Kategorie

SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks [...]

AI is everywhere right now — but let’s be honest: It’s easy to slap some sort of silly text generation button onto an app and call it “AI.” It’s much more difficult to come up with a truly compelling way this type of technology can actually be helpful.

And once you move away from web-based AI utilities and start focusing specifically on Android, the pool of commendable candidates only gets smaller.

Don’t despair, though: There are some standout Android apps that put artificial intelligence to genuinely intelligent use. They range from multipurpose chatbots to tools for smarter note-taking and reminder-making, image analysis and manipulation, and even personal memory enhancement — among other useful tasks.

Just keep in mind that, by its very nature, much of this generative AI technology is still woefully unreliable and inaccurate. You really have to double-check what it tells you, especially when it comes to more info-oriented uses — and/or you have to think carefully about the best way to interact with it to get the results you need.

But the apps here all have some manner of redeeming value when it comes to professional productivity — particularly if you think carefully about how you’re using them and why. And I’ll try to guide you toward the types of uses that are generally most reliable and beneficial for each specific item.

All of the tools listed here are either free or with a reasonably robust free tier, too, unless otherwise noted.

Shall we?

AI on Android part I: On-demand assistance

We’ll start with the simplest and most well-known form of AI, in this current incarnation, and that’s the humble and at times hilariously off-kilter chatbot.

Within that arena, the first and most easily accessible option is Google’s own (1) Gemini Android assistant (which may well be on your device whether you install it or not). Gemini can do all the standard AI chatbot stuff, in terms of answering questions, generating images, and providing general information — with all the standard asterisks, too, that the info it gives you may not always be entirely accurate — but where Gemini really shines is in its ability to help control your device and interact with your data from various Google services.

???? Try this: 

• Ask Gemini to read your notifications out loud
• Ask it to summarize your recent emails
• Activate the Google Workspace integration (by tapping your profile picture in the upper-right corner and then selecting “Apps”) and then ask Gemini questions about your Docs, Drive, Calendar, Keep, or Tasks activity

Of course, Gemini isn’t the only AI chatbot option you’ve got on Android. OpenAI’s (2) ChatGPT app gives you access to the interface that arguably kickstarted the current AI revolution. Even on its free level, it can be helpful for summarizing long PDFs or documents (via the plus button in its main prompt area), giving you the high points of articles and other pages online (if you send their links into the app via your browser’s regular sharing function), and finding trends within large sets of data (if you share a spreadsheet into the app or upload it using the plus icon).

The ChatGPT Android app excels as summarizing long documents and identifying trends in large sets of data.

JR Raphael / Foundry

Beyond that, Microsoft’s (3) Copilot puts the same ChatGPT brains into a somewhat friendlier interface that includes seamless integration with Microsoft apps and services; (4) Perplexity positions itself as more of a smart search companion for both general web-based info and your own uploaded documents, with clear citations and explanations; and Anthropic’s (5) Claude is particularly skilled at creating code and weighing out different viewpoints to help you consider a complex topic.

Honestly, in this specific area, all of the options have an awful lot in common — and the trickiest part is just figuring out which one you prefer in general or want to use for any given scenario. That’s where (6) Kagi can come in handy. At its core, Kagi is a privacy-centric, quality-focused alternative to Google Search. But beyond basic queries, its $25-a-month Ultimate plan includes access to something called the Kagi Assistant, which lets you access the underlying intelligence from Gemini, ChatGPT, Claude, and other AI engines in a single streamlined spot and with the added advantage of complete privacy and custom filtering to help refine the results.

And speaking of privacy, the independent (7) PocketPal AI app makes it easy to download different AI models directly onto your device for isolated, secure access.

PocketPal puts powerful AI models right on your device for fully local and highly customizable interactions.

JR Raphael / Foundry

???? Try this:

• Look in PocketPal’s main three-line menu to find the “Models” section and click the “Download” option to bring a few of the available options onto your device
• Create your own custom and completely local “Pal” that’ll take on practically any personality, focus, and style of answering you like
• Tap the three-dot menu icon in the app’s upper-right corner while chatting with any model and select the “Generation settings” option to fine-tune all sorts of intricate parameters about how exactly the chatbot works — including how short or long its responses are and how “creative” vs. focused its communication should be

AI on Android part II: Smarter notes and reminders

If you’ve got a Google-made Pixel device, Google’s installed-by-default (8) Recorder app is an invaluable AI resource. Recorder is hands-down the easiest and most effective way to record speaking — be it your own rambling thoughts or an important conversation — and then get an instant searchable transcription that’s available both on your phone and on the web from any other device where you’re signed in.

For everyone else — or for any Pixel owners who need even more audio-recording oomph — (9) Otter is an excellent option. Otter similarly records speaking but is designed even more with meetings in mind, thanks to its thoughtful features around summarization, key point highlighting, image integration, and team-wide collaboration. It can also transcribe your own uploaded audio and video files, though that capability and certain other advanced features require a paid subscription (starting at about $100 per user per year).

An independent-developer creation called (10) AudioPen, meanwhile,is less about simply saving your spoken words and more about extracting value out of ’em — basically like a dictation-centric note tool that does all the heavy lifting for you. Just say whatever’s on your mind, and AudioPen will transform your thoughts into clear, concise notes in whatever length and style you like. The service’s free plan is generous and quite usable, though some of the more advanced options do require an annual paid subscription.

AudioPen leans on AI to clean up and organize your spoken memos.

