Kategorie

Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That's according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as well as mobile users in Brazil. The Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated directory used by Anthropic's Claude artificial intelligence (AI) tool to handle uploads and outputs in the background. TheRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

Strong Active Directory passwords don't have to come at the expense of usability. Specops Software explains how passphrases, breached password protection, and self-service resets can improve security without frustrating users. [...]

When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a productive employee should do: finding faster ways to work. Across most organizations today, employees are running three to five AI tools on any given day. Most were never reviewed by IT. A significant portion connects [email protected]

The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network. [...]

The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. [...]

CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. "Since at least early 2025, GlassWorm operators have systematically targeted software developers, a Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They drift in disguised as routine activity, hide inside legitimate processes, and quietly accumulate risk long before anyone labels them an "incident." That changes the role of the SOC entirely. [email protected]

Apple has spent billions of dollars to develop satellite connectivity for iPhone; I very much doubt it did so solely to rescue stranded hikers. The company will most certainly have had a bigger prize in its sights when it first began working with GlobalStar (now owned by Amazon).

The most logical reason to invest in satellite coverage for its devices is the most obvious — to provide network infrastructure for new breeds of device and new service models. You don’t acquire access to massive amounts of bandwidth for nothing. And Apple’s steady introduction of new satellite-supported services shows it is interested in introducing these services, even though the offer isn’t extensive enough yet to require iPhone users to pay for access, yet.

The decision not to charge for those satellite services suggests they’re just the thin end of the company’s plans for satellite deployment.

It’s possible the company’s ambitions were limited by GlobalStar’s ability to put satellite constellations in orbit. That work was ongoing last time I looked, and I fully expect existing Apple satellite services will be extended to new nations, even under Amazon’s watch.

Amazon enters the room

Amazon’s recent $11.6 billion acquisition of GlobalStar is interesting. You can see that Apple is now forced to work with its old frenemy, even as both partners already profit from strong, steady Apple hardware sales via the online retailer. So they know they can make money together.

“Apple and Amazon have a long and proven track record of working together through Amazon’s core infrastructure services, and we look forward to building on that collaboration with Amazon Leo,” Greg Joswiak, Apple’s senior vice president of worldwide product marketing, said when the deal was announced. (The transaction isn’t expected to close until next year.)

Making money together is often seen as a strength in business relationships and Amazon has agreed to continue supporting Apple products and to collaborate with Apple on future satellite services.

When it comes to mobile telecoms, Amazon isn’t the only game in town, and neither is Starlink. Cellular operators are inking deals with satellite providers all over the world, all with the intention of bringing network access to those who otherwise can’t get a decent connection.

Just today in the UK, Virgin Media O2 announced plans to switch on the O2 Satellite service for iPhone users tomorrow, enabling customers — particularly in rural areas — to get a satellite connection where traditional cellular coverage is unavailable. It could simply identify new ways to enhance the Find My service.

Orange last year offered its own satellite comms to French customers, while Deutsche Telekom partners with others to provide SMS via satellite in Europe and the US. You’ll find similar alliances in most key territories, including Australia and Japan. The direction of travel exposes an industry embracing satellite as a way to widen existing cellular infrastructure, which makes sense given the relative cost of installing conventional masts in some regions. 

Many ways to crack it

There’s speculation Apple could become a satellite carrier, a move that would put it in competition with carrier partners. But Apple doesn’t need to do to provide satellite communication services to iPhone users, nor would it want to relinquish the symbiotically profitable relationships it’s developed with carriers.

It could, for example provide satellite calling as a hardware feature available with every iPhone across all supported carriers, possibly as an additional service that guarantees customers can get a connection, even in the countryside. It could evangelize the service as being “Private by Design,” and supplement this with data over satellite to support apps, particularly agentic AI apps. 

Combined with the next wave of AI enhancements Apple is expected to deliver for its systems, the combination of an always-on, resilient, private data connection and AI could prove invaluable to many customers. That’s particularly true for enterprise customers seeking global solutions that respect sovereign data, privacy, data retention policy and managed AI services – especially as terrestrial infrastructure becomes an attack target. Such scenarios will only become more widely understood as 6G emerges, with its built-in support for satellite infrastructure.

