Agregátor RSS

The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay network. "Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified for mail relay capability, and synced to a downstream consumer every five minutes," Hunt.io said inRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

Na všech herních platformách je každou chvíli nějaká slevová akce. Každý týden proto vybíráme ty nejatraktivnější, které by vám neměly uniknout. Pokud chcete získat hry zdarma nebo s výhodnou slevou, podívejte se na aktuální přehled akcí!

Na čem pracují vývojáři webového prohlížeče Ladybird (GitHub)? Byl publikován přehled vývoje za květen (YouTube).

WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection

The gap between what AI can do in biology and what governance systems are prepared to handle is growing.

Artificial intelligence is rapidly learning to autonomously design and run biological experiments, but the systems intended to govern those capabilities are struggling to keep pace.

AI company OpenAI and biotech company Ginkgo Bioworks announced in February 2026 that OpenAI’s flagship model GPT-5 had autonomously designed and run 36,000 biological experiments. It did this through a robotic cloud laboratory, a facility where automated equipment controlled remotely by computers carries out experiments. The AI model proposed study designs, and robots carried them out and fed the data back to the model for the next round. Humans set the goal, and the machines did much of the work in the lab, cutting the cost of producing a desired protein by 40 percent.

This is programmable biology: designing biological components on a computer and building them in the physical world, with AI closing the loop.

For decades, biology mostly moved from observation toward understanding. Scientists sequenced the genomes of organisms to catalog all of their DNA, learning how genes encode the proteins that carry out life’s functions. The invention of tools like CRISPR then allowed scientists to edit that DNA for specific purposes, such as disabling a gene linked to disease. AI is now accelerating a third phase, where computers can both design biological systems and rapidly test them.

The process looks less like traditional benchwork in a lab and more like engineering: design, build, test, learn, and repeat. Where a traditional experiment might test a single hypothesis, AI-driven programmable biology explores thousands of design variations in parallel, iterating the way an engineer refines a prototype.

As a data scientist who studies genomics and biosecurity, I research how AI is reshaping biological research and what safeguards that demands. Current safety measures and regulations have not kept pace with these capabilities, and the gap between what AI can do in biology and what governance systems are prepared to handle is growing.

What AI Makes Possible

The clearest example of how researchers are using AI to automate research is AI-accelerated protein design.

Proteins are the molecular machines that carry out most functions in living cells. Designing new ones has traditionally required years of trial and error because even small changes to a protein’s sequence can alter its shape and function in unpredictable ways.

Protein language models, which are AI systems trained on millions of natural protein sequences, can quickly predict how mutations will change a protein’s behavior or design new proteins. These AI models are designing potential new drugs and speeding vaccine development.

Paired with automated labs, these models create tight loops of experimentation and revision, testing thousands of variations in days rather than the months or years a human team would need.

Faster protein engineering could mean faster responses to emerging infections and cheaper drugs.

The Dual-Use Problem

Researchers have raised concerns that these same AI tools could be misused, a challenge known as the dual-use problem: Technologies developed for beneficial purposes can also be repurposed to cause harm.

For example, researchers have found that AI models integrated with automated labs can optimize how well a virus spreads, even without specialized training. Scientists have developed a risk-scoring tool to evaluate how AI could modify a virus’s capabilities, such as altering which species it infects or helping it evade the immune system.

Current AI models are able to walk users through the technical steps of recovering live viruses from synthetic DNA. Researchers have determined that AI could lower barriers at multiple stages in the process of developing a bioweapon, and that current oversight does not adequately address this risk.

Risk From Bio AI

Experienced scientists are already using AI to plan and design biological experiments. The question of whether AI can help people with limited biology training carry out dangerous lab work is the subject of active research.

Two recent studies have reached different conclusions.

A study by AI company Scale AI and biosecurity nonprofit SecureBio found that when people with limited biology experience were given access to large language models, which is the type of AI behind tools like ChatGPT, they were able to complete biosecurity-related tasks, such as troubleshooting complex virology lab protocols with four times greater accuracy. In some areas, these novices outperformed trained experts. Around 90 percent of these novices reported little difficulty getting the models to provide risky biological information, such as detailed instructions on working with dangerous pathogens, despite built-in safety filters meant to block such outputs.

