Agregátor RSS

The synthetic bacteria push the limits of life and could open the door to designer proteins and new medicines.

The bacteria grew, thrived, and divided for hundreds of generations. But they were unlike any other living creatures on Earth. These synthetic cells, called Ec19, were the first to have had one protein “letter”—or amino acid—partially removed.

All life today relies on a set of 20 amino acids to make proteins. Some exotic microbes can use 22, but no one has yet found any that use less. Like letters in a book, amino acids string into coherent protein “sentences” that relay messages and do work within cells. Deleting an amino acid is like trying to type without the letter “e.” The text becomes gibberish.

Or does it? A team from Columbia University and collaborators stripped one amino acid, isoleucine, from ribosomes in Escherichia coli (E. Coli) bacteria. These cellular machines translate DNA into proteins, and they’re among the most complex structures in cells.

Deleting any amino acids could be catastrophic. But with some help from AI, Ec19 was born.

“This is a meaningful and stringent test of the consequences of removing isoleucine from a proteome’s alphabet, because the ribosome is one of life’s most complex and indispensable macromolecular machines,” wrote Charles Sanfiorenzo and Kaihang Wang at the California Institute of Technology, who were not involved in the study.

For the past decade, scientists have been probing the boundaries of life by shrinking genomes in a variety of microbes, adding synthetic amino acids to living cells, and even creating the building blocks for “mirror life.” But they’ve rarely tinkered with the canonical 20 amino acids.

Ec19 rewrites the script, but not for scientific curiosity alone. The findings pave the way for AI to help scientists engineer designer proteins and cells with added capabilities for use in biotechnology and medicine. It could also give us a peek into the earliest life on Earth.

“It’s very exciting that it’s possible,” Julius Fredens at the National University of Singapore, who was not involved in the research, told Nature.

Alphabet Rewrite

Life has its own language. DNA’s four molecular letters—A, T, C, G—encode the genetic blueprint. Three-letter units of DNA, called codons, call for each of the 20 amino acids, along with a stop signal that ends protein making.

But the system is redundant. Evolution created 64 codons, with some encoding the same amino acids. Scientists have begun rewriting genomes by assigning redundant codons to synthetic amino acids, yielding working proteins never seen in nature. Because they’re foreign to our bodies, these could escape being broken down—an advantage for drugs designed to last longer. Other researchers are tinkering with the genetic code in bacteria, yeast, and worms, building chromosomes from scratch or probing the limits of a minimal genome that can still support life.

Even the most ambitious tests for synthetic life have avoided whittling down the canonical set of protein letters. But study author Harris Wong was intrigued by the prospect. Some amino acids have similar shapes and chemistry, hinting they could stand in for one another. And mounting evidence suggests early life may have operated using a smaller vocabulary.

The team analyzed nearly 400 proteins essential to E. coli, tracking how often each amino acid was naturally swapped without breaking the protein. Isoleucine took the crown. The bulky, branched molecule was frequently replaced by two cousins similar in shape and chemical behavior. If any amino acid could be removed, isoleucine was it.

The next problem was scale. Previous studies recoded the E. coli genome. But building a stripped-down version of the bacteria would require edits at more than 81,000 genomic sites, a daunting challenge that could take years.

Instead, the researchers focused on the ribosome. It was still a lofty goal. The machines that make proteins are essential to life and are themselves made up of 50 proteins. Removing an amino acid would be like ridding metal from every part of a car engine and expecting it to run.

“Successfully removing isoleucine from such a large and essential RNA-protein complex would raise the possibility of entire genomes functioning with simplified, noncanonical amino acid alphabets,” wrote Sanfiorenzo and Wang.

The team’s first attempt hit a wall. In multiple bacterial strains, they replaced isoleucine codons with a close natural substitute, an amino acid called valine. Out of the 50 ribosome proteins, 32 edited proteins either hindered growth or triggered death.

Almost ready to shelve the project, the team turned to AI. Like the large language models that power chatbots, these algorithms can be trained on DNA and protein sequences. They can then dream up new amino acid sequences and predict how they fold into working proteins.

In this case, the advantage was creativity. AI came up with unintuitive ways to replace isoleucine without catastrophically damaging a protein’s structure. It sometimes suggested ways to compensate for amino acid swaps by making tweaks located far away in the genome. The team then tested promising designs to see if the bacteria survived and how well they grew.

