Agregátor RSS

It's 8 pm. Do you know where your agents are? Snowflake plans to buy Natoma, a startup that has made a gateway for managing AI agent permissions across enterprise applications, so users can focus on getting work done without wondering if their agents have violated security policies. During Snowflake's first-quarter fiscal 2027 earnings call, company CEO Sridhar Ramaswamy said Natoma is a critical piece of the company's broader strategy around what he called the "agentic control plane," where AI agents can take actions across business systems while still operating within the organization’s security controls. "With Natoma, users can do things like send emails, summarize Slack conversations, check calendars, and open Jira tickets without ever leaving Snowflake Intelligence or Coco," Ramaswamy said during the call, referring to two of Snowflake's AI products. “The important point is not just convenience. It is control. These actions happen from a governed environment with enterprise security, permissions, observability, and policy enforcement built in.” Natoma’s software acts as a gateway for Model Context Protocol (MCP) servers, connectors that allow AI agents to interact with external software tools. The platform enforces identity verification, access policies, and audit controls at the level of individual tool calls, tracking who requested an action, what permissions they hold, and whether the system should allow the action to proceed. “The reason MCP and Natoma are a big deal is they now bring the entirety of SaaS application context into these products, and so I've done deep research reports, for example, that can now look for information from Snowflake, from the web, from Google Docs, also from Slack, and synthesize that into something that is astoundingly meaningful,” Ramaswamy said. “And these also let you take action instantly. You can flag somebody, you can compose emails and send it, and you can take actions on the underlying applications, and that's the promise.” In a blog post, Natoma's four founders — Pratyus Patnaik, Will Potter, Zachary Hart, and Paresh Bhaya — said Natoma brings the secure connectivity, identity, and governance layer that helps Snowflake experiences extend safely into the applications their teams already use. "We started Natoma in 2024 with a simple belief: AI agents would fundamentally change how work gets done inside enterprises, but they would only reach production if organizations could trust and control how those agents access data, use tools, and take action," they wrote. "Snowflake sees the same future we’ve been building for at Natoma: enterprises need a trusted control plane for the agentic era. They need AI grounded in their own data, governed by their own policies, and connected to the full complexity of their technology stacks." Financial terms of the acquisition were not announced. If it passes customary regulatory and closing conditions, the deal would bring 20 employees to Snowflake. This is Snowflake's sixth acquisition announcement since June 2025, when it said it would buy PostgreSQL provider Crunchy Data for what a source told CNBC was $250 million. In November 2025, Snowflake announced that it would buy database migration outfit Datometry and data discovery platform Select Star. No sale price was provided for either transaction. In January, Snowflake said that it would buy Observe, an AI-powered observability platform, for $1 billion. The next month, Snowflake said that it planned to buy TensorStax, an AI-powered data pipeline planner. The Natoma deal was announced the same day that Snowflake signed a five-year, $6 billion agreement with AWS centered on Graviton-powered compute and AI infrastructure for its growing agentic AI ambitions. During the earnings call, Ramaswamy said that the acquisition pushes Snowflake's agentic control plane beyond data and development workflows into everyday applications where work actually happens. He said that Natoma's integration would allow Snowflake's Cortex Code, also known as “Coco,” and Snowflake Intelligence products to become a single interface for daily tasks including querying enterprise data, updating CRM records, searching across file storage, and managing communications. "These actions happen from a governed environment with enterprise security, permissions, observability, and policy enforcement built in," Ramaswamy said. Mayank Upadhyay, chief security and trust officer and VP of engineering at Snowflake, wrote in a blog post announcing the Natoma deal that the tool summarizes his unread emails, searches across Slack and Google Drive when he cannot remember where something was shared, and surfaces what he needs without switching between applications. He described the Natoma acquisition as a continuation of work Snowflake started earlier in the year with AI guardrails and prompt injection protection, building toward what he said was a portfolio for a more secure enterprise AI.®

The FBI is warning of fake websites impersonating FIFA ahead of the 2026 World Cup, to steal personal and financial information, sell fake tickets and hospitality packages, and push other fraud related to the event. [...]

Update na Android 16 mohou čekat majitelé mnoha zařízení • V tomto přehledu se dozvíte, zda dorazí i do vašeho telefonu • Článek pravidelně aktualizujeme, výrobce řadíme podle abecedy

Společnosti IBM a Red Hat představily Project Lightwell s investicí 5 miliard dolarů. Jedná se o důvěryhodné clearingové centrum pro bezpečnost open source softwaru a zabezpečení dodavatelských řetězců s novým AI modelem a globální skupinou více než 20 000 softwarových inženýrů. Služby centra budou dostupné prostřednictvím komerčních předplatných. Project Lightwell staví na iniciativách jako Anthropic Glasswing nebo OpenAI Trust Access for Cyber.

Některé neúspěšné telefony přinesly převratné myšlenky a změnily mobilní trh • Inovace jako ovládání gesty nebo obří displeje začínaly jako kuriozity • Původně odmítané experimenty dnes tvoří základ každého moderního smartphonu

Staré mobily měly nejednotné nabíječky a posílání zpráv stálo spoustu peněz • Mobilní internet byl nesmírně pomalý, drahý a navíc obtížně použitelný • Stahování vyzvánění a doplňků vyžadovalo trpělivost a často i peníze

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. [...]

