Agregátor RSS

A previously undocumented Linux implant named Quasar Linux (QLNX) is targeting developers' systems with a mix of rootkit, backdoor, and credential-stealing capabilities. [...]

V rámci benefitních programů zdravotní pojišťovny nastávajícím a čerstvým maminkám přispívají i několik tisícovek. Využít je lze na nejrůznější vyšetření, pomůcky a někde i na nosítko.

Pro menší firmy, které nepotřebují drahé a sofistikované cloudové prostředí někde v obrovském datacentru, existují některé zajímavé nástroje, které stačí jen správně zvolit a použít.

Sonda do světa otevřeného softwaru. Dnes si představíme nástroj pro správu dlouhodobé paměti AI agentů, vyzkoušíme moderní shell, řekneme si nástroji pro vývoj webových aplikací a podíváme se na vývojové prostředí pro AI agenty.

Vysokohorská gamaobservatoř LHAASO detekovala vysokoenergetické záření gama dvojhvězdy LS I +61° 303, kterou tvoří masivní hvězda s neutronovou hvězdou nebo černou dírou. Tenhle systém vyrábí fotony gama záření o energiích, které přesahují 100 TeV. Kam se hrabe naše staré dobré pozemské LHC.

Loni v březnu přesáhla reklamovanost na Alze 10 %, nyní již 20 %. Core i9-13900KS však není ve výjimečné situaci, Core i9-13900KF jej již dohání a od dosažení 20 % jej dělí poslední tři promile…

The hacker behind a breach at education technology giant Instructure claims to have stolen 280 million data records for students and staff from 8,809 colleges, school districts, and online education platforms. [...]

The synthetic bacteria push the limits of life and could open the door to designer proteins and new medicines.

The bacteria grew, thrived, and divided for hundreds of generations. But they were unlike any other living creatures on Earth. These synthetic cells, called Ec19, were the first to have had one protein “letter”—or amino acid—partially removed.

All life today relies on a set of 20 amino acids to make proteins. Some exotic microbes can use 22, but no one has yet found any that use less. Like letters in a book, amino acids string into coherent protein “sentences” that relay messages and do work within cells. Deleting an amino acid is like trying to type without the letter “e.” The text becomes gibberish.

Or does it? A team from Columbia University and collaborators stripped one amino acid, isoleucine, from ribosomes in Escherichia coli (E. Coli) bacteria. These cellular machines translate DNA into proteins, and they’re among the most complex structures in cells.

Deleting any amino acids could be catastrophic. But with some help from AI, Ec19 was born.

“This is a meaningful and stringent test of the consequences of removing isoleucine from a proteome’s alphabet, because the ribosome is one of life’s most complex and indispensable macromolecular machines,” wrote Charles Sanfiorenzo and Kaihang Wang at the California Institute of Technology, who were not involved in the study.

For the past decade, scientists have been probing the boundaries of life by shrinking genomes in a variety of microbes, adding synthetic amino acids to living cells, and even creating the building blocks for “mirror life.” But they’ve rarely tinkered with the canonical 20 amino acids.

Ec19 rewrites the script, but not for scientific curiosity alone. The findings pave the way for AI to help scientists engineer designer proteins and cells with added capabilities for use in biotechnology and medicine. It could also give us a peek into the earliest life on Earth.

“It’s very exciting that it’s possible,” Julius Fredens at the National University of Singapore, who was not involved in the research, told Nature.

Alphabet Rewrite

Life has its own language. DNA’s four molecular letters—A, T, C, G—encode the genetic blueprint. Three-letter units of DNA, called codons, call for each of the 20 amino acids, along with a stop signal that ends protein making.

But the system is redundant. Evolution created 64 codons, with some encoding the same amino acids. Scientists have begun rewriting genomes by assigning redundant codons to synthetic amino acids, yielding working proteins never seen in nature. Because they’re foreign to our bodies, these could escape being broken down—an advantage for drugs designed to last longer. Other researchers are tinkering with the genetic code in bacteria, yeast, and worms, building chromosomes from scratch or probing the limits of a minimal genome that can still support life.

