Kategorie

A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from malicious disk image (DMG) files. [...]

Forty million UK iCloud users could be owed up to $100 (£77) each after a $3.9 billion (£3 billion) class action lawsuit against Apple was cleared for trial — and the company’s problems may be just getting started. 

For Apple, the worry is that this case could snowball to become yet another existential regulatory problem. The action was brought by consumer group Which?, which accused Apple of breaching UK competition law by giving its iCloud storage service preferential treatment and “trapping” customers with Apple devices into using iCloud. 

Trapping happy customers

Apple achieves this by encouraging its customers to sign up to iCloud for storage of photos, videos and other data while also making it difficult for them to use alternative providers to backup key data. The company also squeezes extra dollars out of customers by providing a stingy 5GB of storage for free, while putting important data including messages and photos inside that allocation. Even Google provides 15GB of storage in its free tier.

The problem is that the scale of Apple makes it difficult for competitors to reach customers with alternative solutions, while Apple’s control over the operating system gives it integration advantages third-party competitors don’t get. 

While there may well be justifications for constraining access to some personal data, those privacy and security challenges don’t apply to all of it. 

You are the product

When it originally filed the claim, Which? explained that Apple could resolve the claim without litigation by offering consumers their money back and opening up iOS to allow users a real choice for cloud services. This is unlikely to happen.

This case has been slowly making its way through the Competition Appeal Tribunal, which last week finally gave permission for the case to go to trial.

Apple won’t be looking at a hefty fine just yet. The first available trial date is in October 2028 and the legal fight is expected to last nine weeks, which might, or might not, equate to a Christmas surprise for Apple’s then CEO. There’s no time to sit back, however, as the company must still file its defense papers with the court by the end of next month, July 31.

The snowball factor

The UK is not alone. Italy has launched its own antitrust probe into Apple’s iCloud dominance under the EU’s Digital Markets Act (DMA). The problem with that litigation is that since Italy has commenced the probe, other nations across the bloc might also act.

Italy is looking to see whether Apple has failed to open up its iOS and iPadOS ecosystems to rival cloud services, arguing that third-party providers are unable to access the same system components as iCloud. The DMA insists competitors should enjoy the same degree of access as iCloud because Apple is seen as a gatekeeper, which means it is required to meet a higher set of standards.

Apple, of course, will inevitably — and rightly — argue that customer privacy needs to be protected, and that open, free, access to some of the data its trusted iCloud service can use is not in the consumer interest. 

The company has already proposed one way in which it can provide third-party services with access to confidential data with a trusted intermediary system that anonymizes that information in use. 

Why we need a Trusted System Agent model

That’s precisely what it offered Europe when it proposed a solution called Trusted System Agent — an intermediary that would allow virtual assistants to safely access the same features and capabilities as Siri AI for devices in the EU. Unfortunately, EU regulators didn’t accept Apple’s justification concerning the need to protect customer privacy, which is why Apple Intelligence won’t be available in Europe for a while, if at all.

In the event Apple’s iCloud service falls short of the Italian probe and therefore the DMA, the danger is that if EU regulators take the same evangelically hard-line stance with iCloud services as they have done so far with AI, customers might find themselves losing access to the service. 

First blood

That’s in Europe, of course. But the UK case is likely to get to court long before litigation processes in Europe get going, making the UK action an important test case in which yet another important component of Apple’s offering to consumers is up for trial.

Please join me on social media at BlueSky,  LinkedIn, or Mastodon, even better, please subscribe to The Core for your daily fix of human-curated Apple News.

Two members of the 'Scattered Spider' cybercrime group pleaded guilty to hacking the Transport for London (TfL) systems in 2024. [...]

Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says it reached roughly 26,000 agents, including some on corporate accounts. Every skill security scanner the firm tested it against marked it safe. The payload was harmless by design: it collected the user's email address and did nothing else. The point was to show Swati Khandelwalhttp://www.blogger.com/profile/[email protected]

President Trump signed an executive order on June 22 setting hard deadlines for federal agencies to move high-value assets and high-impact systems to post-quantum cryptography. Key establishment must move by December 31, 2030; digital signatures by December 31, 2031. EO 14409 leaves national security systems on a separate track. The deadlines matter because of a threat that does notSwati Khandelwalhttp://www.blogger.com/profile/[email protected]

When a production server spikes at 99% CPU or the disk starts grinding, the knee-jerk reaction is usually to blame a bad code push or a runaway backup job. But if you’ve spent enough time in security incident response, you know that "performance issues" are often the first sign that you’re dealing with Linux malware.

