Computerworld.com [Hacking News]

Making technology work for business

Aktualizace: 15 min 54 sek zpět

Can Microsoft really meet its carbon-negative goal by 2030?

15 Duben, 2026 - 09:02

Six years ago, Microsoft pledged it would be carbon negative by 2030. It’s a worthy goal, and for several years the company was on track to meeting it.

Then generative AI came along and the world changed. Electric power demand from data centers will more than double between 2025 and 2030, according to the International Energy Agency (IEA). “The US economy is set to consume more electricity in 2030 for processing data than for manufacturing all energy-intensive goods combined, including aluminum, steel, cement and chemicals,” the agency projects.

All this new electricity generation means much more carbon will be put into the atmosphere, exacerbating climate change.

What does this mean for Microsoft’s pledge to be carbon negative within four years now? Just two months ago, the company claimed it was on track and had recently passed a major milestone in getting there by becoming carbon neutral. Detractors say nothing could be further from the truth — that it’s just smoke and mirrors, and the company has become a serious polluter and engine for accelerated climate change.

Who’s right? To find out, we’ll look at Microsoft’s claims, lay out what its opponents say, and finally, compare the company’s promises to what it’s actually done.

Microsoft’s rosy view

Microsoft claims not just that it’s on track to becoming a carbon-neutral company by 2030, but that 2025 marked an important turning point on the journey. The headline of the company’s blog post about it in February says it all: “A milestone achievement in our journey to carbon negative.”

From just that headline, you’d think the company was boasting it had reduced its carbon emissions drastically. That’s not the case. Microsoft wrote the post in such an oblique way that it’s tough to know just what it’s claiming. Specifically, the company claimed to have met “our aim to match 100% of our annual global electricity consumption with renewable energy.”

That’s a roundabout way of describing carbon offsets — paying other companies to generate renewable energy that don’t release carbon. In that way, Microsoft can say it’s offsetting its own carbon emissions. Eventually, it claims, by using offsets it will accomplish its goal of removing more carbon from the atmosphere than it’s putting into it by 2030.

Is Microsoft greenwashing?

Critics say Microsoft’s carbon emissions are skyrocketing, and carbon offsets are little more than greenwashing. The Stand.earth Research Group, which does investigative research about climate change, warns that a single new recently announced Microsoft AI data center in West Virginia will “unleash a 44% increase in the company’s annual emissions.”

The group also says that when the facility reaches its full generating capacity in 2031, “Microsoft and co-located partners will emit 25.55 million metric tons of CO₂ per year, as much as putting nearly 6 million cars on the road.”

Keep in mind, that’s just a single facility.

A year ago, Sustainability Magazine warned that even though Microsoft had made substantial investments in renewable energy and conservation, the company’s total carbon emissions had increased by more than 24%. Things have only gotten worse since then.

Many environmentalists don’t believe carbon offsets make up for the carbon emissions a company creates — they call all offsets greenwashing. David Keith, who is head of the Climate Systems Engineering initiative at the University of Chicago and lead author of a report by the UN’s Intergovernmental Panel on Climate Change (IPCC), put it bluntly: “I think all this voluntary stuff and companies claiming to be green is basically greenwashing crap.”

The upshot

So who’s right? If Microsoft buys enough offsets by 2030, will the company really be carbon negative?

There’s an easy way to find out — look at what Microsoft President and Vice Chair Brad Smith promised in his 2020 blog post, “Microsoft will be carbon negative by 2030.” In the post, he noted that merely buying offsets isn’t enough; Microsoft needs to completely switch to renewable power for the vast majority of its direct energy use, buying offsets only to make up for its much smaller indirect energy use, such as employee travel or the electricity its customers use when using Microsoft products.

Here’s what he promised: “By 2025, we will shift to 100% supply of renewable energy, meaning that we will have power purchase agreements for green energy contracted for 100% of carbon emitting electricity consumed by all our data centers, buildings, and campuses.”

That hasn’t happened.

The company’s carbon emissions from its oil- and gas-powered data centers skyrocketed in the last few years, and they’re getting worse. By the company’s own definition, it is not now carbon neutral, won’t be carbon negative by 2030, and isn’t likely to get there — ever.

Kategorie: Hacking & Security

About the Best Places to Work in IT

15 Duben, 2026 - 07:00

Nominations for the 2027 Best Places to Work in IT program are now open! Click HERE to nominate an organization today.

See our Best Places to Work in IT 2026 special report for the complete list of honorees, major trends from the most recent survey, and much more.

About the Best Places to Work in IT program

Computerworld conducts an annual survey to identify the best places to work for IT professionals. We invite readers, PR professionals and other interested parties to nominate companies they consider great employers for IT workers. You may nominate your own company. We then ask those nominated companies that meet our basic criteria to participate in our survey.

Once again, we are excited to extend this program, which has a 33-year history in the United States, to companies worldwide.

The employers in the Best Places list are evaluated by company size: Large companies have 5,000 or more employees; midsize have between 1,001 and 4,999 employees; and small companies employ from 100 to 1,000.

To be eligible, companies must have a minimum of 5 IT employees and a minimum of 100 total employees. We consider IT employees to be those IT workers who provide technology support and services to their own company — or to multiple companies through their work at an IT service provider. Workers who would *not* be included are administrative support staff for the IT department, staff who work in communications or PR for the technology department, IT contractors, or those staff whose primary role is in product development for outside sales.

Best Places to Work in IT is a global program. We ask that companies submit no more than one survey within any one country. If your company operates in multiple countries and you would like to submit a survey for your location only, please note this in the company name field (e.g., “Foundry North America” or “Foundry Germany”). If no location is specified in the company name, we will assume that the entry represents all locations worldwide.

In most cases, we prefer to have the parent company, rather than subsidiaries or affiliates, apply for the Best Places to Work in IT list. However, a subsidiary or affiliate may be eligible, providing that it stands out as a separate entity from the parent company, with separate business functions, IT leadership and so on. A subsidiary may also be eligible to apply separately if its parent company is a holding company. In those cases, the parent company and subsidiary may be able to apply separately. We encourage companies to complete the nomination form or contact us at [email protected], and our Best Places research team will evaluate the submissions on a case-by-case basis.

Questions about the Best Places to Work in IT program can be emailed to [email protected].

Frequently asked questions Survey requirements and eligibility Does my company have to be nominated to complete the survey?

No. Companies may participate even if they were not nominated. In lieu of a nomination, please send an email to [email protected] with the name and contact information (including email address) of the individual who should receive the company survey and other information; we’ll take care of the rest.

Does the Best Places to Work in IT list include public companies only?

No. The survey includes private as well as public companies.

What criteria must my company meet to participate?

To be considered for our Best Places to Work in IT list:

Companies must have a minimum of 5 IT employees.
Companies must have a minimum of 100 total employees worldwide.
In most cases, we prefer to have the parent company, rather than subsidiaries or affiliates, apply for the Best Places to Work in IT list. However, a subsidiary or affiliate may be eligible, providing that it stands out as a separate entity from the parent company, with separate business functions, IT leadership and so on. A subsidiary may also be eligible to apply separately if its parent company is a holding company. In those cases, the parent company and subsidiary may be able to apply separately. We encourage companies to complete the nomination form or contact us at [email protected], and our Best Places research team will evaluate the submissions on a case-by-case basis.

Who should complete the survey?

An individual familiar with employment statistics, benefits, policies and programs of your IT department and your company should complete the survey. This could be a human resources representative, a CIO or corporate PR representative — or a team of all the above.

Survey contents and procedures What does the company survey ask?

Our online survey includes questions about companies’ benefits, training and development, IT salary changes, percent of IT employees promoted, IT turnover rates, and the percentage of women employees in management in IT departments. In addition, we will collect information about company culture, workplace modernization, and company growth.

Which employees are considered “IT workers” in this survey?

Answers to the survey should be based on those IT workers who provide technology support and services to their own company — or to multiple companies through their work at an IT service provider. Workers who wouldn’t be included are administrative support staff for the IT department, staff who work in communications or PR for the technology department, IT contractors, or those staff whose primary role is in product development for outside sales.

What happens if I leave a question blank on the survey?

You can’t leave a question blank if it is required. Many of the questions on the survey are required; the survey can’t be processed if they aren’t answered. Please answer to the best of your ability for questions with lists or options included. If any open-ended/text based questions aren’t applicable to your company, please indicate “NA” for “not applicable.” If there is a question you can’t answer fully given the format of the survey, you may briefly explain your answers in an addendum field that follows each survey section.

Companies that withhold information used to rank the finalists will have points deducted from their ranking. Answers that are left blank or have unexplained N/As will be assumed to be 0 (zero).

What information will be shared publicly?

Computerworld tries to avoid printing information that a company may consider competitive. The following information may appear publicly:

Company name
Location
Industry
Website
Total number of employees

All other information will be used only in aggregate format or for ranking purposes, unless a featured organization explicitly grants permission.

Can I save my survey and come back to it at a later date?

Yes. You will be able to save your partially completed survey and can save a partially completed survey as many times as necessary. Please save your unique URL to re-enter the survey. When you return to the survey, you will be able to review/modify questions that you have already answered. However, we will continue to provide a printer-friendly version of the survey, and we recommend that you complete this survey, then enter your answers online.

How should I send my company’s information to Computerworld?

We accept company information from the online survey only. Please enter all data as accurately as possible. Provide company name, location, web address and other information, as you would like it to appear in print.

Can I get a copy of the survey to review before I go to the online survey and submit my company’s information?

Yes. A printer-friendly version of the 2027 Best Places company survey can be downloaded for reference. We encourage participants to complete the printer-friendly version offline before filling out the online survey.

Best Places to Work in IT 2027 Company Survey Download Will Computerworld provide us with a copy of our submitted survey?

Upon request, Computerworld will email you a PDF of your company’s survey responses.

Is there an employee portion to the survey?

There is no longer an employee survey portion to the survey. Computerworld decided to make this change in the 2023 program to streamline the process for global participation and to enable companies with smaller IT departments to participate. In lieu of the employee survey portion of the program, Computerworld will be inviting a panel of judges consisting of industry experts to evaluate entries and confirm this year’s honorees.

List publication and notification When will the list of honorees be published?

The Best Places to Work in IT honorees will be announced in December 2026 on Computerworld.com.

When can I find out if my company is on the list?

Computerworld will notify companies that will be honored as a 2027 Best Place to Work in IT several weeks in advance of publication. Computerworld will provide honorees with an online press kit including a sample press release and other promotional information.

Is there a timeline to which I can refer for survey action items?

Below is the 2027 Best Places to Work in IT timeline.

April 15, 2026Nominations open for the 2026 Best Places to Work in IT. Nominated companies receive an email with a unique link to the Best Places company survey from Computerworld by the end of April. Thereafter, company surveys will be sent on a rolling basis.July 15, 2026DEADLINE: Completed Best Places company survey is due to Computerworld.October 2026
Nominees are notified regarding their status as Best Places to Work in IT honorees.December 2026List of Best Places to Work in IT honorees is available online. What if I have a question that was not answered in this FAQ?

Please email your questions to the following address: [email protected].

In the subject line, please include your company name and be as descriptive as possible in the subject line as to the nature of your inquiry.

Kategorie: Hacking & Security

Apple devices’ satellite link is under new ownership

15 Duben, 2026 - 06:37

Globalstar, a mobile satellite services (MSS) operator in which Apple has a 20% stake, on Tuesday announced a merger agreement with Amazon, which, pending regulatory approval, could soon bring direct to device services (D2D) services to Leo, the latter’s low Earth orbit satellite network.

The deal, worth an estimated $11.6 billion, is an indication that the so-called new space race, designed to integrate satellite communications into smart phones, is certainly not slowing down.

In addition to the merger, the two companies stated in a release that Amazon Leo (formerly known as Project Kuiper), which is scheduled to launch this year, will power satellite services for iPhone and Apple Watch, including Apple’s Emergency SOS satellite service.

As part of the agreement, the release said, “Amazon will acquire Globalstar’s existing satellite operations, infrastructure and assets, including MSS spectrum licenses with global authorizations.” Amazon also said it will deploy its own “next-generation D2D satellite system” in 2028.

Licensed spectrum seen as ‘key to the deal’

Roger Entner, analyst and founder of Recon Analytics, said of the deal, “Amazon just bought itself a big relationship with Apple, first and foremost. Globalstar is such an integral part of Apple on a global basis. This lays the foundation for when Leo comes online to expand and deepen that relationship.”

On a global basis, he said, that is ideal for all the iPhone customers around the world, and in addition, the acquisition represents a powerful counter move against Starlink, and its mobile, direct to device initiatives.

It is, added Entner, a smart move by Amazon, and with Apple being a major shareholder in Globalstar, the deal did not happen without its approval. “I see winners all around here, and it [also] puts a little bit of a damper on SpaceX and its IPO.”

Scott Bickley, advisory fellow at Info-Tech Research Group, said, “Amazon is acquiring Globalstar primarily for its licensed spectrum, which is one of the hardest assets to secure in telecom, and rarely comes to market from the FCC.”

Globalstar, he pointed out, “has valuable L-band and S-band licenses, which are well-suited for direct to device connectivity and allow regular smartphones to connect to satellites without specialized hardware. That alone can compress Amazon’s timeline by several years.”

Bickley said the deal “also brings existing satellite operations, regulatory relationships, and experience, but this doesn’t materially close the gap with SpaceX. Starlink operates at a completely different scale, with full vertical integration, including its own launch capabilities.”

Anshel Sag, principal analyst at Moor Insights & Strategy, described the merger announcement as something he has been “tracking for quite some time. This helps Amazon add more infrastructure and spectrum for satellite communications to Amazon Leo, and adds arguably one of the biggest customers in the industry, Apple. This also confirms the rumors that have been swirling for the last few months about Globalstar’s acquisition.”

Globalstar, he added, is a “really interesting company, because Apple owns 20% of it through over $1 billion in investments over the last few years. The CEO, [Paul E. Jacobs] is also Qualcomm’s former CEO and the son of its founder. [He] came on board when Globalstar made a strategic investment in XCOM Global, a company working on XR and 5G technologies.”

Merger provides Apple with a healthy ROI

Globalstar is, said Sag, also in the process of modernizing its satellite constellation with Apple’s help, and prior to the acquisition, it was going to dedicate 85% of that new capacity to Apple.

With the acquisition, Sag noted, “Amazon is not only getting an industry brand name, but also arguably the world’s biggest customer, which has already signed a new agreement with Amazon to work together, likely in an even larger capacity with the combination of Globalstar and Amazon Leo’s assets.”

The $11.6 billion purchase price, said Sag, also “gives Apple a great return on its investment, while beefing up its capabilities, and means that iPhones will work on both Amazon’s Leo network and SpaceX’s Starlink service.”

And while he does not believe that satellite will replace terrestrial networks in most cases, “air travel has proven to be one of the best use cases outside of the occasional rural user. Amazon’s Leo service also seems to prioritize enterprises and the AWS tie-in, which I believe will be a much better path to profitability and scale than selling directly to consumers.”

This acquisition, said Sag, “also appears to be on track for FCC approval, based on Brendan Carr’s statements about the desire for industry leadership in the United States. 6G also seems like it will heavily incorporate satellite communications into the standard, so I think this kind of consolidation might be good, but it does reduce competition to a certain degree.”

If that occurs, he pointed out, the deal will make Amazon Leo an even more capable competitor to SpaceX and could be seen as validation of SpaceX’s strategy, but it could also impact SpaceX’s upcoming IPO valuation.

Ultimately, said Sag, “consumers and businesses will want choice when it comes to satellite connectivity, whether it’s for broadband, IoT, or direct to device consumer connectivity. I suspect we’ll see more companies sign with Amazon Leo as its capabilities and spectrum expand. I also believe this might increase the need for more spectrum auctions, which I believe SpaceX has already been pushing for.”

And, said Info-Tech’s Bickley, Amazon is “betting on direct to device at scale, and if that works, the addressable market extends well beyond traditional satellite broadband. Globalstar’s relationship with Apple adds a potential entry point into that ecosystem.”

The challenge is execution, he said. Amazon is still constrained by third-party launch providers, and now has to integrate a legacy satellite network into Kuiper. Meanwhile, Starlink already has well over 10K satellites, is already profitable, and is continuously expanding its footprint.

