Backup provider Nakivo has moved to version 11.1 of its Backup & Replication software. Key additions include expanded capabilities in the Proxmox virtualisation environment – an emerging VMware alternative – that include disaster recovery (DR) orchestration. It also adds a much simplified connection to the customer infrastructure for managed service providers (MSPs).
Nakivo also responded to questions about a security vulnerability discovered earlier this year by a third-party security company (see box below).
Nakivo offers backup for virtual machines (VMs) and physical machines, and can protect sources that range from datacentres to edge devices, as well as cloud files and applications. It offers replication and disaster recovery for some environments, with automated failover. All of this is admin-able from a single-pane-of-glass user interface.
According to vice-president for product management Sergei Serdyuk, Nakivo offers data protection at “roughly half the price of competitors” in the backup space.
The company claims 16,000 customers, which include Coca-Cola, Cisco, Siemens, Honda and Radisson, where they are deployed in at least some departments, if not the whole customer environment, according to Serdyuk.
Core among the additions in v11.1 is MSP Direct Connect, which allows service providers to connect to customer environments without the need for open ports and network configuration on the customer side. According to Nakivo, this will allow backup for VMware, Hyper-V, Proxmox VMs and physical machines, as well as working with Nakivo’s site recovery feature.
“Providers can install our solution at the customer site. It can connect to the solution installed at the MSP, and basically off they go. This is to simplify and speed up deployments for MSP customers,” said Serdyuk.
Meanwhile, the new version sees expanded Proxmox capabilities. These include the ability to create VM replicas, boot VMs from Nakivo backups, verify backup integrity and recovery readiness, and restore from tape.
“With the new version, we can create Proxmox VM replicas in the same or different locations,” said Serdyuk. “So, customers can, in case of a disaster, just switch to a replica VM instead of spending time on restore from backup.”
Additionally, Nakivo claims to be the only backup provider that offers disaster recovery for Proxmox environments.
According to Serdyuk, that translates to having in place a site-level workflow that is dependent on replication.
Further additions to the latest version of Nakivo include real-time replication for VMware, which was in beta but is now generally available.
There is also the addition of granular physical backups for Windows and Linux physical machines. This allows for backup of specific files and folders without full backups, and storage of backups in any location, including as copies to comply with 3-2-1 backup plans.
There isn’t a one-size-fits-all when it comes to toys aimed at providing accessibility or inclusion, just like there isn’t one type of disability. Very few toys or brands are actually made with disability at the forefront, the exception being Cute Little Fuckers, a queer,- trans-, and disabled-owned sex toy brand. (I tested three of the brand’s toys, above.)
So instead, I thought of my own needs as someone with upper-limb disabilities, and I talked to other disabled folks, including those who use wheelchairs or have lower-body disabilities, to find out what they look for in their sex toys. This included tools like slings, pillows, and chairs that help with positioning during sex (or solo play). (More on that below.)
Since I have a vagina and upper limb disabilities, many of the toys I tested were aimed at people like me, but many, like app-connected G-spot and clitoral toys, have similar versions with the same in-app features, except for people with penises or those that prefer anal play.
I took many factors intro consideration, including weight, length, girth; whether the toy was easy to hold or could be wedged; if you could just lie on it or use in multiple positions; and if it could be controlled via buttons (and how difficult those might be to press), in-app, or with a remote control. Once the individual realizes what they need from a toy to make it work for their body and ability, it’ll be easier to narrow down the toy that’d work best.
I tested several sex toy holders, including those that fit into a pillow for mounting or lying, and a sex toy holder that suctions to surfaces or straps into place. I also tested several toys that someone can just grind against, lie on, or sit on.
I wasn’t able to test a hand harness to keep the toy in your hand, as it didn’t fit my small hand, but these can be a more controlled way to hold a sex toy rather than wedging with pillows, grinding on, or using a surface mount.
The Liberator Wedge also came highly recommended to me, but I also wasn’t able to test it. This angled pillow makes sex easier for those in non-normative bodies or for those who suffer from pain, as they can reach the angles and positions needed to relieve pressure. As I mentioned above, a pillow also helps to achieve deeper penetration with partners with smaller penises or bigger bodies, where genitals can be trickier to reach without additional help.
