Agregátor RSS

Microsoft CEO Satya Nadella last week announced that the company now has more than 20 million enterprise users paying for Microsoft Copilot, according to TechCrunch. That’s up 33% from the 15 million paying customers Microsoft claimed in January.

The AI assistant is now directly integrated in programs such as Word, Excel, and Outlook and Microsoft is rolling out new agent features that allow Copilot to perform multiple steps automatically directly within documents and presentations.

According to Nadella, the number of questions asked of Copilot per user rose by nearly 20% compared to the previous quarter. Weekly usage is now reportedly on par with the Outlook email service.

Microsoft says one advantage for Copilot is that it is no longer locked to a single provider of AI models. In addition to OpenAI’s GPT models, it now also supports models such as Anthropic’s Claude.

A new study from Harvard Medical School indicates that AI can outperform doctors in initial assessments in emergency care, according to The Guardian. The study, published in the journal Science, compared AI tools with doctors in triage situations — the process in which patients are sorted and prioritized, and where quick decisions must be made based on limited information.

The results show that the AI system identified the correct or nearly correct diagnosis in 67% of cases, compared to 50% to 55% percent for doctors. When more detailed patient data was available, the AI’s accuracy increased to 82%, while the doctors’ accuracy ranged from 70% to 79%.

The AI, based on OpenAI’s model o1, also performed better when it came to developing treatment plans. In a test using clinical cases, the AI achieved 89% accuracy, while doctors using traditional tools such as search engines reached 34%.

However, the researchers emphasized that the results do not mean AI can outright replace doctors. The study included only text-based patient information and did not take into account factors such as body language or the patient’s general condition.

Linux security usually comes down to access controls and permissions, but those controls only work if the platform enforcing them holds up. What happens when the control layer most Linux environments depend on fails?

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services. [...]

Small and medium-sized businesses recognize the transformative nature of AI, with two-thirds of respondents in a recent ASUS survey agreeing AI is creating a significant evolution in business practices, and some even calling it “generational.” The question, then, is how best to realize AI’s potential.

For SMBs, following a simple, three-pronged strategy is a good way to get started on your AI journey, says Shawn Chang, General Manager, System Business Group, ASUS North America.

Step 1: Conduct an IT tool audit

Chances are, your employees are already using myriad AI tools, whether IT knows it or not. A survey by Business.com found 84% of SMB employees use chatbots, 67% use AI-powered search, and 41% use image generators, for example.[1] Likewise, 60% of respondents to the ASUS survey already use AI tools for virtual meetings, including automated transcripts, real-time translations, and AI-driven noise cancellation.

The key is to ensure employees use trusted applications and that multiple groups aren’t paying for the same application, which requires an audit to identify which tools are in use, Chang says.

An audit can be as simple as conducting a survey asking which AI tools employees rely on and why, or employing a third-party tool to conduct a company-wide audit. Both are also valuable for determining which apps employees are actually using.[2]

Step 2: Identify one workflow to automate or accelerate

The next step is to identify a workflow that will benefit from AI, whether that means automating it entirely or accelerating it. “Good candidates are tasks that happen frequently and employ structured data, such as spreadsheets or highly formatted text,” Chang says.

It’s best to start with a low-risk process – just in case. That said, a task that has broad application across the organization is a good fit as well, so numerous employees can quickly see the benefit. So, something that touches many employees – such as HR or IT-related tasks – can be a good candidate.

The task must be measurable, and you should define ahead of time what success looks like, whether it’s time saved, fewer required resources, or the like. As food for thought, respondents to the ASUS survey report AI delivers a variety of results, including:

• Increases in productivity and efficiency – 68%
• Superior data analytics and insights – 61%
• More informed decision-making – 56%
• Greater responsiveness to customer needs – 45%

Step 3: Equip your team with hardware built for AI workloads

As you delve in, you will soon learn that many AI applications can benefit from more powerful computers, namely AI PCs. AI PCs have specialized neural processing units (NPUs) to offload compute-intensive tasks from CPUs, along with plenty of memory and the ability to run AI models on the device itself, rather than constantly relying on cloud resources.

AI PCs are catching on in a big way, with Gartner predicting they will represent 55% of the total PC market in 2026, up from 16% in 2024, and will be the norm by 2029.[3]

“Devices like the ASUS Expert Series, which offer up to the Series 3 Intel® Core™ Ultra X9 processor, deliver the power needed for these workloads without draining your battery or slowing down other applications,” Chang says. “They will help your company adopt AI applications that drive greater efficiency, enabling you to better compete with larger organizations.”