Even the most ambitious tests for synthetic life have avoided whittling down the canonical set of protein letters. But study author Harris Wong was intrigued by the prospect. Some amino acids have similar shapes and chemistry, hinting they could stand in for one another. And mounting evidence suggests early life may have operated using a smaller vocabulary.

The team analyzed nearly 400 proteins essential to E. coli, tracking how often each amino acid was naturally swapped without breaking the protein. Isoleucine took the crown. The bulky, branched molecule was frequently replaced by two cousins similar in shape and chemical behavior. If any amino acid could be removed, isoleucine was it.

The next problem was scale. Previous studies recoded the E. coli genome. But building a stripped-down version of the bacteria would require edits at more than 81,000 genomic sites, a daunting challenge that could take years.

Instead, the researchers focused on the ribosome. It was still a lofty goal. The machines that make proteins are essential to life and are themselves made up of 50 proteins. Removing an amino acid would be like ridding metal from every part of a car engine and expecting it to run.

“Successfully removing isoleucine from such a large and essential RNA-protein complex would raise the possibility of entire genomes functioning with simplified, noncanonical amino acid alphabets,” wrote Sanfiorenzo and Wang.

The team’s first attempt hit a wall. In multiple bacterial strains, they replaced isoleucine codons with a close natural substitute, an amino acid called valine. Out of the 50 ribosome proteins, 32 edited proteins either hindered growth or triggered death.

Almost ready to shelve the project, the team turned to AI. Like the large language models that power chatbots, these algorithms can be trained on DNA and protein sequences. They can then dream up new amino acid sequences and predict how they fold into working proteins.

In this case, the advantage was creativity. AI came up with unintuitive ways to replace isoleucine without catastrophically damaging a protein’s structure. It sometimes suggested ways to compensate for amino acid swaps by making tweaks located far away in the genome. The team then tested promising designs to see if the bacteria survived and how well they grew.

Eventually, they landed on 47 working ribosome proteins without isoleucine. The remaining three took some elbow grease. They replaced amino acids, one by one, until they found a recipe that worked.

Simplified Life

In the end, the team recoded every protein in the ribosome and built a single E. Coli bacteria, Ec19, carrying 21 of the modified proteins. Its growth slowed a smidge compared to unaltered bacteria, but the bacteria retained the altered ribosome across more than 450 generations.

It wasn’t a full rewrite, but the study is a step toward living cells that can run on 19 amino acids. This would open the door to new kinds of synthetic organisms. Removing isoleucine would free up the codons dedicated to it, making them easier to re-assign to designer amino acids and creating proteins with new chemical properties for medicine, materials, and biotechnology.

Ec19 also challenges our assumptions about life itself. We don’t yet know if the molecular language in modern cells is necessary for survival or is just what evolution settled on. If it’s the latter, how far can we expand that code—and should we?

As scientists use more AI, progress in synthetic biology may speed up. But the models aren’t in the driver’s seat yet. “Human intuition and intervention are still necessary, at least for now, to yield viable biological designs,” wrote Sanfiorenzo and Wang.

The post All Life Uses 20 Amino Acids. Scientists Just Deleted One in Bacteria. appeared first on SingularityHub.

A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses.

Tom Jøran Sønstebyseter Rønning found that passwords are being saved within the browser in plain text, with the effect that any PC, particularly a shared machine, within an organization is a potential risk.

In a post on X, Rønning explained that when users save passwords in Edge, the browser decrypts every credential at startup and keeps it resident in process memory, regardless of whether the user visits the site.

Rønning’s finding was replicated by German IT publication Heise.de, which created and saved a password and found that, even after the browser had been closed and re-opened, the password could be found in plain text.

Microsoft has been nonchalant about the discovery. It said, “Design choices in this area involve balancing performance, usability, and security, and we continue to review it against evolving threats. Browsers access password data in memory to help users sign in quickly and securely — this is an expected feature of the application.”

Rønning published a simple tool on GitHub that enables people to see for themselves that passwords are stored in plain text in memory.

Microsoft dismissed the significance of the passwords’ visibility, saying, “Access to browser data as described in the reported scenario would require the device to already be compromised.”

