Perigus Energy, formerly part of Ørsted, has been established following Copenhagen Infrastructure Partners’ acquisition of Ørsted’s European onshore business.

A new onshore renewable energy company has launched in Europe following the completion of Copenhagen Infrastructure Partners (CIP)’s acquisition of Ørsted’s European onshore business, with Cork chosen as its European headquarters.

Perigus Energy already operates across Ireland, Germany, the UK and Spain, with a combined operational and under-construction capacity of 826MW and a multi-gigawatt development pipeline.

The company said Ireland is central to its new operations. Perigus has 373MW of operational onshore wind farms across the island, with a further 179MW currently under construction. Its people, assets and development pipeline here are unaffected by the acquisition.

Two Irish projects are set to reach key milestones in the near term, according to Perigus. The Garreenleen solar project in Carlow, the company’s first solar project in Ireland, is due to be energised this month and will generate 81MW of clean electricity, enough to power around 29,000 homes.

In Tipperary, the Farranrory wind farm is expected to be fully operational later this year, adding nine turbines and 43.2MW of capacity.

Perigus Energy has also secured planning permission for the Brittas wind farm in Tipperary, consent for the 170MW Cappakeel solar farm in Laois, and “provisional success” for the Lodgewood battery energy storage project in Wexford following the latest EirGrid and SONI capacity market auction.

TJ Hunter, Perigus managing director for Ireland and the UK, said the Cork headquarters decision reflects both the company’s heritage and long-term ambitions on the island.

“While our name is new, we are an experienced team with a proven track record of delivery in Ireland since the opening of Owenreagh wind farm in Co Tyrone in 1997,” he said.

CEO Kieran White described the launch as “a very exciting next chapter”, adding that CIP’s backing would enhance the company’s ability to deliver across its investment-ready pipeline spanning wind, solar and battery storage.

Perigus Energy employs more than 200 people across offices in Ireland, Germany, the UK and Spain.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Nexalus was founded by Dr Tony Robinson, Kenneth O’Mahony and Dr Cathal Wilson.

Trinity College Dublin spin-out Nexalus is collaborating with Canadian defence infrastructure manufacturer TuffTek to develop “next-generation” liquid-cooling platforms.

Nexalus’s cooling systems help control temperature in massive thermal energy-generating infrastructure, including data centres, high-performance computing (HPC) facilities and Formula 1 racing.

The Cork-based start-up was founded by Dr Tony Robinson, Kenneth O’Mahony and Dr Cathal Wilson in 2018.

The partnership will develop cooling platforms for HPCs and AI, for modern defence and security operations, reflecting a growing need for infrastructure that can perform in high-intensity environments, a joint press release from the companies read.

Under the collaboration, Nexalus will lead the design and integration of advanced liquid cooling architectures, enabling TuffTek’s platforms to support higher compute densities.

“This collaboration with TuffTek is about applying Nexalus’s engineering solutions in some of the most demanding use cases globally,” said O’Mahony, the company’s CEO. He is also a board member with Irish Manufacturing Research, having previously represented I2E2 as its chairperson.

“By integrating advanced liquid cooling into TuffTek’s ruggedised, deployable platforms, we are enabling a new standard for performance and efficiency at the edge for a rapidly growing market.”

The company’s technology was recognised as part of Fast Company’s 2025 World Changing Ideas list and Time Magazine’s list of best inventions of 2025.

TuffTek founder and CEO John Kadianos said that the collaboration is focused on solving “real operational challenges” in defence environments.

“As compute requirements increase at the edge, thermal management becomes a limiting factor. Nexalus brings a highly innovative approach that allows us to deliver more capable, reliable systems for our customers.”

TuffTek designs its products for critical operations in harsh environments, such as mining, oil and gas.

Nexalus has been previously featured on SiliconRepublic.com’s list of pioneering Irish start-ups.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Hacktivists have claimed responsibility for taking down the public-facing infrastructure of popular Linux operating system distribution Ubuntu, as well as Canonical, the company that develops and maintains the software. The attack began on Thursday, and affected services that Ubuntu users rely on.

“Canonical’s web infrastructure is under a sustained, cross-border attack and we are working to address it. We will provide more information in our official channels as soon as we are able to,” the company said on its website. 

The hacktivists are believed to have launched a distributed denial-of-service, or DDoS, a crude but often effective attack that consists of flooding a target with junk traffic until it overloads or crashes. 

