In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings.
The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by ProPublica.
Advertisement
Or, as one member of the team put it: “The package is a pile of shit.”
For years, reviewers said, Microsoft had tried and failed to fully explain how it protects sensitive information in the cloud as it hops from server to server across the digital terrain. Given that and other unknowns, government experts couldn’t vouch for the technology’s security.
Such judgments would be damning for any company seeking to sell its wares to the U.S. government, but it should have been particularly devastating for Microsoft. The tech giant’s products had been at the heart of two major cybersecurity attacks against the U.S. in three years. In one, Russian hackers exploited a weakness to steal sensitive data from a number of federal agencies, including the National Nuclear Security Administration. In the other, Chinese hackers infiltrated the email accounts of a Cabinet member and other senior government officials.
The federal government could be further exposed if it couldn’t verify the cybersecurity of Microsoft’s Government Community Cloud High, a suite of cloud-based services intended to safeguard some of the nation’s most sensitive information.
Advertisement
Yet, in a highly unusual move that still reverberates across Washington, the Federal Risk and Authorization Management Program, or FedRAMP, authorized the product anyway, bestowing what amounts to the federal government’s cybersecurity seal of approval. FedRAMP’s ruling — which included a kind of “buyer beware” notice to any federal agency considering GCC High — helped Microsoft expand a government business empire worth billions of dollars.
“BOOM SHAKA LAKA,” Richard Wakeman, one of the company’s chief security architects, boasted in an online forum, celebrating the milestone with a meme of Leonardo DiCaprio in “The Wolf of Wall Street.” Wakeman did not respond to requests for comment.
It was not the type of outcome that federal policymakers envisioned a decade and a half ago when they embraced the cloud revolution and created FedRAMP to help safeguard the government’s cybersecurity. The program’s layers of review, which included an assessment by outside experts, were supposed to ensure that service providers like Microsoft could be entrusted with the government’s secrets. But ProPublica’s investigation — drawn from internal FedRAMP memos, logs, emails, meeting minutes, and interviews with seven former and current government employees and contractors — found breakdowns at every juncture of that process. It also found a remarkable deference to Microsoft, even as the company’s products and practices were central to two of the most damaging cyberattacks ever carried out against the government.
FedRAMP first raised questions about GCC High’s security in 2020 and asked Microsoft to provide detailed diagrams explaining its encryption practices. But when the company produced what FedRAMP considered to be only partial information in fits and starts, program officials did not reject Microsoft’s application. Instead, they repeatedly pulled punches and allowed the review to drag out for the better part of five years. And because federal agencies were allowed to deploy the product during the review, GCC High spread across the government as well as the defense industry. By late 2024, FedRAMP reviewers concluded that they had little choice but to authorize the technology — not because their questions had been answered or their review was complete, but largely on the grounds that Microsoft’s product was already being used across Washington.
Advertisement
Today, key parts of the federal government, including the Justice and Energy departments, and the defense sector rely on this technology to protect highly sensitive information that, if leaked, “could be expected to have a severe or catastrophic adverse effect” on operations, assets and individuals, the government has said.
“This is not a happy story in terms of the security of the U.S.,” said Tony Sager, who spent more than three decades as a computer scientist at the National Security Agency and now is an executive at the nonprofit Center for Internet Security.
For years, the FedRAMP process has been equated with actual security, Sager said. ProPublica’s findings, he said, shatter that facade.
“This is not security,” he said. “This is security theater.”
Advertisement
ProPublica is exposing the government’s reservations about this popular product for the first time. We are also revealing Microsoft’s yearslong inability to provide the encryption documentation and evidence the federal reviewers sought.
The revelations come as the Justice Department ramps up scrutiny of the government’s technology contractors. In December, the department announced the indictment of a former employee of Accenture who allegedly misled federal agencies about the security of the company’s cloud platform and its compliance with FedRAMP’s standards. She has pleaded not guilty. Accenture, which was not charged with wrongdoing, has said that it “proactively brought this matter to the government’s attention” and that it is “dedicated to operating with the highest ethical standards.”
Microsoft has also faced questions about its disclosures to the government. As ProPublica reported last year, the company failed to inform the Defense Department about its use of China-based engineers to maintain the government’s cloud systems, despite Pentagon rules stipulating that “No Foreign persons may have” access to its most sensitive data. The department is investigating the practice, which officials say could have compromised national security.
Microsoft has defended its program as “tightly monitored and supplemented by layers of security mitigations,” but after ProPublica’s story published last July, the company announced that it would stop using China-based engineers for Defense Department work.
Advertisement
In response to written questions for this story and in an interview, Microsoft acknowledged the yearslong confrontation with FedRAMP but also said it provided “comprehensive documentation” throughout the review process and “remediated findings where possible.”
“We stand by our products and the comprehensive steps we’ve taken to ensure all FedRAMP-authorized products meet the security and compliance requirements necessary,” a spokesperson said in a statement, adding that the company would “continue to work with FedRAMP to continuously review and evaluate our services for continued compliance.”
The program was an early target of the Trump administration’s Department of Government Efficiency, which slashed its staff and budget. Even FedRAMP acknowledges it is operating “with an absolute minimum of support staff” and “limited customer service.” The roughly two dozen employees who remain are “entirely focused on” delivering authorizations at a record pace, FedRAMP’s director has said. Today, its annual budget is just $10 million, its lowest in a decade, even as it has boasted record numbers of new authorizations for cloud products.
Advertisement
The consequence of all this, people who have worked for FedRAMP told ProPublica, is that the program now is little more than a rubber stamp for industry. The implications of such a downsizing for federal cybersecurity are far-reaching, especially as the administration encourages agencies to adopt cloud-based artificial intelligence tools, which draw upon reams of sensitive information.
The General Services Administration, which houses FedRAMP, defended the program, saying it has undergone “significant reforms to strengthen governance” since GCC High arrived in 2020. “FedRAMP’s role is to assess if cloud services have provided sufficient information and materials to be adequate for agency use, and the program today operates with strengthened oversight and accountability mechanisms to do exactly that,” a GSA spokesperson said in an emailed statement.
The agency did not respond to written questions regarding GCC High.
A “Cloud First” World
About two decades ago, federal officials predicted that the cloud revolution, providing on-demand access to shared computing via the internet, would usher in an era of cheaper, more secure and more efficient information technology.
Advertisement
Moving to the cloud meant shifting away from on-premises servers owned and operated by the government to those in massive data centers maintained by tech companies. Some agency leaders were reluctant to relinquish control, while others couldn’t wait to.
In an effort to accelerate the transition, the Obama administration issued its “Cloud First” policy in 2011, requiring all agencies to implement cloud-based tools “whenever a secure, reliable, cost-effective” option existed. To facilitate adoption, the administration created FedRAMP, whose job was to ensure the security of those tools.
FedRAMP’s “do once, use many times” system was intended to streamline and strengthen the government procurement process. Previously, each agency using a cloud service vetted it separately, sometimes applying different interpretations of federal security requirements. Under the new program, agencies would be able to skip redundant security reviews because FedRAMP authorization indicated that the product had already met standardized requirements. Authorized products would be listed on a government website known as the FedRAMP Marketplace.
