Agregátor RSS

Pronajímatel chtěl po bývalém nájemci nájemné za dobu, kdy už byt užíval někdo jiný. Ústavní soud mu dal za pravdu jen částečně.

Minule jsme spustili základní infrastrukturu pro běh našich služeb. Nyní se podíváme na dva nástroje, které nám společně zajistí bezpečné zálohování. Kopia pořídí snímek dat a Rclone vše přesune do úložiště.

Popíšeme si VBI, tedy Vertical Blank Interrupt. Jde o subrutiny volané po dokončení vykreslování snímku, či na začátku vykreslování dalšího snímku. Mnohé hry mají své jádro (kernel) implementované právě přímo ve VBI.

Google na podzim představí svůj Googlebook, notebook, který míří výš než Chromebooky. Intel se nechal slyšet, že pro tento produkt bude dodávat vlastní procesory…

…aneb Představení sauropoda rodu Omeisaurus

„Důrazně žádáme všechny uživatele, aby robota nijak nebezpečně neupravovali ani nepoužívali riskantním způsobem.“ S tímhle slibným sloganem jde na trh půltunový mecha bot GD01 čínských Unitree. Můžete si ho pořídit za 650 tisíc dolarů, vlézt do něj a dělat všechny ty mecha věci.

The Iran-linked hacking group MuddyWater (a.k.a. Seedworm, Static Kitten) launched a broad cyber-espionage campaign targeting at least nine high-profile organizations across multiple sectors and countries. [...]

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacker to execute arbitrary code. [...]

Security vulnerabilities in MCP servers for three popular database projects could let attackers execute unintended SQL statements on Apache Doris, exfiltrate sensitive metadata from Alibaba RDS, and potentially take over Apache Pinot instances exposed to the internet. Alibaba, meanwhile, declined to patch its flaw. Apache issued a patch and a CVE tracker for Doris MCP, and there’s an open ticket in the MCP Pinot Github repository for the flaw, we're told. However, Alibaba decided not to patch the vulnerability in RDS MCP, according to Akamai security analyst Tomer Peled, who wrote about the flaws on Tuesday and will present his full research next month at x33fcon. MCP, or Model Context Protocol, is an open source protocol originally developed by Anthropic that allows LLMs, AI applications, and agents to connect to external data, systems, and one another. While security issues are never a good thing - and they are especially concerning when they exist in a server sitting between an AI agent and a production database, these in particular point to a larger problem in the way MCPs are developed. “There is missing or faulty security validation between the MCP server and its back end,” Peled wrote, adding that these security “gaps will become high-value targets for attackers and we expect more of these issues to surface.” Here’s a closer look at all three, starting with the flaw that has since been fixed and assigned a CVE. Apache Doris is a high-speed analytics and search database with more than 10,000 mid- and large-enterprise users. Its MCP server allows AI agents to interact with and perform operations on Doris instances. This includes SQL queries or retrieving table and schema metadata - and foreshadows the found flaw: CVE-2025-66335, a SQL injection vulnerability, that affects Apache Doris MCP Server versions earlier than 0.6.1. When an MCP tool is called, the server’s “exec_query” function fails to validate one of the five parameters (the db_name parameter) before constructing the SQL query. This means an attacker can invoke the function and inject malicious SQL through the db_name parameter, which gets prepended to the beginning of the final SQL statement. Plus, the SQL validator only checks the first portion of the query, so all it sees is the attacker’s directive. “As a result, any attacker that gains access to a client connected to the Doris MCP server can execute arbitrary commands on the victim’s Apache Doris instance,” Peled said. Apache issued a patch in December to fix this flaw. The second issue, an authentication validation bypass in Apache Pinot MCP, can also lead to SQL injection attacks and full database takeover. Apache Pinot is another super-fast analytics database, and StarTree’s MCP integration for Pinot before v2.0.0 allowed users to run queries directly from their AI agent against their Pinot instance. The open-source project uses HTTP as the transport layer without requiring any type of authentication. This exposes the endpoint to remote attackers who can reach it, allowing them to invoke MCP tools, including those used for SQL execution. “In environments where the MCP endpoint is reachable externally, this behavior allows unauthenticated attackers to execute queries against the Pinot instance, which can allow a full remote takeover of the database,” Peled wrote. StarTree has since added OAuth as an authentication option when using HTTP, which he says lowers the threat of SQL injection (but it still exists in the code), and Apache has also opened a security issue in the MCP Pinot github repository. Pinot MCP v1.1.0 and earlier versions are affected. Neither Apache nor StarTree responded to The Register’s requests for comment. The third security flaw, an information disclosure issue in the Alibaba RDS MCP server, also stems from the server not authenticating users before invoking the retrieval-augmented generation (RAG) MCP tool, which allows AI models to connect with and query databases. This means “any client able to reach the MCP endpoint can issue requests to the server without any query validation,” according to Peled. “The vector index may contain table names, schema definitions, or other potentially sensitive metadata, and unauthenticated attackers can exfiltrate this data with little or no effort." All versions of Alibaba RDS MCP are affected by this vuln. The bug hunter says that he reported the issue to Alibaba in November, and the cloud giant told him the issue is “not applicable” for a fix - so it’s still in the codebase. Akamai also reported this inaction to the CERT Coordination Center (CERT/CC). Alibaba did not respond to The Register’s inquiries. Peled said that the threat-hunting team, upon starting this investigation, assumed that there would be some baseline security specification for all MCP servers. Turns out they were wrong, and as the research found, flaws like SQL injection, missing authentication, and insufficient query validation exist in the code. “This means that more attention should be given not just to the specification but also to the best security practices guides when developing secure MCP servers,” he wrote.®