Eventually, they landed on 47 working ribosome proteins without isoleucine. The remaining three took some elbow grease. They replaced amino acids, one by one, until they found a recipe that worked.

Simplified Life

In the end, the team recoded every protein in the ribosome and built a single E. Coli bacteria, Ec19, carrying 21 of the modified proteins. Its growth slowed a smidge compared to unaltered bacteria, but the bacteria retained the altered ribosome across more than 450 generations.

It wasn’t a full rewrite, but the study is a step toward living cells that can run on 19 amino acids. This would open the door to new kinds of synthetic organisms. Removing isoleucine would free up the codons dedicated to it, making them easier to re-assign to designer amino acids and creating proteins with new chemical properties for medicine, materials, and biotechnology.

Ec19 also challenges our assumptions about life itself. We don’t yet know if the molecular language in modern cells is necessary for survival or is just what evolution settled on. If it’s the latter, how far can we expand that code—and should we?

As scientists use more AI, progress in synthetic biology may speed up. But the models aren’t in the driver’s seat yet. “Human intuition and intervention are still necessary, at least for now, to yield viable biological designs,” wrote Sanfiorenzo and Wang.

The post All Life Uses 20 Amino Acids. Scientists Just Deleted One in Bacteria. appeared first on SingularityHub.

A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses.

Tom Jøran Sønstebyseter Rønning found that passwords are being saved within the browser in plain text, with the effect that any PC, particularly a shared machine, within an organization is a potential risk.

In a post on X, Rønning explained that when users save passwords in Edge, the browser decrypts every credential at startup and keeps it resident in process memory, regardless of whether the user visits the site.

Rønning’s finding was replicated by German IT publication Heise.de, which created and saved a password and found that, even after the browser had been closed and re-opened, the password could be found in plain text.

Microsoft has been nonchalant about the discovery. It said, “Design choices in this area involve balancing performance, usability, and security, and we continue to review it against evolving threats. Browsers access password data in memory to help users sign in quickly and securely — this is an expected feature of the application.”

Rønning published a simple tool on GitHub that enables people to see for themselves that passwords are stored in plain text in memory.

Microsoft dismissed the significance of the passwords’ visibility, saying, “Access to browser data as described in the reported scenario would require the device to already be compromised.”

David Shipley, CEO of Beauceron Security, is not impressed with Microsoft’s response. “No, it’s not a feature. That’s an easy way to cop out of responsibility. It’s almost as bad as when firms say ‘working as designed.’ The point here, as with similar shortcomings, is convenience, speed, and avoiding investing more effort into something that they feel isn’t worth mitigating,” he said.

The bug is an open invitation to cyber criminals, said Shipley. “The old argument is that if malware gains persistence then it doesn’t make a difference, you’re in trouble anyway. It’s waving the white flag at cybercriminals and turning that white flag into a blank check for info stealers.”

Other browsers don’t suffer from the issue. For example, Google Chrome, in line with security industry recommendations, offers a system called App Bound Encryption that encrypts browser data and ensures that it is not stored in process memory in plain text.

It is not a foolproof system; it has been broken in the past, but by determined hackers. The Microsoft bug, on the other hand, requires little skill to exploit.

Shipley said that if Google can do a better job of securing its browser, there is no reason why Microsoft couldn’t do so with Edge. “It’s clearly not a technical hurdle. It’s a motivational one, which shouldn’t surprise anyone because Microsoft is giving away the browser. You don’t pay for it, so why should they care about locking it down more than the bare minimum?“

Given Microsoft’s attitude, users may well want to look for another password manager, something that would be more secure.

This article has been updated with a response from Microsoft.

Daemon Tools, a widely used app for mounting disk images, has been backdoored in a monthlong compromise that has pushed malicious updates from the servers of its developer, researchers said Tuesday.

Kaspersky, the security firm reporting the supply-chain attack, said it began on April 8 and remained active as of the time its post went live. Installers that are signed by the developer’s official digital certificate and downloaded from its website infect Daemon Tools executables, causing the malware to run at boot time. Kaspersky didn’t explicitly say so, but based on technical details, the infected versions appear to be only those that run on Windows. Versions 12.5.0.2421 through 12.5.0.2434 are affected. Neither Kaspersky nor developer AVB could be contacted immediately for additional details.