What will Apple do?

Will Apple move in that direction, or maintain its focus on the consumer markets? Will it decide that rather than deploying its own part-owned satellite constellations as it was with GlobalStar, it is better to work with carrier partners? Will it wait for 6G with its enhanced, standards-based support for satellite communications? 

Those are answers we don’t yet have. But it is quite clear that as satellite communications truly enter the mass market, Apple has put together many of the technical, hardware, software and infrastructure pieces it will need to ensure the iPhone is a peer player in whatever use cases emerge. 

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container images from Gitea deployments without requiring an account, password, or other credentials. The vulnerability, tracked as CVE-2026-27771 (CVSS score: N/A), affects all versions of Gitea prior to 1.26.2Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks. [...]

Google’s shiny new Android 17 update may be on the brink of making its way out into world, but one of the most consequential Android notification upgrades I’ve seen in ages is actually available for anyone, on any device, this instant.

It’s one of those things you don’t even realize is missing — and awkwardly has been, all this time — until you have it in front of you and see just how helpful and at times even invaluable it is.

And that’s the ability to have any or all of your notifications saved and restored whenever you restart whatever Android device you’re using — so that nothing important gets awkwardly tossed aside, lost, and forgotten, likely without your ever even noticing or being aware of what you’ve missed.

How many potentially important pending alerts have you lost as a result of that reboot trash chute? I couldn’t even begin to count, myself, and am slightly terrified to think of the answer. But with this easy new improvement in place, it’ll never happen again.

And best of all? It’ll take you roughly two minutes, once, to set up and then forget about and just know it’s working on your behalf from that moment forward.

Lemme show ya how.

[Keep the off-the-beaten-path knowledge coming with my free Android Intelligence newsletter — three new things to try every Friday and my Android Notification Power-Pack as a special welcome bonus!]   

Your new Android notification safety net

The secret sauce that makes this sorcery possible comes not from Google itself but from a crafty independent developer who’s been expanding our Android notification smarts for many a moon now.

His app is called BuzzKill. You’ve probably heard me rave about it before, with other noteworthy features and additions it’s introduced over time.

Whether you already have BuzzKill on your device or this is your first time encountering it, though, it’s well worth your while to take note of this new capability that snuck into the app not long ago.

First, a quick primer/refresher on what BuzzKill is, in case you aren’t already familiar: BuzzKill is essentially a way to create Gmail-like filters for your Android notifications. You use it to create simple custom rules for what happens when different types of notifications arrive — in an intuitive “if this, then that”-style form — with all kinds of interesting and advanced options for making your alerts more effective.

The latest addition to the app is an experimental option called, appropriately enough, “Restore after reboot.” And it does exactly what you’d expect: Anytime your device restarts, it automatically swoops in to save any active notifications that fit the parameters you select and then instantly restores ’em back into active status once your phone is back up and running.

Without such a system in place, any notifications that you either hadn’t yet looked at or maybe had glanced at and left pending as a reminder to deal with later would more often than not just vanish entirely — and you’d have no easily visible record of their presence or any real indication that they’d been there at all. That’s a dangerous recipe for forgetting something important, whether it’s an email you intended to engage with, a Slack message you needed to acknowledge, or even a task of some sort that had popped up for you to ponder.

The beauty of the BuzzKill approach to fixing this is that it really is a “set it and forget it” sort of system: You just create whatever rule you want now, get it up and running, and then rest easy knowing it’ll always find and restore any active notifications anytime your device restarts — as Android itself should but for whatever reason does not.

