Agregátor RSS

Microsoft has fixed a Windows Autopatch bug that caused driver updates restricted by administrative policies to be deployed on some Autopatch-managed Windows devices in the European Union. [...]

Před pár týdny jsme provedli zátěžový test a pitvu jedné z nejprodávanějších USB-C nabíječek na českém trhu. AlzaPower G610CCA Fast Charge 67W nedopadla vůbec špatně, při své kapesní velikosti si totiž bez problému poradí i s menším notebookem a má solidní konstrukci, která vám při zkratu nevypálí ...

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview. MDASH, short for multi-model agentic scanning harness, is designed as a model-agnostic system that uses bespoke AI agents for different vulnerability

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview. MDASH, short for multi-model agentic scanning harness, is designed as a model-agnostic system that uses bespoke AI agents for different vulnerability Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its targeting. The activity has been attributed by Bitdefender with moderate-to-high confidence to a hacking group known as FamousSparrow (aka UAT-9244), which shares some level of

A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its targeting. The activity has been attributed by Bitdefender with moderate-to-high confidence to a hacking group known as FamousSparrow (aka UAT-9244), which shares some level of Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Foxconn, the world's largest electronics manufacturer, says some of its North American factories are now working to resume normal operations after a cyberattack. [...]

Attackers can compromise systems in minutes while patching and response still take hours or days. Picus Security breaks down why autonomous validation is becoming critical for modern defense strategies. [...]

Microsoft has unveiled a new AI-driven vulnerability discovery system that identified 16 previously unknown Windows vulnerabilities, including four critical remote code execution flaws, in what security analysts say could mark a major shift in how software vulnerabilities are discovered and remediated.

The system, codenamed MDASH, was developed by Microsoft’s Autonomous Code Security team alongside the Windows Attack Research and Protection group.

The platform will enter private preview for enterprise customers next month, Microsoft said in a blog post announcing the system.

The vulnerabilities were patched as part of Microsoft’s May 12 Patch Tuesday release.

“Cyber defenders are facing an increasingly asymmetric battle,” Microsoft added in the blog post. “Attackers are using AI to increase the speed, scale, and sophistication of attacks.”

Critical Windows components affected

The four critical vulnerabilities affected core Windows components broadly deployed across enterprise environments, Microsoft said in the blog.

Among them was CVE-2026-33827, a remote unauthenticated use-after-free flaw in the Windows IPv4 stack reachable through specially crafted packets carrying the Strict Source and Record Route option, Microsoft said.

Another flaw, CVE-2026-33824, involved a pre-authentication double-free issue in the IKEEXT service affecting RRAS VPN, DirectAccess, and Always-On VPN deployments.

Two additional critical flaws affected Netlogon and the Windows DNS Client, both carrying CVSS scores of 9.8.

The remaining 12 vulnerabilities rated “Important” included denial-of-service, privilege-escalation, information disclosure, and security feature bypass flaws affecting components such as tcpip.sys, http.sys, ikeext.dll, and telnet.exe, according to Microsoft.

How MDASH orchestrates AI agents

According to Microsoft, MDASH orchestrates more than 100 specialized AI agents across multiple frontier and distilled models, with each agent assigned to a different stage of the vulnerability discovery pipeline.

Some agents scan source code for potential flaws, others validate whether findings are genuine, and another stage attempts to construct triggering inputs capable of reproducing the issue before the finding reaches a human engineer for review.

“The model is one input. The system is the product,” Taesoo Kim, Microsoft vice president for agentic security, wrote in the blog.

Microsoft said the architecture was intentionally designed to remain largely model-agnostic, allowing the company to swap underlying AI models without rebuilding the broader orchestration pipeline.

That detail matters because MDASH arrives only weeks after Microsoft announced Project Glasswing, a partnership involving Anthropic and others to evaluate AI-driven vulnerability discovery using Anthropic’s Claude Mythos Preview model.

“Microsoft is now operating as platform owner, security vendor, AI infrastructure player, OpenAI partner, Mythos integrator, and agentic security supplier,” said Sanchit Vir Gogia, chief analyst at Greyhound Research. “That is a formidable position. It is also a concentration of influence that security leaders must examine with clear eyes.”