JR Raphael / Foundry

???? Try this:

• Tap the box with an upward-facing arrow icon while viewing any note — as seen in the lower-right corner in the first screenshot above — to share its entire contents to any other app on your device
• Tap the gear-shaped settings icon in the app’s upper-right corner — as seen in the second screenshot above — to configure the exact intensity and style of rewriting you prefer (if you’re using AudioPen’s paid version)
• Input specific words — like names — into the “Special words” area of that same settings section to ensure they’re always transcribed and spelled correctly (also available only in the paid version)

When it comes to voice phone calls, Google’s Pixel devices are again positioned for success with the fully featured version of the simply named (11) Phone by Google app. Among other useful capabilities, the Phone app packs a supremely useful Call Notes feature that can summarize key points from any call for you as you’re speaking. It’s thus far available only on the newest flagship-level Pixel 9 devices, but it’s built in and ready to roll on those gadgets without any extra costs or caveats.

Samsung’s (12) Phone app offers a similar sort of system on the latest Galaxy S25 device. And if you’ve got any other Android phone model, you can emulate the same concept with a pinch of creative thinking.

Finally, for the Pixel-palmin’ pals among us, don’t miss out on the (13) Pixel Screenshots system built into the latest Pixel 9 flagship phone models. The app’s most prominent feature is its ability to automatically analyze and catalog all of your screenshots, which is fine — but where it really shines is in the super-simple on-demand reminder system it adds right into Android’s foundation.

Just capture a screenshot, anywhere and anytime (by pressing your phone’s power and volume-down buttons together), then tap the little bell icon in the confirmation dialogue in the corner of your screen — and you’ll be able to set an instant reminder around whatever you were seeing that’ll pop up at any future date and time you desire.

Pixel Screenshots can analyze and organize your screenshots, but its most useful feature is the simple reminder system it adds onto your device.

JR Raphael / Foundry

No Pixel? No problem. You can emulate the automated screenshot cataloguing piece of the puzzle on any Android device with a clever little creation called (14) PixelShot, and you can cook up something vaguely similar to the seamless screenshot reminder system with the right kind of crafty configuring.

AI on Android part III: Image analysis and manipulation

All this AI obsession may be a relatively recent phenomenon, but the long-standing (15) Google Lens app has been at it for ages already — and it’s every bit as impressive now as it was when it debuted nearly eight years ago. Lens lets you do everything from analyzing and identifying objects within images to copying text from the real world and then pasting it anywhere you want or even sending it to your computer’s clipboard.

???? Try this:

• Open Lens, aim your phone’s camera at something, and tap the big search button to analyze and identify it
• Tap anywhere on the results to select and copy text from inside the image
• Point your camera at a QR code or barcode within Lens to have it instantly read and optionally also to open any associated links

It may seem obvious, but I’d be remiss not to mention the (16) Google Photos Android app as a part of this collection. Photos has all sorts of impressive tools for editing and enhancing images, removing elements from photos, and even analyzing images and allowing you to interact with text inside of them via its integration with the aforementioned Lens technology.

Photos is filled with AI-powered editing tools and intelligent image interaction utilities.

JR Raphael / Foundry

And finally, (17) Canva is a fantastic all-around option for on-the-go graphic design work — be it creating a quick image for web use or social media sharing, whipping up a flyer to send out to colleagues or clients, or editing existing images to get ’em ready for public posting.

The app’s core features are free, but most of the AI-specific elements — including the ability to add and replace objects, expand existing images, and easily change the style of individual elements — require a $15-a-month or $120-a-year Pro upgrade (which is also available in team-friendly plans).

AI on Android part IV: Text and memory enhancers

Need a helping hand with your two-thumbed typing? Both Google’s Gboard keyboard and Microsoft’s SwiftKey Keyboard now boast built-in rewriting features in their respective toolbars, but (18) Grammarly takes things up a considerable notch with the most advanced and versatile text-enhancing engine available on Android.

Grammarly now works with whatever keyboard you’re already using and pops up a little green “G” button on the side of your screen anytime your keyboard is active. It’ll show you editing suggestions as you go, or you can also highlight any text you’ve entered anywhere and then tap that same button to ask for more specific word wrangling assistance — from general improvements to creating more persuasive or even more confident-sounding prose within the context of what you’ve already started.

Grammarly shows writing suggestions alongside any Android keyboard and can pull up more ambitious rewriting prompts as you’re typing, too.

JR Raphael / Foundry

If you tend to have trouble recalling specific details of your online activity, a brilliant little AI app called (19) Snapseek is exactly the companion you need. Snapseek works kind of like Microsoft’s Windows Recall feature, only without as many privacy worries — as it’s present only if you go out of your way to install it, and it collects activity only within the specific individual apps you authorize. Plus, it stores all data solely on your own device and doesn’t save or share anything with anyone.

When you first set up Snapseek, you’ll have to grant it a series of permissions that are pertinent to its operation. Then, you’ll be able to select which apps you want it to watch.

In the app’s free version, you can pick two. If you pay for a one-time $4 in-app upgrade, that limitation is lifted, and you can select as many apps as you want.

Once that’s done, Snapseek will automatically collect screenshots of every action you take and every screen you see within your selected apps. You won’t even notice it running in the moment — nor will its screenshots clutter up your standard Photos or Gallery app — but anytime you want to remember something you did on your device, you can open Snapseek up and search through its history.

The app will show you any screenshots with matching text within ’em for a swift ‘n’ simple recall.

Snapseek keeps tabs on any apps you want and then helps you search through your activity within those apps to find important info.

JR Raphael / Foundry

???? Try this:

• Set Snapseek to watch your Android web browser and email or messaging app, then use it to find and reference details about pages you’ve viewed or conversations you’ve had
• Look in the app’s settings (via the three-dot menu icon on its main screen) to make the screenshots it saves higher resolution for even more detail
• Look in that same settings section to configure how long the app should wait before auto-deleting everything it saves for security

AI on Android part V: Simple visual pleasures

Last but not least in our list is an AI-centric Android app that’s more about pleasure than productivity. But hey, putting yourself in a positive brain-space is bound to make it easier to get work done, right?