There are conflicting signals about whether AI is creating or destroying jobs, though many companies have blamed the technology for recent cuts. 

Analysts and industry experts say the reality is more nuanced: jobs being lost now to AI will likely reappear elsewhere, especially for those with hands-on AI experience.

In other words, while AI may be reshaping the labor market, it is not eliminating the need for talent. “We are seeing a shift toward the type of talent employers need and the expectations they have for impact,” said Kye Mitchell, head of Experis US.

Though hiring for entry-level jobs is under pressure as AI absorbs more routine work, that doesn’t eliminate opportunity, she said. “It changes the expectations. Employers now expect candidates to come in with hands-on experience, AI familiarity, and the ability to contribute faster.”

While reductions in headcount are real, the savings from cutting those jobs will reappear elsewhere in hiring for other roles or tasks, said Deepak Seth, senior director analyst at Gartner.

For example, though Claude Code might help IT leaders reduce the number of developers they have on hand, one faulty software rollout could lead to new hiring to fill gaps, Seth said. “Maybe you need to hire more quality testers in another group. Maybe you need to hire more people to train people on how to use these tools,” Seth said.

One thing seems clear: AI is indeed affecting young workers and suppressing entry-level wages. And it goes companies a rationale to do layoffs.

Many big tech companies are attributing large job cuts to AI, Andy Challenger, workplace expert and chief revenue officer for Challenger, Gray & Christmas, said in a May 7 blog post. 

April was particularly brutal for AI-related layoffs, with some top IT firms cutting positions due to efficiencies from AI. “They are also often citing AI spend and innovation. Regardless of whether individual jobs are being replaced by AI, the money for those roles is,” Challenger said.

Opinions vary among workers about whether AI is taking jobs away, according to a study published last month by ADP Research and the Stanford Digital Economy Lab.

Though young workers are especially worried AI will slow job creation in some sectors, more experienced workers are sanguine about losing their jobs, Stanford and BCG said in separate studies.

“There appears to be less cause for concern about widespread job displacement … particularly those in occupations with high experience premiums in which AI is likely to complement the worker’s tacit knowledge,” BCG said in its study “AI will reshape more jobs than it replaces.”

LinkedIn in a January labor report went a step further and projected that AI had created 1.3 million new jobs globally. The jobs were in the areas such as data annotators, forward-deployed engineers and AI engineers.

Microsoft cited the LinkedIn report in its recent Work Trend Index study, and said AI is  creating a new operating model allowing companies to be smarter and more efficient.

But the company sidestepped the larger issue of how AI is affecting the job market. “Some jobs will change. Some will go away. And many that don’t exist yet will emerge,” Microsoft said in the study.

Po zranitelnostech Copy Fail a Dirty Frag přichází zranitelnost Fragnesia. Další lokální eskalace práv na Linuxu. Zatím v upstreamu neopravena. Přiřazeno ji bylo CVE-2026-46300.