Apple has not yet responded to a request for comment about the fate of its stake in Globalstar, but, as Entner pointed out, “20% of Globalstar is not 20% of Amazon.”

Kategorie: Hacking & Security

IBM’s government DEI settlement could increase pressure to avoid tech hiring diversity

15 Duben, 2026 - 06:05

IBM has agreed to settle a complaint from the US Justice Department around its initiatives to diversify its workforce and to encourage hiring of underrepresented groups, contrary to a presidential directive. The federal contractor also agreed to pay the government roughly $17 million.

The pressure from the Trump administration to eliminate workforce diversification efforts, typically known as DEI (Diversity, Equity, and Inclusion) programs, has persuaded many companies, including Meta, Google, Amazon, Salesforce, Intel, OpenAI, Tesla and Zoom, to publicly back away from those diversification efforts. A few companies, including Apple, Microsoft, Nvidia and Oracle, have held firm in favor of DEI, for the most part.

The government’s official position states that age, race, sexual preference, and gender should have zero impact on hiring decisions. Diversification proponents counter that workforce composition will stay stagnant unless explicit efforts are made to diversify.

Focus of settlement

The Justice Department settlement focused mostly on IBM’s role as a government contractor.

The government filing said IBM made “false claims” and “false statements” to the government regarding hiring practices in connection with IBM’s government contract work.

“As a federal contractor, IBM was required to comply with anti-discrimination requirements as set forth in Title VII of the Civil Rights Act of 1964,” the settlement said, adding that IBM “discriminated against employees during employment and applicants for employment because of race, color, national origin, or sex, and failed to treat employees during employment without regard to race, color, national origin, or sex.”

Beyond hiring practices, the government also opposed hiring goals that encouraged diversity, including “developing race and sex demographic goals for business units and taking race, color, national origin, or sex into account when making employment decisions to achieve progress towards those demographic goals” and using those same criteria to offer “certain training, partnerships, mentoring, leadership development programs, educational opportunities or resources, and/or similar opportunities only to certain employees.”

The agreement also said that the deal “is neither an admission of liability by IBM nor a concession by the United States that its claims are not well founded” and added that IBM agreed to the settlement “to avoid the delay, uncertainty, inconvenience and expense of protracted litigation.”

Acting US Attorney General Todd Blanche issued a statement saying, “racial discrimination is illegal, and government contractors cannot evade the law by repackaging it as DEI.”

IBM did not respond to an email seeking comment.

Companies can work around biases

Bryan Howard, the CEO of recruiting strategy consulting firm Peoplyst, said he would encourage enterprises to simply move their workforce diversification efforts earlier in the recruitment process.

“There’s a big difference between candidate pool and the selection process,” Howard said, suggesting that there are no federal rules limiting outreach choices. If, for example, a company wanted to increase workforce representation for a particular group, then the job notice should be focused on universities and other places where that group is well represented.

“Expand your pool and do not contract it. Fish in the ponds where those people are,” Howard said. “Increase diversity by simply recruiting from diverse sources.”

Howard also said the government position leverages last year’s US Supreme Court decision in Ames v. Ohio Department of Youth Services, where the court held that reverse discrimination is illegal.

Complicating diversification efforts today are two popular recruiting/hiring tools pushed by HR: Using genAI to filter a massive number of applicants and only present a small handful to the hiring managers to choose from; and referral programs in which employees are offered cash incentives if they recommend job candidates who are eventually hired.

AI’s bias is to seek job candidates whose profiles most closely resemble that of the current workforce. In other words, AI wants to learn everything it can about who the company has hired before, to help it determine the attributes to look for.

Referral programs, Howard said, also tend to attract people with the same characteristics as the existing workforce. Even though those referral hires tend to stay with the company longer, “if you have a population that is already skewed and that is the population recruiting, the existing bias will likely continue.”

Settlement could hurt recruitment efforts

Consultant Brian Levine, executive director of FormerGov, said it is difficult to interpret the settlement as anything other than opposing DEI efforts.

The US Justice Department, where Levine once worked as a federal prosecutor, ”has issued a multi-million dollar penalty for company policy that seemed to be intended to encourage diversity,” he said. “As with Anthropic, in this new world, sometimes organizations may be forced to choose between ‘the law’ as it is currently being interpreted by some, and a good faith effort to positively influence society, or at least to minimize societal harm.”

Levine said some enterprises may try to overcompensate to keep the current administration happy.

“Fearing financial penalties, some companies that work with the federal government will now choose to ensure their DEI program is fully dismantled,” Levine said. “Other companies may choose to cease working with the federal government and/or may choose to keep, or even double down, on their DEI program. If Anthropic is any indication, these latter companies may ultimately be rewarded in the market.”

Flavio Villanustre, CISO for the LexisNexis Risk Solutions Group, added that this settlement might end up hurting tech recruitment efforts.

“I think that this will force organizations to reframe their DEI programs to not upset the DOJ, which could have an impact on hiring of individuals in certain classes and could result in overall less diversity,” Villanustre said. “Diversity is an important part of building resilient, successful organizations, so this could have a broader impact than just the one at hiring time.”

This article originally appeared on CIO.com.

Kategorie: Hacking & Security

Curity looks to reinvent IAM with runtime authorization for AI agents

15 Duben, 2026 - 05:35

In 2026, enterprise developers are building and deploying the first generation of powerful, increasingly autonomous AI agents at incredible speed. Now comes the hard part: working out how to secure them.

Vendors in the space are facing multiple challenges. To begin with, traditional identity and access management (IAM) tools were never designed to secure anything as complex as agentic AI. In addition, the number of agents, both those sanctioned by the enterprise and the undocumented ‘shadow’ agents created by a new generation of powerful tools that barely existed a year ago, is increasing at unprecedented speed. And now it has started to dawn on organizations that this risks leaving yawning governance and security gaps whose weaknesses could one day return to haunt their creators.

While a growing list of companies, including large cloud platforms such as Okta, Ping Identity, and Microsoft’s Entra ID, is vying to fill the vacuum, a smaller competitor, Sweden’s Curity, argues that agents can’t be secured using traditional IAM. Instead, it is offering a different approach to the problem: This week, it announced Access Intelligence, an extension to its existing API identity and access management (IAM) platform, Identity Server.

The problem it addresses is that traditional IAM tools assume that applications are being accessed by human users or machine identities, governed by a one-time authentication process. But agents, which assume long chains of actions conducted at incredible speed, don’t work like this. Instead, access becomes ephemeral, complex, and non-deterministic, which is to say, hugely unpredictable. Lock them down too much and they stop working; let them run free, and weak security follows in their wake.

Runtime enforcement

Curity’s approach is to treat agents as a special type of application. Like applications, agents call APIs, MCP servers, and each other, and are credentialed using OAuth tokens. Through a feature called Token Intelligence, Curity extends the role of OAuth tokens to not simply permit access, but to carry information on the agent’s purpose and intent. In Curity’s scheme, an agent can only access resources based on that purpose.

Instead of using static, pre-granted permissions, agent access is granted at runtime, on-the-fly. Each requested action generates a separate token that describes the access it needs. When an agent starts a new task, it needs a new token specifying a new set of permissions. If necessary, human authorization can be required when an agent is trying to perform a high-risk action such as transferring funds.

“Curity has always been application-centric,” said Cofounder and CTO Jacob Ideskog. “Our focus has always been on how we broker access.”

Multiple approaches to agent security

Today, agent security falls into one of several camps, which include increasingly inadequate inline approaches such as API gateways and web application firewalls (WAFs), and out-of-band analysis systems that infer intent by analyzing agent behavior against a baseline.

Curity’s Access Intelligence, by contrast, is a self-hosted microservice that acts as a glorified IAM layer through which every agent request must pass. “Because we let an agent do something now doesn’t mean we should be allowing it to do this a minute later,” Ideskog explained.

Access Intelligence also uses Identity Server’s centralized token validation to ensure that developers can fire up agents or APIs without registering them. If they lack this validation, agents are isolated from real-world actions.

Nothing does the whole job

The appearance of systems such as Access Intelligence is good news for enterprises. It indicates that vendors are starting to address the problem of agent security, often by extending existing API security platforms. But that still leaves open the question of which approach to take.

Ideskog believes it would be a mistake to see the different approaches as mutually exclusive. Curity’s Access Intelligence can be used in combination with other layers of agent security, he emphasized. In short, no one solution can do the whole job.

“Up to this point, the IAM industry has focused on the identity part. But the real question is the access. Enterprises are asking their privilege access management (PAM) vendors how they’re going to deal with this [agent security] and I don’t think the PAM vendors have good answers yet,” he said.

This article originally appeared on CSOonline.

Kategorie: Hacking & Security

Microsoft is developing Copilot features inspired by Openclaw

14 Duben, 2026 - 18:08

Microsoft is testing new features for Microsoft 365 Copilot inspired by the open-source platform Openclaw, according to The Information. The goal is to make the AI assistant more autonomous so it can perform tasks automatically on behalf of the user.

The technology behind Openclaw gained popularity earlier this year; it allows users to build AI agents that work more independently on the computer. At the same time, experts have warned of major security concerns about the highly advanced tool.

Microsoft’s solution could, for example, monitor emails in Outlook and a user’s calendar and then suggest daily tasks and priorities. The company is also reportedly exploring AI agents for various professional roles, such as marketing, sales, and finance, where each agent would have limited permissions to reduce security risks.

Microsoft is expected to showcase parts of its work during its Build developer conference in June.

Kategorie: Hacking & Security

Global RAM shortage prompts Microsoft to hike Surface prices

14 Duben, 2026 - 17:49

Microsoft has decided to drastically raise the prices of its Surface series computers, according to Windows Central. As a result, the flagship models of the Surface Laptop and Surface Pro now cost $1,499 — $500 more than they did at launch in 2024.

The main reason for the price hikes is tied to the global shortage of RAM, which has made it more expensive to manufacture computers.

It’s noteworthy that Microsoft chose to raise prices on its older models when there are strong indications new models will be released within a few months. The move makes Microsoft’s computers now more expensive than Apple’s equivalents.

Kategorie: Hacking & Security

Apple Business rolls out to 200+ countries today

14 Duben, 2026 - 17:42

Apple’s all-new Apple Business platform is expected to launch as a free service in the US and 200 other countries starting today. It’s the go-to platform for small business seeking better management tools for their Apple tech and a great accompaniment to the millions migrating to the Mac with MacBook Neo.

What is Apple Business

Apple Business combines three previous business-related Apple services: Apple Business Connect, Apple Business Manager, and Apple Business Essentials.

What you get:

Managed Apple accounts that separate private and company data with an identity service provider.
The ability to configure employee and/or employee group hardware.
Mobile Device Management tools to manage Mac, iPhone, and iPad settings and security.
Tools to manage and deploy apps and settings using Blueprints and the App Store.
Zero-touch deployment of new hardware.
Brand management tools — include your business logo across Maps, Wallet, Mail and other Apple services.
API-level automation access for larger businesses.

This is particularly useful to small business customers who can now manage their devices, including app deployment, and — for a fee — agree to an AppleCare+ for Business package to protect their tech. Prices start at $6.99 per month, per user for up to three devices.

But there’s another string to this bow, based around location and business identity.

Apple’s new local advertising business

Apple Business also sees the company begin to muscle in on the market for paid local discovery advertising, with tools to make it very easy for small business users to place such ads via their Apple Business account.

The way this works is that an enterprise verified by Apple Business can bid for ad placements that will subsequently appear in search results or within suggested locations. The offer goes a little further: you can also create professional communications and online location ads using domain names, built in email, calendar and other services.

These ads are supported by other aspects of Apple Business. For example, a company can select images, special offers, contact details, and more and make this information available via its placeholder in Maps. It can then deploy highly targeted local ad dollars to attract potential customers to the listing.

These new services matter, given that Apple has over 1 billion active devices and the ads can be booked via Maps, Siri, and Spotlight. Apple is currently testing ads in Maps in the second beta of iOS 26.5.

While it’s arguable that the last thing anyone really wants is ads in Maps, particularly as these will inevitably populate part of the user experience for future visionOS devices, you can’t argue that ads in Maps won’t be a good business for Apple given the number of customers it has.

Polaris Market Research tells us the global location-based advertising market was worth around $110 billion in 2023 and is forecast to hit $387 billion by 2032. Apple’s 1 billion active users mean the company has a good opportunity to grab some of that market on the basis of its commitment to privacy, which not every location-based ad service provides. Apple says ad information is not linked to an Apple Account, and promises no data is collected by the company or shared with third parties.

So, at no consequential cost to the privacy of their own customers or potential customers, many small businesses worldwide will be able to reach people using ads in Maps (unless they happen to be in South Lebanon). The bad news? There is no way to opt-out of these ads, at least not yet.

What you must do now

While existing users will be automatically migrated to the new platform, if you already use Apple Business Manager, you will be asked to agree to new terms and conditions when you first login to your account once the service goes live. If you’re an existing user, it’s important to do this as soon as you can to help ensure you don’t experience any issues with automated device enrollment.

You can follow me on social media! Join me on BlueSky, LinkedIn, and Mastodon.

Kategorie: Hacking & Security

Windows 10: A guide to the updates

14 Duben, 2026 - 14:35

Windows 10 has reached the end of mainstream support, which means most users will no longer receive new features, bug fixes, or security updates. Microsoft encourages businesses and individuals to upgrade to Windows 11.

Another option is to purchase extended security updates for Windows 10. Those enrolled in the Windows 10 Extended Security Updates (ESU) program will receive monthly security updates, but no new feature releases.

In this story we summarize what you need to know about each update released for the most recent versions of Windows 10 — versions 22H2 and 21H2. (Microsoft releases updates for those two versions together.) For each build, we’ve included the date of its initial release and a link to Microsoft’s announcement about it. The most recent updates appear first.

For details about how to install and manage Windows updates, see “How to handle Windows 10 and 11 updates.”

Updates to Windows 10 versions 21H2 and 22H2

As of November 2025, only computers enrolled in the Windows 10 ESU program (or those with a Windows 10 Enterprise LTSC 2021 or 2024 license) will receive Windows 10 updates.

KB5082200 (OS Builds 19045.7184 and 19044.7184)

Release date: April 14, 2026

Applies to: Windows 10 ESU

This update fixes several bugs, including one that prevented users from signing into apps with a Microsoft account. It also improves protection against phishing attacks that use Remote Desktop (.rdp) files. For more information, see Understanding security warnings when opening Remote Desktop (RDP) files.

It also enables dynamic status reporting for Secure Boot states in Settings > Update & Security > Windows Security, with a green, yellow, or red badge indicating your current Secure Boot status. See Secure Boot certificate update status in the Windows Security app for more information.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Update, April 15: Microsoft has confirmed an issue with this release: “Devices with an unrecommended BitLocker Group Policy configuration might be required to enter their BitLocker recovery key.” See Microsoft’s KB5082200 information page for details and workarounds.

(Get more info about KB5082200.)

KB5078885 (OS Builds 19045.7058 and 19044.7058)

Release date: March 10, 2026

Applies to: Windows 10 ESU

With this update, Windows quality updates include additional high confidence device targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. This targeting is based primarily on client device diagnostic data; due to limited data, servers are unlikely to qualify, though not explicitly excluded. Devices receive new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2026 Security Updates.

(Get more info about KB5078885.)

KB5075912 (OS Builds 19045.6937 and 19044.6937)

Release date: February 10, 2025

Applies to: Windows 10 ESU

This Patch Tuesday update fixes a variety of bugs, including one that affected folder renaming with desktop.ini files in File Explorer. The LocalizedResourceName setting was ignored, so custom folder names did not show. Now, custom folder names appear as expected.

It also includes a broad set of targeting data that identifies devices and their ability to receive new Secure Boot certificates. Devices will receive the new certificates only after they show sufficient successful update signals, which helps ensure a safe and phased rollout.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2026 Security Updates.

(Get more info about KB5075912.)

KB5078129 (OS Builds 19045.6812 and 19044.6812) Out-of-band

Release date: January 24, 2026

Applies to: Windows 10 ESU

This update fixes a bug in which some applications were unresponsive or encountered unexpected errors when opening files from or saving files to cloud-based storage, such as OneDrive or Dropbox. In certain Outlook configurations that store PST files on OneDrive, Outlook sometimes hung and failed to reopen unless the process was terminated or the system was restarted. Users may have also experienced missing sent items or previously downloaded emails.