2 minutes to auto-restored Android notifications

All right — here are the specific steps to getting your new notification safety net in place:

• First, go download BuzzKill from the Play Store, if you don’t already have it.
  • The app costs four bucks as a one-time purchase, which — believe me — is nothing compared to the ongoing value it’ll give you with this and its many other notification-enhancing possibilities.
  • It doesn’t require any unusual permissions, doesn’t collect any form of data from your phone, and doesn’t have any manner of access to the internet — meaning it’d have no way of sharing your information even if it wanted to. 
• Once you’ve gone through the app’s initial setup and made your way to its main screen, tap on the circular button in the lower-right corner of the screen to create a new rule.
• On the screen that comes up next, consider which specific sorts of notifications you want to have restored whenever your device restarts.
  • You could always start with any and all notifications and then go back in to refine and limit the rule more once you see how it works. You might eventually want to ask it to avoid restoring alerts from certain low-priority apps — like, say, Google Photos — so that it doesn’t bother bringing back stuff that you don’t actually need.
  • If/when you want to create any such restrictions, tap the text that says “any app” to change which apps will be included and/or tap the text that says “contains anything” if you want to restrict based on what specific text a notification does or doesn’t include.
  • If you don’t want to create any limitations and just want all of your active notifications to be restored, at least to start, leave those lines alone and mosey on down to our next step.

BuzzKill’s simple “if this, then that” formatting gives you lots of flexibility with how and when your rule works.

JR Raphael, Foundry

• Tap the line that says “do nothing” and scroll down to find the “Restore after reboot” option. It’ll be toward the bottom of the list, within the “System actions” section.

The “Restore after reboot” action is described as experimental, but it seems to work quite well in my experience so far.

JR Raphael, Foundry

• Tap that, then tap “Pick action” to confirm.
• And last but not least, tap “Save rule” to, y’know, save your rule and set it into action.

The BuzzKill notification restoration equation, in its simplest possible form.

JR Raphael, Foundry

You should then see the rule showing up as active and running on the main BuzzKill screen.

Notification restoration — active and ready to spring into action whenever your phone restarts.

JR Raphael, Foundry

And that really is all there is to it: Whenever your phone next restarts, any notifications that were visible and active at the time of the restart should just show back up via BuzzKill as soon as things boot back up. If you want to get fancy, you could even make certain especially important notifications “sticky” in general, so that if you inadvertently swipe ’em away while your phone is running normally, they’ll automatically come right back even in that scenario.

It’s not the flashiest feature you’ll see this year, and it doesn’t have any whizbang AI shenanigans to make it seem headline-worthy by current-day standards. But it will work and quite possibly be one of the most practical, actually helpful additions you make to your phone all year — even if and arguably especially if you only think about it once in a great while, when you notice it working its magic and saving you from losing something significant.

Discover even more life-enhancing Android treasures with my free Android Intelligence newsletter — three new things to try every Friday and my free Android Notification Power-Pack today.

The Dutch National Police arrested a 35-year-old man suspected of hacking the professional football club Ajax Amsterdam (AFC Ajax) earlier this year. [...]

Na kyberkriminálním fóru se objevila nabídka k prodeji databáze s údaji 340 milionů uživatelů a tvůrců platformy OnlyFans. Útočníci si za ni účtují 0,313 bitcoinu (aktuálně cca 1,6 milionu korun). Společnost Fenix International, která platformu provozuje, však narušení svých interních systémů ...

Microsoft has released the KB5089573 preview cumulative update for Windows 11 versions 25H2 and 24H2, which comes with 30 changes, including performance and reliability improvements. [...]

Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. "This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations," Microsoft Defender Experts and the Microsoft Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Tech companies seem to be falling over each other these days in firing people to either replace them with AI or to pay to build AI infrastructure. Wouldn’t it be nice if they at least waited until AI actually worked for business?

On the one hand, top tech businesses such as Amazon, Block, Cisco, Cloudflare, and Meta have all announced that they’re slashing payrolls — either because AI can do the same work as people or they need the cash to build out their AI infrastructure. Isn’t that great? All together, of the 37,638 tech job cuts so far this year, 47.9% — almost half —  can be tracked back to AI. 

On the other hand, despite all the AI hype and hysteria, no one has yet proven that AI is, generally speaking, really all that helpful for businesses. Oh, I know, I know. You did great things with OpenClaw vibe programming. Microsoft’s CEO, Satya Nadella, claims 20% to 30% of the company’s code was written by AI. And Nvidia assures us that 88% of its surveyed customers report AI has increased their revenues. 

But really, what else would they say? “Dear Board, we just blew half a billion bucks on Nvidia GPUs, and we’re losing money hand over fist?” I don’t think so.

