Agregátor RSS

Před pár týdny se v médiích objevila zpráva o jednom rozsáhlém kybernetickém útoku. Ruská skupina APT28 zaútočila na SOHO routery a jejich prostřednictvím se jí nakonec podařilo kompromitovat některé přihlašovací údaje.

Poslední velmi užitečnou vlastností čipu ANTIC je podpora pro takzvaný jemný scrolling. ANTIC umožňuje horizontální i vertikální posun celé scény s přesností na jednotlivé pixely resp. obrazové řádky.

Objevily se snímky PCB pro Intel Xe3P v konfiguraci Crescent Island. Jde zjevně o řešení, které počítá pouze s profesionálním nasazením - obrovské pouzdro a 20 LPDDR5X od 160GB jinou možnost vylučují…

Elektrony v elektronice už melou z posledního. Kvazičástice exciton-polaritony spojují výhodné vlastnosti záření a hmoty, což je předurčuje pro fotonické čipy. S nimi by bylo možné snížit ohromnou spotřebu rozsáhlých AI systémů a pokročit ke kvantovým počítačům, které by byly integrované na čipech.

The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting users of an online store in California. [...]

Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. [...]

Two now-patched bypass bugs in Claude Code’s network sandbox put users at risk, and one of these allows baddies to send anything inside the sandbox - credentials, source code, other private data - to any server on the internet, according to a researcher who found and reported both flaws to Anthropic. Aonan Guan, who leads cloud and AI security at Wyze Labs and has hunted down bugs in pretty much every AI system out there, told The Register that this is the second time in five months Anthropic has silently fixed a sandbox bypass vulnerability in Claude Code without issuing a CVE or security advisory specific to the agentic coding tool. The latest issue was a SOCKS5 hostname null-byte injection that can be exploited to trick the sandbox allowlist filter into approving connections it should block. It’s especially dangerous when combined with prompt injection, which Guan previously detailed in his earlier comment and control research. When paired with prompt injection, the new flaw can be abused to force Claude to read hidden instructions and then run attacker-controlled code in the sandbox, allowing miscreants to exfiltrate anything the sandbox could reach. This includes cloud and GitHub credentials, the GitHub token Claude authenticated with, cloud metadata and internal APIs. “For anyone who ran Claude Code with a wildcard allowlist on a credential-bearing system, the network boundary did not exist for the 5.5 months from sandbox GA to v2.1.90,” Guan wrote in research published Wednesday. “Treat that window as a potential exfiltration event.” Anthropic says it found and fixed the latest flaw before receiving Guan’s report. The fix, according to a spokesperson, is a public commit in the sandbox-runtime repository, which shipped in Claude Code 2.1.88 on March 31. “Anyone can view” the commit, they told us. Guan filed his bug bounty report with HackerOne on April 3. “Because the report described a vulnerability Anthropic had already caught and patched, it was closed as a duplicate of an internal finding,” the spokesperson said. “We appreciate the researcher’s time on this report.” Guan says he doesn’t dispute the timeline. “That is not the core issue,” he told The Register. “The core issue is that this was a bypass of a user-configured network sandbox, and there's still no advisory CVE, and no changelog note," he said. "Shipping a sandbox with a hole is worse than not shipping one. The user with no sandbox knows they have no boundary. The user with a broken sandbox thinks they do.” Claude, for its part, seems to side with Guan. When he showed Claude its own hole, the bot responded “This is a real bypass of the network sandbox filter,” according to a screenshot published in his research. The earlier bug, which Guan reported and detailed in December 2025, was ultimately assigned a CVE tracker - CVE-2025-66479 - and patched in v0.0.16. But the CVE only applies to Anthropic's sandbox-runtime, an upstream package, and not specifically to Claude Code, which Guan says means users have no way to know if their AI coding assistant is reading “allow nothing” as “allow everything.” He requested a CVE for Claude Code, and Anthropic said no because “The root cause is in the library.” Guan told us he’s glad Anthropic ultimately addressed the security holes. But the entire disclosure process illustrates another problem that researchers and The Reg vultures have reported with how AI vendors often handle vulnerabilities in their products: no CVEs issued, and if the flaw is fixed, it usually happens silently, with no public advisories. More often than not, the burden of securing AI agents and other systems gets pushed to the end users. “Some vendors issue CVEs and some do not,” Guan said. "I think either approach can be reasonable, but the advisory is a must. The users need to know the risk is real, and in many cases, they may never know. What the public often does not see is that vendors may reward researchers and silently patch the software, while end users never learn from release notes or public advisories that the risk existed.” According to Guan, this shows why users need their own protections, either from a security company or user-controlled runtime isolation. But he said he does hope big tech “takes on the burden of clearly communicating” security issues with users. “Because of that, I think companies should treat AI agents more like employees than ordinary software tools,” he told us. “Before hiring an employee, companies do background checks. Before giving them access to systems, they define permissions. The same discipline should apply to AI agents.” ®

