Category: Tech

In Season 12 of “Shark Tank,” which aired in 2020, two entrepreneurs appeared to promote what they believed was the future of electric vehicle (EV) charging. They were Josh Aviv and Chris Ellis, two of the co-founders of SparkCharge. The third co-founder, Richard Whitney, did not appear in the episode. The goal of SparkCharge is to provide a portable electric vehicle charger that can fit in the back of a trunk so that drivers of EVs don’t have to worry about running out of range before they can get to a charging station. This idea appealed to the panel of potential investors on the show, also called sharks, enough that a deal was made. SparkCharge continues to grow and thrive today.

Just because a deal is agreed to during an episode doesn’t mean it will stay after the show when the due diligence period happens, which is basically when the investment is further analyzed to ensure it is a sound business decision. For example, the CoinOut app that also featured on “Shark Tank,” got a deal on Season 9 of the show, but it was never finalized. For SparkCharge, however, the deal did get finalized. The company has an active website and a presence across North America.

SparkCharge scored a deal on Shark Tank

One struggle with electric vehicles is that, depending on where you live, there may not be great existing infrastructure to consistently charge up when you need to, unlike the network of gas stations across the United States. This leads EV owners to find ways to extend their electric vehicle range. SparkCharge’s aim was to provide a portable charging station to help EV drivers get by when needed, and also to establish a network of these chargers with local businesses.

SparkCharge was founded in 2017, three years before it appeared on “Shark Tank.” Josh Aviv and Chris Ellis wanted a $1 million investment for a 6% stake in the company. The sharks weren’t so certain. There were concerns about Aviv and Ellis’ idea to also lease these SparkCharge units alongside full purchases.

Ultimately, Lori Greiner and Mark Cuban agreed to a deal for 10% equity and 4% advisory shares. In the years that followed, SparkCharge secured deals with other business partners and continued to grow, with the latest one totaling $30.5 million in May 2025. As of 2024, the company projected over $27 million in revenue with expectations to achieve profitability.

The future of SparkCharge

baona jnr/Shutterstock

SparkCharge’s website boasts that its services span all 50 states in the U.S. and extend into Canada and Mexico with over 200,000 charging sessions. It offers the mobile charging that was debuted on “Shark Tank” alongside permanent charging infrastructure and off-grid power hubs. It also has a slightly active LinkedIn business page, but it does show the company hiring for positions, so it seems to be still growing.

SparkCharge has also jumped on the artificial intelligence (AI) bandwagon with its SparkAI. Its algorithms develop and deploy off-grid EV charging infrastructure faster. SparkCharge’s website highlights its partners and clients including Hertz, AAA, Amazon, Uber, Kia, and more.

So, while EV technology continues to evolve, and companies like Tesla are promising big range on new vehicles, SparkCharge is meeting people’s needs where they are right now by offering flexible on-the-go charging solutions. A company getting a deal on “Shark Tank” and rapidly growing into a success is what the show is all about, and SparkCharge has delivered on that.

Source

If you’ve owned a laptop in the past twenty years or so, chances are high that you’ve had one at some point. But it’s easy not to think about, especially since it doesn’t seem to do anything at first glance. The object in question, of course, is that little slot located on the side of many laptops — you know, the one near your USB and charging ports that has a lock icon next to it. Well, what if we told you it is actually useful for something?

That slot — which has been included on many laptop brands for the past two decades — is for a special type of lock called a Kensington lock. These are essentially security devices, which you can use to secure your electronics directly to a table, desk, or other immovable object. Ever been to Best Buy, Walmart, or any other store with laptops and electronics and noticed how some of them are tethered to a cable? That’s a Kensington lock, and there’s a good chance your laptop supports one, too.

What devices support Kensington locks?

Hadrian/Shutterstock

There’s an array of devices that were designed with Kensington locks in mind. Some of the best laptops have them (usually not ultrabooks or ultra-thin laptops, though), as do desktops, monitors, projectors, and many other expensive types of electronics that might need to be secured in some way. You can check if your laptop has a Kensington lock slot by checking along the side or back for the connector slot. If you have one, then you can look up your laptop’s model to find a lock that will fit it.

Kensington Security Slots (or “K Slots,” as they’re sometimes called) have been around for more than 30 years. Over that time, the locks have expanded to support a variety of different devices, including the aforementioned options, as well as printers, speakerphones, and more. Its namesake company, Kensington Computer Products, says that 95% of laptops, projectors, printers, and monitors are compatible with its locking solutions — at least as recently as 2022.