Get more info about KB5078129 Out-of-band.)

KB5077796 (OS Builds 19045.6811 and 19044.6811) Out-of-band

Release date: January 17, 2026

Applies to: Windows 10 ESU

This update fixes a bug in which some users experienced sign-in failures during Remote Desktop connections. This issue affected authentication steps for different Remote Desktop applications on Windows such as the Windows App.

(Get more info about KB5077796 Out-of-band.)

KB5073724 (OS Builds 19045.6809 and 19044.6809)

Release date: January 13, 2026

Applies to: Windows 10 ESU

This Patch Tuesday update includes a subset of high-confidence device targeting data that identifies devices eligible to automatically receive new Secure Boot certificates. Devices will receive the new certificates only after demonstrating sufficient successful update signals, ensuring a safe and phased deployment.

It also fixes one bug, in which some security software might have detected the Windows core component, WinSqlite3.dll as being as vulnerable.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2026 Security Updates.

(Get more info about KB5073724.)

KB5074976 (OS Builds 19044.6693 and 19045.6693) Out-of-band

Release date: December 18, 2025

Applies to: Windows 10 ESU

This update fixes a bug in the Message Queuing (MSMQ) functionality. This bug also affected a clustered MSMQ environment under load. This issue could have led to message queues becoming inactive, messages about insufficient resources, applications unable to write to message queues, error messages about the message cannot be created, or messages about insufficient disk space or memory. This issue primarily affected enterprise or managed IT environments.

(Get more info about KB5074976 Out-of-band.)

KB5071546 (OS Builds 19045.6691 and 19044.6691)

Release date: December 9, 2025

Applies to: Windows 10 ESU

In this update, PowerShell’s Invoke-WebRequest command now includes a confirmation prompt with a security warning of a script execution risk. You can choose to continue or cancel the request. For additional details, see CVE-2025-54100 and KB5074596: PowerShell 5.1: Preventing script execution from web content.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2025 Security Updates.

(Get more info about KB5071546.)

KB5068781 (OS Builds 19044.6575 and 19045.6575)

Release date: November 11, 2025

Applies to: Windows 10 ESU

This update fixes a bug in which after installing the October 14, 2025 Windows update (KB5066791), the message “Your version of Windows has reached the end of support” might incorrectly display in the Windows Update Settings page. To view the page, click Start > Settings > Windows Update.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2025 Security Updates.

(Get more info about KB5068781.)

KB5071959 (OS Build 19045.6466) Out-of-band

Release date: November 11, 2025

This build fixes a bug in the Windows 10 Consumer Extended Security Update (ESU) enrollment process, where the enrollment wizard may fail during enrollment.

(Get more info about KB5071959 Out-of-band.)

KB5066791 (OS Builds 19044.6456 and 19045.6456)

Release date: October 14, 2025

This update fixes several bugs, including one in which command time in PowerShell Remoting and WinRMntime out after 600 seconds.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2025 Security Updates.

Note that today marks the official end of support for Windows 10 Home, Pro, and Enterprise, except for organizations and individuals enrolled in Microsoft’s Extended Security Updates program.

(Get more info about KB5066791.)

KB5063842 (OS Build 19045.6396) Preview

Release date: September 25, 2025

This build fixes two bugs, one in which you might not be able to connect to shared files and folders if you’re using the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP NetBIOS (NetBT), and another in which those using Windows Autopilot to deploy Windows 10, version 22H2 to devices with the Enrollment Status Page (ESP) configured might find that the ESP doesn’t load during the Out-of-Box Experience (OOBE).

(Get more info about KB5063842 (OS Build 19045.6396) Preview.)

KB5065429 (OS Builds 19044.6332 and 19045. 6332)

Release date: September 9, 2025

This update fixes several bugs, including one that caused non-admin users to receive unexpected User Account Control (UAC) prompts when MSI installers performed certain custom actions, such as configuration or repair operations in the foreground or background during the initial installation of an application.

The build also enables auditing SMB client compatibility for SMB Server signing as well as SMB Server EPA. This allows customers to assess their environment and identify any potential device or software incompatibility issues before deploying the hardening measures that are already supported by SMB Server. For detailed guidance, see CVE-2025-55234 | Windows SMB Elevation of Privilege Vulnerability.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2025 Security Updates.

(Get more info about KB5065429.)

KB5063842 (OS Build 19045.6282) Preview

Release date: August 26, 2025

In this build, Windows Backup for Organizations is now generally available. It lets your organization back up Windows 10 settings and restore them on a Microsoft Entra joined device. You can also enable backup of the list of installed Microsoft Store apps, with the ability to restore them to the user’s Start menu as well.

A variety of bugs have also been fixed, including one in which mf.dll failed to enumerate redirected web camera devices on Remote Desktop Services (RDS) environments.

(Get more info about KB5063842 Preview.)

KB5066188 (OS Builds 19044.6218 and 19045.6218) Out-of-band

Release date: August 19, 2025

This build fixes a bug introduced by the August 2025 security update (KB5063709) in which attempts to reset and recover the device fail. This issue happens when users perform one or more of the following processes:

System > Recovery > Reset my PC
System > Recovery > Fix problems using Windows Update
RemoteWipe CSP

For more information on the issue, see Windows release health. Microsoft recommends you install this optional update if you have encountered this issue. The company also says that if your system isn’t affected or you don’t plan using the methods described above, you can choose not to install it.

(Get more info about KB5066188 Out-of-band.)

KB5063709 (OS Builds 19044.6216 and 19045.6216)

Release date: August 12, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2025 Security Updates.

(Get more info about KB5063709.)

KB5062649 (OS Build 19045.6159) Preview

Release date: July 22, 2025

This build adds the ability to deploy SKUSiPolicy VBS Anti-rollback protections through the Secure Boot AvailableUpdates registry key.

It also fixes a variety of bugs, including one that affected the Windows 10 Extended Security Updates (ESU) enrollment wizard. Some users experienced a problem where clicking “Enroll now” caused the wizard window to open, begin loading, and then close unexpectedly.

(Get more info about KB5062649 Preview.

KB5062554 (OS Builds 19044.6093 and 19045.6093)

Release date: July 8, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2025 Security Updates.

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

(Get more info about KB5062554.)

KB5061087 (OS Build 19045.6036) Preview

Release date: June 24, 2025

This build fixes a variety of bugs, including one that caused jump lists to disappear from the Start menu.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome.

(Get more info about KB5061087 Preview.)

KB5060533 (OS Builds 19044.5965 and 19045.5065)

Release date: June 10, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2025 Security Updates.

(Get more info about KB5060533.)

KB5058481 (OS Build 19045.5917) Preview

Release date: May 28, 2025

This build offers several new features, including one that brings back the clock view that displays seconds on the calendar. It also fixes several bugs, including one in which in GDI/GDI+, some GB18030-2022 characters in plane 2 were not rendered.

(Get more info about KB5058481 Preview.)

KB5061979 (OS Builds 19044.5859 and 19045.5859)

Release date: May 27, 2025

This out-of-band update fixes a bug in the direct send path for a guest physical address (GPA). This issue caused confidential virtual machines running on Hyper-V with Windows Server 2022 to intermittently stop responding or restart unexpectedly. As a result, service availability was affected, and manual intervention was required. This problem primarily impacted Azure confidential VMs.

(Get more info about KB5061979.)

KB5061768 (OS Builds 19044.5856 and 19045.5856)

Release date: May 19, 2025

This out-of-band build fixes a bug in the recent May 13 Patch Tuesday build (KB5058379) that caused the Local Security Authority Subsystem Service (LSASS) process to terminate unexpectedly, triggering an Automatic Repair prompting for the BitLocker recovery key.

(Get more info about KB5061768.)

KB5058379 (OS Builds 19044.5854 and 19045.5854)

Release date: May 13, 2025

The update improves Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI) for the detection of Linux systems. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2025 Security Updates.

(Get more info about KB5058379.)

KB5055612 (OS Build 19045.5796) Preview

Release date: April 22, 2025

This build fixes two bugs, including one in which the check for GPU paravirtualization was case-sensitive in Windows Subsystem for Linux 2 (WSL2). This issue might have potentially caused GPU paravirtualization support to fail.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5055612 Preview.)

KB5055518 (OS Builds 19044.5737 and 19045.5737)

Release date: April 8, 2025

The update has a broad variety of security updates. For details, see Microsoft’s Security Update Guide and April 2025 Security Updates.

There are two known issues in this build including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5055518.)

Windows 10 2022 Update (version 22H2)

Release date: October 18, 2022

The Windows 10 2022 Update is, in Microsoft’s words, “a scoped release focused on quality improvements to the overall Windows experience in existing feature areas such as quality, productivity and security.” In other words, there’s not much new here, although Computerworld blogger Susan Bradley did uncover a handful of new group policies in the release.

Home and Pro editions of the 2022 Update will receive 18 months of servicing, and Enterprise and Education editions will have 30 months of servicing.

To install the update, go to Settings > Update & Security > Windows Update and select Check for updates. If the update appears, select Download to install it.

(Get more info about the Windows 10 2022 Update.)

Windows 10 November 2021 Update (version 21H2)

Release date: November 16, 2021

Version 21H2, called the Windows 10 November 2021 Update, is the second feature update to Windows 10 released in 2021. Here’s a quick summary of what’s new:

Wi-Fi security has been enhanced with WPA3 H2E standards support.
GPU compute support has been added in the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments for machine learning and other compute-intensive workflows.

There are also a number of features designed for IT and business:

Windows Hello for Business has a new deployment method called cloud trust that simplifies passwordless deployments.
For increased security, there have been changes to the Universal Windows Platform (UWP) VPN APIs, which includes the ability to implement common web-based authentication schemes and to reuse existing protocols.
Apps can now be provisioned from Azure Virtual Desktop. This allows those apps to run just like local apps, including the ability to copy and paste between remote and local apps.
The release closes the gap between Group Policy and mobile device management (MDM) settings. The device configuration settings catalog has been updated to list more than 1,400 settings previously not available for configuration via MDM. The new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler.
An upgrade to Windows 10 Enterprise includes Universal Print, which now supports print jobs of up to 1GB or a series of print jobs from an individual user that add up to 1GB within any 15-minute period.
Universal Print integrates with OneDrive for web and Excel for web. This allows users of any browser or device connected to the internet to print documents hosted in OneDrive for web to a printer in their organization without installing printer drivers on their devices.

Microsoft has also announced that starting with this release, Windows 10 will get feature updates only once a year.

Windows 10 May 2021 Update (version 21H1)

Release date: May 18, 2021

Version 21H1, called the Windows 10 May 2021 Update, is the most recent update to Windows 10. This is a relatively minor update, but it does have a few new features.

Here’s a quick summary of what’s new in 21H1:

Windows Hello multicamera support: If you have an external Windows Hello camera for your PC, you can set the external camera as your default camera. (Windows Hello is used for signing into PCs.) Why should this change matter to you? If you have an external camera, you probably bought it because it’s superior to the built-in, internal one on your computer. So with this change, you’ll be able to use the more accurate camera for logging into your PC.
Improved Windows Defender Application Guard performance: Windows Defender Application Guard lets administrators configure applications to run in an isolated, virtualized container for improved security. With this change, documents will open more quickly. It can currently take up to a minute to open an Office document in it.
Better Windows Management Instrumentation (WMI) Group Policy Service support: Microsoft has made it easier for administrators to change settings to support remote work.

Windows 10 October 2020 Update (version 20H2)

Release date: October 20, 2020

Version 20H2, called the Windows 10 October 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a few new features.

Here’s a quick summary of what’s new in 20H2:

The new Chromium-based version of the Microsoft Edge browser is now built directly into Windows 10.
The System page of Control Panel has been removed. Those settings have been moved to the Settings app.
The Start menu’s tiled background will match your choice of Windows themes. So the tiled background will be light if you’re using the Windows 10 light theme and dark if you’re using the Windows 10 dark theme.
When you use Alt-Tab, Edge will now display each tab in your browser in a different Alt-Tab window. Previously, when you used Alt-Tab, Edge would get only a single window. You can change this new behavior by going to Settings > System > Multitasking.
When you pin a site to the taskbar in Edge, you can click or mouse over its icon to see all your browser tabs that are open for that website.
When you detach a keyboard on a 2-in-1 device, the device will automatically switch to the tablet-based interface. Previously, you were asked whether you wanted to switch. You can change that setting by going to Settings > System > Tablet.
The Your Phone app gets a variety of new features for some Samsung devices. When using one of the devices, you can interact with the Android apps on your phone from the Your Phone app on Windows 10.

What IT needs to know: Windows 10 version 20H2 also has a variety of small changes of note for sysadmins and those in IT.

IT professionals who administer multiple mobile devices get a new Modern Device Management (MDM) “Local Users and Groups” settings policy that mirrors options available for devices that are managed through Group Policy.
Windows Autopilot, used to set up and configure devices in enterprises, has gained a variety of small enhancement, including better deployment of HoloLens devices, the addition of co-management policies, enhancements to Autopilot deployment reporting, and the ability to reuse Configuration Manager task sequences to configure devices.
Microsoft Defender Application Guard now supports Office. This allows untrusted Office documents from outside an enterprise to launch in an isolated container to stop potentially malicious content from compromising computers or exploiting personal information found on them.
Latest Cumulative Updates (LCUs) and Servicing Stack Updates (SSUs) have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services.
Biometric sign-on has been made more secure. Windows Hello now has support for virtualization-based security for certain fingerprint and face sensors, which protects, isolates, and secures a user’s biometric authentication data.

For more details, see Microsoft’s “What’s new for IT pros in Windows 10, version 20H2.”

Windows 10 May 2020 Update (version 2004)

Release date: May 27, 2020

Version 2004, called the Windows 10 May 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a variety of new features for both users and system administrators. For more details, see: “Review: Windows 10 May 2020 Update delivers little tweaks that add up to… well, not a lot.”

Here’s a quick summary of what’s new in 2004:

Cortana now runs as a standalone app in a resizable window. It also loses a variety of capabilities, such as playing music, controlling home devices, and working on the lock screen.
Task Manager now displays new information, including the temperature of your GPU and your disk type.
Settings gets many small tweaks, including adding a header with account information, and a redone network status page that combines information that used to be found on multiple pages, such as your IP address, current connection properties and data usage.
The Windows Subsystem for Linux (WSL) gets more features. It now uses a real Linux kernel, and is faster than previously.
IT can now take advantage of Windows Hello biometrics logins rather than passwords, by setting that up as the default on enterprise devices.
Installing and setting up Windows for others has been made easier thanks to new controls added to Dynamic Update, which can lead to less downtime during installation for users.
A variety of new commands have been given to PowerShell for Delivery Optimization, a Windows networking service that reduces bandwidth consumption by sharing the work of downloading update and upgrade packages among multiple devices in business deployments.
The security of the Chromium version of Edge has been improved, thanks to porting Application Guard to it.

Windows 10 November 2019 Update (version 1909)

Release date: Nov. 12, 2019

Version 1909, called the Windows 10 November 2019 Update, is the most recent update to Windows 10. There are very few new features in this update, making it more like a service pack of old than a feature update. At this point it’s not clear whether in the future there will be one full-featured update and one service-pack-like update per year or whether Microsoft will go back to its two-feature-updates-a-year schedule. For more details, see “What we know so far about the unusual Windows 10 1909” and “5 unanswered questions about Windows 10 1909.”

Here’s a quick summary of what’s new for users in 1909.

It lets you create calendar events straight from the taskbar. To do it, click the time on the taskbar and you’ll open the Calendar view. Now click a date and time, then type the event’s name into the text box. You’ll also be able to choose the date, time and location.
When you type a search into the search box, it will now search through files in your OneDrive account as well as on your PC. Also, as you type, a drop-down menu with suggested files appears. Click a file to open it.
Voice assistants in addition to Cortana, including Amazon’s Alexa, will be able to run on Windows 10’s lock screen.
Under-the-hood improvements should speed up the performance of some PCs, as well as increase the battery life in some laptops.
The Start Menu has gotten minor tweaks. When you hover over items in the navigation pane on the left side of the menu, the items clearly show what you’re about to click.

