No fewer than eight critical flaws that could allow a threat actor to achieve remote code execution (RCE) on a targeted system are listed in Microsoft’s August Patch Tuesday update, which once again tops out at over 100 common vulnerabilities and exposures (CVEs).
Alongside the critical RCE bugs – which occur in a variety of Microsoft products and services, including DirectX Graphics Kernel, GDI+, Hyper-V, Message Queuing, Office and Word – are a solitary elevation of privilege (EoP) flaw in Windows NTLM, two information disclosure vulnerabilities in Hyper-V and Azure Stack Hub, and a spoofing vulnerability in Hyper-V.
The latest monthly drop contains no full zero-day exploits, bar one EoP vulnerability in Windows Kerberos, CVE-2025-53779, which by itself does not quite meet all the criteria because while exploit code has been made public, there is no evidence any threat actor has yet taken advantage of it.
This stems from a path traversal flaw in which Kerberos improperly validates path inputs when handling the relatively new delegated Managed Service Account (dMSA) feature in Windows Server 2025. This, in turn, enables an attacker to create improper delegation relationships, impersonate privileged accounts, escalate to domain admin privileges and potentially gain control of the Active Directory domain.
However, to do so, the attacker would need to have already elevated access to certain attributes of the dMSA, so exploitation is supposedly less likely, according to Microsoft.
This said, Mike Walters, president and co-founder of Action1, said the danger from CVE-2025-53779 grows when combined with other techniques, and as such, large organisations with complex Active Directory environments, those that lean into dMSAs for service account management, and high-risk targets like banks, government agencies or hospitals, should take heed.
“The combination of a path traversal issue in a core authentication component like Kerberos and its potential high impact is concerning,” said Walters.
The [SharePoint CVE-2025-49712 vulnerability] is not yet exploited in the wild, but history shows these evolve fast. Exposed SharePoint instances are prime footholds for lateral movement. Prioritise and patch all SharePoint updates, rotate keys and eliminate internet exposure Saeed Abbasi, Qualys Threat Unit
“The need for high privileges may create a false sense of security, as accounts with these rights are common in decentralised IT environments. Once compromised, they can quickly lead to full domain takeover.
“The presence of functional exploit code means attackers may pursue this flaw despite Microsoft’s assessment. Vulnerabilities in core authentication mechanisms are attractive additions to advanced attack chains, especially in targeting high-value environments,” he warned.
SharePoint flaws should be addressed
Although less immediately dangerous in their scope, defenders may also wish to pay attention to a pair of vulnerabilities in SharePoint: CVE-2025-53760, which enables EoP; and CVE-2025-49712, which enables RCE.
These come hot on the heels of the so-called ToolShell vulnerabilities in SharePoint, which were so serious they received an out-of-synch patch in July, and were exploited in short order by China-linked threat actors against government targets.
Saeed Abbasi, senior manager for security research at the Qualys Threat Unit, said CVE-2025-49712 in particular warranted some concern.
“This RCE demands authentication but pairs dangerously with known auth bypasses,” explained Abbasi. “Attackers chaining this with prior flaws could achieve full server compromise and data exfiltration. It’s not yet exploited in the wild, but history shows these evolve fast. Exposed SharePoint instances are prime footholds for lateral movement.
“Prioritise and patch all SharePoint updates, rotate keys and eliminate internet exposure. Delaying invites regulatory scrutiny and breaches since SharePoint’s exploit streak isn’t over,” added Abbasi.
It’s great coming home after a hot day outside to discover your house is at the absolute perfect temperature. Or, even better, spending all day in the cold and arriving home to a snug 78-degree abode can be a wonderful feeling. While accomplishing this without wreaking havoc on your energy bill can be tricky, Apple may soon have a solution.
Discovered by writer and developer Steve Moser, who shared his findings on X, the app formerly known as Twitter, code within the iOS 26 beta Home app has revealed a potential new “Adaptive Temperature” feature that will track when you come and go from your house and adjust the temperature inside accordingly. The new code also reveals the potential for Home to make certain adjustments based on energy cleanliness and rates.
There’s no guarantee that this feature will arrive in iOS 26, if at all. However, just like Moser finding two new Apple Maps features, there’s still plenty of time between now and the likely fall release of iOS 26 for Apple to unveil some surprises.
Apple code may help you save on energy bills
Maryna Terletska/Getty Images
According to Steve Moser’s post on X, new code within the Home app in the iOS 26 beta will automatically adjust your thermostat based on your schedule, lowering or raising the temperature based on when you are home. The coder notes that this may work similarly to the way Maps now learns your daily routes, meaning this feature will likely be sensitive to your privacy thanks to end-to-end encryption. Additionally, the code also reveals users would be able to set preferences should they be gone for an extended period of time, along with options for adjusting night time preferences.
Another small detail found by Moser notes an “Optimize for Clean Energy” option, which aims to adjust a thermostat by “small amounts” in an effort to reduce energy usage should the source be unclean or the cost of electricity suddenly spikes. This is similar to the already available Clean Energy Charging from iOS 16, which stirred controversy online after Apple enabled it automatically. While you can disable Clean Energy Charging on iPhone, time will tell with Home’s potential new temperature feature.
There’s plenty packed into iOS 26, and some big changes are coming soon. While it’s still up in the air whether or not users will see “Adaptive Temperature” anytime soon, the possibility of saving money on an energy bill should be enough to get anyone excited.
In 1945, science fiction writer Arthur C. Clarke proposed something ridiculous: satellites orbiting Earth at exactly the right altitude to stay fixed above one spot, beaming radio signals across continents. His idea was so specific that when geostationary satellites became a reality decades later, that orbital zone became known as the Clarke Belt in his honor.
Science fiction writers aren’t fortune tellers, but they might as well be. They dream up impossible technologies, not to predict the future, but to tell better stories. Yet, somehow, their wildest inventions keep materializing in the real world. This genre of entertainment serves as humanity’s unofficial research and development department, exploring possibilities without the constraints of current technology or budgets.
