Agregátor RSS

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. [...]

The Big Four accounting and consulting firms — Deloitte, EY, KPMG, and PwC — advertised more AI-related job postings than traditional auditing positions in 2025, according to a new analysis by the Financial Times.

Nearly 7% of the firms’ job postings required AI expertise, compared to less than 2% in 2022 when OpenAI’s ChatGPT was launched. At the same time, auditing roles accounted for just under 3% of the postings last year. One of the firms also noted that a single job posting could, in some cases, apply to multiple positions.

According to the Times, the hiring trend shows how quickly AI is transforming the consulting and auditing industries. At the same time, the industry is trying to adapt to the fact that AI could undercut the need for certain junior positions.

Traditionally, consulting firms have been built on a “pyramid model” where many younger employees work under a smaller number of senior managers and partners. AI is now expected to automate parts of that workplace arrangement.

Arxiv, the open-access repository where researchers publish scientific articles before they have undergone formal peer review, is introducing stricter rules against AI-generated articles containing obvious errors and fabricated content. Researchers who submit texts with clear signs of so-called “AI slop” can now be banned from the platform for a year, according to 404 Media.

Red flags could include, for example, fabricated sources, incorrect citations, or leftover AI comments, Arxiv said. The platform argues that such mistakes indicate the authors have not properly reviewed the AI’s output.

The aim is to counter the growing volume of AI-generated texts that masquerade as serious research.

A single violation could be sufficient for suspension, though a proposed ban can be appealed. Users who have been suspended will also be subject to a future requirement that new submissions to Arxiv must first be accepted by a reputable peer-reviewed scientific publication.

Tvůrci hitovky Disco Elysium jsou zpět se hrou, která se nebojí posouvat hranice toho, co je možné v tomto interaktivním médiu zprostředkovat. Mix filozofie, politologie, atraktivní výtvarné stránky spolu s komplexním dějem a zábavnými herními mechanismy se pokouší získat přízeň náročnějšího ...

Security researcher Brian Krebs brings us the news that America's Cybersecurity & Infrastructure Agency (CISA) has had a large store of plaintext passwords, SSH private keys, tokens, and "other sensitive CISA assets" exposed in a public GitHub repo since at least November 2025.

The now-offline public repo—named, somewhat aspirationally, "Private-CISA"—was brought to Krebs' attention by GitGuardian's Guillaume Valadon, who was alerted to the repo's presence by GitGuardian's public code scans. Krebs says that Valadon approached him after receiving no responses from the Private-CISA repo's owner.

In an email to Krebs, Valadon claimed that the repo's commit logs show that GitHub's default protections against committing secrets—protections designed to protect unwitting or unskilled developers against exactly this kind of stupidness—had been disabled by the repo's administrator.