What IT needs to know: The following features in 1909 are of note for IT staff.

Windows containers no longer need to have their host and container versions match. That requirement restricted Windows from supporting mixed-version container pod scenarios. Previously, containers from older versions of Windows 10 couldn’t be run on newer versions of Windows 10. In this update, it’s possible, so that a container made using 1903, for example, can be run on 1909.
Windows Defender Credential Guard, which protects enterprise users’ logins and credentials against theft, is now available for ARM64 devices. Some Windows 10 convertible PCs use ARM64.
Enterprises can now use Microsoft’s Intune enterprise mobility management (EMM) service to allow devices running Windows 10 in S mode to install and run Win32 (desktop) apps. Before this, S Mode only allowed devices to run apps from the Microsoft Store. Microsoft Store apps don’t run on the desktop.
The security of BitLocker encryption has been improved. Whenever BitLocker is used to encrypt a device, a recovery key is created, but before this security improvement, it was possible for an unauthorized user to get access to the recovery key and decrypt the device. Now, PCs have additional security if a key is exposed. Here’s how Microsoft explains the change: “Key-rolling or Key-rotation feature enables secure rolling of Recovery passwords on MDM managed AAD devices upon on demand request from Microsoft Intune/MDM tools or upon every time recovery password is used to unlock the BitLocker protected drive.”

There are two known issues in this update: one in which some users cannot set Win32 program defaults for certain app and file type combinations using the Open with… command or Settings > Apps > Default apps, and another in which Microsoft Notepad and other Win32 programs cannot be set as default applications.

(Get more info about KB4464455.)

Windows 10 October 2018 Update (version 1809)

Release date: October 2, 2018; paused October 5; re-released November 13, 2018

Version 1809, called the Windows 10 October 2018 Update, is the feature update that preceded the May 2019 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

A new, powered-up Windows Clipboard can hold multiple clips, store clips permanently, let you preview clips and choose which one you’d like to paste into a document, and share clips across Windows 10 devices.
A new screenshot and annotation tool called Snip & Sketch lets you capture and annotate the entire screen, a rectangular portion of the screen or a freehand-drawn portion of it. After you take a screen capture, you can annotate it and then save it to a file, copy it to the Clipboard, open it in another program or share it via email, social media and other methods.
Storage Sense, which helps save storage space, now works with OneDrive Files On-Demand to clean out files you’ve downloaded from OneDrive cloud storage to your PC but that you don’t use any longer. You can choose how long you would like the cloud files to stay on your PC unused before you want them deleted, from never to 60 days.
The Microsoft Edge browser lets you set autoplay permissions for sound and video on websites on a site-by-site basis. It also lets you look up word definitions in its built-in eReader for books and PDFs, and mark up PDFs and books using a highlighter and by adding notes.
The new Your Phone app links Windows 10 devices to iOS and Android phones. It allows you to start web browsing on an iOS or Android device and then continue where you left off on your PC. It also lets you view photos on your Android phone from your Windows 10 PC.
Search Previews have been powered up slightly. You no longer need to click to display the preview panel; it opens automatically. It also now shows files found on your PC.
Smaller changes include a new dark theme for File Explorer; the addition of the SwiftKey swipe keyboard, which lets you enter text by swiping a finger across an onscreen keyboard; updates that are less intrusive; and faster sign-ins on shared PCs.

What IT needs to know: There are few significant changes that affect IT in the Windows 10 October 2018 Update, other than New Microsoft Edge Group Policies that let admins enable and disable full-screen mode, printing, the favorites bar, and browser history saves. IT can also allow or ban Edge extensions (not that there are many available) and configure the Home button and new tab page and startup options.

Windows 10 April 2018 Update (version 1803)

Release date: April 30, 2018

Version 1803, called the Windows 10 April 2018 Update, is the major update to Windows 10 that preceded the October 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

The most important new feature is Timeline, which lets you review and resume activities and open files you’ve started on your PC, or any other Windows PCs you have. It also tracks what you’ve done on iOS and Android devices if you install Microsoft’s digital assistant Cortana on them and are logged in. It shows a list of activities day by day for up to 30 days. Each activity shows up as a large tile, with the file name and document title or URL and website name across it, and the name of the application or app that created it across the top. Click any activity to reopen it. (Note that at present, Timeline only tracks activities in certain Microsoft programs such as the Edge browser and Office applications.)
The new Diagnostic Data Viewer is supported, which Microsoft is designed to let you see the “diagnostic data collected from your Windows devices, how it is used, and to provide you with increased control over that data.” However, the information is presented in such a complex, technical way that even programmers will likely have a difficult time understanding it. The viewer isn’t built directly into the Windows 10 April 2018 Update. Instead, you have to download it from the Microsoft Store.
The My People feature now lets you pin up to 10 contacts on the Windows taskbar. Previously, you could only pin up to three.
Microsoft Edge gets several minor tweaks, including a revamped Hub, the ability to mute auto-playing audio in tabs, and a forms-filler for web-based forms.
The Notebook feature of Cortana gets a new, cleaner interface for its Notebook. It now has two tabs, Organizer and Manage Skills. The Organizer makes it easier to create lists and set reminders. The Manage Skills tab lets you add “skills” to Cortana, such as controlling your home and its appliances, connecting Cortana to music services such as Spotify, tracking your fitness and more.
You get more control over app permissions, such as whether they can access your camera, location and contacts.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 April 2018 Update:

Windows 10 Professional now gets the Windows Defender Application Guard, which protects Microsoft Edge. There’s also a new feature in the application guard that lets users download files inside Edge instead of directly to the operating system, as a way to increase security.
There are new policies for Group Policy and Mobile Device Management (MDM) that can better control how Delivery Optimization is used for Windows Update and Windows Store app updates. You can also now monitor Delivery Optimization using Windows Analytics.
Windows AutoPilot also gets a tweak that lets IT make sure policies, settings and apps are provisioned on devices before users begin using them.
Windows gets the Linux curl and tar utilities for downloading files and extracting .tar archives built directly into Windows. Windows also now natively supports Unix sockets (AF_UNIX) with a new afunix.sys kernel driver. That will make it easier to port software to Windows from Linux as well as from other Unix-like operating systems.
There are a host of improvements to the Windows Subsystem for Linux, which lets you run a variety of Linux distributions on Windows 10. Linux applications can run in the background, some launch settings for Linux distributions can be customized, and Linux applications have been given access to serial devices. The new Unix sockets report is available for the Windows Subsystem for Linux as well as Windows itself.
The Windows 10 Pro for Workstations version of Windows 10 gets a new power scheme called Ultimate Performance it’s only for desktop PCs, not those that can be powered by batteries. In addition, Windows 10 Pro for Workstations no longer ships with games like Candy Crush or other similar consumer-focused apps. Instead, it features enterprise- and business-related apps.
Administrators have been given the power to configure an enterprise’s PCs to run custom scripts during feature updates, which will make configuration and deployment easier.

For more details, see the Microsoft blog post “Making IT simpler with a modern workplace.”

Windows 10 Fall Creators Update (version 1709)

Release date: October 17, 2017

Version 1709, called the Windows 10 Fall Creators Update, is the major update to Windows 10 that preceded the April 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

OneDrive gets a new feature called Files On-Demand that gives you access to all of your OneDrive files on every device, without having to download them first. You’ll be able to see all the files you have in OneDrive, even if they’re only in the cloud and not on your PC. Icons tell you which are local and which are in the cloud. Just open the file, and if it’s not on your PC, it gets downloaded.
The new My People feature lets you pin three contacts to the Windows taskbar and then communicate with them instantly without having to open a separate app such as Skype or Mail. You can also click to see a list of all communications between them and you at a glance.
You can now send web links from your iOS or Android device to your PC and have them open in Microsoft Edge.
Cortana gets several new features, including displaying results in a scrollable flyout panel, so you don’t have to launch a web browser.
Microsoft Edge gets some minor improvements, including better Favorites handling and the ability to mark up PDFs and e-books.
Security has been beefed up, including the addition of Windows Defender Exploit Guard, which includes intrusion rules and policies to protect against a variety of threats, notably zero-day exploits. A new anti-ransomware feature called Controlled Folder Access has also been added; it lets only approved apps have access to Windows system files and folders.
New privacy features include the ability to review the kinds of devices and services apps from the Microsoft Store want access to before you download them.
The update incorporates Microsoft’s new design system and guidelines, called Fluent Design. Overall, transitions are smoother, and there are subtle changes to the transparency effect.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Fall Creators Update:

The notoriously insecure SMBv1 networking protocol, exploited in recent ransomware attacks including WannaCry and Petya, won’t be included on clean installs of the Windows 10 Fall Creators Update, but SMBv1 components will remain if you do in-place upgrades on PCs that already have the component installed.
Windows Defender Advanced Threat Protection (ATP), a suite of tools introduced in Windows 10 that helps enterprise customers protect their users and networks against threats and respond to attacks, is being beefed up. Among other things, it will run on the Windows Server OS.
ATP is also part of Windows Defender Application Guard for Microsoft Edge, available only for Windows 10 Enterprise Edition. It protects against malware attacks by confining visits to unknown or untrusted websites to a virtual machine, so that attacks can’t spread to a PC or the network.
Windows AutoPilot, which improves self-service deployments of Windows 10 PCs, gets a variety of tweaks, including better mobile device management (MDM) services.
Windows Analytics’ new Device Health tool gathers information on how PCs perform in an enterprise, and based on that, identifies potential issues and outlines steps to resolve them.
Enterprises get more control over what kind of information Windows Analytics gathers for the IT staff. In order to improve users’ privacy, IT staff can limit the information collected by Windows Analytics to only diagnostic data.

For more details about new features for IT, see “What’s new in Windows 10, version 1709 IT Pro content,” “Announcing end-to-end security features in Windows 10” and “Delivering the Modern IT promise with Windows 10” from Microsoft.

Windows 10 Creators Update (version 1703)

Release date: April 5, 2017

Version 1703, dubbed the Creators Update, is the major update to Windows 10 that preceded the Fall Creators Update. Here’s a quick summary of what’s new for users in the Creators Update. (For more details, see our full review.)

It helps you better organize the Start menu by letting you put multiple tiles for apps into a single folder — for example, you can group all social media apps into one folder.
Users are given a bit more control over the update process: They can delay an update for three days and keep delaying it in three-day increments, or choose specific times for updates to install.
The Edge browser has gotten some improvements, including having Flash disabled by default for security reasons and supporting the ePub and PDF formats for reading books and other content.
Microsoft added some 3D and virtual reality features, including running HoloLens virtual reality and mixed reality apps for the first time, and introducing a Paint 3D app for creating 3D objects.
System settings that previously were in multiple locations have been consolidated into the Settings app.
There’s a new all-in-one security dashboard called Windows Defender Security Center that consolidates many security and computer health settings and information.
New gaming features include streaming gaming sessions over the internet; a Game Mode to improve gaming performance; and a Game bar to let you record your gameplay, take screenshots and perform games-related tasks.
The Cortana personal assistant gets a few modest additions, including scheduling monthly reminders and helping you set up devices.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Creators Update:

Security has been improved in a number of ways, including adding new features and insights into Windows Defender Advanced Threat Protection (ATP) to better investigate and respond to network threats. Among the new features are sensors in memory, better intelligence and improved remediation capabilities.
Several new configuration service providers (CSPs) available in the Creators Update let administrators manage Windows 10 devices through Mobile Device Management (MDM) or provisioning packages. The DynamicManagement CSP, for instance, can enable or disable certain device features depending on location, network presence or time.
New mobile application management capabilities can protect data on personal mobile devices without requiring each device to be part of the corporate MDM.
The Windows Configuration Designer (previously called Windows Imaging and Configuration Designer) includes new wizards to make it easier to create provisioning packages, including for desktop devices, Windows mobile devices, Surface Hub devices, HoloLens devices and kiosk devices.
Enterprise security administrators get a more comprehensive documentation library for Windows Defender Antivirus.
If an enterprise-wide update policy hasn’t been configured, users with Windows Pro, Windows Enterprise or Windows Education editions have much more control over how Windows updates. With the Creators Update, users can now automatically delay cumulative monthly updates for up to 30 days, and can delay feature updates by up to 365 days.

For more details about new features for IT, see the Microsoft blog posts “Windows 10 Creators Update advances security and best-in-class modern IT tools” and “What’s new in Windows 10, version 1703 IT pro content.”

Kategorie: Hacking & Security

Nvidia’s Stephen Jones on the toolkit powering GPUs: ‘A wild ride’

14 Duben, 2026 - 09:00

Nvidia CEO Jensen Huang often shares the story of hand-delivering an AI supercomputer to OpenAI in 2016, back before it was the hotshot company it’s become in recent years.

A key ingredient in the box was Nvidia’s CUDA toolkit, which helped turn OpenAI’s experiments into a foundation for modern AI applications. Huang credits the software platform as being the foundation for Nvidia’s success in AI and high-performance computing.

At 20 years old, CUDA is still going. It’s driving Nvidia’s re-imagination of hardware in new areas that range from quantum computing to robotics, modern machinery and even autonomous vehicles.

Put simply, the CUDA toolkit includes programming tools, a compiler stack and libraries and effectively unlocks the computing capacity of GPUs. For nearly two decades, CUDA architect Stephen Jones has had a front-row seat to the toolkit’s evolution and he’s continuing the work of engineers such as the late John Nickolls, who championed CUDA’s development.

Computerworld sat down recently with Jones to talk about CUDA, AI, and the future.

CUDA architect Stephen Jones has been at Nvidia for nearly two decades overseeing and shaping the CUDA toolkit’s evolution.

Nvidia

It’s been 20 years of CUDA. How’s it been? ”A wild ride. When you build something and people do stuff with it that you had never thought of, that’s the true reward of engineering.

“We started out building a tool good at parallel programming…[it] and turns out everybody needs parallel programming. What’s ChatGPT at now? Like one-third of the world population. I wasn’t one of the founders of CUDA. I joined after CUDA 1.0…. I was in the first dozen and it’s amazing.

“And now it’s used widely around the world every day on ChatGPT by people that have accounts and they’ve touched it. The best engineering is invisible, right?”

Did you know AI was coming before the hardware was developed? And what was the thought process at the programming level to get ready for it? “The watershed moment for AI was AlexNet in 2012. A niche mathematical subject suddenly beat humans and became interesting and powerful.

“At that point we already had people inside Nvidia working on what was going to become CuDNN, because it was looking interesting. That watershed moment really just shifted the gears and opened this whole new avenue of things we could support.

I worked very hard in CUDA to build as general a base as possible, because I don’t know what’s coming. Even just in AI, it changes every six months. But AI is just one piece. There’s supercomputing, there’s robotics and machinery control.

“A huge goal for us is to not build single-purpose tools [and] make sure that what we build can be applied generally. And when we spot someone doing something really interesting, we expand in that direction.

“Especially now, the explosion of the things people are doing — there’s always new stuff around the corner.”

How did CUDA evolve? “We announced it in 2006; 1.0 officially was early 2007. When we first were building it, barely anything worked. The hard part was what can we enable that makes it useful at least a bit. You have to get feedback and people trying as you build things.

“My first week at Nvidia, they said, ‘Go write a program in CUDA.’ And I said, ‘How do I debug it? Where’s my printf?’ And they said there is no printf. So I wrote printf. The most useful thing I’ve ever done at Nvidia was writing printf in my first week. Because you need to debug your stuff.

“The hardest part of my job is that nobody ever publishes failure. There are all these papers, I accelerated my code by 100x with CUDA, but what was hard? When I see half a dozen people all doing the same thing, it says we’re missing something.

“So, we’ve transitioned from how to get it functional enough to be broadly useful to what directions do we start extending it in? That was a real mental shift for us, helped by the exponential adoption that was happening.

“If we build things so people have to write less CUDA, then we have succeeded. You can get to the GPU with less effort and fewer lines of code.”

Do you build CUDA first and then decide the GPU design, or is there cooperation between the two? ”As one of the CUDA architects, literally half my job is working with the hardware team. The thing that Nvidia has really done magnificently well is the co-design between the hardware and the software.

