Agregátor RSS

V Austrálii probíhají zkoušky nového hypersonického systému DART. Stojí za ním společnost Hypersonix Launch Systems z Queenslandu, která nedávno úspěšně dokončila sérii vibračních testů. Zkoušky potvrdily strukturální integritu předtím, než dojde k prvnímu letu. Třímetrový demonstrátor s rychlostí ...

Před 34 lety, ve čtvrtek 13. února 1992, se tehdejší Česká a Slovenská Federativní Republika oficiálně (a slavnostně) připojila k Internetu.

In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid step forward, the changes don’t make npm projects immune from supply-chain attacks. npm is still susceptible to malware attacks – here’s what you need to know for a safer Node community. Let’s start with the original

In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid step forward, the changes don’t make npm projects immune from supply-chain attacks. npm is still susceptible to malware attacks – here’s what you need to know for a safer Node community. Let’s start with the original [email protected]

Microsoft has fixed a known issue causing its Family Safety parental control service to block Windows users from launching Google Chrome and other web browsers. [...]

O ledna postupně probublávají důvody zdražení serverových procesorů, které má v letošním roce dosáhnout zhruba 15 %. Intel nemůže zvýšit výrobní objemy, stále je totiž limitován výtěžností procesů…

Huawei WiFi Mesh X3 Pro sází na styl místo výkonu. • Meshový router se dvěma jednotkami podporuje Wi-Fi 7. • Zároveň ale slouží jako dekorativní lampička do bytu.

Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. "Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors," Ryan Dewhurst, head of threat intelligence at watchTowr, said in a post on X. "Attackers are abusing

Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. "Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors," Ryan Dewhurst, head of threat intelligence at watchTowr, said in a post on X. "Attackers are abusing Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Years later, he read about his antagonist doing time for murder

On Call  Welcome to another installment of On Call, The Register's weekly reader-contributed column that tells your tech support tales.…

Apparently, Silicon Valley has declared a “war on screens,” according to a Jan. 1 headline. The article highlighted OpenAI’s hardware project, which is expected to be a screenless device crafted by former Apple designer Jony Ive. OpenAI acquired Ive’s company, io, last May for $6.5 billion and Foxconn has reportedly been hired to make as many as 50 million units — even though the device hasn’t yet been fully designed. 

Other expert commentary touts a wholesale move toward “zero UI” ambient computing as a replacement for smartphones and other screen-based devices. The future, they say, is audio output and voice, gesture and sensor-based input. 

One trend that emerged from last month’s Consumer Electronics Show (CES) was the range of devices that can record, analyze, and assist (using AI) without requiring visual focus. 

Many tech startups are working on screenless AI hardware. Sandbar, founded by former employees of Meta, has a smart ring called Stream that serves as a passive controller for audio and voice notes, allowing users to interact with digital assistants. Another project comes from Eric Migicovsky, the founder of the original Pebble smartwatch. He’s offering a $75 ring with a button that records voice notes that are processed on a smartphone by AI. 

Bee is another always-on, screenless wearable (it can be worn as a bracelet or on a necklace) that passively listens to people within range of its microphone, then uses AI to build summaries, extract reminders, and offer insights based on the conversations it hears. Amazon bought Bee in July. 

Even Apple is reportedly getting into the screenless wearable market; the Silicon Valley giant is developing an AirTag-sized device that processes voice commands, hand gestures and other visual information. (Lenovo and HP also have screenless AI devices.)

One reason these devices are more viable now than in the past is the miniaturization of duplex audio, which enables constant, bi-directional conversation where the AI can be interrupted or talk over the user naturally. 

While all these screenless devices are popping up for the general public, parents, teachers and schools are becoming increasingly concerned about the effect on kids of too much screen time. The American Academy of Pediatrics (AAP), for example, released a new policy statement in January called “Digital Ecosystems, Children, and Adolescents,” which updates its recommendations regarding children and media use. The guidance marks a significant shift away from focusing solely on strict “screen time,” saying that limiting screen time for kids is important, but doesn’t go far enough; a whole re-think about how kids interact with technology is needed. 