There’s something almost magical about watching fiction become fact. Technologies that once required suspension of disbelief now sit in our pockets, operate in our hospitals, and dictate entire industries. From holograms to smartwatches, the most revolutionary inventions often began as someone’s wild imagination — and these twelve examples prove just how thin the line between fantasy and reality can be.
Holograms bring Star Wars and sci-fi visions to life
frank60/Shutterstock
When Princess Leia appeared as a blue hologram in “Star Wars: A New Hope,” asking Obi-Wan Kenobi for help, audiences were captivated by the idea of 3D messages suspended in mid-air. That iconic scene planted seeds in the minds of countless engineers and inventors who grew up wondering if such technology could ever exist.
Fast-forward to today, and holograms have become a powerful tool across multiple industries. In entertainment, 3D holograms power concert performances by long gone legends. Medical students can now examine 3D anatomical models that seem to hover before them, while architects present building designs that clients can walk around and inspect from every angle. But that’s not all: companies are developing 3D holograms you can touch and interact with, getting us closer to that iconic scene in “Iron Man 2.”
We’re still working on the floating, mid-air aspect that made Star Wars holograms so magical, but the gap is fast closing. The very idea of creating and interacting with light-based simulations was sparked by sci-fi, and it continues to push researchers to break boundaries.
Tablets took a page from 2001: A Space Odyssey
DC Studio/Shutterstock
Long before Apple announced the iPad, Stanley Kubrick’s “2001: A Space Odyssey” showed astronauts casually using thin, flat, rectangular screens to watch videos and read news aboard their spacecraft. These sleek devices, called Newspads in the script, looked nothing like the bulky computers of 1968, when the film was released. Instead, they predicted a future where computing power could be condensed into something portable.
When the first iPad launched in 2010, many observers immediately noted the striking resemblance. The interface, form factor, and utility mirrored what Kubrick envisioned decades earlier. In fact, during Apple’s legal fight with Samsung over design patents, Samsung referenced “2001” as proof that Apple’s tablets had been depicted in popular culture long before any company could claim to have invented the concept.
The HAL 9000 computer interface in the film also predicted voice command interactions, that are familiar to anyone who owns a smartphone or smart speaker.
Self-driving cars echo Knight Rider’s KITT
DELBO ANDREA/Shutterstock
“Knight Rider” introduced viewers to KITT, an intelligent, self-aware car that could navigate traffic, make decisions, and hold full conversations with its driver. This show aired in the 1980s, when cars were still largely mechanical and the idea of a computer-controlled vehicle seemed like fantasy. Yet today, companies like Tesla, Waymo, and Mercedes are bringing that fantasy to life.
Modern autonomous vehicles are following this blueprint and come equipped with AI-powered navigation, obstacle detection, and voice assistants. While they’re not quite sentient like KITT, self-driving cars can handle highway driving, parallel parking, and even navigate complex urban environments with increasing sophistication. What once looked like science fiction now powers real-world innovation in transportation, logistics, and safety.
Much more than just a cool car, KITT was a concept that sparked the imagination of future engineers. Today’s driverless vehicles are the direct descendants of that inspiration, with software updates like Tesla’s Actually Smart Summon bringing them closer to the conversational, decision-making partner that “Knight Rider” imagined.
The taser was inspired by sci-fi ray guns
Seanfboggs/Getty Images
Jack Cover, a NASA scientist and inventor of the taser, openly credited the ray guns he saw in science fiction publications as his inspiration. In fact, the acronym “TASER” literally comes from a favorite childhood story, a 1911 sci-fi novel titled “Tom Swift and His Electric Rifle.” That futuristic weapon which could incapacitate enemies without killing them remained stuck to the book’s pages until Cover figured out how to make the idea work in real life.
By 1974, Cover had built a working model, with further iterations developing and becoming commercially successful by the 1990s. The device works by firing electrically charged darts capable of stopping a person without causing lasting harm. This electrical current disrupts muscle control, effectively creating a stunning effect that immobilizes the target. It was a turning point in law enforcement and personal defense, introducing a sci-fi concept to real-world policing.
Today, tasers are standard equipment for police forces around the world. Their origin story shows just how powerful fiction can be — not just in entertaining us, but in offering new standards for technology that serves real societal needs.
Credit cards were predicted in Edward Bellamy’s 1888 novel
BongkarnGraphic/Shutterstock
In his utopian novel “Looking Backward,” Edward Bellamy imagined citizens using credit cards linked to a central bank to make instant cashless purchases. Writing in 1888, when most transactions involved physical currency or trade-by-barter, Bellamy’s vision of electronic payments seemed impossibly futuristic.
At the time, the idea was revolutionary. There were no sufficient electronic networks, no global banks, and certainly no plastic cards. A system where people could access their funds instantly without carrying physical money would have seemed magical to readers of that era. Yet Bellamy’s vision prophesied everything from debit cards to Apple Pay. When the first charge card, Diners Club, launched in the 1950s, it brought his fictional concept into existence.
Today, credit and debit cards are everywhere, and the move toward digital wallets and cryptocurrency continues that trend. Bellamy didn’t just predict a financial tool, he also anticipated the social and economic changes that would come with cashless transactions, from reduced crime to more efficient commerce. His prescient vision helped lay the conceptual foundations for our modern financial system.
The Metaverse mirrors Neal Stephenson’s Snow Crash
Luis Alvarez/Getty Images
Neal Stephenson’s 1992 book “Snow Crash,” a dystopian cyberpunk novel, is widely regarded as the direct inspiration for the Metaverse, even coining the term that tech companies use today. It described a fully immersive virtual world where people interacted through digital avatars, owned virtual real estate, engaged in combat, and participated in complex digital economies.
Modern platforms like Meta Horizon, Roblox, and VR Chat feel eerily similar to that fictional world. Users can now attend virtual concerts, purchase accessories for their photorealistic avatars, and buy virtual assets that have real monetary value. Even the language and architecture of these platforms echoes Stephenson’s vision. The social dynamics he imagined are playing out in real time across multiple platforms.
While we’re still working towards the seamless, fully immersive experience that “Snow Crash” depicted, the fundamental concepts are already here. The novel served as both the inspiration and roadmap for an entire generation of developers building the virtual worlds we’re rapidly populating.