Learn more about what your SMB peers think about AI. Download “The Future of SMB Report: Harnessing the Potential of AI PCs.”

[1] “2026 Small Business AI Outlook Report,” January 20, 2026, Business.com.

[2] “18 Application Monitoring Tools to Consider In 2026,” April 15, 2026, CloudZero.

[3] “Gartner Says AI PCs Will Represent 31% of Worldwide PC Market by the End of 2025,” August 28, 2025, Gartner.

Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule and automate file movement workflows in enterprise environments without requiring any custom scripts.  The

Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule and automate file movement workflows in enterprise environments without requiring any custom scripts.  The Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. [...]

Apple last week nixed its long-held “net cash neutral” target, a move analysts see as giving the company more flexibility to make massive infrastructure investments or acquisitions. Naturally, as AI is the only thing that seems to matter in tech these days, commentators rushed to speculate on potential acquisition targets in the AI space.

The thing is, this may not be about AI. 

Now that Apple has confirmed John Ternus as its next CEO, the market can stop treating the company’s cash shift as speculative and start treating it as strategic. Ternus, a hardware‑first leader by background, understands the value of services and has pledged to expand Apple’s services business. 

Services, services, services

The great thing about services is that they provide the company with a solid and predictable revenue stream to insulate it from fluctuations in product-driven business. We’ve seen this in the last few years, with Apple’s dramatically climbing services income acting as a cushion against slow product quarters, empowering the company to return successive record results. There is no doubt the high margins generated by services oils Apple’s business machinery.

“I look forward to continuing to expand that and continuing to look for the kinds of services where we’re really finding the opportunities between the hardware and software,” Ternus said, pointing particularly at Apple Pay. 

Years of watching the company tells me that Apple tends to leave the truth in plain sight if you happen to be sensitive to it; I read that statement as suggesting the company is preparing to introduce its latest Apple Pay service updates.

Apple Card for the rest of us?

The most widely awaited of these would be the introduction of an upgraded Apple Card service with a new provider. The limitation of the Apple Card (other than the waning enthusiasm of card partner, Goldman Sachs and the long journey to find a new partnership with JP Morgan Chase) is that it is still only available in the US, despite global interest. It is challenging for Apple to meet that interest due to a smorgasbord of different data, financial services, and local regulations. Apple Card in India, for instance, would be challenged by local regulations that forbid banking partners from storing transaction data, while in Europe the reward structure would need to be revised to consider the much lower interchange fees charged for credit card transactions there. 

Ultimately, whoever Apple works with on the service would have to accommodate credit risk and it’s probable the computer company will need to underwrite some of that risk. If it wants to expand this service internationally — perhaps with the provision of additional banking services in some nations — this would be a good use of Apple’s ongoing money mountain, enabling it to deepen its move into financial services.

A world of opportunities

Of course, Apple Card is far from the only service that could benefit from Apple’s decision to use cash more strategically. Beyond any potential AI acquisitions, the company could also take positions in streaming entertainment partners, for example; the ever-speculated on Disney purchase is just one of a multitude of options there, but Netflix also seems within Apple’s multi-billion dollar reach.

Apple also has the good fortune to sit at the crossroads of technology, the liberal arts, and health, so it could think about health insurance as a potential space for services expansion. Also, given the company’s continued move to rebuild its business along the lines of a closed loop manufacturing chain, at what point does it make sense for it to invest in its own clean energy supply? 

Stop to think about it and there really are a ton of highly profitable options for major Apple investments that could drive the business forward, and many of these have nothing much to do with AI (except, of course, software). Perhaps that’s a good thing. 

Smart about AI

The rapid pace of AI development and deployment almost certainly mean the fundamentals of the AI landscape will change swiftly. Server-based AI might remain the interaction for most of us, but high-value services will inevitably be found in on-premises, sovereign, ultra-secure, and/or edge device AI. 

That rapid evolution means a billion spent on an essential component today could be meaningless in five years. Plus, with a multitude of emerging AI companies, it’s inevitable some — potentially with valuable technologies — will fail. 

In this context, it makes sense for Apple to crouch, tiger-like, waiting to jump in to make strategic acquisitions as the competitive environment forces some of the smaller AI players to the wall. Apple won’t be alone in any potential bidding wars, but its decision to use its cash flow strategically means it might nail some of those deals. 

