Agregátor RSS

Chinese AI company Z.ai has launched GLM-5.1, an open-source coding model it says is built for agentic software engineering. The release comes as AI vendors move beyond autocomplete-style coding tools toward systems that can handle software tasks over longer periods with less human input.

Z.ai said GLM-5.1 can sustain performance over hundreds of iterations, an ability it argues sets it apart from models that lose effectiveness in longer sessions.

As one example, the company said GLM-5.1 improved a vector database optimization task over more than 600 iterations and 6,000 tool calls, reaching 21,500 queries per second, about six times the best result achieved in a single 50-turn session.

In a research note, Z.ai said GLM-5.1 outperformed its predecessor, GLM-5, on several software engineering benchmarks and showed particular strength in repo generation, terminal-based problem solving, and repeated code optimization. The company said the model scored 58.4 on SWE-Bench Pro, compared with 55.1 for GLM-5, and above the scores it listed for OpenAI’s GPT-5.4, Anthropic’s Opus 4.6, and Google’s Gemini 3.1 Pro on that benchmark.

GLM-5.1 has been released under the MIT License and is available through its developer platforms, with model weights also published for local deployment, the company said. That may appeal to enterprises looking for more control over how such tools are deployed.

Longer-running coding agents

Z.ai says long-running performance is a key differentiator for the company when compared to models that lose effectiveness in extended sessions.

Analysts say this is because many current models still plateau or drift after a relatively small number of turns, limiting their usefulness on extended, multi-step software tasks.

Pareekh Jain, CEO of Pareekh Consulting, said the industry is now moving beyond tools that can answer prompts toward systems that can carry out longer assignments with less supervision.

The question, Jain said, is no longer, “What can I ask this AI?” but, “What can I assign to it for the next eight hours?”

For enterprises, that raises the prospect of assigning an agent a ticket in the morning and receiving an optimized solution by day’s end, after it has run hundreds of experiments and profiled the code.

“This capability aligns with real needs such as large refactors, migration programs, and continuous incident resolution,” said Charlie Dai, VP and principal analyst at Forrester. “It suggests that long‑running autonomous agents are becoming more practical, provided enterprises layer in governance, monitoring, and escalation mechanisms to manage risk.”

Open-source appeal grows

GLM-5.1’s release under the MIT License could be significant, especially for companies in regulated or security-sensitive sectors.

“This matters in four key ways,” Jain said. “First, cost. Pricing is much lower than for premium models, and self-hosting lets companies control expenses instead of paying per use. Second, data governance. Sensitive code and data do not have to be sent to external APIs, which is critical in sectors such as finance, healthcare, and defense. Third, customization. Companies can adapt the model to their own codebases and internal tools without restrictions.”

The fourth factor, according to Jain, is geopolitical risk. Although the model is open source, its links to Chinese infrastructure and entities could still raise compliance concerns for some US companies.

Dai said the MIT license makes it easier for companies to run the model on their own systems while adapting it to internal requirements and governance policies. “For many buyers, this makes GLM‑5.1 a viable strategic option alongside commercial models, especially where regulatory constraints, IP sensitivity, or long‑term platform control matter most,” Dai said.

Benchmark credibility

Z.ai cited three benchmarks: SWE-Bench Pro, which tests complex software engineering tasks; NL2Repo, which measures repository generation; and Terminal-Bench 2.0, which evaluates real-world terminal-based problem solving.

“These benchmarks are designed to test coding agents’ advanced coding capabilities, so topping those benchmarks reflects strong coding performance, such as reliability in planning-to-execution, less prompt rework, and faster delivery,” said Lian Jye Su, chief analyst at Omdia. “However, they are still detached from typical enterprise realities.”

Su said public benchmarks still do not capture the messiness of proprietary codebases, legacy systems, and code review workflows. He added that benchmark results come from controlled settings that differ from production, though the gap is closing as more teams adopt agentic setups.

Two practice web addresses appear to have been compromised

Multiple domains belonging to Scottish healthcare providers have been hijacked and are now pushing links to adult content and illegal sports streams, according to a researcher.…

Orion by se měl vrátit na Zemi během pátku místního času a vědci z NASA budou ještě dlouhé měsíce analyzovat, co všechno posádka naměřila během experimentů na palubě a telemetrii samotného letu. Technicky vzato ale mise Artemis II pomalu končí a na řadě je Artemis III, který by měl odstartovat ...

