalance, where advancement is favored and regulation and security are compromised.

We are moving too fast without the foundations to support it. As AI becomes embedded in core business processes, small gaps can scale into serious risks.

To unlock AI’s full potential without amplifying risk, we need to reframe how we think about progress. Organizations must understand their data flows in AI environments: what is used; where it goes; and how it is protected. Visibility and governance are not optional, they are the baseline.

Security must also be built in from the outset, not retrofitted. This requires alignment across technical teams, leadership and risk functions. AI cannot sit in a silo, it needs to be integrated into broader security and compliance frameworks, supported by closer collaboration between the industry and regulators.

Slowing down to move forward

To sustain momentum, we may need to slow down and create space for regulation to catch up. Building in governance, validating data use and embedding security controls will introduce friction, but it’s the kind that builds trust and resilience.

While the suggestion to slow down may feel like trying to stop a juggernaut with a stick, taking time now to pause and reflect is vital if we’re not to keep amplifying dangerous risk. A short pause now gives space to assess what is happening, what is needed which allows organizations to take back control.

Right now, AI is accelerating faster than our ability to manage the risk it creates. We need to adjust our priorities before the gap between security and speed becomes too wide to bridge.

We've ranked and reviewed the best antivirus software available.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Five Eyes alliance warned frontier GenAI models will enable advanced cyberattacks against businesses and governments within months
• Statement stressed cyber risk is now a leadership and business continuity issue, requiring whole‑of‑society response
• Comes amid concerns over Anthropic’s Mythos Preview and other models already showing offensive potential despite guardrails

In just a few months, high-end Generative Artificial Intelligence models (GenAI) will be capable of running cyberattacks on big businesses and government organizations, Five Eyes is warning.

The Five Eyes is an intelligence-sharing alliance between the United States, United Kingdom, Canada, Australia, and New Zealand. Formed after the Second World War, it allows the five countries to closely cooperate on intelligence and matters of national security.

Earlier this week, Five Eyes issued a new warning, saying that AI will help improve cyber defense over time, but will also accelerate the speed, scale, and sophistication, of threats: “Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities. The timeline is not years, it is months,” the warning reads. “In this environment, cyber resilience is integral to advancing business continuity, market confidence, and long-term value.”

All hands on deck

Five Eyes is now saying that the industry needs all hands on deck to address what’s increasingly becoming a burning issue:

“A whole-of-organisation and whole-of-society response is required,” it said. “Cyber risk can no longer be treated as a purely technical issue. This is a core business risk and leadership responsibility.”

In early April, news broke that Anthropic’s latest AI model, Mythos Preview, was so good at exploiting software vulnerabilities, that the company could not release it to the public. Instead, it only shared it with a handful of US enterprises, to give them a head start against threat actors.

While skeptics said it was nothing more than a publicity stunt, similar to what OpenAI pulled off with ChatGPT 2.0, companies that used it (for example, Mozilla), confirmed that it was, indeed, powerful enough that it needs to be kept in check.

Even models available today, despite all the guardrails, are being regularly leveraged by bad actors in different cyberattack scenarios.

Via The Guardian

Enterprises are deploying agentic AI at a pace that has outrun their ability to govern it.

Gartner predicts the average Fortune 500 enterprise will have over 150,000 agents in production by 2028, up from fewer than 15 in 2025.

Yet only 13% of organizations think they have the right governance in place to manage them.

The result is an execution gap: agents deployed in isolation, producing outputs nobody acts on, automating tasks rather than business processes and delivering unclear business value as a consequence.

Governance failures are an execution problem. Agents that can't interface safely with enterprise systems can't automate business processes in any meaningful way. They stay isolated helpers: producing artifacts, fielding customer queries, handling individual tasks.

The execution gap — the distance between what agentic AI promises and what it actually delivers inside the enterprise — remains largely unaddressed.

In 2026 and beyond, the guardrail problem poses an existential risk for enterprises. Adoption has outpaced controls, meaning that agentic AI is scaling faster than robust security measures can be implemented.

The speed of tech progress

The speed of tech progress can no longer stand as a rationalization for falling behind, and enterprises must address it before agentic becomes uncontrollable. Getting guardrails right will separate enterprises that realize full autonomy from those that stall out in pilots.

First, autonomy amplifies risk. Just because agentic AI can act on its own doesn't mean it requires zero human oversight. Autonomy does not equal autopilot. For agentic AI to generate real ROI, agents must do more than reason and respond. They must execute inside the business. That means interfacing directly with enterprise systems: ERP software, finance platforms, supply chain tools and the workflows that run the organization. Without that integration, agents remain one step removed from the work that actually matters.

Operational speed can compromise safety, compliance and reliability. Agents work at a blazing clip and on a more granular level than RPA. But speed becomes a moot point if agentic adoption leads to vulnerabilities such as sensitive data exposure.

Security and IT teams haven’t universally adapted to the new risk landscape. Among the risks agentic poses, "shadow AI" has emerged as a consequence of employees using unauthorized, unsanctioned AI tools or applications. When proper IT oversight or approval gets bypassed, it sets the stage for noncompliance and severe reputational damage. Departmental AI agents are proliferating without central oversight, creating security hazards and fragmented intelligence.

Governance lags far behind adoption. In this case, the guardrail gap might as well be a lack. Surveying more than 3,000 IT and business leaders worldwide, Deloitte found that just one in five enterprises reported mature governance to manage the risks of agentic AI. Autonomy without governance is a liability. This is particularly critical as we move toward the era of programmable finance, with Gartner predicting that 20% of monetary transactions will be programmable by 2030.

How to Lay the Rails Right

Agentic systems perform across a wide range of functions. When building guardrails, there must be no shortcuts. Guardrails bolted on after the fact can't account for the ways agents actually fail: corrupting data, contradicting decisions made elsewhere in the business and creating conflicts between teams acting on different outputs. Controls need to be built into how agents execute, instead of layered on top.

1. Practice measured orchestration

When enterprises accelerate AI adoption by stitching isolated tools across departments, security gaps grow harder to manage — because there’s no unified layer to anchor guardrails to. Start by scoping the broader business objective your agentic system needs to serve, not just the task.

Once you've determined what your agentic system will handle and which structured outputs will return to the workflow, built-in validation and guardrails become platform-level capabilities rather than afterthoughts bolted onto each individual agent.

2. Build governance capabilities

Without clear boundaries, agentic AI collapses. First, determine which decisions it can make independently versus those that need human approval. Real-time monitoring systems that flag anomalies and audit trails that capture the full chain of agent actions will enable accountability and continuous improvement.