Video calls were everyday life in The Jetsons
Morsa Images/Getty Images
By the time “The Jetsons” aired in the early 1960s, video calling wasn’t entirely a new concept — AT&T had already demonstrated it decades earlier, even offering a subscription service in the mid 1960s. The service never took off, but the show took the concept and ran with it. Instead of presenting video calls as a rare, high-tech event, “The Jetsons” treated them as casually as a phone conversation, showing George chatting with his boss or family as part of daily life.
Today, that vision feels spot-on. Zoom, FaceTime, and Google Meet are commonplace in both work and home routines, especially after the COVID-19 pandemic made video calling indispensable for millions of people. What was once a novelty reserved for corporate demos has become a basic smartphone feature, available to anyone with an internet connection.
“The Jetsons” didn’t stop at video calls. The same episodes that showed face-to-face conversations also imagined smart home devices, robot assistants, and moving walkways — technologies we now take for granted. The cartoon didn’t just depict future tools; it also helped popularize the idea that advanced tech could be woven seamlessly into everyday life.
The smartwatch has Dick Tracy written all over it
Sitthiphong/Getty Images
In the 1940s, comic book detective Dick Tracy used a two-way wrist radio to fight crime, communicating with headquarters and receiving important information directly on his wrist. Later versions upgraded it to a full-fledged TV and communication device. Comic strip creator Chester Gould gave his character this device decades before miniaturized electronics could make such a thing possible.
Fast-forward 80 years, and smartwatches do all that and more. Apple Watches, Samsung Galaxy Watches, and other wearables allow users to make calls, monitor their heart rate, get directions, and even chat with AI assistants, far exceeding what Dick Tracy’s radio could accomplish. Furthermore, their form factor almost exactly matches what Dick Tracy flaunted in his panels.
The comic was remarkably prophetic about both the technology and its practical applications. Dick Tracy used his wrist radio for law enforcement communication, while today’s smart watches serve similar functions for emergency services, fitness enthusiasts, and anyone who needs hands-free connectivity.
Tractor beams are no longer just Star Wars fantasy
John Lund/Getty Images
The idea of moving objects remotely using invisible beams was limited to space operas and science fiction adventures. “Star Wars” made tractor beams famous, showing massive starships pulling smaller vessels into their cargo bays using mysterious energy fields that could manipulate matter from a distance.
Today, scientists have discovered how to make tractor beams in real life using light beams, static electricity, and even sound waves. We’re still far from pulling spaceships into orbit, but today’s tractor beams can manipulate microscopic particles, small objects, and are even on their way to being able to separate cells within the human body. This once-futuristic technology is surprisingly applicable in medical science, where tractor beams could help doctors perform minimally-invasive biopsies.
While not at the level of the Death Star, the foundational principle of manipulating matter without contact is alive and well. Each breakthrough brings us closer to the large-scale tractor beams that once seemed impossible, proving again that fiction lights the spark and science follows with fire.
Exosuits take cues from Iron Man and Alien
Gorodenkoff/Shutterstock
First appearing in “Tales of Suspense #39” (1963), before making its way to the big screen in “Iron Man” (2008), the Iron Man’s powered exosuit has long been a staple of science fiction. Other movies like “Alien,” “Elysium,” and “Edge of Tomorrow,” have also depicted fictional suits that turn ordinary people into superhumans capable of great feats of strength and agility.
Real-life exosuits are used in warehouses to reduce worker fatigue, in hospitals to aid mobility for people with spinal injuries, and in the military to improve load-bearing capacity for soldiers. While they don’t provide flight or repulsor rays, companies like SUITX and Verve Motion have developed wearable robotics that augment human movement without limiting mobility. Meanwhile, real jetpacks are being tested at Gravity Industries if you want flight capabilities.
These suits aren’t as flashy as Iron Man’s, but their function aligns with the same goal: giving humans mechanical advantage. The technology continues advancing, with newer models becoming lighter, more powerful, and more intuitive to use. Soon, we might achieve that seamless human-machine integration that sci-fi has promised for decades.
Language translators resemble Star Trek’s Universal Translator
SuPatMaN/Shutterstock
In “Star Trek”, galactic diplomacy and exploration of new worlds were made possible with the help of a universal translator — a device that could instantly interpret any language. The translator worked so perfectly that crew members could communicate with alien civilizations as easily as talking with their shipmates, breaking language barriers across the universe.
Now, real-time translation is here. Devices like Pocketalk, Timekettle, and apps like Google Translate offer voice-to-voice interpretation in dozens of languages. Powered by AI and machine learning, these tools can break language barriers in real time, enabling smoother travel, international business, and cross-cultural friendships. Throw specialized earbuds into the mix and you get live translation during face-to-face conversations.
We haven’t achieved the perfect instantaneous translation that “Star Trek” depicted, but we’re pretty close. Modern translation technology continues improving, AI is getting smarter and faster, and it’s only a matter of time until we exactly match Star Trek’s vision.
Invisibility tech Is creeping out of Harry Potter and sci-fi
The ability to turn invisible has long been a favorite trope in both fantasy and sci-fi — from cloaking devices in “Star Trek” to Harry Potter’s magical invisibility cloak. And while we’re not yet vanishing into thin air, science is making progress.
Researchers are developing metamaterials that can bend light around objects, effectively rendering them almost invisible to the human eye, or at least to certain sensors. Some labs have created cloaking devices that work in narrow bandwidths of the electromagnetic spectrum or specific environments, like underwater or in thermal imaging. These materials can make small objects appear to vanish by redirecting certain waves around them, essentially creating a blind spot where the object exists but cannot be seen.
Military and academic labs continue pushing this technology closer to practical use. And while this tech is still in its infancy, it holds enormous potential for military camouflage and privacy applications.
When fiction becomes function
Many of our greatest inventions began not in labs or workshops, but as imaginative what ifs in books, comics, or on screen; fictional worlds where creativity was unrestricted. The technologies that once existed solely in stories — tablets, video calls, smartwatches — are now integral to daily life. As tech catches up with fantasy, it’s clear that today’s fiction often serves as tomorrow’s blueprint.
