Kategorie

A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines. [...]

Email accounts of several Washington Post journalists were compromised in a cyberattack believed to have been carried out by a foreign government. [...]

Kali Linux 2025.2, the second release of the year, is now available for download with 13 new tools and an expanded car hacking toolkit. [...]

Zoomcar Holdings (Zoomcar) has disclosed via an 8-K form filing with the U.S. Securities and Exchange Commission (SEC) a data breach incident impacting 8.4 million users. [...]

Apple stealthily introduced Apple Sparse Image Format (ASIF), a new sparse disk image format for Apple Silicon, at WWDC; among other features, it might also help Macs remain the best PCs on which to run Windows.

That somewhat counter-intuitive claim is because the new format dramatically improves the efficiency with which Apple Silicon Macs run virtual machines (VMs) by boosting read/write performance. ASIF also makes significant improvements to how Macs handle storage for VMs, and is likely to support third-party virtualization tools once it ships.

What is Apple Sparse Image Format (ASIF)?

Set to appear with macOS Tahoe later this year, ASIF lets files transfer more efficiently between hosts or disks, “because their intrinsic structure doesn’t depend on the host file system’s capabilities,” according to Apple’s developer website. “The size the ASIF file takes on the file system is proportional to the actual data stored in the disk image.”

ASIF replaces the currently used format, which occupies the same amount of disk space as the allocated portion of the disk. What this means is that when you allocate 10GB of disk space to a VM you immediately sacrifice 10GB of space, no matter how much data the virtual machine contains; with ASIF, the volume will only occupy as much space as it contains. In other words, you can allocate a large quantity of disk space to enable optimal VM performance but sacrifice only as much actual space as the VM contains. 

“These space-efficient images can be created with the diskutil image command-line tool or the Disk Utility application and are suitable for various uses, including as a backing store for virtual machines storage via the Virtualization framework,” Apple explained.

The company says users should migrate their VM storage images from the existing RAW format to ASIF to benefit from the improved file transfer performance between the host Mac and the disk. 

Faster and highly performant

Eclectic Light was first out the gate with news about Apple’s new tech, publishing a first look alongside test results to show how much faster it is in use than standard sparse imaging technologies it is.

The test results show that ASIF gives Disk images on Apple Silicon devices near-native SSD speeds. That matters whenever you are moving data around, and is particularly important when running Linux or Windows in virtual machines. It means you should experience significant performance benefits, further reinforcing the Mac as the best platform for Windows.

Eclectic Light noted that in some cases an encrypted sparse image (UDSP) stored on the fast SSD of a current Mac might only write files at up to an unimpressive 100 MBps. That report comes with receipts, sharing extensive test data to show that even encrypted ASIF files read and write data far faster than the sparse file formats Macs use today. That’s will mean much more moving forward as on-device encryption becomes even more essential to personal data protection as government mandated back doors are identified and abused.

It’s not just about virtual machines. For general storage, it seems highly probable the new format will also improve the performance of FileVault. That’s because right now encrypted sparse images are used to secure a user’s home directory in FileVault, so better performance and storage management have implications there. (I also speculate that the new format might have implications in how Apple efficiently provides and encrypts future LLM services via Private Cloud Compute.)

Additional WWDC coverage:

• WWDC: For developers, Apple’s tools get a lot better for AI
• Apple’s AI Revolution: Insights from WWDC
• WWDC 2025: What’s new for Apple and the enterprise
• WWDC: What we know so far about Apple’s Liquid Glass UI
• WWDC first look: How Apple is improving its ecosystem.
• Apple WWDC 2025: News and analysis

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Microsoft has shared a workaround for a known issue that causes the classic Outlook email client to crash when opening or starting a new message. [...]

In a bid to deliver secure, compliant generative AI (genAI) to business teams without the need for a cloud service, Uptime Industries last week unveiled Lemony. It’s a turnkey stackable device that comes preloaded with multiple large language models (LLMs) and can serve up to five users per node, connected directly to a PC or to a LAN with no internet connectivity. As business needs expand, multiple nodes can be connected into a cluster, with automatic failover. Lemony says a four-node cluster can support up to 50 users and comes with six pre-loaded genAI models.

IBM is working with the company to deploy its Granite AI models on Lemony nodes. Other available LLMs include Llama-3.1, Llama-3.2, and Mistral. In addition, JetBrains is integrating its coding models and tools into the Lemony node to allow software developers to leverage its intelligent development features. (For maximum performance, each node contains a neural processing unit (NPU), an AI accelerator cluster and a CPU.)