3. Scale deliberately

No matter how sexy the pilot, agentic AI needs time to mature within the enterprise; you want to spot potential issues before they appear, not after. Start with lower-risk use cases and easy, single-task wins, as with fraud detection and remediation or vendor reconciliation. Avoid intricate processes with hundreds or thousands of inputs, such as the financial close of a business.

4. Guardrail gap = skills gap

While agentic AI excels at reasoning, the execution of reliable, repeatable business processes still demands deterministic systems — and human oversight to bridge the two.

To ensure smooth agentic operation in an enterprise, train your employees to move from triage, menial activities and repeated manual steps to judgment, governance and strategic decision-making roles. They absolutely require those skills. Scrum and Tiger teams can solve early problems and address early lessons, then pinpoint how agentic addresses your needs.

Putting it All Together: A Guiding Guardrail Principle

Yes, agentic AI scales productivity, but without strong guardrails, agentic AI scales risk even faster. Strategic observability and deterministic guardrails are required to ensure that non-deterministic AI stays compliant with regulatory and business standards, with reliable audit trails as well as rules for exactly when to escalate a decision or task to a human for complex exceptions or strategic oversight.

In the rush to embrace agentic, remember that the attendant tasks don’t represent a series of punch-list items. Veterans of software adoption and replacement projects know that it’s a holistic process where human actions and digital components fall into place with methodical synchrony.

Agentic AI, while it has altered the face of enterprise technology forever, rewards the same discipline every transformative technology before it has: lay the foundations carefully, and you won’t be fighting fires when it scales.

We list the best IT automation software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Around half of UK retail workers don't feel confident with GDPR tasks
• One in five haven't received formal compliance training
• Many workers can't remember what their training involved

Nearly half (44%) of UK retail workers say they're not confident in handling sensitive customer data or don't know how to process it correctly, raising potential compliance issues, per Virtual College research.

According to the data, nearly one-fifth (19%) of retail workers have never received formal compliance training despite handling customer banking details, contact information and other personal data daily.

And those who have been trained say it's been sporadic without regular updates – only one in three (30%) have been trained within the last six months, with a further 11% trained 7-11 months ago.

Retail workers aren't up to speed on GDPR

The report raises questions around the frequency and effectiveness of such training, because nearly one in five (17%) couldn't remember what their last compliance training covered. Only 13% say it covered safeguarding.

And while training is still being delivered to many, only around half (49%) say they'd feel 'somewhat confident' in responding correctly to a compliance situation.

This data also comes at a similar time to Government data revealing that more than two in five (43%) businesses have experienced some kind of cyber breach or attack in the past 12 months, highlighting the vulnerability of personal and sensitive information.

"Ongoing, bite-sized training keeps compliance knowledge fresh and helps employees stay confident in fast-changing regulatory environments," Business and Strategy Director Jamie Ashforth wrote, urging employers to conduct regular audits to identify gaps.

Per the report, UK companies paid £490 million in compliance failure fines in 2025, but broader impacts of regulatory investigations and knock-on reputational damage are also highly plausible outcomes.

Ashforth suggests businesses should prioritize high-risk compliance areas first, including data protection and safeguarding. "Clear processes and regular reinforcement give employees the confidence to raise concerns and act appropriately when issues arise."

Cloudzy isn’t your run-of-the-mill web hosting provider. It specializes in cloud infrastructure and fairly bare-bones Virtual Private Server (VPS) plans. That means you get reasonably priced access to excellent hardware and resources, provided you have the technical skills to handle them.

The good news is that many things can be pre-configured, and you have a broad choice of options in everything from the choice of operating system (OS) to web apps. We’re not just talking about WordPress, but also advanced options like Forex platforms.

You also have an excellent range of server location options, though perhaps not as comprehensive as Google Cloud or AWS, which are on a different pricing tier altogether. What we didn’t like, though, was the discounts Cloudzy offers based on your location choice, which we felt was a bit unfair to customers who might require specific regions for efficiency and localization.

Be warned, though - Cloudzy is not really aimed at casual users building their first website. While you can technically host anything here, the core audience appears to be users who need virtual servers for web apps, trading bots, VPN setups, and the like.

Plans and pricing

Cloudzy primarily focuses on VPS hosting rather than traditional shared hosting packages. At the bottom of its offerings are Cloud VPS plans similar to those offered by hosts like DigitalOcean, Linode, and VULTR.

At Cloudzy, though, you get a broader range of pre-deployment options. For example, you can decide to go with a pure OS-only deployment, or get your server started with a full LAMP-stack supported web app, or almost anything else.

Cloud VPS plans start at 1 vCPU with 512MB RAM, 20GB of NVMe storage, and 1TB bandwidth/mo. This scales up to a whopping 16 vCPU, 64GB RAM, 1.5TB NVMe storage, and 16TB of bandwidth for $199.97/mo.

While there is no additional charge for pre-deployment options, your final price may be adjusted depending on server location. It’s likely that Cloudzy does this to help balance their location loads, but it’s unfortunate for customers who may be penalized because of their requirements for where their servers are located.

Aside from Cloud VPS, Cloudzy also offers more specialized solutions like high-performance GPUs, GPU-optimized servers, AI servers, and dedicated servers. Again, all of these options are fairly technical, especially their dedicated bare-metal servers.

Ease of use

The Cloudzy dashboard is a straightforward way to manage your servers. However, it’s more practical than informational. You can use it to deploy, rebuild, or configure instances. Server monitoring isn’t in the cards, though, and you’ll have to deploy any of those solutions on your individual servers if you need them.

When we initially discussed the pre-deployment option, it might have been misconstrued as saying Cloudzy is easy to use. That isn’t really the case. Once the deployment is made, you’ll still have to manage the stack on your own. For example, you have to keep your server OS and applications up to date and security-hardened, not just manage your web app.

This is typically done via SSH into the server (root access is provided). If you know what you’re doing, it’s easy-peasy. If not, you’re probably going to face an oncoming disaster.

Again, we don’t recommend Cloudzy as a first hosting provider for someone completely unfamiliar with VPS environments. If you’re looking for a first entry to the Cloud, try something with more management features like Cloudways. That, however, will cost a bit more, so be mentally prepared.