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The security flaw, per Rapid7, is rated 9.4 on the CVSS scoring system. It does not have a CVE identifier. "The vulnerability allows any authenticated user to achieve remote code execution (RCE) on

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The security flaw, per Rapid7, is rated 9.4 on the CVSS scoring system. It does not have a CVE identifier. "The vulnerability allows any authenticated user to achieve remote code execution (RCE) on Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Google DeepMind CEO Demis Hassabis believes progress toward artificial general intelligence (AGI) is moving faster than expected and that society now has only a few years to prepare. He believes AGI could arrive around 2030, though acknowledges it could be here in 2029 — or even sooner.

In an interview with Axios, Hassabis said that today’s AI agents — systems capable of performing tasks independently — should be viewed as a sort of “practice run” for significantly more powerful AI in the future. He also warned that governments, economists, and society at large are not taking this development seriously enough.

One particular risk he highlighted is that AI systems in the future might begin to improve their own development. “All the leading labs are pretty focused on that,” Hassabis told Axios. “It will yield clear benefits in the form of faster research. But there are also risks associated with that type of system.”

T

All of the big AI models violate EU rules on AI and data protection to varying degrees, according to the nonprofit research foundation Aithos.

Aithos tested the models using its own tool, LARA (Legal Assessment for Real-world Agents), which simulates real-world situations where AI assistants may find themselves in legally questionable situations, according to The Register. The tests measure compliance with the GDPR and the EU’s AI Regulation, among other things and found the models collected user data without proper consent, attempted to manipulate vulnerable individuals, or created psychological profiles of users.

According to the results, all major language models failed to meet EU legal requirements; some violated the rules in up to 93% of cases. The best result was achieved by the Anthropic model Claude Opus 4.7, which was in compliance about 54% of the time.

Aithos warned that responsibility for the shortcomings does not lie solely with AI companies. Companies that build their own AI agents on top of these models could also be held legally liable.

Nvidia zveřejnila nové ovladače GeForce Game Ready 610.47 určené pro Windows 10 a 11. Balík o velikosti 978 MB podporuje grafické karty rodiny Turing a novější, tedy GeForce MX450 Laptop, MX550 Laptop, GTX 16x0, RTX 2000 a novější čipy. Přináší optimalizaci pro čerstvě vydanou akci 007 First ...

Windows Server 2016 might be long in the tooth but that isn't about to stop Microsoft breaking stuff. The May 12 security update introduced another bug for administrators to worry about. According to Microsoft, if the server hostname is exactly 15 characters long (like, for example, THEY-NEVER-TEST), domain controller discovery might fail. In the notes for the glitch, Microsoft wrote: "When the hostname is 15 characters long, DCLocator calls (for example, using nltest /dsgetdc: /pdc) will return ERROR_INVALID_PARAMETER, preventing applications and administrative tools from locating a domain controller." In other words, anything that depends on a domain controller lookup might stop working. As an example, Microsoft gave Distributed File System (DFS) Namespace management, which would certainly be inconvenient. DFS Namespaces is a Windows Server role that allows admins to group shared folders across different servers into a single namespace. A single path can lead to files located on multiple servers. Unless, of course, the domain controller lookup is broken. Microsoft lists no workaround for affected users, though changing the server hostname to something other than 15 characters would presumably avoid the trigger. "The issue is under investigation, and additional information will be shared as soon as it becomes available," it said. Microsoft still officially supports Windows Server 2016. Mainstream support ended in 2022, but extended support will continue until January 12, 2027. Microsoft is offering up to three more years of support via the Extended Security Updates (ESU) program after that. Earlier this year, Esben Dochy of Lansweeper told The Register that the operating system accounted for just 2.2 percent of all Windows devices it tracks, but 20.3 percent of all servers. That figure is unlikely to have dropped dramatically in the months since, so there is a fair chance that an administrator with a 15-character hostname could be affected. In addition to the Windows Server 2016 problems, the May 2026 security update has failed during installation on some Windows 11 devices when the EFI System Partition is insufficient in size. It is reassuring to know Microsoft's talent for breakage shows no bias toward any particular vintage. ®

Open source 3D herní a simulační engine Open 3D Engine (O3DE) byl vydán v nové verzi 26.05. Podrobný přehled novinek v poznámkách k vydání.

The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before mak...

Největší český e-shop začal u vybraných produktů zobrazovat souhrn uživatelských recenzí generovaný pomocí umělé inteligence. Není úplně zřejmé, jakého klíče se drží, protože sumarizace se objevuje dost nahodile, aniž by to souviselo s počtem prodaných kusů nebo množstvím recenzí. Novinka však do ...

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver a credential-stealing malware family dubbed EKZ Infostealer. "The campaign abused trusted endpoint management infrastructure to deliver malware across managed endpoints," Arctic Wolf said. "Threat actors disguised the credential stealer

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver a credential-stealing malware family dubbed EKZ Infostealer. "The campaign abused trusted endpoint management infrastructure to deliver malware across managed endpoints," Arctic Wolf said. "Threat actors disguised the credential stealer Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Vybrali jsme zajímavé a kvalitní filmy, které si můžete pustit na Netflixu. Všechny mají české titulky nebo často i český dabing.

An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. [...]