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other Chromium-based browsers.

The proof-of-concept code exploits the Browser Fetch programming interface, a standard that allows long videos and other large files to be downloaded in the background. An attacker can use the exploit to create a connection for monitoring some aspects of a user’s browser usage and as a proxy for viewing sites and launching denial-of-service attacks. Depending on the browser, the connections either reopen or remain open even after it or the device running it has rebooted.

Unfixed for 42 months (and counting)

The unfixed vulnerability can be exploited by any website a user visits. In effect, a compromise amounts to a limited backdoor that makes a device part of a limited botnet. The capabilities are limited to the same things a browser can do, such as visit malicious sites, provide anonymous proxy browsing by others, enable proxied DDoS attacks, and monitor user activity. Nonetheless, the exploit could allow an attacker to wrangle thousands, possibly millions, of devices into a network. Once a separate vulnerability becomes available, the attacker could use it to then compromise all those devices.

Read full article

Comments

Google this week launched Gemini 3.5 Flash, a new AI model that’s expected to be significantly better at programming than its predecessors. The new model is also said to be four times as fast as its competitors, Claude Opus 4.7 and GPT-5.5, and more than twice as fast as Gemini 3.1 Pro.

Google stressed the possibility of using the model as a tool for autonomous AI agents, which could, among other things, help users with planning various projects. To ensure Gemini 3.5 Flash is not used for malicious purposes, Google added a number of new safety mechanisms.

The new model is available via the Gemini app, Gemini API, Gemini Enterprise, Google AI Search, and Antigravity. And professional users, will soon have access to Gemini 3.5 Flash Pro, according to TechCrunch.

Linux server hardening is mostly about reducing unnecessary exposure while keeping systems stable enough to manage in production. That sounds straightforward until servers start accumulating changes over time. New services get deployed, firewall rules expand, SSH access grows, monitoring tools are added, and temporary operational fixes slowly become permanent parts of the environment.

Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence (AI) agents. RAMPART, short for Risk Assessment and Measurement Platform for Agentic Red Teaming, functions as a Pytest-native safety and security testing framework for writing and running safety and security tests for AI agents, covering

Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence (AI) agents. RAMPART, short for Risk Assessment and Measurement Platform for Agentic Red Teaming, functions as a Pytest-native safety and security testing framework for writing and running safety and security tests for AI agents, covering Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Ukážeme vám, jak si prohlížeč podmanit. • Chrome nabízí experimentální funkce. • Ty jsou trochu schované, ale můžete je využívat.

Jamf has a new CEO: former CTO Beth Tschida. She succeeds previous CEO John Strosahl, who himself replaced Dean Hager on his retirement. Tschida has served as interim CEO since March.

Jamf-using IT pros should be pleased. Tschida is an engineer who joined the company in 2018 as senior vice president, engineering and became CTO four years later. She has led the company’s expansion into security as well as its ongoing mission in device management. She takes the helm as device management, and IT more generally, struggle with the potential and the peril of artificial intelligence deployment across industry.