Hard to defend against

Infected versions contain an initial payload that collects MAC addresses, hostnames, DNS domain names, running processes, installed software, and system locales. The malware sends them to an attacker-controlled server. Thousands of machines in more than 100 countries were targeted. Out of the many machines infected, about 12 of them, belonging to retail, scientific, government, and manufacturing organizations, have received a follow-on payload—an indication that the supply-chain attack targets select groups.

Read full article

Comments

Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. [...]

Neziskové průmyslové konsorcium Khronos Group vydalo verzi 3.1 specifikace OpenCL (Open Computing Language). OpenCL je průmyslový standard pro paralelní programování heterogenních počítačových systémů.

Ask Jeeves, the popular search engine where users could enter questions using natural language, launched on June 1, 1997. Nine years later, it was rebranded as Ask.com — and ever since, the number of users has declined with each passing year.

On Friday, the service shut down for a good — a move made necessary due to its inability to compete with new AI tools, according to Mashable.

“We are deeply grateful to the brilliant developers and designers who have built and supported Ask over the decades,” reads the final message on the now-defunct search site. “And to you — the millions of users who turned to us for answers in a rapidly changing world — thank you for your endless curiosity, your loyalty, and your trust. The spirit of Jeeves will live on.”

Vyšel Notepad++ for Mac, ale nestojí za ním původní autor Notepadu++. • Aplikace přinesla všechny funkce z Windows, podporuje i pluginy. • Existuje však velká spousta alternativ, takže není moc důvodů ji používat.

A 23-year-old university student in Taiwan was arrested for interfering with the TETRA communication system used by the country's high-speed railway network (THSR). [...]

ServiceNow announced an expansion of its AI Control Tower, transforming what began last year as a governance dashboard into what the company now describes as a command center for managing AI assets across an entire enterprise, including those running outside ServiceNow's own platform. The updated AI Control Tower, shipping as part of ServiceNow's Australia platform release, now operates across five areas: discovery, observation, governance, security, and measurement. The company said that this is its answer to AI agent sprawl, as enterprises have deployed more AI than they can account for and the tools to govern it have not kept pace. “What we launched last year gave customers a governance layer, but what we're shipping this year goes significantly deeper, evolving from visibility and management into a full enterprise AI command center,” Nenshad Bardoliwalla, group vice president of AI products at ServiceNow told reporters during a media briefing ahead of the company’s annual product show, Knowledge 26. “Our AI control tower ensures every AI system asset and identity is compliant, secure, and aligned with your strategy.” The AI Control Tower now reaches beyond ServiceNow's own platform with 30 new enterprise connectors that span all three major hyperscalers, Amazon Web Services, Google Cloud, and Microsoft Azure, along with enterprise applications such as SAP, Oracle, and Workday. The system can now discover AI assets, models, agents, prompts, and datasets running across an organization's full technology estate, not just those deployed on ServiceNow. “With our Veza integration, we're bringing patented access graph technology into the AI control tower, extending identity access governance to hyperscaler AI environments and every connected device, every agent, every model, every action has scope permissions, least privilege enforcement and auditable identity chains,” Bardoliwalla said. Bardoliwalla walked through a demo in which the AI Control Tower detected a prompt injection attack on a pricing agent. The system identified malicious instructions hidden inside order payloads, mapped the blast radius of affected systems using access graph technology from Veza, and presented a kill switch to disable the compromised agent, without human intervention. "You need a system that senses, decides and acts on its own, that can scale with your AI portfolio, not your head count," said Bardoliwalla. Two recent acquisitions underpin the security architecture. ServiceNow announced in December it would acquire Veza, which contributes an access graph that maps every identity and access path across systems whether it belongs to humans, machines, or AI agents. It also knows which entities have create, read, update, and delete-level permissions. ServiceNow said the access graph currently maps over 30 billion fine-grained permissions. When a vendor pushes a new version of a model or agent, the platform detects permission changes and automatically triggers a re-scoping workflow. Traceloop, which ServiceNow acquired in March, provides deep AI observability inside the Control Tower by tracking every LLM call that is running in the system. The integration delivers continuous runtime monitoring with live alerts, replacing what ServiceNow described as the periodic manual audits most enterprises still rely on. Teams can watch how agents reason, where they make decisions, and when to course-correct. ServiceNow also addressed the cost side of the AI equation. Control Tower now includes cost tracking and ROI dashboards to give finance teams visibility into model spend. The measurements track token consumption across providers such as OpenAI, Anthropic, and Google so customers can predict costs and tie spending to business outcomes. ServiceNow said it uses the AI Control Tower internally to manage over 1,600 AI assets and tracked half a billion dollars in cumulative AI value from internal use cases in 2025. "The number one question every CFO is asking is, where's the value?" said Bardoliwalla during the briefing. He added that runaway model spend ranks among the biggest pain points enterprises currently face as they scale AI deployments. Alongside the Control Tower expansion, ServiceNow announced Action Fabric, a mechanism that opens the company's full workflow engine to external AI agents. Through a generally available MCP server, agents built on Claude, Copilot, or custom platforms can now trigger governed enterprise actions — not just read and write data, but execute the flows, playbooks, approval chains, and catalog requests that ServiceNow customers have built over years. Anthropic is the first design partner for Action Fabric. The integration connects Claude directly to ServiceNow's governed system of action. "The gap between knowing what needs to happen and making it happen is where productivity dies," said Boris Cherny, head of Claude Code at Anthropic said in a statement. "Connecting Claude Cowork to ServiceNow's system of action closes that gap with enterprise execution, directly in the flow of work." Every action routed through Action Fabric runs through the AI Control Tower, so it carries identity verification, permission scoping, and a full audit trail. The MCP server is included in every Now Assist and AI Native SKU, with additional features planned for the second half of 2026.