The amount of supported devices has changed some as things like ultrabooks and super-thin laptops become more readily available, but regular-sized laptops still tend to offer a Kensington Security Slot. If you plan to buy a cheap laptop from Walmart or other stores, you may want to see if it offers room for a Kensington lock.

Are Kensington locks actually secure?

mgequivalents/Shutterstock

The most important thing to note here is that these locks are not always going to stop theft. They are more designed as deterrents for “grab-and-run” scenarios. As such, they can still be bypassed, but they make things a bit harder for potential thieves. Additionally, these locks are really only going to be as effective as the mounting location you choose for them. If you simply connect them to a cable around a table leg that can be easily moved to bypass it, you’re not going to get much additional security from it. This is why stores often have the cables designed to go under a table, where they can be attached to other, more secure objects.

If your laptop offers a Kensington Security Slot, you very well might want to invest in a lock for it. This can help provide additional peace of mind if your working environment leaves you worried someone could run off with your laptop. And if you pair one up with essential security apps that actually protect your computer, you’ll surely feel more secure knowing your data is better protected against software and hardware threats alike.

Source

RWS Global is working with Box to modernise how it processes volumes of unstructured content – from production assets and operational documentation to compliance and safety material. The company, which runs and manages live events for its clients, has been working with Box to build a unified content platform that improves efficiency, strengthens governance, and ensures consistent quality across venues, productions and regions.

The company has been using new artificial intelligence (AI) features built into Box to automate and accelerate mission-critical workflows. The AI functionality is being used to streamline end-to-end, content-centric business processes directly on Box using intelligent, no-code apps, forms, document generation and workflow automation.

At the core of this transformation is Box Enterprise Advanced, which allows RWS Global to utilise intelligent content workflows, ensure secure document management, and leverage the full power of AI across creative, production and operational teams. 

Jake McCoy, chief operating officer at RWS Global, said the company started a new project with the RWS Global legal team to streamline a manual, cumbersome process which used to take days to complete and involved numerous handovers. Thanks to the AI features available in Box Enterprise Advanced, he said the processes can be strung together, creating a sleek and efficient workflow.

“The end user types in the information that needs to go into a contract via Box Doc Gen, which is then sent over to Legal for approval,” he said.

Once approved, the contract is sent out automatically and signed using Box Sign. The signed contract is then uploaded to the cloud. Given that RWS Global has contracts with thousands of performers, he said the automation of the contract approval workflow saves many hours in terms of manual processing.

The end-to-end workflow has meant that RWS Global’s contract processing time has been reduced from 20 minutes to under two minutes per contract, reducing what once took more than 8.5 workdays for 200 hires to just five hours.

Matt Terrell, director of product management – AI agents, at Box, said an enterprise AI strategy is built on a foundation that needs metadata to describe what the data actually means.

“At Box, our job and our role in the industry is to transform your content into context that later gets used by different AI tools,” he said. “Metadata is one of the fundamental building blocks to do that.”

Looking at the contract process at RWS Global, Terrell said: “I can imagine you’ll want to search all of the contracts that are above a certain value. If you have contract size as a metadata element, all of a sudden, you have a fundamental building block to query those types of things using natural language.”

For Terrell, this is an example of why metadata will become increasingly important in AI.

Box AI provides configurable AI agents, automated metadata extraction and the ability to choose or bring preferred AI models to extract insights and reduce manual work.

McCoy added: “Partnering with Box allows us to turn unstructured content into governed, AI-ready assets that help our teams make faster, more informed decisions. As our ambitions grow, this platform evolves with us, enabling us to deliver unforgettable experiences to audiences worldwide.”

Source

Researchers at Huntress Security have published data on the exploitation of a critical SolarWinds Web Help Desk (WHD) vulnerability, revealing how in at least three known incidents, attackers conducted extensive post-exploitation activity with a common set of tools, including legitimate services such as Zoho ManageEngine and Elastic

Tracked as CVE-2025-40551, the data deserialisation vulnerability was first flagged by SolarWinds on 28 January, and last week, was added to the US Cybersecurity and Infrastructure Security Agency’s (Cisa’s) Known Exploited Vulnerabilities resource, mandating that US government bodies fix it immediately.

“Threat actors are actively weaponising WHD vulnerabilities to achieve remote code execution [RCE] and deploy additional tooling in victim environments,” said the Huntress team.