Other pre-loaded functions include retrieval-augmented generation (RAG), and the ability to create AI assistants to help with tasks such as analyzing documents. 

Data is loaded onto a Lemony node in one of three ways, with only a knowledge graph retained, said Uptime CEO and cofounder Sascha Buehrle. “We are uploading, analyzing, indexing, and deleting the data,” he said. 

Users can also connect to their data via an API, with which the data is indexed, or connectors that integrate directly with business applications.

One early customer, Alexander Göbel, legal tech officer at Niederer Kraft Frey AG in Zurich, Switzerland, called setup quick and easy. “You can be up and running with an on-premises solution within minutes rather than within days/weeks,” Göbel said via email. Transferring documents to the device, where they’re indexed for use via RAG, is done by uploading via the Lemony browser.

 “We are currently working on a SharePoint connector to make the process of uploading even simpler, as the latest version of the node provides for a limited API,” Göbel said.

Because the nodes are not connected to the internet, Lemony updates are provided quarterly via individually keyed encrypted USB keys. Each key will only work with its designated node. The update also resets a secure timer to ensure that the user’s subscription is still valid; if not, the node locks, with data fully encrypted.

Lemony offers a two-week free trial, and Uptime says it already has more than 300 customers in Switzerland, Germany, the UK, and the US. Subscriptions start at $499 per month for a single node accessed by up to five users, billed annually; the setup includes the node, software, apps for Windows and Mac, and technical support. 

Cautious optimism

Analysts found the concept appealing, and were cautiously optimistic about the device itself.

“Uptime is tapping into a real need for any regulated industry,” said Matt Kimball, vice president and  principal analyst for Datacenter Compute & Storage at Moor Insights & Strategy. “And in Europe this is most companies. What we effectively have is a genAI appliance. 

“If I am a CIO or an IT professional at a smaller law firm,” Kimball said, “I immediately see the value in this Lemony platform…. I can see Lemony being attractive at the departmental level [at a larger firm] or for an SMB that values/requires data privacy. And the ability to use AI without the need for IT is super interesting.” 

“The on-prem AI edge is an underserved segment,” said Gartner Vice President Analyst Chirag Dekate. “Most genAI infra[structure] today assumes cloud-first. There is an opportunity for localized solutions, especially if latency, cost, or compliance are concerns. If Uptime provides automated [machine learning] ops, energy optimization, and support for open-source models, it might reduce the complexity barrier enough to attract mid-sized enterprises and public sector clients. Global expansion of AI regulations will make ‘keep your AI local’ more attractive in the next two to three years.”

Wyatt Mayham, lead AI consultant at Northwest AI Consulting, agreed. “We work with clients who refuse to put sensitive data in the cloud, even if it’s Azure + OpenAI, which never touches the public web or trains the models,” he said. “Clients often think they want true on-prem, but actually building an on-prem setup with GPUs, model hosting, orchestration, and RAG infrastructure is expensive, high maintenance, and usually way overkill for what they actually need. 

“This actually looks like a solid middle ground,” Mayham said. “It’s not full-scale enterprise infra, but it gives small teams a path to locally run LLMs, stay compliant, and avoid the cloud.”

“We don’t consider Lemony.ai as a replacement for all cloud-based AI systems,” Göbel said. “For ‘commodity data’ with lower confidentiality requirements, a turnkey cloud solution remains to make sense to us (in this case, access to internet information may be required, too). However, we are dealing with a lot of very sensitive and confidential information for which cloud solutions are not options. As a result, depending on the specific use cases, Lemony.ai and cloud-based solutions work very well in tandem.”

Lemony’s success will be influenced by how it’s positioned in the market, Dekate said. ”Uptime’s Lemony AI strategy will be limited if it’s positioned as a general-purpose AI appliance. But if Uptime focuses on narrow verticals with repeatable workloads — like retail, energy, or industrial monitoring — it may gain traction,” he said.

But there are “fundamental challenges in a packaged AI in a box experience (independent of a vendor): Packaging doesn’t solve talent gaps. Just because it’s in a box doesn’t mean it’s plug-and-play for everyone. AI model management, updates, and troubleshooting are still hard. Without model agility, customers may view it as a closed system, limiting experimentation and extensibility. [And] if Uptime isn’t controlling its hardware supply chain or relies on commodity boards, this may be hard to differentiate long-term.”

Kimball sounded a cautionary note: “I will counter with this one thing: if I were still in IT, I am not sure I would be allowing ‘AI appliances’ to populate my network.  If you thought shadow IT was bad with the cloud — holy moly!”

Law enforcement authorities from six countries took down the Archetyp Market, an infamous darknet drug marketplace that has been operating since May 2020. [...]