Love it or hate it, Android’s dark mode has one foundational flaw — an oversight in how it operates that keeps it from being a truly useful option for enhancing how you view your favorite phone’s display.

As it stands now, dark mode — the system-level setting that switches the overall Android interface and also the appearance of most apps into a darker, less white-centric motif — is mostly an on-or-off, take-it-or-leave-it situation. The choices for how and when it activates are shockingly low in contextual intelligence, which is especially odd when you consider how many sensors our modern mobile devices are sporting that could make that mode infinitely more helpful.

At long last, there’s now a better way — all thanks to the creativity of a crafty Android developer.

[Don’t stop here: Come check out my free Android Intelligence newsletter for three new things to try in your inbox every Friday — and my Android Notification Power-Pack as a special welcome bonus!]

Android dark mode — redux

So, first things first, for context: On many Android devices today, dark mode is just enabled out of the box, by default — as an always-on selection.

That means you’re seeing that darkened appearance across most everything you do on your device — more like the image on the right, using Gmail as an example, in contrast to the regular (non-dark) mode shown at left:

Android’s standard, non-dark interface, at left — and with dark mode enabled, at right.

JR Raphael, Foundry

In Google’s Android system settings, you’ve got the option to turn dark mode on or off entirely, as you’d expect, and you also have the ability to set either a stable time-based schedule to switch it on and off at the same exact time each day or to automatically have it toggle on and off based on the sunset and sunrise, respectively, for wherever you are.

Android’s system-level dark mode settings are surprisingly limited.

JR Raphael, Foundry

That’s all well and good, but if you don’t want to live in the dark all the time and would rather use dark mode as a selective state — seeing its dimmer, less glary approach when you’re in a dark room and your eyes are more sensitive to lighter colors but then sticking with the standard brighter interface style when you’re in a brighter environment — you don’t presently have any great way to predict that and make it happen in an intelligent way.

Sure, going with a set time schedule or the sunset-sunrise pattern is kinda-sorta close…ish. But in our electricity-aided, post-caveman era, just because it’s the evening hours or the sun has set doesn’t necessarily mean you’re in a dark place. So rather than relying on these mostly meaningless measures, shouldn’t Android’s dark mode be able to detect the level of light around you and activate dark mode for you when you’re actually in a dim environment, if you’d like — then disable it and stick with the standard light interface when you aren’t?

The answer is an unambiguous and enthusiastic yes, of course. And now, with the right little free add-on, you can enhance Android’s existing dark mode in exactly that way and make it instantly more intelligent — and effective.

The app is called Adaptive Theme, and all it does is run quietly in the background of whatever device you’re using to flip dark mode on or off automatically based on the level of light around you. It’s brilliantly simple and such a sensible and welcome upgrade, you’ll wonder why it wasn’t just natively available in Android in the first place.

The app does have a teensy bit of one-time setup that may seem daunting at first, but it’s actually quite easy to get through — and once it’s up and running, you’ll never actively think about it again. It’ll just do its thing in the background of your device and make your dark mode come on when you’re in a dim room and stay off when you’re in a brighter environment.

Ready?

2 minutes to a smarter Android dark mode

I promise: This isn’t difficult at all to do. You’re looking at roughly two minutes of one-time setup.

To start, just download Adaptive Theme from the Play Store. It’s free, without any limits or asterisks.

Once it’s installed, open ‘er up and follow the steps in the initial setup screens it shows you:

• First, the app will ask you to enable Android’s developer options, if you haven’t done that previously.
  • That’s a special, typically hidden section of Android’s system settings with all sorts of advanced options that aren’t typically intended for average phone-usin’ folk to futz around with.
  • There’s no risk to you or your phone with enabling ’em, and as long as you follow the instructions here exactly and enable only the one single setting this specific app asks for, it’s actually quite easy. (It’s also quite easy to undo, if you ever decide you aren’t into it and want to go back.) But we are pokin’ around in an area of Android that’s meant mostly for developers, and if you veer off-course and mess with the wrong setting, you could make a mess — so follow the steps closely, capisce?
• The app will direct you on how to enable those options. The process may sound strange — tapping your finger on a line that says “Build number” seven times — but I promise you, it works.
• With that out of the way, you’ll make your way back to the Adaptive Theme app, and you’ll find a prompt to enable an option within those developer settings called USB Debugging. Tap the “Open Developer Options” button, tap the search icon at the top of the screen that comes up next, and type USB Debugging into the search box.
• Tap “USB Debugging” in the list of results, then tap the toggle next to that same option and confirm you want to enable it.
• Back in the Adaptive Theme app once more, you’ll see a prompt to connect your phone to another device to finalize the process.