David Shipley, CEO of Beauceron Security, is not impressed with Microsoft’s response. “No, it’s not a feature. That’s an easy way to cop out of responsibility. It’s almost as bad as when firms say ‘working as designed.’ The point here, as with similar shortcomings, is convenience, speed, and avoiding investing more effort into something that they feel isn’t worth mitigating,” he said.

The bug is an open invitation to cyber criminals, said Shipley. “The old argument is that if malware gains persistence then it doesn’t make a difference, you’re in trouble anyway. It’s waving the white flag at cybercriminals and turning that white flag into a blank check for info stealers.”

Other browsers don’t suffer from the issue. For example, Google Chrome, in line with security industry recommendations, offers a system called App Bound Encryption that encrypts browser data and ensures that it is not stored in process memory in plain text.

It is not a foolproof system; it has been broken in the past, but by determined hackers. The Microsoft bug, on the other hand, requires little skill to exploit.

Shipley said that if Google can do a better job of securing its browser, there is no reason why Microsoft couldn’t do so with Edge. “It’s clearly not a technical hurdle. It’s a motivational one, which shouldn’t surprise anyone because Microsoft is giving away the browser. You don’t pay for it, so why should they care about locking it down more than the bare minimum?“

Given Microsoft’s attitude, users may well want to look for another password manager, something that would be more secure.

This article has been updated with a response from Microsoft.

Daemon Tools, a widely used app for mounting disk images, has been backdoored in a monthlong compromise that has pushed malicious updates from the servers of its developer, researchers said Tuesday.

Kaspersky, the security firm reporting the supply-chain attack, said it began on April 8 and remained active as of the time its post went live. Installers that are signed by the developer’s official digital certificate and downloaded from its website infect Daemon Tools executables, causing the malware to run at boot time. Kaspersky didn’t explicitly say so, but based on technical details, the infected versions appear to be only those that run on Windows. Versions 12.5.0.2421 through 12.5.0.2434 are affected. Neither Kaspersky nor developer AVB could be contacted immediately for additional details.

Hard to defend against

Infected versions contain an initial payload that collects MAC addresses, hostnames, DNS domain names, running processes, installed software, and system locales. The malware sends them to an attacker-controlled server. Thousands of machines in more than 100 countries were targeted. Out of the many machines infected, about 12 of them, belonging to retail, scientific, government, and manufacturing organizations, have received a follow-on payload—an indication that the supply-chain attack targets select groups.

Read full article

Comments

Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. [...]

Neziskové průmyslové konsorcium Khronos Group vydalo verzi 3.1 specifikace OpenCL (Open Computing Language). OpenCL je průmyslový standard pro paralelní programování heterogenních počítačových systémů.

Ask Jeeves, the popular search engine where users could enter questions using natural language, launched on June 1, 1997. Nine years later, it was rebranded as Ask.com — and ever since, the number of users has declined with each passing year.

On Friday, the service shut down for a good — a move made necessary due to its inability to compete with new AI tools, according to Mashable.

“We are deeply grateful to the brilliant developers and designers who have built and supported Ask over the decades,” reads the final message on the now-defunct search site. “And to you — the millions of users who turned to us for answers in a rapidly changing world — thank you for your endless curiosity, your loyalty, and your trust. The spirit of Jeeves will live on.”

Vyšel Notepad++ for Mac, ale nestojí za ním původní autor Notepadu++. • Aplikace přinesla všechny funkce z Windows, podporuje i pluginy. • Existuje však velká spousta alternativ, takže není moc důvodů ji používat.

A 23-year-old university student in Taiwan was arrested for interfering with the TETRA communication system used by the country's high-speed railway network (THSR). [...]