AI vs AI vulnerability race

The announcement also highlights growing concern that AI-driven vulnerability discovery could accelerate offensive operations as well as defensive research.

Anthropic has previously said its Mythos Preview model identified thousands of high-severity vulnerabilities, including a decades-old OpenBSD flaw and a long-undetected FFmpeg issue that traditional fuzzing tools failed to uncover despite millions of attempts.

“We’ve entered an AI-versus-AI vulnerability discovery race,” said Sunil Varkey, advisor at Beagle Security. “The winners won’t be the organizations with the best static scanners anymore. They’ll be the ones who can run these agentic systems fastest against their own code and remediate at machine speed.”

Varkey said enterprises should pursue early access to systems such as MDASH where possible rather than waiting for broader commercial availability.

“Early access isn’t just nice-to-have,” he said. “It’s becoming a defensive necessity in the AI era.”

For CISOs, the broader implication may be that vulnerability management is shifting from periodic scanning toward continuous, AI-assisted discovery and remediation.

“The future belongs to security teams that can find, validate, contain, and fix in one governed motion,” Gogia said.

Benchmarks show progress, but analysts urge caution

To support its claims, Microsoft published benchmark results showing MDASH identified all 21 deliberately planted vulnerabilities in an internal Windows test driver without false positives. The company also said the system successfully recovered nearly all historical Microsoft Security Response Center cases tested against older Windows component snapshots.

On the public CyberGym benchmark for vulnerability reproduction tasks, Microsoft said MDASH achieved a score of 88.45%, topping the public leaderboard at publication time.

Gogia said the results show the category is maturing but warned against treating benchmark scores as direct proof of enterprise value.

“CyberGym is a signal, not a buying decision,” he said. “The machinery around the model is beginning to resemble a serious security research workflow.”

He added that many enterprises still lack the governance maturity required to operationalize machine-generated vulnerability discovery effectively.

“Discovery without remediation discipline is theatre,” Gogia said. “It produces dashboards, not resilience.”

This article originally appeared in CSO.

Sovereign Tech Agency (Wikipedie) prostřednictvím svého fondu Sovereign Tech Fund podpoří KDE částkou 1 285 200 eur.

Microsoft says some customers are experiencing issues downloading and installing Office on their Windows 365 devices. [...]

TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register for the Strategic Briefing Here. Most security tools work like a smoke alarm that goes off every time you burn a piece of toast. You get so many alerts that you eventually start to ignore them. The real danger? While

TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register for the Strategic Briefing Here. Most security tools work like a smoke alarm that goes off every time you burn a piece of toast. You get so many alerts that you eventually start to ignore them. The real danger? While [email protected]

Pro sledování obsazení RAM musíte nejdříve aktivovat nabídku pro vývojáře • Snadno odhalíte všechny aplikace s nečekaně vysokými nároky • Zbytečné programy raději rovnou odinstalujte, nucené ukončování nic nevyřeší

Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean time to exploit at an estimated negative seven days. The Verizon 2025 DBIR puts median time to remediate edge device vulnerabilities at 32 days. These numbers have understandably driven the industry toward a clear

Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean time to exploit at an estimated negative seven days. The Verizon 2025 DBIR puts median time to remediate edge device vulnerabilities at 32 days. These numbers have understandably driven the industry toward a clear [email protected]

Google na včerejší akci The Android Show | I/O Edition 2026 (YouTube) představil celou řadu novinek: Gemini Intelligence, notebooky Googlebook, novou generaci Android Auto, …

Well, hell’s bells: It’s finally happening.

After years of misguided rumors and off-base expectations — over a decade’s worth, even! — Google is actually now on the brink of combining Android and ChromeOS into a single superpowered platform for laptops and mobile devices alike.

The company officially announced the advent of an entirely new type of product called the Googlebook as part of its pre-Google-I/O “Android Show” event on Tuesday. According to Google, the Googlebook is “a new category of laptops” that brings together Chrome, the Google Play ecosystem of apps, and “a modern OS that’s designed for Intelligence” (a fancy way to say “there’ll be lots of Gemini AI this-and-thats”).

At their core, Googlebooks appear to sport an interface that’s somewhere between Android as we know it and ChromeOS — with echoes of the 2010-era large-screen-optimized Android 3.0 Honeycomb era — to create what Google seemingly now sees as the future of the laptop experience.