We’re already seeing clues. Shows like “Black Mirror” explore brain-computer interfaces, memory replay, and AI companions, technologies that are actively being researched by Neuralink and Meta. The sprawling space habitats in “The Expanse” inspire real NASA and Space X concepts for Mars colonization. Meanwhile, the AI companion in “Her” seems increasingly plausible as chatbots become more sophisticated.
Science fiction continues serving as more than entertainment. It provides a testing ground for ideas, allowing writers and readers to explore possibilities before technology catches up. Somewhere in a screenplay or sci-fi novel being written right now, the next ground-breaking invention may already exist, waiting for someone to build it.
In areas where traditional broadband is unreliable or nonexistent, satellite internet like Starlink becomes a lifeline for reliable internet. The service has grown rapidly – Starlink started with half a million users and now has over 6 million subscribers worldwide, meaning more people then ever before have access to reliable satellite internet.
While one of the appeals of Starlink is its relatively simple set up, power users can improve performance by using setting such as bypass mode. This option turns off Starlink’s built-in router and Wi-Fi and connects a third-party router directly, meaning that Starlink just delivers the internet and your router handles all the network management. That can unlock faster speeds, better range, advanced features like VPNs, and stronger performance for large homes or mesh systems.
Starlink bypass mode also helps solve the issue of double NAT (network address translation), a problem that can disrupt gaming, video calls, and VPNs when two routers try to manage the connection. By default, the stock router handles NAT, and your own router may do the same. Bypass Mode lets your router handle all NAT functions directly. In addition, bypass mode keeps your network stable during Starlink firmware updates, which means that there won’t be any surprise reboots cutting you off mid-meeting. Best of all, enabling it is quick — here’s how to do it.
How to enable Starlink bypass mode and what to watch for
Hadrian/Shutterstock
Turning bypass mode on and off is simple. First, connect a third-party router directly to Starlink — Gen 2 Starlink systems will need an Ethernet adapter, while Gen 3 devices have built-in Ethernet ports that you can use to connect your router. Once everything is hooked up, open the Starlink app, go to Settings, and switch on Bypass Mode. You can also enable it through your account’s web portal by selecting Manage and activating Bypass in the Wi-Fi settings.
To reverse this process, factory reset the Starlink router by cycling the power six times on Gen 2 models or pressing the reset button for 10 seconds on Gen 3 units. If the Starlink network does not appear, look for interference or other networks with similar names. Scan and connect with the Starlink app.
Bypass mode is great for people who want more control over their network for a home office, gaming setup, or just for general internet access. This setting is also available for satellite internet accessed through the Starlink Mini, so you can boost your range while still taking advantage of the flexibility of a custom network. Once it’s on, your devices connect through your router’s Wi-Fi, and Starlink becomes a pure internet feed.
Cyber attacks are no longer confined to the realm of IT – they are a systemic risk to economies, governments, and public trust. Nowhere is this more evident than in the UK’s newly formalised approach to cyber security. With the government now advancing a ban on ransom payments by public sector entities and introducing mandatory incident reporting, the country is drawing a firmer line in the sand. These moves signal a decisive shift in the nation’s cyber security posture: one aimed at undermining the profitability of ransomware and driving greater transparency in its aftermath.
But bold action brings consequences. Will banning ransom payments truly deter attackers or merely change their tactics? And how will this policy resonate across Europe’s increasingly fragmented regulatory landscape?
What’s unfolding in the UK could well be a defining inflexion point in Europe’s broader response to ransomware.
A shifting threat with rising stakes
Ransomware has evolved into a highly professionalised criminal enterprise. Threat actors now are better funded, more patient, and extremely strategic. In the past, many organisations opted to pay ransoms quietly, weighing the ethical discomfort against operational paralysis or reputational fallout. But this calculus is shifting. Governments and regulators are growing wary of a cycle that appears to reward criminal behaviour.
The UK’s public sector ransom ban aims to change that. The intent is clear. By removing the financial incentive, public organisations become less attractive targets, and the volume of attacks will fall. But there’s a catch: ransomware groups are adaptable. If encryption doesn’t work, they’ll pivot. In fact, they already have towards data exfiltration, double extortion, and the threat of public leaks, often targeting the very data that underpins citizen trust and institutional credibility.
Walking the ethical tightrope
The ethical argument for banning ransom payments is strong – starve the attackers of funding, and you weaken the ecosystem. But translating principles into policy is rarely straightforward. Public sector organisations like hospitals, local councils, and transportation networks manage critical services where downtime has life-and-death implications.
These entities are often underfunded and overexposed. If hit with a ransomware attack and legally barred from paying, their recovery relies entirely on the strength of their backups, the clarity of their incident response plans, and the resilience of their operations. Balancing a principled cybersecurity stance with the pragmatic need to ensure operational continuity is a complex challenge that demands careful consideration.
Hospitals, councils, and other essential services can’t afford prolonged downtime. For the policy to work, public sector organisations will have to prioritise recovery above all else as part of a complete cyber-resilient strategy
Success hinges on their ability to shift from reactive defence to proactive resilience. That means stronger backups, clearer governance, and well-rehearsed response plans. The policy’s success depends on how well these organisations can maintain service continuity during disruption.
The knock-on effect for the private sector
The UK’s approach raises another pressing question: if public entities are off-limits, will ransomware groups simply shift focus to the private sector? The ransomware ban doesn’t apply to private businesses – yet. But the writing is on the wall. With public entities shielded, attackers are likely to pivot toward private organisations, especially in sectors like finance, logistics, and manufacturing. They should also be watching closely as new norms emerge. Even if ransom bans are not imposed on them directly, they could face greater regulatory scrutiny, especially around reporting obligations, breach disclosure, and customer communication.
There’s also the challenge of divergence. As different European nations explore their own approaches, the regulatory landscape is set to fragment. Multinational organisations will face a complex web of obligations, with varying timelines for breach reporting and different liabilities depending on jurisdiction. Amid this complexity, paying a ransom may seem like a quick fix, but it is never the answer. Such actions not only embolden attackers but can also expose businesses to further regulatory and reputational risks. Instead, the ability to coordinate a consistent and compliant response across borders will soon become the true marker of operational maturity.