The research team at Huntress – which protects multiple SolarWinds customers through its channel – found that having broken into their victim environments, the attackers took control of WHD’s service wrapper to spawn the underlying Java application, which enabled them to install a payload, which was in fact a Zoho ManageEngine remote monitoring and management (RMM) agent.

This done, the threat actor used the RMM agent to execute several Active Directory discovery commands to enumerate the environment. Shortly after this, they opened a Zoho Assist remote session which they used to install open source digital forensics and incident response tool Velociraptor.

“While Velociraptor is designed to help defenders with endpoint monitoring and artefact collection, its capabilities, such as remote command execution, file retrieval, and process execution via VQL queries, make it equally effective as a C2 [Command and Control] framework when pointed at attacker-controlled infrastructure,” said Huntress.

In the instances its team investigated, the attackers were actually using a rather outdated version of Velociraptor that itself contained a privilege escalation flaw disclosed in 2025. Moreover, the Velociraptor server infrastructure pointed back to a known Cloudflare account associated with the Warlock ransomware operation, a possible hint to the provenance of the campaign.

Alongside Velociraptor, the threat actor also downloaded Cloudflared, the command line client for Cloudflare Tunnel, likely in order to establish a second redundant means of access.

They then proceeded to execute a PowerShell script to collect system information – data such as operating system version, hardware spec, domain membership and installed hotfixes – that was exfiltrated to a legitimate Elastic Cloud instance being run as a free trial on Elastic’s software-as-a-service infrastructure.

The researchers said it was somewhat ironic that the threat actor had essentially built themselves a security information and event management service on Elastic’s infrastructure to triage their victims.

“Elastic’s own tooling, typically used by defenders for threat hunting and incident response, was repurposed as an attacker’s victim management dashboard,” they said.

“We have reported this malicious instance to Elastic as well as law enforcement, and performed victim notification and outreach to non-Huntress partners,” said the Huntress team.

Microsoft reports on further attacks

Huntress’s full write-up of its research, available to read in full here, details various other actions taken by the threat actor during the course of their intrusions. Meanwhile, in addition to these findings, Microsoft has published details of a similar multi-stage intrusion orchestrated via SolarWinds WHD, although it has not yet been able to establish whether or not the attackers exploited CVE-2025-40551 or CVE-2025-26399 – another RCE bug disclosed in September 2025 that bypassed a previously fixed flaw that in turn bypassed a third issue first flagged in 2024.

The incident investigated by Microsoft saw the attackers use the compromised WHD instance to spawn PowerShell to download and execute Zoho ManageEngine and gain control of the system, after which they conducted recon activity while setting up reverse secure shell and remote desktop protocol access to maintain their bridgehead.

Microsoft also observed the attackers creating a scheduled task to launch a QEMU virtual machine under the System account on startup, which essentially let them hide their activity in the virtualised environment. Huntress had also noted this in some instances.

On some hosts, Microsoft said the attackers also used dynamic link library sideloading to gain access to Local Security Authority Subsystem Service memory and steal more credentials.

Besides patching and isolating compromised hosts, Microsoft is advising its users to evict any RMM artefacts, particularly any associated with ManageEngine, that may have been added after exploitation, and immediately rotate credentials for all service and admin accounts accessible from WHD.

Source

Primakov/Shutterstock

xAI’s Grok, which is facing bans in some regions, might soon have access to classified military intelligence, as the Pentagon looks for AI chatbots to replace Anthropic’s Claude. As reported by Axios, Anthropic refuses to allow its chatbot to be used to assist with the development of fully autonomous weapons or the deployment of mass surveillance tools. As a result, the Pentagon has been in search of more willing partners, and seems to have found one in xAI.

While it’s unclear if Grok will be able to effectively replace Claude or how long it will take for the Pentagon to integrate the AI into its systems, Axios reports that the Pentagon is also in talks with other AI chatbot partners. For example, AI chatbots can currently be used in unclassified systems, like OpenAI’s ChatGPT and Google’s Gemini, and the U.S. Department of Defense continues to engage in talks with those players as potential replacements for Claude.

Grok will have access to classified information

bella1105/Shutterstock

While xAI made a government-specific version of Grok in 2025 for federal agencies to use, bringing Grok to classified systems in the military will be much more serious and rigorous. After all, the AI chatbot needs to meet security standards, while everything would be deployed locally. That said, if xAI becomes the second AI chatbot to actually be used by the Pentagon for classified documents, it wouldn’t mean Elon Musk or xAI would have access to sensitive data.