Granting permission via another device is an unusual step, but it’s actually quite easy to do.

JR Raphael, Foundry

• Again, this is a bit unusual — but, as the setup screen explains, it’s because the permission the app requires to control your dark mode status requires another device to activate it, since it isn’t something that most third-party apps are typically able to do. 
• All you’ve gotta do is use a USB-C cable (like the one you rely on for charging) to plug your phone into a computer or even another Android device, then follow the prompt on your phone to open the website on the second device — where you’ll then tap “Start setup” followed by “Select device,” select your phone, and finally connect and confirm on both of the devices.
• And, as the app notes, nothing you’re doing here is permanent — and if you ever uninstall Adaptive Theme, it’ll all be automatically undone and revoked. I can confirm this is correct; once the app’s been uninstalled, in fact, you’ll have to go through the process again upon reinstalling it, as the permission will no longer be present and valid.
• It’s also worth noting that the Adaptive Theme app is completely open source, which means anyone with the right technical knowledge can peek directly at its code and confirm it’s doing exactly what it says — and nothing more.

Got all of that? Good — now, take a deep breath: You’re basically done!

At this point, Adaptive Theme will automatically assess the light level around you every time you turn your screen on, and it’ll then put you into dark mode if your environment is dark enough or into the standard non-dark mode if there’s enough light present.

Adaptive Theme lets you adjust the threshold for exactly when dark mode should kick in.

JR Raphael, Foundry

Personally, I find the settings it uses to make that determination slightly too skewed toward dark mode by default. I think it works better if you adjust the “Brightness Threshold” slider on the app’s main screen one slot to the left of where it begins, as shown above — which seems to make it so that any standard daylight or typical daytime lighting triggers the standard, non-dark mode while truly dim environments take you into the dark mode domain. But you can play around with that slider to find the exact level that feels right for you.

Just note that the switch happens only when you first turn your screen on — so even if your lighting changes, you’ll need to press your phone’s power button and then press it again to reset the detection and make any dark mode adjustments appear. (And, again: If you ever decide you don’t like the automatic dark mode switching, you can simply uninstall the Adaptive Theme app, and it’ll go right back to the way it was before — with the regular system settings and any schedules within it controlling your screen status.)

All that’s left is to enjoy your newly adaptive and intelligent dark mode setup — and wonder why it hadn’t been that way all along.

Keep the easy life upgrades coming with my free Android Intelligence newsletter — three new things to try every Friday and my free Android Notification Power-Pack today.

Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos, to find and address security vulnerabilities. The model will be used by a small set of organizations, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike,&Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

In 2025, the financial cyberthreat landscape continued to evolve. While traditional PC banking malware declined in relative prevalence, this shift was offset by the rapid growth of credential theft by infostealers. Attackers increasingly relied on aggregation and reuse of stolen data, rather than developing entirely new malware capabilities.

To describe the financial threat landscape in 2025, we analyzed anonymized data on malicious activities detected on the devices of Kaspersky security product users and consensually provided to us through the Kaspersky Security Network (KSN), along with publicly available data and data on the dark web.

We analyzed the data for

• financial phishing,
• banking malware,
• infostealers and the dark web.

Key findings

Phishing

Phishing activity in 2025 shifted toward e-commerce (14.17%) and digital services (16.15%), with attackers increasingly tailoring campaigns to regional trends and user behavior, making social engineering more targeted despite reduced focus on traditional banking lures.

Banking malware

Financial PC malware declined in prevalence but remained a persistent threat, with established families continuing to operate, while attackers increasingly prioritize credential access and indirect fraud over deploying complex banking Trojans. To the contrary, mobile banking malware continues growing, as we wrote in detail in our mobile malware report.