A report this month from The Business Research Company even predicts that the market for screenless, ambient computing devices will exceed $200 billion by 2030. 

Reading all this news, the casual reader might be forgiven for falsely believing that a revolution against screens is emerging and that the era of AI wearables won’t have displays. But that’s not necessarily the case.

The future isn’t screenless

If you look carefully at the world of screenless wearables, you can see that none of them are designed to be used in isolation. They’re all peripherals to screen-based devices such as  smartphones. 

And while the Ray-Ban Meta type audio AI glasses are great, the future of AI glasses is closer to the Meta Ray-Ban Display glasses with one screen or two screens in the glass. 

There’s no way companies like Apple will offer alternatives to their own popular screen-based devices. Going totally screenless is for kids. Or rather, it should be. 

There’s just one problem. Schools are moving in the opposite direction with bans all over the place.

Education can’t learn

Leaders and schools all over the world are taking smartphones out of classrooms to reduce distractions and help support students’ mental health. The number of countries banning phones in schools jumped to about 40% by 2024. 

In the United States, the idea of taking phones out of schools highlights a rare instance of bipartisan agreement. By September, 35 states had passed laws or rules to ban cell phones in class. Texas, Florida, Indiana, Ohio, and Louisiana have all banned phones in schools, as has . Los Angeles, CA (which has a district with more than a half-million students). 

Europe and Asia are enforcing similarly strict rules. France was the first to act, banning smartphone use in grade schools and high schools in 2018. The Netherlands launched its own ban in January 2024. South Korea last August passed a law that stops students from using mobile phones during class. And Australia has gone even further: beyond banning phones in public schools. (The Australian government also decided in December to ban social media completely for anyone under age 16.)

In addition to banning smartphones, many of these same legislatures and school districts are banning screenless wearables, too. Schools prohibit the smartwatches mainly because they believe the devices can still distract and could enable kids to cheat on tests. 

In fact, the big four states — California, Texas, Florida and New York — have districts where wearables of all kinds are explicitly banned. 

But remember: even if parents feel smartphones harm their kids, they still want to be able to contact them and see their location on a map. That’s something screenless wearables like watches could enable.

Banning screenless wearables is impossible

Everyone should allow, and even encourage, kids and teens to use screenless wearable devices, especially watches. The devices enable productivity-enhancing features like timers, alarms and reminders. They give kids access to reference information. They let parents and students contact each other. And they can do all this without addictive, toxic features and gamified social features. 

Beyond that, wearables cannot realistically be banned. Most of them are tiny. If schools are concerned about haptic interruptions and cheating, they should remember that these devices can fit in a pocket, a sock or elsewhere on or in clothing. 

The only way to enforce a ban is to conduct a thorough search on every student every day before school — something that’s totally impractical and undesirable. 

Instead, schools, parents and teachers should all be uniting behind the best screenless wearables for students as a workable alternative to obsessive smartphone and screen use.

The reality is that the total ubiquity of AI is coming. There’s the toxic version — the rise of AI slop, for instance — and the non-toxic version. The latter comes in the form of screenless wearables that offer handy access to AI chatbots and a few other features, without the damaging, attention-draining, sleep-depriving effect of smartphones and visual social media. 

The future isn’t screenless. But for kids, it should be. 

Čína pokročila ve vývoji lunární rakety Dlouhý pochod 10 • NASA a ESA sice mají náskok, ale stále nám chybí to nejdůležitější • Pořád nemáme lunární modul

Mediální pozornosti unikla jedna - za běžné situace nepodstatná, ale nyní dost zásadní - informace. Výroba AMD u GlobalFoundries neskončila, obě společnosti se dohodly na pokračování i v roce 2026…

Na všech herních platformách je každou chvíli nějaká slevová akce. Každý týden proto vybíráme ty nejatraktivnější, které by vám neměly uniknout. Pokud chcete získat hry zdarma nebo s výhodnou slevou, podívejte se na aktuální přehled akcí!