“When the hardware [team] says, ‘Here are some things we’re thinking of building,’ we from CUDA are in the room saying, ‘Make these small changes so that we can project it outwards in software.’

“Or we’ll say, our users are lacking this thing… can we build something in hardware to make this faster? It is literally half my hours in any week talking to hardware people and half to software people.

“A chip takes about four years to build, and we are there for all those four years. We’ve got Rubin sort of around the corner, but there are ones beyond that that haven’t even been named, and we’re already working on those.

“There is no ‘build it and then adapt the software’ to it. We really build it holistically, trying to think of the whole thing.”

Clearly, you needed to know AI was coming to make sure GPUs were ready for it. And AI is a whole new style of computing. How did you change the CUDA stack? “The secret of CUDA is that it’s not one thing, right? It’s like this massive stack of hundreds and hundreds of things…. You can pick and choose which one you want to use.

“It’s also all the things that everybody else builds on top of it. We can support, but we couldn’t do anything without all the people who are also building on top of it.

“What’s fascinating to me about AI and HPC is that they’re really built on the same heavy computational basis. Two different angles of viewing the same thing. All the tools we built for supercomputing applied to the AI world. And the lessons in AI are now being applied back to supercomputing. It’s going both ways.

“Classical von Neumann computing is that logical, repeatable, systematic computing that’s been around for 50 years. AI is probabilistic. It’s not repeatable. It’s approximate.

“Your LLM isn’t necessarily producing the same tokens two or three times in a row, whereas I definitely want my bank statement to produce the same numbers.

“The software and hardware teams work closely together, so we can see this coming. The emphasis on matrix workloads in AI is pushing up against the laws of physics, Moore’s law, information theory. It drives reductions in precision.

“I wouldn’t say it was predictable because we didn’t know what the models would look like, but the things the models need to function, that’s governed by the laws of physics. A lot of it is reacting to the constraints the world puts on us to take advantage of this AI universe that just opened up.”

Are you seeing the gap narrow between when CUDA features come out and when enterprises actually adopt them? “With any engineering tool, especially a platform as big as CUDA, different people pick it up at different rates. Academic researchers are on something the day we put it out. Established companies who are more risk-averse take more time.

“But you can easily imagine people who have established businesses and established software stacks don’t want to pull something in right away. And it’s more expensive for them. If you’ve got a million lines of code, adopting something new is much harder than if you’ve got 10,000 lines of code.

“So any feature we put out, we see early adopters, mid-adopters and late adopters. We have a chance to evolve it. It’s not static, we are definitely reacting and responding.

“In some ways, the time for the big players to adopt things is reducing. It’s part of that incredibly rapid change that AI is undergoing. We make heavy use of AI tools internally ourselves, so that helps us keep up. Everybody is using these tools that get invented to make more tools. The way that software is developed is even shifting in this day and age.

“It’s not like we build a thing and throw it over a wall. We’re building something in response to what people need, and as we build the tools, people can do more and there’s a feedback loop — the same feedback loop that drove how we developed CUDA in the early days. We’re seeing it show up in AI, we’re seeing it show up in quantum.

“People are developing quantum algorithms on GPUs today before quantum computers are ready, so that when the quantum computer technology catches up, they’re not starting from scratch.”

Keeping in mind that you track the future of computing for CUDA, what excites you the most? “We talked about how AI is opening new doors that have never been opened before. I was at Stanford a few months ago talking to some brilliant undergrads and graduate students about their startup ideas. The energy they have for what they want to do — realized I was envious of where they are.

“I came of age in the ‘90s, when the internet was just showing up. That was fascinating, all these things you could do with the .com. But this is an even bigger step. Everybody coming out of college now has a million choices. There’s all these things to explore that nobody’s even thought of before.

“What they do is going to feed back and change what we build as the underlying platform. I wish I could live to see all the things that they’ll do, but they’re younger than me.

“The next 10 years is going to be wild. I’ve had a great journey, don’t get me wrong, but my God, I am envious of a 25-year-old. It’s unlimited what you can do. I wish I was 25 again.”

Kategorie: Hacking & Security

The French government eyes alternatives to Windows

13 Duben, 2026 - 22:07

The French government has decided to reduce its dependence on US technology companies in light of the growing divide between the US and the EU.

The Direction interministérielle du numérique (DINUM), an agency responsible for digitalization issues, has announced that it will soon replace Windows with a Linux-based operating system. Previously, the French government had chosen to replace Zoom and Microsoft Teams videoconferencing apps with Visio, an open-source communication tool.

This appears to be just the beginning of a more far-reaching process to strengthen the EU’s independence from the US, TechCrunch reports.

“DINUM will coordinate a cross-ministerial plan to reduce dependence on suppliers outside Europe,” the agency said in a statement. “Each ministry will be required to develop its own plan by this fall, covering the following areas: workstations, collaboration tools, antivirus software, artificial intelligence, databases, virtualization, and network equipment.”

Kategorie: Hacking & Security

Apple preps for the face race

13 Duben, 2026 - 17:34

As growth in the smartphone market slows, Apple, Meta, and others see a new product opportunity in smart glasses — and Apple is reportedly preparing to enter the face race.

It’s important to set expectations for new products. The smart glasses Apple is working on now won’t be augmented reality glasses in the same sense as Vision Pro. They will instead be smart spectacles with built in cameras, microphones, and other sensors. Apple is also working on augmented reality glasses with integrated displays, but we’ll be waiting for a while until those appear.

Imagine a pair of spectacles equipped with speakers, microphones, and cameras that pair with the iPhone and its processor to do useful things such as take photos and videos, provide notifications, deliver directions, play music, or offer up smarter Siri responses. The glasses should be seen as an accessory, just like an Apple Watch and they will not be enterprise products.

What Apple is doing, according to Bloomberg

Bloomberg tells us Apple is testing at least four different designs that it hopes to announce later this year and ship in 2027. The company hopes to introduce something that looks better than any rival smart glasses, thanks to its talent for design. It also hopes to define an iconic appearance, just as the iPod became the definitive design for MP3 players or the iPhone defined smartphones.

It’s typical Apple. After all, the company has arguably perfected the user interfaces for these gadgets with its more expensive systems. So, now it absolutely can focus on the technology, hardware, and hardware design.

Face values

Design excellence also demands these glasses use premium components, which Bloomberg says they will. That means high-end materials such as acetate rather than plastic. It also means the hardware must look, work, and perform better than what anyone else (principally, Meta) has been able to bring to market.

Apple is looking at a variety of designs, which might be available in multiple colors, such as black, blue, or light brown:

Larger glasses with oval or circular frames.
Smaller glasses with oval or circular frames.
Slim, rectangular glasses similar to the frames worn by Apple CEO Tim Cook.
Glasses that echo Ray-Ban Wayfarers, one of the world’s most popular designs.

When are these things coming? The report tells us Apple hopes to announce them later this year but warns they might not ship until fall 2027. (That of course means we can anticipate at least one “Apple to ship product late” headline ahead of that.)

Why it matters

There’s cash to be made. Counterpoint Research says global smart glasses shipments surged 210% in 2024, reaching 2 million units for the first time.

“Smart glasses look set to become the next fast-growing AI edge device, disrupting the traditional eyewear industry as its leading players cooperate with tech companies,” said CitiGroup.

Apple’s main competitor in the space is Meta, which had 82% of the market in the second half of 2025, Can Apple change that? It might well be worth trying, given that some analysts predict the smart glasses market could reach $40 billion by 2030.

All the same, Apple must tread carefully. When Google introduced Google Glass, the people who wore these things were quickly dubbed “glassholes.” Apple will want to avoid opening its customers up to such ridicule — the cool factor is a must for mass market success.

Apple will also be challenged by the need to reassure customers (and everyone around those customers) about privacy. In an increasingly surveillance-heavy environment, in which governments demand back doors into data, it’s probable that many would-be customers will resist the technologies. They will see them as akin to paying for the tools of their own oppression. More fundamental questions also exist: Is it really appropriate to wear these spectacles outside a school, for example?

Time, and the reaction of the mass market, will tell.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe. Also, now on Mastodon.

Kategorie: Hacking & Security

How to build your own AI agents with Google Workspace Studio

13 Duben, 2026 - 13:13

The great hope for AI agents is that they will automate many of the repetitive tasks office workers perform, such as writing and emailing weekly project updates. These tools combine rules-based automation with generative AI models to perform a series of tasks that make up a workflow.

In this vein, Google late last year announced Workspace Studio, a no-code application that lets non-programmers choose from prebuilt steps or use natural language descriptions to create and customize agents that automate workflows in Google Workspace. These “flows” integrate with Workspace apps including Gmail, Docs, Sheets, Drive, Calendar, Chat, Forms, and Tasks, and also (in limited preview) some third-party apps such as Asana, Mailchimp, and Salesforce. Google’s genAI assistant, Gemini, helps you create and execute flows.

Who can use Workspace Studio: Announced in December 2025, Workspace Studio is now rolling out to Google Workspace business, enterprise, and education customers. (Your administrator may need to enable access to Gemini.) It’s also available to users with Google AI Pro for Education and Google AI Ultra for Business accounts.

This quick guide will show you how to navigate Google Workspace Studio, how to set up a flow, and how to manage your flows.

In this article:

What is a flow?
The Workspace Studio home page
Build your first flow
Create a flow from a template
Prompt Gemini to build a flow
Manage your flows
Tips for building flows

What is a flow?

In Google’s parlance, a flow is a series of steps that automatically run in the background of your Google Workspace environment. The flow waits for a “starter” event to happen, and when it does, one or more actions is triggered in response. Some examples:

When you receive an email with an attachment, the flow examines the attachment to see if it has certain financial data in it. If so, then it extracts this information and sets it into a specific Google Sheets spreadsheet in your Google Drive.
Two hours before your weekly department meeting, the flow reviews the current statuses of projects listed in a specified Sheets spreadsheet or Tasks task list, writes a summary of them, and then emails this summary to the meeting invitees.

In the background, Gemini is used to “reason” through the execution of a flow, analyzing your documents or other content that the flow references, to help ensure that the actions taken by the flow go through successfully.

A flow can also be set on a schedule or in response to an event to enter a prompt into Gemini, or to execute a Gem. (Gems are customized AI agents trained on specific topics. See our guide to Gemini Gems for details about using them.) For example, you could create a flow that runs every Friday and prompts Gemini to write and send an email summarizing the latest data in a Google Sheet that you and your co-workers update frequently.

There are three ways you can create a flow in Workspace Studio:

Using a template (a premade flow that you customize)
Prompting Gemini to design one for you
Using the builder tool within Workspace Studio

But first, we’ll cover how to get around in Workspace Studio.

The Workspace Studio home page

When you open the Workspace Studio home page (also known as the Discover page), you’re greeted with a text entry box for Gemini. You can type a prompt inside it describing the actions (a.k.a. “steps”) that you want a flow to take when something happens (a “starter” event or schedule).

Three suggested flow templates appear below the Gemini text entry box. (In the screenshot below, the templates are Label emails with action items, Streamline my follow-up, and Catch up on news.) You can click a template to activate it.

On the Workspace Studio home page, you can type in a prompt for Gemini to create a flow, select a flow template, or click the big + sign to start a new flow.

Howard Wen / Foundry

Below these three suggested flows, there are even more flow templates. They’re organized under categories describing what they’re for, such as “Email boosters,” “Better meetings,” and “Tasks and action items.”

The vertical toolbar along the left has three icons:

+ symbol (for “New flow”): This opens the tool for building a flow.

Discover: This is the default home page with the Gemini text entry box and templates below it. If you’re in another page of the Workspace Studio, such as the “New flow” page above, clicking this takes you back home.

My flows: This opens a page that lists the flows you’ve created. You can manage your flows: delete, edit, rename, or share them with others. This page also has a tab you can click to view an activity log that lists which flows are active, when they were executed, what steps they took, and if their execution was successful or not.

Build your first flow

On the home page, you can use Gemini or a template to start a new flow. But it helps to learn by using the flow builder tool first. This way, you’ll understand more clearly how flows work. (Even if you use Gemini or a template, you’ll be taken to the flow builder interface, because you must review and test the flow before you can activate it.)

On the left toolbar, click the + symbol. The flow builder tool will open in the main window to the right.

Workspace Studio’s tool builder, with the flow in the main window and suggested “starters” to the right.

Howard Wen / Foundry

First, give your new flow a name. Toward the upper left, click Untitled flow and type in a name for your flow.

Selecting an event (a.k.a. “starter”)

Below the flow name, click Choose a starter. Then, in the pane along the right, select an event that will trigger the flow to take action. Once you’ve selected a starter event, the pane on the right may show additional parameters to fill in. Examples:

On a schedule: The action will happen on a day, date, and/or time that you set. This can be recurring, such as every Wednesday at 9:00 a.m.
When I get an email: The action will happen when an email arrives in your Gmail inbox. You can select certain attributes for the email, such as who it’s from, what words it contains, or if it has attachment.
When a sheet changes: Whenever a change is made to a spreadsheet in your Google Drive, the flow triggers an action such as sending you an email or a Chat notification. This flow is handy if you’ve shared a spreadsheet with co-workers to collaborate on.
Based on a meeting: The flow can take an action before a meeting you’ve scheduled in Google Calendar, or it can perform an action after the meeting has happened.

This flow is set to start 5 minutes after every meeting ends.

Howard Wen / Foundry

A flow can have only one starter, which becomes Step 1.

Selecting one or more actions (a.k.a. “steps”)

Once you’ve selected a starter event for the flow, click Choose a step in the main window.

In the right pane, there are several actions (steps) that you can select from. They’re presented under categories such as “AI skills,” “Tools,” and individual Workspace apps (Gmail, Chat, Sheets, etc.) and can include anything from adding a label to a Gmail message to sending Gemini a prompt. There are also steps that can integrate with your accounts on Asana, QuickBooks, and Salesforce.

For example: If a document is added to a specified folder in your Google Drive (the starter), the flow can trigger Gemini to generate a summary of the document’s content (the step).

You can add more actions that your flow will execute when the starter event happens. In the main pane, and below the first step of your flow, click + Add step, then select a second step from the right pane that the flow will take after it executes the first step. The maximum number of steps that you can add to a flow is 20.

A flow with a starter event, steps, and a substep to execute.

Howard Wen / Foundry

You can add a substep to a step (click Add substep in the main pane); indeed, certain steps require you to do so. A regular step is a main, sequential action in the overall flow, executed one after another. A substep is subordinate; it is only executed after and as a result of its parent step. For example, a step could identify a document, with its substep sending the document to a specific folder. (In the screenshot above, Step 4 is a substep of Step 3.)

You may also opt (or be required) to add a variable for a step (by clicking the + Variables button in the right pane). For example, a variable could be a time or date that you want the action to be executed, or text that you select, such as the title for a document that you want an action to generate.

Adding a document title variable to a step.

Howard Wen / Foundry

There are currently about a dozen starters and two dozen steps to choose from in Workspace Studio. See Google’s comprehensive list of Workspace Studio starters and steps for descriptions, examples, and configuration details for each one.

Testing and activating your new flow

When you’re finished building your flow, click the Test run button at the bottom of the main pane.

The right pane guides you through what will happen: When you click the Start button in this pane, your flow will be executed. Note that the test run takes real actions, such as changing a document or setting up a meeting. Google recommends temporarily setting up the flow with a test document or a meeting where you’re the only invitee. If the test run works, you can go back and swap in the real document or meeting before deploying the flow.

Click Start in the right pane to test the flow.

Howard Wen / Foundry

If the test run is successful (or not), you’ll see a notice at the bottom of the right pane. If the test isn’t successful, you’ll be advised on what fixes you can make to the steps in your flow.

After you’ve confirmed that your new flow will work according to the test run and made any final adjustments, click the Turn on button at the bottom of the main pane.

Note: You can create a maximum of 100 flows, and other limits apply, such as how many times your flows can run each day.

Create a flow from a template

Now that you know how flows work, check out the Workspace Studio templates to see if any fit your workflows. Click Discover in the left toolbar to return to the Workspace Studio home page, scroll down to see all the available templates, then click on a template. The flow builder tool opens with all the steps already in place.

A flow template in the flow builder tool. You set parameters such as start date and scheduling, and you can customize it further if you wish.