Světlo BenQ ScreenBar Halo 2 zlevnilo na 3615 Kč, běžně stojí přes čtyři tisíce. • Jde o nejlepší lampičku na monitor, kterou si můžete koupit. • Dobře vypadá, má kvalitní diody a osvítí i stěnu za monitorem.

The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution (RCE). The vulnerability, tracked as CVE-2026-23918 (CVSS score: 8.8), has been described as a case of "double free and possible RCE" in the HTTP/2 protocol handling. This issue

The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution (RCE). The vulnerability, tracked as CVE-2026-23918 (CVSS score: 8.8), has been described as a case of "double free and possible RCE" in the HTTP/2 protocol handling. This issue Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. "These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital certificates belonging to DAEMON Tools developers," Kaspersky researchers  Igor Kuznetsov, Georgy Kucherin, Leonid

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. "These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital certificates belonging to DAEMON Tools developers," Kaspersky researchers  Igor Kuznetsov, Georgy Kucherin, Leonid Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Apple has held “exploratory” talks about manufacturing processors for its devices in the US, Bloomberg reports. The move seems to reflect Apple’s need to secure additional chip supplies to meet growing demand for its products, but could also represent a contingency plan to reduce the company’s reliance on Taiwan Semiconductor Manufacturing Company (TSMC’s) advanced manufacturing facilities in Taiwan.

I doubt this means Apple doesn’t want to work with TSMC, nor does it mean TSMC is cooling on Apple. I suspect company management is far more concerned about what might happen in the event China attacks TSMC’s home nation. 

Contingency planning 

That concern seems legitimate in the context of unravelling of international relations and a recently-disclosed warning the CIA gave to tech leaders back in 2023. Executives from Apple, AMD, and Qualcomm were all warned that China might attack Taiwan. Such an attack would comprise a huge threat to the entire tech industry. Speaking at the World Economic Forum in January, US Treasury Secretary Scott Bessent warned of an “economic apocalypse” if Tawain were to be blockaded or its capacity destroyed.

Apple derives nearly every chip it uses in its devices from factories in Taiwan. To reduce that risk, it is investing in TSMC factories for this in the US, including at the Fab 21 site in Arizona where small-scale processor production has already begun.

Checks and limits

Setting up new processor production facilities is expensive, takes time, and requires teams of specialized tooling engineers and operators hard to find in the US. In the medium term, you should expect those missing skill sets to be served by robotics, though that will also take time. Apple is investing in AI-augmented manufacturing across its supply chain right now.

Manufacturing processors at the scale Apple requires is not yet possible in the US, so it makes sense for the company to explore other options to meet demand. These early talks appear to show the company is considering the options available to it.

But even if its chip manufacturing supply weren’t threatened by growing international tensions, Apple has another challenge. It can’t make enough chips to satisfy demand. This was a central thesis during the company’s recent financial call when Apple CEO Tim Cook confessed Apple couldn’t meet demand for MacBook Neo, Mac mini, or Mac Studio because it couldn’t get sufficient supply of the high-end nodes it uses in SoC production. 

“The constraints that we have are driven by the availability of the advanced nodes that our SoCs are produced on…,” Cook said. “We’re seeing less flexibility in the supply chain than normal.”