Ubuntu developers have been discussing the attack on an unofficial Ubuntu community forum, claiming that the attack affects Ubuntu’s security API, and several Ubuntu and Canonical websites. According to a post on a threat intelligence forum, the DDoS attack has also made it impossible for users to update and install Ubuntu. TechCrunch verified that updates failed to install on a test device running Ubuntu. 

As of this writing, the outage has been ongoing for around 20 hours.

When contacted, Canonical spokesperson Lelanie de Roubaix reiterated what the company said on is website.

Hacktivists calling themselves The Islamic Cyber Resistance in Iraq 313 Team claimed on its Telegram channel that it was to blame for the DDoS attack.

The hackers claimed to be using Beamed, a DDoS-for-hire service. These types of services, also called booters or stressers, allow anyone to pay to launch DDoS attacks, even if they have no technical skills nor the necessary  infrastructure to flood targets with bogus traffic. The DDoS-for-hire service in this case claims to power attacks in excess of 3.5 Tbps, which is about half of the bandwidth of a cyberattack that Cloudflare last year called the “largest DDoS attack ever recorded.”

For years, authorities such as the FBI and Europol have played a game of whack-a-mole against these services, taking down and seizing domains, and sometimes arresting the people behind them.

This story was updated to include Canonical’s response.

A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums as an improved technique that automates attacks against Microsoft Azure.

The first version of ConsentFix was presented by Push Security last December as a variation of ClickFix for OAuth phishing attacks, which tricks victims into completing a legitimate Microsoft login flow via the Azure CLI.

Using social engineering, the attacker fooled victims into pasting a localhost URL containing an OAuth authorization code that can be used to obtain tokens and hijack the account without passwords, despite multi-factor authentication (MFA).

ConsentFix v2 was developed by researcher John Hammond as a refined version of Push’s original, replacing manual copy/paste with drag-and-drop of the localhost URL, making the phishing flow smoother and more convincing.

ConsentFix v3 preserves the core idea of abusing the OAuth2 authorization code flow and targeting first-party Microsoft apps that are pre-trusted and pre-consented.

However, it brings an improvement by incorporating automation and scalability.

ConsentFix v3 attack flow

According to information retrieved from hacker forums where the new technique is promoted, the attack begins by verifying the presence of Azure in the target environment by checking for valid tenant IDs.

This is followed by gathering employee details such as names, roles, and email addresses to support impersonation.

Next, the attackers create multiple accounts across services such as Outlook, Tutanota, Cloudflare, DocSend, Hunter.io, and Pipedream to support phishing, hosting, data gathering, and exfiltration operations.

Push Security researchers explain that Pipedream, a free-to-use serverless integration platform, plays a central part in automating the attack, serving three critical roles:

1. Is the webhook endpoint that receives the victim’s authorization code
2. It is the automation engine that immediately exchanges that code for a refresh token via Microsoft’s API
3. It is the central collector that makes captured tokens available to us in real time.

In the next phase, the attacker deploys a phishing page hosted on Cloudflare Pages that mimics a legitimate Microsoft/Azure interface and initiates a real OAuth flow through Microsoft’s login endpoint.

When the victim interacts with the page, they are redirected to a localhost URL containing an OAuth authorization code, which they are tricked into pasting or dragging back into the phishing page.

This enables the data exfiltration pipeline, in which the page sends the captured URL to a Pipedream webhook, and the backend automation immediately exchanges the authorization code for tokens.

The phishing emails can be highly personalized, generated from harvested data, and feature malicious links embedded inside a PDF hosted on DocSend to improve credibility and bypass spam filtering.

In the post-exploitation stage, the obtained tokens are imported into Specter Portal, allowing the attacker to interact with compromised Microsoft environments and access resources permitted by the token, such as email, files, and other services tied to the account.

Push Security noted that its testing of ConsentFix v3 relied on its personal Microsoft accounts; as a result, it is difficult to fully appreciate the impact, which depends on permissions, services, and tenant settings, among other factors.

In terms of mitigating ConsentFix risks, Push notes that the endeavor is complicated because trust in first-party apps is architectural, and that Family of Client IDs (FOCI), Microsoft applications that share permissions and refresh tokens, is useful otherwise.

However, there are still steps administrators can take, such as applying token binding to trusted devices, setting up behavioral detection rules, and applying app authentication restrictions.

While ConsentFix attacks are used in actual campaigns, it is unclear if the v3 variant has gained any traction among cybercriminals yet.

AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.

At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.

Claim Your Spot

A garlic-herb salmon with risotto was probably the best among the family meals I tried. The chopped asparagus was less than visually appealing when drizzled in garlic butter, but still tasty and a bit crisp. The salmon was tender and flaky. And the sweet pea risotto had no choice but to be delicious. There was so much cheese, butter, and lemon it was pretty much a concert of fats and acid.