ServiceNow announced an expansion of its AI Control Tower, transforming what began last year as a governance dashboard into what the company now describes as a command center for managing AI assets across an entire enterprise, including those running outside ServiceNow's own platform. The updated AI Control Tower, shipping as part of ServiceNow's Australia platform release, now operates across five areas: discovery, observation, governance, security, and measurement. The company said that this is its answer to AI agent sprawl, as enterprises have deployed more AI than they can account for and the tools to govern it have not kept pace. “What we launched last year gave customers a governance layer, but what we're shipping this year goes significantly deeper, evolving from visibility and management into a full enterprise AI command center,” Nenshad Bardoliwalla, group vice president of AI products at ServiceNow told reporters during a media briefing ahead of the company’s annual product show, Knowledge 26. “Our AI control tower ensures every AI system asset and identity is compliant, secure, and aligned with your strategy.” The AI Control Tower now reaches beyond ServiceNow's own platform with 30 new enterprise connectors that span all three major hyperscalers, Amazon Web Services, Google Cloud, and Microsoft Azure, along with enterprise applications such as SAP, Oracle, and Workday. The system can now discover AI assets, models, agents, prompts, and datasets running across an organization's full technology estate, not just those deployed on ServiceNow. “With our Veza integration, we're bringing patented access graph technology into the AI control tower, extending identity access governance to hyperscaler AI environments and every connected device, every agent, every model, every action has scope permissions, least privilege enforcement and auditable identity chains,” Bardoliwalla said. Bardoliwalla walked through a demo in which the AI Control Tower detected a prompt injection attack on a pricing agent. The system identified malicious instructions hidden inside order payloads, mapped the blast radius of affected systems using access graph technology from Veza, and presented a kill switch to disable the compromised agent, without human intervention. "You need a system that senses, decides and acts on its own, that can scale with your AI portfolio, not your head count," said Bardoliwalla. Two recent acquisitions underpin the security architecture. ServiceNow announced in December it would acquire Veza, which contributes an access graph that maps every identity and access path across systems whether it belongs to humans, machines, or AI agents. It also knows which entities have create, read, update, and delete-level permissions. ServiceNow said the access graph currently maps over 30 billion fine-grained permissions. When a vendor pushes a new version of a model or agent, the platform detects permission changes and automatically triggers a re-scoping workflow. Traceloop, which ServiceNow acquired in March, provides deep AI observability inside the Control Tower by tracking every LLM call that is running in the system. The integration delivers continuous runtime monitoring with live alerts, replacing what ServiceNow described as the periodic manual audits most enterprises still rely on. Teams can watch how agents reason, where they make decisions, and when to course-correct. ServiceNow also addressed the cost side of the AI equation. Control Tower now includes cost tracking and ROI dashboards to give finance teams visibility into model spend. The measurements track token consumption across providers such as OpenAI, Anthropic, and Google so customers can predict costs and tie spending to business outcomes. ServiceNow said it uses the AI Control Tower internally to manage over 1,600 AI assets and tracked half a billion dollars in cumulative AI value from internal use cases in 2025. "The number one question every CFO is asking is, where's the value?" said Bardoliwalla during the briefing. He added that runaway model spend ranks among the biggest pain points enterprises currently face as they scale AI deployments. Alongside the Control Tower expansion, ServiceNow announced Action Fabric, a mechanism that opens the company's full workflow engine to external AI agents. Through a generally available MCP server, agents built on Claude, Copilot, or custom platforms can now trigger governed enterprise actions — not just read and write data, but execute the flows, playbooks, approval chains, and catalog requests that ServiceNow customers have built over years. Anthropic is the first design partner for Action Fabric. The integration connects Claude directly to ServiceNow's governed system of action. "The gap between knowing what needs to happen and making it happen is where productivity dies," said Boris Cherny, head of Claude Code at Anthropic said in a statement. "Connecting Claude Cowork to ServiceNow's system of action closes that gap with enterprise execution, directly in the flow of work." Every action routed through Action Fabric runs through the AI Control Tower, so it carries identity verification, permission scoping, and a full audit trail. The MCP server is included in every Now Assist and AI Native SKU, with additional features planned for the second half of 2026.

Světlo BenQ ScreenBar Halo 2 zlevnilo na 3615 Kč, běžně stojí přes čtyři tisíce. • Jde o nejlepší lampičku na monitor, kterou si můžete koupit. • Dobře vypadá, má kvalitní diody a osvítí i stěnu za monitorem.

The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution (RCE). The vulnerability, tracked as CVE-2026-23918 (CVSS score: 8.8), has been described as a case of "double free and possible RCE" in the HTTP/2 protocol handling. This issue

The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution (RCE). The vulnerability, tracked as CVE-2026-23918 (CVSS score: 8.8), has been described as a case of "double free and possible RCE" in the HTTP/2 protocol handling. This issue Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]