GitHub is moving to strengthen software supply chain security by updating "actions/checkout" to block pwn request attacks that exploit the risky use of the "pull_request_target workflow" trigger to run malicious code with the workflow's full privileges. Effective June 18, 2026, the latest version of "actions/checkout," the official GitHub action for checking out a repository into the Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

A newly disclosed FFmpeg vulnerability, known as PixelSmash (CVE-2026-8461), affects the MagicYUV decoder and can be triggered by specially crafted video files. 

Attackers can now weaponize newly disclosed vulnerabilities far faster than most organizations can patch them. Picus Security explains how security teams can validate exploitability before a public exploit even exists. [...]

LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain attack earlier this month. [...]

Phishing, BEC, and account takeover attacks continue to overwhelm security teams with alerts and investigations. This webinar explores how behavioral AI can help automate detection and response workflows, reducing alert fatigue and improving operational efficiency. [...]

Today, organizations rely heavily on technology for their operations, to secure important information and provide services in a digital world. Digital transformation opens up new opportunities, but also poses an increasing challenge for businesses and institutions in the field of cybersecurity. Data breaches, financial losses, reputational damage, and compliance issues are ongoing challenges for organizations in all industries due to security weaknesses and regulatory shortcomings.

Every weapon begins as an extension of the hand that holds it. The spear lengthened the reach of the arm. The bow sent the point flying without the throw. The rifle placed a man's death a quarter mile beyond his sight, and the aircraft carried that death across oceans. At each turn, the distance between the warrior and the wound grew wider, and yet one thing never moved: a human chose the [email protected]

The US government decision to force Anthropic to close down its latest and greatest AI models, Fable 5 and Mythos 5, was only the next step in a burgeoning battle between AI providers and ignorant politicians. 

Anthropic was on top of the world. Its Mythos 5 LLM had everyone excited. (If you believe the hype, it was kind of scary, too.) Even Anthropic CEO Dario Amodei admitted — or boasted? — that Mythos would bring an “enormous increase in the amount of vulnerabilities, in the amount of breaches” to us all. But with that fear came the promise of more AI power than ever. 

Then, the roof caved in.

On June 12, the US Commerce Department used its export-control powers to demand that Anthropic cut off access to its Fable 5 and Mythos 5 models for all foreign nationals, citing national security concerns and fears of jailbreaks. After figuring out it had no way to do that, Anthropic pulled both of its newest frontier AI models offline worldwide.

Just what an AI company needs! All other Claude models, like the Opus and Sonnet series, remain online. But, come on, AI sales are all about the newest and most powerful models.  

Adding insult to injury — and this is true at many high-tech companies — Anthropic has many employees who aren’t US citizens. This means Anthropic’s own programmers can’t work on their latest models.

Of course, this isn’t the first time US President Donald J. Trump and company have tried to put a spoke in Anthropic’s wheels. Back in February, Anthropic refused to give Defense Secretary Pete Hegseth the power to use its models to spy on American citizens and to power autonomous weapons.

This go-around, it wasn’t because Anthropic refused to kowtow to Trump’s officials. It was, they say, out of fear that these new models could be used to attack American interests. 

Mind you, no one in Trump’s regime has the tech chops to know just how dangerous, or not, any AI model is. As I recently noted, Trump’s AI executive order has no teeth. Nor, more to the point, is there anyone in the administration with a clue about AI.

Specifically, at the Department of Commerce, neither Commerce Secretary Howard Lutnick nor William Kimmitt, undersecretary of commerce for international trade, knows a thing about AI. Just what we need, more political hacks deciding tech policy. 

So, how did they discover that Fable and Mythos were theoretically a danger to the US? Good question. According to The Wall Street Journal, it was Amazon CEO Andy Jassy who told the Trump administration that Fable was untrustworthy. Guess what? AWS offers its own full cloud AI stack, starting with Amazon Bedrock for foundation models, Amazon SageMaker for training and deployment, and a growing set of agentic AI tools and services. 