Infostealers and the dark web

Infostealers became a central driver of financial cybercrime, fueling a growing dark web economy where stolen credentials, payment data, and full identity profiles are traded at scale, enabling widespread and destructive fraud operations.

Financial phishing

In 2025, online fraudsters continued to lure users to phishing and scam pages that mimicked the websites of popular brands and financial organizations. Attackers leveraged increasingly convincing social engineering techniques and brand impersonation to exploit user trust. Rather than relying solely on volume, campaigns showed greater targeting and contextual adaptation, reflecting a maturation of phishing operations.

The distribution of top phishing categories in 2025 shows a clear shift toward digital platforms that aggregate multiple user activities, with web services (16.15%), online games (14.58%), and online stores (14.17%) leading globally. Compared to 2024, the rise of online games and the decline of social networks and banks indicate that attackers are increasingly targeting environments where users are more likely to take a risk or engage impulsively. Categories such as instant messaging apps and global internet portals remain significant phishing targets, reflecting their role as communication and access hubs that can be exploited for credential harvesting.

TOP 10 categories of organizations mimicked by phishing and scam pages that were blocked on home users’ devices, 2025 (download)

Regional patterns further reinforce the adaptive nature of phishing campaigns, showing that attackers closely align category targeting with local digital habits. For example, online stores dominate heavily in the Middle East.

TOP 10 categories of organizations mimicked by phishing and scam pages that were blocked on home users’ devices in the Middle East, 2025 (download)

Online games and instant messaging platforms feature more prominently in the CIS, suggesting a focus on younger or highly connected user bases.

TOP 10 categories of organizations mimicked by phishing and scam pages that were blocked on home users’ devices in the CIS, 2025 (download)

APAC demonstrates almost equal shares of online games and banks which signifies a combined approach targeting different users.

TOP 10 categories of organizations mimicked by phishing and scam pages that were blocked on home users’ devices in APAC, 2025 (download)

In Africa, a stronger emphasis on banks reflects the continued importance of traditional financial services. Most likely, this is due to the lower security level of the financial institutions in the region.

TOP 10 categories of organizations mimicked by phishing and scam pages that were blocked on home users’ devices in Africa, 2025 (download)

Whereas in LATAM, delivery companies appearing in the top categories indicate attackers exploiting the growth of e-commerce logistics.

TOP 10 categories of organizations mimicked by phishing and scam pages that were blocked on home users’ devices in Latin America, 2025 (download)

Europe presents a more balanced distribution across categories, pointing to diversified attack strategies.

TOP 10 categories of organizations mimicked by phishing and scam pages that were blocked on home users’ devices in Europe, 2025 (download)

Attackers actively localize their tactics to maximize relevance and effectiveness.

The distribution of financial phishing pages by category in 2025 reveals strong regional asymmetries that reflect both user behavior and attacker prioritization.

Globally, online stores dominated (48.45%), followed by banks (26.05%) and payment systems (25.50%). The decline in bank phishing may suggest that these services are becoming increasingly difficult to successfully impersonate, so fraudsters are turning to easier ways to access users’ finances.

However, this balance shifts significantly at the regional level.

In the Middle East, phishing is overwhelmingly concentrated on e-commerce (85.8%), indicating a heavy reliance on online retail lures, whereas in Africa, bank-related phishing leads (53.75%), which may indicate that user account security there is still insufficient. LATAM shows a more balanced distribution but with a higher share of online store targeting (46.30%), while APAC and Europe display a more even spread across all three categories, pointing to diversified attack strategies. These variations suggest that attackers are not operating uniformly but are instead adapting campaigns to regional digital habits, payment ecosystems, and trust patterns – maximizing effectiveness by aligning phishing content with the most commonly used financial services in each market.

Distribution of financial phishing pages by category and region, 2025 (download)

Online shopping scams

The distribution of organizations mimicked by phishing and scam pages in 2025 highlights a clear shift toward globally recognized digital service and e-commerce brands, with attackers prioritizing platforms that have large, active user bases and frequent payment interactions.

Netflix (28.42%) solidified its ranking as the most impersonated brand, followed by Apple (20.55%), Spotify (18.09%), and Amazon (17.85%). This reflects a move away from traditional retail-only targets toward subscription-based and ecosystem-driven services.

