Agregátor RSS

Open source 3D herní a simulační engine Open 3D Engine (O3DE) byl vydán v nové verzi 26.05. Podrobný přehled novinek v poznámkách k vydání.

The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before mak...

Největší český e-shop začal u vybraných produktů zobrazovat souhrn uživatelských recenzí generovaný pomocí umělé inteligence. Není úplně zřejmé, jakého klíče se drží, protože sumarizace se objevuje dost nahodile, aniž by to souviselo s počtem prodaných kusů nebo množstvím recenzí. Novinka však do ...

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver a credential-stealing malware family dubbed EKZ Infostealer. "The campaign abused trusted endpoint management infrastructure to deliver malware across managed endpoints," Arctic Wolf said. "Threat actors disguised the credential stealer

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver a credential-stealing malware family dubbed EKZ Infostealer. "The campaign abused trusted endpoint management infrastructure to deliver malware across managed endpoints," Arctic Wolf said. "Threat actors disguised the credential stealer Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Vybrali jsme zajímavé a kvalitní filmy, které si můžete pustit na Netflixu. Všechny mají české titulky nebo často i český dabing.

An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. [...]

“The future of AI should be accessible, available, and open to people and builders everywhere, and it should not require an absurd amount of resources only available to a handful of cloud providers,” Paolo Ardoino, CEO, Tether.

About 700 million people use generative AIs like Gemini and ChatGPT weekly, but adoption is far from uniform. McKinsey’s 2025 State of AI survey found that nearly half of respondents from companies with more than $5 billion in revenue have reached the AI scaling phase, compared with just 29 percent of those from companies with less than $100 million in revenue, a gap that only widens further down the chain, locking out smaller businesses, developers, and everyday users.

Retail and small businesses are limited to basic AI utilities that their facilities can power, such as text-based inference and multimedia generation, using base models. That is billions of end users, and developers locked out of full utilization and development of intelligent software due to high infrastructure demands.

Tether’s edge-first LoRA fine-tuning framework for Microsoft’s Bitnet LLM is an important step towards developing an infrastructure system that supports billions of AI agents and intelligent machines. By reducing the computational overhead of machine learning and enabling consumer-grade devices to perform advanced operations, Tether’s edge-first approach ensures greater leverage for the larger population.

Imagine a 13-billion-parameter model being fine-tuned on everyday handheld devices like Samsung S25 and iPhone 16, as well as on regular personal computers. The breakthrough combines resource-efficiency and platform-agnostic techniques to develop a fine-tuning framework for the ternary-quantized LLM.

Behind Tether’s Bitnet fine-tuning framework

Bitnet LLM was born out of the vision of an intelligent AI model that doesn’t consume outrageous computing resources even at full precision. Earlier attempts at resource-efficient AI relied on trade-offs, such as running small-parameter models at higher precision or larger-parameter models at lower precision, but neither approach fully solved the problem.

Bitnet takes a more fundamental approach. The result is a model that achieves linear efficiency while consuming only a fraction of the computing resources traditionally required.

The challenge, however, is that contemporary GPUs are optimized for the very floating-point operations Bitnet eliminates, creating a hardware compatibility gap. Compounding this, Bitnet was originally confined to its own Bitnet.cpp inference engine, limiting its broader utility. Tether’s breakthrough addresses both constraints at once by integrating a Vulkan and Metal GPU backend that unlocks true cross-platform capabilities for BitNet inference and LoRA fine-tuning on heterogeneous consumer GPUs, including mobile GPUs. Bitnet can now run on more mature, widely supported inference engines without sacrificing its efficiency advantages.

Vulkan’s cross-platform nature is key here. Unlike CUDA, which ties developers to NVIDIA hardware, Vulkan runs across a broad range of GPUs and operating systems, opening Bitnet to genuinely multi-platform deployment. Tether’s Bitnet fine-tuning framework implements a dynamic tiling technique to mitigate limitations in Vulkan driver buffer allocation on mobile GPUs.

The dynamic tiling algorithm technique was first applied in the fine-tuning framework for QVAC Fabric LLM, the AI model that powers Tether’s QVAC Workbench application.

This implementation demonstrates the efficiency of this approach: fine-tuning a 13-billion-parameter model across a range of consumer devices with varying GPU configurations.