Howard Wen / Foundry

Click on each step (including the Starter step), configuring each one for your needs, such as selecting a specific file to take action on. You can also add, delete, or reorder steps in the flow using the three-dot (“More”) icon next to a step.

Prompt Gemini to build a flow

The fastest way to build a flow is to have Gemini do it. On the Workspace Studio home page, type a description of the flow you want into the text box and click the Create button.

Describe the flow you want Gemini to create.

Howard Wen / Foundry

Generally, you want to describe three things in your prompt:

What is the action that you want the flow to do?
When should this action happen, or what event should happen that triggers this action?
Where do you want the flow to put the results of this action?

Example prompts:

Every morning, summarize yesterday’s unread emails and chat messages and put this summary in my Google Drive.
When I get an email with the word “budget,” label it appropriately.

The possibilities for prompting Gemini to build a flow are very broad. So it helps if you’re familiar with the Google Workspace apps that flows can interact with and have the imagination and savvy for experimenting with writing AI prompts.

Once you’ve clicked Create, the generated flow opens in the flow builder tool, where you can review and edit it if needed.

Manage your flows

On the toolbar along the left, click the My flows icon. A list of your flows will open to the right in the main window.

You can manage your flows on the “My flows” page.

Howard Wen / Foundry

Click the three-dot icon to the right of a flow’s name. This will open a menu with selections for you to manage the flow: Edit, Make a copy, Activity, Turn off, Delete.

Edit will open the builder tool page for the flow. Its starter and steps will be listed in the main pane, and the descriptions for each appear in the right pane. You can make changes to each or delete them.
Make a copy is handy if you want to create a new flow that’s a variation of the original one. You can make a copy, give it a different name, and customize it.
Activity opens a page in the main window that shows when the flow was most recently executed and whether it was successful.

Reviewing the activity for a flow.

Howard Wen / Foundry

Clicking the Activity tab on the “My flows” page takes you to a page that lists the activities for all your flows.

To share a flow with others in your organization, select it in the list of flows, then click Get a link to copy at the top of the page. Change the permission to Anyone in your organization with the link can make a copy, then click Copy link. You can share the link with co-workers via email or in Chat.

Using the Studio sidebar in Workspace apps

In Gmail and Google Chat, you can open a sidebar that helps you manage your flows. Look to the upper-right corner of the Workspace app for the Studio icon — it’s between the Settings gear icon and Ask Gemini nova star. Click this and the Studio sidebar will open along the right. It has three tabs in it:

Discover: Like the Workspace Studio home page, this tab presents suggested flows that are ready for you to activate.

When you add a new flow by selecting a template in the Discover tab, you’ll be taken to the flow builder tool in the Workspace Studio app. You have to customize and test run it from here before you can activate it.

My flows: This lists your flows. You can delete, edit, rename, or share them from this tab.

Activity: This tab shows the activity log of your flows — when they went into action and the steps that they took.

The Studio sidebar lets you manage flows from within Gmail and Google Chat.

Howard Wen / Foundry

Tips for building flows

Learn by example: Select a flow template and customize it in the tool builder. This will help you learn how a flow works.

Reference files: Use the @ to directly reference a file in your Google Drive when you’re customizing a step in the flow builder tool or writing a Gemini prompt to generate a flow.

Experiment: Don’t be afraid to experiment with your prompts to Gemini. Describe the flow you want, using everyday language. Remember, your prompt should answer what, when, and where.

Review flow activity: After a flow is executed, review its activity log to understand how it played out its steps.

Related reading:

Kategorie: Hacking & Security

Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises

11 Duben, 2026 - 00:14

Google has made a big step forward by extending end-to-end encryption to Android and iOS devices for Gmail client-side encryption (CSE) users, says an expert.

“All in all, this is a welcome update, especially in light of recent concerns surrounding WhatsApp’s encryption methods,” said Gartner analyst Avivah Litan. “Google’s approach offers verifiable customer-managed keys and ensures the provider does not have access to encrypted content.”

This, she said, addresses allegations raised in the January 2026 lawsuit against Meta regarding their internal access to customer encrypted message data.

Meta has reportedly said the claims are false, and that WhatsApp messages remain protected by default. The suit’s allegations have not been proven in court.

Litan noted that Google’s encryption update is only for organizations subscribing to its Enterprise Plus with Assured Controls edition. Messages and attachments are encrypted directly on-device, with encryption keys managed externally by the customer.

“For CSOs in regulated industries, this development is significant, as it supports secure mobile communication, compliance with regulations such as HIPAA [the U.S. Health Insurance Portability and Accountability Act] and GDPR [the European General Data Protection Regulation], and reduces the risk of plaintext data exposure on mobile devices,” she said. “External recipients retain the ability to reply via a web portal.”

However, Litan added, the capability remains opt-in, requires premium licensing and administrative configuration, and disables several Gmail functions, including AI features and comprehensive search, on encrypted content. But, she pointed out, the limitations are consistent with those in Gmail web and desktop implementations.

It’s also a capability that Microsoft doesn’t provide. A Microsoft spokesperson said in an email that the company doesn’t currently offer end-to-end Outlook encryption on mobile, although messages can be digitally signed and encrypted.

In its April 9 announcement, Google said Workspace users can compose and read end-to-end encrypted messages natively within the Gmail app on Android and iOS without the need to download extra apps or use mail portals. Users with a Gmail E2EE license can send an encrypted message to any recipient, regardless of their email address. If the recipient uses the Gmail app, the encrypted message will be delivered as a normal message thread to their inbox, but if not, they can seamlessly and securely read and reply in their own native browser. This, Google said, ensures that all users have a simple and secure interface, regardless of their email service or device.

Google Workspace admins will need to enable the Android and iOS clients in the CSE admin interface to give users access to the new capability. This can be done in the Admin Console.

End users also need to be taught the new process: To add client-side encryption to any message, they must click the lock icon and select ‘additional encryption’. Then they can compose a message and add attachments as they normally do.

Forrester Research Senior Analyst Andrew Cornwall noted the biggest benefit for enterprises is that Workspace admins or Google can disable the ability to take screenshots and screen recordings when users read an encrypted message in the Gmail app. That will prevent Android and iOS recipients from forwarding a message as an image, he said, noting that Google can also disable screenshots in Android Chrome for business users and presumably will do this when Android users with email programs other than Gmail open a message in a browser.

From a user’s perspective, he added, this encryption gives Gmail an advantage over third-party email programs like Outlook and Thunderbird, which won’t automatically decrypt messages that have been encrypted using Google’s encryption mechanism. Unlike some encryption methods, Gmail doesn’t require the exchange of a key in advance, so users will be more likely to use it.

However, he pointed out, Google’s client-side encryption doesn’t encrypt headers or message senders, so an attacker with access to the device can still get some potentially sensitive information even with encryption enabled.

“If you’re planning to use Gmail to commit financial crimes or plan a revolution,” he added, “you should know that Google controls the display and often the keyboard on devices they build. Even if emails are encrypted on device, your messages may still be available while being read or composed.”

And while end-to-end encryption (E2EE) is considered by experts to be an excellent protection against the hijacking of data in transit, it won’t protect data on compromised devices, stolen and hacked devices, or in unencrypted backups.

David Shipley, CEO of security awareness provider Beauceron Security, noted the extension of Gmail end to end encryption to mobile platforms will help organizations ensure compliance with privacy concerns. “On the downside,” he added, “this is going to be a powerful tool for criminals. If they spin up a Google Workspace tenant and send encrypted messages to end users who aren’t on Gmail, in those cases, users will get a link to a new portal to read the sent message which will not be intercepted by a lot of security tools like email filters.”

Kategorie: Hacking & Security

Agentic AI – Ongoing coverage of its impact on the enterprise

10 Duben, 2026 - 18:30

Over the next few years, agentic AI is expected to bring not only rapid technological breakthroughs, but a societal transformation, redefining how we live, work and interact with the world. And this shift is happening quickly. “By 2028, 33% of enterprise software applications will include agentic AI, up from less than 1% in 2024, enabling 15% of day-to-day work decisions to be made autonomously,” according to research firm Gartner.

Unlike traditional AI, which typically follows preset rules or algorithms, agentic AI adapts to new situations, learns from experiences, and operates independently to pursue goals without human intervention. In short, agentic AI empowers systems to act autonomously, making decisions and executing tasks — even communicating directly with other AI agents — with little or no human involvement.

Agentic AI will enable machines to interact with the physical world with unprecedented intelligence, allowing them to perform complex tasks in dynamic environments, which could be especially useful for industries facing labor shortages or hazardous conditions.However, the rise of agentic AI also brings security and ethical concerns. Ensuring these autonomous systems operate safely, transparently and responsibly will require governance frameworks and testing.

Follow this page for ongoing agentic AI coverage from Computerworld and Foundry’s other publications.

Agentic AI news and insights AI agents aren’t failing. The coordination layer is failing

April 10, 2026: Our multi-agent AI system was impressive in demos. One agent handled customer inquiries. Another managed scheduling. A third processed documents. Each worked beautifully in isolation. In production, AI agents fought each other.

Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents

April 8, 2026: Microsoft has quietly introduced the Agent Governance Toolkit, an open source project designed to monitor and control AI agents during execution as enterprises try, and move them into production workflows.

Multi-agent AI is the new microservices

April 6, 2026: Our current infatuation with multi-agent systems risks mistaking a useful pattern for an inevitable future, just as we once did with microservices. Remember those?

Without controls, an AI agent can cost more than an employee

April 3, 2026: Long-time tech investor Jason Calacanis noted that agent costs quickly rose to $300 a day while using the Claude API at one of his organizations. At the same time, these $100,000-a-year agents were replacing a fraction of an employee’s work.

4 agentic AI success stories

April 2, 2026: Organizations are leveraging agentic AI for everything from managing customer inquiries to automating logistics, optimizing workflows, detecting fraud, and generating and testing code.

Asana’s chief product officer: Why enterprise AI agents should be ‘multiplayer by design’

April 1, 2026: As AI agents become more embedded in workplace tools, Asana is positioning its approach around collaboration rather than individual productivity.

The one-model trap: Why agentic AI won’t scale in production

March 26, 2026: Production agents don’t fail because the model is “bad.” Agentic AI fails because the operating environment is messy: requests change shape, latency budgets conflict, tools flake out, costs spike, policy constraints shift and failure modes compound.

Oracle bets on agentic apps in Fusion suite to ‘fully’ automate business processes

March 24, 2026: Oracle is recasting its Fusion Cloud Applications suite as something that not just flags insights for humans to act on. The debut of Fusion Agentic Applications, an upgraded set of applications that embeds AI agents directly into transactional business workflows, is designed to make decisions without human intervention.

Cisco goes all in on agentic AI security

March 26, 2026: Cisco is rolling out identity and access management capabilities, a toolkit customers can use to embed security controls in AI agents, and automation features that will allow security operations teams to quickly see and respond to problems.

AI agents still need humans to teach them

February 20, 2026: AI agents need skills — specific procedural knowledge — to perform tasks well, but they can’t teach themselves, a new research suggests.

Why most agentic AI projects stall before they scale

February 18, 2026: As enterprises race from pilots to autonomous systems, rising costs, fragile governance, and unrealistic expectations are forcing a reckoning. So what separates agentic AI initiatives that survive from those that quietly shut down?

How agentic AI helps prospective and existing students at DeVry

February 18, 2026: DeVry is no stranger to AI. It’s used the technology in its classrooms for 10 years and started experimenting with NLP bots and gen AI use cases for internal use as soon as it became widely available. So in April 2025, Devry University deployed its first AI agent.

Task management software gets an agentic boost

February 11, 2026: Task management apps aren’t just for storing and tracking data — they act on it. Explore tools that tap AI to auto-generate workflows, balance team capacity, and eliminate administrative overhead.

OpenClaw: The AI agent that’s got humans taking orders from bots

February 6, 2026: How one man’s vibe-coding session evolved into a reckless global AI experiment where nobody’s accountable.

Forward Networks launches agentic AI system built on network digital twin

January 30, 2026: The new Forward AI capability builds on the vendor’s digital twin and is designed to allow network teams to ask complex questions, understand network behavior, validate outcomes and safely automate workflows.

Agentic AI exposes what we’re doing wrong

January 23, 2026: Agentic AI has changed cloud computing, but not in the way the hype machine wants you to believe. It hasn’t magically replaced engineering, nor has it made architecture irrelevant.

How to get your enterprise architecture ready for agentic AI

January 22, 2026: While C-suite leaders say they’re investing in agentic AI, the complex enterprise architectures of large organizations often struggle with the tech’s demands.

IBM targets agentic AI scale-up with new Enterprise Advantage consulting service

January 20, 2026: IBM has launched a new consulting service named Enterprise Advantage, designed to help CIOs take their agentic and other AI applications from experimentation to large-scale production.

EY exec: If you think agentic AI is a challenge, you’re not ready for what’s coming

January 15, 2026: Companies struggling to keep up with the arrival of AI agents should buckle up: Even more complicated agentic AI technologies are quickly coming down the pike. That includes physical AI, which includes robots and quantum computing.

Managing agentic AI risk: Lessons from the OWASP Top 10

December 19, 2025: LLM-powered chatbots have risks that we see playing out in the headlines on a nearly daily basis. But chatbots are limited to answering questions. AI agents, however, access data and tools and carry out tasks, making them infinitely more capable – and more dangerous to enterprises.

Agentic AI in 2026: More mixed than mainstream

December 18, 2025: Agentic AI is having its everything, everywhere, all at once moment. Or is it? Data clarifies. While 39% of organizations surveyed by McKinsey say they are experimenting with agents, only 23% have begun scaling AI agents within one business function

Overcome governance and trust issues to drive agentic AI

December 18, 2025: Fully autonomous agentic AI is still way off but AI agents are making inroads within enterprise software and workflows. Gartner predicts 40% of enterprise software will feature task-specific AI agents by the end of 2026 as the current trend for embedded AI assistants evolves.

Nvidia bets on open infrastructure for the agentic AI era with Nemotron 3

Decenber 15, 2025: AI agents must be able to cooperate, coordinate, and execute across large contexts and long time periods, and this, says Nvidia, demands a new type of infrastructure, one that is open. The company says it has the answer with its new Nemotron 3 family of open models.

Microsoft drops M365 Copilot price for SMBs, upgrades free Copilot Chat

November 19, 2025: Microsoft announced that it reduce the price of Microsoft 365 Copilot for small and mid-sized firms beginning next month. Microsoft 365 Copilot for Business will cost $21 per user, per month for customers with any Microsoft 365 Business plan. That’s down from the current $30 monthly price.

Microsoft Fabric IQ adds ‘semantic intelligence’ layer to Fabric

November 19, 2025: Microsoft promises enterprises better understanding of their data for workers and autonomous agents alike, but analysts fear deployment hurdles and vendor lock-in.

Microsoft unveils Agent 365 to help IT manage AI ‘agent sprawl’

November 18, 2025: As businesses begin deploying AI agents in greater numbers, IT teams will need to manage and secure those AI systems as they connect to corporate data. That’s the idea behind Microsoft’s Agent 365 (A365), a new “control plane” that lets customers deploy and govern the use of agents.

From chatbots to colleagues: How agentic AI is redefining enterprise automation

November 17, 2025: A new wave of agentic AI is taking shape: systems that not only converse but also reason, plan, and act within enterprise workflows. These agents are not assistants that talk; they are digital colleagues that think.

The enterprise IT overhaul: Architecting your stack for the agentic AI era

November 10, 2025: For the CIO, the conversation has officially moved past the large language model (LLM). The next critical chapter is agentic AI — autonomous systems capable of reasoning, planning and executing multi-step tasks across your enterprise. Agentic AI is here. Now, CIOs must orchestrate

October 23, 2025: Agentic AI is about to change how companies create value. Yet, most enterprises aren’t ready. The problem isn’t the technology — it’s the planning and execution. Too many pilots stall out because CIOs haven’t built the AI systems, guardrails and culture to move beyond experiments.

AI agents might smooth some of retail’s worst data problems

October 21, 2025: So many retail challenges hinge on unreliable product data. Can agentic AI clean up that data enough to make a difference? Can it do the same for other verticals?