Brands like IntimateRider make chairs and sex accessories for wheelchair users, paraplegics, and others who have spinal cord injuries and similar disabilities where traditional sex may not be an option without these valuable tools.
The recent exploitation of CVE-2026-21509 by Russia’s APT28 group, just days after Microsoft disclosed and patched it, isn’t merely another security incident to file away. It’s a flashing red warning indicator that the aggregation risk and our dependence on a default software platform is creating systemic risk in a world where spreadsheets and spyware are equally viable warfare tools.
APT28, also known as Fancy Bear, BlueDelta and Forest Blizzard, isn’t some shadowy newcomer. This unit of Russia’s GRU military intelligence has been wreaking havoc since at least 2007. They may have interfered in the 2016 US presidential election, compromised the World Anti-Doping Agency, targeted Nato, and they are credited with conducting countless operations against Ukrainian infrastructure. They’re sophisticated, relentless, and have a particular fondness for Microsoft’s ecosystem.
In recent years, they’ve exploited vulnerabilities in Microsoft Exchange, Outlook, and now Office itself. Their tradecraft isn’t opportunistic – it’s industrial-scale cyber warfare executed with military precision.
Severe Office vulnerability
Only recently we witnessed their latest attack. The timeline gives rise for concern as Microsoft issued an out-of-band patch for a high-severity Office vulnerability on 26 January.
Three days later, malicious documents exploiting that exact flaw started circulating in Ukraine. Phishing lure files appear to have been crafted within 24 hours of Microsoft disclosing the software flaw, a single day after the patch dropped.
Think about that timeline – this is an adversary that was either tipped off, had advance access, or was already weaponising the vulnerability before the patch even existed.
This is an adversary that was either tipped off, had advance access, or was already weaponising the vulnerability before the patch even existed Bill McCluggage
CVE-2026-21509 is a security feature bypass – the kind of flaw that tricks users into opening crafted Office files that deliver MiniDoor malware, designed to harvest and exfiltrate victims’ emails, along with PixyNetLoader malware, designed to implant malicious software on compromised systems.
The problem is structural. IT professionals know that deploying patches isn’t instantaneous. They take time, albeit in some cases automated updates can be relatively quick. But in a conflict zone wrestling with bandwidth constraints, outdated systems, and limited access to enterprise-grade licensing, that vulnerability window becomes a chasm.
If Ukrainian organisations are running older Office builds because they lack resources for restrictive, subscription-based licensing, or can’t afford IT automation for patching, they’re sitting ducks. This is a strategic liability, and other nations need to understand the systemic risk they too face.
Microsoft’s patching cadence deserves further scrutiny, and this incident highlights that recognition delays matter, even outside of active conflict zones. When vulnerabilities are actively exploited before patches arrive or are installed, we’re no longer managing risk, we’re into documenting damage and incident recovery.
Delays in Microsoft patch deployment shouldn’t be inevitable – when your patch management depends on manual schedules, restricted bandwidth, or enterprise support you can’t access, that delay becomes a shooting gallery for groups like APT28.
Recent Azure outages, whether from cyber attacks or botched updates, have demonstrated how a single point of failure implanted in Redmond can cascade globally. When national governments, critical infrastructure, and essential services run on cloud platforms controlled by one company, we’re not just talking about vendor lock-in. We’re talking about digital colonialism disguised as convenience that introduces systemic risk.
Market concentration compounds this risk. When a single platform is effectively the default across governments and corporations globally, vulnerabilities don’t fail in isolation – they fester and spread.
Licensing models and interoperability barriers that discourage diversification entrench this monoculture. The result is aggregation risk on a geopolitical scale – its bugs are potential weapons in grey-zone conflicts where every user is a potential target, and every attachment could be a trap.
This isn’t just a cyber security challenge – it’s a market structure problem. Structural risks require structural remedies. Bodies like the UK Competition and Markets Authority (CMA) and the European Commission’s Directorate-General for Competition have a clear role here, by ensuring that concentration in productivity and cloud services does not translate into national and global security vulnerabilities.