The Bitnet LLM Fine-tuning framework is Tether’s latest achievement and part of a broader expansion into open-source AI and communication technologies that challenge current, slow, fragile, and controlled systems. These developments are open-sourced and packaged as modules in the QVAC SDK for easy deployment and to help developers build edge-first AI applications without needing anyone’s permission.

Tether envisions superintelligence as a foundational element possessed by its owner and is enforcing this through:

Local-first AI

Synonymous with decentralized AI, “Local-first” AI aims to create sovereign AI solutions that do not rely on centralized infrastructure, such as data centers, to operate. They are considered cost-effective, relatively more sustainable, and unarguably more private than centralized AI. Tether is building AI applications that rely entirely on the device’s resources. These applications store data in device memory and use its processors for advanced operations, such as fine-tuning and inference.

P2P computing network for AI inference

Tether’s AI applications are built on the Pear runtime. Pear is a tooling platform for fully P2P applications that can operate without servers. Pear leverages the Holepunch tech stack. Holepunch is purpose-built for stable, direct communication between devices. Pear enables delegated inference for AI applications such as QVAC Workbench. Delegated inference enables a unified, dynamic workstation architecture where compute tasks are fluidly distributed between mobile and desktop environments, allowing either device to offload high-intensity processing to the most capable system. That is, you can start a task on your mobile device and delegate it to your desktop or laptop for completion.

AI for everyone

The only way to scale intelligence to the needs of a ten-billion-strong society is to push it to the edge. This, in turn, depends on the progress made by experiments aimed at cost-effectively localizing AI computation.

Billions of AI agents and countless AI applications deployed by developers in every region of the world, running effectively on user-owned resources, is the only way we can democratize superintelligence and avoid creating another ‘luxury’ cutting-edge technology controlled by unicorns and fully accessible only to elites.

Tether is pioneering limitless superintelligence for an ever-growing society and applications. Follow the journey to truly local and edge-first AI solutions

MSPs don't lack security data. They struggle to separate real threats from alert noise. Kaseya explains how SIEM helps MSPs improve visibility, reduce fatigue, and respond faster. [...]

Co potřebuje každý bastlíř do své nové dílničky? • Stavebnice Arduino a pytlík rezistorů jsou pouhý základ • Vybrali jsme 60 věcí, které by tam neměly chybět

Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and address them before they are publicly disclosed. The development comes after a researcher named Chaotic Eclipse (aka Nightmare-Eclipse) disclosed details of multiple zero-day Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and enough exposed infrastructure to make you wonder if prod is just a public beta now - meanwhile some researcher casually drops a technique that turns a "minor" foothold into total account Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Apple publishes its App Store fraud prevention report every year,. And when it does, the company presses the point that its curated system brings much value to developers and customers, including highly effective protection against fraud. It says it prevented more than $2.2 billion in potentially fraudulent transactions in 2025 alone.

A tax worth paying

The company said it has prevented $11.2 billion in such fraud in the last six years. That’s a lot of value for the 15% or lower commission that all but the biggest-selling developers are required to pay on their store sales.

Don’t believe the hype, as most developers are not generating the $1 million a year required before the 30% payment kicks in.

You might reflect that if there is an Apple Tax, it’s a progressive tax in which those with the broadest shoulders help support the wider developer community, which is probably why some tech billionaires don’t like it. 

But I’m not here to write about taxation; I’m here to highlight the value the App Store brings. Apple diligently works to protect customers and developers against the ever-growing threat of cybercrime at a scale few other companies could hope to match. That matters in an environment dominated by ever more sophisticated attacks, including scenarios in which a developer submits a benign app for review and then modifies it once the app is online to commit financial fraud.

More than fraud prevention

It’s not just fraud Apple protects App Store customers from. It also attempts to protect privacy. Look, we know that tech firms now exist for whom privacy is a roadblock to profit; they want to take all your information for free to sell it for money, or worse. Apple stands against this and has done so for years, which is why it is under steady attack by entities that want privacy destroyed to boost their bottom line. Nation states and nation-state-adjacent attacks don’t help in the battle for your private digital life, throwing huge resources at undermining personal protections.