In a lot of ways, Googlebooks seem poised to pick up right where ChromeOS left off — like, for instance, with how they make it easy to both natively install Android apps and stream apps directly from your phone on the computer. They also feature a nifty-sounding new Quick Access system that lets you seamlessly search, view, and work with files from your phone right on the laptop, without even having to do any sharing or transferring.

The Googlebook Quick Access system makes your Android phone’s storage easily accessible from your laptop.

Google

But more than anything, what’s defining Googlebooks at this point is what we don’t know about the devices and the ecosystems around ’em. Google is being deliberately cryptic with what it’s revealing about the setup — which is set to ship sometime “later this year” — as part of this early preview.

And what’ll really tell us the story of this new platform and what it’s all about — as well as the equally important tale of what it signifies for the broader Android and ChromeOS ecosystems and the people, companies, and organizations that depend on those — will be the answers to eight critical questions in areas where Google is thus far staying firmly tight-lipped.

[Get level-headed knowledge in your inbox with my free Android Intelligence newsletter — three new things to try every Friday.]

Specifically:

1. Do Googlebooks run Android?

It’s a pretty simple-seeming question, but somehow, it’s an answer that evades us as of this moment — and that, I’m told, is very much by design.

What we know right now is that Googlebooks are “optimized for the Android ecosystem” and able to run Android apps — but the same is technically true for Chromebooks, and those rely on a completely different operating system.

When I pressed for clarity on this during an embargoed press prebriefing (highfalutin lingo for a small meeting when Google presents info ahead of time to a bunch of writer-type folk in exchange for an agreement that we won’t talk about it until a specific stated date), an executive from the Googlebook team divulged that the devices are “built on the Android tech stack” and combine “the best of Android” with what Google learned from ChromeOS — and, of course, all the more recent Gemini stuff, too.

The Googlebook, as shown in a product mock from Google — with many mysteries remaining beneath that shiny outer surface.

Google

But that still doesn’t tell us if they’re Android devices or something else entirely — with an entirely new custom operating system at their core built for this specific purpose and merely based on Android as a starting point. (When I asked for further clarity a couple more times via email after the event, I eventually was told that Google is leaving those exact details to be answered later.)

And you’d better believe that’s a consequential distinction, as my next two questions illustrate.

2. Will device-makers be allowed to mess around with the operating system, à la Android, or will it be more locked down and consistent like ChromeOS?

Perhaps the biggest point of differentiation between an Android device and a ChromeOS device is that Android — for better or sometimes for worse — is a bit of an open canvas, and each individual device-maker and even carrier is able to take it and modify it for their own needs.

That’s why we see such a dramatic difference in how “Android” looks when you experience it on a Google-made Pixel phone vs. a Samsung-made Galaxy phone, for instance — and also why so many devices come with manufacturer- or carrier-added bloatware that exists solely to make those companies extra money at the cost of your user experience.

From the get-go, Chromebooks were kind of the anti-Android in this way. Google made it clear from day 1 that ChromeOS was a pristine surface that’d be identical no matter what exact device you’re using or who made it. And, with minor exceptions, it’s stuck to that all this time. You can pick up a Chromebook made by HP, Samsung, Acer, or Google and know it’ll look and work more or less the same exact way, with more or less the same exact interface and out-of-the-box experience.

If Googlebooks are truly Android devices, it’d logically follow that they’ll work more like Android — with each manufacturer potentially putting on their own custom spin and revamping the interface as well as adding in additional apps as they see fit. In that scenario, a device made by Samsung is likely to be very different from a device made by HP, Acer, or Google (and so on).

The seemingly technical distinction of what operating system is at the core means everything in this area — and the same is equally true and even more consequential with my next big question.

3. What do those last two questions tell us about Googlebooks’ software support and update expectations?

Whoo, boy — here we go: can of worms time.

Because device-makers are able to modify and control so many parts of the software experience with Android, it’s up to each individual manufacturer to process every new operating system update as it arrives — and then provide that update to its customers.

And you know the deal from there, right? In practice, that means there’s a massive disparity in the speed and reliability of post-sales software support across the Android ecosystem — with some devices always receiving new updates within mere days of their release and others consistently waiting six months to a year or even longer to get increasingly stale software. It’s a serious problem in the Android arena, and it has been for ages now.