Speed and reliability

Cloud providers are always thought to be all-powerful, but keep in mind that much of it still depends on the hardware and configuration. For example, on the surface, Cloudzy offers some pretty good standard cloud VPS plans. However, the processing power on these compared to their high-performance options is very different. For example, the 2GB standard cloud VPS plan we tested includes a 2.25GHz AMD processor, while a comparable high-performance plan includes 4.2GHz processors.

The biggest surprise, though, is that Cloudzy is using AMD Ryzen 9 processors for their Cloud VPS plans. Servers typically run AMD EPYC chips, which are the dedicated server versions commonly used in web hosting. The Ryzen family is intended more for regular consumers or enthusiasts.

It’s possible that this led to the slightly disappointing test results below.

WordPress benchmark test

The standard WordPress benchmark test was run on our prebuilt WordPress site to maintain consistency. Results at Cloudzy were a letdown, with initial results showing worse performance than some budget shared hosting alternatives we’ve seen.

Siege test

On our load test, Cloudzy performed like a champ, acing results with increasing loads of 5, 9, and 15 concurrent users. It ran rock-solid and completed all transactions quickly. If we were to use this as a comparative factor against the easier benchmark test, Siege results should take priority as a more realistic indicator.

Customer support

Cloudzy offers customer support via tickets (for existing customers), a knowledge base, and, more interestingly, WhatsApp. Don’t be fooled by the WhatsApp chat support option, though. You don’t get an instant response.

Their knowledge base is also quite Spartan, with only 73 guides available. These articles are very straightforward and relatively technical, so you may have to know what you’re doing just to follow the language. It can be a challenge, but those are the preconditions for this type of hosting anyway.

Overall, the vibe you get from customer support is very corporate. We felt a notable disappointment here, especially coming off our recent Freehostia review. That was a free hosting plan, yet it came with near-instant customer support that was both polite and effective.

The competition

DigitalOcean is one of the most popular cloud infrastructure providers for developers and startups, and is similar in product offerings to Cloudzy. Compared to Cloudzy, DigitalOcean has a more mature ecosystem and a more professional customer dashboard. However, Cloudzy may appeal more to users looking for simpler pricing and lower-cost VPS deployments.

Linode has built a strong reputation among developers for reliability and straightforward cloud hosting services. Compared to Cloudzy, Linode offers more enterprise-level polish and documentation, though pricing can sometimes be higher for equivalent resources.

For those who want a fully hands-off approach, Hostinger is a beginner-friendly choice. Although primarily cheap for shared hosting, you can also get VPS hosting and other plans. Hosting is priced aggressively and offers strong localization expertise for ideal customer support.

Final verdict

To be honest, Cloudzy is a fairly run-of-the-mill cloud hosting provider. We don’t feel that it excels in any particular area, even though the host itself seems professional enough. What really turned us off was their slow customer support, even for sales queries.

Performance-wise, Cloudzy runs fine, even with Ryzen chips instead of enterprise-grade EPYC chips. It’s just that the choice left us feeling disappointed that they would cut corners in that way. We recommend considering one of the many cloud alternatives if you’re in the market for a budget, hands-on hosting plan.

• Report finds public support for workplace robots is growing – especially for physical or dangerous tasks
• Willingness to accept a robot inside the home grows with real-life exposure
• Familiarity and clear governance are essential to overcoming public fear

Technological capabilities may no longer been the limiting factor when it comes to how and where robots can be deployed, with new Hexagon research revealing public support isn’t always there.

The company found much of the public is becoming more accepting of robots in the workplace, but only where they’re used for practical, physical or dangerous jobs.

However roles which require empathy, judgement or human interaction are still where support remains low.

Robots are most accepted in practical labor use cases

For example, more than half (56%) of the 1,000+ UK adults surveyed said they’d accept robots in lifting and transporting heavy items. Carrying and delivering any items (38%) and monitoring hazards and dangerous environments (34%) also received reasonable support.

With airports, some supermarkets and other public places now employing robots, 31% would even support their use in cleaning shared spaces.

Though the research fails to detail perception by age bracket, the company surveyed an equal number of UK children to reveal that heavy lifting, carrying and delivering is even more accepted among under 18s.

However, while repetitive physical work is generally well-accepted, 82% of UK adults want humans to care for sick, elderly and young people.

Only 5% say they’d choose a robot caregiver, making this the lowest support for any of the tasks included in the report. Even children seem reluctant to have non-human personal interactions, with 79% preferring human caregivers and 8% willing to choose a robot instead.

But Hexagon Technology Ethicist Dr Blay Whitby argues a simple reframing could skew these figures: “Ask people if they want to be cared for by a robot, and most say no… Ask if technology should help them remain independent in their own home for longer, and most say yes.”

Associate Professor in Moral Psychology Dr Jim Everett sees robots more as “assistive devices” in care homes and classrooms, rather than human replacements.

Exposure can drastically shift public perception

For now, the public still sees robots as industrial automation roles. More than half agree their natural homes are factories (53%) and warehouses (53%) – fewer consider them at home in hospitals and clinics (34%) or classrooms (30%).

Fear of the unknown could be another blocker, with only 28% of UK adults believing that having a robot colleague would be exciting – nearly half (46%) say it would be frightening. Humanoid forms are clearly unsettling, with twice as many preferring machine-like robots (27%) compared with human-like robots (14%).

Sci-fi fears about robots taking over could also be influencing public perception. Nearly all UK adults (88%) want clear rules governing what robots can do.

“Industrial environments are where the tasks for robots are the most defined, the safety cases are mature, and governance is in public view,” Hexagon CTO Burkhard Boeckem concluded.

Global comparisons back the fear of the unknown theory – while 30% of UK adults have encountered robots in real life, 75% have in China. A country that’s nearly twice as likely (63%) to accept robots into the home compared with the UK (32%).

For most of the last forty years, data center performance gains came from one place: smaller transistors. Moore's Law and Dennard scaling did the work.

Each new generation of silicon delivered more performance at the same or lower power, and thermal was a maintenance problem, not a performance limiter.

Cooling sat in the background. Operators measured it through PUE, optimized for it where convenient, and otherwise treated it as overhead.

That world is over.

Dennard scaling broke years ago, transistor efficiency gains are leveling off, and AI accelerator TDPs have climbed from 700 watts in the H100 generation to over 1,400 watts in current Blackwell deployments, with NVIDIA's upcoming Rubin platform expected to push further.

Thermal is no longer something that happens after the architectural decisions. It is now the binding constraint on how much performance a chip can sustain, and it is becoming one of the most strategic choices an AI data center operator can make.