The app is called (20) Tapet, and it’s an on-demand AI-based image generator for your device’s wallpapers. A longtime favorite of my Intelligence Insider tech enthusiast community, Tapet lets you swipe through all sorts of different patterns and styles of geometric wallpaper designs — all created on the fly as you see ’em.

Tapet serves up an endless array of interesting and original AI-generated wallpaper designs.

JR Raphael / Foundry

It brings some refreshing visual variety to whatever Android device you’re using and makes any phone feel endlessly engaging and ready for serious business.

NEXT: Discover 22 must-have Android widgets for busy professionals and bring even more added efficiency onto your favorite phone’s home screen!

The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public institutions in Japan and Taiwan. The activity, detected by Trend Micro in March 2025, involved the use of spear-phishing lures to deliver an updated version of a backdoor called ANEL. "The ANEL file from

The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public institutions in Japan and Taiwan. The activity, detected by Trend Micro in March 2025, involved the use of spear-phishing lures to deliver an updated version of a backdoor called ANEL. "The ANEL file from Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

I don’t know about you, but I’m already tired of all the generative AI (genAI) hype. I’ve been using the technology for a while now, and I’ve found ways it can be helpful — primarily as a search engine replacement — but it’s not everything it’s supposed to be. 

This isn’t just cranky, cynical old me. In a recent IBM survey of 2,000 CEOs, Big Blue found that “only 25% of AI initiatives have delivered expected ROI [Return on Investment] over the last few years.” Further, “just over half (52%) of CEO respondents say their organization is realizing value from generative AI investments beyond cost reduction.”

Adding insult to injury: “64% of CEOs surveyed acknowledge that the risk of falling behind drives investment in some technologies before they have a clear understanding of the value they bring to the organization, but only 37% say it’s better to be ‘fast and wrong’ than ‘right and slow’ when it comes to technology adoption.” 

Really? Yes, I know about moving fast and breaking things, but are CEOs really paid big bucks to make expensive IT moves based on fear of missing out? I could do that, and I’d be willing to accept less money than the average CEO. Win! Win!

Seriously, though, some in the industry have been doing the business math — and they’re finding genAI isn’t delivering on its promises. 

For example, Microsoft’s been making Copilot the center of its end-user plans. There’s a teeny-weeny problem with that: users aren’t adopting Copilot. Period. As reported in Newcomer,  “At Microsoft’s annual executive huddle last month, the company’s chief financial officer, Amy Hood, put up a slide that charted the number of users for its Copilot consumer AI tool over the past year. It was essentially a flat line, showing around 20 million weekly users.”

Flatlining, as anyone who’s ever watched a medical show knows, is a bad thing. 

Even Microsoft CEO Satya Nadella realizes that some things are fundamentally wrong with AI.  He recently acknowledged there’s no killer app for AI. And he said this, may I remind you, after pouring more than $10 billion into genAI. Here’s some free advice for you, Satya: Simply adding Copilot features to every last program in the Microsoft portfolio is clearly not the way to profitability. 

Even as businesses look to reshape themselves using the technology, they’re grappling with significant hurdles in turning innovation into sustainable profits. Despite soaring investments and rapid revenue growth in some sectors, many genAI businesses struggle with high operational costs and uncertain paths to long-term financial success.

One of the most glaring challenges is the staggering cost of running genAI operations. OpenAI, the leading generative AI company, reportedly spent $9 billion in 2024 to generate about $4 billion in revenue, with the bulk of expenses tied to compute power for training and running AI models. This means, as Ed Zitron, well-known tech maven and cynic, said that OpenAI loses money on every paying customer, burning billions annually despite rising subscription numbers.

But what they lose on each one, they’ll make up on volume, right?

OpenAI, by the way, is the most successful genAI startup to date. I wonder what the balance sheets of the lesser firms look like. 

True, some smaller genAI companies such as Tempus AI, which applies the technology in precision medicine, show promising financial momentum. It reported a 75% revenue increase year-over-year. Most of the others are still light years from profitability. 

What’s the difference? Rather than some vague idea that genAI will magically make everything better, Tempus focuses on a particular business case in which it could improve. There’s a lesson here for anyone who wants to use genAI tools successfully. 

Sure, Nvidia is doing great guns, but it’s not selling to businesses or consumers that use genAI. It sells to the companies that want to sell you AI services — there’s a big difference. 

So long as startups such as OpenAI and Anthropic raise tens of billions of dollars, Nvidia will be fine. If venture capitalists ever start to wonder whether there’s a profit at the end of the business rainbow (rather than just eternal growth with no discernible business benefit), it will be another story.  

Remember the dot-com bubble of the late 1990s and early 2000s? I do. I see the genAI bubble getting bigger and bigger, and every bubble eventually pops. 

Microsoft 365 (and Office 365) subscribers get more frequent software updates than those who have purchased Office without a subscription, which means subscribers have access to the latest features, security patches, and bug fixes. But it can be hard to keep track of the changes in each update and know when they’re available. We’re doing this for you, so you don’t have to.

Following are summaries of the updates to Microsoft 365/Office 365 for Windows over the past year, with the latest releases shown first. We’ll add info about new updates as they’re rolled out.

Note: This story covers updates released to the Current Channel for Microsoft 365/Office 365 subscriptions. If you’re a member of Microsoft’s Office Insider preview program or want to get a sneak peek at upcoming features, see the Microsoft 365 Insider blog.

Version 2504 (Build 18730.20142)

Release date: May 6, 2025

This build includes various bug and performance fixes.

Get more info about Version 2504 (Build 18730.20142).