On paper, the program was an exercise in efficiency. But in practice, the small FedRAMP team could not keep up with the flood of demand from tech companies that wanted their products authorized.
Advertisement
The slow approval process frustrated both the tech industry, eager for a share in the billions of federal dollars up for grabs, and government agencies that were under pressure to migrate to the cloud. These dynamics sometimes pitted the cloud industry and agency officials together against FedRAMP. The backlog also prompted many agencies to take an alternative path: performing their own reviews of the products they wanted to adopt, using FedRAMP’s standards.
It was through this “agency path” that GCC High entered the federal bloodstream, with the Justice Department paving the way. Initially, some Justice officials were nervous about the cloud and who might have access to its information, which includes highly sensitive court and law enforcement records, a Justice Department official involved in the decision told ProPublica. The department’s cybersecurity program required it to ensure that only U.S. citizens “access or assist in the development, operation, management, or maintenance” of its IT systems, unless a waiver was granted. Justice’s IT specialists recommended pursuing GCC High, believing it could meet the elevated security needs, according to the official, who spoke on condition of anonymity because they were not authorized to discuss internal matters.
Pursuant to FedRAMP’s rules, Microsoft had GCC High evaluated by a so-called third-party assessment organization, which is supposed to provide an independent review of whether the product has met federal standards. The Justice Department then performed its own evaluation of GCC High using those standards and ruled the offering acceptable.
By early 2020, Melinda Rogers, Justice’s deputy chief information officer, made the decision official and soon deployed GCC High across the department.
Advertisement
It was a milestone for all involved. Rogers had ushered the Justice Department into the cloud, and Microsoft had gained a significant foothold in the cutthroat market for the federal government’s cloud computing business.
Moreover, Rogers’ decision placed GCC High on the FedRAMP Marketplace, the government’s influential online clearinghouse of all the cloud providers that are under review or already authorized. Its mere mention as “in process” was a boon for Microsoft, amounting to free advertising on a website used by organizations seeking to purchase cloud services bearing what is widely seen as the government’s cybersecurity seal of approval.
That April, GCC High landed at FedRAMP’s office for review, the final stop on its bureaucratic journey to full authorization.
Microsoft’s Missing Information
In theory, there shouldn’t have been much for FedRAMP’s team to do after the third-party assessor and Justice reviewed GCC High, because all parties were supposed to be following the same requirements.
Advertisement
But it was around this time that the Government Accountability Office, which investigates federal programs, discovered breakdowns in the process, finding that agency reviews sometimes were lacking in quality. Despite missing details, FedRAMP went on to authorize many of these packages. Acknowledging these shortcomings, FedRAMP began to take a harder look at new packages, a former reviewer said.
This was the environment in which Microsoft’s GCC High application entered the pipeline. The name GCC High was an umbrella covering many services and features within Office 365 that all needed to be reviewed. FedRAMP reviewers quickly noticed key material was missing.
The team homed in on what it viewed as a fundamental document called a “data flow diagram,” former members told ProPublica. The illustration is supposed to show how data travels from Point A to Point B — and, more importantly, how it’s protected as it hops from server to server. FedRAMP requires data to be encrypted while in transit to ensure that sensitive materials are protected even if they’re intercepted by hackers.
But when the FedRAMP team asked Microsoft to produce the diagrams showing how such encryption would happen for each service in GCC High, the company balked, saying the request was too challenging. So the reviewers suggested starting with just Exchange Online, the popular email platform.
Advertisement
“This was our litmus test to say, ‘This isn’t the only thing that’s required, but if you’re not doing this, we are not even close yet,’” said one reviewer who spoke on condition of anonymity because they were not authorized to discuss internal matters. Once they reached the appropriate level of detail, they would move from Exchange to other services within GCC High.
It was the kind of detail that other major cloud providers such as Amazon and Google routinely provided, members of the FedRAMP team told ProPublica. Yet Microsoft took months to respond. When it did, the former reviewer said, it submitted a white paper that discussed GCC High’s encryption strategy but left out the details of where on the journey data actually becomes encrypted and decrypted — so FedRAMP couldn’t assess that it was being done properly.
A Microsoft spokesperson acknowledged that the company had “articulated a challenge related to illustrating the volume of information being requested in diagram form” but “found alternate ways to share that information.”
Rogers, who was hired by Microsoft in 2025, declined to be interviewed. In response to emailed questions, the company provided a statement saying that she “stands by the rigorous evaluation that contributed to” her authorization of GCC High. A spokesperson said there was “absolutely no connection” between her hiring and the decisions in the GCC High process, and that she and the company complied with “all rules, regulations, and ethical standards.”
Advertisement
The Justice Department declined to respond to written questions from ProPublica.
A Fight Over “Spaghetti Pies”
As 2020 came to a close, a national security crisis hit Washington that underscored the consequences of cyber weakness. Russian state-sponsored hackers had been quietly working their way through federal computer systems for much of the year and vacuuming up sensitive data and emails from U.S. agencies — including the Justice Department.
At the time, most of the blame fell on a Texas-based company called SolarWinds, whose software provided hackers their initial opening and whose name became synonymous with the attack. But, as ProPublica has reported, the Russians leveraged that opening to exploit a long-standing weakness in a Microsoft product — one that the company had refused to fix for years, despite repeated warnings from one of its engineers. Microsoft has defended its decision not to address the flaw, saying that it received “multiple reviews” and that the company weighs a variety of factors when making security decisions.
In the aftermath, the Biden administration took steps to bolster the nation’s cybersecurity. Among them, the Justice Department announced a cyber-fraud initiative in 2021 to crack down on companies and individuals that “put U.S. information or systems at risk by knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cybersecurity incidents and breaches.”
Advertisement
Deputy Attorney General Lisa Monaco said the department would use the False Claims Act to pursue government contractors “when they fail to follow required cybersecurity standards — because we know that puts all of us at risk.”
But if Microsoft felt any pressure from the SolarWinds attack or from the Justice Department’s announcement, it didn’t manifest in the FedRAMP talks, according to former members of the FedRAMP team.
The discourse between FedRAMP and Microsoft fell into a pattern. The parties would meet. Months would go by. Microsoft would return with a response that FedRAMP deemed incomplete or irrelevant. To bolster the chances of getting the information it wanted, the FedRAMP team provided Microsoft with a template, describing the level of detail it expected. But the diagrams Microsoft returned never met those expectations.
“We never got past Exchange,” one former reviewer said. “We never got that level of detail. We had no visibility inside.”
Advertisement
In an interview with ProPublica, John Bergin, the Microsoft official who became the government’s main contact, acknowledged the prolonged back-and-forth but blamed FedRAMP, equating its requests for diagrams to a “rock fetching exercise.”
“We were maybe incompetent in how we drew drawings because there was no standard to draw them to,” he said. “Did we not do it exactly how they wanted? Absolutely. There was always something missing because there was no standard.”
A Microsoft spokesperson said without such a standard, “cloud providers were left to interpret the level of abstraction and representation on their own,” creating “inconsistency and confusion, not an unwillingness to be transparent.”
