Agregátor RSS

Aladinů není nikdy dost, fanoušci meteorologie proto dostali další web, na kterém najdou předpovědní mapky ze stejnojmenného numerického modelu ČHMÚ. Jmenuje se Aladin NWP, stojí za ním storm chaser Lukáš Ronge z Bourky.cz a zobrazí odhady až na 72 hodin dopředu, jak na tom budou jednotlivé ...

Steam Controller 2 dorazí příští týden za 99 € (2450 Kč). • Nabízí kompletní gamepadovou výbavu, ale i trackpad, gyroskop a další prvky. • V testech výdrže zvládl až 70 hodin.

After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their Outlook and Hotmail accounts via the default Mail app. [...]

Gelsingerův plán vydávat novou generaci procesorů Xeon každý rok se nepodařilo udržet příliš dlouho. Již v loňském roce Intel novou generaci Diamond Rapids nevydal a nevydá ji ani letos…

A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy.  Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between February 2020 and June 2021, including

A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy.  Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between February 2020 and June 2021, including Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Monitor MSI Pro MP341CQW zlevnil na 3690 Kč, běžně stojí skoro o dva tisíce víc. • Jde o nejdostupnější model s rozlišením 3440 × 1440 px. • Má zakřivený panel, frekvenci 100 Hz a láká na dobré barevné podání.

An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort. Agent ID Administrator is a privileged built-in role introduced by Microsoft as part of its agent identity platform to handle all aspects of an AI agent's identity lifecycle operations in a Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday update for this Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Meta začala zaměstnancům zaznamenávat veškerá kliknutí a stisknuté klávesy • Cílem tohoto kontroverzního opatření je vycvičit AI k samostatné práci • Pracovníci se sledování nemohou nijak bránit a brzy navíc očekávají propouštění

Společnost TSMC ohlásila velké množství novinek a také jedno překvapení. Ještě v roce 2029 očekává silnou poptávku po procesech bez BSPD (přesunu napájení na zadní stranu čipu), a tak chystá A13…

Microsoft and OpenAI on Monday again revised their agreement, softening their exclusivity and revenue-sharing conditions in the process. These changes underscore how critical it is for enterprises to work with as many AI vendors as practical, given the leapfrogging performance stats as well as the constantly shifting alliances.

Both OpenAI and Microsoft issued their own statements, which were essentially identical, about the contractual changes. 

Microsoft’s statement said that the company still derives some benefits from its alliance with OpenAI. “Microsoft remains OpenAI’s primary cloud partner and OpenAI products will ship first on Azure, unless Microsoft cannot and chooses not to support the necessary capabilities,” it said.

But, the company noted, the earlier exclusivity is now gone. “OpenAI can now serve all its products to customers across any cloud provider. Microsoft will continue to have a license to OpenAI IP for models and products through 2032. Microsoft’s license will now be non-exclusive.”

In addition, the company’s role as a major investor in OpenAI is driving a different revenue relationship, it said: “Microsoft will no longer pay a revenue share to OpenAI. Revenue share payments from OpenAI to Microsoft continue through 2030, independent of OpenAI’s technology progress, at the same percentage but subject to a total cap. ”

AGI clause removed

One key component within earlier versions of the Microsoft-OpenAI deal was the change in the relationship if OpenAI ever achieved artificial general intelligence (AGI), a term that eludes a concrete definition but generally refers to AI that equals or exceeds human capabilities. 

Although it was not directly referenced in the statement from either vendor, multiple media reports said that AGI references have now been removed from the revised agreement. 

Market changes

Analysts and consultants generally agreed that this altered agreement will reinforce, and should extend, the current enterprise IT trend of hedging bets by striking arrangements with a variety of AI providers, including the major hyperscalers. Beyond future-proofing enterprises’ AI efforts, some of those agreements are for practical issues, such as the need to work with global AI firms specializing in different languages that the enterprise needs.