Why this matters now

The macro numbers explain why this matters now. Data centers already consume up to 4.5 percent of total U.S. electricity production, a figure projected to reach 12 percent by 2028. McKinsey estimates global data center spending could approach $7 trillion by 2030, and that data center power demand will reach 220 gigawatts in the same window.

None of that capacity arrives quickly. New transmission lines and substations now take five to ten years to permit and build, which means operators cannot simply order more power when they need to scale.

The result is a hard pressure to extract maximum performance from the power they already have under contract. That pressure is what is reshaping how the industry thinks about cooling.

Cooling is no longer just an afterthought

For years, cooling was measured as an efficiency loss, captured through metrics like Power Usage Effectiveness (PUE) that quantified how much energy was burned on overhead before reaching the IT load. Today, the more meaningful metric is how much useful compute you extract per unit of power. NVIDIA's Jensen Huang now describes this as "performance per watt" or "tokens per watt" for AI workloads, and cooling plays a direct role in both halves of that equation.

Direct-to-chip liquid cooling has become the new baseline because it removes heat far more effectively than air. But even direct-to-chip is being pushed to its limit by 1,000+ watt accelerators, and most current deployments still require facility water around 30 degrees Celsius to stay within ASHRAE W2 and W3 envelopes, which means chillers running for much of the year in warm climates.

Better thermal management has effects on both sides of the tokens-per-watt equation. It reduces facility overhead, so more of the contracted power reaches the rack. And it allows chips to operate closer to their full thermal headroom, sustaining higher performance for longer.

Those gains compound. Recent UCLA study has shown that combining a 17 percent improvement in facility efficiency with a 15 percent gain in server-level performance per watt from better thermal management translates to roughly 35 percent more tokens per watt within the same power envelope. In a 10 megawatt facility, that is more than a megawatt of additional usable compute, with no additional grid commitment.

At GTC 2026, NVIDIA CEO Jensen Huang made this argument explicitly. He told the audience that beyond the silicon roadmap, infrastructure-level optimization across power and cooling represents another factor of two in performance still on the table. "There's no question in my mind there's a factor of two in here, and a factor of two at the scale we're talking about is gigantic," he said.

That gain does not come from a smaller transistor. It comes from rethinking how power and thermal energy move through the rack. Recent UCLA study suggests that at least one third of that infrastructure-level gain is attributable specifically to cooling. Cooling is no longer a support function. It is a primary lever for performance.

Water is becoming a hard constraint

Power is not the only pressure point. Water is emerging as an equally critical and often more immediate constraint on data center expansion. Traditional cooling architectures often rely on evaporative processes that consume vast amounts of water. According to the Environmental and Energy Study Institute, large data centers may use up to 5 million gallons per day, comparable to the daily water use of a town of 10,000 to 50,000 people.

This is drawing notice from regulators and communities in already water-stressed areas. The result is longer permitting cycles, higher project risk, and in some cases new developments paused entirely. States and municipalities are also implementing stricter reporting requirements and adjusting electricity rate structures specifically for data centers.

Operators now have to factor water alongside power into site selection. Facilities that minimize energy waste and reduce or eliminate water consumption are better positioned to navigate this environment.

The shift toward next-generation cooling

In response, the industry is entering a new phase of cooling innovation. Air cooling is no longer sufficient for high-density AI workloads. Liquid cooling has become the baseline, but within liquid cooling, not all approaches deliver the same efficiency or scalability.

The next wave of innovation focuses on improving heat transfer at the source: removing thermal energy more effectively at the chip level while reducing system-wide overhead. Some of these approaches draw on heat transfer techniques refined in other high-density power industries such as nuclear power generation, where the challenge of moving large amounts of thermal energy from a constrained physical space has been studied for decades.

The goal is straightforward. Better cooling enables higher rack densities, allows operation at higher facility water temperatures, and reduces or eliminates reliance on water-intensive heat rejection. Just as importantly, the next generation of cooling architectures is being designed to integrate with existing data center footprints, so operators can evolve their infrastructure rather than rebuild it from scratch.

NVIDIA's Vera Rubin platform, announced at CES 2026, was a clear signal of where this is heading. Vera Rubin is designed for 45 degree Celsius supply water, which means dry coolers can do most of the heat rejection year-round and mechanical chillers become optional in most climates. That is a fundamental shift in how cooling infrastructure will be designed for the next decade.

A defining moment for data center design

The data center industry is at an inflection point. AI compute demand is accelerating, and every resource needed to support it, power, water, physical space, is becoming harder to secure. Cooling sits at the intersection of all three.

It determines how efficiently power is used, how much water is consumed, and ultimately, where infrastructure can be deployed. The operators that recognize this now will have a sustained advantage. How to keep data centers cool under AI workload pressure has become one of the most strategic decisions in modern infrastructure.

We feature the best web hosting services: tested and reviewed.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Generative AI has moved quickly from experimentation into early production use in many enterprises. However, very few can confidently forecast what it’s going to cost them in six months.

For a technology that has consumed so much board-level attention and capital, that reflects a lack of certainty, and one that some technology leaders may privately recognize as true of their own organizations.

The spend is real and the direction is clear, but the number at the end of the year can remain genuinely uncertain.

To capture a glimmer of the confidence driving the infrastructure race, Amazon’s CEO has indicated it expects to spend heavily on IT infrastructure to support AI, with an estimated $200 billion in AI capital spending, arguing it is “not going to be conservative” in how it invests in the tech.

In practice, what makes AI different from the infrastructure investments that came before it is not the scale of the commitment but the nature of the consumption.

Cloud computing was unpredictable when it arrived too, but it eventually settled into patterns that finance teams could learn to model. AI hasn’t settled in the same way yet, and much of the reason comes down to how it is being used.

A great deal of enterprise AI use remains exploratory, which is part of what makes forecasting harder. And unlike cloud, which stayed largely within technical teams for years before spreading, AI is moving across the whole organisation almost immediately. That changes everything about how you try to govern it.

The limits of financial visibility

On the surface, some forms of AI appear to offer what earlier infrastructure lacked: clean, granular, real-time data and what it costs. But across the rapidly growing landscape of technology providers leveraging AI in some way, many do not.

In some cases, token-based pricing is precise in a way that early cloud billing never was, and for finance teams accustomed to working with far less, it can feel like a step in the right direction for solving the visibility problem.

We unfortunately still have a long way to go, since simply understanding what was spent last month tells you very little about what will be spent next quarter, particularly once adoption moves beyond the teams who originally shaped the business case.

One must consider that teams across legal, HR, and customer operations are not thinking about token economics (tokenomics). They’re only thinking about whether the tool works.