But even Microsoft’s own engineers had struggled over the years to map the architecture of its products, according to two people involved in building cloud services used by federal customers. At issue, according to people familiar with Microsoft’s technology, was the decades-old code of its legacy software, which the company used in building its cloud services.
Advertisement
One FedRAMP reviewer compared it to a “pile of spaghetti pies.” The data’s path from Point A to Point B, the person said, was like traveling from Washington to New York with detours by bus, ferry and airplane rather than just taking a quick ride on Amtrak. And each one of those detours represents an opportunity for a hijacking if the data isn’t properly encrypted.
Other major cloud providers such as Amazon and Google built their systems from the ground up, said Sager, the former NSA computer scientist, who worked with all three companies during his time in government.
Microsoft’s system is “not designed for this kind of isolation of ‘secure’ from ‘not secure,’” Sager said.
A Microsoft spokesperson acknowledged the company faces a unique challenge but maintained that its cloud products meet federal security requirements.
Advertisement
“Unlike providers that started later with a narrower product scope, Microsoft operates one of the broadest enterprise and government platforms in the world, supporting continuity for millions of customers while simultaneously modernizing at scale,” the spokesperson said in emailed responses. “That complexity is not ‘spaghetti,’ but it does mean the work of disentangling, isolating, and hardening systems is continuous.”
The spokesperson said that since 2023, Microsoft has made “security‑first architectural redesign, legacy risk reduction, and stronger isolation guarantees a top, company‑wide priority.”
Assessors Back-Channel Cyber Concerns
The FedRAMP team was not the only party with reservations about GCC High. Microsoft’s third-party assessment organizations also expressed concerns.
The firms are supposed to be independent but are hired and paid by the company being assessed. Acknowledging the potential for conflicts of interest, FedRAMP has encouraged the assessment firms to confidentially back-channel to its reviewers any negative feedback that they were unwilling to bring directly to their clients or reflect in official reports.
Advertisement
In 2020, two third-party assessors hired by Microsoft, Coalfire and Kratos, did just that. They told FedRAMP that they were unable to get the full picture of GCC High, a former FedRAMP reviewer told ProPublica.
“Coalfire and Kratos both readily admitted that it was difficult to impossible to get the information required out of Microsoft to properly do a sufficient assessment,” the reviewer told ProPublica.
The back channel helped surface cybersecurity issues that otherwise might never have been known to the government, people who have worked with and for FedRAMP told ProPublica. At the same time, they acknowledged its existence undermined the very spirit and intent of having independent assessors.
A spokesperson for Coalfire, the firm that initially handled the GCC High assessment, requested written questions from ProPublica, then declined to respond.
Advertisement
A spokesperson for Kratos, which replaced Coalfire as the GCC High assessor, declined an interview request. In an emailed response to written questions, the spokesperson said the company stands by its official assessment and recommendation of GCC High and “absolutely refutes” that it “ever would sign off on a product we were unable to fully vet.” The company “has open and frank conversations” with all customers, including Microsoft, which “submitted all requisite diagrams to meet FedRAMP-defined requirements,” the spokesperson said.
Kratos said it “spent extensive time working collaboratively with FedRAMP in their review” and does not consider such discussions to be “backchanneling.”
FedRAMP, however, was dissatisfied with Kratos’ ongoing work and believed the firm “should be pushing back” on Microsoft more, the former reviewer said. It placed Kratos on a “corrective action plan,” which could eventually result in loss of accreditation. The company said it did not agree with FedRAMP’s action but provided “additional trainings for some internal assessors” in response to it.
The Microsoft spokesperson told ProPublica the company has “always been responsive to requests” from Kratos and FedRAMP. “We are not aware of any backchanneling, nor do we believe that backchanneling would have been necessary given our transparency and cooperation with auditor requests,” the spokesperson said.
Advertisement
In response to questions from ProPublica about the process, the GSA said in an email that FedRAMP’s system “does not create an inherent conflict of interest for professional auditors who meet ethical and contractual performance expectations.”
GSA did not respond to questions about back-channeling but said the “correct process” is for a third-party assessor to “state these problems formally in a finding during the security assessment so that the cloud service provider has an opportunity to fix the issue.”
FedRAMP Ends Talks
The back-and-forth between the FedRAMP reviewers and Microsoft’s team went on for years with little progress. Then, in the summer of 2023, the program’s interim director, Brian Conrad, got a call from the White House that would alter the course of the review.
Chinese state-sponsored hackers had infiltrated GCC, the lower-cost version of Microsoft’s government cloud, and stolen data and emails from the commerce secretary, the U.S. ambassador to China and other high-ranking government officials. In the aftermath, Chris DeRusha, the White House’s chief information security officer, wanted a briefing from FedRAMP, which had authorized GCC.
Advertisement
The decision predated Conrad’s tenure, but he told ProPublica that he left the conversation with several takeaways. First, FedRAMP must hold all cloud providers — including Microsoft — to the same standards. Second, he had the backing of the White House in standing firm. Finally, FedRAMP would feel the political heat if any cloud service with a FedRAMP authorization were hacked.
DeRusha confirmed Conrad’s account of the phone call but declined to comment further.
Within months, Conrad informed Microsoft that FedRAMP was ending the engagement on GCC High.
“After three years of collaboration with the Microsoft team, we still lack visibility into the security gaps because there are unknowns that Microsoft has failed to address,” Conrad wrote in an October 2023 email. This, he added, was not for FedRAMP’s lack of trying. Staffers had spent 480 hours of review time, had conducted 18 “technical deep dive” sessions and had numerous email exchanges with the company over the years. Yet they still lacked the data flow diagrams, crucial information “since visibility into the encryption status of all data flows and stores is so important,” he wrote.
Advertisement
If Microsoft still wanted FedRAMP authorization, Conrad wrote, it would need to start over.
A FedRAMP reviewer, explaining the decision to the Justice Department, said the team was “not asking for anything above and beyond what we’ve asked from every other” cloud service provider, according to meeting minutes reviewed by ProPublica. But the request was particularly justified in Microsoft’s case, the reviewer told the Justice officials, because “each time we’ve actually been able to get visibility into a black box, we’ve uncovered an issue.”
“We can’t even quantify the unknowns, which makes us very uncomfortable,” the reviewer said, according to the minutes.
Microsoft and the Justice Department Push Back
Microsoft was furious. Failing to obtain authorization and starting the process over would signal to the market that something was wrong with GCC High. Customers were already confused and concerned about the drawn-out review, which had become a hot topic in an online forum used by government and technology insiders. There, Wakeman, the Microsoft cybersecurity architect, deflected blame, saying the government had been “dragging their feet on it for years now.”
Advertisement
Meanwhile, to build support for Microsoft’s case, Bergin, the company’s point person for FedRAMP and a former Army official, reached out to government leaders, including one from the Justice Department.
The Justice official, who spoke on condition of anonymity because they were not authorized to discuss the matter, said Bergin complained that the delay was hampering Microsoft’s ability “to get this out into the market full sail.” Bergin then pushed the Justice Department to “throw around our weight” to help secure FedRAMP authorization, the official said.
That December, as the parties gathered to hash things out at GSA’s Washington headquarters, Justice did just that. Rogers, who by then had been promoted to the department’s chief information officer, sat beside Bergin — on the opposite side of the table from Conrad, the FedRAMP director.