Despite sizeable tech layoffs over the past two years, a tech talent gap persists — especially for those trained on implementing and using generative artificial intelligence (genAI) tools. Consultancy McKinsey & Co. now projects that demand for AI-skilled workers will outpace supply by two-to-four times, a skills gap likely to continue at least until 2027.

That echoes what consultancy Deloitte wrote in a recent report. It found that corporate leaders continue to rate critical talent shortages as one of their greatest fears, even as job-seekers report despair about their hiring prospects. “And yet neither side seems prepared to address it,” Deloitte said in its report.

A ManpowerGroup survey of 40,413 employers in 42 countries found that 74% of employers still struggle to find skilled talent, with only 16% of execs confident in their tech teams and 60% citing the skill gaps as a key barrier to digital strategies. Along the same lines, Bain & Co. found that 44% of corporate leaders say limited in-house expertise has slowed AI adoption, with demand for AI skills rising 21% annually since 2019 and a shortage of talent lasting another two years.

The good news? Pay for AI skills continues to increase, growing 11% a year since 2019, according to Bain & Co. Workers with AI skills such as prompt engineering command a 56% wage premium (up from 25% last year), suggesting the value they bring, according to PricewaterhouseCoopers (PwC).

PwC said its data “does not show job or wage destruction from AI,” it shows growth across AI-exposed roles — even highly automatable ones. AI is boosting expertise, allowing workers to take on higher-level tasks. according to Joe Atkinson, PwC’s Global chief AI officer.

PricewaterhouseCoopers

“AI is at the forefront of corporate transformation, but without the right talent, businesses will struggle to move from ambition to implementation,” Sarah Elk, head of AI research for Bain & Co.’s Americas group, said in a statement. “Executives see the growing AI talent gap as a major roadblock to innovation, limiting businesses’ ability to scale and compete in an AI-driven world.”

While the gap has always been a challenge, gaining experience is harder than ever with AI taking over various work tasks, remote work weakening apprenticeships, and rising job complexity that require broader skills, Deloitte said.

The AI skills gap is driven by the rapid growth of AI technologies and the increasing demand for adoption across industries, according to Kelly Stratman, Ernst & Young’s global ecosystem relationships enablement leader. “Currently, 50% of enterprises with more than 5,000 employees have adopted AI solutions, and even more are considering doing so. At the same time, job postings requesting AI skills increased by 2000% in 2024 alone.”

By 2030, companies are expected to spend $42 billion a year on genAI projects such as chatbots, agents, research, writing, and summarization tools.

Key AI skills in short supply include prompt engineering, programming, and bias handling. Just as vital are soft skills such as adaptability, critical thinking, and emotional intelligence to ensure responsible, ethical AI use, according to Stratman.

PwC’s new AI Jobs Barometer shows demand for AI skills growing, even as the US job market slows. In response, PwC recently launched two AI tools that offer career development through tailored training and an AI coach that adapts to each employee’s goals and projects.

Bain & Co. projects AI job demand could reach up to more than 1.3 million in the US over the next two years, while the number of skilled workers available is on track to hit less than 645,000 — implying the need to reskill up to 700,000 US workers. “Companies navigating this increasingly competitive hiring landscape need to take action now, upskilling existing teams, expanding hiring strategies, and rethinking ways to attract and retain AI talent,” Bain’s Elk wrote.

The first response to the skills gap is to take an honest assessment of your organization and align AI projects with core business goals, “because really, this isn’t just a question of AI readiness, it’s about digital, data and AI readiness,” tech consultancy Thoughtworks wrote in a new report.

The key takeaways from Thoughtworks’ report:

• Strategic alignment matters: 61% of leaders have a mature tech strategy compared to 19% of late adopters, showing its impact on digital and AI success.
• Continuous improvement is essential: 93% see room for tech ecosystem improvement; 77% of leaders seek major changes.
• Tech leadership boosts ROI: 53% of leaders report positive ROI, outpacing all other groups.

Justin Vianello, CEO of US technology talent training firm SkillStorm, said a shortage of qualified talent — especially in cloud, cybersecurity, and AI — is a bigger barrier to hiring than AI automation replacing jobs. Organizations struggle to find candidates with the right skills, certifications, and clearances, Vianello said, referring to shortages for government agencies.

While AI can boost productivity by handling routine tasks, it can’t replace the strategic roles filled by skilled professionals, Vianello said. To avoid those kinds of issues, agencies — just like companies — need to invest in adaptable, mission-ready teams with continuously updated skills in cloud, cyber, and AI.

The technology, he said, should augment – not replace — human teams, automating repetitive tasks while enhancing strategic work.