Každý měsíc vybíráme nejlepší chytré hodinky v několika kategoriích • Dělíme je podle zaměření, ale i podle propojení s mobilními systémy • Nezapomněli jsme ani na fitness náramky

Která klasická webová mapa se vám líbí nejvíce? • Srovnali jsme sedm velkých služeb v několika situacích. • Jak si vedou Apple, Google, Microsoft, Here, OSM a české Mapy.com a Locus?

A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a privilege-escalation flaw. [...]

The anonymous security researcher who has already maliciously exposed three Windows zero-days this year has revealed two more, dropping them just after Microsoft's monthly Patch Tuesday update. Nightmare-Eclipse, or Chaotic Eclipse, depending on which of their aliases you prefer, released details about YellowKey and GreenPlasma - respectively a BitLocker bypass and a privilege escalation flaw, handing SYSTEM access to attackers. Experts speaking to The Register warned that both vulnerabilities present serious security concerns, especially since Nightmare-Eclipse released substantial technical information about exploiting them. Nightmare-Eclipse described YellowKey as "one of the most insane discoveries I ever found." They provided the files, which have to be loaded onto a USB drive, and if the attacker completes the key sequence correctly, they are granted unrestricted shell access to a BitLocker-protected machine. When it comes to claims like these, we usually exercise some caution, as this bug requires physical access to a Windows PC. However, seeing that BitLocker acts as Windows' last line of defense for stolen devices, bypassing the technology grants thieves the ability to access encrypted files. Rik Ferguson, VP of security intelligence at Forescout, said: "If [the researcher's claim] holds up, a stolen laptop stops being a hardware problem and becomes a breach notification." Despite the physical access requirement, Gavin Knapp, cyber threat intelligence principal lead at Bridewell, told The Register that YellowKey remains "a huge security problem for organizations using BitLocker." Citing information shared in cyber threat intelligence circles, he added that YellowKey can be mitigated by implementing a BitLocker PIN and a BIOS password lock. Nightmare-Eclipse hinted at YellowKey also acting as a backdoor, allegedly injected by Microsoft, although the people we spoke to said this was impossible to verify based on the information available. The researcher also published partial exploit code for GreenPlasma, rather than a fully formed proof of concept exploit (PoC). Ferguson noted attackers need to take the code provided by the researcher and figure out how to weaponize it themselves, which is no small task: in its current state it triggers a UAC consent prompt in default Windows configurations, meaning a silent exploit remains a work in progress. Knapp warned that these kinds of privilege escalation flaws are often used by attackers after they gain an initial foothold in a victim's system. "These elevation of privilege vulnerabilities are often weaponized during post-exploitation to enable threat actors to discover and harvest credentials and data, before moving laterally to other systems, prior to end goals such as data theft and/or ransomware deployment," he said. "Currently, there is no known mitigation for GreenPlasma. It will be important to patch when Microsoft addresses the issue." Four, five… and more? YellowKey and GreenPlasma are the latest in a series of five Microsoft zero-day bugs the researcher has exposed this year. When Nightmare-Eclipse released BlueHammer (CVE-2026-32201, 6.5) - patched by Microsoft in April - they were described as a disgruntled researcher who has since been rumored to be a former Microsoft employee. According to their maiden blog post under the Chaotic Eclipse alias, the bug leak began after an alleged violation of trust. "I never wanted to reopen a blog and a new GitHub account to drop code," they wrote. "But someone violated our agreement and left me homeless with nothing. They knew this will happen and they still stabbed me in the back anyways, this is their decision not mine." In early April, the researcher leaked proof-of-concept code for Windows Defender exploits they called RedSun and UnDefend - another admin privilege escalation bug and denial-of-service flaw, respectively - as well as BlueHammer. Both RedSun and UnDefend remain unfixed, and according to Huntress, the proof-of-concept code released was quickly picked up and abused in real-world attacks. Ferguson described the exposure of YellowKey and GreenPlasma as the latest in an escalating, retaliatory campaign against Microsoft, and warned of more coming. "Prior releases include BlueHammer and RedSun, both of which attracted serious community attention and real forks," he said. "The same post linking yesterday's releases warns of another Patch Tuesday surprise and hints at future RCE disclosures. They claim to have a dead man's switch with more ready to go. This researcher has followed through on every prior threat." ®

Tomorrow's webinar examines why prevention alone is no longer enough against modern cyberattacks. The session explores how organizations combine security, backups, and recovery planning to improve cyber resilience after attacks. [...]