Rogers and her Justice colleagues had a stake in the outcome. Since authorizing and deploying GCC High, she had receivedaccolades for her work modernizing the department’s IT and cybersecurity. But without FedRAMP’s stamp of approval, she would be the government official left holding the bag if GCC High were involved in a serious hack. At the same time, the Justice Department couldn’t easily back out of using GCC High because once a technology is widely deployed, pulling the plug can be costly and technically challenging. And from its perspective, the cloud was an improvement over the old government-run data centers.
Advertisement
Shortly after the meeting kicked off, Bergin interrupted a FedRAMP reviewer who had been presenting PowerPoint slides. He said the Justice Department and third-party assessor had already reviewed GCC High, according to meeting minutes. FedRAMP “should essentially just accept” their findings, he said.
Then, in a shock to the FedRAMP team, Rogers backed him up and went on to criticize FedRAMP’s work, according to two attendees.
In its statement, Microsoft said Rogers maintains that FedRAMP’s approach “was misguided and improperly dismissed the extensive evaluations performed by DOJ personnel.”
Bergin did not dispute the account, telling ProPublica that he had been trying to argue that it is the purview of third-party assessors such as Kratos — not FedRAMP — to evaluate the security of cloud products. And because FedRAMP must approve the third-party assessment firms, the program should have taken its issues up with Kratos.
Advertisement
“When you are the regulatory agency who determines who the auditors are and you refuse to accept your auditors’ answers, that’s not a ‘me’ problem,” Bergin told ProPublica.
The GSA did not respond to questions about the meeting. The Justice Department declined to comment.
Pressure Mounts on FedRAMP
If there was any doubt about the role of FedRAMP, the White House issued a memorandum in the summer of 2024 that outlined its views. FedRAMP, it said, “must be capable of conducting rigorous reviews” and requiring cloud providers to “rapidly mitigate weaknesses in their security architecture.” The office should “consistently assess and validate cloud providers’ complex architectures and encryption schemes.”
But by that point, GCC High had spread to other federal agencies, with the Justice Department’s authorization serving as a signal that the technology met federal standards.
Advertisement
It also spread to the defense sector, since the Pentagon required that cloud products used by its contractors meet FedRAMP standards. While it did not have FedRAMP authorization, Microsoft marketed GCC High as meeting the requirements, selling it to companies such as Boeing that research, develop and maintain military weapons systems.
But with the FedRAMP authorization up in the air, some contractors began to worry that by using GCC High, they were out of compliance. That could threaten their contracts, which, in turn, could impact Defense Department operations. Pentagon officials called FedRAMP to inquire about the authorization stalemate.
The Defense Department acknowledged but did not respond to written questions from ProPublica.
Rogers also kept pressing FedRAMP to “get this thing over the line,” former employees of the GSA and FedRAMP said. It was the “opinion of the staff and the contractors that she simply was not willing to put heat to Microsoft on this” and that the Justice Department “was too sympathetic to Microsoft’s claims,” Eric Mill, then GSA’s executive director for cloud strategy, told ProPublica.
Advertisement
Authorization Despite a “Damning” Assessment
In the summer of 2024, FedRAMP hired a new permanent director, government technology insider Pete Waterman. Within about a month of taking the job, he restarted the office’s review of GCC High with a new team, which put aside the debate over data flow diagrams and instead attempted to examine evidence from Microsoft. But these reviewers soon arrived at the same conclusion, with the team’s leader complaining about “getting stiff-armed” by Microsoft.
“He came back and said, ‘Yeah, this thing sucks,’” Mill recalled.
While the team was able to work through only two of the many services included in GCC High, Exchange Online and Teams, that was enough for it to identify “issues that are fundamental” to risk management, including “timely remediation of vulnerabilities and vulnerability scanning,” according to a summary of the team’s findings reviewed by ProPublica.
Those issues, as well as a lack of “proper detailed security documentation” from Microsoft, limit “visibility and understanding of the system” and “impair the ability to make informed risk decisions.”
Advertisement
The team concluded, “There is a lack of confidence in assessing the system’s overall security posture.”
A Microsoft spokesperson said in a statement that the company “never received this feedback in any of its communications with FedRAMP.”
When ProPublica read the findings to Bergin, the Microsoft liaison, he said he was surprised.
“That’s pretty damning,” Bergin said, adding that it sounded like language that “would’ve generally been associated with a finding of ‘not worthy.’ If an assessor wrote that, I would be nervous.”
Advertisement
Despite the findings, to the FedRAMP team, turning Microsoft down didn’t seem like an option. “Not issuing an authorization would impact multiple agencies that are already using GCC-H,” the summary document said. The team determined that it was a “better value” to issue an authorization with conditions for continued government oversight.
While authorizations with oversight conditions weren’t unusual, arriving at one under these circumstances was. GCC High reviewers saw problems everywhere, both in what they were able to evaluate and what they weren’t. To them, most of the package remained a vast wilderness of untold risk.
Nevertheless, FedRAMP and Microsoft reached an agreement, and the day after Christmas 2024, GCC High received its FedRAMP authorization. FedRAMP appended a cover report to the package laying out its deficiencies and noting it carried unknown risks, according to people familiar with the report.
It emphasized that agencies should carefully review the package and engage directly with Microsoft on any questions.
Advertisement
“Unknown Unknowns” Persist
Microsoft told ProPublica that it has met the conditions of the agreement and has “stayed within the performance metrics required by FedRAMP” to ensure that “risks are identified, tracked, remediated, and transparently communicated.”
But under the Trump administration, there aren’t many people left at FedRAMP to check.
While the Biden-era guidance said FedRAMP “must be an expert program that can analyze and validate the security claims” of cloud providers, the GSA told ProPublica that the program’s role is “not to determine if a cloud service is secure enough.” Rather, it is “to ensure agencies have sufficient information to make these risk decisions.”
The problem is that agencies often lack the staff and resources to do thorough reviews, which means the whole system is leaning on the claims of the cloud companies and the assessments of the third-party firms they pay to evaluate them. Under the current vision, critics say, FedRAMP has lost the plot.
Advertisement
“FedRAMP’s job is to watch the American people’s back when it comes to sharing their data with cloud companies,” said Mill, the former GSA official, who also co-authored the 2024 White House memo. “When there’s a security issue, the public doesn’t expect FedRAMP to say they’re just a paper-pusher.”
Meanwhile, at the Justice Department, officials are finding out what FedRAMP meant by the “unknown unknowns” in GCC High. Last year, for example, they discovered that Microsoft relied on China-based engineers to service their sensitive cloud systems despite the department’s prohibition against non-U.S. citizens assisting with IT maintenance.
Officials learned about this arrangement — which was also used in GCC High — not from FedRAMP or from Microsoft but from a ProPublica investigation into the practice, according to the Justice employee who spoke with us.
A Microsoft spokesperson acknowledged that the written security plan for GCC High that the company submitted to the Justice Department did not mention foreign engineers, though he said Microsoft did communicate that information to Justice officials before 2020. Nevertheless, Microsoft has since ended its use of China-based engineers in government systems.