Version 2504 (Build 18730.20122)

Release date: April 29, 2025

This build fixes a wide variety of bugs, including one in which PowerPoint was unable to open a file from a network mapped drive from File Explore, another in which Word closed unexpectedly when opening .doc files, and another for the entire Office suite in which large 3D files couldn’t be inserted.

Get more info about Version 2504 (Build 18730.20122).

Version 2503 (Build 18623.20208)

Release date: April 17, 2025

This build fixes a bug that could cause Excel to stop responding.

Get more info about Version 2503 (Build 18623.20208).

Version 2503 (Build 18623.20178)

Release date: April 8, 2025

This build fixes a single bug in Word in which users may have encountered an issue with saving, seeing the message “saving…” in the title bar. It  also includes a variety of security updates. Go here for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2503 (Build 18623.20178).

Version 2503 (Build 18623.20156)

Release date: April 2, 2025

This build lets you use Dark Mode in Excel, which darkens your entire sheet, including cells, and may reduce eye strain. It also fixes several bugs, including one in Word in which opening specific files that contain many tracked changes and comments resulted in poor performance, and one in PowerPoint in which the app was not displaying the icon for an inserted PDF object.

Get more info about Version 2503 (Build 18623.20156).

Version 2502 (Build 18526.20168)

Release date: March 11, 2025

This build fixes several bugs, including one in which some Word files with numerous tracked changes and comments were slow. It also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2502 (Build 18526.20168).

Version 2502 (Build 18526.20144)

Release date: March 5, 2025

This build fixes a wide variety of bugs, including one in Word in which the default font size may not be 12pt as expected, and another in which PowerPoint automatically closed when the system went into hibernate or sleep mode.

Get more info about Version 2502 (Build 18526.20144).

Version 2501 (Build 18429.20158)

Release date: February 11, 2025

This build removes the option to display Track Changes balloons in left margin in Word. It also includes a variety of security updates. See “Release notes for Microsoft Office security updates” for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2501 (Build 18429.20158).

Version 2501 (Build 18429.20132)

Release date: January 30, 2025

In this build, the advanced Track Changes option to set the margin for balloons in Word has been removed.

A wide variety of bugs have also been fixed, including one in which ActiveX controls used an excessive amount of GDI handles in PowerPoint, and another for the entire Office suite in which images couldn’t be pasted from SharePoint.

 Get more info about Version 2501 (Build 18429.20132).

Version 2412 (Build 18324.20194)

Release date: January 16, 2025

This build fixes one bug, in which apps would exit unexpectedly when running on Windows Server 2016.

Get more info about Version 2412 (Build 18324.20194).

Version 2412 (Build 18324.20190)

Release date: January 14, 2025

This build fixes a bug in Word in which the layout of tables were changed unexpectedly. It also includes a variety of security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2412 (Build 18324.20190).

Version 2412 (Build 18324.20168)

Release date: January 7, 2025

This build makes tables in Outlook more accessible for screen readers. It also fixes a wide variety of bugs, including one in Word in which a document saved to a network shared folder and set to “Always Open Read-Only” would open in “Editing” mode, and another for the entire Office suite in which application didn’t render the grid properly after switching from page break preview to normal view.

Get more info about Version 2412 (Build 18324.20168).

Version 2411 (Build 18227.20162)

Release date: December 10, 2024

This build fixes a bug in Word and Outlook where characters didn’t render correctly when using Save Selection to Text Box Gallery. It also includes a variety of security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2411 (Build 18227.20162).

Version 2411 (Build 18227.20152)

Release date: December 5, 2024

This build fixes a wide variety of bugs, including one in Excel in which some cells might not be rendered properly upon scrolling in a worksheet using freeze panes, one in Word which prevented emails with linked SVG content from saving or sending, and one in which some PowerPoint presentations created by third-party tools didn’t open correctly and some content was removed.

Get more info about Version 2411 (Build 18227.20152).

Version 2410 (Build 18129.20158)

Release date: November 12, 2024

This build fixes a variety of bugs, including one in Word in which all characters didn’t appear correctly when creating an Outlook task from OneNote, and one in PowerPoint in which embedded BMP images in the PowerPoint slide were not opening.

This build also includes a variety of security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2410 (Build 18129.20158).

Version 2410 (Build 18129.20116)

Release date: October 28, 2024

This build enables filtering capabilities for the comment pane in Excel and fixes a variety of bugs, including one in Word in which the title bar no longer showed a “Saved” status for locally saved files, and one in PowerPoint in which a graphics-related issue caused the app to close unexpectedly at times.

Get more info about Version 2410 (Build 18129.20116).

Version 2409 (Build 18025.20160)

Release date: October 15, 2024

This build fixes a single bug in Word, in which emails with linked SVG content couldn’t be saved or sent.

Get more info about Version 2409 (Build 18025.20160).

Version 2409 (Build 18025.20140)

Release date: October 8, 2024

This build fixes a variety of bugs, including one in Word in which text wasn’t clearly visible in High Contrast Mode when using “Draft with Copilot” and referencing a meeting under “Reference your content.”

This build also includes multiple security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2409 (Build 18025.20140).

Version 2409 (Build 18025.20104)

Release date: September 25, 2024

This build fixes a single bug, in which when you saved a file in Word, the save status was missing from the Title bar.

Get more info about Version 2409 (Build 18025.20104).

Version 2409 (Build 18025.20096)

Release date: September 23, 2024

This build improves the user experience for selecting which users should have which permissions when a sensitivity label configured for user-defined permissions is applied to a file or when configuring standalone Information Rights Management through the Restrict Access feature. This change affects Excel, PowerPoint, and Word.

The build also fixes a variety of bugs, including one in Word in which Document Mode would switch from “editing” to “viewing” if user enabled “Track Changes” and set “For Everyone.”

Get more info about Version 2409 (Build 18025.20096).