That chicken parm was likewise a mountain of cheese and salt. It reminded me, pleasantly, of countless family meals I had as a child in the 1980s: cheese-topped chicken, garlic bread, shells stuffed with ricotta and topped with even more cheese. The big difference is that there is simply no way my mother would have cooked this meal without a vegetable.

Toval app via Matthew Korfhage

And nutrition is where Toval runs aground a little. The nutritional notes on that chicken parm meal betray 2,300 milligrams of sodium per serving, pretty much the entire daily allowance for an adult human. This is also on par with comparable servings of Stouffer’s meat lasagna. The Tovala meal also carried about 10 times the cholesterol as Stouffer’s.

Many other meals followed a similar pattern, loading up on fats and salt in order to make meals tasty. The net effect is that it’s a lot more like rich restaurant food than what most people prepare at home. Whether this is a good or a bad quality is up to you.

Only one meal of the seven I tried failed utterly: I flagged a teriyaki chicken dinner to my editor as a possible cultural crime against Japan. The meal was sweet soy drenching pale and steaming chicken, with an implausible side of thick egg rolls and some loose, unseasoned broccoli. It felt like the “Japanese” food you’d get at a mall food court in the ’90s. But again, this was a rare major misstep.

A more pernicious issue, in meals designed for the whole family, is the near-universal high-fat, cholesterol, and sodium content. Many with the income and inclination to eat hearty, low-effort meals like the ones from Tovala are either parents with children, or people in the retirement bracket. Each has their own reason to desire a little more nutrition, and less fat and salt.

By the end of a couple of weeks of testing recipes, I’ll admit I felt a little relieved. I was grateful to feel my arteries slowly reopen. Tovala’s culinary model makes a lot of sense to me, as a smart way of splitting the difference between prepared meals and fresh food. And the company has proven it can cook well. It might be nice if they’d also cook a diet that felt more sustainable.

Power up with unlimited access to WIRED. Get best-in-class reporting that’s too important to ignore. Includes unlimited digital access and exclusive subscriber-only content. Subscribe Today.

Writing an email is already one of the more lifeless parts of modern work, so of course the tech industry decided to automate it. AI was meant to ease workloads by managing “grunt” work—dealing repetitive junk, trimming down inbox overload, and giving people their time back. It really sounded like the right idea. But in reality, we are nowhere close to removing the misery of email.

The kind of email you’re already sick of seeing

AI lowers the effort required to produce corporate-sounding language. That means every “just following up,” every “circling back,” every “gentle reminder,” and every “happy to connect” becomes even easier to generate and even harder to escape.

A person who might have skipped sending a pointless email before can now ask AI to draft one in seconds. And the person replying might once have wrapped things up in two short sentences. Now there is always a cleaner, longer, more “professional” version waiting from a chatbot. The Guardian recently reported on worker frustration around AI-generated workplace output, including what some employees now call “workslop.”

AI just gave bad email habits some steroids

Email was never only about communication. It also became a way to signal responsiveness, usefulness, and motion. A fast reply, a full calendar, and a long thread make things look more productive, even when nobody actually needed any of it. AI slides neatly into this culture. It can answer faster, summarize faster, schedule faster, and keep the illusion of progress running all day.

Office email already rewards performance as much as usefulness. Now every half-formed thought can become a polished paragraph. Sentences can be improved, and low-value updates can be padded into something more formal, diplomatic, corporate, and even lifeless. Using AI does not make your communication any better. What you’re getting instead is just more of it. Your inbox has more messages, fillers, and new language designed to sound productive without necessarily being useful.

Things get worse when everyone starts doing it, compounding the issue. One person sends a slick AI-polished email. The reply comes back with its own AI-assisted phrasing. Someone added to the thread later uses AI to summarize the whole exchange before sending another response. And now you have a conversation that technically keeps moving, but feels less and less human with every pass.

So who’s talking to whom?

At that point, bots emailing bots does not sound like a joke anymore. Dedicated tools like AI email assistants and scheduling bots may be useful in isolation, but they are still part of the same problem. Tools like Read AI’s Ada can handle meeting logistics and participate in email threads, which makes the whole “AI talking to AI” scenario feel a lot less ridiculous now.

It started with people leaning on AI for one harmless email, which quickly steamrolled into the whole culture of email becoming even more bloated and more performative. We were supposed to get relief from one of the most draining parts of digital work. And now it feels like new technology is just keeping that machine running rather than getting rid of it.