 Those high-end nodes are, of course, made in Taiwan. 

The scale of the problem

To get a sense of the scale of the Apple supply chain, the company confirmed that it sourced 19 billion chips from across a dozen US states in 2025. Most, though not all, of these processors are far less advanced than the main processor in Apple’s devices; they’re lower tier and used for things like power management, Wi-Fi, or display drivers. Apple is investing hundreds of billions of dollars to expand its manufacturing supply chain in the US, including a commitment to assemble Mac minis here. But it will take a very long time to completely replicate what it has already, particularly in China and Taiwan. 

Apple has a golden problem to further complicate the sum. Demand for its products is increasing. Apple confirmed this is across all its products. The company also saw growth in every market, including strong double-digit growth in Greater China and the rest of Asia-Pacific. People are flocking to its platforms, giving it an installed base of 2.5 billion devices — including “record numbers” of new Mac customers and record iPhone 17 sales. Meanwhile, demand for the MacBook Neo is “off the charts,” Cook said. This Apple adoption curve is real, and the challenge of meeting that demand is also real, which is why Cook warned that supply constraints would persist for months.

Apple needed to start somewhere

This is the background to Apple’s reported meetings with potential chip suppliers at Intel and Samsung, neither of which are likely to be able to match TSMC’s scale. Apple hasn’t made any decisions yet and these talks are described as preliminary. But they reflect the company’s need to protect its business against additional shocks while ramping its supply chain up to meet new demand. These discussions could go nowhere, of course. In the meantime, TSMC expects to make 100 million processors for Apple at its US factory this year.

That remains a drop in the ocean compared to the scale of demand Apple faces. It doesn’t meaningfully reduce Apple’s near-term risk, but is at least a start. The question for the rest of us will be if Apple, its partners, or the wider tech industry, can mitigate against these risks swiftly enough.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Společnost Apple oznámila hospodářské výsledky za uplynulý kvartál a vypíchla několik důležitých faktů. Citelný meziroční nárůst tržeb o 17 % na více než 111 miliard dolarů. Zisk rozpočtený na jednu akcii dosáhl 2,01 USD, což je o 22 % více než loni. Šéf firmy Tim Cook se nechal slyšet, že ...

CISA is warning that a newly-disclosed Linux kernel bug dubbed "CopyFail" is already being exploited, just days after researchers dropped a working root-level exploit. Tracked as CVE-2026-31431, the bug sits in the Linux kernel and gives low-level users a way to take full control of a system by modifying data they should only be able to read, effectively turning limited access into full root privileges on unpatched machines. The issue was disclosed by cybersecurity consultancy Theori, which said the flaw was discovered by its AI-powered penetration testing platform, Xint, and reported to the Linux kernel security team on March 23. Major Linux distributions pushed out patches ahead of public disclosure, which Theori published alongside a proof-of-concept exploit. The Python-based code works against Ubuntu 24.04 LTS, Amazon Linux 2023, RHEL 10.1, and SUSE 16, but the researchers warned that every mainstream Linux kernel built since 2017 is in scope of potential exploitation. "Same script, four distributions, four root shells — in one take. The same exploit binary works unmodified on every Linux distribution," Theori says. That level of reliability has not gone unnoticed. The CISA, the US government's cybersecurity agency, has added the bug to its Known Exploited Vulnerabilities catalog and ordered Federal Civilian Executive Branch agencies to patch within two weeks, setting a May 15 deadline. Microsoft backed CISA's findings and said it is already seeing signs of activity following the PoC's release. "Given the availability of a fully working exploit proof-of-concept (PoC) and the race to patch systems, Microsoft Defender is seeing preliminary testing activity that might result most likely in increased threat actor exploitation over the next few days," the company warned. The mechanics help explain the urgency. The attack is local and requires little access, with no user interaction, so anyone who already has a foothold on a vulnerable box can try their luck. It is the kind of bug that turns a small break-in into full control pretty quickly. As The Register reported last week, the flaw stems from how the kernel handles certain cryptographic operations, opening a path to tamper with cached data in ways that were never meant to be user-controlled. With a reliable exploit now in the wild, that design quirk has effectively turned into a universal privilege-escalation trick. ®

Researchers dropped a reliable root exploit and it didn’t sit idle for long

CISA is warning that a newly-disclosed Linux kernel bug dubbed "CopyFail" is already being exploited, just days after researchers dropped a working root-level exploit.…