Version 2408 (Build 17928.20156)

Release date: September 10, 2024

This update will remove Flip video support when the service goes offline on October 1, 2024. The build also includes a variety of security updates. Go here for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2408 (Build 17928.20156).

Version 2408 (Build 17928.20114)

Release date: August 26, 2024

This build allows you to disable connected experiences for privacy concerns without impacting data security policies, such as sensitivity labels. Services associated with Microsoft Purview (e.g., sensitivity labels and rights management) are no longer controlled by policy settings to manage privacy controls for Microsoft 365 Apps. Instead, these services will rely on their existing security admin controls in Purview portals.

The build also fixes a variety of bugs, including one in Outlook that caused default SMIME labels to fail to apply when a user replied to or forwarded an unlabeled message, and one for the entire suite in which people couldn’t install Microsoft 365 apps on an enrolled device.

Get more info about Version 2408 (Build 17928.20114).

Version 2407 (Build 17830.20166)

Release date: August 13, 2024

This build includes a variety of security updates for Excel, Outlook, PowerPoint, Project, Visio, and the entire Office suite. See Microsoft’s Release notes for Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2407 (Build 17830.20166).

Version 2407 (Build 17830.20138)

Release date: August 1, 2024

This build fixes a wide variety of bugs, including one in which coauthoring on text boxes in Excel sometimes gave unexpected results, another in PowerPoint in which line widths were not preserved when exporting arrow shapes to PDF, and another in Word in which revisions were sometimes skipped when reviewing using VBA.

Get more info about Version 2407 (Build 17830.20138).

Version 2406 (Build 17726.20160)

Release date: July 9, 2024

This build fixes several bugs, including one in Word and Excel in which characters don’t appear correctly in Text Box Gallery. It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2406 (Build 17726.20160).

Version 2406 (Build 17726.20126)

Release date: June 26, 2024

This build fixes a wide variety of bugs, including one in which Excel documents might be unexpectedly edited when a mandatory sensitivity label has not been applied, one that caused Outlook to exit unexpectedly shortly after launch for some users, and one in which pasting data from Word or Excel to an Outlook template as a link would cause an error message to appear.

Get more info about Version 2406 (Build 17726.20126).

Version 2405 (Build 17628.20164)

Release date: June 19, 2024

This build includes a variety of unspecified bug and performance fixes.

Get more info about Version 2405 (Build 17628.20164).

Version 2405 (Build 17628.20144)

Release date: June 11, 2024

This build fixes one bug, which prevented users from sending mail for a few hours after updating add-ins with on-send events. It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2405 (Build 17628.20144).

Version 2405 (Build 17628.20110)

Release date: May 30, 2024

This build fixes a wide variety of bugs, including one in Excel in which an embedded workbook in .xls format might not have closed properly, one that that caused Outlook to close when using Copilot Summarize, one in Word in which content controls may have been removed when coauthoring, and one for the entire Office suite in which the Organization Chart Add-In for Microsoft programs was not loading properly.

Get more info about Version 2405 (Build 17628.20110).

Version 2404 (Build 17531.20152)

Release date: May 14, 2024

This build fixes a number of bugs, including one in Word where content controls might be removed when coauthoring, and one that caused Sovereign users to be unable to create ToDo tasks from Outlook.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2404 (Build 17531.20152).

Version 2404 (Build 17531.20140)

Release date: May 7, 2024

This build fixes two bugs in Outlook, one in which it closed unexpectedly using the Scheduling Assistant when creating a new meeting or viewing an existing meeting, and another that caused add-in developers to hit timeouts when retrieving notifications from an Outlook client context.

Get more info about Version 2404 (Build 17531.20140) .

Version 2404 (Build 17531.20120)

Release date: April 29, 2024

This build reduces workbook size bloat from unnecessary cell formatting with a new “Check Performance” task pane. In addition, it fixes a wide variety of bugs, including one in Excel in which the default font could not be set; one in Outlook in which custom forms from MAPI form servers stopped responding; one in PowerPoint in which online videos did not play in some cases; one in which when opening certain Word documents would cause the error, “Word experienced an error trying to open the file”; and one in which the Office update installer appeared to be unresponsive.

Get more info about Version 2404 (Build 17531.20120) .

Version 2403 (Build 17425.20176)

Release date: April 9, 2024

This build fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2403 (Build 17425.20176).

Version 2402 (Build 17328.20184)

Release date: March 12, 2024

This build fixes three bugs: one in which Access closed unexpectedly, one in which Excel closed unexpectedly when opening files with pivot tables and table design in macro-enabled files, and one in which Word closed unexpectedly when the undo function was used.

This build also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2402 (Build 17328.20184).

Version 2402 (Build 17328.20162)

Release date: March 4, 2024

This build fixes several bugs, including one that crashed Outlook when a link was clicked on, and another for the entire Office suite in which opened Office apps didn’t automatically start when a laptop was reopened, and an error message appeared after manual relaunch.

Get more info about Version 2402 (Build 17328.20162).

Version 2402 (Build 17328.20142)

Release date: February 28, 2024

This build fixes a variety of bugs, including one that caused Outlook to exit unexpectedly when expanding a conversation in the search results from a search of “All Mailboxes,” and another in which users were not able to create a bullet list with hyphens in PowerPoint.

Get more info about Version 2402 (Build 17328.20142).

Version 2401 (Build 17231.20236)

Release date: February 13, 2024

This build fixes several bugs, including one in which macros were being corrupted when saving Excel files and another that affected the entire Office suite in which add-ins would not load after Click trust for content add-in was selected.

This build also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2401 (Build 17231.20236).

Version 2401 (Build 17231.20194)

Release date: February 1, 2024

This build fixes a single bug in which expanded groups in the message list collapsed when users changed which column they were arranged by.