While xAI is currently leading the pack in the race to replace Anthropic’s Claude, Axios reports that the Pentagon is having conversations with a “sense of urgency” with OpenAI as well. A separate New York Times report says that the DoD is closer to a deal with Google than OpenAI. Depending on how these discussions go, the Pentagon could even go with all three of the other AI chatbots, as long as they meet the criteria to handle classified information.

For now, though, xAI is the only confirmed partner. Given that we’re just a few months removed from the chatbot referring to itself as “MechaHitler” and spewing hate speech, it’s more a bit concerning to imagine Grok handling classified military data. Even after that incident, Grok ranked near the bottom of the list in a Crisis Assessment and Response Evaluator (CARE) test from the team at Rosebud.

Source

Microsoft has released fixes for six newly classified zero-day common vulnerabilities and exposures (CVEs) on the second monthly Patch Tuesday of 2026, amid a release comprising more than 50 flaws that run the full gamut of Microsoft’s product suite.

Although the total number of flaws is down by about half on January’s bumper crop, it is about on par for this time of year, said Dustin Childs of Trend Micro’s Zero Day Initiative (ZDI). However, he added, the number under active attack is “extraordinarily high”.

With all six zero-days under active exploitation in the wild, and three of them already made public, Childs noted: “We’ll see if we’re on our way to another ‘hot exploit summer’ as we saw a few years ago or if this is just an aberration.”

The three “classic” zero-days are all security feature bypass (SFB) vulnerabilities, tracked variously as CVE-2026-21510 in Windows SmartScreen, CVE-2026-21514 in Microsoft Word, and CVE-2026-21513 in Internet Explorer.

The three zero-days for which exploit proofs of concept (PoCs) have not yet been made public are tracked as CVE-2026-21519, an elevation of privilege (EoP) flaw in Desktop Window Manager; CVE-2026-21525, a denial of service (DoS) flaw in Windows Remote Access Connection Manager; and finally, CVE-2026-21533, an EoP flaw in Windows Remote Desktop Services.

Seth Hoyt, senior security engineer at endpoint security platform Automox, said the flaw in Windows Shell was particularly dangerous because its effect is essentially to neutralise the important SmartScreen feature in Microsoft Defender.

“SmartScreen serves as a critical checkpoint: when you download an executable or document, it prompts you to confirm whether you trust the source. This bypass removes that checkpoint entirely,” he said. “Files from the internet execute without triggering the usual warning dialog, giving attackers a clean path to run malicious code once a user clicks a phishing link. The attack still requires user interaction, but with one less security prompt in the way, the barrier to successful exploitation drops considerably.”

Beyond patching, he advised defenders to be alert to unusual cmd.exe or PowerShell activity in the wake of a file download, or odd processes spawning from files in Downloads or temporary directories that do not have corresponding SmartScreen events logged. It is also worth applying endpoint hardening measures such as Attack Surface Reduction rules.

Hoyt added that CVE-2026-21514 works in a similar fashion and should be treated in the same terms.

Meanwhile, Jack Bicer, vulnerability research director at patch management specialist Action1, turned to the MSHTML Framework flaw in Internet Explorer, CVE-2026-21513.

“The MSHTML Framework [is] a core component used by Windows and multiple applications to render HTML content,” he said. “[CVE-2026-21513] is caused by a protection mechanism failure that allows attackers to bypass execution prompts when users interact with malicious files. A crafted file can silently bypass Windows security prompts and trigger dangerous actions with a single click.

“Exploitation occurs over the network and requires user interaction, such as opening a malicious HTML file or clicking a shortcut delivered via email, link or download. No privileges are required by the attacker,” he added.

Bicer explained that such SFB flaws significantly increase the success rate of phishing and campaigns that ultimately have impacts far beyond embarrassment for the one person who accidentally clicked on something without thinking. In enterprise environments they become a gateway to a whole host of nasties, including unauthorised code execution, malware and ransomware deployment, credential and data theft, and other compromises.

Deep dependence

Coming a month after January’s blockbuster Patch Tuesday, Cory Simpson, senior adviser to the Cyberspace Solarium Commission and a former adviser to the US Special Operations Command, said that 2026 was already off to a concerning start.

He described the situation on the ground as standing in “stark contrast” to the picture painted in Microsoft’s November 2025 Secure Future Initiative report, which hailed the idea of ‘security above all else’ as a guiding principle at Redmond.