The truth is, as an IDC study reports, a mind-boggling 88% of proof-of-concept AI projects never reach production. Lest we forget, MIT’s The GenAI Divide: State of AI in Business 2025 study found that 95% of AI projects fail to deliver measurable P&L impact. 

Now, I have to acknowledge that AI is finally becoming truly helpful in business. As a guy who knows a thing or two about programming, Linus Torvalds, creator of Linux and Git, said at Open Source Summit North America, “I’m personally 100% convinced that AI is changing programming.” He estimates that “AI will increase your productivity by a factor of 10.” 

But is that reason enough to slash make workforce cuts of between 10% to 40%? (Short answer: No. Longer answer: Noooo!)

It’s not just the mass firings. Workers who are either awaiting the axe, or have escaped it for the moment, are miserable. As one Meta employee told The San Francisco Standard, “I tend to cry in the shower,” and, “A lot of my feelings about my job are about the general chaos and not just the layoffs. ” 

So, explain this to me: When everyone knows AI-driven layoffs are coming, exactly how well do you expect them to work? You really think they can give their best? 

Making matters worse, it’s an open secret that IBM, Google, and Meta are having their employees train their AI replacements. As a popular meme puts it, workers are now “building your own coffin.” Is it any wonder that a lot of people — 29% of all employees and 44% among Gen Z workers —  are deliberately sabotaging work when the boss insists they train their AI replacements?

It also sure doesn’t help office morale when the CEO keeps saying AI will replace half of all employees. A particularly egregious example of this was when Standard Chartered CEO Bill Winters proclaimed his bank would slash thousands of jobs and replace “lower-value human capital” with AI.  

He’s since backed off the claim, but come on — we all know he meant it. Just like all the other CEOs who’ve said similar things, between FOMO and the knowledge that AI job news is sure to make the stock price jump, they’re eager to cut headcounts and boast about how successful AI will make them. 

What happens a few quarters down the road? Their attitude today seems to be let  tomorrow take care of tomorrow. I hate to tell them, but that really doesn’t work in the long run. (Not, mind you, that a future much farther ahead than the next quarter seems to matter much anymore to business executives.)

It should. As a recent Deloitte study stated: “Most respondents reported achieving satisfactory ROI on a typical AI use case within two to four years. This is significantly longer than the typical payback period of 7seven to 12 months expected for technology investments. Only 6% reported payback in under a year, and even among the most successful projects, just 13% saw returns within 12 months.” 

AI, in short, is not the miracle cure for what ails businesses that its fans claim. 

Will that stop businesses? I doubt it. While I appreciate that California Gov., Gavin Newsom is trying to bandage the AI job bleedout by mandating studies on subsidizing companies to keep employees rather than replace them with AI, I doubt that will do much to staunch the wound. 

At the Open Source Summit North America, Linux Foundation CEO Jim Zemlin was optimistic about AI and jobs. He pointed out that, thanks to AI becoming  “pretty damn good coders,” the number of open-source projects on GitHub has led to a “surge of new code and projects.” 

Zemlin also believes that while few developers will write code, “engineers will still design, review, secure, and integrate that code.” (He’s referring to what’s becoming  known as forward-deployed engineers.) This, in turn, will supposedly lead to tech job growth. 

I’d feel a lot better about that prediction if I believed the C-suite suits at most companies were capable of truly forward-looking thinking rather than focusing entirely on hiking the stock price by making the next quarter look good through staffing cuts. 

In the long run, sure, AI will make us more productive. But, we’re not there yet. For now, companies need to keep employees happy, not shove AI down their throats — and work out carefully and thoughtfully how AI will really work for business. 

If ever there were a lawsuit in which a jury and judge should have ruled against both the accuser and the defendants, Elon Musk’s suit against OpenAI and Microsoft was it. 

The high-profile legal battle pitted the world’s richest man against a company worth more than $3 trillion, another that might soon launch a $1 trillion IPO, and tech execs claiming to have only the good of the world in mind, not mere filthy lucre, while they develop a technology some fear could eventually destroy humankind.