Get more info about Version 2401 (Build 17231.20194).

Version 2401 (Build 17231.20182)

Release date: January 30, 2024

This build fixes a wide variety of bugs, including one in which Excel would stop responding when saving changes, one in PowerPoint in which Notes and Slide layout would open with incorrect proportions when a file was opened from a protected view, and one in Word in which comment cards appeared too wide and cut off text when changing or switching the screen in use.

Get more info about Version 2401 (Build 17231.20182).

Version 2312 (Build 17126.20132)

Release date: January 9, 2024

This build fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2312 (Build 17126.20132).

Version 2312 (Build 17126.20126)

Release date: January 4, 2023

This build introduces a new sensitivity toolbar in Word, Excel, and PowerPoint that helps users understand the security policies that apply to their documents. It’s available when users are creating copies of their documents in File / Save As. In addition, Office now had a new default theme, which Microsoft says is “more modern and accessible.”

It also fixes a wide variety of bugs, including one in Excel in which Custom Menu text was truncated when right-clicking in a cell, one in PowerPoint in which restoring a previous version of a presentation was not working as expected when using Version History, and one in Word in which the content control end tag was marked at the end of the document automatically if the document was edited in Word Online and then opened in Word desktop.

Get more info about  Version 2312 (Build 17126.20126).

Version 2311 (Build 17029.20108)

Release date: December 12, 2023

This build fixes one bug in Outlook, in which the message list was blank when switching between the “Focused” and “Other” views.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2311 (Build 17029.20108).

Version 2311 (Build 17029.20068)

Release date: November 29, 2023

This build automatically inserts image captioning for Excel’s images. When you insert an image into a spreadsheet, accessibility image captioning is automatically generated for you.

It also fixes a wide variety of bugs, including one in Excel in which list box controls would not respond to mouse clicks after scrolling using the mouse wheel, and one in Word in which the language of a presentation was not retained when saving or exporting the presentation to a PDF file.

Get more info about Version 2311 (Build 17029.20068).

Version 2310 (Build 16924.20150)

Release date: November 14, 2023

This build fixes several bugs, including one in which Outlook failed to comply with the default browser settings for some users, and another in which new lines were added to an Outlook signature when pressing Enter in the body of the email.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2310 (Build 16924.20150).

Version 2310 (Build 16924.20124)

Release date: Oct. 31, 2023

This build fixes a bug that caused Outlook to exit unexpectedly when clicking the More link in the Search results list.

Get more info about Version 2310 (Build 16924.20124).

Version 2310 (Build 16924.20106)

Release date: Oct. 25, 2023

In this build, the Teams Meeting App works in Outlook, too. With it, you’ll be able to configure a meeting app while scheduling an invite in Outlook. The meeting app will be ready to use when you chat or join the meeting on Teams.

A wide variety of bugs have also been fixed, including one in Excel where certain Pivot Tables would load slowly; one in which OneNote would close unexpectedly when rapidly navigating from one .PDF file to another .PDF file between different sections, or when performing an undo operation on a .PDF printout insertion; and one in the entire Office suite that caused unexpected black borders to appear around screen captures added with the Insert Screenshot functionality.

Get more info about Version 2310 (Build 16924.20106).

Version 2309 (Build 16827.20166)

Release date: October 10, 2023

This build fixes two bugs, one in which users were missing their Outlook add-ins, and another in Word in which subheading numbering with a custom Style would disappear if the file was saved and reopened. It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2309 (Build 16827.20166).

Version 2309 (Build 16827.20130)

Release date: September 28, 2023

This build introduces two new features, including the ability to disable specific types of automatic data conversions in Excel and support for the “Present in Teams” button to present local files in PowerPoint Live in Microsoft Teams.

Several bugs have also been fixed, including one in which the setting to control how Outlook opens previous items at start-up was missing from the Options window, and another in Word in which the Add-ins tab was not visible when using custom toolbar information.

Get more info about Version 2309 (Build 16827.20130).

Version 2308 (Build 16731.20234)

Release date: September 12, 2023

This build fixes several bugs, including one that caused Outlook to close unexpectedly when viewing an email, and another in PowerPoint in which the presenter view slide section zoomed in and out when zooming in the notes section.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2308 (Build 16731.20234).

The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures. "LOSTKEYS is capable of stealing files from a hard-coded list of extensions and directories, along with sending system information and running processes to the attacker," the Google Threat

The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures. "LOSTKEYS is capable of stealing files from a hard-coded list of extensions and directories, along with sending system information and running processes to the attacker," the Google Threat Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system. "This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an

Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system. "This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

OpenAI, acting as part of the US government-led Stargate AI project, on Wednesday rolled out a program called OpenAI for Countries. The idea is for Stargate to help other countries create their own genAI environments, including data centers and genAI models.

But analysts argue that other countries might be hesitant to join a US government-led effort, given the sensitive issues of data privacy and business intellectual property.

Alvin Nguyen, a senior analyst with Forrester, said that this might not be the ideal time to champion the United States as the technology beacon to emulate.

“If it is tied to the US government, there will be questions in terms of what gets shared to move the models forward. That is going to be important,” Nguyen said. OpenAI “may not be able to fully separate itself from Stargate.”

Nguyen said that various governments might want to explore alternative approaches to partnering with a US government-led effort. “I don’t know if that is in their interest right now, given the state of geopolitics.”

Gartner analyst Arun Chandrasekaran agreed. 

“Several countries already have parallel sovereign AI efforts, and whether they choose to partner with OpenAI is yet to be seen,” Chandrasekaran said. “Countries are striving to create a vibrant AI ecosystem that isn’t dependent on a single provider – which is an undercurrent that OpenAI and its partners need to navigate.”