‘We are making AI work on Apple’

“Over the last eight years, I’ve had the privilege of working with an exceptional team to build the leading platform for managing and securing Apple at work,” said Tschida in a statement. “Now, AI is reshaping how organizations work, and we are making AI work on Apple. We’re building autonomous management so devices manage themselves within boundaries, opening our platform so others can build AI tools directly with Jamf, and delivering the governance layer to deploy AI confidently. Everything we’re doing is built on the trust we’ve earned over two decades of making Apple simple, secure, and connected at scale. I’m energized by what’s ahead.”

Challenges and opportunities

Following its acquisition by Francisco Partners, Jamf is no longer a public company, but it faces a fresh set of challenges as it enters its 25th year of existence. The Apple ecosystem it is built around has utterly transformed, with Macs, iPhones, and iPads acting as peer players in enterprise IT.

The company’s specialized Apple-focused model faces fresh challenges from other more multipolar IT device management vendors, even while the scale of opportunity for Apple in the enterprise continues to grow. There are more Macs used in business today than ever before, the success of MacBook Neo has only boosted that fact, and the number of companies seeking MDM and security support across Apple’s platform continues to grow.

In fact, Apple recently entered the ring with its own very much expanded Apple Business product; as Hager said when that service originally launched, “When Apple innovates, Jamf celebrates,” arguing that Apple effectively grew its presence in enterprise IT — creating more opportunity for vendors such as Jamf – by doing so.

Regulation, security and control

Brian Decker, partner and co-Chief Investment Officer at Francisco Partners, certainly sees opportunity in the Apple-in-the-enterprise space. “We look forward to working with Beth as she builds on what this team has built and goes after the opportunity ahead in Apple enterprise management and security,” he said in a statement.

News of the promotion comes in the sleepy prelude to what may be Apple’s most important WWDC yet for enterprise professionals. Many business users have been somewhat reluctant to fully embrace AI services in their work and will be very curious to find out if Apple has figured out some way to support the conveniences of such services while retaining the data privacy regulators demand.

That’s certainly a need Tschida recognizes. When she discussed Jamf’s FedRAMP partnership with UberEther late last year, she said the goal was to “bring secure, Apple-first management and security solutions to highly regulated environments.” 

Getting ahead of AI adoption with Jamf

Jamf, of course, sees plenty of opportunities that can be unleashed by Ai, and it seems is ready to ramp up its offerings. It’s not a new initiative, as the company has been weaving AI into its own ecosystem for some time; indeed, as CTO, Tschida introduced Jamf AI Assistant in 2024, which she called a “game changer for Apple device management and security.” 

The company also recently introduced a beta version of its own AI tool for executive threat detection, designed to detect sophisticated attacks targeting high-value users. This trajectory makes it very unlikely the company will slow down its exploration of how AI can improve the world of Apple enterprise IT, while also protecting against shadow AI.

As Tschida told me today: “98% of organizations have employees using AI tools their IT team never sanctioned. That number is not going down. The organizations that figure out how to govern AI adoption on Apple, rather than just react to it, will have a real advantage. That is exactly what we are building at Jamf.”

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm supply-chain attack last week. [...]

Co se letos nejvíc hraje na PlayStationu 5? Vyšli jsme z oficiálních žebříčků, které Sony vydává, a našli nejoblíbenější hry pro PS5.

Do Česka míří americký zdravotník s podezřením na infekci nebezpečnou ebolou a několik příštích týdnů stráví v tzv. bioboxu. Co to je, jak to vypadá a proč je to zrovna na pražské Bulovce? Tamní klinika infekčních nemocí patří ke špičce v oboru, a proto je Fakultní nemocnice Bulovka mimo jiné ...

Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world. The tech giant attributed the activity to a threat actor it calls Fox Tempest, which it said offered the MSaaS scheme

Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world. The tech giant attributed the activity to a threat actor it calls Fox Tempest, which it said offered the MSaaS scheme Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]