“Patch volumes like today’s, six active zero-days, reflect the structural risk created by deep dependence on Microsoft across enterprise environments,” Simpson told Computer Weekly. “Security leadership starts with baseline hygiene and extends to resilience-by-design: diversified dependencies, reduced concentration risk, and architectures built to operate under persistent vulnerability discovery.”

Source

China is heavily investing in robots, and the quadruped models might soon become mainstream in the region. Specialized models like one that can run as fast as Usain Bolt have been grabbing headlines, but there are more general-purpose versions making their way to consumers. Some of these new releases can be used to transport lightweight loads, capture photos and videos with auto-tracking capabilities, or just be a fun companion for family time with kids.

Interestingly enough, while we have seen a push into humanoid models, which we might consider a more familiar application, it seems they have actually been outpaced by an “older” technology — the robot dog form factor. These products have started to evolve beyond the era of just being seen at trade shows as cool, distant devices, as Chinese companies are gearing up to start actually selling them.

Some examples come from startups Vita Dynamics and Dobot. Vita released a quadruped robot for under $1,500 at the end of 2025, while Dobot started pre-sales for its Rover X1 below $1,000. Both robots have similar functionality (transporting boxes, capturing videos, and acting like a dog), but with the Dobot Rover X1, users can even switch between regular legs and wheeled ones so it can adapt to more terrain, perform tricks, and work as a security guard. As the company describes it, this robot can light your path in a camp and be your “ever-vigilant sentinel.” Still, these are not the only jobs robot dogs have been doing.

Robot dogs can be used for scientific research, nature conservation, and even war

In the same way those old iPhone ads said there’s an app for everything you might need, it seems these quadruped robots are covering a wide range of applications, from consumer creature comforts to business and research. Chinese state broadcaster CCTV, for example, reported on a robot dog navigating a simulated combat course, moving through barricades and obstacles — all while providing a real-time camera feed that can help troops scout enemy positions and move under cover.

Less-scary applications are being developed too, like a six-legged robot dog that is serving as an assistant for scientific expeditions in the Antarctic. This robot can carry heavier objects on the ice without slipping or falling due to its extra legs and anti-slip “shoes.” 

Another application comes from Hong Kong, where the Environmental Protection Department is using quadruped robots to detect bird species while also monitoring trees. So the list of their potential uses continues to grow: Robot dogs are poised to patrol streets and battlefields, help preserve nature, aid scientific research, and serve as all-purpose helpers around the house. While these are just a few examples, expect more brands to commercialize these kinds of machines going forward, like Xpeng’s humanoid robot with synthetic skin, which is slated for release in 2026.

Source

Tattiliana/Shutterstock

When you’re in the market for a new electric-powered vehicle, some key things to look out for include range and charging (whether it has a standard North American Charging Standard (NACS) port or uses a proprietary charging system). And of course, like any other car purchase, you have to consider the usuals like drivability, practicality, safety, reliability (some EV models have proven to be quite unreliable), and more. But on top of all the technicalities, how good the factory-installed sound system is plays a key role in your buying decision, especially if you care about your music. 

If you prefer to blast your favorite tunes while cruising the highway to a weekend getaway spot or while going back home from work in the evening, then you shouldn’t compromise on the sound system. Otherwise, you’ll have to spend extra cash to upgrade the sound system in your new electric vehicle (EV) later on. And that’s exactly what you’d want to avoid, since while EVs are certainly cheaper to run than gas cars, they typically have a higher sticker price. 

So instead of having to buy an EV with a sound system that seems more of an afterthought, you should buy one of these models, as they come with some of the best music systems that you can find on an electric-powered vehicle. We picked these models by researching EVs with the best sound systems from different resources — you can read more about the selection process at the end of the article.

2025 Volvo EX90

The Volvo EX90 is a luxury full-size sports utility vehicle (SUV) with three rows that can seat up to seven. You can get up to 310 miles per charge on this SUV, but if you’re more interested in the sound, the EX90 will surely satiate your needs. This car is equipped with a Bose Premium Sound system with 14 speakers as standard on all trim levels. Still, there’s an optional Bowers & Wilkins sound system that’ll set you back by about $3,200 if you really want the best audio. That Bowers & Wilkins system elevates the audio with its 1,610 watts of power from a total of 25 speakers. 