Chandrasekaran added, “there is not a compelling reason that this would resonate [with other countries]. OpenAI has a very steep chasm to cross in terms of convincing these customers about the data sovereignty aspect. This is not going to be an easy thing to pull off.”

The statement issued by OpenAI was not clear whether the effort is solely from OpenAI or from the US government-led coalition for AI called Stargate, which has as charter members OpenAI, Oracle, and Softbank. It appeared to be introduced by OpenAI, but with OpenAI acting as a key member of Stargate and not on its own as an AI vendor. 

The statement said that the initiative is in response to requests from foreign governments.

“We’ve heard from many countries asking for help in building out similar AI infrastructure—that they want their own Stargates and similar projects,” it said. “It’s clear to everyone now that this kind of infrastructure is going to be the backbone of future economic growth and national development.”

The statement did not identify any of these countries, and OpenAI did not respond to a Computerworld request for an interview.

Statement phrasing ‘could prove unhelpful’

Analysts and other industry observers said that the language OpenAI used in the statement might itself cause hesitation among potential government partners, especially in Europe.

“We want to help these countries, and in the process, spread democratic AI, which means the development, use and deployment of AI that protects and incorporates long-standing democratic principles,” the statement said. “We believe that partnering closely with the US government is the best way to advance democratic AI” and “provide a clear alternative to authoritarian versions of AI that would deploy it to consolidate power.”

Forrester’s Nguyen said the phrasing might prove unhelpful to OpenAI’s sales efforts. “Saying ‘US led’ and ‘Democratic AI,’ that may not be universally desired by every government, every country out there,” Nguyen said.

The OpenAI for Countries effort includes several elements, including helping to build “in-country data center capacity,” delivering “customized ChatGPT,” and to “raise and deploy a national start-up fund.” 

In exchange, the statement said, “partner countries also would invest in expanding the global Stargate Project—and thus in continued US-led AI leadership and a global, growing network effect for democratic AI.”

The statement said that the group’s goal “is to pursue 10 projects with individual countries or regions as the first phase of this initiative and expand from there.”

Another benefit to OpenAI in this effort would be the opportunity to gather as much non-English data as possible to train future model versions. The lack of non-English training data has weakened the effectiveness of the genAI models from just about all of the major model makers. 

Data protection crucial

Christian Khoury is the CEO of a Toronto-based AI company called Easy Audit, which sells compliance automation platforms. 

“Most genAI models outside English are half-baked at best. I’ve seen firsthand how broken these tools get when applied to anything multilingual or local,” Khoury said. “OpenAI acknowledging that and putting serious resources into solving it is a big deal.”

Khoury argued that data protections are going to be critical if OpenAI’s global efforts have a chance of working.

“The countries that are going to be implementing and installing OpenAI models need real data sovereignty with enforceable contracts,” Khoury said, acknowledging that it can be challenging to enforce legal contracts across national borders.

“There’s a fine line between infrastructure support and digital colonization. If these partnerships are just democracy-washed ways to expand US AI dominance, countries will catch on fast,” Khoury added. “To make this work, OpenAI has to treat local data, languages, and governance as assets and not just variables to plug into a US-built model. Sovereign AI means local control, not just local hosting.”

He also said that he is “watching how this plays with their safety commitments. ‘Democratic AI’ sounds great, but the hard part is making sure it can’t be quietly flipped to authoritarian ends down the line. Infrastructure is easy. Guardrails are hard. The world doesn’t need another digital Belt and Road.”

To make it work, Khoury said, “third-party audits need to happen and I need to choose my own third-party auditors to have red teams to stress test the models for bias and manipulation. We are trying to avoid US intelligence tampering with the model.”

Khoury stressed that data protections must not only be strict, but must be transparent. 

“Who gets to keep what data? And how are you protecting those things? What measures are being put in place to safeguard each country’s intellectual property?” Khoury asked. “How do you install a fence around that data to ensure that it doesn’t get out?”

Brian Jackson, principal research director at Info-Tech Research Group, also questioned how foreign governments would view OpenAI’s take on data sovereignty.

“OpenAI says it would help countries build sovereign data center capacity. But would a data center built with a foreign partner truly be trusted as sovereign?” he asked. “And OpenAI says it will raise and deploy a national start-up fund that includes its own capital. But would we really expect that fund to be supportive of local AI efforts to compete with OpenAI offerings? The conflicts of interest are apparent and problematic.”

Victor Tabaac, the chief revenue officer at AI consulting firm All In Data, agreed that data controls are where this OpenAI effort will go. 

“Governments will demand control over data and outputs, potentially creating conflicts with OpenAI’s principles. There’s also a risk of vendor lock-in, as countries may prefer open-source alternatives,” Tabaac said. “Partnering with governments isn’t just about better data—it’s a geopolitical minefield. Countries will demand control over how models are trained and used. Will they allow Saudi Arabia to censor outputs on religion? Or let the EU retroactively edit models under GDPR? Transparency will make or break trust here.”

Potential conflict of interest

Jackson pointed out that there are plenty of potential conflicts of interest in what OpenAI said it was trying to do.

“OpenAI is saying that it can help govern AI or evolve ‘security and safety controls.’ However, clearly, as a company that stands to profit from AI adoption, there could be a conflict of interest here. If this partnership program is successful, it continues a trend that we’re seeing away from public sector-supported frameworks to govern technology and toward private-sector best practices,” he said. “We should also consider how seriously other countries will take OpenAI’s claim that it will be an ally in providing democratic AI, something it hasn’t even clearly defined. It makes it clear that its primary partner is the US government. What are other countries that have recently entered into trade disputes or even more serious conflicts with the US to make of that association?”

Jackson felt particularly strongly about where the current AI trends may lead if OpenAI delivers on its stated goals.