Cost exposure builds not through any single decision but through dozens of small expansions, each reason in isolation, none of them reflected in a comprehensive forecast. By the time anyone joins the dots, the demand curve has already moved.

Extending the disciplines that already exist

The organizations who are doing a better job managing AI spend have tenured experience managing consumption-based technology. IT asset management (ITAM) teams for example often have more experience dealing with more fixed constructs like users or seats, which makes the consumption-based nature of AI far more challenging.

FinOps teams on the other hand have grounded experience in managing consumption that originated in public cloud. FinOps teams may therefore better positioned to deal with the new tsunami of AI consumption and spending, ensuring that it is governed as adoption scales.

FinOps has also been broadening its scope beyond the initial roots in public cloud, with AI cost management now sitting firmly within that remit for many, a shift reflected in how the FinOps Foundation is increasingly incorporating AI into its guidance. Part of that expansion is about forecasting demand that behaves differently from conventional workloads.

There is also growing interest in whether AI itself can support FinOps practices, particularly in anomaly detection, optimization and, over time, forecasting, as consumption patterns become harder to model.

The challenge is applying FinOps practices early enough so that governance shapes how AI scales, rather than scrambling to restore control once spend has already outpaced oversight.

The compounding difficulty of legacy environments

For organizations whose technology estates were built around consistency, extending governance into AI is harder than it sounds.

AI-first organizations design with cost in mind from the beginning, treating inference the way they would any other product input, with economic constraints shaping architecture decisions before commitments are made.

Retrofitting AI into legacy infrastructure means something different. Existing commercial commitments and operating models do not adapt quickly to a consumption model that is inherently variable, and that friction has a direct bearing on cost.

The difficulty is often that AI is being introduced into environments built around very different assumptions about how demand behaves, and that is part of what makes forecasting harder.

The challenge is not simply new spend, but expenditure ballooning in environments where oversight and control are already difficult to maintain.

Organizations navigating this will tend to run controlled experiments before broad rollout and are deliberate about how adoption spreads. In practice, that is often about containing unmanaged adoption early, before usage patterns, costs and dependencies become harder to unwind.

That same exposure increasingly carries beyond internal governance. As AI appears more often in customer procurement conversations, questions that were once largely internal are starting to be probed externally too.

For organizations whose governance has not kept pace, those questions can force a level of clarity they may not yet be prepared to provide.

From activity metrics to business outcomes

Beyond governance and cost control, there remains a harder question, which is whether AI investment is producing meaningful business value. Most leadership teams are not yet in a position to answer that with confidence, and the metrics currently reaching the board are not making it easier.

Model usage, inference volumes and compute consumed describe activity without explaining value. It is easy to build a compelling board update from consumption data without addressing whether any of it is moving the business.

What gets closer to an answer is understanding whether individual inferences are delivering something a customer would pay for, or something that meaningfully reduces cost or risk.

Incremental business outcome per pound or dollar of AI spend is a harder measure to produce, but it is closer to the economics that matter because it requires a clearer position on what AI is actually delivering.

That is precisely where many organizations are still finding the work harder than it looks, particularly as AI deployment moves ahead of the models used to understand cost and value.

That disconnect matters more as the market expands, because where those economics remain unclear, cost exposure can build in ways that are harder to recognize early and harder to contain later.

For many enterprises, the challenge ahead is scaling AI without allowing spend to outrun the value it is meant to create.

The best cloud storage: tested, reviewed and rated by experts.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Agentic AI is moving rapidly from boardroom ambition to enterprise reality.

Gartner forecasts that roughly 40% of enterprise applications will incorporate task-specific AI agents this year, up from just 5% last year.

This surge forces every CIO, CISO, and technology leader to consider: What should AI be allowed to access, and how should it operate once inside the enterprise?

Many organizations begin by embedding AI agents directly into legacy systems, connecting them to backend databases, APIs, and workflows in the name of speed.

While this inline approach can work in modern, well-governed environments, it often bypasses the approval workflows and controls that legacy systems were built around. Agents can access restricted data, skip approvals, or execute transactions without a complete, attributable record.

The result is a growing governance gap. Decisions tied to sensitive data can’t be reliably reconstructed or defended with the same confidence as human-driven work. Even advanced models stall in pilots because organizations can’t prove how outcomes were produced.

The solution is not to slow AI adoption. It’s to change how AI interacts with the systems that already run the business.

When AI bypasses the system, it breaks it

Consider a finance workflow in an ERP software system. An agent updates vendor bank details and pushes a payment through a fast-track path, bypassing a required approval step and segregation-of-duties check. Later, when the transaction is questioned, the organization can’t prove who approved the change, why it was made, or whether proper controls were followed.

That’s where accountability breaks down. Changes are made inside core systems, but the evidence is incomplete, inconsistent, or disconnected from the system of record.

Emulated human behavior offers a more secure and practical path. These agents operate exactly as a human employee would: logging in with standard credentials, navigating the existing user interface, reading screens in context, following established workflows, and executing tasks while remaining fully subject to every control already in place.

No new APIs. No raw backend data exposure. No rewriting of decades-old business logic or security rules. The guardrails designed to protect against human error or misuse — validations, permissions, approvals, and audit logging — remain 100% intact.

This UI-first approach is especially effective for organizations running mission-critical processes on older platforms. Building secure, governed APIs for legacy systems is expensive and time-consuming, often leaving out protections built into the interface layer.

While emulated human agents may not match the speed of direct backend calls, they provide far more valuable enterprise advantages: immediate deployability, ironclad accountability, and zero disruption to proven controls. Secure operation doesn’t require avoiding AI. It requires rethinking how it fits into the systems around it.

Preparing for emulated human in the enterprise

Three priorities can help organizations prepare for the emulated human approach as AI scales into critical workflows.

1. Place AI at the points where work happens

Most enterprise AI strategies assume deeper backend integration creates better automation. In environments shaped by legacy systems, it often does the opposite: introducing new complexity while bypassing the workflows and controls already built into the interface layer.

Instead, focus AI at the points where it can operate without requiring systems to be rebuilt. This approach dramatically reduces integration overhead, limits exposure of core systems, and allows AI to scale within existing operating models rather than forcing costly modernization.

2. Align AI accountability with human accountability

Agents should operate under named identities and the same policies as employees. They preserve approval workflows, follow role-based permissions, and generate the same audit artifacts — including log entries, change histories, tickets, and recorded approvals — that organizations already rely on to review human activity.