Success in high-demand tech careers starts with in-demand certifications, real-world experience, and soft skills. Ultimately, high-performing teams are built through agile, continuous training that evolves with the tech, Vianello said.

“We train teams to use AI platforms like Copilot, Claude and ChatGPT to accelerate productivity,” Vianello said. “But we don’t stop at tools; we build ‘human-in-the-loop’ systems where AI augments decision-making and humans maintain oversight. That’s how you scale trust, performance, and ethics in parallel.”

High-performing teams aren’t born with AI expertise; they’re built through continuous, role-specific, forward-looking education, he said, adding that preparing a workforce for AI is not about “chasing” the next hottest skill. “It’s about building a training engine that adapts as fast as technology evolves,” he said.

Microsoft acknowledged a new issue caused by the June 2025 security updates, causing the DHCP service to freeze on some Windows Server systems. [...]

Navigating the AI talent shortage

The IT layoffs we have seen in 2024 and early 2025 are set to continue as companies look to drive efficiencies with AI, all the while bracing for a recession. This week CIO.com reported on company boards pushing CEOs to replace IT workers with AI. It’s compelling reading.  

That’s the bad news for IT professionals. But our readers wanted to understand where the opportunity lies in all this disruption. Many of them asked Smart Answers where the AI skills gap is – where are the roles going to be? 

The good news is that more than three quarters of employers say they are struggling to find the right tech talent, with roles in AI and Machine Learning most prominently cited as gaps. 

Find out: Where is the AI talent shortage most prominent now?  

Why do CISOs quit?

Staying with the challenge of hiring and retaining IT talent, this week CSO reported that more than half of department heads reporting to CISOs are looking to quit. It’s an irony that only a softening economy is keeping many of them in their jobs.  

But what about the CISOs themselves? Many readers asked Smart Answers why CISOs tend not to stay in their roles for long. Leaning into decades of human reportage our AI answer service surmises that the issues include high stress levels, personal liability and organizational distance from decision-makers. All of which would make us change jobs too.  

Find out: Why is average CISO tenure so short? 

…And why you should stop CISOs quitting

Meanwhile, here’s the problem with all of those CISOs quitting: a good CISO is worth their weight in gold. Or even more valuable than that. 

This week CSO published an article in which David Gee argued that good CISOs have highly specialized knowledge that takes significant time and investment to develop for a secure future. So you need to keep them onboard. They are hard to find.  

But why is that? Smart Answers thinks the issue is escalating cyberattacks and the growing sophistication of security threats, including AI-driven attacks, that is driving up demand. More people, with more skills, required.  

Find out: Why are cybersecurity professionals difficult to hire currently?  

About Smart Answers 

Smart Answers is an AI-based chatbot tool designed to help you discover content, answer questions, and go deep on the topics that matter to you. Each week we send you the three most popular questions asked by our readers, and the answers Smart Answers provides.  

Developed in partnership with Miso.ai, Smart Answers draws only on editorial content from our network of trusted media brands—CIO, Computerworld, CSO, InfoWorld, and Network World—and was trained on questions that a savvy enterprise IT audience would ask. The result is a fast, efficient way for you to get more value from our content. 

ChatGPT's Codex, which is an AI agent that lets you code and delegate programming tasks, is now testing a new feature that lets you choose the best solution. [...]

On June 13, OpenAI began rolling out a new ChatGPT Search update to improve quality as the AI startup challenges Google's dominance. [...]

More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover. [...]

WestJet, Canada's second-largest airline, is investigating a cyberattack that has disrupted access to some internal systems as it responds to the breach. [...]

When Windows 11 was first released, many long-time users felt features they loved had been taken away overnight. Three and a half years later, the same complaints still rise to the top of the Feedback Hub with tens of thousands of votes. [...]

A new malware campaign is exploiting a weakness in Discord's invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan. "Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers," Check Point said in a technical report. "The attackers combined the ClickFix Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Meta is looking to up its weakening AI game with a key talent grab.

Following days of speculation, the social media giant has confirmed that Scale AI’s founder and CEO, Alexandr Wang, is joining Meta to work on its AI efforts.

Meta will invest $14.3 billion in Scale AI as part of the deal, and will have a 49% stake in the AI startup, which specializes in data labeling and model evaluation services. Other key Scale employees will also move over to Meta, while CSO Jason Droege will step in as Scale’s interim CEO.

This move comes as the Mark Zuckerberg-led company goes all-in on building a new research lab focused on “superintelligence,” the next step beyond artificial general intelligence (AGI).