“Let’s look at it from the perspective of the services that OpenAI is offering to bring to citizens through partnering with governments. There’s a concept called disintermediation, which examines how technology companies are usurping the relationships that democratic governments have with their citizens by providing the key information and services that citizens historically depended on the state for. What OpenAI is proposing would without a doubt represent a power shift from the state to a private company for a pretty considerable range of informational interactions,” he said. “For example, OpenAI suggests it could provide ‘customized ChatGPT to citizens,’ which would localize language and imbue cultural considerations into the service. The implication is that the partner government would then use this platform to deliver some set of services to those citizens. However, instead of [the government] owning the relationship with citizens, OpenAI captures that.”

The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump. [...]

After announcing in February that Skype would be discontinued, Microsoft has officially killed off the once-popular communications platform. Users accessing any of Skype’s services will now be encouraged to use Microsoft Teams instead.

Microsoft originally bought Skype for $8.5 billion in 2011 to replace its own Windows Live Messenger platform. Skype was founded in 2003 by Niklas Zennström and Danish Janus Friis.

Skype quickly became known as the communications platform that popularized video calls. But after Microsoft’s purchase, the software slowly but surely lost users as video calls became increasingly available on more platforms.

Microsoft started to merge Skype with Teams in 2017, and the focus on Teams further accelerated when remote working became the norm during the COVID-19 pandemic.

PowerSchool is warning that the hacker behind its December cyberattack is now individually extorting schools, threatening to release the previously stolen student and teacher data if a ransom is not paid. [...]

A new phishing kit named 'CoGUI' sent over 580 million emails to targets between January and April 2025, aiming to steal account credentials and payment data. [...]

Should Apple have abandoned its lawsuit against Israeli mercenary spyware vendor NSO Group — the company it once described as, “21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.” Perhaps not, but it’s still heart-warming to learn NSO has been slammed with a huge $168 million fine for spying on WhatsApp.

Mercenaries in your machine

The NSO is one of the most renowned of a multitude of surveillance-as-a-service companies exploiting complex and expensive hacks to break into people’s digital devices and spy on them, frequently for oppressive governments.

That the spyware sector is thriving is a grim reflection of our deeply amoral age. Its existence should encourage everyone to invest in more security, rather than demand less, even at the encryption-eroding UK Home Office. But, I digress.

NSO Group broke into the mainstream in 2019 when reports emerged showing the extent to which its Pegasus spyware had been used against 1,400 WhatsApp messages in addition to attacks against iPhones. 

Pegasus was an insidious attack that, once installed, granted total access to compromised devices. It turned people’s phone records, emails, messages, video content, and location data into open books, and could even be used to activate cameras and microphones to engage in remote surveillance.

Litigation potentially raised the risk

Both Apple and Facebook began litigation against NSO Group, but Apple withdrew its attempt last year, arguing that continuing in the claim could undermine the systems it has built to secure its ecosystem. “While Apple continues to believe in the merits of its claims, it has also determined that proceeding further with this case has the potential to put vital security information at risk,” it told the court.

WhatsApp continued its case, which it has now won, winning what sounds like a lot: $168 million in compensation. 

Since then, NSO Group and others like it have been embroiled in numerous attacks against a huge range of targets, including human rights protectors, opposition parties, dissidents, journalists and others on behalf of a range of governments, including those with very poor human rights records. 

That’s not how the company sees itself, of course. “We firmly believe that our technology plays a critical role in preventing serious crime and terrorism and is deployed responsibly by authorized government agencies,” said NSO spokesman Gil Lainer via email. 

Is that right?

Meta claims NSO repeatedly targeted people involved in its case against the company, which undermines the claim to be on the right side of history. The legal defenses it put up in court were equally evasive.

The company delivers attacks that are complex, sophisticated, and cost a lot of money to mount, which means most people don’t need to worry about being attacked this way, while those that do should be using Apple’s Lockdown Mode. These attacks often require no user input whatsoever and can begin with a missed call or an unrequested message. 

With many thousands of people seemingly affected by these attacks, and with OS providers shouldering the additional cost of mitigating against such attacks, it’s pretty clear NSO Group will likely see the fine as a small tax on earnings. 

This fine is small change

The thing is, $168 million may well be peanuts to NSO Group. Six years ago, The New York Times reported that the market for digital espionage systems of this kind had already reached past $12 billion. Just last year, it was reported the company charged a “standard price” of $7 million for simultaneous access to hack 15 devices. 

Targeting individuals outside of national borders cost people $1 million or $2 million dollars a pop. (These exploits were widely used internationally — even the CIA and FBI used the software, paying more than $7 million for the privilege, before its use was banned.) 

But the company wasn’t just generating plenty of money in exchange for undermining digital security for one or two individuals, it’s been implicated in smashing the digital windows belonging to thousands of people. 

No one is safe until everyone is safe

For enterprise users, the implications are stark. It means that if you or your business is involved in some way with national security or possesses unique business secrets, you can no longer assume your data is at all safe. For as long as companies such as NSO Group exist, your data is just waiting for a competitor to pick up the phone, cough up the cash, and get some mercenary spyware company to break it out. This seems a very sub-optimal reality in digital transformation.

Rather than stopping the company in its tracks, the fine could just cause NSO to raise prices a little, I imagine. The risk remains and is real. And these attacks will trickle down.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. [...]

The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. [...]

A U.S. federal jury has ordered Israeli spyware vendor NSO Group to pay WhatsApp $167,254,000 in punitive damages and $444,719 in compensatory damages for a 2019 campaign that targeted 1,400 users of the communication app. [...]

Passwords alone aren't cutting it—31% of breaches involve stolen credentials. Learn from Specops Software about how Universal 2nd Factor (U2F) and strong password policies can work together to keep your organization secure. [...]