Agregátor RSS

Ovladače AMD Adrenalin Edition 26.5.2 přinášejí podporu pro Microsoft Advanced Shader Delivery, které zrychluje nahrání hry a snižuje cukání hry, ke kterému dochází v důsledku kompilace shaderů…

Vědečtí nekromanti Colossal Biosciences usilují o de-extinkci vymřelých druhů, včetně ptáků jako je ikonický novozélandský moa Dinornis robustus. V případě takto gigantických ptáků by pro vývoj zárodků a vylíhnutí mláďat potřebovali umělé vejce, které už teď mají k dispozici. Kdy se asi dočkáme ptáka moa?

A new variant of the 'SHub' macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor. [...]

A Linux system can be changed without immediately looking broken. A service still starts. Users still log in. The application still responds. Then an administrator finds that an SSH setting was changed, a firewall rule file has different permissions, or a systemd unit appeared in a directory where nothing new was expected.

New flaw leads to denial-of-service on affected NGINX configurations. If ASLR is disabled, it may become a remote code execution. 

“Something didn’t go as planned. Undoing changes.” That’s all the clue some Windows 11 users will get when Microsoft’s May Security Update fails to install because of insufficient free space on the EFI System Partition (ESP), leaving their systems unprotected by the dozens of patches it contained.

This issue affects devices with limited free space available — typically 10MB or less — on the ESP. “On affected devices, the installation might proceed through the initial phases but fail during the reboot phase at approximately 35-36% completion,” Microsoft said in an advisory. It recommended changing a Windows registry setting to force the update, or to roll back changes and wait for a future update to fix the problem.

Consultants said it was a potentially serious issue given the unexpected exposure and the time the destined-to-fail patch takes to fail to install.

This is the kind of failure that keeps IT leaders up at night, said cybersecurity consultant Brian Levine, who serves as executive director of FormerGov. “When a security update cannot install because the operating system misjudges the state of its own boot partition, the problem isn’t only storage. The real problem is trust in the update process,” he said. “This is a basic hygiene failure dressed up as a technical issue. An update that cannot reliably detect available space on the EFI System Partition is not a small miss. It is a reminder that even mature platforms still struggle with dependency awareness and pre-flight validation.”

Eric Grenier, senior director analyst at Gartner, recommended increasing the size of the disk partition to 1.5GB so that the update can go ahead. “This should not hamper business needs in terms of the size of usable space for an end user”, he said, adding that it will also enable updating of the Windows Recovery Environment. He warned that Microsoft’s own recommendation could lead to trouble. “I would recommend that if an organization wanted to use the modified registry fix that they not only backup the registry beforehand but also test it on some pilot devices before rolling out to the rest of the environment and even then, I would do a slow phased rollout to be sure nothing breaks,” he said. “This type of fix in a production environment should be done with extreme caution because if done incorrectly, fixes will require hands on the keyboard.”

Ishraq Khan, CEO of coding productivity tool vendor Kodezi, says there is a blame on both IT teams and Microsoft.

“Most IT teams reasonably assume that if Windows Update passes its prechecks and starts installation, Microsoft has already validated the system state well enough to avoid a reboot-stage failure. If ESP space is critical to the update succeeding, the updater should have detected and blocked that condition earlier with a clear remediation message,” Khan said. “So while IT environments may contribute to partition pressure over time, Microsoft still owns the orchestration and validation logic that allowed the update to proceed.”

Khan added that this can become a very expensive enterprise IT headache. “That is a design problem for enterprise IT because failure during reboot is much more disruptive than blocking the update before installation begins. From a software maintenance perspective, this is exactly the kind of edge case that becomes expensive at enterprise scale. A small partition constraint on a subset of machines can turn into help desk tickets, rollback cycles, delayed patching, and security exposure.”

David Neuman, COO of consulting firm Acceligence, agreed that this is a substantial IT headache.

“The update appears to pass the early phases but then fails during the reboot phase, which means IT may not find out until the endpoint has already burned through the maintenance window time and rolled back. In an enterprise, it becomes a fleet hygiene problem rather than a one-off help desk problem,” he said. “Affected endpoints may remain unpatched while IT burns time diagnosing a failure that should have been explained earlier. The bigger lesson is that boot, recovery, and firmware-adjacent partitions are now part of patch-management hygiene. Mature IT teams should add ESP size and free-space checks to endpoint health reporting, update gold images so new deployments have adequate ESP capacity and treat boot-partition cleanup or resizing as lifecycle engineering rather than break-fix scripting.”