In contrast, a study led by Active Site, a research nonprofit that studies the use of AI in synthetic biology, found that AI help did not lead to significant differences in the ability of novices to complete the complex workflow to produce a virus in a biosafety laboratory. However, the AI-assisted group succeeded more often on most tasks and finished some steps faster, most notably on growing cells in the lab.

Hands-on work in the lab has traditionally been a bottleneck to translating designs into results. Even a brilliant study plan still depends on skilled human hands to carry out. That may not last, as cloud laboratories and robotic automation become cheaper and more accessible, allowing researchers to send AI-generated experimental designs to remote facilities for execution.

Responding to AI-Driven Biological Risks

AI systems are now able to run experiments autonomously and at scale, but existing regulations were not designed for this. Rules governing biological research do not account for AI-driven automation, and rules governing AI do not specifically address its use in biology.

In the US, the Biden administration had issued a 2023 executive order on AI security that included biosecurity provisions, but the Trump administration revoked it. Screening the synthetic DNA that commercial providers make to ensure it cannot be misused to make pathogens or toxins remains mostly voluntary. A bipartisan bill introduced in 2026 to mandate DNA screening does not yet address AI-designed sequences that evade current detection methods.

The 1975 Biological Weapons Convention, an international treaty prohibiting the production and use of bioweapons, contains no provisions for AI. The UK AI Security Institute and the US National Security Commission on Emerging Biotechnology have both called for coordinated government action.

The safety evaluations that AI labs run before releasing new models are often opaque and unsuited to capture real-world risk. Researchers have estimated that even modest improvements in an AI model’s ability to help plan pathogen-related experiments could translate to thousands of additional deaths from bioterrorism per year. Timelines for when these capabilities cross critical thresholds remain unclear.

The Nuclear Threat Initiative has proposed a managed access framework for biological AI tools, matching who can use a given tool to the risk level of the model rather than blanket restrictions. The RAND Center on AI, Security and Technology outlined a set of actions researchers could take to improve biosecurity, including improved DNA synthesis screening and model evaluations before release. Researchers have also argued that biological data itself needs governance, especially genomic data that could train models with dangerous capabilities.

Some AI companies have started voluntarily imposing their own safety measures. Anthropic activated its highest safety tier when it released its most advanced model in mid-2025. At the same moment, OpenAI updated its Preparedness Framework, revising the thresholds for how much biological risk a model can pose before additional safeguards are required. But these are voluntary, company-specific steps. Anthropic’s CEO, Dario Amodei, wrote that the pace of AI development may soon outrun any single company’s ability to assess the risk of a given model.

When used in a well-controlled setting, AI can help scientists quickly reach their research goals. What happens when the same capabilities operate outside those controls is a question that policy has not yet answered. Overreact, and talent and investment may move elsewhere while the technology continues advancing anyway. Underreact, and the risks of that technology could be exploited to cause real harm.

This article is republished from The Conversation under a Creative Commons license. Read the original article.

The post AI Can Now Design and Run Thousands of Experiments Without Human Hands. We Aren’t Ready for the Risk to Biosecurity. appeared first on SingularityHub.