Rethinking resilience: From technical to strategic
Regardless of whether a ransom ban directly affects them, organisations – public and private – should see the UK’s move as a moment to revisit their approach. The environment is shifting, and resilience is no longer optional. Here’s what should be top of mind:
Resilience must go beyond IT: Cyber resilience is not just a technical problem; it’s a business survival issue. Organisations need clear governance structures that define how ransom decisions are made, who is informed, and how stakeholders are engaged. This includes executives, compliance teams, crisis communicators, and even insurers. Preparing for cyber threats starts in the boardroom, not the datacentre.
Recovery readiness is key: Immutable backups, isolated environments, and rapid failover systems are critical, but often neglected until it’s too late. These systems need to be regularly tested – not just in theory, but in full simulations that involve leadership and frontline teams.
Threat actors will pivot: Expect increased focus on data theft and reputational sabotage. This means that organisations must improve their ability to detect early-stage intrusions, lateral movement, and anomalous data flows. Proactive threat hunting and internal monitoring should become routine.
Regulatory fragmentation is coming: Anticipate more granular and disjointed rules on breach reporting, ransom policy, and supply chain risk. Coordinated governance, policy flexibility, and jurisdictional awareness will separate the reactive from the resilient.
The opportunity: A more secure and transparent ecosystem
While the short-term outlook may feel turbulent, there is a long-term opportunity to create a stronger, more transparent cyber security ecosystem. The UK’s stance will serve as a case study – both in how governments can attempt to reset the economics of ransomware, and in how public institutions can (or can’t) absorb the operational shock.
Transparency breeds learning. With mandatory incident reporting now in place, we’ll begin to better understand the true volume, cost, and impact of attacks. That data can drive smarter regulation, targeted investment, and more informed risk assessment across sectors.
Organisations don’t need to wait for policy to catch up. Forward-thinking leaders will seize this moment to engage closely with CISOs, clarify decision-making authority, and rigorously test incident response plans. By fostering collaboration between CISOs, CTOs, and CIOs, they can drive shared responsibility across the organisation, shaping the future of cyber resilience in Europe.
Gartner analysts will present the current and future state of cyber security at the Gartner Security & Risk Management Summit 2025 in London, from 22-24 September.
Fintan Quinn is senior director analyst at Gartner, specialising in backup, disaster recovery, and storage architecture and solutions.
Over a million dollars’ worth of cryptocurrency assets laundered by or on behalf of the notorious BlackSuit ransomware gang – previously known as Royal – were seized ahead of a multinational takedown operation in July, led by the US authorities with support from the UK’s National Crime Agency (NCA) and cyber cops from Canada, France, Germany, Ireland, Lithuania and Ukraine.
Operation Checkmate, which took place on 24 July, saw a coordinated action that took four servers and nine domains offline for good. The US Department of Justice (DoJ) has revealed that this week, a warrant for the seizure of crypto assets valued at $1.09m (£800,000) was unsealed by the US Attorney’s Offices for the Eastern District of Virginia and the District of Columbia. The seizure itself took place some months ago.
The funds in question were paid out on or around 4 April 2023 by a victim who handed over 49.31 bitcoin in exchange for the BlackSuit gang agreeing to decrypt their data. The payment was worth about $1.45m at the time. A portion of this total was repeatedly deposited and withdrawn into a virtual currency exchange account, before being frozen by the exchange in January 2024.
“Disrupting ransomware infrastructure is not only about taking down servers – it’s about dismantling the entire ecosystem that enables cyber criminals to operate with impunity,” said Michael Prado, deputy assistant director of the Cyber Crimes Center at Homeland Security Investigations (HSI), the investigative branch of the federal government Department of Homeland Security (DHS).
“This operation is the result of tireless international coordination and shows our collective resolve to hold ransomware actors accountable,” said Prado.
HSI Washington DC acting special agent in charge Christopher Heck added: “This investigation reflects the full reach of HSI’s cyber mission and our commitment to protecting victims – whether they’re small businesses, school systems, or hospitals. We will continue to target the infrastructure, finances and operators behind these ransomware groups to ensure they have nowhere left to hide.”
Deputy director Paul Foster, head of the NCA’s National Cyber Crime Unit, said: “Ransomware is the most damaging cyber crime threat globally and the BlackSuit strain has impacted victims in the UK and overseas.
“The NCA, alongside the North West Regional Organised Crime Unit worked closely with HSI and other international partners over the past year, sharing intelligence which contributed to the disruption of this criminal group.
“We continue to support UK-based victims of BlackSuit attacks and would encourage anyone who thinks they have been targeted to come forward and report it,” added Foster. “Further support and advice on protecting yourself from ransomware can be found at NCSC.gov.uk.”
This investigation reflects the full reach of HSI’s cyber mission and our commitment to protecting victims. We will continue to target the infrastructure, finances and operators behind these ransomware groups to ensure they have nowhere left to hide Christopher Heck, Homeland Security Investigations
A prolific ransomware actor, BlackSuit was likely comprised of individuals with historic links to the Conti gang. It first surfaced in early 2022, likely acting as an affiliate of other gangs, before emerging as Royal with its own encryptor that autumn. It went on to rebrand as BlackSuit following a major attack on the City of Dallas in Texas, but it then lay quiet until last summer, when it started to ramp up the tempo of its attacks again.
During its operational life, it is thought that BlackSuit attacked almost 500 victims in the US alone and extorted over $370m in payments.
Its targeting included victims in many critical infrastructure sectors, such as government bodies, healthcare and manufacturing. As noted, one of its most noteworthy victims was the City of Dallas, which was attacked in spring 2023.
In this infamous incident, the gang was able to gain access to the city government’s systems using a stolen account, and exfiltrated over a terabyte’s worth of files over a four-week period, before executing its ransomware payload.
While BlackSuit operated a fairly standard double encryption business model, it was somewhat noteworthy in its approach to encrypting its victims’ data, using a partial encryption approach that allowed its operators to choose how much data in a file to encrypt. This tactic meant the gang could work quicker and evade detection.