The impact of agentic AI on SaaS and partner ecosystems

October 16, 2025: The enterprise technology landscape is entering a critical pivot point as agentic AI transforms partner ecosystems from human-mediated, application integration networks into autonomous, self-orchestrating and intelligent ecosystems.

Salesforce updates its agentic AI pitch with Agentforce 360

October 13 2025: Salesforce announced a new release of Agentforce that, it says, “gives teams the fastest path from AI prototypes to production-scale agents” — although with many of the new release’s features still to come, or yet to enter pilot phases or beta testing, some parts of that path will be much slower than others.

Gemini Enterprise is Google’s new ‘front door’ for agentic AI access at work

October 9, 2025: Google introduced an AI assistant to serve as a platform so users can access and coordinate AI agents that automate work tasks. Gemini Enterprise, which replaces the Agentspace app launched last year, also features new enterprise search functions to help customers tap into data from across an organization’s business apps.

Oracle’s agentic AI push in Fusion Cloud CX offers embedded automation for CX leaders

October 7, 2025: Oracle is adding new pre-built agents to its Advertising and Customer Experience Cloud (Fusion Cloud CX) to help enterprises increase operational efficiency by automating sales, service, and marketing processes.

IBM touts agentic AI orchestration, cryptographic risk controls

October 7, 2025: IBM watsonx Orchestrate offers more than 500 tools and customizable, domain-specific agents from IBM and third-party contributors. Among the additions to watsonx Orchestrate are AgentOps capabilities that offer real-time monitoring and policy-based controls for observability and governance.

How self-learning AI agents will reshape operational workflows

October 6, 2025: Google’s recent whitepaper, “Welcome to the Era of Experience,” signals a shift in the way AI agents are trained. Google hypothesizes that allowing AI agents to learn from the experience of agents rather than solely from human-generated training data will enable autonomous AI to surpass its current capabilities.

Are your agentic AI projects driving toward success?

October 3, 2025: Anushree Verma, Gartner senior director analyst, says most agentic AI projects today are early-stage experiments or proofs of concept, fueled primarily by hype and often misapplied.

Microsoft unveils framework for building agentic AI apps

October 3. 2025: Microsoft has introduced the Microsoft Agent Framework, an open-source SDK and runtime for building, orchestrating, and deploying AI agents and multi-agent workflows, with full framework support for .NET and Python.

Salesforce Trusted AI Foundation seeks to power the agentic enterprise

October 2, 2025: As Salesforce pushes further into agentic AI, its aim is to evolve Salesforce Platform from an application for building AI to a foundational operating system for enterprise AI ecosystems.

ServiceNow’s AI Experience is an agentic AI UI for the Now Platform

September 30, 2025: ServiceNow today launched the AI Experience (AIx), a contextually aware multimodal AI-driven use UI for its Now platform. Building on the ServiceNow AI Platform and with a foundation in Now Assist, the company describes it as “a unified, conversational front door to enterprise AI.”

How MCP is making AI agents actually do things in the real world

September 29, 2025: You’ve seen them: Those incredible large language models (LLMs) that can chat, write and even generate code. They’ve revolutionized how we interact with technology, but there’s a new, even more exciting chapter unfolding. Discover how MCP is turning chatbots into doers, and the future of work may never look the same.

Agentic AI in IT security: Where expectations meet reality

September 29, 2025: Agentic AI has shifted from lab demos to real-world SOC deployments. Unlike traditional automation scripts, software agents are designed to act on signals and execute security workflows intelligently, correlating logs, enriching alerts, and even take first-line containment actions.

Walmart looks to cash in on agentic AI

September 19, 2025: Walmart doesn’t intend to lose its retail crown anytime soon. And, according to US EVP and CTO Hari Vasudev, the $815B company’s artificial intelligence strategy will play a key role in preventing that from happening.

5 steps for deploying agentic AI red teaming

September 17, 2025: As more enterprises deploy agentic AI applications, the potential attack surface increases in complexity and reach. But there is still hope that AI agents can be harnessed for defensive purposes too, including using traditional red teaming and penetration testing techniques but updated for the AI world.

Google unveils payments protocol for AI agents with major financial firms

September 17. 2025: Google has introduced the Agent Payments Protocol (AP2), an open framework developed with more than 60 payments and technology companies to support secure, agent-led transactions across platforms and payment methods.

CrowdStrike bets big on agentic AI with new offerings after $290M Onum buy

September 16, 2025: At its Fal.Con conference, the cybersecurity giant launched its Agentic Security Platform and Agentic Security Workforce, aiming to outpace AI-driven adversaries with real-time intelligence, automation, and a common language for defense.

Adobe makes Agent Orchestrator and AI agents generally available

September 10, 2025: Adobe Experience Platform (AEP) Agent Orchestrator and six new AI agents are designed to build, deliver, and optimize customer experience and marketing campaigns. The company also announced Experience Platform Agent Composer for customizing and configuring AI agents based on brand guidelines and organizational policy.

Rethinking the IT organization for the agentic AI era

September 2, 2025: With the advent of agentic AI, CIOs must be poised to adjust strategic IT priorities, mitigate new security risks, and reskill staff for a new era.

How to build a production-grade agentic AI platform

September 2, 2025: Modular orchestration, fail-safe design, hybrid memory management, and LLM integration with domain knowledge are essential to agentic AI systems that reason, act, and adapt at scale.

Agentic AI: A CISO’s security nightmare in the making?

September 2, 2025: Enterprises will no doubt be using agentic AI for a growing number of workflows and processes, including software development, customer support automation, and more. But what are the cybersecurity risks of agentic AI, and how much more work will it take for them to support their organizations’ agentic AI dreams?

Microsoft researchers develop new tech for video AI agents

September 2, 2025: Microsoft researchers are developing technologies for a new class of video AI agents to explore three-dimensional spaces before making decisions.The technology framework, called MindJourney, uses a range of AI technologies to understand and analyze 3D spaces, reason about the surroundings, and predict movement

Salesforce AI Research unveils new tools for AI agents

August 27, 2025: Salesforce announced a simulated enterprise environment, benchmark, and account data unification tool that are designed to help customers transform into agentic AI enterprises.

Agentic AI promises a cybersecurity revolution — with asterisks

August 18, 2025: The hottest topic at this year’s Black Hat conference was the meteoric emergence of AI tools for both cyber adversaries and defenders, particularly the use of agentic AI to strengthen cybersecurity programs.

4 thoughts on who should manage AI agents

August 11, 2025: As AI agents proliferate, we need to turn our attention beyond AI agent builder platforms to AI orchestration and AI GRC platforms. It also raises questions about which groups within the enterprise should manage AI agents and how they should be treated.

How bright are AI agents? Not very, recent reports suggest

July 31, 2025: Security researchers are adding more weight to a truth that infosec pros had already grasped: AI agents are not very bright, and are easily tricked into doing stupid or dangerous things

Will AI agents eat the SaaS market? Experts are split

July 31,2025: As hype about AI agents reaches new heights, an emerging theory suggests that the groundbreaking AI tools will kill the SaaS business model. The claim isn’t particularly new, but is resurfacing, with people like Microsoft CEO Satya Nadella voicing this position.

How agentic AI will change database management

July 28, 2025: Generative AI has already had a profound impact on the world of database management. And now, thanks to AI’s knack for pattern-recognition, teams can use generative AI to analyze data sets, detect anomalies, and access invaluable insights with record speed and precision.

As AI agents go mainstream, companies lean into confidential computing for data security

July 21, 2025: Companies need to stop ignoring data security as AI agents take over internal data movement in IT environments, analysts and IT execs warn. To address that issue, some tech players are embracing the concept of “confidential computing.” While it’s existed for years, it;s now finding new life with the rise of genAI.

How agentic AI will transform mobile apps and field operations

July 15, 2015: Agentic AI will usher in new mobile AI experiences. Construction, manufacturing, healthcare, and other industries with significant field operations will benefit from mobile AI agents and the resulting operational agility.

MCP is fueling agentic AI — and introducing new security risks

July 10, 2025: Model Context Protocol (MCP) has caught fire, with several thousand MCP servers now available from a wide range of vendors enabling AI assistants to connect to their data and services. And with agentic AI increasingly seen as the future of IT, MCP will only grow in use in the enterprise. But innovations like MCP also come with significant security risks.

3 industries where agentic AI is poised to make its mark

July 4, 2024: IT leaders from finance, retail, and healthcare lend insights into what organizations are doing with AI agents today — and where they see the technology taking their organizations and industries in the future.

IFS rolls TheLoops agentic AI into industrial ERP

June 27, 2025: IFS is adding AI agent development and management capabilities to its ERP platform with the acquisition of software startup The acquisition brings TheLoops’ full Agent Development life cycle (ADLC) platform into IFS, enabling enterprises to design, test, deploy, monitor, and fine-tune AI agents with built-in support for versioning, compliance, and performance optimization.

How AI agents and agentic AI differ from each other

June 12, 2025: With agentic AI in its infancy and organizations rushing to adopt AI agents, there seems to be confusion about the difference between “agentic AI” and “AI agents” technologies, but experts say there’s growing understanding that the two are separate, but related, tools.

The future of RPA ties to AI agents

June 10, 2025: RPA is accelerating toward a crossroads, with IT leaders and experts debating its future. Some IT leaders say that more powerful and autonomous AI agents will replace the two-decade-old AI precursor technology, while others predict that AI agents and RPA will work hand-in-hand.

MCP is enabling agentic AI, but how secure is it?

June 2, 2025: Model context protocol (MCP) is becoming the plug-and-play standard for agentic AI apps to pull in data in real time from multiple sources. However, this also makes it more attractive for malicious actors looking to exploit weaknesses in how MCP has been deployed.

The agentic AI assist Stanford University cancer care staff needed

May 30, 2025: At Microsoft Build 2025 earlier this month, Nigam Shah, CDO for Stanford Health Care, discussed agentic AI’s ability to redefine healthcare, especially in oncology, as physicians get overloaded with the administrative tasks of medicine, he said, which lead to burnout.

Agentic AI, LLMs and standards big focus of Red Hat Summit

May 26, 2025: Red Hat, announced a number of improvements in its core enterprise Linux product, including better security, better support for containers, better support for edge devices. But the one topic that dominated the conversation was AI.

Putting agentic AI to work in Firebase Studio

May 21, 2025: Putting agentic AI to work in software engineering can be done in a variety of ways. Some agents work independently of the developer’s environment, working essentially like a remote developer. Other agents directly within a developer’s own environment. Google’s Firebase Studio is an example of the latter, drawing on Google’s Gemini LLM o help developers prototype and build applications .

Why is Microsoft offering to turn websites into AI apps with NLWeb?

May 20. 2025: NLWeb, short for Natural Language Web, is designed to help enterprises build a natural language interface for their websites using the model of their choice and data to answer user queries about the contents of the website. Microsoft hopes to stake its claim on the agentic web before rivals Google and Amazon do.

Databricks to acquire open-source database startup Neon to build the next wave of AI agents

May 14, 2025: Agentic AI requires a new type of architecture because traditional workflows create gridlock, dragging down speed and performance. To get ahead in this next generation of app building, Databricks announced it will purchase Neon, an open-source serverless Postgres company.

Agentic mesh: The future of enterprise agent ecosystems

May 13, 2025: Nvidia CEO Jensen Huang predicts we’ll soon see “a couple of hundred million digital agents” inside the enterprise. Microsoft CEO Satya Nadella takes it even further: “Agents will replace all software.”

Google to unveil AI agent for developers at I/O, expand Gemini integration

May 13, 2025: Google is expected to unveil a new AI agent aimed at helping software developers manage tasks across the coding lifecycle, including task execution and documentation. The tool has reportedly been demonstrated to employees and select external developers ahead of the company’s annual I/O conference.

Nvidia, ServiceNow engineer open-source model to create AI agents

May 6, 2025: Nvidia and ServiceNow have created an AI model that can help companies create learning AI agents to automate corporate workloads. The open-source Apriel model, available generally in the second quarter on HuggingFace, will help create AI agents that can make decisions around IT, human resources and customer-service functions.

How IT leaders use agentic AI for business workflows

April 30, 2025: Jay Upchurch, CIO at SAS, backs agentic AI to enhance sales, marketing, IT, and HR motions. “Agentic AI can make sales more effective by handling lead scoring, assisting with customer segmentation, and optimizing targeted outreach,” he says.

Microsoft sees AI agents shaking up org charts, eliminating traditional functions

April 28, 2025: As companies increasingly automate work processes using agents, traditional functions such as finance, marketing, and engineering may fall away, giving rise to an ‘agent boss’ era of delegation and orchestration of myriad bots.

Cisco automates AI-driven security across enterprise networks

April 28, 2025: Cisco announced a range of AI-driven security enhancements, including improved threat detection and response capabilities in Cisco XDR and Splunk Security, new AI agents, and integration between Cisco’s AI Defense platform and ServiceNow SecOps.

Hype versus execution in agentic AI

April 25, 2025: Agentic AI promises autonomous systems capable of reasoning, making decisions, and dynamically adapting to changing conditions. The allure lies in machines operating independently, free of human intervention, streamlining processes and enhancing efficiency at unprecedented scales. But David Linthicum writes, don’t be swept up by ambitious promises.

Agents are here — but can you see what they’re doing?

April 23, 2025: As the agentic AI models powering individual agents get smarter, the use cases for agentic AI systems get more ambitious — and the risks posed by these systems increase exponentially.A multicloud experiment in agentic AI: Lessons learned

Agentic AI might soon get into cryptocurrency trading — what could possibly go wron

April 15, 2025: Agentic AI promises to simplify complex tasks such as crypto trading or managing digital assets by automating decisions, enhancing accessibility, and masking technical complexity.

Agentic AI is both boon and bane for security pros

April 15, 2025: Cybersecurity is at a crossroads with agentic AI. It’s a powerful tool that can create reams of code in a blink of an eye, find and defuse threats, and be used so decisively and defensively. This has proved to be a huge force multiplier and productivity boon. But while powerful, agentic AI isn’t dependable, and that is the conundrum.

AI agents vs. agentic AI: What do enterprises want?

April 15, 2025: Now that this AI agent story has morphed into “agentic AI,” it seems to have taken on the same big-cloud-AI flavor that enteriprise already rejected. What do they want from AI agents, why is “agentic” thinking wrong, and where is this all headed?

A multicloud experiment in agentic AI: Lessons learned

April 11, 2025: Turns out you really can build a decentralized AI system that operates successfully across multiple public cloud providers. It’s both challenging and costly.

Google adds open source framework for building agents to Vertex AI

April 9, 2025: Google is adding a new open source framework for building agents to its AI and machine learning platform Vertex AI, along with other updates to help deploy and maintain these agents. The open source Agent Development Kit (ADK) will make it possible to build an AI agent in under 100 lines of Python code. It expects to add support for more languages later this year.

Google’s Agent2Agent open protocol aims to connect disparate agents

April 9, 2025: Google has taken the covers off a new open protocol — Agent2Agent (A2A) — that aims to connect agents across disparate ecosystems.. At its annual Cloud Next conference, Google said that the A2A protocol will enable enterprises to adopt agents more readily as it bypasses the challenge of agents that are built on different vendor ecosystems not being able to communicate with each other.

Riverbed bolsters AIOps platform with predictive and agentic AI

April 8, 2025: Riverbed unveiled updates to its AIOps and observability platform that the company says will transform how IT organizations manage complex distributed infrastructure and data more efficiently. Expanded AI capabilities are aimed at making it easier to manage AIOps and enabling IT organizations to transition from reactive to predictive IT operations.

Microsoft’s newest AI agents can detail how they reason

March 26, 2025: If you’re wondering how AI agents work, Microsoft’s new Copilot AI agents provide real-time answers on how data is being analyzed and sourced to reach results. The Researcher and Analyst agents take a deeper look at data sources such as email, chat or databases within an organization to produce research reports, analyze strategies, or convert raw information into meaningful data.

Microsoft launches AI agents to automate cybersecurity amid rising threats

March 26, 2025: Microsoft has introduced a new set of AI agents for its Security Copilot platform, designed to automate key cybersecurity functions as organizations face increasingly complex and fast-moving digital threats. The new tools focus on tasks such as phishing detection, data protection, and identity management.