The arrangement also reflects a growing trend in big tech, where industry giants are buying companies without really buying them — what’s increasingly being referred to as “acqui-hiring.” It involves recruiting key personnel from a company, licensing its technology, and selling its products, but leaving it as a private entity.

“This is fundamentally a massive ‘acqui-hire’ play disguised as a strategic investment,” said Wyatt Mayham, lead AI consultant at Northwest AI Consulting. “While Meta gets Scale’s data infrastructure, the real prize is Wang joining Meta to lead their superintelligence lab. At the $14.3 billion price tag, this might be the most expensive individual talent acquisition in tech history.”

Closing gaps with competitors

Meta has struggled to keep up with OpenAI, Anthropic, and other key competitors in the AI race, recently even delaying the launch of its new flagship model, Behemoth, purportedly due to internal concerns about its performance. It has also seen the departure of several of its top researchers.

 “It’s not really a secret at this point that Meta’s Llama 4 models have had significant performance issues,” Mayham said. “Zuck is essentially betting that Wang’s track record building AI infrastructure can solve Meta’s alignment and model quality problems faster than internal development.” And, he added, Scale’s enterprise-grade human feedback loops are exactly what Meta’s Llama models need to compete with ChatGPT and Claude on reliability and task-following.

Data quality, a key focus for Wang, is a big factor in solving those performance problems. He wrote in a note to Scale employees on Thursday, later posted on X (formerly Twitter), that when he founded Scale AI in 2016 amidst some of the early AI breakthroughs, “it was clear even then that data was the lifeblood of AI systems, and that was the inspiration behind starting Scale.”

But despite Meta’s huge investment, Scale AI is underscoring its commitment to sovereignty: “Scale remains an independent leader in AI, committed to providing industry-leading AI solutions and safeguarding customer data,” the company wrote in a blog post. “Scale will continue to partner with leading AI labs, multinational enterprises, and governments to deliver expert data and technology solutions through every phase of AI’s evolution.”

Allowing big tech to side-step notification

But while it’s only just been inked, the high-profile deal is already raising some eyebrows. According to experts, arrangements like these allow tech companies to acquire top talent and key technologies in a side-stepping manner, thus avoiding regulatory notification requirements.

The US Federal Trade Commission (FTC) requires mergers and acquisitions totaling more than $126 million be reported in advance. Licensing deals or the mass hiring-away of a company’s employees don’t have this requirement. This allows companies to move more quickly, as they don’t have to undergo the lengthy federal review process.

Microsoft’s deal with Inflection AI is probably one of the highest-profile examples of the “acqui-hiring” trend. In March 2024, the tech giant paid the startup $650 million in licensing fees and hired much of its team, including co-founders Mustafa Suleyman (now CEO of Microsoft AI) and Karén Simonyan (chief scientist of Microsoft AI).

Similarly, last year Amazon hired more than 50% of Adept AI’s key personnel, including its CEO, to focus on AGI. Google also inked a licensing agreement with Character AI and hired a majority of its founders and researchers.

However, regulators have caught on, with the FTC launching inquiries into both the Microsoft-Inflection and Amazon-Adept deals, and the US Justice Department (DOJ) analyzing Google-Character AI.

Reflecting ‘desperation’ in the AI industry

Meta’s decision to go forward with this arrangement anyway, despite that dicey backdrop, seems to indicate how anxious the company is to keep up in the AI race.

“The most interesting piece of this all is the timing,” said Mayham. “It reflects broader industry desperation. Tech giants are increasingly buying parts of promising AI startups to secure key talent without acquiring full companies, following similar patterns with Microsoft-Inflection and Google-Character AI.”

However, the regulatory risks are “real but nuanced,” he noted. Meta’s acquisition could face scrutiny from antitrust regulators, particularly as the company is involved in an ongoing FTC lawsuit over its Instagram and WhatsApp acquisitions. While the 49% ownership position appears designed to avoid triggering automatic thresholds, US regulatory bodies like the FTC and DOJ can review minority stake acquisitions under the Clayton Antitrust Act if they seem to threaten competition.

Perhaps more importantly, Meta is not considered a leader in AGI development and is trailing OpenAI, Anthropic, and Google, meaning regulators may not consider the deal all that concerning (yet).

All told, the arrangement certainly signals Meta’s recognition that the AI race has shifted from a compute and model size competition to a data quality and alignment battle, Mayham noted.

“I think the [gist] of this is that Zuck’s biggest bet is that talent and data infrastructure matter more than raw compute power in the AI race,” he said. “The regulatory risk is manageable given Meta’s trailing position, but the acqui-hire premium shows how expensive top AI talent has become.”