News

• ESET found a high-severity bug in WinRAR being used by RomCom, a known Russian hacking collective
• The bug was being used to deploy backdoors allowing full access to compromised computers
• WinRAR says it has fixed the issue, so users should update now

Iconic archiving platform WinRAR carried a dangerous zero-day vulnerability which could have let hackers plant malware on compromised computers, security researchers are warning.

Recently, researchers from ESET discovered a directory traversal vulnerability in the latest version of WinRAR. The flaw is now tracked as CVE-2025-8088, and was given a severity score of 8.4/10 (high).

To make matters worse, hackers were seen abusing the flaw in the wild to drop RomCom’s malware variants.

ESET’s researchers said the flaw was being abused in spear phishing attacks (highly targeted phishing attacks) by the Russian-speaking threat actor known as RomCom, a group known for running espionage and financially-motivated attacks.

Its usual targets include government, military, and critical infrastructure organizations, so spear phishing attacks would make perfect sense.

The group was using the bug to deploy backdoors which would give them full access to the compromised computers.

The group’s earliest sightings were in 2022, targeting entities across Europe and North America. It often spoofs legitimate software in its attacks, with the RomCom RAT being its flagship malware.

RomCom is also tracked by other security outfits under monikers Storm-0978, Tropical Scorpius, and UNC2596.

After the discovery, WinRAR released a patch to fix the flaw. The first clean version is 7.13.

"When extracting a file, previous versions of WinRAR, Windows versions of RAR, UnRAR, portable UnRAR source code and UnRAR.dll can be tricked into using a path, defined in a specially crafted archive, instead of user specified path," WinRAR explained in its changelog. "Unix versions of RAR, UnRAR, portable UnRAR source code and UnRAR library, also as RAR for Android, are not affected."

WinRAR is a type of program that doesn’t update automatically, so unless users uninstall it and download the latest version manually, they will remain vulnerable.

Via BleepingComputer

• Still using WinRAR? It has a worrying security flaw that could let hackers hijack your Windows device
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

The classic dial-up handshake sounds melodic, scratchy, and harsh, and is inexorably associated with connection. It’s also now silent. AOL’s decision this week to finally end dial-up service is not surprising, but it still feels like a door closing, one I walked through more times than I can count to step onto the world wide web.

It’s a sound immortalized in the 1998 Tom Hanks and Meg Ryan rom-com You’ve Got Mail, a film in which the then insanely popular AOL service propels the plot forward to its unsurprising and deeply romantic conclusion.

When I first started covering and working online, AOL was one of the chief portals to the new digital world, and the only way to traverse that portal was via a dial-up modem, one connected to your PC on one side and your phone line on the other. (Having a phone line close to your computer was a big deal – kids today are spoiled by ubiquitous, high-speed Wi-Fi... but I digress.)

In today's always-connected world, it’s hard to conceive of the intentionality of this act. In the 1990s, our phones were dumb, and your computer dealt with local networks and files. We called dial-up “going online” because it was like taking a trip in which the mode of transportation was a little box with the magic code to connect you to the Internet and, ultimately, the information superhighway.

Before home broadband, everyone knew the handshake sound and, yes, millions were dialing into AOL (America Online) – a network of its own – to access the internet.

If you were breaking down the dial-up process, you might look at it as two distinct parts: the dialing of the AOL number, and then a series of negotiation sounds all designed to ensure that the modem was legit and speaking the correct language. Once the system on the other side of the connection was satisfied, you’d be connected and soon hear, “You’ve got mail.”

That mail system was also an integral part of AOL. There was no Gmail, and far fewer people were using online mail systems from Yahoo or even Microsoft (I should add that these days, having a @hotmail.com mail account is akin, for some, to having an @AOL.com mail account).

Dial-up started its rapid decline in the late 1990s as cable companies introduced broadband over coaxial cable. Instead of knocking on the internet’s door with a phone call, broadband paved an open path to the digital realm. One day, we had the classic dial-up sound in my home, and the next day, we did not.

Dial-up continued to serve a purpose well into the first decade of the new millennium, and broadband took years to reach rural communities. In 2009, Netzero tried to bring dial-up back as an affordable alternative to pricey broadband. Imagine someone trying to sell consumers on the horse and buggy decades after the automobile had become ubiquitous. It was a terrible plan and, in my opinion, set back broadband reach a few years.

Even so, by 2022 the number of people still using dial-up had dropped to 175,000. I'm sure the number today might equate to the population of a very small, one-street town in middle America. I hope AOL is at least supporting those who still can't connect to cable or fiber.