TOP 10 online shopping brands mimicked by phishing and scam pages, 2025 (download)

Regionally, this trend varies: Netflix dominates heavily in the Middle East, Apple leads in APAC, while Spotify ranks first across Europe, LATAM, and Africa. Although most of the top platforms are highly popular across different regions, we may suggest that the attackers tailor brand impersonation to regional popularity and user engagement.

Payment system phishing

Phishing campaigns are impersonating multiple payment ecosystems to maximize coverage. While PayPal was the most mimicked in 2024 with 37.53%, its share dropped to 14.10% in 2025. Mastercard, on the contrary, attracted cybercriminals’ attention, its share increasing from 30.54% to 33.45%, while Visa accounted for a significant 20.06% (last year, it wasn’t in the TOP 5), reinforcing the growing focus on widely used banking card networks. The continued presence of American Express (3.87%) and the increasing number of pages mimicking PayPay (11.72%) further highlight attacker experimentation and regional adaptation.

TOP 5 payment systems mimicked by phishing and scam pages, 2025 (download)

Financial malware

In 2025, the decline in users affected by financial PC malware continued. On the one hand, people continue to rely on mobile devices to manage their finances. On the other hand, some of the most prominent malware families that were initially designed as bankers had not used this functionality for years, so we excluded them from these statistics.

Changes in the number of unique users attacked by banking malware, by month, 2023–2025 (download)

Windows systems remained the primary platform targeted by attackers with financial malware. According to Kaspersky Security Bulletin, overall detections included 1,338,357 banking Trojan attacks globally from November 2024 to October 2025, though this number is also declining due to increasing focus on mobile vectors. Desktop threats continued to be distributed via traditional delivery methods like malicious emails, compromised websites, and droppers.

In 2025, Brazilian-origin families such as Grandoreiro (part of the Tetrade group) stood out for their constant activity and global reach. Despite a major law enforcement disruption in early 2024, Grandoreiro remained active in 2025, re-emerging with updated variants and continuing to operate. Other notable actors included Coyote and emerging families like Maverick, which abused WhatsApp for distribution while maintaining fileless techniques and overlaps with established Brazilian banking malware to steal credentials and enable fraudulent transactions on desktop banking platforms. Besides traditional bankers, other Brazilian malware families are worth mentioning, which specifically target relatively new and highly popular regional payment systems. One of the most prominent threats among these is GoPix Trojan focusing on the users of Brazilian Pix payment system. It is also capable of targeting local Boleto payment method, as well as stealing cryptocurrency.

There was also a surge in incidents in 2025 in which fraudsters targeted organizations through electronic document management (EDM) systems, for example, by substituting invoice details to trick victims into transferring funds. The Pure Trojan was most frequently encountered in such attacks. Attackers typically distribute it through targeted emails, using abbreviations of document names, software titles, or other accounting-related keywords in the headers of attached files. Globally in the corporate segment, Pure was detected 896 633 times over 2025, with over 64 thousand users attacked.

Contrary to PC banking malware, mobile banker attacks grew by 1.5 times in 2025 compared to the previous reporting period, which is consistent with their growth in 2024. They also saw a sharp surge in the number of unique installation packages. More statistics and trends on mobile banking malware can be found in our yearly mobile threat report.

Complementing traditional financial malware, infostealers played a significant role in enabling financial crime both on PCs and mobile devices by harvesting credentials, cookies, and autofill data from browsers and applications, which attackers then used for account takeovers or direct banking fraud. Kaspersky analyses pointed to a surge in infostealer detections (up by 59% globally on PCs), fueling credential-based attacks.

Financial cyberthreats on the dark web

The Kaspersky Digital Footprint Intelligence (DFI) team closely monitors infostealer activity on both PC and mobile devices to analyze emerging trends and assess the evolving tactics of cybercriminals.

Fraudsters especially target financial data such as payment cards, cryptocurrency wallets, login credentials and cookies for banking services, as well as documents stored on the victim’s device. The stolen data is collected in log files and shared on dark web resources, where they are bought, sold, or distributed freely and then used for financial fraud.

With access to financial data, fraudsters can gain control of users’ bank accounts and payment cards, and withdraw funds. Compromised accounts and cards are also frequently used in subsequent activities, turning the victims into intermediaries in a fraud scheme.