This removes the dangerous two-tier governance model where AI operates under different standards than employees. Organizations can maintain visibility, accountability, and established compliance and risk management controls as AI takes on greater responsibility.

3. Design for adaptability rather than brittle automation

Traditional robotic process automation (RPA) relied on rigid, click-by-click scripts that broke the moment screens changed or exceptions appeared. Emulated human agents interpret context in real time, adjust to variation, and continue operating, just as skilled employees do.

That adaptability is essential in dynamic enterprise environments where policies change, exceptions are common, and systems are rarely static. Instead of constant break/fix maintenance, organizations gain AI that can operate more resiliently inside real-world workflows.

Scaling AI with the systems already in place

As agentic AI scales, enterprises will be judged not only by the intelligence of their systems but by their ability to govern them. The pressure to balance innovation with control will only intensify.

The most durable strategies will be those that embed AI safely within the systems already in place, rather than racing around them. When an agent’s actions can be audited and justified with the same rigor applied to a human colleague, it’s finally ready for production.

That’s how secure, scalable AI will be defined in the enterprise.

We feature the best small business software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Every small business is looking for an edge.

For some, that means protecting margins. For others, it means finding new customers, sourcing better products, entering new markets or simply running the business with less friction.

More often, it means trying to do all of these things at once. Knowing which opportunity deserves attention first and having the time and resources to act on it has always been a challenge.

For decades, this has forced smaller businesses into a trade-off: choose one priority and hope this is the right decision or waste all your time and money and miss an opportunity elsewhere.

The era of agentic business changes this. According to the British Chambers of Commerce (BCC), more than half of UK SMEs (54%) are now actively using AI – an increase from 35% in 2025.

In recent times, the technology has moved from passive assistance - writing, summarizing and answering questions – to autonomous execution.

AI is therefore no longer limited to responding only when prompted but can operate continuously in the background.

A wide spectrum of business functions

In this way, AI agents can now handle a wide spectrum of business functions end-to-end. This includes building digital storefronts, writing product listings, offering dynamic pricing, providing customer service, generating market research, and supporting with marketing.

The real value lies not in overnight task automation but better decision-making with less friction and fewer blind spots. In fact, according to the same BCC research, SMEs using AI report strong net productivity improvement expectations (+71%), while those planning to adopt or unsure show far lower optimism. Importantly, agentic AI is levelling the playing field with larger companies.

The latter have historically had an advantage because they can afford dedicated teams for each business function. SMEs, on the other hand, have had to rely on lean teams, founder instinct and whatever time was left after the urgent work was done. Within agentic businesses, there is immediate access to capabilities which once required high headcount or expensive IT systems.

Examples include testing a new product category, launching into a new market or trialing a marketing campaign with far less operational risk than before. Rather than spending weeks gathering information manually or coordinating across multiple systems, AI agents can help businesses identify opportunities and execute tasks in real time.

Crucial for smaller businesses

In addition, agentic AI has been crucial for smaller businesses looking to grow internationally. It can help them localize product listings and marketing content for different markets, coordinate supplier communications across time zones, and analyze regional demand trends in real time. This reduces much of the operational complexity traditionally associated with cross-border trade and gives SMEs greater confidence to explore new markets that may previously have felt out of reach.

So, the SME conversation around AI needs to move beyond productivity. Saving time matters, but it is not the full story. The bigger opportunity lies in performance: simplifying complexity, reducing avoidable risk, helping businesses act on information earlier.

For an SME, one missed supplier issue, one misread market signal or one poorly timed product decision can have an outsized impact. Becoming an agentic business helps reduce that exposure with complex information easier to monitor, compare and act on. However, it does not remove the need for human judgement. In fact, it raises the value of that judgement by giving business owners clearer options and more time to focus on strategy.

The most successful uses of AI will not be the most futuristic but the most useful, offering practical, transparent information, built around real commercial pain points. The first wave of AI helped SMEs create faster, but the next wave will help them operate smarter.

For SMEs, the question is no longer whether AI can help. It is how quickly they can put AI agents to work on the decisions that determine how they compete, grow and scale.

70+ of the best AI tools tested and reviewed.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Many European consumers actively avoid American tech giants for privacy reasons
• Social media and cloud storage are priorities for consumers
• EU companies only have 15% of the European cloud market

Four in five European consumers say it matters whether or not businesses use European technology, confirming that digital sovereignty has now become a priority for the masses.

A study by Proton of 3,000 UK, France and Germany consumers shows that they’re beginning to view a company’s digital infrastructure as part of its brand and values, rather than a back-office decision that has no impact on customers.

As a result, nearly half (45%) said they would actively avoid companies that store customer data with US firms, with more concern over privacy and security than price or quality.

Digital sovereignty speaks volumes to consumers

This also aligns with European Commission ‘Eurobarometer’ data revealing that three-fifths (58%) of the bloc’s citizens would be willing to switch to an EU-based digital service provider, even if that meant paying a higher fee.

The report argues this reliance on US hyperscalers like AWS, Microsoft, Google and Meta can no longer be seen as a neutral business decision in the eyes of European customers, who are increasingly concerned over privacy, surveillance and geopolitical dependence.

Social media (48%), email (46%), messaging apps (40%) and other services that directly handle personal communications and information were seen as the most at-risk among consumers, Proton found. Other than communications, cloud storage (38%) was another great worry, along with browsers (31%).

Two in three (65%) now also believe that European small businesses should prioritize European tech providers over US ones, and not from a supporting local companies point of view. Consumers are more interested by sovereignty, keeping investments within Europe and reducing reliance on foreign tech vendors.

As many as four in five (83%) now worry about society’s dependence on Big Tech and how a small number of hyperscalers now dominate the market. Attitudes have shifted rapidly, Proton says, because of deteriorating US-Europe geopolitical tensions and the continued debate over US surveillance laws which prevent vendors from being able to fully offer sovereign options.

The US CLOUD Act is a specific worry for European citizens, because it allows US law enforcement to access data held by American technology companies, even if it’s stored within European data centers.

Customer data use is also a growing concern, where their information may be being used to train AI models that only serve to help those US giants.

The reality of US tech reliance

All of this comes amid growing US dependence, with three-quarters (74%) of publicly listed European companies relying on US tech providers, per an earlier Proton report.

Google and Microsoft alone account for 84% of the global office productivity market, with Amazon, Microsoft and Google jointly taking up a 66% of the cloud market. Proton’s full report details how European providers only hold a collective 15% of the European cloud market.