It's not like we didn't see this coming. In recent years, other big companies with names that start with A have been turning their backs on dial-up technology.

My sadness is not ennui for a better time. It’s really just nostalgia for a digital snapshot, a moment when we had to make an effort to get connected and then wait, in anticipation, as the modem completed its digital handshake before opening the door to reveal the growing world of digital connections and information. I wonder if, perhaps, we appreciated the miracle of connection more for the effort that was involved.

We take it for granted now; and Gen Z, in particular, surely has no idea what it means to prime the pump of online before adding an Instagram post. But what if they did? What if, just once a year, we declared it 'Dial-Up Day' and you had to run a fake modem handshake before you could use your laptop or smartphone?

Ridiculous, I know, but the thought does make me smile.

• Dial-up is dead, but Apple just made it deader
• The best laptops 2025 tested, reviewed and rated
• Microsoft teases the future of Windows: 'The computer will ...

• Amazon's War of the Worlds movie has boosted the visibility of another movie with the same name
• Viewers are tuning into the 2005 Tom Cruise-led film on various streaming platforms
• Neither flick is the best way to experience its sci-fi horror story, though

It turns out Amazon's War of the Worlds movie has done some good after all.

The Ice Cube-starring Prime Video film, which was one of July's final new Prime Video movies, continues to be ridiculed by fans and critics alike. At the time of publication, it holds 3% critical and 22% audience approval ratings on Rotten Tomatoes – scores that makes it one of the worst-rated original movies in the platform's history.

But it's not all bad news for War of the Worlds – well, another movie adaptation of H.G. Wells' famous sci-fi horror story. Indeed, given the level of interest in the property itself, the 2005 Tom Cruise-led film is enjoying a renaissance on some of the world's best streaming services.

Right now, Cruise's War of the Worlds movie is the eighth most popular film on Netflix in the UK. By all accounts, it's enjoying some success on Paramount+ in the US and further field on other streamers where it's available, too.

It's difficult to determine how many people have actually watched it and/or how many have made it to the end of the Steven Spielberg-directed flick on either streaming service. The fact remains, though: Prime Video's War of the Worlds film might be absolutely abysmal, but it's introduced Wells' incredibly influential story to a whole new generation and, as a huge fan of the original novel, that's worth celebrating in my view.

If you're trying to decide which War of the Worlds movie is worth watching based on their Rotten Tomatoes scores, it's a no-brainer. Cruise's team-up with Spielberg is by far the better film, with its 76% critical and 42% audience ratings indicating as much.

As its audience score suggests, though, I, like many general moviegoers, was less than enthused by Paramount Pictures' big-budget take on Wells' literary works. Yes, it looks great and there are some genuinely scary moments, especially early on. But, whether it's the movie's present day setting in New York – Wells' original story is set in England at the end of the 19th century – or other baffling changes it makes to the source material, I was unimpressed by the overall package. For that reason, I can't recommend the Cruise-led vehicle as one of the best Netflix movies or best Paramount+ movies.

But we're all about offering alternate suggestions here at TechRadar so, as one of our resident entertainment experts, it's my duty to do just that. I'm not going to do what my colleague Jasmine Valentine did and tell you to stream a far better movie version of the sci-fi classic, though, so what do I recommend instead?

If you're really not fussed on reading the original book, which I'd highly recommend anyway, check out Jeff Wayne's 1978 concept record The War of the Worlds, which is available on Spotify, Apple Music, and all other good audio streaming services. It takes Wells' story – without changing its narrative for the sake of it – and turns it into a progressive rock double album that allows your imagination run wild as you listen along. Nothing's scarier than what your own mind can make up, so why not give it a go? I promise you'll be humming the opening minutes of its first track 'The Eve of the War' for days to come.

• Alien: Earth star teases his mysterious cyborg character in the Hulu sci-fi horror show: 'he's an iPhone 1 in a world of iPhone 20s'
• Spider-Man: Brand New Day behind-the-scenes footage is a breath of fresh air for a Marvel movie, but I don't think it'll last
• Foundation season 3's most explosive episode yet is just the start of 'the wheels coming off the wagon', star teases

• Altman's tweet suggests that ChatGPT-5 Pro is coming to Plus subscribers
• It will be limited to a few queries a month
• The move would add more confusion to the ChatGPT Plus model selector

Following the backlash against OpenAI removing ChatGPT-4o when it introduced ChatGPT-5, the AI giant has now restored access to ChatGPT-4o, but only for ChatGPT Plus subscribers.

Free tier users are limited to just ChatGPT-5 for now, but it seems that CEO Sam Altman and OpenAI aren’t done making changes to its LLM lineup just yet.