And even if you don’t care about the more superficial interface improvements and feature additions, you’d better believe timely software support matters. Operating system updates are packed with vital fixes in areas like privacy, security, and performance. Particularly for professionals, knowing you’re always on the latest available Android version should be a given — not something you need to worry about or an area where you risk realizing you’re half a year behind.

If Googlebooks follow the Android model, it stands to reason that this same disparity will exist among them — and that knowing who makes a device and what their upgrade history looks like will be an incredibly important part of any intelligent buying decision.

If Googlebooks are more their own individual operating system and it’s one that more closely mirrors the ChromeOS concept, then Google itself might handle the heavy lifting with updates and deliver ’em all quickly and universally, without any third-party meddling or reliance.

Again, as of now, we just don’t know, nor do we yet know even what the overall standard will be for software support and update longevity with Googlebooks in general. As you can imagine, the answers to these questions couldn’t be more critical — for professionals and organizations in particular, but also just for regular ol’ individual device owners.

Googlebooks present an entirely new software environment — with lots of unknowns.

Google

Speaking of which…

4. What does the Googlebook’s arrival mean for the future of ChromeOS and Chromebooks? 

Here’s the million-dollar question — or maybe the $14.7 billion question, to be more precise:

With Googlebooks set to start shipping sometime later this year, is ChromeOS effectively kaput? Is Google shifting its focus away from Chromebooks and toward Googlebooks as their de facto replacement?

The answer here gets especially murky. When I raised the subject during the aforementioned briefing, executives were quick to note that they will continue to support all existing ChromeOS devices through their promised lifespans — and that they absolutely were not giving up on the platform or abandoning its users.

That’s important, and it’s great to know. But it still isn’t answering the actual question I’m posing here — which is longer term, if Google intends to continue investing in ChromeOS and creating new Chromebook devices or if that platform and device type is essentially being phased out and supported only in a legacy context, for the products that already exist or are presently under development.

And that’s where I’ve been struggling to get a clear, unambiguous answer. Upon following up with a Google media relations rep to try to gain clarity, I received the following carefully worded statement:

Chromebooks have become an invaluable tool for educational institutions, businesses, and consumers throughout the globe, bringing powerful features, security, and simple-to-use management tools for commercial users. We absolutely intend to continue investing in those experiences and supporting those users. And of course, all Chromebooks will continue to receive support through their device’s existing date commitment, and many Chromebooks will be eligible to transition to the new experience.

Okay, so we got a teensy new nugget there — in that “many Chromebooks” will be able to “transition” to the newer, Googlebook-style setup. Again, good to know.

But still, it isn’t the answer we’re looking for here. Will Chromebooks keep being produced and offered indefinitely alongside Googlebooks, as different choices for different markets and/or needs — or will Googlebooks eventually replace Chromebooks as the de facto laptop-level device at some point in the foreseeable future?

When pressed on this point, a media relations rep from Google told me that yes, Chromebooks will “continue to be sold” — and that there are already more devices “in the pipeline” for release. When I followed up further to attempt to clarify, again, if that meant Googlebooks and Chromebooks would both be produced and offered indefinitely moving forward — not just that there’ll be a period of overlap in which both will be available to purchase, based on devices that were already released or under development — I didn’t receive another reply (after a day and a half and in time for this article’s publication).

At the risk of turning this into a total Abbott and Costello routine, I’m still just not entirely sure that what we’re hearing actually answers what I’m asking — or what that might mean for the many education and enterprise organizations relying on Chromebooks now, once their current devices start to near end dates and they’re ready to look for replacements.

As a potentially related side note, all software-level considerations aside, Googlebooks are described as being “built with premium craftsmanship and materials” — every Googlebook — and so it sure doesn’t seem like they’ll be positioned in the same way that many current Chromebooks have, at the more budget or midrange level that’s suitable for mass organizational deployment.

Hmmmmmmmmmmmmm.

5. What about other core Chromebook qualities — like the built-in security, lack of slowdown over time, and the true desktop browser experience they offer?

I’ll make this one easy for ya: Don’t know, don’t know, don’t know.