The EX90 places the speakers in different areas around the cabin to optimize for the three-dimensional sound, including a tweeter on the dash, some speakers in the roof, and others in the front headrests. The system has Dolby Atmos support for a more immersive sound while you’re behind the wheel. Music should even sound better in the EX90, as it has been found to have a quiet cabin that can be mistaken for some high-end luxury brands like Rolls-Royce. The Volvo EX90 starts at $81,290 for the entry-level Plus trim; the Ultra starts at $85,640. 

But given that the Bowers & Wilkins sound is a $3,200 optional addition exclusive to the Ultra trim, you should be ready to spend a bit more to have it if you want the best audio that the EX90 can deliver from the factory. If you’d like to have the same 25-speaker Bowers & Wilkins system but in a smaller package, the Volvo ES90 sedan is the perfect alternative.

2025 Cadillac Celestiq

Although Cadillac hasn’t been a standout in the luxury segment for quite a while, the company’s 2025 Celestiq is an EV worth considering if you want to get one of the best factory-installed sound systems. Known for offering one of the best audio systems in cars, the company couldn’t possibly cut corners on this segment when it came to its first-ever Celestiq EV, especially at its price. 

For the 2025 Cadillac Celestiq, the General Motors-owned brand offers an AKG Studio Reference stereo system with Dolby Atmos support in the luxury sedan. The sound system includes 38 speakers with three amplifiers. The speakers are placed in different locations in the cabin, including the headrests, in the roof, and on the doors, and the car has been praised for its sound chops in multiple car reviews. 

However, as a competitor to models from luxury brands like Rolls-Royce and Bentley and considering the fact that it’s hand-built, the 2025 Cadillac Celestiq doesn’t come cheap. It starts at $340,000, and under the hood, it offers a dual-motor all-wheel-drive powertrain with 655 horsepower and gives up to 303 EPA-rated miles per charge from a 111 kWh battery.

2026 Mercedes-Maybach EQS 680

Mercedes has built a reputation for offering high-tech models, and in recent years, the automaker has been pushing the boundaries when it comes to dashboard screens with its dash-spanning Hyperscreen. But besides the high-tech and plush interiors, the German automaker has also built a reputation for offering some of the best sound systems in a car. The automaker typically uses Burmester for audio, and the 2026 Mercedes-Maybach EQS 680 also gets the same treatment. 

The 2026 Mercedes-Maybach EQS 680 features the very best sound system the company offers as standard. Instead of the 15-speaker Burmester 3D Surround Sound system that you get on some EV models from the German brand, like the EQS 580 4MATIC, the EQS 680 includes a more capable 4D surround sound system from Burmester. This system comes with a total of 15 speakers, with two 3D speakers placed in the ceiling and two subwoofers in the luggage area cover. 

In total, the 4D surround sound system can output 710 watts. As a 4D system, it has integrated resonators into the seats, which allows you to feel the music vibrations. Since the EQS 680 is a luxury SUV, you should be ready to dig deep into your pockets if you want to enjoy its sound, as it starts at $181,000.

2026 Porsche Taycan

By default, the sound system that you get in the Porsche Taycan without any customization is a 150-watt, 10-speaker system. Obviously, that doesn’t give you the best audio if you’re an audio buff, and the German automaker clearly knows this as it offers an optional but better 710-watt 14-speaker Bose Surround Sound System or, for even better sound, a Burmester 3D High-End Surround Sound System. 

The latter offers the very best sound in the Taycan and has a total power output of 1,455 watts. This system sports a 400-watt subwoofer and has 21 speakers in total. You get a two-way center speaker, and the other speakers are strategically placed in the Taycan, with a pair of tweeters placed in the A-pillars. 

The Burmester 3D surround system includes a special Auro 3D format, which, according to Porsche, provides an immersive 3D surround sound that makes you feel like you’re in the Belgian Galaxy Studios music hall. The 2026 Porsche Taycan starts at $105,800, but you’ll have to fork out $7,430 more for the Burmester sound system. Overall, the Taycan ranks as one of the best EVs on the market.

2026 Polestar 3

Sjoerd Van Der Wal/Getty Images

The 2026 Polestar 3 is a compact crossover that, besides its sub-four-second 0 to 60mph, has an upscale interior with one of the best factory-installed sound systems. Inside the cabin, you’ll find a 10-speaker stereo sound system by default, but like most cars on this list, you can upgrade to an even better one if you’re willing to pay a little bit extra. As an optional upgrade, the Polestar 3 offers a Bowers & Wilkins stereo sound system that delivers a total power output of 1,610 watts. 