In reply to a post on X praising how good GPT-5 Pro is, Altman responded, “We are considering giving a (very) small number of GPT-5 Pro queries each month to Plus subscribers so they can try it out!”

we are considering giving a (very) small number of GPT-5 pro queries each month to plus subscribers so they can try it out! i like it too.but yeah if you wanna pay us $1k a month for 2x the input tokens feels like we should find a way to make that happen... https://t.co/9qC0rsDl6zAugust 11, 2025

Plus users currently get a choice between ChatGPT-5 for fast answers and ChatGPT-5 Thinking for slower, but more thoughtful answers. ChatGPT Pro is essentially the best of both worlds, delivering thoughtful answers at speed.

Making even a few queries a month available to Plus users would represent a serious added value to the $20 (£20 / AU$30) monthly subscription. OpenAI describes ChatGPT-5 Pro as “research grade” AI, and it’s currently only available to $200 (£200 / AU$300) a month ChatGPT Pro subscribers.

Before I get too excited, perhaps it's worth noting the word “considering” is contained in Altman’s tweet, and means that this isn’t definitely going to happen. However, if Altman thinks it’s a good idea, then, being the CEO, he can probably make it happen.

Part of the ethos of ChatGPT-5 was to do away with the confusing LLM line-up and naming conventions that had arisen around ChatGPT-4. The streamlined ChatGPT-5 was supposed to simplify all the different options and intelligently decide which version of the model your query would best respond to.

By giving Plus users access to ChatGPT-5 Pro, in addition to reintroducing ChatGPT-4o, we will essentially be back in the same old situation where people are given too much choice about which model to use, meaning that OpenAI still has a product naming and line-up problem.

• ChatGPT users are not happy with GPT-5 launch as thousands take to Reddit claiming the new upgrade ‘is horrible’
• ChatGPT just created the most ironic movie plot for Final Destination 7, and I would actually stream it over other truly awful installments in the franchise
• Google Gemini has started spiraling into infinite loops of self-loathing – and AI chatbots have never felt more human

LG and Samsung have been locked in an OLED TV battle for a number of years, ever since Samsung reentered the OLED TV market in 2022 with the Samsung S95B.

Samsung has since been our TV of the year winner for two years in a row, with the Samsung S90C taking the crown in 2023 and the Samsung S95D taking the title in 2024. Even so, several LG OLED models still sit on our list for the best OLED TV.

I’ve already tested both brands' 2025 flagship models, the LG G5 and Samsung S95F, side-by-side. Recently, however, I also had the chance to do a side-by-side test of their entry-level OLEDs, the LG B5 and Samsung S85F.

It’s worth noting that both these TVs use the same standard W-OLED display panel. So they can’t really be that different, right? Well, let’s look at the results of my comparison to find out.

With both TVs using the same panel, I expected their brightness measurements to be similar, and that did turn out to be the case. When I measured peak HDR brightness for both TVs, the LG B5 clocked in at 668 nits, and the S85F at 777 nits. I assumed a difference of just over 100 nits wouldn’t make an impact on the picture, but I was wrong.

Although the difference was subtle, the S85F’s picture did have bolder highlights in specific movie scenes. Watching The Batman, highlights from light sources such as lamps and torches in the opening subway fight and crime scene sections were indeed brighter on the S85F. The B5 still demonstrated solid brightness, but I found my eye more drawn to the S85F’s picture.

In demo footage from the Spears & Munsil UHD Benchmark 4K Blu-ray, with images such as the sun behind a satellite dish or a horizon at sunset, the S85F had a bit more vibrancy, which made these highlight areas look more striking.

Both the B5 and S85F demonstrated excellent contrast throughout testing. In The Batman, light sources balanced well with dark tones on screen, creating a good sense of contrast, though the S85F’s higher brightness gave it an edge.

Both TVs also had refined shadow detail when watching The Batman, but the B5 displayed deeper, richer black tones, and it better maintained shadow detail, with the S85F showing minor black crush. In Oppenheimer’s black and white scenes, both TVs again showed a good range of gray tones, but here again, the B5 maintained details in darker areas more accurately than the S85F.

I noticed that while Filmmaker Mode was the more accurate mode for darker movies such as Oppenheimer and The Batman, the differences between the two TVs were more obvious in Cinema mode, especially when it came to brightness, contrast and shadow detail.

Where the B5 and S85F really differed was in their color. Although both use the same OLED panel type, the S85F’s colors had a greater visual punch, especially when evaluating both TVs with their Cinema picture preset active.