Compromised accounts

Kaspersky DFI found that in 2025, over one million online banking accounts (these are not Kaspersky product users) served by the world’s 100 largest banks fell victim to infostealers: their credentials were being freely shared on the dark web.

The countries with the highest median number of compromised accounts per bank were India, Spain, and Brazil.

The chart below shows the median number of compromised accounts per bank for the TOP 10 countries.

TOP 10 countries with the highest compromised account median (download)

Compromised payment cards

Seventy-four percent of payment cards that were compromised by infostealer malware, published on dark web resources and identified by the Digital Footprint Intelligence team in 2025, remained valid as of March 2026. This means that attackers could still use the cards that had been stolen months or even years prior.

It should be noted that the number of bank accounts and payment cards known to have been compromised by infostealers in 2025 will continue to rise, because fraudsters do not publish the log files immediately after the compromise but only after a delay of months or even years.

Data breaches

Regardless of the industry in which the target company operates, data breaches often expose users’ financial data, including payment card information, bank account details, transaction histories and other financial information. As a consequence, the compromised databases are sold and distributed on underground resources.

It should be noted that the threat is not limited to the exposure of financial information alone. Various identity documents and even seemingly public data, such as names, phone numbers and email addresses, can become a risk when they are published on the dark web. Such data attracts fraudsters’ attention and can be used in social engineering attacks to gain access to the user’s financial assets.

An example of a post offering a database

Sale of bank accounts and payment cards

The dark web often features services provided by stores that specialize in selling bank accounts and payment cards. Fraudsters typically obtain data for sale from a variety of sources, including infostealer logs and leaked databases, which are first repackaged and then combined.

Examples of a post (top) and a site (bottom) offering payment cards

Often, sellers offer complete victim profiles, referred to by fraudsters as “fullz”. These include not only bank accounts or payment cards but also identification documents, dates of birth, residential addresses, and other personal details. A full‑information package is usually more expensive than a payment card or a bank account alone.

Examples of a post (top) and a site (bottom) offering bank accounts

Compiled databases

Fraudsters exploit various sources, including previously leaked databases, to compile new, thematic ones. Finance- and, in particular, cryptocurrency-related databases, are among the most popular. Compilations aimed at specific user groups, such as the elderly or wealthy people, are also of interest to cybercriminals.

Usually, thematic databases contain personal information about users, such as names, phone numbers, and email addresses. Fraudsters can use this data to launch social engineering attacks.

An example of a message offering compiled databases

Creation of phishing websites

Phishing websites have become a powerful tool for the financial enrichment of fraudsters. Cybercriminals create fraudulent sites that masquerade as legitimate resources of companies operating in various industries. Gambling and retail sites remain among the most popular targets.

In order to obtain personal and financial information from unsuspecting users, adversaries seek out ways to create such phishing websites. Ready-made layouts and website copies are sold on the dark web and advertised as profitable tools. Moreover, fraudsters offer phishing website creation services.

Examples of posts offering creation of phishing websites

Conclusion

The decline of traditional PC banking malware is not an indicator of reduced risk; rather, it highlights a redistribution of attacker effort toward more efficient methods targeting mobile devices, credential theft, and social engineering. Infostealers, in particular, are a force multiplier, enabling widespread compromise at scale.

Looking ahead to 2026, the financial threat landscape is expected to become even more data-driven and automated. Organizations must adapt by focusing on identity protection, real-time monitoring, and cross-channel threat intelligence, while users must remain vigilant against increasingly sophisticated and personalized attack techniques.

Nejlepší alzácká kancelářská myš je poprvé v akci. • Eternico M500 se inspiruje u řady Logitech MX Master. • Láká na tichá tlačítka, hliníková kolečka a design.

Nejprodávanější z trojice novinek řady Core Ultra 200K Plus je podle aktuálního žebříčku prodejů společnosti Amazon na 35. místě. Ostatní modely se do první padesátky nedostaly vůbec…

The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems. "The threat actor's packages were designed to impersonate legitimate developer tooling [...], while quietly functioning as malware loaders, extending Contagious Interview’s established playbook into a coordinated Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Microsoft has pushed a server-side fix for a known issue that broke the Windows Start Menu search feature on some Windows 11 23H2 devices. [...]