Microsoft said that it had resolved the issue automatically for consumer devices and non-managed business devices, but that leaves enterprises managing their own devices to sort things out for themselves. “We recommend IT administrators follow guidance within the known issues documentation, to mitigate this issue and re-deploy the latest May Security Updates to be protected,” a Microsoft representative said via email. The company plans to update documentation when it has resolved the problem.

This article first appeared on CSO.

Many employees already use shadow AI tools at work without security review. Adaptive Security breaks down how teams can build practical AI governance without adding friction for employees. [...]

The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend. [...]

INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects. The initiative involved the efforts of 13 countries from the region, aiming to investigate and neutralize malicious infrastructure, arrest perpetrators behind these activities, and prevent future losses. It

INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects. The initiative involved the efforts of 13 countries from the region between October 2025 and February 2026, aiming to investigate and neutralize malicious infrastructure, arrest perpetrators behind these Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Another Linux kernel flaw has handed local unprivileged users a way to peek at files they should never be able to read, including root-only secrets such as SSH keys. The bug affects multiple LTS kernel lines from 5.10 upward, although a fix has already landed – and there is now a proposal for reducing the odds of similar surprises in future. What FOSS analytics vendor Metabase memorably dubbed the strip-mining era of open source security continues. This time, the culprit is CVE-2026-46333, a local kernel vulnerability that lets an unprivileged user read files they should not be able to access, including those normally available only to root. An attacker who already has login access to an affected machine could therefore potentially grab SSH keys, password files, or other confidential credentials, as the KnightLi blog explains. Despite its official designation, a demo exploit on GitHub calls it ssh-keysign-pwn. It is not quite as catchy a name as Copy Fail, or Dirty Frag, or indeed Fragnesia, but we feel it is safe to say it hasn't been a good month. According to a report on Linux Stans, it affected LTS kernel versions 5.10, 5.15, 6.1, 6.6, 6.12, 6.18 and 7.0. The good news is that it's already been fixed: Linus himself, in commit 31e62c2, called the fix "ptrace: slightly saner 'get_dumpable()' logic." The issue was reported on the oss-security list on Friday by security consultancy Qualys, as noted on X by grsecurity's Brad Spengler. In the same thread, Altan Baig pointed out that the underlying issue was reported by Jann Horn on the Linux Kernel Mailing List way back in 2020. The problem with tracking security reports, which Penguin Emperor Torvalds described recently, is not new, alas. ModuleJail This also seems like a good time to look at what we thought was an interesting new defensive measure, Jasper Nuyens' ModuleJail. The top line of the README summarizes it: The mention of "no AI inside the tool" is arguably something of a giveaway, and you can see a CLAUDE.md file in the repo. Even so, how it works is simple enough. Although Linux has a monolithic kernel, it is modular. When the kernel's source code is compiled, the person or tool building it can choose if each individual component is included (built into the binary), not included at all, or compiled as a module, which can be loaded on the fly as and when it's needed. Since the kernel is mostly device drivers, it's normal for distribution vendors to compile most non-essential components as kernel modules – as the Arch wiki explains. Blacklisting a module just means adding its name to a list of modules not to load. Blacklisting unused modules for added security isn't a new idea. It's in the RHEL 6 documentation, for instance, and a DoHost blog post from last year describes it as a security measure. ModuleJail simply automates the process. It blacklists any modules not currently in use. Probably safe for a server, but rather less ideal for a laptop or machine where you need to plug in new hardware on the fly. Connecting a USB headset, say, is quite different from plugging one into a headphone socket. While a device with a jack plug uses your existing sound controller, by connecting a USB one, you're effectively adding a new sound controller – just one that happens to be connected over USB. ModuleJail mentions that its approach avoids changing the initramfs. An initramfs, like an initrd, is a file containing a temporary RAM disk, so that a generic kernel can find and load the drivers it needs for the particular box it's running on – even before it can find the machine's SSD and mount the root partition. Back in the 1990s, as grumpy old graybeards such as this vulture recall, recompiling your kernel was a standard part of periodic system maintenance. One benefit of building the kernel customized for your own computer was eliminating the need for an initramfs. If all the drivers are built in, there's no need for this temporary stage, although as the ArchWiki notes, this does limit some advanced features, which, for instance, systemd uses. We would love to see some of the systemd-free distros incorporate such automatic ModuleJail-style identification of essential modules, and use it to build a custom kernel on the fly, then banish the use of initramfs. (Maybe just keep the all-options-enabled installation kernel around as an emergency fallback.) Aside from a few special cases such as OpenZFS, this should work on most hardware – and make life simpler, quicker, and perhaps slightly more secure. ®

Inspirace iPhonem je znatelná nejen po vizuální stránce • Líbí se nám kvalitní zpracování i displej s vysokým jasem • Nepříliš silnou disciplínou telefonu je jeho fotoaparát

Google v některých zemích testuje omezení kapacity Gmailu. • Pokud s účtem nepropojíte telefonní číslo, dostanete jen 5 GB. • Po zadání čísla firma zpřístupní standardních 15 GB místa.