In Wicked, during the Wizard & I scene where Elphaba stands under some pink flowers, the flowers looked more vibrant on the S85F than the B5, giving them an eye-popping quality. Elphaba’s green skin also appeared brighter, and later in the Emerald City, the greens appeared more dazzling on the S85F.

Where the B5 differed here was in its color depth. The B5’s deeper blacks had the effect of making the pink flowers and Elphaba’s green skin look richer and more lifelike compared to the S85F.

In the same Spears & Munsil footage, shots of colorful butterflies and flowers looked rich and refined on both TVs, but once again, the B5 displayed deeper, richer, and more subtle hues, whereas the S85F had more outright colorful images. I found myself more drawn to the S85F, especially with both TVs in Cinema mode.

One thing I wanted to test on these TVs was sports viewing. OLEDs typically have very good motion handling, which is why they always feature in our best TVs for sport guide. I’ve found that Samsung TVs require more setup effort when it comes to sports than LG TVs, and it was no different with the S85F.

In Standard mode (color in the B5’s Sports mode is too oversaturated, so I preferred not to use it), the LG B5 displayed superior motion handling. An MLS soccer game I watched via Prime Video in this mode looked fluid and smooth throughout viewing, with no settings changes required.

The S85F, also in its Standard preset, showed several motion artifacts, such as a ghosting ball and some stuttering. Changing blur and judder reduction to 5 did help, but even then, there was some picture judder compared to the B5.

Of the two TVs, the B5 was the clear winner when it came to motion handling.

After testing both the LG B5 and Samsung S85F side-by-side, the differences are generally subtle, so which one you should buy will likely come down to personal preference.

If you want a brighter, bolder-looking TV with more vibrant color, opt for the S85F. If you want a more natural-looking TV with richer blacks, opt for the B5.

Both TVs have the full suite of gaming features we look for on the best gaming TVs, and both have great smart TV platforms. But sports fans will want to go for the B5 due to its superior motion handling.

During my testing, I ultimately found myself more drawn to the S85F. So that’s the one I’d choose, but it was very close.

Honestly, it could all come down to discounts. The 55-inch B5 costs $1,499.99 / £1,399 / AU$1,995, and the 55-inch Samsung S85F costs $1,499.99 / £1,399 / AU$2,495, so in the US and UK, there's currently nothing between them. But as we approach the end of the year, both TVs will inevitably receive discounts, and the amount of those discounts could determine which TV is the better overall value.

• Glare-Free vs anti-reflection: This is how Samsung and LG's flagship OLED TV screens fared when I tested them
• I tested LG, Samsung and Sony's elite 2025 OLED TVs side-by-side – here's the one I'd buy with my own money
• I tested LG's cheapest OLED TV and Samsung's more affordable mini-LED TV side-by-side and I know which one I'd buy

• Modat found more than 1.2 million misconfigured devices leaking info
• This includes MRI scans, X-rays, and other sensitive files, together with patient contact data
• The healthcare industry needs a proactive approach to cybersecurity, researchers warn

Researchers have warned there are currently over a million internet-connected healthcare devices which are misconfigured, leaking all the data they generate online - putting millions of people at risk of identity theft, phishing, wire fraud, and more.

Modat recently scanned the internet in search of misconfigured, non-password protected, devices and their data, and by using the tag ‘HEALTHCARE’, they found more than 1.2 million devices which were generating, and leaking, confidential medical images including MRI scans, X-rays, and even blood work, of hospitals all over the world.

“Examples of data being leaked in this way include brain scans and X-rays, stored alongside protected health information and personally identifiable information of the patient, potentially representing both a breach of patient’s confidentiality and privacy,” the researchers explained.

In some cases, the researchers found information unlocked and available for anyone who knows where to look - and in other cases, the data was protected with such weak and predictable passwords that it posed no challenge to break in and grab them.

“In the worst-case scenario, leaked sensitive medical information could leave unsuspecting victims open to fraud or even blackmail over a confidential medical condition,” they added.

In theory, a threat actor could learn of a patient’s condition before they do. Together with names and contact details, they can reach out to the patient and threaten to release the information to friends and family, unless they pay a ransom.

Alternatively, they could impersonate the doctor or the hospital and send phishing emails inviting the victim to “view sensitive files” which would just redirect them to download malware or share login credentials.

The majority of the misconfigured devices are located in the United States (174K+), with South Africa being close second (172K+). Australia (111K+), Brazil (82K+), and Germany (81K+) round off the top five.

For Modat, a proactive security culture “beats a reactive response”.