IDC has reiterated its warnings that a long-drawn out war in the Middle East is likely to drastically reduce global IT spending for 2026.

The research firm had already cut its 2026 IT spending growth forecast to 9% because of the conflict, a reduction from the 10% growth rate projected before the US and Israel attacked Iran on Feb. 28. But any spending growth could drop to just 5% or 6% if the fighting drags on for a long time, Stephen Minton, group vice president at IDC, said during a client briefing last week.

An expected macroeconomic slowdown resulting from global oil shortages and sharply higher energy costs will affect business confidence and consumer spending, Minton said.

Though the war between the US, Israel, and Iran is on pause for now, US President Donald Trump has made increasingly dire threats against Iran. The fighting has already caused disruptions in supply chains that could interrupt hardware upgrades and AI infrastructure buildouts. (IDC’s estimates were made for Trump announced a two-week cease fire late Tuesday. It’s unclear what happens next.)

IDC’s current forecast is conditional, meaning it’s contingent on any fighting ending by summer. “If things are wrapped up within the next two or three months…, that does leave half a year for recovery… [for] oil prices to normalize, supply chains to reopen, and for economic growth to recover,” Minton said.

Fighting that drags on beyond that time frame would have a bigger impact on IT spending and economic growth. “The longer this goes on and the longer this leads to elevated oil prices, which could have a significant impact on economic growth and then consequently IT spending in the second half of the year,” Minton said. 

IDC expects to provide an updated forecast at the end of April.

Higher energy costs lead to higher electricity bills and higher prices on component shipments. The macroeconomic effect could raise inflation as well as business costs, affecting IT budgets as a result.

Analyst Jack Gold, president and principal analyst at J. Gold Associates, sees a similar picture. He expects “that the war will increase costs substantially, so we may see a pull back in IT spending as costs for equipment and operational costs increase. Many companies see IT spend as a cost center rather than a profit center.

“If the war does cause us to go into a recession due to big hikes in inflationary costs, I suspect that IT spend will go down…, much as it has in past recessions, and we’ll see more layoffs to reduce costs to keep profit margins,” Gold said. He added, “there are lots of moving parts to this.”

IDC already expected slower IT spending in 2026 compared to 2025, when IT spending grew by 14%. Global economies were already reeling from geopolitical tension, tariffs and supply-chain realignment.

Spending on PC upgrades was also expected to be down due to price increases and memory component shortages, Minton said.

Helping to soften the blow has been aggressive AI investments, he said. “As long as that aggressive investment continues by hyperscalers and service providers…, that will provide a certain level of resilience and will cushion some of the impact of any slowdown,” Minton said.

The war worsened an already difficult economic environment, forcing CIOs to focus on efficiency within existing projects. The assumption is that AI investments will remain strong in the near term, Minton said.

“There are still areas of discretionary spending, new projects, certain digital transformation, project-oriented engagements [that] could be put on hold until 2027, [and] even more device upgrades [that] could be held over until next year,” he said.

Cybersecurity and business continuity are likely to be top priorities, according to Minton.

Enterprises need to plan for resiliency and assume operations could be affected by a data center, internet connection, cloud provider, or supplier going down, said Chris Grove, director of cybersecurity at Nozomi Networks, in an email. “Ensuring they have on-premises operational capabilities will be key,” he wrote. 

The war is specifically pushing cloud and data center spending into something of a new risk paradigm in terms of geopolitical risk. “Physical infrastructure is now a target… when cybersecurity was how most service providers and data center operators primarily thought about their disaster recovery,” Minton said.

The fighting has also had direct repercussions on data-center operators in the region. Iranian missiles have already hit data centers run by Oracle and Amazon.

Gartner in February — before the fighting broke out — had forecast 10.8% growth in IT spending in 2026 to $6.15 trillion.

At the start of the year, S&P Global had projected 9% growth in global IT spending, driven by AI infrastructure buildouts.

President Brad Smith tells an interviewer that Microsoft is reconsidering datacenter design in light of Iran war

Microsoft is reevaluating how it designs and builds datacenters in conflict-prone regions after Iran began targeting Middle Eastern bit barns in retaliation for US military operations.…

Cena bitcoinu na horské dráze. Máme být zděšení nebo se radovat? Jak vytěžit blok za pár stovek a jak těžbu této kryptoměny ovlivňují sněhové bouře?