The outlook is still Chaos
Notwithstanding the success of the joint operation, ransomware actors are notoriously difficult to pin down and, when cornered, have a frustrating habit of melting into the shadows and re-emerging with a new identity further down the line.
In the case of BlackSuit, the gang’s next rebrand may already be in progress. In late July, researchers at Cisco Talos published intelligence linking an emergent ransomware-as-a-service (RaaS) operation dubbed Chaos to former BlackSuit operatives.
In their assessment, the Cisco Talos team said it was likely that based on similarities in tactics, techniques and procedures (TTPs) – including encryption commands, the broad theme and structure of its ransom note, and the use of similar tools in its attacks – Chaos was “either a rebranding of the BlackSuit ransomware or operated by some of its former members”.
This article was updated at 19:35 on 13 August to incorporate a quote from the UK’s National Crime Agency.
Apple AirPods are some of the best in-ear headphones on the market. From one generation to the next, these devices continue to evolve, delivering one of the most robust listening experiences for your favorite playlists, albums, and artists. But when your AirPods stop working the way they should, it can feel like Apple has a personal vendetta against you.
One holdup we hear about on a fairly regular basis is a sudden pause in audio. By default, most AirPods have a feature called Automatic Ear Detection enabled, which does indeed pause media when your AirPods are removed. This is a function you can easily toggle off if you’re not into it. Just grab your iPhone, launch Settings, and select the (“i”) icon next to your AirPods. Scroll down to Automatic Ear Detection and toggle the setting off.
But what if that’s not when your AirPods are pausing? In cases where your AirPods cease playing when they’re still in your ears, there could be a few reasons why they are misbehaving. Let’s start unpacking this potentially multi-layered debacle.
How to Stop Your AirPods From Pausing
Julija Matuka/Getty Images
We say it all the time: First and foremost, you’ll want to make sure your AirPods are running the latest firmware version. It may not be the root cause of every AirPods glitch, but it’s a surefire way to weed out any abnormalities Apple has already patched.
To do so, open the Settings app, tap Bluetooth, then tap the (“i”) icon next to your AirPods. If the firmware version listed doesn’t match the latest version on Apple’s support site, you can initiate an AirPods update by popping them in their charging case, closing the lid, then plugging the case in for power. Place your iPhone next to the closed case and wait about 10–15 minutes for the update to push through.
Suppose you’re listening to music through a streaming platform like Spotify or Apple Music. In that case, you’ll need to have an internet connection to listen to any song, album, or playlist that isn’t downloaded to your device for offline listening. You may be experiencing a sudden audio dropout when your iPhone, iPad, or other host device loses access to Wi-Fi or cellular data.
To troubleshoot, look at your iPhone’s status bar the next time your AirPods pause. If neither the Wi-Fi icon nor a 5G, 4G, or LTE icon is present, your device isn’t connected to the internet. Perhaps there was a local outage, or maybe Wi-Fi was accidentally toggled off. Fortunately, reenabling is as simple as tapping Settings > Wi-Fi, then toggling Wi-Fi back on if it’s off (Settings > Cellular > Cellular Data for mobile data).
Other Possible Pausing Culprits
Ирина Мещерякова/Getty Images
If your AirPods are low on battery, the Bluetooth signal between the earbuds or headphones and your host device may weaken, which could result in paused audio or disconnected AirPods entirely.
It may sound obvious, but the solution to this problem is ensuring your AirPods are charged enough when you pop them in your ears. And even if one or both buds are on the cusp of dying, only 5 to 10 minutes in the charging case should net you at least an extra hour or two of playback — as long as the case itself has enough charge, too.
Your AirPods use proximity sensors to let them know when they’re in your ears and when they’re removed (a core part of the Automatic Ear Detection setting). If these sensors become dirty, the sensor interruption may cause your AirPods to play and pause when you least expect it. Check the Apple website for detailed information on how to clean your specific AirPods model.
One final cause of random AirPods pauses might be overreactive touch sensors if you’re using the original AirPods or AirPods 2. These earlier AirPods models use a double-tap control system that handles things like track playback and call answering. Sometimes, an accidental double-tap can cause your media to stop playing.
To make sure this doesn’t happen, go to Settings > Bluetooth > [your AirPods name], then choose either the left or right bud. Make sure neither bud has the Play/Pause function selected, then initiate a double-tap to confirm the setting is disabled or modified to your liking (you can also program left and right bud double-taps for track skipping and Siri access).
We may receive a commission on purchases made from links.
With so many Chromebooks ending up in landfills, it’s a good idea to try to give your laptop a new life by upgrading its components. More storage means more space for your Steam games, and more RAM, or memory, allows software to run smoothly on your system. Neither upgrade is expensive, especially now that NVMe SSDs have dropped significantly in price, and the install is relatively easy. All you need is a set of tools made for repairing electronics and a teardown guide.
The bad news is that, if you want to give your Chromebook a second wind, you shouldn’t get your hopes up. Most are not upgradeable, which is a bummer if you think your next laptop should be a Chromebook. Manufacturers keep Chromebook prices low by cutting costs, choosing to solder on components that make it impossible for the end-user to change. You’re most likely stuck with the specs your Chromebook came with, especially if it’s a budget, entry-level model.
Some Chromebooks have upgradable storage, but it’s rare
Veni Vidi…shoot/Getty Images
While a majority of Chromebooks have un-upgradable parts, there are some exceptions. Higher-end Chromebooks, like Acer’s Chromebook Spin series, are more likely to feature upgradable storage. But there are only two ways to find out if your Chromebook is upgradable.
You can either take it apart yourself, which is only recommended if you have the right tools and know what you’re doing, or you can search for a teardown article or video. That way, you don’t crack the shell or damage internal components. Look for an M.2 SSD, which looks like a very thin rectangle that can fit in the palm of your hand. If the SSD is soldered on, you’re out of options. But if you see it’s connected to an M.2 slot, which looks like this, you’re in business.