Microsoft has addressed a known issue causing some Windows 11 systems to boot into BitLocker recovery after installing the April 2026 Windows security updates. [...]

Apple’s key manufacturing partner Foxconn has confirmed its US factories suffered a ransomware attack in recent days after the gang responsible claimed to have stolen 8TB of data from the company — including confidential Apple information.

This isn’t the first attack to hit Foxconn, and such is the scale and value of the company that it is unlikely to be the last. Criminals understand the value of the information it has and see it as a prime target. That it is an industrial company actively deploying smart factory infrastructure across its premises just makes it an even more interesting challenge; what happens if the machinery itself is attacked?

Industrial defenses have improved; so have attacks

In practice, most large industrial facilities are moving to secure their own internal factory networks using technologies such as SD-WAN, private 5G networks, network segregation, isolation of production environments from the corporate network, and active monitoring against threats to factory machinery. All the same, attackers always hope that complex, well-planned combination exploits will find some way into even those most private and secure portions of corporate systems.

What happened at Foxconn

In this particular case, it doesn’t look as if the attack was made against connected industrial equipment at Foxconn. Wired reports a little of the events that took place:

• The attack was identified on May 1.
• Foxconn’s network collapsed.
• Wi-Fi failed first, then the disruption extended to core plant infrastructure.
• As the attack unfurled, workers were told to switch off their computers.
• They were also instructed not to log back in under any circumstances.
• There were previous attacks on other Foxconn facilities and subsidiaries, suggesting regular assaults on the company.

The attackers claim to have stolen key confidential data belonging to Foxconn clients, though sample files published by them don’t seem to include any Apple-related materials.

While it is easy to get lost in the shock value of what seems to be a successful attack against an Apple supplier, the underlying story should be a warning to every company as it highlights the febrile nature of the current threat environment.

The data is clear: factories are targets now

Recent security analyses have confirmed that attacks against the manufacturing sector are particularly severe. The IBM X-Force Threat Intelligence Index 2025 described manufacturing as the most targeted industry across four successive years. Dragos claims 70% of ransomware attacks have affected the sector, and the ENISA Threat Landscape raises similar alarms.

Attackers are highly focused on this sector for many reasons. They see the money potential of ransomware attacks and the reality that industrial operations can’t afford downtime, which means they become more likely to pay their way out of trouble. (That’s not to imply Foxconn has done so, but is more of a general observation.)

Attackers also recognize the fragmented nature of industrial cybersecurity as the industry goes through rapid digital transformation, leaving overall security only as strong as its weakest partner or parts.

Attacks are evolving quickly

It isn’t likely that the threat window will close any time soon. Paul Smith, director of Honeywell Operational Technology (OT) Cybersecurity Engineering warns, “Attackers are evolving fast, leveraging ransomware-as-a-service kits to compromise the industrial operations that keep our economy moving.”  

With new breed AI-augmented attacks expected to increase in volume and capacity in the coming years, the entire sector needs to put the strongest possible mitigations in place now. The continued evolution of nation state-adjacent attackers, likely equipped some day with access to quantum computers to power their exploits, is a real threat to industry and national infrastructure.

Put it all together and the recent attack against Foxconn is less of a story about Apple security and more a klaxon to everyone in the sector that the intensity and proficiency of these attacks is accelerating.

Plan for impact, not perfection

This also means larger entities such as Apple will probably need to introduce and/or enhance their mandatory supplier security guidelines to ensure supply chains have sufficient protection in place against such exploits — and the recognition that even when they do, successful attacks will still take place. 

Foxconn clearly had its own mitigation strategy, as it put this into effect the moment the attack took place then moved to threat analysis and dispatched mitigation teams. But even smaller operators should already know what they will do when attacked. Has your business got plans in place for this? Because the moral of today’s tale is that you should develop them immediately.

First they come for Foxconn. Then, they come for you.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

PimEyes funguje podobně jako vyhledávače používané FBI či jinými orgány. • Nahrajete fotku a on najde danou osobu na veřejně dostupných webech. • Je opravdu přesný, a proto je také snadno zneužitelný ke stalkingu.