UPDATED A new extortion brand called Pink – which may be a rebrand of BlackFile – uses voice phishing and fake help-desk calls to gain initial access to organizations’ IT environments, steal their sensitive data, and threaten to leak it unless the victims pay a ransom demand. Palo Alto Networks' Unit 42 first spotted the gang, which it tracks as cluster CL-CRI-1147, and its data-leak site, which went live on May 31. “Pink uses vishing and IT impersonation to phish credentials/MFA, then exfiltrates enterprise cloud storage and productivity data to extort victims,” the threat-intelligence biz said in a LinkedIn post. Google Threat Intelligence is not so sure it's a new gang, however. "After retiring the BlackFile brand in May 2026, we assess the group launched the 'Redact' brand and has now potentially surfaced as 'Pink,," Austin Larsen, Principal Threat Analyst at Google Threat Intelligence Group, told us. "This new operation exhibits hallmarks of UNC6671, including similar credential-harvesting infrastructure, data leak site (DLS), and recurring messaging that claims to 'improve the security' of victims who pay. Additionally, we attribute the Pink (CL-CRI-1147) domains recently published by Unit42 to UNC6671." Regardless whether it's brand new or just a new coat of paint, the tactics are very familiar. Pink is one of many goon squads to use these social-engineering tactics to steal employees’ credentials and bypass multi-factor authentication, using this access to burgle companies’ cloud storage and databases. Chaotic crime crew Lapsus$, during its 2021 and 2022 extortion spree that hit Nvidia, Microsoft, and Okta, among others, popularized this style of phone-based intrusions before Scattered Spider picked up the mantle. Scattered Spider is perhaps best known for its 2023 Las Vegas casino digital heists, and reportedly bragged that all it took to break into MGM's networks was a 10-minute call with the help desk. Over the last few years, ShinyHunters has used this same playbook to steal sensitive data from Ticketmaster, AT&T, and other Salesforce customers, and thousands of schools and universities that use Canvas’ digital learning platform. Despite multiple arrests across all three gangs, they keep coming back to victimize more organizations. Most incident responders, including Google’s Mandiant and Unit 42, link many of these criminal collectives to The Com, a loosely knit group of primarily English speakers made up of several interconnected networks of hackers, SIM swappers, and extortionists, with some of its subgroups offering real-life violent crime for hire. According to Unit 42, this latest cluster of extortion activity is also “likely a Com-affiliated actor.” And after investigating “multiple” of these extortion attacks over the past few months, on Monday, they spotted something that led them to Pink’s name-and-shame website. “On June 1, 2026, an existing extortion negotiation that had never received a response, attributed to a likely Com-related cluster, received new communication from a threat actor via a free webmail account,” Unit 42 analysts Richard Emerson and Cuong Dinh said in a Wednesday threat-intel post. “The actor provided a new qTox ID and a leak site associated with the Pink brand, but referenced exfiltrating almost identical information from the original extortion notice.” Pink data thieves set a 72-hour deadline for the victim to respond before leaking the stolen goods. After gaining access to the victim’s account, the criminals snoop around for valuable corporate and customer data from platforms like SharePoint and OneDrive. After exfiltrating the stolen files, Pink attackers use compromised victim accounts and internal Teams messages to extort the company. “The actor reuses second-level domains to target multiple organizations, and the third-level domain typically thematically represents the target,” Emerson and Dinh wrote. They also listed the following phishing domains as indicators of compromise: passkeyadd[.]com passkeydeploy[.]com deploypasskey[.]com Along with these three IP addresses: 185[.]178.208[.]153 (hosted phishing domains) 172[.]93.100[.]252 (accessed compromised accounts) 96[.]232.20[.]66 (residential proxy IP responsible for extortion email creation) Plus, these user-agent strings were observed during data exfiltration: Microsoft.Graph.Client/5.62.0 python-requests/2.28.1 python-requests/2.33.1 Network defenders can use these to assist in threat-hunting efforts. And be very wary of help desk calls, both from people claiming to be employees locked out of corporate accounts and from those purporting to be support staff rolling out a mandatory MFA update or other emergency. ®

Už vás nebaví drahé měsíční předplatné? Kupte nový Office 2024 Pro Lifetime za šokující cenu pouhých 11 €, exkluzivně na Goodoffer24.com s využitím promokódu AX30! S předplatným se konečně můžete rozloučit a užívat si sadu Office celý život!

Garance, která vám ve starém penzijku dává jistotu, že nevyberete méně, než jste vložili, vás vlastně reálně okrádá o výnosy, kterých byste dosáhli s dynamičtější investicí.

Linux pomalu přichází o hardwarové šifrování přes AF_ALG, do toho Intel chystá podporu Xeonů pro rok 2027 či Wi-Fi 8 s UHR pro rok 2028. AMD již tradičně ladí k ještě větší skvělosti ovladače AMDGPU a AMDKFD.

Přestože notebooky s Nvidia GB10 alias RTX Spark N1X dorazí nejdříve v říjnu, analytická společnost Morgan Stanley má jasno už nyní. Získala informace od jejich výrobců a upozornila, že nebudou levné…

Kvantové systémy stále souží chyby, kterých je obtížné se zbavit. Na kvantový systém se totiž nemůžete ani podívat, aniž by se vám rozsypal pod rukama. Australští kvantoví koumesové dokázali najít Schrödingerovu kočku ve správné krabici, aniž by ji vystrašili a kočka jim tím pádem neutekla. Nesmíte vynechat jejich video. Dělají je skvěle!