If you’re looking to upgrade the memory on your Chromebook, you’re out of luck. Upgrading the RAM on your Chromebook is not possible. If you think 8GB of RAM is not really enough, your best option is to purchase a Chromebook that has the RAM you need.
How to upgrade the storage on a Chromebook
Den Rozhnovsky/Shutterstock
Whether you saw a teardown video or opened up the Chromebook yourself, you need to know the size of your M.2 SSD before you go shopping. There are five sizes ranging from the smallest 2230 to the largest 22110 — the numbers after 22 are the length of the SSD measured in millimeters. Most gaming PCs and laptops use 2280 M.2 SSDs, which are a step below the largest size. Storage sizes vary on the 2280 M.2 SSD, ranging from 128GB drives to beefy ones with 8TB of storage. For most, a 2TB M.2 SSD is a solid choice, offering the best value for the money.
To upgrade the storage on your Chromebook, pop it open and find the current M.2 SSD. Remove the screw holding the drive in place, and carefully remove it. Pop in your new drive and screw it on. Since you removed the drive and the operating system within, you’ll need to install it onto the new one, which you can do with the Chromebook Recovery Utility.
Broadband provider Openreach has announced it is proceeding with a major infrastructure upgrade to the UK village of Bramley in Surrey.
Like many rural locations, Bramley has struggled for years with poor connectivity, a situation made worse for a prolonged period after a fuel leak from a local petrol station plunged many into having no or glitchy internet.
Somewhat advantageously, Openreach had originally announced upgrades to the area’s ageing copper network in 2021, but the fuel leak subsequently contaminated parts of its network and forced the company to restrict access to its underground ducts for safety reasons.
Over the past 18 months, Openreach has worked with environmental experts, local authorities and safety specialists to manage the risks posed by petrol vapours in its underground network. It deployed vapour extraction units, conducted safety assessments and introduced new protocols designed to protect the public.
Once the measures taken had reduced the risks to acceptable levels, Openreach reopened access to its underground network in Bramley, allowing its own teams and engineers from other companies such as independent broadband providers (altnets) to resume build and maintenance work on their networks. Openreach describes this current situation as marking a “significant milestone” in the recovery effort that paves the way for what it believes will be a “transformative” upgrade to the local network using full-fibre broadband.
In what is seen as a long-term solution for Bramley, Openreach’s network will deliver full-fibre to around 2,500 homes and businesses across the village, both inside and outside the previously restricted area. Openreach guarantees that the network will be far less prone to service issues caused by extreme weather and environmental impacts, making it a future-proof offering for the community’s connectivity needs.
“This has been a really frustrating situation for residents and businesses in Bramley, but we now see some light at the end of the tunnel,” said Openreach chief engineer Andy Whale. “We want to turn a bad situation good by not just repairing and restoring the damaged network that exists today, but by building something much faster, more reliable and longer lasting. This full-fibre upgrade is a long-term investment in Bramley’s future, supporting local people and businesses to move on from the disruption with a network they can rely on for decades. We hope it’ll help the local community and economy to recover, grow and thrive in a digitally connected future.”
Openreach has been maintaining connectivity in the area through a combination of remote fault fixes, temporary satellite hubs at key community locations and alternative network services.
Furthermore, the provider said its engineers were confident they can minimise disruption in the repair work by reusing existing underground ducts and telephone poles wherever possible, to minimise and avoid roadworks and closures. The company is also working closely with Bramley Parish Council and other local groups and stakeholders to make sure the community is informed and involved throughout the process.
“I can’t overstate what a positive difference full fibre roll-out will make for Bramley residents and businesses,” said Jane Austin, Waverley Borough councillor and chair of Bramley Parish Council. “Openreach have listened to our concerns about the prospect of potential disturbance with roll-out and they have come up with a plan to minimise disruption.
“We look forward to continuing our constructive working relationship so we can improve the Bramley area; our community is bouncing back even stronger than we were before.”
The global fight for internet infrastructure control has heated up, driven by more international competition, increasing cyber attacks and instances of economic espionage. Following the Russia-Ukraine war and escalating US-China tensions, countries are now rushing to protect data flows and vulnerable critical infrastructure for the coming years. Rising concerns about dependence on foreign-controlled hosting, internet protocols (IPs) and peering are also emerging.
Furthermore, the increasing cost of internet connectivity, driven by the near depletion of IPv4 addresses, as well as the growing frequency of routing attacks such as Border Gateway Protocol (BGP) hijacks, have also heightened the need for countries in the European Union (EU) to focus on digital sovereignty. After years of outsourcing and bureaucracy, many are still in the draft strategy stage.
However, through a series of coordinated and innovative strategies – including IPv6 deployment, local control of IP space, private sector alignment and peering networks – Lithuania has been taking a highly proactive approach to future-proofing its internet infrastructure, improving digital sovereignty and national resilience.
How Lithuania is building internet infrastructure resilience
Lithuania’s post-Soviet past has played a significant role in shaping its bid for digital autonomy, which relies on viewing internet infrastructure as a state asset. A tech-first governance model combines public-private partnerships, infrastructure policy and national security.
Back in the early 2000s, the country was already investing significantly in nationwide digital identity, e-government services and secure infrastructure for public data. Now it is doubling down on IPv6 deployment at scale as part of a strategy to future-proof its internet infrastructure. And the country is actively trying to encourage full IPv6 adoption, when IPv6 adoption across Europe has been relatively slower so far.
This shift is likely to help decrease dependence on almost depleted IPv4 addresses, while securing long-term address availability. IPv6 networks are also more efficiently structured, with better redundancy and shorter routing paths, strengthening resistance to disruptions and failures.
“With globally unique addresses, IPv6 restores end-to-end connectivity, enabling more transparent communication and better performance. This eliminates the need for current complex workarounds like NAT due to IPv4 address limitations,” says Martin Butler, professor of digital transformation at Vlerick Business School. “This gives nations more control over their network infrastructure and supports the scale needed for future digital services.”
Leasing out dormant IP addresses
Lithuania is taking strategic control of its IP address space by leasing out dormant IP addresses through private sector companies like IPXO. The company claims to have the world’s largest IPv4 leasing market, with more than 300 million leasable IPs across all regional internet registries (RIRs).