“Buying tech from the US used to seem like a no brainer,” Proton COO Raphael Auphan admitted, indicating an understanding of why European consumers are so deeply reliant on US software.

Tariffs on European exports, NATO tensions and American criticism over EU regulation – all of which falling under Trump’s presidency – are to blame, the Swiss company says.

But Auphan now describes relying on US tech as a “commercial liability” for businesses. “It's increasingly clear that consumers care about digital supply chains, and US tech is becoming a weak link.”

“The EU runs on Microsoft,” Finnish MEP Aura Sally said at the 2026 Open Source Policy Summit. “The US could turn us off inside one hour.”

However, an overnight migration away from US hyperscalers isn’t such an easy move, and while Proton is trying to offer some paths with the recent addition of Gmail migration with zero downtime, a full stack move could take years, buying well-funded American tech giants time to come up with more regional solutions to prevent customers from wanting to migrate in the first place.

• Hackers reportedly breached Russia's Glaz/Groza combat control platform
• Attackers gained access to manuals, patents, and training materials
• Telegram groups reportedly handled software updates and user support

Ukrainian hackers have reportedly breached the Russian Glaz/Groza combat control system, gaining access to data and internal materials linked to the platform.

The incident has drawn attention because Groza is used to coordinate reconnaissance, targeting, and battlefield communications between different military units.

Information released following the breach suggests that attackers obtained technical documentation, training resources, and other operational records connected to the system.

Telegram-based administration raises security questions

According to the “Where is Russia today” community, the compromised materials included instructions, patents, videos, and extensive user documentation.

Groza serves as one of Russia’s command-and-control applications, helping connect drone operators, field commanders, and artillery units during military operations.

The software is designed to shorten the period between identifying a potential target and directing fire against it.

The hack revealed that support and software distribution functions were reportedly managed through Telegram groups used by administrators and military personnel.

Those channels were allegedly responsible for providing application updates and assisting users with operational issues.

The reported reliance on Telegram for elements of administration has prompted scrutiny because combat management systems typically handle sensitive battlefield information.

Maps integrated into the platform enable personnel to record the locations of friendly and opposing forces, helping users maintain operational awareness.

Following the breach, attackers reportedly altered portions of the mapping data and inserted images of the Ukrainian flag alongside other messages.

Reports from the group behind the disclosure indicated that affected users encountered persistent disruptions while attempting to access or restore application functionality.

“Numerous complaints from users about the breach have been recorded: they cannot connect to the application, are unable to remove images that keep reappearing, and administrators are trying to fix the problem,” the group stated.

Internal documents and training materials reportedly exposed

Beyond the visible disruptions, the breach reportedly exposed a substantial collection of supporting materials related to the combat management platform.

The Ukrainian hackers discovered hundreds of pages of user guides explaining the operation of the application and its various functions.

The disclosed information also included a training video that allegedly demonstrated the system operating in real time.

A patent connected to Groza was reportedly among the recovered materials, providing details regarding how the system functions and interacts with other technologies.

The patent documentation is said to contain information concerning the platform’s architecture, intended users, and integration with related military systems.

Such materials could potentially offer insight into the broader structure supporting the software environment.

The operational impact of the breach has not been independently verified, and the extent of any resulting disruption remains uncertain based on currently available information.

Via Militarnyi

• HPE reveals rack-scale system containing 81,920 CPU cores
• AMD Venice processors power HPE’s next-generation Cray infrastructure
• One 42U rack delivers unprecedented levels of computing density

During its recent HPE Discover 2026 event, the company revealed new Cray GX5000 hardware featuring next-generation AMD EPYC Venice processors, with specifications that push server density well beyond current deployments.

The system combines multiple compute blades, liquid cooling infrastructure, networking hardware, and memory resources inside a single 42U rack configuration.

HPE revealed a Cray GX5000 configuration designed to deliver up to 81,920 CPU cores in one rack.

Dense compute architecture pushes rack capacity higher

The HPE Cray GX5000 platform follows the AMD EPYC 9965, a 192-core processor that represented one of AMD’s highest-core-count server CPUs before Venice arrived.

While the EPYC 9965 increased processor-level density, the Venice-based system takes a broader approach by combining multiple CPUs, memory resources, and cooling infrastructure inside a single rack.

At the center of the system is the HPE Cray GX250a compute blade, which houses eight AMD EPYC Venice processors.

The compute blade incorporates power delivery, liquid cooling channels, memory subsystems, storage devices, and networking components within a compact design.

HPE stated that a fully populated rack can deliver 81,920 CPU cores, although exact processor configurations were not disclosed.

Based on the rack specifications, the system reportedly uses 80 multi-node motherboards and can support as much as 1.28PB of RAM.

Each Venice processor connects to 16 memory channels, creating substantial memory bandwidth for large-scale computing workloads.

The memory modules themselves are liquid-cooled and appear to use standard DIMM form factors.

Photographs from the event showed local Samsung E1.S EDSSF SSDs mounted above several processor cold plates.

HPE representatives indicated these drives serve as high-speed scratch storage for temporary data processing tasks.

The installed DRAM modules, storage devices, and node identifiers suggest that the displayed hardware was operational rather than a nonfunctional demonstration unit.

That distinction is significant because earlier Venice demonstrations appeared closer to prototype systems than production-ready deployments.

Venice CPUs and networking define the platform

The rack incorporates Slingshot 400 networking hardware, with HPE indicating future compatibility with Slingshot 800 technology.

Networking modules are mounted within side pods connected to processors through dedicated interfaces designed for high-bandwidth communication.

The front-facing networking arrangement also simplifies cable management by changing how optical connections are routed throughout the rack.

HPE also displayed a coolant distribution unit capable of handling 1.6MW of cooling capacity for large installations.

Such cooling requirements reflect the growing power densities associated with modern high-performance computing infrastructure and increasingly complex CPU designs.

AI tools, scientific simulations, engineering analysis, and large LLM deployments are among workloads requiring this level of computational density.

The company did not disclose detailed specifications for AMD's unannounced Venice processors, although available figures suggest unusually high core counts.

Calculations based on the stated 81,920-core rack capacity imply processor densities exceeding current EPYC generations by a substantial margin.

Although AMD has not released the specs or performance figures for Venice, the projected core density of the HPE system has led to speculation that the processor could become one of the most powerful x86 CPUs produced.

A lot could change before the official launch, but the Cray GX5000 platform indicates that AMD and HPE are pursuing higher compute density within the same rack footprint.