V pátek 20. února 2026 se v pražské kanceláři SUSE v Karlíně uskuteční 6. Mobile Linux Hackday, komunitní setkání zaměřené na Linux na mobilních zařízeních, kernelový vývoj a uživatelský prostor. Akce proběhne od 10:00 do večera. Hackday je určen všem, kteří si chtějí prakticky vyzkoušet práci s linuxovým jádrem i uživatelským prostorem, od posílání patchů například pomocí nástroje b4, přes balíčkování a Flatpak až po drobné úpravy aplikací, aby lépe fungovaly na telefonech. Mezi aktuální témata patří Mobian, posun v podpoře zařízení OnePlus 6 a 6T, Xiaomi Poco F1 (sdm845) nebo experimentování s FairPhone 5. Účastníci si budou moci vyzkoušet Linux přímo na podporovaných telefonech a zapojit se do společného hackování. Akce je neformální a otevřená, účast je možná i jen na část dne. Podrobnosti jsou k dispozici na Mastodonu.

Agent umělé inteligence vytvořil 'útočný' článek o Scottu Shambaughovi, dobrovolném správci knihovny matplotlib, poté, co vývojář odmítl agentem navrženou změnu kódu (pull request). 'Uražený' agent autonomně sepsal a publikoval na svém blogu článek, který přisuzuje Shambaughovi smyšlené motivace, egoismus a strach z AI coby konkurence.

Dramatic phrases like ‘Saas is dead,’ ‘SaaSpocalypse,’ and others have dominated recent discussions in the IT world.

However, that narrative is premature, according to Deloitte. Yes, in 2026, established SaaS vendors will face competition from AI-native ones, the firm forecasts, but the real story is that traditional enterprise software continues to grow as it becomes more intelligent, agentic, and outcome-focused. And, in the end, this can benefit IT buyers.

“The reality is far more nuanced” than the sensationalistic language, said Ayo Odusote, Deloitte’s software and platforms leader. “What’s driving that narrative is change in how enterprise software delivers value, primarily due to the rise of agentic and AI-native capabilities.”

SaaS isn’t dead, it’s just changing

In 2026, as the panic around SaaS vitality persists, Deloitte anticipates that established software players will focus on becoming full-stack, end-to-end agentic platforms that can build, run, orchestrate, and govern agents across numerous functions.

These legacy SaaS models (with subscription or seat-based pricing, and often rigid workflows) are being challenged by AI-first and AI-native companies offering highly specialized and industry-specific capabilities at potentially lower cost, noted Odusote. These smaller players are beginning with simpler and/or neglected workflows, but will likely evolve to more complex areas, while incumbents will pivot to hybrid pricing models and AI-infused tools.

“It’s important to avoid overgeneralizing ‘SaaS,’” Odusote emphasized . “Dev tools, cybersecurity, productivity platforms, and industry-specific systems will not all move at the same pace. Buyers should avoid one-size-fits-all assumptions about disruption.”

For buyers, this shift signals a more capability-driven, outcomes-focused procurement era. Instead of buying discrete tools with fixed feature sets, they’ll increasingly be able to evaluate and compare platforms that are able to orchestrate agents, adapt workflows, and deliver business outcomes with minimal human intervention.

In this landscape, Odusote advised buyers to consider:

• Value beyond feature parity: How does a tool improve actual business outcomes rather than just automating existing tasks?
• Total cost of ownership (TCO): New pricing models, whether hybrid, outcome-based, or usage-based, will require “more careful” budgeting and forecasting.
• Interoperability and governance: As agents increasingly operate across systems, integration and safe governance will be key.
• Compute cost impact: AI workloads have different cost dynamics. “You’ll need to understand how those costs flow through pricing and your infrastructure budget,” said Odusote.

For most enterprises, core enterprise resource planning (ERP) and customer relationship management (CRM) systems won’t go away; they’ll evolve with added agentic capabilities and, in many cases, “subsume smaller boundary systems because it becomes easier and cheaper to build that functionality into the core platform,” said Odusote.

A new layer will emerge, Deloitte forecasts: Essentially, it will be “[an] enterprise AI operating system” that will govern, orchestrate, and control AI agents, as opposed to disconnected tools. Buyers should begin thinking about who owns that layer and how it integrates with their broader technology architecture, Odusote advised.