“This research reinforces the urgent need for comprehensive asset visibility, robust vulnerability management, and a proactive approach to securing every internet-connected device in healthcare environments, ensuring that sensitive patient data remains protected from unauthorized access and potential exploitation," commented Errol Weiss, Chief Security Officer at Health-ISAC.

• Major breach at medical billing giant sees data on 5.4 million users stolen - here's what we know
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

Online game chats are notorious for vulgar, offensive, and even criminal behavior. Even if only a tiny percentage, the many millions of hours of chat can accumulate a lot of toxic interactions in a way that's a problem for players and video game companies, especially when it involves kids. Roblox has a lot of experience dealing with that aspect of gaming and has used AI to create a whole system to enforce safety rules among its more than 100 million mostly young daily users, Sentinel. Now, it's open-sourcing Sentinel, offering the AI and its capacity for identifying grooming and other dangerous behavior in chat before it escalates for free to any platform.

This isn’t just a profanity filter that gets triggered when someone types a curse word. Roblox has always had that. Sentinel is built to watch patterns over time. It can track how conversations evolve, looking for subtle signs that someone is trying to build trust with a kid in potentially problematic ways. For instance, it might flag a long conversation where an adult-sounding player is just a little too interested in a kid’s personal life.

Sentinel helped Roblox moderators file about 1,200 reports to the National Center for Missing and Exploited Children in just the first half of this year. As someone who grew up in the Wild West of early internet chatrooms, where “moderation” usually meant suspecting that people who used correct spelling and grammar were adults, I can’t overstate how much of a leap forward that feels.

Open-sourcing Sentinel means any game or online platform, whether as big as Minecraft or as small as an underground indie hit, can adapt Sentinel and use it to make their own communities safer. It’s an unusually generous move, albeit one with obvious public relations and potential long-term commercial benefits for the company.

For kids (and their adult guardians), the benefits are obvious. If more games start running Sentinel-style checks, the odds of predators slipping through the cracks go down. Parents get another invisible safety net they didn’t have to set up themselves. And the kids get to focus on playing rather than navigating the online equivalent of a dark alley.

For video games as a whole, it’s a chance to raise the baseline of safety. Imagine if every major game, from the biggest esports titles to the smallest cozy simulators, had access to the same kind of early-warning system. It wouldn’t eliminate the problem, but it could make bad behavior a lot harder to hide.

Of course, nothing with “AI” in the description is without its complications. The most obvious one is privacy. This kind of tool works by scanning what people are saying to each other, in real time, looking for red flags. Roblox says it uses one-minute snapshots of chat and keeps a human review process for anything flagged. But you can’t really get around the fact that this is surveillance, even if it’s well-intentioned. And when you open-source a tool like this, you’re not just giving the good guys a copy; you also make it easier for bad actors to see how you're stopping them and come up with ways around the system.

Then there’s the problem of language itself. People change how they talk all the time, especially online. Slang shifts, in-jokes mutate, and new apps create new shorthand. A system trained to catch grooming attempts in 2024 might miss the ones happening in 2026. Roblox updates Sentinel regularly, both with AI training and human review, but smaller platforms might not have the resources to keep up with what's happening in their chats.

And while no sane person is against stopping child predators or jerks deliberately trying to upset children, AI tools like this can be abused. If certain political talk, controversial opinions, or simply complaints about the game are added to the filter list, there's little players can do about it. Roblox and any companies using Sentinel will need to be transparent, not just with the code, but also with how it's being deployed and what the data it collects will be used for.

It's also important to consider the context of Roblox's decision. The company is facing lawsuits over what's happened with children using the platform. One lawsuit alleges a 13‑year‑old was trafficked after meeting a predator on the platform. Sentinel isn't perfect, and companies using it could still face legal problems. Ideally, it would serve as a component of online safety setups that include things like better user education and parental controls. AI can't replace all safety programs.

Despite the very real problems of deploying AI to help with online safety, I think open-sourcing Sentinel is one of the rare cases where the upside of using AI is both immediate and tangible. I’ve written enough about algorithms making people angry, confused, or broke to appreciate when one is actually pointed toward making people safer. And making it open-source can help make more online spaces safer.

I don’t think Sentinel will stop every predator, and I don’t think it should be a replacement for good parenting, better human moderation, and educating kids about how to be safe when playing online. But as a subtle extra line of defense, Sentinel has a part to play in building better online experiences for kids.

• 'AI Godfather' sounds the alarm on autonomous AI
• OpenAI pulls chat sharing tool after Google search privacy scare
• Character.AI institutes new safety measures for AI chatbot conversations