Coming soon?

The timing of Apple’s news about its handling of cash matters. Now that shareholders have been told to expect it, the business can change direction. 

Should we expect any immediate moves? If the company has any quick plans, it’s possible we may learn more at WWDC in June — or perhaps at the big iPhone reveal this fall, when the Cook-Ternus transition is complete. Ultimately, Apple’s next phase won’t be defined solely by what it does acquire, but in which parts of the business it chooses to invest.

Please follow me on social media: BlueSky,  LinkedIn, or Mastodon.

When it comes to securing enterprise supply chains, now heavily infused with AI applications and agents, a software bill of materials (SBOM) no longer provides a complete inventory of all the components in the environment. Enter AI-BOMs. While a traditional SBOM includes all of the software packages and dependencies in the organization, an AI-BOM aims to cover the gaps introduced by AI assets by providing visibility across all of the models, datasets, SDK libraries, MCP servers, ML frameworks, agents, agentic skills, prompts, and other AI tools - plus how these AI components interact with each other and connect to workflows. "Imagine if AI is a birthday cake in the middle of this room, but you don't know how it got there," Ian Swanson, VP of AI security at Palo Alto Networks said in an interview with The Register. "You don't know the recipe, you don't know the ingredients, you don't know the baker. Would you eat a slice of that cake?" A lot of organizations are eating the cake anyway. In addition to the company-sanctioned models and AI used in the tech stack, there's also the problem of "shadow AI" - we used to call this "shadow IT" - and these unsanctioned tools also need to be brought out of the shadows so they can be accounted for. This includes all the vibe coding platforms and agents that individual employees spin up, along with any external chatbots they interact with on work computers and potentially input sensitive corporate data into.  To secure all of these AI ingredients baked into the cake, companies first need to know what they are, what they connect to, and how they are being used. "In general, organizations that are trying to wrap their head around AI security," Amy Chang, Cisco's head of AI threat intelligence and security research told The Register. "They want a way to be able to identify what AI assets exist in their environment. A tool like the AI bill of materials is one of those first places that you can start to get a better understanding of what exists." Up next: model provenance Cisco previously open sourced its AI-BOM, making it free for anyone to scan codebases, container images, and cloud environments to produce this bill of materials. On Friday, it also made available its Model Provenance Kit as an open source tool to track model provenance. In a blog announcing the new repository, Chang and other AI researchers describe it as a DNA test for AI models, and it determines provenance using one of two modes: compare or scan. Compare mode takes any two models and shows their similarity across metadata, tokenizer structure, weight-level signals along with a final composite score. Scam mode starts with a single model and matches it against a database to determine the closest lineage candidates - and to help with this mode, Cisco also released a model fingerprint database covering about 150 base models across more than 45 families and over 20 publishers. Chang told us that the new AI tool performs two gate checks. "First, at the metadata level, it compares the information from the base model with the fine-tuned version of the model to delineate some sort of provenance-linked relationship - like this was derived from Meta Llama 4, or derived from Alibaba Qwen3," she said. "Then, what we do is look at weight-based signifiers. So now we're providing a sort of verifiable, repeatable and provable way to attest that the models that you use and deploy, that are customer facing, that are ingesting all this data, are truly the models that that you're supposed to be using, or that that are within the confines of your risk tolerance." During our interview, Chang pointed to Cursor's Composer 2, which is partly built on Kimi 2.5, a Chinese open source model. "They were very quick to admit that, yes, we used the Chinese model to build this," she said. "But that could have regulatory or compliance risk." Case in point: The European Union's AI Act mandates organizations document training data, characteristics of training methodology, and risk assessments for "high-risk systems." Google's Wiz, in its AI-BOMs, also accounts for all of the tools in the developers' workstation, such as a laptop or integrated development environment, that went into building the AI application. "Many people define visibility or BOMs by what's actually in the final artifact, but we also extend the definition of BOMs in general and AI-BOMs in particular to include the AI tools that went into building that application," Ziad Ghalleb, Wiz technical product marketing manager, told us.  "And then another important aspect is the identities that are attached to these AI workloads, because all these agents or models, tools, etc., are tied to a specific identity inside your environment," Ghalleb added. "So you need to be looking at these non-human identities that are related to these systems. It's not just the resources. It's also the identities and the permission sets that are tied to them." All of this boils down to visibility and security. "If you don't have visibility of these workloads, then you can't really understand what it is to protect," Swanson said.  Protection against poisonings Enterprises aren't the only ones madly rushing to incorporate AI tools into their workloads and processes, as everyone who reads The Reg likely knows. Criminals are also using these same tools to move faster and make their attacks more efficient. As Sherrod DeGrippo, Microsoft's GM of global threat intelligence, told The Register in a previous interview: This includes tasks such as performing reconnaissance on compromised computers, and standing up and managing attack infrastructure. "Agentic, automated reconnaissance against systems is something that is worth taking a look at," DeGrippo said. "Go find out about XYZ, and come back to me with everything you've seen. Go scan the net blocks owned by this particular entity." According to Swanson, this is also a case where having an AI-BOM can help defenders respond faster. He says he can't name the company, but in one incident that Palo Alto Networks responded to, a criminal group used AI to scout out the victim organization and locate exposed endpoints.  "One of the things that they did is get access to system prompts, the instructions to an AI workload that tells it what it can do, and what it can't do," Swanson said. And once the attacker gained access to the company's internal AI's system prompts, they modified them to force the AI to do things that it shouldn't - like steal data, and send it to an external email account. An AI-BOM would provide an understanding of the AI system's configurations and dependencies at a specific state in time - and also indicate any changes. "If you had understanding of state and understanding of state changes, then you would be able to go back to an AI bill of materials and say: 'What system prompt was used within the ingredients to create the AI application?' And then see it's changed from a prior state to a new state. So we should probably check this and see if there's anything bad that's happening here," Swanson said. "And in that case, you'd be able to catch it." Other supply chain attacks such as model and skills poisoning underscore the risks of not knowing what AI tools are in an IT environment.  "Skills that people use in coordination with a lot of these coding assistants are pretty easy to tamper with, and so it's important to be able to scan them to make sure that somebody is not manipulating the capabilities," Swanson said. If a skill is supposed to provide a weather forecast, it shouldn't also steal credentials or leak secrets, he explained. "Understand state changes, constantly scan these artifacts for supply chain risks, and then at the point of runtime, when your AI application is live, also look at all communications to make sure that nothing bad is happening," Swanson said. AI-BOMs (and their software counterparts) can also help organizations quickly identify compromised open source code running on corporate systems. For example: the recent rash of poisoned npm and PyPI packages and earlier Shai-Hulud worm credential stealer attacks. Both of these campaigns targeted code commonly integrated into AI applications. Even in the absence of a CVE identifier, an AI-BOM lets users query "related libraries or packages," and then identify any malicious versions in their environment, Ghalleb said. "There's no CVE attached to them, but at least you know how to remove these to contain an evolving threat." ®