Read full article

Comments

The US Cybersecurity and Infrastructure Security Agency (CISA) left open a GitHub repository named “Private-CISA” containing plain-text passwords, private keys, tokens, and secrets – with obvious file names like “external-secret-repo-creds.yaml” and “AWS-Workspace-Firefox-Passwords.csv” – for six months. GitGuardian researcher Guillaume Valadon, fresh off a recent talk on Kubernetes secret leaks, found the public repository on May 14, and told The Register that he “quickly understood that the leak was bad and that time was running out. A national agency having 844 MB of production infrastructure material in a public GitHub repository for six months is as serious as a secrets leak gets.” Valadon, who previously spent nine years at France’s CISA equivalent, ANSSI, told us the leak included tokens for CISA's internal JFrog Artifactory, Azure registry keys, AWS credentials, Kubernetes manifests, ArgoCD application files, Terraform infrastructure code, GitHub personal access tokens, and Entra ID SAML certificates. GitGuardian reported the leaky repository to CISA on May 14, and the agency took it down a day later. A CISA spokesperson told The Register that it was aware of the report and is investigating. "Currently, there is no indication that any sensitive data was compromised as a result of this incident.” It’s not a good look for the nation’s infosec agency, which hasn’t had a permanent boss since Trump took office, is facing hundreds of millions of dollars in budgets cuts on top of deep cuts to staff and funding last year, and has suffered its share of embarrassing security snafus in the interim. In a Tuesday blog, Valadon said he initially thought the repo “was a hoax, given how suspicious the directory names (Backup-April-2026/, All Backups/, LZ-Artifactory/, Kubernetes-Important-Yaml-Files/, ENTRA ID - SAML Certificates/ ...), file names (external-secret-repo-creds.yaml, CAWS GitHub Token.txt, Important AWS Tokens.txt, AWS-Workspace-Firefox-Passwords.csv, Kube-Config.txt ...), and their contents (private keys, personal and professional GitHub tokens, AWS secrets, ...) seemed too good to be true,” Valadon wrote. It wasn’t a hoax – “The Cybersecurity and Infrastructure Security Agency is aware of the reported exposure and is continuing to investigate the situation,” but it was a “catalogue of unsafe practices,” he added, containing passwords stored in plain text, backups committed to Git, and an “explicit” how-to guide for disabling GitHub's secret scanning. After initially reporting the leak through the CERT/CC portal, and only receiving an auto-acknowledgement as of the morning of May 15 – a Friday – Valadon alerted security journalist Brian Krebs about the publicly exposed secrets, which seemed to speed up CISA’s processes. By 6 pm EST that night, the feds took down the repository. Valadon told The Reg he gives CISA credit for quickly deleting the repository. “Most of our responsible disclosures take much longer, and many are never fixed,” he said. “Managing to take the repository offline in a day is impressive work.” He doesn’t know if any other parties with less altruistic intentions found the secrets first, although the fact that the repository was never forked (based on public GitHub events) would seem to indicate that it wasn’t widely circulated on the dark web. “The only ones that can answer definitively is GitHub,” Valadon said. GitHub did not immediately respond to The Register’s inquiry. GitGuardian isn’t aware of any of the exposed credentials being abused by unauthorized individuals “Each category of secret in the repository unlocks a specific attack path,” Valadon said. “Stacked together, they cover the full range: from destructive attacks and ransomware extortion to quiet, long-term persistence inside CISA's build and deployment pipeline. That last scenario worried me the most, and it's why I escalated through every channel we had until the repository was taken offline.” Plus, the committer used both a CISA-issued contractor email and a personal Yahoo email across the same commits, and created the repository using a personal GitHub account. “That mixed-identity pattern is one of the hardest surfaces for security teams to cover, and it's where the worst leaks happen,” Valadon said.®

Občas si rádi zahrajeme na mobilu, ideálně když to nic nestojí • Mnoho titulů lze stáhnout zdarma, platby se účtují až při hraní • Zde je náš výběr her zcela zdarma pro příležitostné hráče

Your Linux server may be carrying kernel code for hardware, filesystems, cryptographic interfaces, and network features it will never use.

Canonical vydal Ubuntu Core 26. Vychází z Ubuntu 26.04 LTS a podporováno bude 15 let. Ubuntu Core je minimální neměnný operační systém určený pro vestavěné systémy.

A Linux process that keeps coming back after a reboot is worth slowing down for. It may not crash anything. The name may look like normal maintenance, the server may keep serving traffic, and nothing on the box may feel urgent enough to pull an incident handler away from other work.

I v době předražených pamětí lze sestavit herní počítač za 45 000 Kč s vysokým výkonem pro hraní v rozlišení QHD nebo 4K. S kompromisy se dostanete i pod 40 tisíc. Nechcete moc číst? Tady jsme celou sestavu naskládali do nákupního košíku na Alze. Na konci článku jsou odkazy na další tři sestavy s ...

Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN's Satori Threat Intelligence and Research Team, encompassed 455 malicious Android apps and 183 threat actor-owned command-and-control (C2) domains, turning the infrastructure into a pipeline for multi-stage fraud. "Users

Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN's Satori Threat Intelligence and Research Team, encompassed 455 malicious Android apps and 183 threat actor-owned command-and-control (C2) domains, turning the infrastructure into a pipeline for multi-stage fraud. "Users Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Microsoft plans to raise the quality bar of Windows 11 drivers, as drivers "sit at the heart of every Windows experience" and connect the OS to the "silicon, components, and peripherals." [...]