Thomas Randall, research director at Info-Tech Research Group, explained that the market has changed since the original agreement was struck. “The era of exclusive frontier model access as a strategic differentiator is coming to an end,” he pointed out. “The Microsoft-OpenAI agreement in 2023 was meaningful because access to GPT4 was scarce. But that scarcity no longer applies because the competitive differences between frontier models have reduced substantially since then.”

The amended Microsoft-OpenAI agreement “is more of a formal acknowledgment that model access is no longer a strict advantage,” he said. “The immediate practical change for IT from this agreement, especially for shops that were reluctant to deepen an Azure commitment, is that they now have a clearer path to accessing OpenAI models through other hyperscalers.”

Randall argued that this translates into a rebalancing of where enterprise IT should focus its AI efforts, especially in terms of differentiation.

“If model access is commoditizing at the infrastructure layer, then strategic questions must focus on quality and governance of proprietary data, the depth and sophistication of agentic workflow integration, and organizational capability to deploy AI at scale,” he said.

“Consequently, the vendors who control the orchestration and application layers [such as] the agent frameworks, the data connectors, the governance tooling, and workflow integration, will be best positioned to capture enterprise value. The competitive ground has shifted from attaining model access to how vendors deeply and reliably embed AI into enterprise workflows.”

Alastair Woolcock, VP analyst at Gartner, agreed that this contractual change from two key market leaders is an inevitable reaction to a vastly changing AI marketplace. “The first great AI shadow investment is being rewritten for a multipolar AI Cold War,” he said. 

“Frontier AI has become too capital-intensive and infrastructure-constrained for one-cloud exclusivity to survive. For Microsoft, this is a controlled concession. The investor story moves from ‘Microsoft owns the OpenAI channel’ to ‘Microsoft controls the enterprise AI operating layer’ through Copilot, Azure, security, workflow integration, data gravity and AI operations,” Woolcock said.

“For OpenAI, this is a liberation event,” he noted. “Its biggest constraint is no longer demand. It is compute, capital and distribution. OpenAI cannot become the global AI platform if one partner controls the pipes.”

He added that, for enterprise IT executives, “this means more choice, but not necessarily less dependency. Lock-in moves up the stack, from cloud infrastructure to AI ecosystem alignment, agent orchestration, workflow control and data governance. This is consequential, not because the partnership is weakening, but because it shows the next phase of AI competition will be fought through flexible alliances, compute access, silicon, power and enterprise distribution, not traditional ownership.”

Planning assumptions altered

Tony Olvet, group VP with IDC, said this contractual change “is unlikely to affect most near‑term Microsoft or OpenAI deployments, but it does change planning assumptions. CIOs and CTOs should expect more choice in where OpenAI capabilities appear, greater commercial leverage and increased need to govern AI across multiple channels. This has strategic implications: enterprises should continue to rely on strong partners while designing AI architectures, contracts, and governance frameworks that can shift across clouds, models and vendors as the market evolves.”

Most consultants stressed the vanishing exclusivity for almost all of the key AI players, something that may not be a bad thing for IT.

A key background factor at play here is the timeline. It can take an enterprise an extended period to fully deploy capabilities across its global environment.

Noah Kenney, principal consultant for Digital 520, noted, “standing up OpenAI workloads on AWS, Google Cloud, or Oracle will take time. Reference architectures, identity and data integrations, compliance reviews, and procurement cycles do not move at the speed of a press release. Enterprises that have spent years optimizing on Azure will not migrate overnight, nor should they.”

But, he said. “for the substantial population of companies that are not Microsoft shops, that have actively avoided Azure, or that operate in multi-cloud by policy, this is the first time OpenAI has been a realistic first-class option on their preferred infrastructure. That is a meaningful shift in the addressable market, even if the operational reality lags by quarters.”

Given the constantly changing relationships within AI, not to mention multiple AI firms preparing to try to become publicly traded, reality is likely to look very different at the end of an enterprise AI rollout than it did at the beginning, so they need options. 