Odborníci z Penn State University zkoumají způsob ukládání informací na lepicí pásku. Principiálně by podle nich bylo možné kombinací odlepení a zpětného přilepení dosáhnout uložení informace, kterou opětovným odlepením dokážou přečíst. Výhodou je, že způsob uložení i přečtení je čistě mechanický. Zde o tom referují ve volně dostupném článku. Zajímavé bude sledovat zda se jim v rámci výzkumu podaří prokázat použitelnost i v jiné než čistě akademické oblasti. Mne osobně by zajímalo, zda by například určité (nechtěné) perforace pásky nezlepšily nějaký aspekt v procesu ukládání, čtení, hustoty nebo trvanlivosti uložené informace...

The TanStack team has documented security measures and proposals following a damaging breach last week, including the possibility of making pull requests (PRs) by invitation only - a break from the open-contribution model that defines most open source projects. The attack used code from the Shai-Hulud worm, published by malware outfit TeamPCP, which can extract secrets from memory used by GitHub Actions. It began with a PR that triggered an automatic workflow via TanStack's use of the pull_request_target feature, causing the malicious code to be built and run by a GitHub Action, poisoning a cache used across the entire repository. The TanStack team said that its workflow used a pattern GitHub warns against: pull_request_target id intended for PRs that "do not require dangerous processing, say building or running the content of the PR." Since the attack, TanStack has removed all use of pull_request_target from its continuous integration (CI) pipeline, disabled caches used by pnpm (a Node.js package manager) and GitHub Actions, pinned actions to commit SHA (Secure Hash Algorithm) hashes rather than retargetable tags, and disabled use of text messages for 2-factor authentication. The TanStack repository also now uses a feature of pnpm 11 called minimumReleaseAge, which requires dependencies to have been published for a set period before they can be installed. The idea is that compromised packages are usually detected and removed before that period completes. A more drastic proposal is closing the ability for external contributors to open pull requests at all. "We are absolutely not going closed source," the team said, but it could put in place a mechanism where contributions begin with an issue or discussion, and a PR can be submitted only by invitation. TanStack acknowledged that it would be a radical step to take as "open PRs are part of how a lot of us became maintainers in the first place." It might not be necessary if the repository can be hardened enough that malicious PRs cannot cause damage. It is a debate that maintainers of other open source projects will watch with interest. Supply chain security is a huge issue, but making pull requests invitation-only could hurt projects by deterring contributions. Another aspect of this is the extent to which GitHub itself is to blame. "Cache scoping in GitHub Actions shouldn't silently bridge fork PRs and base-repo branches," said the TanStack team.®

A new study challenges the idea that consciousness is necessary to make sense of language.

Our brains keep on whirling long after we drift off to sleep.

Each night, the hippocampus, a major hub for learning, replays experiences from the previous day and etches them into memory. And even in deep sleep, neurons in sensory regions of the brain spark with activity when they receive new stimuli, like sounds.

This raises a provocative question: How much is consciousness required to make sense of the world around us?

A new study suggests the unconscious brain can handle far more than simple sensory cues. Recording electrical activity from patients under general anesthesia, a team at Baylor College of Medicine and collaborators found the hippocampus continued processing sounds, words, and speech while patients listened to alternating tones and podcast clips.

Groups of neurons shifted their activity depending on the type of word spoken—nouns or verbs, for example—and predicted the next word in sentences.

“Our findings show that the brain is far more active and capable during unconsciousness than previously thought,” study author Sameer Sheth said in a press release. “Even when patients are fully anesthetized, their brains continue to analyze the world around them.”

Scientists have long thought that language processing, a complex computation, relied on awareness. Anesthesia disrupts large-scale communication across the brain, seemingly making complex language processing impossible. But the new findings suggest that even as global brain dynamics break down, some local circuits retain the ability to process sophisticated information—and, at least for storytelling, predict what comes next.

To be clear, it doesn’t mean that participants were secretly awake. Whether the brain retains local processing power during sleep, coma, or other states of unconsciousness is also up for debate.

But “this work pushes us to rethink what it means to be conscious,” said Sheth. “The brain is doing much more behind the scenes than we fully understand.”