Advertisement
Former and current government officials worry about what other risks may be lurking in GCC High and beyond.
The GSA told ProPublica that, in general, “if there is credible evidence that a cloud service provider has made materially false representations, that matter is then appropriately referred to investigative authorities.”
Ironically, the ultimate arbiter of whether cloud providers or their third-party assessors are living up to their claims is the Justice Department itself. The recent indictment of the former Accenture employee suggests it is willing to use this power. In a court document, the Justice Department alleges that the ex-employee made “false and misleading representations” about the cloud platform’s security to help the company “obtain and maintain lucrative federal contracts.” She is also accused of trying to “influence and obstruct” Accenture’s third-party assessors by hiding the product’s deficiencies and telling others to conceal the “true state of the system” during demonstrations, the department said. She has pleaded not guilty.
There is no public indication that such a case has been brought against Microsoft or anyone involved in the GCC High authorization. The Justice Department declined to comment. Monaco, the deputy attorney general who launched the department’s initiative to pursue cybersecurity fraud cases, did not respond to requests for comment.
Advertisement
She left her government position in January 2025. Microsoft hired her to become its president of global affairs.
A company spokesperson said Monaco’s hiring complied with “all rules, regulations, and ethical standards” and that she “does not work on any federal government contracts or have oversight over or involvement with any of our dealings with the federal government.”
You’ve felt it before: your phone gets hot while navigating in the car, your MagSafe battery pack turns into a hand warmer during a Zoom call, or charging suddenly slows because thermal throttling kicks in. As smartphones become more powerful, portable chargers are struggling to keep up.
That is the pitch behind the new MiniMag Pro from TORRAS, a magnetic power bank built around an idea most accessory makers rarely talk about: cooler charging.
The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!
For years, power banks competed on one thing: capacity. Bigger numbers won. More mAh, faster charging, thinner designs.
But modern smartphones have changed the equation.
Advertisement
Phones now run AI-powered photo tools, console-level mobile games, 4K video workflows, always-on navigation, and constant background syncing. That creates more power demand and more heat, especially during fast charging.
Most accessory brands still treat that as a tradeoff.
TORRAS does not.
Advertisement
Photo credit: TORRAS
The MiniMag Pro’s big idea: stay cool
According to TORRAS, the MiniMag Pro maintains a surface temperature around 98°F (37°C) during sustained charging sessions, even under heavier loads.
That matters because magnetic wireless charging is convenient, but it is also notoriously prone to heat buildup. Anyone who has used a magnetic battery pack while traveling or multitasking has probably noticed it.
The MiniMag Pro approaches the issue differently by using a semi-solid-state battery architecture instead of a traditional lithium-ion setup.
Traditional lithium-ion batteries rely on liquid electrolytes. Semi-solid-state batteries replace part of that structure with a more stable gel-like material designed to improve thermal stability and reduce internal risks.
In plain English: less heat, better stability, and a lower chance of things going sideways under stress.
The technology also allows for denser battery packaging, which helps explain why the MiniMag Pro feels unusually thin for a magnetic charger.
Advertisement
The 5000mAh version comes in at just 8.5mm thick. The larger 10000mAh model is still only 14mm thick while supporting faster charging speeds and PPS support.
This is where the product starts to feel less like another Amazon accessory and more like an early example of where mobile power is headed.
Because the real innovation here is not necessarily faster charging. It is smarter charging.
Photo Credit: TORRAS
Advertisement
The era of “Invisible” tech accessories
The best tech accessories are increasingly the ones you stop noticing altogether.
Nobody wants to carry extra cables, bulky battery bricks, or overheating chargers anymore. Consumers want accessories that integrate into their lives with as little friction as possible.
That shift helped make magnetic charging mainstream. Snap a battery onto the back of your phone and keep moving.
The MiniMag Pro leans hard into that behavior. Its magnetic alignment system is designed for secure attachment during movement, allowing users to keep texting, navigating, filming, or streaming while charging one-handed.
Advertisement
Combined with the slim profile, it feels built for modern everyday carry culture rather than emergency-only battery backup.
That distinction matters.
Portable charging is evolving from “just in case” tech into an always-on companion product.
Safety is quietly becoming the new premium feature
There is another reason companies are suddenly investing more heavily in battery architecture: consumers are paying attention.
Advertisement
As devices become thinner and charging speeds get more aggressive, battery safety is no longer an invisible engineering problem. It is becoming part of the buying decision.
TORRAS says the MiniMag Pro underwent puncture testing and extreme pressure testing to validate thermal stability and structural integrity under stress.
Most consumers will never watch those test videos. But they will notice when a charger stays cooler in a backpack, charges more consistently during travel, or does not feel like it is cooking their phone battery over time.
That is increasingly where the premium accessory market is moving.
Advertisement
Not necessarily toward maximum power, but toward smarter thermal management, better materials, and products that feel more reliable over the long run.
Portable charging is entering its next phase
For years, portable power felt stagnant. Every new release promised the same thing: more battery, faster charging, smaller footprint.
Now the conversation is shifting.
Consumers are starting to care less about spec-sheet races and more about real-world experience. Does it overheat? Is it annoying to carry? Does it feel safe? Can it keep up with how people actually use smartphones today?
Advertisement
The MiniMag Pro feels designed around those questions.
And if semi-solid-state battery tech continues moving into mainstream accessories, this may be the beginning of a much bigger shift than just one magnetic power bank.
The Dell Alienware AW2726DM makes OLED gaming more accessible than ever with its aggressive $350 price point, while still delivering excellent motion clarity, deep contrast, and 240Hz refresh rates.
The 20-year-old filmmaker Kane Parsons has risen to the top so fast that he’s had zero time to process how far he’s come.
“It’s been go, go, go,” Parsons tells WIRED. “Even the tiniest bit of a break,” he says, would give him some better perspective on everything that’s happened over the past few years. But for the moment, he’s soaking up the limelight—and thinks it’ll be at least another month before he has the space to reflect on his big break.
Backrooms, a moody horror piece that stars Chiwetel Ejiofor and Renate Reinsve, is a cerebral expansion of Parsons’ atmospheric YouTube web series of the same name. It marks his feature debut as A24’s youngest director to date, at the helm of a movie long anticipated by a huge and hungry internet fan base. You could hardly ask for a better kick start to summer blockbuster season.
Yet Parsons makes his meteoric success sound like something of an accident. “I never went into making that first short or making the series with the intention of, ‘I want to do this so I can prove to Hollywood that this is an engine that is viable for a film,’” he says.
Advertisement
That original nine-minute video, titled “The Backrooms (Found Footage)” and uploaded by Parsons in 2022, was inspired by—of all things—a sinister 4chan meme that spawned a collaborative mythology. The 2019 post on the notorious image board’s /x/ forum included a disquieting photo of an empty hallway bathed in sickly light. An anonymous user described being transported into “the Backrooms, where it’s nothing but the stink of old, moist carpet, the madness of mono-yellow, the endless background noise of fluorescent lights at maximum hum-buzz, and approximately six hundred million square miles of randomly segmented empty rooms to be trapped in.”
“God save you if you hear something wandering around nearby, because it sure as hell has heard you,” the 4chan user added.