How AI agents work

March 24, 2025: By leveraging technologies such as machine learning, natural language processing (NLP), and contextual understanding, AI agents can operate independently, even partnering with other agents to perform complex tasks.

5 top business use cases for AI agents

March 19, 2025: AI agents are poised to transform the enterprise, from automating mundane tasks to driving customer service and innovation. But having strong guardrails in place will be key to success.

Nvidia launches AgentIQ toolkit to connect disparate AI agents

March 21, 2025: As enterprises look to adopt agents and agentic AI to boost the efficiency of their applications, Nvidia this week introduced a new open-source software library — AgentIQ toolkit — to help developers connect disparate agents and agent frameworks..

Deloitte unveils agentic AI platform

March 18, 2025: At Nvidia GTC 2025 in San Jose, Deloitte announced Zora AI, a new agentic AI platform that offers a portfolio of AI agents for finance, human capital, supply chain, procurement, sales and marketing, and customer service.The platform draws on Deloitte’s experience from its technology, risk, tax, and audit businesses, and is integrated with all major enterprise software platforms.

The dawn of agentic AI: Are we ready for autonomous technology?

March 15, 2025: Much of the AI work prior has focused on large language models (LLMs) with a goal to give prompts to get knowledge out of the unstructured data. So it’s a question-and-answer process. Agentic AI goes beyond that. You can give it a task that might involve a complex set of steps that can change each time.

How to know a business process is ripe for agentic AI

March 11, 2025: Deloitte predicts that in 2025, 25% of companies that use generative AI will launch agentic AI pilots or proofs of concept, growing to 50% in 2027. The firm says some agentic AI applications, in some industries and for some use cases, could see actual adoption into existing workflows this year.

With new division, AWS bets big on agentic AI automation

March 6, 2025: Amazon Web Services customers can expect to hear a lot more about agentic AI from AWS in future with the news that the company is setting up a dedicated unit to promote the technology on its platform.

How agentic AI makes decisions and solves problems

March 6, 2025: GenAI’s latest big step forward has been the arrival of autonomous AI agents. Agentic AI is based on AI-enabled applications capable of perceiving their environment, making decisions, and taking actions to achieve specific goals.

CIOs are bullish on AI agents. IT employees? Not so much

Feb. 4, 2025: Most CIOs and CTOs are bullish on agentic AI, believing the emerging technology will soon become essential to their enterprises, but lower-level IT pros who will be tasked with implementing agents have serious doubts.

The next AI wave — agents — should come with warning labels. Is now the right time to invest in them?

Jan.13, 2025: The next wave of artificial intelligence (AI) adoption is already under way, as AI agents — AI applications that can function independently and execute complex workflows with minimal or limited direct human oversight — are being rolled out across the tech industry.

AI agents are unlike any technology ever

Dec. 1, 2024: The agents are coming, and they represent a fundamental shift in the role artificial intelligence plays in businesses, governments, and our lives.

AI agents are coming to work — here’s what businesses need to know

Nov. 21, 2024: AI agents will soon be everywhere, automating complex business processes and taking care of mundane tasks for workers — at least that’s the claim of various software vendors that are quickly adding intelligent bots to a wide range of work apps.

Agentic AI swarms are headed your way

November 1, 2024: OpenAI launched an experimental framework called Swarm. It’s a “lightweight” system for the development of agentic AI swarms, which are networks of autonomous AI agents able to work together to handle complex tasks without human intervention, according to OpenAI.

Is now the right time to invest in implementing agentic AI?

October 31, 2024: While software vendors say their current agentic AI-based offerings are easy to implement, analysts say that’s far from the truth

Kategorie: Hacking & Security

DARPA wants to help AI agents to talk to one another

10 Duben, 2026 - 18:08

Let Agentic AI speak unto Agentic AI — but in some kind of mathematical code.

That’s the thinking behind the MATHBAC (Mathematics for Boosting Agentic Communication) project, which aims to develop a new area of AI communication, one in which AI agents will ‘talk’ to each other to understand how they collaborate and share information.

MATHBAC is being run by the US Defense Advanced Research Projects Agency (DARPA), one of the progenitors of the internet. It hopes the research will enable agentic AI models to collaborate to solve complex problems, and increase understanding of the mathematics that lies behind the ways that they function.

A key element of the project is discovering fundamentally new ways of working: Research that results only in incremental improvements in existing methods and models that already exist is specifically excluded from MATHBAC funding.

The project has been divided into two phases. The first will consider the derivation of the mathematics behind agentic AI and look at ways of improving communication between systems. The second, much more ambitious, will look to create tools to enable development of a new science, solving “fundamental scientific and mathematical problems underpinning collective agentic intelligence.”

DARPA expects to achieve all that in just 34 months, and is accepting proposals from organizations wishing to work on the project.

Kategorie: Hacking & Security

Apple unveiled a new high-end market opportunity this week

10 Duben, 2026 - 17:37

Though I reviewed Apple’s recently-introduced MacBook Neo, M5 MacBook Air, and M5 Max MacBook Pro, I didn’t look at Apple’s new displays. But it is noteworthy that even these products open up new opportunities for the company.

That’s because Apple this week gained FDA clearance for the Medical Imaging Calibration feature introduced in the Studio Display XDR. Just as the affordable MacBook Neo opens up a fresh mass market opportunity, this specialized product feature forges space in a new niche.

Apple opens a new growth market

That niche will only become even more important once specialized AI medical tools to support treatment and diagnosis appear in the radiology space, as such tools inevitably will. (Inevitably? I mean, just look at this December research announcement from the Institute of Cancer Research, which demonstrated that combining artificial intelligence (AI) with state-of-the-art MRI imaging can revolutionize prostate cancer treatment.)

The combination means you don’t need a dedicated radiology workstation costing in excess of $15,000; you need only a Mac and a $2,899 Apple display.

Once those things are in place, you can select your choice of imaging software — probably something like Visage Imaging 7, OsiriX MD, Falcon MD, or another of the solutions available for Mac. Even better, while privacy and data confidentiality concerns do exist, the Mac you use for this work can also be used for other tasks, like any other Mac. This democratizes access to tools of this kind; gives the medical profession all the Apple advantages around product resilience, TCO, and tech support; cuts budgets; and enables medical tech purchasers to get more for less.

On-device AI, an Apple advantage

Then we get to think about AI, and that’s where Apple’s strategic sensibility seems to be coming into play. I see it like this: it is obvious that AI for medical imaging will need to run on something. And what Apple has done with Apple Silicon, its approach to on-device AI, and this new medical image calibration feature on its displays all mean it now offers a trusted, highly usable, incredibly flexible solution to run future AI-augmented MRI imaging packages. Apple’s processors can simply shrug their way through that kind of work, while its new displays can give radiologists and other medical examiners the precise accuracy they need.

The new display feature also gives Apple an impressive story to tell in the $42.6 billion global market for medical imaging devices. That tale is tempered by Apple’s cast-iron commitment to privacy and the impressive capacity of Apple Silicon to run on-device LLMs. Apple’s introduction of MLX means you can easily imagine medical imaging deployments that rely on a new Studio Display and four Mac minis clustered via a single Thunderbolt 5 cable. Total cost? Not $15,000.

Apple is cheap

Apple is cheap. That’s not an illusion. Look at the ecosystem. The entry level $599 MacBook Neo shows this, while all the TCO and tech support and security studies I’ve seen across the last decade show that once you begin using these platforms you end up spending a lot less keeping your investments going.

That matters in any business, of course. But when it comes to the kind of industries Medical Imaging Calibration is meant for, that can be life-saving. Who wants urgent surgery to be delayed by an operating system crash or another Crowdstrike-like moment?

There might be problems getting this message through to every medical provider across the planet, but check out Emory University and its Department of Radiology and Imaging Sciences. There, you can peruse a white paper explaining most of the steps radiologists and imaging practices must take to integrate Apple’s displays and systems into their clinical workflows.

As explained here, the paper praises the CPU/GPU performance of Macs used in the test, which rival or exceed traditional workstations at a fraction of the cost. The white paper also opens a second dimension in medical practice, thanks to visionOS and the capacity to create new workflows that have the headset using new surgical apps from the likes of Stryker and Storz. Add AI to that equation and you can see that Apple has raised a very, very large flag depicting a very large Apple logo on part of the future of medical care.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe. Also, now on Mastodon.

Kategorie: Hacking & Security

Hungarian government email passwords exposed ahead of election

10 Duben, 2026 - 15:17

When voters in the forthcoming Hungarian election assess the current government, its record on internet security will not be one of its proudest achievements.

An analysis by open source investigation organization Bellingcat has revealed that the passwords for almost 800 Hungarian government email accounts are circulating online, many of them associated with national security. These breaches in security are not down to high-tech attacks but rather are the result of poor email hygiene among government employees. The security leaks were widespread: 12 out of 13 government departments were affected.

Hungarian Prime Minister Viktor Orban’s administration likes to present itself as firm protector of Hungarian borders, resisting foreign interference, but this doesn’t seem to apply to its computing prowess. Among those whose details were revealed were an officer responsible for information security and a counter-terrorism expert.

Bellingcat found that government officials have been using weak passwords such as variations of the word “Password” or the number sequence “1234567, while another simply used his surname.

The Hungarian government is not alone in its laxity. Earlier this year, Specops found that 6 billion logins had been exposed online and found that number sequences and ‘password’ featured highly in the list of the most compromised logins.

The vulnerabilities inherent in the Hungarian example are a warning to all CSOs that they should be reminding their staff to tighten their security credentials. Many choose simple, short memorable passwords because they’re easy to remember but using a password manager or deploying passkeys will immediately strengthen employees’ ability to protect data.

This article first appeared on CSO.

Kategorie: Hacking & Security

Microsoft adds hidden feature flags to Windows Insider builds

10 Duben, 2026 - 14:22

Microsoft Windows Insider members will soon have an easy way to select which new features they test. Until now, Windows Insiders have had to wait for Microsoft to randomly assign them news features for testing through its Controlled Feature Rollout program or enable the features themselves through third-party software such as ViVeTool.

The new Windows setting, Feature Flags, will be a boon for administrators of Microsoft products who want to get a handle on the innovations relevant to their enterprise. Microsoft has not officially announced the new functionality, but an eagle-eyed user spotted the Feature Flags setting buried in the latest Windows Insider software build.

Microsoft Windows design and research leader Marcus Ash responded congratulating the spotter on their speed, adding that he would be “Excited to share more about WIP settings next week.”

He followed that up with a post to a Microsoft blog that changes were on the way, saying that users will “ have more control” over features they care about.

The Windows Insiders who wish to delve into the new settings are out of luck for now: They are not enabled yet. But messages contained in the latest build of the software say “these features are still in development and may change” and that “turning them on or off could affect performance or stability.”

So, while there are plenty of hints about the forthcoming release, users will still have to wait for an official announcement from Microsoft and there is no indication as to when that will be.

Kategorie: Hacking & Security

Meta moves fast toward a world where AI builds the software

10 Duben, 2026 - 14:07

Meta Platforms is reportedly pulling top software engineers from across the company into a newly created AI unit on a mandatory basis, with the stated goal of eventually having autonomous agents perform the bulk of the work of building, testing, and shipping its products, and human engineers serving only to monitor them.

The development was based on an internal company memo authored by Maher Saba, a vice president in Meta’s Reality Labs division and a longtime associate of Chief Technology Officer Andrew Bosworth, who leads the new Applied AI (AAI) Engineering organization, reported Reuters. According to the report, Saba created AAI last month and initially sought volunteers to join. This week, he told selected employees their transfers are no longer a choice.

“AAI is one of the company’s highest priorities and we’re resourcing it by moving our strongest talent to address it. Therefore, the transfers aren’t optional,” Saba wrote in the memo, the report added.

The unit’s mandate goes significantly beyond building AI productivity tools. According to the memo AAI’s stated end goal is for autonomous AI agents to perform the bulk of the work required to build, test, and ship Meta’s products and infrastructure with human engineers monitoring rather than executing.

Gartner predicts that AI agents will require 80% of the engineering workforce to upskill by 2027, and separately forecasts that 40% of enterprise applications will embed task-specific AI agents by year-end 2026, up from less than 5% in 2025.

“Meta’s move signals that AI is now being fundamentally positioned within engineering as a core execution infrastructure, rather than just as a productivity layer,” said Ishi Thakur, senior analyst at Everest Group. “Competitive advantage will hinge less on access to models and more on how deeply organizations can embed AI into real-world engineering workflows.”

But analysts caution that the path there is far from straightforward. “For Meta-scale firms, agent-led engineering is achievable only in tightly scoped domains today,” said Charlie Dai, VP and principal analyst at Forrester. “Before reducing hands-on developer responsibility, enterprises must establish robust evaluation harnesses, policy-as-code controls, deterministic build pipelines, and explicit human escalation paths.”

What AAI is building

AAI will work alongside Meta’s Superintelligence Lab, headed by former Scale AI CEO Alexandr Wang, to build what Saba described as “the data engine that helps our models get better, faster,” according to the report. The organization consists of two teams: one focused on interfaces and tooling, and a second responsible for executing tasks, generating data, and providing evaluations that feed back to Meta’s modeling teams.

“This reflects a growing belief that traditional management layers will become less relevant as AI absorbs coordination and execution tasks,” said Thakur. “Value is concentrated in high-skill individual contributors augmented by AI.”

Dai cautioned that the structure carries significant governance risk. “If provenance tracking, gated approvals, and automated security testing are not mandatory, AI-generated code can overwhelm oversight and erode accountability for quality, compliance, and audits,” he said.

On Meta’s Q4 2025 earnings call in January, CEO Mark Zuckerberg said 2026 would be “the year that AI starts to dramatically change the way that we work.” Susan Li, Meta’s chief financial officer, said on the same call that output per engineer had already risen 30% since the start of 2025, driven largely by AI coding agents, with power users recording an 80% year-over-year productivity increase.

For Meta, AAI is the next step in embedding that trajectory deeper into its engineering infrastructure.

Workforce reductions ongoing

Separately, Meta has been reducing its overall headcount in 2026. The company has already cut approximately 10% of its Reality Labs division in January, affecting around 1,000 employees, and laid off several hundred more in late March across recruiting, sales, global operations, and Facebook social teams.

Meta’s capital expenditure for 2026 is projected between $115 billion and $135 billion, nearly double its 2025 spend, driven by investments in data centers, chips, and AI infrastructure. The company formalized that infrastructure drive with the launch of Meta Compute, consolidating its global data center and network operations under a single leadership structure.

“The dominant barrier is organizational,” said Dai. “Enterprises have not yet redefined ownership, incentives, and liability when software is produced by agents. Until accountability frameworks catch up, leadership caution will continue to slow adoption.”

Thakur put it plainly: “The real constraint is no longer technological capability, but whether organizations can evolve their operating models fast enough to responsibly absorb this level of autonomy.”

Meta did not immediately respond to a request for comment.

Kategorie: Hacking & Security

Menu

Dnešní oblíbený obsah

Aktuality

Nejnovější příspěvky blogu

Navigace

Tagy

RSS Feed

Computerworld.com [Hacking News]

Can Microsoft really meet its carbon-negative goal by 2030?

About the Best Places to Work in IT

Apple devices’ satellite link is under new ownership

IBM’s government DEI settlement could increase pressure to avoid tech hiring diversity

Curity looks to reinvent IAM with runtime authorization for AI agents

Microsoft is developing Copilot features inspired by Openclaw

Global RAM shortage prompts Microsoft to hike Surface prices

Apple Business rolls out to 200+ countries today

Windows 10: A guide to the updates

Nvidia’s Stephen Jones on the toolkit powering GPUs: ‘A wild ride’

The French government eyes alternatives to Windows

Apple preps for the face race

How to build your own AI agents with Google Workspace Studio

Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises

Agentic AI – Ongoing coverage of its impact on the enterprise

DARPA wants to help AI agents to talk to one another

Apple unveiled a new high-end market opportunity this week

Hungarian government email passwords exposed ahead of election

Microsoft adds hidden feature flags to Windows Insider builds

Meta moves fast toward a world where AI builds the software

Přihlášení

Náhodný obsah

Poslední komentáře

GNU/Linux & BSD

IT News

Security Vulnerabilities & Exploits