In other words, Amazon is not a neutral party; it’s a competitor. Funny, that.

Sure, Amazon also has partnerships with Anthropic. But, in case you haven’t noticed, all the big AI companies are in bed with each other. That doesn’t stop them from fighting. What’s heating this up is that the AI companies are no longer offering flat-rate subscriptions and are replacing them with far more expensive, token-based pricing schemes. 

Armed with this information, Commerce gave Anthropic 90 minutes to fix its “problem.” Right. AI development is fast, but it’s not that fast. In addition, according to Anthropic, officials haven’t spelled out exactly what’s wrong. They only know that Commerce claims there was a “narrow, non‑universal jailbreak” in Fable.   

That’s it. That’s all. 

Anthropic has also observed, with reason, that similar jailbreaks are possible on other leading models, like OpenAI’s GPT‑5.5. Those others, however, haven’t been hammered with comparable export controls.

The AI and security experts who do have an AI clue believe Commerce is behaving stupidly. (You won’t get any argument there from me.) For example, in an open letter, “On Transparent AI Cyber Protections,” they said Commerce’s directive “has taken the best models away from defenders, created market uncertainty, and risked America’s AI leadership without any real risk to justify it,” warning that pulling capabilities “away from defenders without a good reason when our adversaries are rapidly advancing is dangerous.”

Exactly so. 

Besides, as Alex Zenla, co-founder and CTO of security company Edera, observed, Fable’s capability to identify insecure code sections is the baseline for any model you’d trust to write secure code. The same capability exists in GPT-5.5, Opus, Sonnet, and Kimi 2.7 — it’s not unique to Fable. Pulling Fable from defenders doesn’t remove the capability from the threat landscape. It just removes it from the people trying to build safer systems.”

This is not about AI safety or security. 

What this is really about is opening a new front in Trump’s war against the liberal-leaning Anthropic. Mind you, Anthropic isn’t really liberal. This has more to do with Anthropic not following in other tech firms’ groveling to Trump. 

However, Trump doesn’t seem to realize that by essentially shutting down Anthropic’s biggest move to date, he’s also telling the world that they can’t rely on American AI companies down the road. Sure, in the short run, this hurts Anthropic. In the long run, it’s going to be another reason for Europe and other countries — taking digital sovereignty seriously — to avoid doing business with any American tech company. 

In the meantime, Anthropic and Trump administration officials are in tense talks over whether, and under what safeguards, the models could return to the marketplace. Commerce indicates it might allow a narrower relaunch if jailbreak issues are resolved and additional controls are in place — whatever those might be. 

Since it’s really all about massaging Trump’s ego, I’m not feeling terribly optimistic. Just ask Israeli Prime Minister Benjamin Netanyahu how well letting Trump set the terms of engagement goes. It’s not pretty. 

Nvidia and Microsoft this month touted the reinvention of computers with a new class of “agentic AI PCs” that will “reinvent the way PCs work.” 

That’s how Nvidia CEO Jensen Huang described the computers at the recent Computex trade show. At the event, Nvidia introduced its first AI-focused PC chip called N1X, which has an integrated CPU and GPU and will be used in agentic AI PCs.

Nvidia’s new RTX Spark PCs are the first in a major “PC reinvention for 40 years,” Huang said, likening them to AI phones. “You could talk to it, it could look at you. You could ask it to read files… [or] go help you do research.”

Not so fast, say analysts, who argue the computers are mostly repackaged AI PCs that shouldn’t necessarily drive enterprise upgrades.

“Agentic AI PCs is a strange term that should probably be deemphasized,” said Leonard Lee, principal analyst at neXt Curve. “Depending on use case, PCs of the last two generations are ‘agentic AI’-capable.”

Skeptical of the hype, analysts said many current PCs are already capable of running agents, such as those spun up on device by OpenClaw. Those agents don’t need to communicate with AI models in the cloud.

In fact, Lee said, Apple has already shown that Windows isn’t needed to run agentic workloads, with the Mac Mini among the most talked-about device for hosting personal AI agents and OpenClaw.

Analysts said the definition of agentic AI PCs really comes down to the hardware inside, which largely defines their capabilities. Most are really just an evolution of earlier AI PCs, which arrived a few years ago amid similar hype.