Podruhé za sebou navrhuje Bílý dům výrazné snížení rozpočtu NASA • Škrty se mají dotknout především vědeckých misí • Prioritou je návrat na Měsíc do konce funkčního období Donalda Trumpa

FP64 ze světa výpočetních akcelerátorů nezmizí. Navzdory tzv. Ozaki Scheme, které přinášelo příslib emulace na hardwaru s nižší přesností, nejsou výsledky použitelné pro ~90 % zátěží a situací…

Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs), cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality, manipulation of display data and, in some cases, operational disruption and financial Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Results of  a Gartner study released Tuesday reveal that only 28% of AI use cases in infrastructure and operations (I&O) fully succeed and meet ROI expectations, and a full 20% end up failing outright.

According to Melanie Freeze, a director of research at Gartner, failure “most commonly occurs” for several reasons, including unrealistic expectations of what AI tools can do, and skills gaps during the actual pilot.

While these results are an improvement over the troubling findings from MIT released last year that revealed 95% of genAI projects produce no measurable financial return, there is, she said in an interview with CIO.com, a great deal of experimentation going on among IT departments in which a team of I&O professionals will “just go out and try something.”

The reality, said Freeze, is that in order to achieve an anticipated ROI, IT departments must not opt to run them as side projects.

In a Gartner Q&A advisory about the survey of 783 I&O leaders conducted late last year, she stated that, of the 57% of I&O leaders reporting at least one failure, “many said their AI initiatives failed because they expected too much, too fast. They assumed AI would immediately automate complex tasks, cut costs, or fix long‑standing operational issues. When expectations are not realistically set and the results don’t appear quickly, confidence drops and projects stall.”

The survey, she said, revealed that ROI from AI is not driven by the sophistication of the model, but by how well the technology is integrated, governed, and aligned with real operational needs.

Success factors

To that end, Gartner said it has identified what it calls three success factors. These include embedding AI into the systems and processes people already use. “As AI becomes part of day‑to‑day operations, it boosts adoption and creates visible impact within the organization,” the company noted.

Successful I&O executives also receive full support from top executives, which helps “remove roadblocks, align priorities, and ensure the investment stays funded and focused,” and they create realistic business cases.

Freeze said that I&O leaders should prioritize and determine funding for AI use cases “by managing AI use cases as a product to avoid duplication, drive synergies, and track their collective impact on I&O and business outcomes.

From there,” she said, “I&O leaders can work alongside their CIOs, data and analytics, security, legal, and finance stakeholders to assess each use case for feasibility, risk, cost, and expected business impact. A shared scoring model makes it easy to compare and rank all use cases and guide investment decisions.”

She pointed out that the bulk of the success comes from genAI applied to specific areas: IT service management (ITSM) and cloud operations, “where markets are mature and have proven business value. In fact, 53% of I&O leaders reported their AI wins occur in ITSM,” she noted. “Whether these wins occur in the cloud or in ITSM, I&O leaders must ensure they are shared broadly within the organization, and the AI strategy remains cohesive and centrally led.”

Needs to be grounded in a business case

Starting without a plan, she told CIO.com, is never a good idea: “It’s always a bad situation for any technology to say, ‘we built it. It’s going to succeed.’ It needs to be grounded in the business case. What does your business need? What are their ambitions? What are the problems within your function that your current tool set is not able to solve? Within that upfront strategic framework, then success follows.”

There is also the problem that a failed AI project can affect an entire organization. Not being able to provide secure, reliable, available infrastructure can have major implications for business outcomes, said Freeze.

“The drivers of failure are slightly different from the drivers of success,” she said. “I&O leaders must remember that a clearly defined, centrally endorsed AI portfolio helps their organization focus resources where they matter most. Above all, strong execution and business adoptions, not just prioritization, determine AI’s real ROI.”

Once priorities are clear, added Freeze, they can then determine which use cases deserve funding and at what level. “Today, many AI initiatives are still funded by individual business units,” she observed. “However, as AI infrastructure spending continues to rise, CEOs and CFOs need to play a more active role in setting funding criteria and approving major investments.”

This article originally appeared on CIO.com.