Other people took up the concept, creating spinoff imagery and stories on various social platforms. Parsons encountered these, as well as then-popular memes about surreal liminal spaces—the Backrooms being a paranormal extension of this phenomenon. He was intrigued by what this material evoked but felt it hadn’t been fully explored.
“It was clearly scratching something that I didn’t really see much other media scratching,” he says. “I think there was an element of like, I wish there was more for me to engage with here.”
Advertisement
To that end, Parsons decided to see whether he could conjure an immersive vision of the Backrooms with Blender 3D graphics software and Adobe After Effects. That initial video, in which a person is chased through the Backrooms by a malevolent life-form, went massively viral, with viewers marveling at Parsons’ technical skill and the chilling suspense he’d created. Fans excitedly speculated on the larger mythology of the uncanny setting. Within a month, studios were approaching Parsons with hopes for a full-length movie.
Although still a teenager at the time, Parsons knew enough to be wary of the offers. “I was very distrustful of pretty much everything that was happening, just because I feel like it’s a very common experience for that sort of event to turn into nothing,” he says. “Or you end up with less than nothing.”
Ultimately, however, he got what a young filmmaker dreams of: the chance to pursue his vision, in this case with top talent at his side. The feature film has a script by Homeland and Westworld writer Will Soodik, and its producers include horror maestros Osgood Perkins and James Wan.
We may receive a commission on purchases made from links.
Milwaukee Tool has long been celebrated by worksite professionals and staunch DIYers for producing some of the most powerful and durable devices available on the consumer market. So much so that the brand is regularly singled out as one of the best in the entire power tool arena.
Advertisement
Indeed, if power and battery life are features you value highly in cordless tools, Milwaukee is a brand that should be on your radar, as its M18 lineup of powered tools and devices has earned a reputation for delivering serious on-the-job punch. Just like many other cordless tool lines with shareable power sources, Milwaukee’s M18 shingle has several models of rechargeable Lithium-Ion battery packs to choose from.
If you’re looking to make the most of those M18 tools, the battery packs bearing the Forge label would seem to be the best way to do so, with Milwaukee claiming that those batteries are designed to deliver not just maximum power to your tool, but also provide longer running times and faster charging times than other M18 power packs. Unfortunately, Forge batteries are priced on par with those desirable capabilities. Still, shoppers looking to buy a new device with a Forge battery should know that Milwaukee offers combo packages that include both the tool and the battery at a more palatable price point. Here are a few you should be aware of.
Advertisement
1. M18 FUEL 7-1/4 in. Circular Saw Kit with One Forge Battery, Charger and Tool Bag
For the record, yes, Milwaukee’s M18 Forge battery packs are designed to outperform even the brand’s M18 High-Output offerings. When paired with the brushless motors powering many of Milwaukee’s M18 tools, those batteries can boost performance beyond even the most fervent fans’ expectations. As noted, you do pay a premium price for that 12.0 Ah power upgrade, with a single 12 Ah Forge battery selling for upwards of $229 these days.
Still, if you have a shiny new Milwaukee M18 Fuel Circular Saw on your current power tool want list, you can package it with a Forge battery at The Home Depot for $449. That package set comes with an M18 rapid charger that also works with M12 batteries, and even a handy Milwaukee Tool-branded tool bag.
As for the saw, the 7 1/4-inch cutter is, of course, fitted with an 18V brushless motor and also boasts Milwaukee Redlink Plus intelligence to bolster performance and protect against malfunction. It’s also got a Magnesium shoe and guards to increase durability, as well as an integrated dust port and vacuum adaptor. According to Milwaukee, with an M18 Forge battery on board, it can perform approximately 750 cuts on a full charge. Customers seem to back up its overall quality, rating the saw 4.7 stars and largely praising it for being powerful, lightweight, and easy to use, even as some noted concerns about power and toughness.
Advertisement
2. M18 FUEL 16 in. String Trimmer with Forge Batteries and Charger
While lawn care equipment has not, historically, been Milwaukee’s bread and butter, the brand has developed a few impressive cordless devices over the years. If its 4.8-star user rating is any indication, its M18 Fuel 16 in. String Trimmer is just such a device, particularly when it’s paired with a Forge battery. And if you’re looking to add the string trimmer to your current arsenal of lawn care gear, The Home Depot is selling a combo kit that includes the tool, a couple of 8 Ah Forge batteries, and a rapid charger for $519.
Advertisement
In terms of cost, the 2 batteries and charger alone would put you close to that total, so this looks like a pretty good deal on paper, especially given the user rating. The only real knock against this kit is that the 8 Ah battery will reportedly provide only up to 24 minutes of use for the brushless motor powering that string trimmer. Even so, a pair should provide more than enough runtime to handle most trimmer tasks you can throw at the device in your backyard. Users seem to agree, praising the trimmer for its power, performance, variable speeds from its brushless motor, and ease of use.
Many also note that the QUIK-LOK feature — which allows for 13 interchangeable heads to be attached to the power arm — is a major plus. All in, that potentially makes this one of the more versatile offerings in M18’s Forge-compatible lineup.
Advertisement
3. M18 FUEL Super Sawzall Reciprocating Saw with FORGE Battery Pack
In the annals of construction history, few power tools have proven quite as game-changing as the reciprocating saw. That is particularly true for the Milwaukee Tool brand, as the Wisconsin-based outfit actually invented that tool back in the 1950s. That cutter hit the market bearing the name of Sawzall. More than seven decades later, it still goes by that name and remains a staple in Milwaukee’s power tool lineup, and over that span, it has received all the modern upgrades you’d expect, including the ability to couple with M18 Forge battery packs.
The M18 Sawzall has been widely embraced by those who’ve purchased it, with more than 1,600 users giving it a 4.8-star rating. That number speaks volumes to the quality of the device itself, which uses a variable 5-speed brushless motor, a QUIK-LOK blade clamp, and on-off orbital action, among other features. Though a couple of users noted durability concerns, the reviews for the device are overwhelmingly positive.
They also claim that the Forge battery is a massive boon to the already popular saw, providing major upgrades in power, run time, and performance. Now for the bad news: this kit includes just the Sawzall and a single 8 Ah Forge battery, so if you don’t have a charger on hand, you’ll need to invest in one. The good news is that The Home Depot is selling the combo pack for just $528, so the price point is still pretty inviting.
Advertisement
4. M18 FUEL Hammer Drill/Impact Driver Combo Kit with Forge Battery, Red Lithium Batteries, Charger and Case
Drills and drivers are about as essential as it gets for many a pro job and backyard project. It is such that pretty much every manufacturer in the game features several types of those tools available in their stable of devices. That list obviously includes Milwaukee Tool, which offers standard power drills and drivers, as well as more heavy-duty options like a hammer drill and an impact driver. If you’re looking for those latter two tools in the M18 mold, you should know that The Home Depot is offering a combo pack of both M18 drivers for $678.
Advertisement
That pack includes more than just a Hammer Drill and an Impact Driver, of course: a pair of 5 Ah battery packs, one multi-voltage charger, and a hard-shell carrying case big enough to hold both drivers. Oh, it comes with one 12 Ah Forge battery as well, making this a pretty comprehensive set of gear. Almost 1,800 users agree, rating the set 4.7 stars and largely praising both the devices and the batteries for their overall quality.