Představte si, že v sobě máte hlístice. Není to ale náhodná infekce ze špíny. Máte ji tam schválně. Jde o geneticky vylepšené hlístice, z nichž každá funguje jako maličká parazitická biotovárna na výrobu léku v terapeutické infekci. Tímto způsobem by šlo dlouhodobě řešit zdravotní problémy nebo třeba preventivně chránit proti rozmanitým rizikům.

Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetization-focused features. [...]

The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cryptocurrency miner. [...]

A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. [...]

Microsoft has announced Coreutils, a new Windows 11 feature that allows developers to run many popular Linux command line utilities natively on Windows from a single binary.

Revealed at this week’s Build 2026 developer conference in Seattle, Coreutils is about reducing what Microsoft terms the “cognitive load” faced by developers when moving between Windows and other platforms.

Currently, accessing the Linux command line utilities that are considered essential in many CI/CD development environments on Windows requires a kludge that involves either opening an emulation such as Git Bash, or a virtualized Windows Linux Subsystem (WSL) terminal.

Both are time-consuming and inefficient. As Microsoft’s announcement puts it: “Developers constantly move between platforms, but familiar commands don’t work consistently, forcing workarounds, lost speed and context switching.”

Coreutils removes the need for this back and forth, allowing developers to run most Linux commands straight from the Windows CMD command prompt, PowerShell, or Windows Terminal.

“Whether you’re moving between Linux, macOS, WSL, containers or cloud environments, the commands and workflows you’ve built over years just work in your Windows environment,” Microsoft said.

Most utilities, but not all

Installed as a single executable (via WinGet: install Microsoft.Coreutils), Coreutils for Windows itself is a Rust rewrite of the GNU uutils/coreutils project that provides commands that are universal across Linux distros.

Fundamental to making Coreutils efficient to manage is the fact that individual Linux commands run from a multi-call executable which maps via NTFS hardlinks pointing to each command. The advantage of this approach is that there’s only one binary to install, one binary to sign, and one binary to patch or update.

Microsoft lists 75 Linux utilities supported by Coreutils, including commonly-used commands such as ls, cp, find, grep, find, rm, du, hostname, and uptime.

However, some Coreutils commands clash with existing CMD or Powershell commands, or are otherwise not possible to execute; Microsoft provides a compatibility table listing conflicts. This means that some commands are not available, specifically: dir, expand, kill, more, timeout, and whoami.

There are also some commands omitted from Coreutils because a command relies on a POSIX Unix/Linux feature that Windows doesn’t implement in a compatible way; some examples are chmod, chown, id, stty, and chroot.

In other cases, the command will execute in one context, CMD, but not in PowerShell. Microsoft explained the complex order of precedence:  “Whether the Coreutils version runs depends on the shell, the PATH order, and (for PowerShell) the alias table.”

As well as Coreutils, the Build 2026 developer conference also saw Microsoft announce WSL containers CLI and API to deploy Linux containers on Windows, a new framework for autonomous agents with open source governance tools, and Microsoft Scout, an AI agent designed to automate tasks in Microsoft 365.

This article originally appeared on InfoWorld.

Dashlane said that attackers mounted a coordinated hacking campaign against a large base of its users in an attempt to recover as many encrypted password vaults as possible. The password manager provider said fewer than 20 personal user vaults were downloaded before it shut down the operation.

In a campaign that started Sunday, the unknown threat actor abused the mechanism that allows Dashlane users to add new devices, such as computers or phones, to their accounts. By abusing Dashlane's programming interfaces for device enrollment, the attackers sent requests to large numbers of existing users’ registered email addresses. In an update published Thursday, Dashlane wrote:

The threat actor targeted the API endpoints for device registration and used a brute force attack to send a large volume of automated requests to those endpoints.

In response, Dashlane’s automated security systems operated as intended, triggering an automatic lockout of the targeted accounts to protect those users. Before the attack was fully mitigated, the threat actor was able to brute force and generate valid tokens for fewer than 20 personal plan customers, allowing them to register a new device on those accounts and download copies of users’ encrypted vaults.