The system features 25 speakers in total and supports the Dolby Atmos surround sound format for an immersive listening experience while cruising on the highway. This EV also includes a so-called Active road noise cancellation feature with the Bowers & Wilkins sound system, which, similar to Active Noise Cancellation (ANC) in headphones, blocks external noise to give you a serene environment to listen to your music. 

However, since you need to be aware of your surroundings while driving, it doesn’t block important sounds like car horns and sirens. The speakers are placed in different locations in the cabin, including some in each front-seat headrest. The Polestar 3 starts at $67,500, and to get the Bowers & Wilkins sound system, you’ll need to get the $5,500 Plus package.

How we selected these EVs

UKRID/Shutterstock

There are a variety of EVs on the market, and each model comes with a sound system. To compile this list, we conducted research across different websites, including manufacturer sites, to find EVs that offer solid sound systems, either as standard or as an optional upgrade. 

All the EVs we’ve discussed start at different price points, although most of them are a bit pricey compared to the average cost of an EV. But if you want to get an EV with one of the best sound systems from the factory, you should be ready to pay whatever it takes.

Source

When the world’s most widely used productivity suite becomes the preferred weapon of sophisticated state hackers, we all have a problem that transcends routine software bugs.

The recent exploitation of CVE-2026-21509 by Russia’s APT28 group, just days after Microsoft disclosed and patched it, isn’t merely another security incident to file away. It’s a flashing red warning indicator that the aggregation risk and our dependence on a default software platform is creating systemic risk in a world where spreadsheets and spyware are equally viable warfare tools.

APT28, also known as Fancy Bear, BlueDelta and Forest Blizzard, isn’t some shadowy newcomer. This unit of Russia’s GRU military intelligence has been wreaking havoc since at least 2007. They may have interfered in the 2016 US presidential election, compromised the World Anti-Doping Agency, targeted Nato, and they are credited with conducting countless operations against Ukrainian infrastructure. They’re sophisticated, relentless, and have a particular fondness for Microsoft’s ecosystem.

In recent years, they’ve exploited vulnerabilities in Microsoft Exchange, Outlook, and now Office itself. Their tradecraft isn’t opportunistic – it’s industrial-scale cyber warfare executed with military precision.

Severe Office vulnerability

Only recently we witnessed their latest attack. The timeline gives rise for concern as Microsoft issued an out-of-band patch for a high-severity Office vulnerability on 26 January.

Three days later, malicious documents exploiting that exact flaw started circulating in Ukraine. Phishing lure files appear to have been crafted within 24 hours of Microsoft disclosing the software flaw, a single day after the patch dropped.

Think about that timeline – this is an adversary that was either tipped off, had advance access, or was already weaponising the vulnerability before the patch even existed.

This is an adversary that was either tipped off, had advance access, or was already weaponising the vulnerability before the patch even existed Bill McCluggage

CVE-2026-21509 is a security feature bypass – the kind of flaw that tricks users into opening crafted Office files that deliver MiniDoor malware, designed to harvest and exfiltrate victims’ emails, along with PixyNetLoader malware, designed to implant malicious software on compromised systems.

The software flaw allows attackers to exploit the one thing Microsoft can’t patch – human trust. And in Ukraine, where hybrid warfare has transformed every inbox into a potential frontline, that trust is being systematically weaponised.

Structural problems

The problem is structural. IT professionals know that deploying patches isn’t instantaneous. They take time, albeit in some cases automated updates can be relatively quick. But in a conflict zone wrestling with bandwidth constraints, outdated systems, and limited access to enterprise-grade licensing, that vulnerability window becomes a chasm.

If Ukrainian organisations are running older Office builds because they lack resources for restrictive, subscription-based licensing, or can’t afford IT automation for patching, they’re sitting ducks. This is a strategic liability, and other nations need to understand the systemic risk they too face.

Microsoft’s patching cadence deserves further scrutiny, and this incident highlights that recognition delays matter, even outside of active conflict zones. When vulnerabilities are actively exploited before patches arrive or are installed, we’re no longer managing risk, we’re into documenting damage and incident recovery.

Delays in Microsoft patch deployment shouldn’t be inevitable – when your patch management depends on manual schedules, restricted bandwidth, or enterprise support you can’t access, that delay becomes a shooting gallery for groups like APT28.