Lights Out

We slip into unconsciousness every night. The brain shifts gears.

Compared to when we’re awake and alert, the mind’s activity patterns change dramatically. The hippocampus reactivates neurons involved in recent learning, rapidly replaying their activity patterns to strengthen neural connections. Elsewhere, the brain generates short bursts of electrical activity called sleep spindles, which shut off communication between regions necessary for processing new information from the outside world. These unique electrical signals are crucial for sorting new experiences and integrating them into long-term memory.

The brain is clearly busy during unconsciousness, but it also seems largely sealed off from its surroundings. Over the past two decades, however, scientists have increasingly realized the sleeping brain remains surprisingly alert.

In one study, volunteers repeatedly exposed to unfamiliar sounds during sleep were able to identify them after waking up. In another, participants hearing their own names or angry voices triggered brain activity even in deep sleep, a phenomenon called “sentinel processing.”

Scientists have also recorded directly from the brains of people with epilepsy, who had electrodes implanted to pinpoint the source of seizures. The researchers confirmed that the auditory cortex—the first region involved in processing sound—lit up with activity, but it appeared disconnected with regions responsible for interpreting meaning.

Similar patterns emerged under other states of unconsciousness. After receiving propofol, a common drug used to induce general anesthesia, patients still showed activity in their auditory cortex, but information relay to higher regions involved in cognition seemed to break down.

Or did it?

“The brain has developed such amazing, sophisticated mechanisms for doing all these complex tasks all day long, that it can do some of these things even without us being aware,” Sheth told Nature. They decided to take another look.

Someone’s Home

The team focused on the hippocampus, best known as the brain’s memory center. Linking it to language processing seems like a stretch. But mounting evidence suggest the hub is responsible for far more than memory. It may also help organize information more broadly, from the mapping of physical spaces to watching other unfolding events like language.

It’s still a niche idea, said Sheth. But the hippocampus could play a much broader role in structuring the world around us—even without awareness. “How is the world organized? The hippocampus may be part of that as well,” he said.

To test the idea, the team recruited seven people undergoing epilepsy surgery. While they were under propofol anesthesia, the team inserted tiny probes into the hippocampus. Called Neuropixels, the implants are thinner than a human hair but packed with over a thousand sensors that eavesdrop on the electrical chatter of hundreds of neurons at once.

The team first played repetitive beeps to three participants, occasionally interrupted by random boops at a different pitch. In the beginning, neurons were indifferent to the oddball sounds. But within 10 minutes, their activity levels showed they were getting better at separating the unexpected tones from the normal ones.

“They learned over time to pay more attention to oddball sounds,” even while the person was fully unconscious, said Sheth.

A second test took things further. The team played 10-minute snippets from The Moth Radio Hour, a storytelling podcast featuring speakers from all walks of life, each with distinct intonations, turns of phrases, and accents.

Across the recordings, specific groups of hippocampal neurons responded to different linguistic features. Some were attuned to uncommon words like “cosmos.” Others tracked grammatical structure, responding differently to nouns, verbs, or adjectives.

The neurons also cared about semantic meaning, or the relationships between words. For example, they seemed to recognize that “cat” is conceptually closer to “dog” than an unrelated word like “pen.” The hippocampus also seemed to anticipate upcoming words based on the context of a sentence, with activity patterns similar to those seen in the awake brain.

“We are always making predictions about what we’re about to hear next,” said Sheth. Even under anesthesia, these neurons appeared to keep track of the narrative, indicating a “very sophisticated form of processing of the natural speech that they’re listening to.”

Despite intense neural activity, patients didn’t remember any of the podcast stories upon waking. Still, traces of the experience may have lingered unconsciously. In future studies, the team plans to test for this by exposing unconscious participants to different podcasts then later asking which ones feel familiar. They also want to explore whether the hippocampus processes stories told in unfamiliar languages.

The findings are preliminary, drawn from a small group of people under one type of anesthetic. The sleeping or comatose brain may work differently. But the work could help scientists decipher brain activity in people with severe traumatic brain injuries in a vegetative state. It could also guide the development of implants to rewire damaged neural circuits to other parts of the brain and reboot communication.

“Maybe the most important thing is what can we do about this,” said Sheth. For someone who’s unconscious, “can we bring them back?”

The post The Fully Anesthetized Brain Can Still Track a Podcast appeared first on SingularityHub.

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The pattern is clear. One weak dependency can leak keys. One leaked key can open cloud access. One cloud foothold can become a production

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The pattern is clear. One weak dependency can leak keys. One leaked key can open cloud access. One cloud foothold can become a production Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. [...]