Microsoft has confirmed user reports that the Teams team collaboration app is displaying non-dismissible location prompts on some macOS systems. [...]

Apple has confirmed this year’s Worldwide Developers Conference (WWDC) will take place June 8-12. The show begins with a keynote speech likely to be Tim Cook’s final public appearance as Apple’s CEO. His successor, John Ternus, will also be in the spotlight, but perhaps not quite as much as Apple’s promised smart Siri successor.

Getting AI right is incredibly important to the company this year, and Apple seems to recognize that. The official media invitation features a brightly glowing Swift logo with the tagline “Coming Bright Up,” which some see as a hint at the advanced AI capabilities Apple intends making available. It also hints at the new Siri user interface Apple is building, while the use of a Swift suggests the introduction of additional Foundation Models with which developers can add AI tools to their products.

On the developer website, Apple’s media images all show that bright glow, which also hints at potential improvements to Liquid Glass. There’s no doubt at all that the entire industry will be tuned into WWDC to find out where Apple is going with AI. So, no pressure there, right?

AI tools developers can use

The company told developers to expect more than 100 new videos about tools, technologies, and design, many of them to be revealed during the Platforms State of the Union address, which follows the keynote.

“WWDC26 will kick off June 8 with the Keynote and Platforms State of the Union, introducing incredible updates for Apple platforms, including AI advancements and exciting new software and developer tools,” Apple said, announcing the event.

Apple knows the world is watching and seems unlikely to want to disappoint its audience again, though the way it framed this in suggests some of the improvements will be for developers, with end users to benefit later. This is the approach Apple has taken with Foundation Models so far, though it isn’t yet clear if the company intends introducing a paid tier of APIs for developers. I’d consider that a risk at this stage, given the perception Apple faces.

What’s at stake?

A confluence of challenges means Apple is perceived as having fallen behind on AI. That’s got to hurt. The company is under a lot of pressure to push back against that viewpoint, and while that’s a challenge, it’s also a big opportunity. 

Wedbush Securities analyst Dan Ives says Apple is a “sleeping tech giant” poised for growth if it gets the mix right, predicting the company’s ecosystem could become the “consumer hub” of AI, to the extent that 20% of the global population will use Apple to access it. At Morgan Stanley, analyst Erik Woodring thinks what Apple is about to introduce will prompt a mass upgrade and sees revenue potential in AI services for the company. In general, people seem to agree that Apple’s ecosystem is more than capable of handling the demands of AI; the challenge is properly integrating it within Apple’s environment.

What is Apple Planning?

At the moment, strong speculation suggests Apple has added new Writing Tools, improved image generation on its devices, and has worked with Google Gemini to extend the number of available APIs developers can use, as well as enhancing contextual understanding by Siri.

Any one of these things would have impressed us all at one time, but in an AI world of Claude, Gemini, or even Grok, some will likely see even these enhancements as weak sauce. Additional key expectations include:

• Siri will become a chatbot-style assistant in the form of an LLM-enhanced app, built in partnership with Google Gemini.
• Apple will give users a choice of AI apps, including the ability to make whatever they choose the default on their system.
• Siri will gain a new interface hosted in the Dynamic Island on devices that support it.
• Siri might also gain the ability to string instructions together using a combination of text/speech and Shortcuts abilities. 
• You should see improved contextual awareness; Siri will be able to “see’”what’s on your screen and take relevant actions across one or more third-party apps.
• Those functions are likely to be delivered by App Intents, which permits developers to make app functions available across the system without opening the apps.
• Visual Intelligence will let the iPhone camera app identify more options, including objects and passes, such as for events and public transit.
• Multitasking on iPads should improve, while macOS might gain some touch-based interface improvements. That could set the scene for better integration between iPad and Mac, and, of course, make a touchscreen Mac possible.