“Until today, choosing OpenAI effectively meant choosing Azure, and choosing Azure gave you privileged access to OpenAI. That tight coupling shaped procurement decisions, reference architectures, and multi-year cloud commitments at thousands of enterprises. It is no longer true,” Kenney said.

“What changes for [enterprise IT executives] is the structural assumption underneath their AI roadmap,” he noted. “OpenAI can now ship its products across any cloud and Microsoft now has a non-exclusive license to OpenAI’s IP through 2032, which means Microsoft is also free to lean harder into its own models, into Anthropic, and into whatever else the market produces. Both sides just bought themselves optionality and that optionality flows downstream to the customer.”

He added, “the companies that benefit are the ones who treat model providers, cloud providers, and inference infrastructure as three separate procurement decisions with three separate exit ramps.”

Vendor lock-in ‘relocating’

Sanchit Vir Gogia, chief analyst at Greyhound Research, said that the kneejerk reaction to the contract changes is that enterprise IT will now have more options and more flexibility. But Gogia said that dependence is not being reduced as much as it is being moved. 

“Lock-in is not going away. It is relocating. At the model level, substitution is becoming easier. Not trivial, but certainly more feasible than before. At the orchestration level, however, substitution remains difficult,” Gogia said. “Once your workflows, controls, identity layers, and governance structures are built around a particular system, changing that system is not a small task. That is where dependency sits. Quietly. Persistently. And often unnoticed until it begins to constrain you.”

There are still differences between providers, and those differences matter in certain contexts, he said. “But the gap is narrowing in ways that are meaningful for enterprise use. Increasingly, the question is not which model is best in isolation. The question is how that model is used, governed, and embedded into the organization. That is a very different question,” Gogia said.

And, he pointed out, it leads you to a very different place, “because once you ask that question, you are no longer looking at models. You are looking at orchestration. You are looking at identity. You are looking at governance, compliance, integration, workflow. You are looking at the layer that sits above the model and quietly determines how everything actually works. That layer is where the real dependency forms.”

Microsoft understands this, he noted. “You can see it in how it is positioning itself. It is no longer behaving like a gateway to a single provider. It is building something broader: A layer where multiple models can coexist, where those models can be managed, governed, and embedded into enterprise systems in a consistent way.

That is not accidental,” Gogia said. “That is a deliberate move towards control at a higher level. And importantly, it is also a hedge. A very clear one. Because it reduces reliance on any single partner, including OpenAI.”

Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one of its GitHub repositories after the Lapsus$ extortion crew claimed to have dumped the company’s source code, secrets, and other sensitive data. In a Sunday update, Checkmarx said the investigation remains ongoing, and it's working to "verify the nature and scope" of the data. Current evidence, however, suggests that "this data originated from Checkmarx's GitHub repository, and that access to that repository was facilitated through the initial supply chain attack of March 23, 2026." The security shop has since locked down access to the affected repo, and said if the investigation determines any customer information was posted online, it will notify "all relevant parties immediately." A day earlier, Lapsus$ data thieves added Checkmarx to the list of victims on its leak site. In a post shared on X by Dark Web Informer, the extortionists claimed to have dumped a raft of sensitive information including source code, API keys, MongoDB and MySQL login credentials, and employee details. Checkmarx did not respond to The Register's inquiries about the stolen data and Lapsus$ claims. The vendor, on Sunday, promised a "more detailed update within 24 hours," as this supply chain SNAFU ripples across the security and developer tools landscapes. From Trivy to Checkmarx The initial attack, which Checkmarx referenced in its advisory, occurred on March 23, when a new-ish cybercrime crew called TeamPCP used CI/CD secrets stolen from Trivy, which they initially compromised in late February. Trivy is an open source vulnerability scanner maintained by Aqua Security. On March 16, TeamPCP injected credential-stealing malware into the scanner, hoovered up a ton of developers' secrets, cloud credentials, SSH keys, and Kubernetes configuration files, then planted persistent backdoors on developers' machines. This intrusion also gave the attackers an initial access vector into several other open source tools including LiteLLM, Telnyx and KICS, an open source static analysis tool maintained by Checkmarx. On March 23, TeamPCP injected the same credential-stealing malware into KICS, and pushed poisoned images to the official checkmarx/kics Docker Hub repository maintained by Checkmarx. "Analysis of the poisoned image indicates that the bundled KICS binary was modified to include data collection and exfiltration capabilities not present in the legitimate version," Socket's research team wrote in its earlier analysis of the Checkmarx supply chain attack. "Our investigation found evidence that the malware could generate an uncensored scan report, encrypt it, and send it to an external endpoint, creating a serious risk for teams using KICS to scan infrastructure-as-code files that may contain credentials or other sensitive configuration data," the supply chain security researchers wrote. Then it got even worse. The ripple effect In addition to the trojanized KICS image, the miscreants compromised additional Checkmarx developer tooling including Checkmarx GitHub Actions and two Open VSX plugins. "On March 23, 2026, Checkmarx was the target of a cybersecurity supply chain incident which affected two specific plugins distributed via the Open VSX marketplace and two of our GitHub Actions workflows," Checkmarx said in its initial security advisory. Late last week, Socket researchers revealed that open source password manager Bitwarden's CLI was also compromised as part of the Checkmarx intrusion. This vastly expands the potential blast radius of the attack because more than 10 million users and over 50,000 businesses use Bitwarden, which claims to be the No. 2 enterprise password manager. "Attackers are deliberately targeting the tools developers are told to trust most: security scanners, password managers, and other high-privilege software wired directly into developer environments. This is why the fallout can get big very quickly," Socket CEO Feross Aboukhadijeh told The Register on Monday. "When you compromise a tool like this, you are not just compromising one vendor," he said. "You are potentially gaining access to GitHub tokens, cloud credentials, CI secrets, npm publish access, and the downstream environments those tools touch." Plus, he told us, the attackers are specifically targeting security tools and vendors in this ongoing campaign. "The threat actors behind these attacks hold a deeply hostile view of the current state of security tooling and vendors," Aboukhadijeh said. "They are explicitly targeting the open source security ecosystem and developer infrastructure." After initially compromising Trivy, LiteLLM, KICS, and other open source security tools, TeamPCP partnered with ransomware and extortion groups including Vect and Lapsus$, bragging on BreachForums that "we will pull off even bigger supply chain operations. We will chain these compromises into devastating follow-on ransomware campaigns." In early April, AI training startup Mercor confirmed it was "one of thousands of companies" affected by the LiteLLM supply-chain attack after Lapsus$ offered 4 TB, including 939 GB of Mercor source code, for sale to the highest bidder. "Instead of just bypassing security tools, they are going after them directly," Aboukhadijeh told us. "They know these products are deeply embedded, highly trusted, and often massively overprivileged. That makes them incredibly effective choke points for both data theft and downstream propagation." ®

Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump

Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one of its GitHub repositories after the Lapsus$ extortion crew claimed to have dumped the company’s source code, secrets, and other sensitive data.…

Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity. [...]

Transakcí jako je prodej kryptoměn, jejich směna nebo využití pro platbu za zboží a služby se může týkat zdanění. Poradíme, co podléhá dani a kdy nic dělat nemusíte.

Pokud okolnosti případu naznačují nízkou společenskou škodlivost pachatelova činu, je povinností soudu to zohlednit, nařídil Ústavní soud. I podmíněný trest pak může být přehnaný.

V sobotu 25. dubna proběhl v Bratislavě čtvrtý ročník konference OpenCamp, na které se mluvilo o otevřené náhradě za špatně fungující slinivku, základech optických sítí, komunikační síti Matrix a dalších tématech.

Na článek s popisem textových režimů čipu ANTIC v počítačích Atari dnes navážeme. Popíšeme si totiž grafické (rastrové) režimy a taktéž si ukážeme, jakým způsobem se řeší jedno z omezení ANTICu: možnost adresovat pouze 4kB video RAM.