Once more, extremely critical questions. And so far, no known answers.

6. Will Googlebooks be able to run Linux programs — and/or Windows apps, as Google worked so hard to establish with ChromeOS in recent years?

Over the years, ChromeOS morphed into something I’ve called the “everything” OS — an ironic evolution, without a doubt, given the original Chromebook vision.

Part of that means the devices can run practically every type of app imaginable, short of Mac-native software. You can install Android apps, of course, and run anything from the web. You can also install Linux apps and, with the right add-on, even run full-fledged Windows programs on a Chromebook — a move Google made proudly and after lots of thoughtful iteration to close the gap on corporate concerns around ChromeOS limitations.

Part of the Chromebook’s appeal has also always been the desktop-caliber Chrome browser experience it gives you — something that the mobile versions of browsers have never quite been able to match when it comes to speed and unrestricted productivity. It’s a very noticeable difference when you attempt to do work on the web on a Chromebook compared to a traditional Android (or any other mobile operating system) device.

As for Googlebooks, all we know right now is that they can run Android apps. So are they essentially just a new and improved version of an Android tablet — something that’d be fine and maybe even nice for more casual use but a far cry from the sort of productivity-minded environment Chromebooks have grown into providing? Or will they retain their predecessors’ progress when it comes to that singularly versatile platform-bending software support?

Until we know those answers, it’s impossible to really wrap our heads around any of this.

7. Will the devices all be touch-centric, with touch-capable displays?

The way Google is showing its Googlebooks being used certainly makes it seem like they’re more touch-oriented devices — with keyboards available for when you need ’em. 

Chromebooks, though, started out that way and then quickly evolved to showcase a more diverse range of hardware options — which, in recent years, increasingly did not include touchscreens as a baseline option.

If these are being portrayed as more traditional laptops, maybe touch isn’t necessarily expected for them, either. But if they’re more of supercharged tablets, a touch capability would certainly make sense.

The Googlebook’s trademark “glowbar,” as seen on some past Google-made devices.

Google

So. Many. Questions. And, on that note, one more:

8. How will these be branded — and will Google itself be making Googlebook hardware?

Based on the name “Googlebook” (which, on a side note, is remarkably similar to “gobbledegook” — trust me, you’ll never unsee it now), you’d be forgiven for assuming that Google itself is the one making ’em all.

That, we do know, is definitely not the case. Google says it’s partnering with a variety of companies — including Acer, Asus, Dell, HP, and Lenovo, to start — to create the very first Googlebooks, and that alone raises so much curiosity in my mind.

To wit: Will all of those companies’ devices simply be called Googlebooks — the Acer Googlebook and the Dell Googlebook, for instance? Or will it be more of a Windows-esque model, where they’ll brand ’em however they want and then list somewhere on the packaging that they’re Googlebooks or running, erm, GoogleOS, or Android Googlebook Desktop Edition, or whatever the heck it ends up being called?

For that matter, will Google itself be making a Googlebook? It’d be weird if it didn’t, given the name “Googlebook” and the company’s ever-increasing homemade hardware ambitions. But if it does, will its device be the Pixelbook Googlebook? (Gesundheit.) And will we be seeing the same sort of awkward competition that’s present within Android now, where Google both makes and controls the OS and competes for customers as a creator of the same sort of hardware?

For now, all we can really say is that Googlebooks are coming — and they appear to establish a whole new horizon for how we think about laptops, Android, and ChromeOS. They’ll have a neat glowbar that brings to mind earlier Google hardware products, and they’ll feature a bunch of bits of native Gemini integration. And they’ll interact with Android in some interesting ways.

Beyond that, let’s hope that the answers to all these questions become apparent as the months march on and we grow closer to the Googlebook’s launch — ’cause without these answers, Googlebooks really are just a bunch of gobbledegook, albeit gobbledegook surrounded by a cryptically pretty enclosure and plenty of hazily promising potential.

Want even more Googley knowledge? Come check out my free Android Intelligence newsletter and get next-level insight delivered directly to your inbox.

Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 flaws, 30 are rated Critical, 104 are rated Important, three are rated Moderate, and one is rated Low in severity. As many as 61 vulnerabilities are classified as privilege escalation bugs, followed by