Via ServeTheHome

• Analyst report claims primary smartphone market is expected to decline 14.8% in 2026
• Entry level smartphone prices have already risen more than 50% this year
• Refurbished smartphone sales grew 4% year-on-year during the first quarter of 2026

The global smartphone market is heading toward a difficult 2026 as rising component costs force manufacturers to increase device prices, new research has claimed.

New findings from FDM CCS Insight note the primary smartphone market is expected to decline by 14.8% in 2026 as memory shortages continue affecting production.

The decline follows a 4.4% year-on-year contraction in the primary smartphone market during 1Q26, despite manufacturers and retailers building inventory earlier.

Memory shortages push buyers toward refurbished smartphones

As consumers search for cheaper alternatives to new devices, the demand for refurbished smartphones is expected to increase but so is the price.

FDM CCS Insight reports that some entry-level smartphones have already experienced price increases exceeding 50% compared with the previous year.

“Many consumers will hold onto their phone for longer, and these effects will be much more pronounced for consumers buying phones under $500,” said Ben Hatton, Research Analyst at FDM CCS Insight.

“Some consumers will need a new phone…and so we do expect more demand for refurbished smartphones as many are priced out of the new device market.”

The memory shortage driving these price increases is largely attributed to surging demand from AI data centers and AI-accelerated computing infrastructure.

These facilities compete for the same DRAM and NAND flash production capacity that smartphone manufacturers depend on, leaving less supply available for consumer devices.

Memory components now represent more than 30% of the bill of materials for some smartphones, increasing pressure on manufacturers.

The impact is expected to continue to affect low- and mid-range devices as companies adjust pricing strategies throughout the year.

The secondary smartphone market has already started benefiting from changing consumer behaviour, with organized sales increasing by 4% year-on-year during 1Q26.

FDM CCS Insight forecasts this market segment will expand by 15.4% globally during 2026 as demand shifts away from new devices.

However, stronger demand could also create higher refurbished smartphone prices as available supply struggles to match consumer interest.

Supply challenges could determine refurbished market growth

The refurbished market faces a major challenge because expanding supply depends heavily on trade-ins, buybacks, and upgrade programmes.

FDM CCS Insight expects premium smartphones, particularly devices priced above $750, to continue driving much of the available trade-in supply.

These devices are less affected by current pricing pressures, allowing manufacturers and retailers to maintain stronger upgrade incentives.

"The secondary market has an opportunity to serve some of the demand that will be unfulfilled by the primary market. The major challenge in the near term is to grow supply during a fallow period of flagship launches,” Hatton said.

“Countries with mature trade-in programmes will be in a much stronger position to capitalize on this opportunity and maintain higher growth rates in the secondary market over the rest of the year.”

The shift suggests that consumers may increasingly evaluate refurbished smartphones as alternatives when new device prices continue rising.

“Demand continues to heavily outweigh supply in the global secondary market. Trade-in discounts, early upgrade offers and more-lucrative trade-in promotions will be key to unlocking the market's full growth potential in 2026 and 2027," he added.

Whether this trend produces sustained growth will depend on supply availability, pricing stability, and how manufacturers respond to changing market conditions.

The American entrepreneur Palmer Luckey has played a major part in many major names in the tech industry, including founding Oculus VR, but has risen to prominence for his stewardship of Anduril Industries in 2017 – which puts artificial intelligence (AI) at the heart of its operations and capabilities.

The question of AI ethics

Luckey has long been a proponent of the use of AI in defense, with the Anduril founder even naming his company as such because it shares the acronym.

Speaking with Fox News Sunday in December 2025, he outlined a philosophy that it's much safer, in ways, to incorporate the best possible technologies into military capabilities than it is to ignore emerging innovation, whether AI or quantum, and be left with 'lesser' tech.

For Luckey, there's seemingly no point in taking the moral high ground when talking about matters of life and death – when the very nature of the business is morally called into question to begin with.

The future of military technology

Luckey's statement challenges the common orthodoxy that humans must always be in the loop over high-stakes decision-making, especially with matters of life and death. And, for that reason, it's highly controversial.

The direction of travel is not, however, up for debate, with plenty of examples of AI becoming increasingly prominent in international conflicts.

Ukrainian officials, for example, recently revealed that in 2024, the nation's military used drones to kill Russian soldiers – marking the earliest reported example of the autonomous killing of humans.

Without doubt, it won't have been the last such incident, and points to a future in which those engaged in conflict are likely to use every tool at their disposal to achieve their military aims, regardless of the moral implications.

• Microsoft warns of “Crypto Clipper,” a worm spreading via malicious .LNK files on USB drives
• Malware maintains persistence, connects to Tor C2, enables remote code execution, and steals clipboard crypto data
• It swaps wallet addresses, exfiltrates seed phrases/private keys, and uploads screenshots to assess target value

Microsoft is warning of an ongoing campaign targeting cryptocurrency owners with a clipboard-jacking worm.

In a new in-depth report published late last week, Microsoft’s security researchers explained that they recently analyzed a thumb drive that contained seemingly normal documents (Word files, Excel spreadsheets). However, the documents were replaced with Windows shortcut (.LNK) files which actually launched a piece of malware called Crypto Clipper.

This malware does a couple of things. First, it spreads by creating malicious .LNK files on USB drives and other removable media. It also sets up scheduled tasks to maintain persistence and automatically infect newly connected USB devices. Second, it behaves like a backdoor by regularly contacting a C2 server over the Tor network and receiving commands from the attacker. The server can also send commands to have the malware download and execute attacker-supplied code on the infected system, as well.

Stealing wallet data

Finally, Crypto Clipper acts as a clipboard clipper by monitoring the Windows clipboard for cryptocurrency wallet addresses, seed phrases, and private keys. If it spots a wallet address, it can replace it with a different one, owned by the attackers, so that any tokens sent by the victim go to the attacker, instead. It can also steal and exfiltrate copied seed phrases and private keys, which can be used to load a victim's crypto wallet on a separate device.

To help attackers assess the value of a target, the malware periodically captures screenshots of the victim's screen and uploads them through the Tor network.

“This malware family shows how lightweight, script-based stealers can deliver outsized impact when paired with anonymized communications and runtime tasking,” Microsoft said. “The combination of Tor-routed C2, clipboard targeting, screenshot capture, and remote code execution gives attackers both immediate monetization paths and continued control over compromised devices.”

Microsoft did not say if the malware targeted any specific countries or regions, nor did it discuss the number of victims.

Via Ars Technica