Most recently, there’s been chatter about Apple introducing an iMac equipped with an M5 processor. If so, this could emerge at, or slightly before, WWDC.

As it does each year, the conference will feature the Apple Design Awards, Swift Student Challenge, Labs, and an in-person, 1,000 people gathering in Cupertino for the keynote. 

Watch it in real time

The keynote will be available to stream on Apple’s website. It will also be hosted on the Apple TV app and Apple’s YouTube channel, with playback on-demand after the event.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Updated: If you use Drupal, get ready to patch without delay. The org behind the popular open source content management system is warning of a highly critical vulnerability in Drupal core that is serious enough for it to tell users ahead of Wednesday’s patch release to set aside time to install the fix immediately. The Drupal Security Team’s Monday PSA announcing the imminent patch for Drupal core doesn’t include any specifics, with the PSA noting that Drupal isn’t willing to share additional information until the announcement is made alongside the patch release. That, says Drupal, will happen at some point between 1700 and 2100 UTC on Wednesday, May 20. To reiterate, this vulnerability is found in Drupal core, the bare-bones version of Drupal designed for developers, and not Drupal CMS, the preconfigured version for those who want Drupal but don’t have coding skills. Drupal noted that sites using Drupal Steward, its paid web application firewall service, are protected against known attack vectors, though it still recommends Steward customers update their core instances in case additional exploit methods emerge. “The Drupal Security Team urges you to reserve time for core updates at that time because exploits might be developed within hours or days,” the advisory warns. Drupal also recommends users update to the latest supported release prior to Wednesday’s patch “so that you can address any other upgrade issues before the security window." While it won’t get specific on the nature of the vulnerability, Drupal did share its severity score based on NIST’s standard scoring methodology, and it’s not good: The bug scored 20 out of a max of 25 on that scale, as defined by Drupal’s own documentation. More specifically, it’s trivially easy to leverage, doesn’t require any privilege level to exploit, could make all non-public data on an affected site accessible to the attacker, and could allow an attacker to modify or delete whatever they wanted. The only two things preventing it from scoring a perfect 25/25 are the fact that a known exploit doesn’t exist yet and that it doesn’t affect all configurations, only those using “uncommon module configurations.” Drupal noted that security releases will be published on Wednesday for all currently supported core branches (11.3.x, 11.2.x, 10.6.x, and 10.5.x), as well as unsupported Drupal 11.1.x and 10.4.x branches for sites that have not yet upgraded from older 10.x and 11.x releases. Drupal users on 8.9 and 9.5 are also getting patches “given the potential severity of this issue,” though the advisory warns 8.9 and 9.5 users will need to install those updates manually, which “might introduce other bugs or regressions,” leading Drupal to recommend a full upgrade to a supported core branch. “Drupal 8 and 9 include numerous other, previously disclosed, security vulnerabilities that will not be addressed by either Drupal Steward or the best-effort patch files,” the advisory said. Drupal 7 users are safe. Given the fact that not all Drupal core environments will be affected, the advisory recommends all Drupal core users set aside time on Wednesday to determine whether they’re part of the vulnerable class, and take action immediately if so. ® Updated to add on May 20: The Drupal Security Team has been in contact to warn that, while Core is the primarily vulnerable product, Core's inclusion in Drupal CMS means those environments might be vulnerable too, so anyone running Drupal will need to be sure their site is secure. As for the patch itself, Drupal told us it can be installed in "minutes or maybe seconds depending on the site," which likely won't need to be taken offline in order to install the patch.In other words, you really ought to be sure this gets installed before you're caught being a straggler.

Šéf gigantu SAP Christian Klein varuje před zaostáváním Evropy a sází na novou generaci byznysových modelů pro práci s daty • . • Vývojové centrum SAP Labs v Brně se stává klíčovým hráčem při tvorbě umělé inteligence určené pro řízení moderních podniků. • Německá skupina masivně investuje do ...

Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE). Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026, only to be informed by the maintainers that it was a duplicate of a vulnerability that had

Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE). Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026, only to be informed by the maintainers that it was a duplicate of a vulnerability that had Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]