As for the tools themselves, both drill and driver are outfitted with brushless motors. The hammer drill is also just 6.9 inches, making it suitable for use in tight spaces. So too is the impact driver at just 4.47 inches in size. Stature aside, the driver is powerful too, delivering 2,000 in-lbs of torque and up to 3,900 RPM.
Advertisement
5. M18 FUEL Dual Battery 18V Blower with M18 Mower Kit, 12.0 AH FORGE Batteries, and Chargers
Circling back to lawn care, here’s a combo kit for the big ballers out there looking to keep their green scapes in tip-top shape with Milwaukee power. First, we should tell you we weren’t kidding with the “big baller” statement, as this combo pack is selling for $1,649 through The Home Depot. It does, however, include big-ticket M18 items: a 21-inch self-propelled lawn mower, a dual-battery blower, two 12 Ah batteries, two 12 Ah Forge batteries, one rapid charger, and one six-port Packout rapid charger.
The 21-inch mower accounts for roughly half the cost of the set, but when paired with the blower — which can deliver up to 145 MPH and 600 CFM of airflow — it’ll go a long way toward keeping your green spaces looking good. And yes, the M18 Forge batteries are designed to help ensure those devices are powered up when it’s time to touch up those spaces.
We should tell you, however, that users have rated the kit at 4.3-stars. That number is hardly damning, of course, but the primary issue seems to be that Milwaukee may still have some work to do in its lawn mower makeup. More precisely, the mowers may have durability issues, with one user noting they were woefully unimpressed with their plastic components. So that is one of several factors to consider before ponying up for this kit.
The ‘Cheap Yellow Display’, or CYD, is becoming a staple in these circles, and with good reason: just like the name says, it’s cheap, it has a display, and of course an ESP32 microcontroller to give it lots of brainpower. What it doesn’t come with is a lot of RAM, which was a problem for [DynaMite]’s project. What was there to do but solder on more PSRAM so the CYD could become a mini TV for retrogaming?
Depending what you want to play, you might not need the extra memory. In [DynaMite]’s case, he wanted to run Retro-Go, which opens up a lot more than just the standard NES emulator you can run on an unmodified CYD — including 16-bit systems like the SNES and Sega Genesis/MegaDrive or even DOOM. Adding the PSRAM is just a matter of getting the little chip onto an unpopulated footprint on the board, cutting some traces, and adding a bodge wire. It’s not nothing, but it’s not impossible.
While he was slinging solder, [DynaMite] also took the time to swap some resistors in a step that apparently does great things for the CYD’s sound output, which is… not great, from stock. For really good sound, you really need to break out I2S, but for a tiny game system this is doubtless good enough.
The whole thing goes into a lovely retro TV case that takes its design cues from The Simpsons, which is available via the link as a STEP file as well as STLs. He’s also got a vibe-coded video player application — think of it like the VCR, maybe —and a launcher that will switch betwixt that and the emulator or any other applications stored as .bin files on an SD-card. Check it out in action in the demo video below.
MasterDimm AC features what Cooler Master describes as “noise-optimized” blower fans that operate relatively quietly, with a maximum noise level of 35 dB at full speed. The companies claim that the patent-pending design can reduce operating memory temperatures by up to 15°C, helping ensure sustained performance, improved signal integrity, and… Read Entire Article Source link
The race to build the next great affordable laptop is heating up, and Acer thinks it has a strong contender. The company today unveiled the Swift Air 14, a thin-and-light Windows laptop that combines a premium design, AI-ready hardware, and impressive battery claims for a starting price of just $699.
At a time when even mainstream laptops are creeping toward four-figure price tags, Acer’s latest machine feels refreshingly straightforward. It’s aimed at students, remote workers, and anyone who wants a laptop that looks and feels expensive without draining their bank account. The Swift Air 14 is powered by Intel’s new Core Series 3 processors and delivers up to 19 hours of battery life. That’s the sort of endurance that could realistically get many users through a full workday and beyond without scrambling for a charger.
Acer is focusing on things people actually notice
Laptop makers love talking about processor benchmarks, but most buyers notice other things first. How heavy is it? Does it look good? Is the screen nice to use? Can the speakers fill a room? That’s where the Swift Air 14 appears to have its priorities in order. The laptop weighs just 1.19 kg and measures only 12.9 mm at its thinnest point, all while using an aluminum chassis that should feel significantly more premium than the plastic-heavy designs common at this price point. Acer is also bringing some personality to the lineup with four color options: Sage Green, Frost Blue, Blossom Pink, and Lilac Purple.
Acer
The display sounds promising as well. Acer has equipped the Swift Air 14 with a 14-inch WUXGA panel featuring a 120Hz refresh rate and 100% sRGB color reproduction. For students, creators, and everyday users, that’s a welcome upgrade over the dull screens that often plague budget laptops. Then there’s the audio. Acer says the laptop includes a quad-speaker setup with DTS:X Ultra support, a feature rarely highlighted in this segment but one that can make a noticeable difference when streaming movies, joining video calls, or listening to music.
The Swift Spin 14 AI raises the stakes
Acer wasn’t finished with just one Swift launch. The company also introduced the Swift Spin 14 AI, a more premium convertible aimed at users who need additional flexibility and performance. Powered by up to an Intel Core Ultra 9 processor 386H, the laptop features a dedicated NPU capable of up to 50 TOPS and up to 100 platform TOPS overall. It also supports stylus input through Wacom AES 2.0 technology, making it a potentially appealing option for artists, designers, note-takers, and hybrid professionals. Its 360-degree hinge allows it to switch between laptop, tablet, presentation, and display modes, while features like Wi-Fi 7, a 5MP IR camera, Copilot+ PC capabilities, and up to 26 hours of battery life round out a very ambitious package. Still, the more fascinating device may be the cheaper one.
Advertisement
Acer
The Swift Air 14 arrives at a moment when buyers are increasingly questioning whether they need to spend MacBook money for a great everyday laptop. Acer’s answer is clear: offer a premium metal design, long battery life, AI-powered features, and a modern display at a price that feels far easier to justify. The Acer Swift Air 14 is scheduled to launch in North America in August 2026, while the Swift Spin 14 AI will arrive during the same timeframe.
Acer is going straight after the MacBook Neo crowd
The comparison to Apple’s MacBook Neo feels impossible to ignore. Both laptops are targeting the same audience: students, first-time laptop buyers, and people who want something premium without spending MacBook Air money. Apple’s answer was a $599 machine with an aluminum design, an A18 Pro chip, up to 16 hours of battery life, and the familiar advantages of the macOS ecosystem.
Nadeem Sarwar / Digital Trends
Acer, however, is taking a different route. The Swift Air 14 undercuts many of the compromises associated with entry-level laptops by offering a 120Hz display, more connectivity options, a larger battery, quad speakers, and a wider range of color choices, all while staying in the same affordability conversation. According to Acer’s specifications, the laptop packs a 70Wh battery, dual Thunderbolt 4 ports, and a 120Hz WUXGA panel — areas where it arguably looks more ambitious than Apple’s budget MacBook on paper.