IT buyers will benefit from simplified integration, since one platform reduces the complexity of stitching multiple tools together; provides centralized control over agent behavior, security, and compliance; and offers scalability across functions without the need for point solutions for each use case.

Going forward, Deloitte predicts, AI-native companies may lead with specialized agility, but incumbents will offer enterprise-grade stability and scale with added agentic capabilities. Traditional companies bring “integration depth, enterprise-grade controls, regulatory experience, and large installed bases,” said Odusote. Meanwhile, AI-native vendors will likely lead with greenfield architecture and rapid innovation.

“Many enterprises will ultimately balance both approaches rather than choosing one exclusively,” said Odusote.

What pricing might look like

Because the economics of AI are “quite different and more complex” than cloud migration, outcomes and return on investment (ROI) will require as much focus as possible, Odusote noted. “Value cannot just be incremental,” he said. Also, IT buyers may expect AI‑embedded software costs to be similar to those of traditional products, which can complicate “nascent hybrid pricing models.”

Buyers will likely have increased leverage in certain segments due to competitive pressure among new and established providers, Odusote said. New entrants often come with more flexible pricing, which obviously is an attraction for those looking to control costs or prove ROI.

At the same time, traditional SaaS leaders are likely to retain strong positions in mission-critical systems; they will defend pricing through bundled AI enhancements, he said. So, in the short term, buyers can expect broader choice and negotiation leverage.

“Vendors can no longer show up with automatic annual price increases without delivering clear incremental value,” Odusote pointed out. “Buyers are scrutinizing AI add-ons and agent pricing far more closely.”

At the same time, IT buyers are looking to avoid agent sprawl, or having “five different vendors, each deploying autonomous agents without centralized governance,” Odusote said. This can also create leverage, as buyers look to consolidate vendors or negotiate broader enterprise agreements.

“That said, buyers should prepare for more complex pricing discussions, understanding not just list prices, but how costs scale with AI usage and performance,” said Odusote. Cost frameworks that consider new metrics, efficiency, quality of growth, and fiscal caution may likely override traditional performance benchmarks.

Important questions for buyers

Ultimately, buyers should “elevate their questioning” beyond just features to capability, risk, and value delivery, Odusote said. He suggested that buyers ask:

• How does the vendor’s tool use AI agents to improve specific business outcomes?
• What metrics and KPIs should be used to measure ROI?
• Can the vendor explain their pricing model? How do costs scale with usage or outcomes?
• What data governance, security, and compliance controls are embedded for agentic operations?
• How open and interoperable is a vendor’s architecture with existing systems and data estates?
• How does a provider’s tool fit into a customer’s broader agent governance and orchestration strategy? Are they expanding into adjacent boundary systems? And if so, how does that affect overall vendor footprint and architecture?

In the end, buyers should treat AI adoption as a strategic business transformation, not just a tech procurement exercise, said Odusote. They must also build internal capabilities for AI governance and risk management. “Don’t let agents operate unchecked; your team should own safe, ethical use.”

“Ultimately, the biggest opportunity isn’t replacing core systems overnight,” he said. “It’s transforming the thousands of boundary applications and manual processes around them, turning service and manual work into software through agentic models.”

This article originally appeared on CIO.com.

A threat actor is abusing an employee monitoring application and a remote monitoring and management platform in an attempt to deploy ransomware and steal cryptocurrency.

According to researchers at Huntress, the unknown threat actor is leveraging NetworkLookout’s Net Monitor for Employees Professional – which, despite its name, includes remote access tools – and SimpleHelp, a suite of tools commonly used by IT teams and managed service providers for remote monitoring and management.

These applications might already be in use in an IT environment, or are downloaded by the attacker once they get network access.

In one case, the attack chain culminated in an attempted deployment of Crazy ransomware. In another, the combination of applications was used to hunt for cryptocurrency-related keywords on the victim’s compromised computer.

The combination of these two applications is unique, says Huntress, although SimpleHelp has a history of being abused by hackers as a post-exploitation persistence mechanism. It offers a lightweight agent, support for gateway redundancy, and ability to operate over common ports. Net Monitor for Employees, whose purpose is to catch employees wasting work time on illegal activity, is used here as a primary remote access channel. To a threat actor, it offers reverse connections over common ports, process and service name masquerading, built-in shell execution, and the ability to silently deploy via standard Windows installation mechanisms.