The ability to diversify and introduce real competition in secure cloud and productivity ecosystems is becoming a matter of digital sovereignty and defence resilience.
The way forward
So what’s the path forward? Microsoft must rethink vulnerability disclosure and patching for high-impact products introducing faster mitigation pathways and protective heuristics that can be deployed before formal patches are released.
Enterprises and governments need to invest in automated patch management and redundancy planning.
And regulators need to recognise that monoculture is inseparable from security risk.
The next frontier of cyber security policy isn’t just about defending networks – it’s about making markets safer by design.
Bill McCluggage was director of IT strategy and policy in the Cabinet Office and deputy government CIO from 2009 to 2012.
Employees at Salesforce are circulating an internal letter to chief executive Marc Benioff calling on him to denounce recent actions by US Immigration and Customs Enforcement, prohibit the use of Salesforce software by immigration agents, and back federal legislation that would significantly reform the agency.
The letter specifically cites the “recent killings of Renee Good and Alex Pretti in Minneapolis” as catalysts, calling them the “devastating indictment of a system that has discarded human decency.” It’s unclear how many signatories the letter has received so far.
The letter, which has not been reported on previously, is being organized amid Salesforce’s annual leadership kickoff event this week in Las Vegas. During an appearance at the event earlier today, Benioff asked international employees to stand to thank them for attending. He then joked that ICE agents were in the building monitoring them, according to current and former Salesforce employees who spoke to WIRED.
Benioff’s remarks sparked immediate backlash among employees. “Lots of people are furious,” says one source, who asked to remain anonymous for fear of retaliation. Another source tells WIRED that the internal pushback today was significantly more forceful than after Benioff made other controversial comments last fall supporting President Trump’s call to deploy the National Guard to San Francisco to address crime.
Salesforce did not immediately respond to a request for comment from WIRED. Business Insider and 404 Media previously reported on Benioff’s remarks and the reaction to them inside Salesforce.
“We are deeply troubled by leaked documentation revealing that Salesforce has pitched AI technology to U.S. Immigration and Customs Enforcement to help the agency ‘expeditiously’ hire 10,000 new agents and vet tip-line reports,” the letter reads. “Providing ‘Agentforce’ infrastructure to scale a mass deportation agenda that currently detains 66,000 people—73 percent of whom have no criminal record—represents a fundamental betrayal of our commitment to the ethical use of technology.”
The letter argues that Benioff’s voice “carries unique weight in Washington,” pointing to an episode last fall when Trump called off an ICE deployment in San Francisco after what appeared to be outreach from Bay Area tech leaders, including Benioff and Nvidia CEO Jensen Huang. It urges Benioff to use that influence as a “corporate statesman” to issue a public statement condemning what it calls ICE’s unconstitutional conduct and to commit Salesforce to clear “red lines” barring the use of its cloud and AI products for state violence.
Benioff has weighed in on both national and local political issues for years. He supported Democratic presidential candidate Hillary Clinton in 2016 and later became one of the most high-profile backers of Proposition C, a failed San Francisco ballot measure that would have raised taxes to fund programs to address homelessness. In 2020, he donated to the primary campaigns of some Democratic presidential candidates, including Kamala Harris.
But since Trump returned to the White House in January, Benioff has signaled greater support for some Republican leaders. In one interview, he said he strives to stay nonpartisan because he also owns Time magazine. But he also joked that, while he declined to contribute to Trump’s inauguration fund directly, he had “donated” a photo of the president on the magazine’s cover, which named him its 2024 Person of the Year. “He can use the Time magazine cover for free,” Benioff said in the interview with Fortune.
Benioff also faced backlash from Salesforce employees last fall when he suggested the National Guard should be sent to San Francisco to tackle crime ahead of the company’s annual conference in the city. He later apologized for the remarks, explaining they stemmed from genuine concerns about safety. He later reversed his stance and joined Nvidia’s Huang in asking Trump to refrain from sending troops.
Entertainment5 days ago
Tech1 week ago
Fashion1 week ago
Tech1 week ago
Fashion1 week ago
Fashion1 week ago
Fashion1 week ago