And the Microsoft problem doesn’t end with Office. The growing dependence on Microsoft’s cloud infrastructure introduces sovereignty concerns that should alarm anyone paying attention.

Single point of failure

Recent Azure outages, whether from cyber attacks or botched updates, have demonstrated how a single point of failure implanted in Redmond can cascade globally. When national governments, critical infrastructure, and essential services run on cloud platforms controlled by one company, we’re not just talking about vendor lock-in. We’re talking about digital colonialism disguised as convenience that introduces systemic risk.

Market concentration compounds this risk. When a single platform is effectively the default across governments and corporations globally, vulnerabilities don’t fail in isolation – they fester and spread.

Licensing models and interoperability barriers that discourage diversification entrench this monoculture. The result is aggregation risk on a geopolitical scale – its bugs are potential weapons in grey-zone conflicts where every user is a potential target, and every attachment could be a trap.

This isn’t just a cyber security challenge – it’s a market structure problem. Structural risks require structural remedies. Bodies like the UK Competition and Markets Authority (CMA) and the European Commission’s Directorate-General for Competition have a clear role here, by ensuring that concentration in productivity and cloud services does not translate into national and global security vulnerabilities.

The ability to diversify and introduce real competition in secure cloud and productivity ecosystems is becoming a matter of digital sovereignty and defence resilience.

The way forward

So what’s the path forward? Microsoft must rethink vulnerability disclosure and patching for high-impact products introducing faster mitigation pathways and protective heuristics that can be deployed before formal patches are released.

Enterprises and governments need to invest in automated patch management and redundancy planning.

And regulators need to recognise that monoculture is inseparable from security risk.

The next frontier of cyber security policy isn’t just about defending networks – it’s about making markets safer by design.

Bill McCluggage was director of IT strategy and policy in the Cabinet Office and deputy government CIO from 2009 to 2012.

Source

9dream studio/Shutterstock

We may receive a commission on purchases made from links.

Apple’s MacBook lineup is widely liked for its impressive battery life, superior performance, and seamless integration with the company’s other devices. While it doesn’t include a ton of laptops, the MacBook Air and Pro models are available in a variety of configurations and have two size options each. However, when it comes to the price tag, MacBooks aren’t particularly cheap. That’s why Apple is reportedly working on a low-cost MacBook model that could take on cheap Windows laptops and Chromebooks. However, it’s yet to be officially confirmed and may take a while to arrive. So, if you are in the market today for the cheapest brand-new MacBook model, which should you go for?

The 13-inch Apple MacBook Air with the M4 chip is the cheapest MacBook you can buy new right now. Its base model with 16 GB of RAM and 256 GB of storage is available for as low as $850 on Amazon, down from its list price of $999. This price is not the lowest for the M4 MacBook Air, and it has gone down as low as $740, so you may score the MacBook even cheaper if you wait for the right moment. While you may think the MacBook Air version with the M3 and M2 chips may be cheaper, they are becoming pretty hard to come by and aren’t really available for less than $900. Here’s a look at what you can expect from the M4 MacBook Air and how it’s a great laptop for most people.

All you need to know about the 13-inch MacBook Air (M4)

Jonathan Weiss/Shutterstock

The 2025 MacBook Air is a substantial upgrade over previous generations. While that may not look like it on the surface, the M4 chip inside, according to Apple, is twice as fast as the M1 chip and can deliver 23 times faster performance than the fastest Intel-based MacBook Air models. Keep in mind, the last Intel-based MacBook Air came out just six years ago, in 2020.

Besides the impressive M4 chip, the latest MacBook Air has a new 12 MP Center Stage webcam that’s also a big upgrade over the camera found in older MacBook Air models. You also get better multi-display support, and it can support up to two 6K external displays. Additionally, there is the same beautiful Liquid Retina display, unibody aluminum chassis, and built-in Touch ID support.

Connectivity options are good, with Wi-Fi 6E and Bluetooth 5.3 support; however, port selection remains limited to two USB-C Thunderbolt ports and a 3.5mm headphone jack. Fortunately, the presence of the MagSafe port ensures you don’t block the Thunderbolt port while charging the MacBook. The M4 MacBook Air has received glowing reviews from all over, with reviewers calling it “the best laptop for most people,” praising the new camera, and highlighting its impressive performance. Unless you are doing heavy video editing or plan to play graphic-intensive games on your machine, the MacBook Air has plenty of power to keep you satisfied.

Source