Apple’s report gives you a solid glimpse at the anti-privacy environment. App Store rejected 443,000 app submissions for privacy violations; it also rejected 22,000 apps for holding undocumented anti-privacy features. 

The upshot is that while Apple’s protections aren’t 100% perfect, they’re still industry leading. Where incidents do take place, they are resolved swiftly, and the bait-and-switch approach (in which an app pretends to be benign but carries malware) remains the biggest threat. That’s why customers should always verify they trust a developer before downloading apps.

The threats coming over the hill

The thing is, all of these threats are evolving, and Apple is equipped to evolve in parallel with them. In part, that’s because it has scale, in part because it has that huge 2.2-billion-device ecosystem, in part because the company entered the app store race with deep understanding of how online transactions were evolving in the first place. It didn’t run iTunes for years only to learn nothing.

Coming up over the hill we can see new-breed quantum-based threats. Along with artificial intelligence, that combination will likely spawn a mass attack of AI-generated, malware-infested apps being built and submitted at a record pace. 

We will also likely see increased attacks made against developers in order to extract their Developer ID to help in the submission of such apps. And we will see increasingly sophisticated algorithmic hacks to attack security, identity, and even app ownership. Protecting against those consequential evolutions will be neither easy nor cheap. Doing so will require near state-level protection, a degree of security no small entity can meet. We have no idea if smaller app stores can even visualize such protection — and the EU doesn’t know, either.

In time, hopefully, new businesses will emerge offering quantum-safe security to protect online purchases. But for now, we’ll mostly need to look to large entities such as Apple, or payment services providers, to make the grade. 

Near state-level protection

Will Apple put protection at scale in place to protect against these incoming threats against its App Store? It seems likely, given it is already investing in OS-level mitigations to protect encryption on its services, including around encrypted communications. 

It is also in Apple’s interest to future-proof protection around payment services, ergo also the App Store. At the same time, as Apple’s latest fraud report confirms, the threat landscape remains highly volatile. Time will show that the store’s degree of protection is well worth the cost of Apple’s progressive App Store tax. 

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Meta zavádí na ostro předplatná Instagram Plus, Facebook Plus, WhatsApp Plus. • Nabídnou pár bonusových funkcí, základní služby zůstávají zdarma. • Startuje i testování tarifů Meta One Plus, Premium, Essential a Advanced.

A Romanian national was sentenced this week to 56 months in federal prison for breaking into an Oregon state government computer network and fr cyberattacks targeting dozens of other U.S. victims. [...]

Many organizations can detect network issues quickly, but investigations and coordination often slow incident resolution. This webinar explores how automation and AI-assisted workflows can help IT teams reduce delays and improve response times. [...]

Carnival Corporation - the world's largest cruise operator - has confirmed a digital heist, a month after hacking crew ShinyHunters claimed to have stolen millions of customers' records. The breach, Carnival confirmed, stemmed from an April 14 social engineering attack on an employee, though the company declined to comment on the scale or name ShinyHunters. However, a company filing with the Maine attorney general's office puts the number of affected individuals at just under six million, down from the 8.7 million records previously listed by Have I Been Pwned. Carnival previously acknowledged the phishing attack at the time, but it did not say whether any data had been accessed or stolen. ShinyHunters claimed it lifted terabytes' worth of Carnival records and hinted at a breakdown in negotiations, likely related to the criminal outfit's extortion demands. "The company failed to reach an agreement with us despite our incredible patience," ShinyHunters wrote on its data leak site, adding: "They don't care." Following a "thorough and time-consuming analysis of the impacted data," Carnival confirmed that names, addresses, email addresses, phone numbers, dates of birth, and state identification numbers were all included in the breach. As is often the case in data theft incidents, individuals will be affected to different degrees, depending on what information they shared with the company. Carnival began sending notifications directly to affected individuals on Wednesday. Those communications include details about how recipients can redeem two years of free credit monitoring services, as is common in US breach notifications, via TransUnion. It closed its message with a promise to improve: "In addition to the comprehensive security measures the company had in place prior to the incident, it has taken steps to further safeguard its systems, including enhancing its security and monitoring controls. "The company will continue to advance its IT security and data privacy controls to stay ahead of an ever-evolving threat landscape." ®

State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across users or platforms. Instead, it is heavily concentrated among a small group of AI power users and a [email protected]