'If you don't have visibility, you can't understand what to protect'

When it comes to securing enterprise supply chains, now heavily infused with AI applications and agents, a software bill of materials (SBOM) no longer provides a complete inventory of all the components in the environment. Enter AI-BOMs.…

Autonomní taxíky jsou hitem současnosti a predikuje se jim velká budoucnost. Slabým článkem je nabíjení, které u současných řešení vyžaduje lidskou pomoc. Zatím se rýsují tři řešení: Tesla u svého Robotaxi plánuje indukční podložkou, na kterou auto samo najede. Nevýhodou je mizerná efektivita ...

This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and scaling

This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and scaling Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Omezení lidské činnosti v uzavřené zóně umožnilo nárůst vlčí populace • Černobylští vlci si vytvořili odolnost vůči dlouhodobému radioaktivnímu záření • Genetické mutace zvířata chrání před smrtelnými nádorovými onemocněními

Nový obal KitKat spolehlivě zablokuje 4G, 5G, Bluetooth i GPS • K digitálnímu detoxu nepotřebujete pevnou vůli ani žádnou aplikaci • Projekt představuje chytrý marketingový koncept s nejistým nasazením

Fraudsters aren't hacking credit unions, they are exploiting normal business processes. Flare reveals how structured loan fraud methods use stolen identities to pass verification and secure funds. [...]

Brush (Bo(u)rn(e) RUsty SHell) je v Rustu napsaný shell kompatibilní s Bash (Bourne Again SHell). Vydána byla verze 0.4.0.

Mac mini M4 s 256GB SSD už u Applu nekoupíte. • V Česku ještě zbývá pár volných kusů u prodejců třetích stran. • O stolní Macy je zájem kvůli AI, navíc se blíží další generace.