The real battle here isn’t Windows versus macOS. Which company can convince buyers that spending less no longer means settling for less?
Activision is ending Call of Duty: Warzone support for PS4 and Xbox One later this year, drawing a line under the battle royale’s last-gen era at a moment when the cost of upgrading to current hardware has risen sharply for players who have held off.
The game will be removed from PS4 and Xbox One storefronts on 4 June and will no longer be available to download, with Activision removing the in-game store on both platforms on 25 June before Warzone becomes fully unplayable once Call of Duty: Modern Warfare 4 season 1 begins later this year.
The timing adds friction for remaining last-gen players, as both Sony and Microsoft have raised console prices over the past year, leaving the PS5 and Xbox Series X each sitting $150 above their original $499 launch prices.
Activision announced the Warzone changes on the same day it revealed Call of Duty: Modern Warfare 4, which will launch on PS5, Xbox Series S and X, and Nintendo Switch 2, marking the first Call of Duty title to appear on a Nintendo platform following the 10-year deal Microsoft agreed with Nintendo as part of its Activision Blizzard acquisition.
Advertisement
What happens to last-gen players
Players on PS4 and Xbox One will need to move to a PS5 or Xbox Series S or X to continue playing Warzone once season 6 of Call of Duty: Black Ops 7 concludes, with Activision confirming the full cutoff is tied to the Modern Warfare 4 season 1 launch window.
Advertisement
The deprecation reflects a broader industry shift away from last-gen hardware, with developers increasingly unwilling to maintain split builds across console generations as the PS4 and Xbox One user base continues to shrink more than four years after their successors launched.
All of that remains subject to change in terms of exact timing, however, with Activision yet to confirm a specific date for when Modern Warfare 4 season 1 will begin and last-gen support will officially end for those already playing.
SpaceX won a $4.16B Space Force contract for missile-tracking satellites. Combined with a $2.29B deal from Tuesday, it holds $6.45B in Golden Dome work.
The US Space Force awarded SpaceX a $4.16 billion contract on Friday to build satellites that track foreign aircraft and missiles. The programme is called Space-Based Advanced Moving Target Indicator, or SB-AMTI. It is part of the Trump administration’s $185 billion Golden Dome missile defence initiative.
Two days earlier, the Space Force awarded SpaceX $2.29 billion for the Space Data Network Backbone, a secure communications layer built on Starshield satellites. Combined, SpaceX now holds approximately $6.45 billion in Golden Dome contracts. That figure exceeds the combined prototype awards given to every other company in the programme.
The AMTI satellites are designed as an interconnected system combining space-based sensors, secure communications links, and AI-enabled ground processing. The system will detect, track, and alert for airborne threats from orbit. The US has historically relied on ground-based sensors and military aircraft for this function.
Advertisement
Placing detection capabilities in space eliminates potential blind spots that ground-based systems cannot cover. The Space Force described the architecture as designed to “drive closer cooperation across the government space industrial base.” SpaceX must integrate the AMTI sensors with the data transport backbone it is already building under the separate $2.29 billion contract.
The scale of SpaceX’s Golden Dome position is unprecedented for a commercial contractor. The programme has distributed more than $3.2 billion in prototype contracts across SpaceX and 11 other firms, including Anduril, Lockheed Martin, Northrop Grumman, Raytheon, and True Anomaly. SpaceX’s $4.16 billion AMTI contract alone exceeds that entire prototype pool.
SpaceX filed its IPO prospectus last week, targeting a valuation of more than $1.75 trillion. The company is expected to raise approximately $75 billion in what would be the largest IPO in history. Every new defence contract adds to the revenue narrative that underpins the listing.
The timing is notable. Two major Golden Dome contracts awarded in the same week as a Starship V3 test flight and an IPO roadshow preparation creates a cadence that looks orchestrated to maximise pre-IPO momentum. SpaceX held more than $22 billion in government contracts as of 2024. The Golden Dome awards add meaningfully to that base.
The Golden Dome programme’s total cost has risen to $185 billion, up $10 billion from the original estimate, after the programme director approved an acceleration of space-based capabilities in March. The fiscal 2027 budget request includes initial Golden Dome funding. Full-scale procurement is expected to begin post-2028.
The conflict-of-interest concerns that have surrounded SpaceX’s government contracting are amplified by the Golden Dome awards. Elon Musk is simultaneously the largest financial backer of the sitting president, the CEO of the company receiving the contracts, and the owner of a social media platform that shapes public discourse about the programme. The IPO prospectus acknowledges government contract risk but does not address the political dimensions directly.
Friday’s Starship V3 test flight demonstrated that SpaceX can deploy satellites from the vehicle, even though the Super Heavy booster was destroyed after separation. The AMTI constellation will eventually require launch capacity that only Starship can provide at scale. The contract, the IPO, and the rocket programme are three legs of the same strategy.
Two contracts, $6.45 billion, four days. SpaceX is not just participating in Golden Dome. It is becoming the programme’s commercial backbone. Whether that concentration of national security infrastructure in a single pre-IPO company is a strategic advantage or a systemic risk is a question the Space Force has implicitly answered by signing the contracts. The market will answer it again when the IPO prices in June.
Apple is preparing to overhaul Siri at WWDC 2026 in ways that go well beyond a simple feature update, and we’ve just had our first look at the redesigned UI.
Bloomberg’s Mark Gurman has published an early preview of the company’s redesign of the iPhone’s interface, placing its Gemini-powered AI agent at the centre of everyday use.
The redesign moves Siri into the iPhone’s Dynamic Island, where it will remain accessible via voice, the power button, or a new downward swipe from the top centre of the screen that opens a “Search or Ask” interface drawing on elements from iOS 26‘s existing Search experience.
That interface brings together familiar features like Siri Suggestions alongside new functionality, with Gurman reporting it will support app launches, text messages, calendar appointments, note searches, and more, with results surfacing in a rich text card that expands directly from the Dynamic Island.
Advertisement
Image Credit (Bloomberg)
Advertisement
Swiping further down opens a full chatbot-style conversation view inside a dedicated Siri app, which Apple intends to position as a direct competitor to ChatGPT and Claude, supporting text and voice input alongside photo and document uploads and persistent conversation history.
Interface and camera changes
To accommodate Siri’s new prominence, Apple is moving Notification Centre access to a pull-down from the top left of the screen, a small but consequential shift that reflects how central the assistant has become to the iPhone’s navigation logic.
Image Credit (Bloomberg)
Camera and Photos also see significant changes, with a new mode set to replace Visual Intelligence by combining Google reverse image search with third-party AI analysis, while the Photos app gains Reframe and Extend tools that use AI to alter image perspective or generate content beyond a photo’s existing frame.
Underpinning all of it is a Siri that can search the web and draw on-screen context and personal data to complete tasks, with Gurman noting the assistant will be able to cross-reference a user’s calendar availability before scheduling anything.
All of that remains subject to change, however, with Gurman noting Apple tests multiple designs internally and the final version shown at WWDC on 9 June could differ from what Bloomberg has illustrated, with a release expected as early as September.
You must be logged in to post a comment Login