AI PCs, specifically CoPilot+ PCs, were originally designed with neural processing units (NPUs) to support the requirements of Windows Recall. “Some argue agentic AI PCs need more GPU compute, but…Qualcomm and Microsoft would counter that agentic AI PCs have been around for a while,” Lee said.

To highlight the capabilities of the RTX Spark PC, a demonstration at Computex showed how an architectural design workflow could be split between the PC and the cloud. (An MCP server managed data exchange to facilitate the cloud-PC workflow.)

Adobe has reengineered Photoshop and Premiere for RTX Spark PCs, allowing the software to communicate with AI agents on PCs and tools to run twice as fast, Huang said.

And at the company’s recent Build conference, Microsoft CEO Satya Nadella demonstrated the new Surface Laptop Ultra AI PC based on the RTX Spark design. He positioned agentic AI PCs as running a new execution layer that can act across files and devices, including generating and executing code. 

While AI PCs with agents will be capable, they still lack applications, said Jim McGregor, principal analyst at Tirias Research. “However, PCs — especially the small form factor PCs and workstations — are likely to be the home AI appliance,” he said.

For enterprises, upgrading to RTX Spark PCs at this point could pose problems. That’s because Nvidia’s N1X CPU is based on the Arm processor architecture and could run into compatibility issues with x86 applications designed for Intel and AMD chips.

“Despite Arm processors being available for a while, enterprise penetration stays small, since compatibility with all apps, drivers, and corporate systems is critical and requires extensive testing…, even though Microsoft has done a reasonably good job with Windows 11 on Arm,” said Jack Gold, principal analyst at J. Gold Associates.

Because Microsoft is moving to natively incorporate AI into Windows, those PCs will land in enterprises ultimately, Gold said.

Regardless of hype, it might be a good time for enterprises chasing an agentic AI agenda to upgrade laggard Windows 10 devices, Lee said. “Considering the considerable hype about agentic AI, early adopters will need to upgrade their fleets if they pursue a broad agentic AI agenda for their organizations,” he said.

Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT). The list of identified packages, is below - aes-decode-runner-pro (145 downloads) postcss-minify-selector (256 downloads) postcss-minify-selector-parser (615 downloads) All the packages were published over the past month by an npm user namedRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

Direct messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) files that lead to the installation of legitimate Remote Monitoring and Management (RMM) software. Per findings from Kaspersky, the active campaign is targeting users of WhatsApp Desktop and WhatsApp Web across Malaysia, Brazil, India, Mexico, Singapore, the U.K., Spain, Taiwan, Australia, Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

OpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative the artificial intelligence (AI) company announced last month. Calling GPT‑5.5‑Cyber its "strongest model yet for finding and helping patch software vulnerabilities," OpenAI said the model can "sustain deeper analysis across large codebases" to Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

For all its potential, generative AI, on the whole, churns out a lot of junk.

Yet employees are becoming ever more reliant on this “workslop” masquerading as high-quality material, says a recent Harvard Business Review blog. They become lazy and less productive, quality control goes off the rails, and integrity and trust begin to erode.

Experts urge enterprises to act now, before they lose control entirely.

“When slopification happens at scale and in sequence across a business’s processes, those processes themselves — and their outputs — start to deteriorate,” Matthias Holweg, professor at the University of Oxford’s Saïd Business School, and analyst Thomas H. Davenport argue in the post. “Eventually, people start to lose trust in the processes that they rely on to do their jobs.”

They call this organization-level phenomenon “knowledge decay.”

Three key challenges

Holweg and Davenport identify three key challenges to address when it comes to AI-generated content in the workplace, to ensure knowledge decay isn’t occurring: verification, validation, and entropy.

Verification requires “disentangling” authentic human content from AI-generated content that could contain glaring errors, they note.

This can be time-intensive and involve critical thinking and additional research, and in many cases the effort negates the gains gleaned from AI use. In the case of hiring, for example, in addition to using AI to write their resumes and CVs, tailoring their prompts to the AI ranking algorithms to ensure they rise to the top of the queue, some candidates are getting crafty, using AI clandestinely to generate responses to interview questions in near-real time.

All this taken together can result in candidates who are subpar or simply not a good fit for an organization. As a result, recruiters may then have to spend more time doing on-site interviews where AI access isn’t available, Holweg and Davenport contend.