Anna Pham, a Huntress senior tactical response analyst, called the combination of the two applications for attacks “dangerous,” particularly because in one case the threat actor got access to the victim’s IT infrastructure through a vendor’s compromised VPN account.

Using applications and tools already on the network that might appear legitimate to IT to disguise attacks, also known as a ‘living off the land’ strategy, is “very clever and sneaky,” she added.

Two attacks discovered

Huntress discovered two incidents using this tactic, one late in January and one early this month. Shared infrastructure, overlapping indicators of compromise, and consistent tradecraft across both cases make Huntress strongly believe a single threat actor or group was behind this activity.

In the first case, Huntress detected suspicious account manipulation on a customer’s computer via Net Monitor For Employees, which included attempts to reset passwords and create additional accounts. The application was already in use in the environment.

How the attacker got into Net Monitor isn’t clear. But their next step was to use it to download the SimpleHelp remote management agent, which was used to execute a number of commands, including tampering with Windows Defender to evade detection. That was unsuccessful, but it didn’t stop the threat actor from then trying to deploy the Crazy strain of ransomware.

In the second case, also involving a Huntress customer, the threat actor leveraged a compromised vendor’s SSL VPN account for initial access to the IT network. It isn’t known how the threat actor got hold of the vendor’s credentials. But once inside, the hacker used Windows Remote Desktop Protocol (RDP) to install the Net Monitor for Employees Professional agent through PowerShell. The agent was then disguised as a legitimate system process with a name that mimicked Microsoft’s OneDrive service.

Shortly after that, the threat actor installed SimpleHelp as an additional persistent remote access channel. The SimpleHelp agent was also configured with monitoring triggers for cryptocurrency-related keywords, as well as searching for remote access tool keywords to determine whether anyone else was connecting to the compromised machine. The threat actor also used Net Monitor for network reconnaissance on a compromised domain controller.

Ensure these risks are catalogued

Johannes Ullrich, dean of research at the SANS Institute, said this report is an example of how corporate IT teams build infrastructure that attackers then abuse. It’s known that employee monitoring software and security software have been misused like this in the past, he said.

He pointed out that software including agents that reach out to remote systems to collect data can often execute code on those systems, so they can investigate suspect activity. But, he warned, if not properly controlled, they can be abused by an attacker to execute malicious code.

CSOs must ensure that these risks are properly catalogued and mitigated,” he said. “Any actions performed by these agents must be monitored and, if possible, restricted. The abuse of these systems is a special case of ‘living off the land’ attacks. The attacker attempts to abuse valid existing software to perform malicious actions. This abuse is often difficult to detect.”

Asked for comment on the report, a spokesperson for NetworkLookout, the parent company of Net Monitor, noted in an email that the Net Monitor for Employees Agent can be installed only by a user who already has administrative privileges on the computer where the agent is to be installed. Without administrative privileges, the spokesperson added, “installation isn’t possible.”

“So,” the spokesperson concluded, “if you don’t want our software installed on a computer, please ensure that administrative access is not granted to unauthorized users.”

What CSOs should do

Huntress analyst Pham said to defend against attacks combining Net Monitor for Employees Professional and SimpleHelp, infosec pros should inventory all applications so unapproved installations can be detected. Legitimate apps should be protected with robust identity and access management solutions, including multi-factor authentication.

Net Monitor for Employees should only be installed on endpoints that don’t have full access privileges to sensitive data or critical servers, she added, because it has the ability to run commands and control systems.

She also noted that Huntress sees a lot of rogue remote management tools on its customers’ IT networks, many of which have been installed by unwitting employees clicking on phishing emails. This points to the importance of security awareness training, she said.

Infosec leaders should also note that in June 2025, the US Cybersecurity and Infrastructure Security Agency (CISA) warned that ransomware operators had leveraged unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. The advisory also provided advice on how to mitigate the risks, noting, “This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp RMM since January 2025.”

This article originally appeared on CSOonline.