The lawsuit was eventually thrown out, but only on technical grounds. Meanwhile, unregulated AI marches on, with Musk, OpenAI and Microsoft all getting richer.

The only winner in this suit was hypocrisy. Here’s why.

Back to the beginning

To understand how this unfolded, we need to go back to OpenAI’s beginnings. The company was founded by current CEO Sam Altman, Musk and others in 2015 — back when AI was a niche technology, used primarily for image and speech recognition, robotics, and experiments in self-driving cars.

The founders funded OpenAI out of their own pockets as a nonprofit company aimed at developing AI for the good of the world. Then, as the technology evolved, Altman, Musk and others grew worried it might become so powerful that, without serious guardrails, it could pose a danger to humans. They feared what might happen if AI reached the level of a super-powerful artificial general intelligence (AGI) system, superior to humans on a variety of tasks, with general problem-solving skills rather than narrowly targeted ones – and the ability to think for itself rather than heeding humans. 

In an earlier version of Musk’s suit against OpenAI and Microsoft, Musk put their fears this way: “A.G.I. poses a grave threat to humanity — perhaps the greatest existential threat we have today.”

Early on, OpenAI wasn’t on many people’s radar. When Microsoft invested $1 billion in the company in 2019, few outside the tech industry took notice. Between 2021 and 2023 Microsoft invested $2 billion more, still without drawing a lot of attention.

Then in November 2022, OpenAI released ChatGPT, launching the generative AI (genAI) revolution — and all the disruption that has followed since. Eventually, as it became clear how important and valuable genAI technology would become, Microsoft’s investment ballooned to $13 billion.

Nonprofit no more

OpenAI insiders were convinced several years before ChatGPT’s release that the company could become tremendously profitable. With potentially trillions of dollars at stake, in 2017 they started looking for a way to turn the nonprofit operation into a for-profit company.

It was at that point, OpenAI says, that Musk pushed to gain majority equity in the company if it went public, take control of the board, and become CEO. When the other founders balked, Musk withheld funding.

Last year, OpenAI released copies of emails he sent to it during the height of their in-fighting. In one, in February 2018, he lobbied for the creation of a for-profit arm, pointing out that, “a for-profit pivot might create a more sustainable revenue stream over time and would, with the current team, likely bring in a lot of investment.” 

Musk then suggested that OpenAI “attach to Tesla as its cash cow.” When the other founders dismissed the idea, Musk threw a fit and quit the company. OpenAI went ahead and launched a for-profit arm, becoming a hybrid of a for-profit and nonprofit company in 2019.

Years later, in 2024, Musk filed suit, targeting OpenAI, Altman, OpenAI co-founder and president Greg Brockman, and Microsoft — accusing them of “stealing a charity” by creating the for-profit arm of OpenAI, and taking the $13 billion Microsoft investment. He claimed they had all illegally enriched themselves through the profit/nonprofit setup and sought $150 billion in damages. (OpenAI fired back last year with a counter suit.)

It took only two hours for the jury to rule against Musk, though the ruling didn’t address his actual claims. Rather, the suit was thrown out because it had been filed after the statute of limitations had run out.

Cynicism and hypocrisy win out

Everyone in this case was driven by venality. Altman portrayed himself as only wanting to develop AI to help humanity — and as evidence, pointed out he has no equity in OpenAI. What he neglected to add, though, is that he has more than a $2 billion stake in companies that have deals with OpenAI, and stands to gain billions more if those deals grow after any IPO.

Microsoft, meanwhile, has used its investments in OpenAI to become a multi-trillion-dollar company. And if, as expected, OpenAI becomes a trillion-dollar company when it files its IPO later this year, Microsoft’s 27% ownership stake in the company would make it $270 million richer. That’s not a bad payoff for turning a blind eye to the way in which OpenAI performed a bait-and-switch from nonprofit to for-profit company. 

As for Musk…, well, what can you say about someone who claims he wants to save humankind from the evils of AI, while at the same time lobbying for OpenAI to become a for-profit company and milking it like a cash cow? 

He’s shown he’s not only the world’s wealthiest man. He’s also the world’s most hypocritical.