The flow and strategy of the attack

When a user installs the Dashlane app on a new device and attempts to enroll it in their existing account, Dashlane first verifies the account holder's identity. This verification is completed by sending a one-time six-digit token to the user’s registered email address (or, for users who have enabled two-factor authentication, by validating a six-digit code generated by their authentication app).

Read full article

Comments

The next threat your server faces may have been helped along by a bot. OpenAI's Codex agent helped uncover a remote denial-of-service (DoS) exploit that can be launched from a single machine to render vulnerable web servers inaccessible in seconds, according to Calif security researchers. The attack works on default HTTP/2 configurations of major web servers including nginx, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare Pingora. As of Thursday, Microsoft IIS and Cloudflare Pingora still don’t have a patch, according to the researchers, although Cloudflare disputes this finding. “Cloudflare's existing architecture and DDoS mitigations automatically detect and protect against this attack, making customers resilient to this vulnerability,” a spokesperson told The Register. “No patch is needed.” “We are aware and actively investigating appropriate mitigations to help keep customers protected," a Microsoft spokesperson told The Register. Calif researcher Quang Luong discovered the exploit, named it HTTP/2 Bomb, and will present the full technical details of the attack at the Real World AI Security conference later this month. In the meantime, there are proof-of-concept exploit scripts on GitHub along with a warning from the AI red teaming security shop: “Please don't point these at infrastructure you don't own.” In a Tuesday blog, Luong says Codex chained two existing DoS attack techniques that have been known for more than a decade - HPACK compression bomb and Slowloris-style hold - and warns that upwards of 880,000 websites supporting HTTP/2 and running one of the vulnerable web servers may be affected. An HPACK bomb attack (also known as CVE-2016-6581) exploits the HTTP/2 header compression algorithm (HPACK) by sending thousands of tiny messages to the server, forcing it to rapidly allocate memory and ultimately crash. Then the Slowloris DoS attack (CVE-2016-8740 and CVE-2016-1546) overwhelms the server by opening legitimate connections and maintaining them as long as possible. Combining the two exhausts the server’s memory and forces it offline. “A home computer on a 100Mbps connection can render a vulnerable server inaccessible within seconds,” Luong wrote. “Against Apache httpd and Envoy, a single client can consume and hold 32GB of server memory in roughly 20 seconds.” The Calif research team disclosed the issue to nginx in April, and the web server’s maintainers fixed it the next day in version 1.29.8, which imports the max_headers directive from freenginx. Apache issued a fix (mod_http2 v2.0.41) the same day that Calif submitted its report, and assigned it CVE-2026-49975. “The fix commits above are public and disclose the vectors directly; any capable AI model can turn those diffs into a working exploit, which is exactly how we found that Microsoft IIS, Envoy, and Pingora are also vulnerable,” the threat hunting team wrote, adding that all three have been notified. In a Wednesday update, Calif pointed to Envoy patches “that appear to mitigate this attack,” and notes that its researchers are still validating the fix to ensure it works. For Microsoft IIS and Cloudflare Pingora, the security sleuths recommend disabling HTTP/2 if possible, or enforcing a cap on the number of HTTP headers a client can send in a single request to the server. The fact that a coding agent - not a human - discovered this attack is notable, according to Calif. “Both halves have been public for a decade,” Luong wrote. “What Codex did was read the codebases, recognize that the two compose, and build the combined attack. That combination is obvious once you see it, and yet as far as we can tell no human had put it together against these servers.” ® Updated at 2023 with statement from Microsoft.

Apple in recent years has opened Apple Developer Centers in Cupertino, CA, Shanghai, Singapore, and Bengaluru to allow developers to meet, exchange ideas or get help from trained staffers.

It is now clear a new developer center will open in Europe, specifically in the German capital of Berlin, later this year. “Europe is home to an extraordinary community of developers who build apps that connect people, encourage creativity, and drive innovation,” says Susan Prescott, Apple’s vice president of Worldwide Developer Relations, said in a statement.

Developers will be able to receive support for their apps, regardless of whether they are built for iOS, iPadOS, macOS, tvOS, macOS, or watchOS.

The announcement comes just a few days before the company’s big Worldwide Developer Conference (WWDC) gets under way.

A data breach at the dental benefits administrator DentaQuest has reportedly exposed the sensitive data of 2.6 million accounts.  [...]