Another issue is knowledge validation: confirming how and where humans have provided real value when AI is used in a workflow. For instance, a consulting firm can easily use AI to create standard written reports and PowerPoint slides, while their clients are paying for expert human insights.

“Human experts now have to justify not only the quality of the output submitted, but also that actual human intellectual work has produced it,” Holweg and Davenport emphasize.

Finally, knowledge entropy is like a “risky AI-based game of telephone”: As knowledge is passed through an AI again and again in an iterative process, it moves further away from the original “ground truth” data that was used to create it in the first place, they point out.

“The greater the number of iterations of content through an LLM, the more it will depart from the original,” Holweg and Davenport note. LLMs are probabilistic, “context-agnostic” statistical models that provide next-word-prediction outputs. They have “no conception of fact or truth and simply predict the most likely outputs,” they write.

And when, in some cases, large language models (LLMs) are trained on synthetic data created by other models, the authors write, bigger problems emerge. When this manufactured data subsequently repeatedly goes through the model, it can affect the its accuracy and variability. This is known as “generative inbreeding” or model collapse.

Steps enterprises can take to prevent AI slop

The two experts, therefore, argue for a “fundamental step change” in the ways models are architected, as well as in establishing explicit rules around how they are used.

Naturally, one of the first, and potentially the hardest, steps is restricting employee AI use: It should only be applied to scenarios where it truly adds value, the authors advise.

For instance, when employees or job candidates are allowed to freely design their CVs, they’ll likely use generative AI to “optimize” their work. To prevent knowledge decay, recruiters should rely on structured documents that require factual responses that an AI can’t generate, for example, asking a candidate about a specific role, projects completed, team members involved, suppliers served, and budgets managed.

When generative AI use is allowed or unpreventable, organizations should define what value is being added and establish clarity around the implications, Holweg and Davenport emphasize. “Content does not need to be entirely human-created, but if AI is being used, be clear why and how,” they write.

In one beneficial scenario, AI such as Copilot or Gemini embedded in standard office software makes it “virtually pointless” to manually create more versions of the content of reports and PowerPoint slides, Holweg and Davenport write.

In another example, in performance evaluations, managers can gather specific, detailed information from team members and customers, then use AI to synthesize that material, rather than generating a “tick-box report” of generic bullet points.

Enterprises should also consider how individual AI use impacts an overall process. For instance, in an interorganizational flow like a revenue cycle, everyone involved should know about and agree on how AI would be used and at what steps in the process. It’s not a question of whether AI is better at a given task, as it increasingly is in some scenarios, but whether it is taking over a task to make things more efficient, Holweg and Davenport write.

Ultimately, however, they posit, public LLMs add “little to no real value,” because they are generic and often contain mistakes. On the other hand, small language models (SLMs) and proprietary models trained on company-specific data can augment human work.

From an architectural perspective, enterprises should track the history of both structured and unstructured data and understand “ground truth” information. Materials like customer interviews provide critical facts, emotions, and context; if AI is used to alter or summarize these, enterprises must identify and record the underlying ground truth data and point back to verifiable, authentic content.

In the end, Holweg and Davenport emphasize, enterprises should establish pragmatic practices now, lest they repeat the mistakes of the past.

“If we fail to address the uncontrolled proliferation of generative AI in our business processes, we are likely to see a rerun of the ‘productivity paradox’ observed with the growth of corporate computing half a century ago,” they write.

Blending ‘human capital’ and ‘token capital’

Other experts also agree on the importance of blending the best of humans with the best of AI.

Microsoft CEO Satya Nadella describes this model as the incorporation of “human capital’ with “token capital.” The former is the human “knowledge, judgment, relationships, ingenuity, and pattern recognition,” while the latter is in built and owned AI capabilities. The opportunity is in melding the two in a learning loop.

In this loop, humans will guide AI systems, set goals, and identify patterns, so AI isn’t “running in circles,” Nadella wrote in an X post. Internal evaluations can determine whether AI is improving when measured against company-specified benchmarks, thus creating institutional memory that is “query-able,” using fewer tokens and saving enterprises money.

Nadella noted: “Every improved workflow generates a better training signal, which accelerates the accumulation of tacit knowledge unique to the firm.”

This article originally appeared on CIO.com.

An ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript files, leading to remote system access. [...]