IPXO’s co-founder, Vincentas Grinius, believes that out of 4.3 billion IP addresses, 25% are not visible on the internet at all, with a considerable portion of the remainder being badly managed.
With globally unique addresses, IPv6 restores end-to-end connectivity, enabling more transparent communication and better performance Martin Butler, Vlerick Business School
“It’s not about the shortage, it’s about how efficiently that resource is utilised. A lot of enterprises have a legacy space that some of them forgot about. Some of them have legacy networks where they have a different system and they are locked within those,” he says.
“Our aim is to step into a deeper understanding of how we can defragment their networks and give them that single source of truth. It’s to help enterprises optimise their networks and remove the hurdle of multiple tools,” adds Grinius.
Butler emphasises that as countries strive to achieve greater digital sovereignty, controlling data flows and IP address space has become vital.
“Local routing policies enable governments and ISPs [internet service providers] to align their network operations with domestic laws, enhance visibility in critical sectors, and reduce dependency on foreign infrastructure. These actions strengthen resilience and help mitigate security risks such as route hijacking,” he says.
Not only can this generate additional revenue, but it could also reduce the need to lease address space from foreign companies, while curbing black market leasing and IP hijacking.
Another step is building up routing and peering infrastructure by enhancing BGP route filtering, growing internet exchange points and supporting domestic peering. This helps decrease latency, keep traffic local and control the risks of foreign routing dependency, which is vital for both national security and performance.
Simultaneously, Lithuania is developing top-tier response infrastructure through sector-specific cyber protocols and its National Computer Emergency Response Team (CERT-LT), in partnership with NRD Cyber Security. This allows the country to export CERT design, cyber security frameworks and routing strategies to other countries, further strengthening its cyber resilience leadership.
Apart from IPXO and NRD Cyber Security, the Lithuanian government consistently funds, supports and partners with several other private sector firms and business incubators, such as Hostinger, Tesonet, Telesoftas and Kaunas Tech Park.
By designing and operating domestic core stack services, these companies can significantly decrease the need for global hyperscalers, while being aligned with sovereign goals.
According to Eiviltas Paraščiakas, head of communications at Hostinger, one of the company’s main advantages over hyperscalers such as Amazon Web Services (AWS) and Google Cloud is speed. He said this unlocks lots of options, such as adapting to technology trends, delivering minimum viable products and experimenting with products.
He believes competitors would struggle to launch a product in a few weeks, as Hostinger did with its Horizons AI app platform, which simplifies web application development.
Kaunas Tech Park plays a key role in seeding and supporting Lithuania’s early-stage tech startups and scaleups. These work across cyber security, cloud-native and hosting technologies, the internet of things (IoT) and edge networking, among other areas. Through this collaborative system, Lithuania can scale up its digital infrastructure much faster than many of its EU peers.
What Europe could learn from Lithuania
One of the key takeaways from Lithuania’s internet infrastructure approach is that true sovereign digital resilience comes from first mastering control of the invisible but essential building blocks. Lithuania treats routing infrastructure, IP space, Domain Name System (DNS) and hosting as national and strategic assets, not just technical private sector tools. As such, the long-term resilience of these assets can be baked into the national digital agenda and routinely monitored and encouraged by the Ministry of the Economy and Innovation.
One of the key takeaways from Lithuania’s internet infrastructure approach is that true sovereign digital resilience comes from first mastering control of the invisible but essential building blocks
In contrast, several EU countries still outsource core infrastructure to foreign telecoms operators or hyperscalers. While their digital agendas are full of intention, they lag in implementation. Another lesson is to utilise dormant IP assets for leasing revenue, which can then be used for public infrastructure, research and development, and scientific ventures. This effectively reduces digital waste and decreases the internet’s carbon footprint.
Lithuania also demonstrates the benefits of fostering public-private tech partnerships with companies like IPXO, Tesonet, Hostinger and NRD Cyber Security. These firms highlight the multifold benefits of policy support, building products that strengthen national autonomy, like a global IP leasing marketplace, encrypted access and domestic hosting. By doing the same, the UK and EU could significantly reduce reliance on Chinese or US firms and enhance domestic internet infrastructure capabilities.
Lithuania’s strategy of exporting cyber resilience through sovereign infrastructure models could help other EU members and the UK develop themselves as global digital leaders as well. The country demonstrates the benefits of agility during initial-stage implementation of new internet infrastructure policies, through rapid deployment of IPv6 at scale, integrating national cyber architecture and changing registry policies. In addition, this could allow it to be much better equipped to deal with fast-evolving digital threats, unlike the UK, which is still bogged down by fragmented policies and red tape.
The challenges ahead
Yet even though Lithuania is making significant strides in internet infrastructure resilience, some hurdles remain. Butler points out that local IP space control and sovereign routing policies have their drawbacks: “Excessive centralisation or opaque filtering can undermine the internet’s open, distributed nature. Mandating that traffic stay within borders may reduce efficiency, increase latency and risk fragmentation outcomes that weaken rather than strengthen digital infrastructure.”
Yet despite impressive roll-out, Lithuanian IPv6 adoption across enterprise networks, consumer ISPs and regional governments is still somewhat patchy. This is mainly because several services and devices still depend heavily on IPv4.
Awareness of the benefits of IP address leasing is also slow, with Grinius noting: “It took us a lot of effort to educate the market that leasing is good and safe, if you have a safe environment to do that. A lot of the companies or government institutions, non-governmental organisations, have that old thinking, where you can’t do anything with the IP addresses within the third-party networks. We tried to change that because technologies are advancing, things are introduced faster and faster.”
With the country mainly relying on a few major firms, such as IPXO and Hostinger, for internet infrastructure, there is also a systemic risk in case of strategy changes or consolidation. A lack of domestic hyperscalers also means that some critical workloads still depend on foreign infrastructure, which can slow full digital sovereignty.
Similarly, Lithuania’s talent pool is currently seeing a high amount of brain drain to countries including the UK, Germany and the US, which often offer better salaries. This can have far-reaching impacts on sovereign infrastructure projects.
