Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Meta’s new architecture helps robots interact in environments they’ve never seen before

Computerworld.com [Hacking News] - 13 Červen, 2025 - 03:23

Thanks largely to AI, robotics has come a long way in a short period of time, but robots continue to struggle in certain scenarios that they haven’t been trained for and need to adjust to.

This week, Meta (Nasdaq:META) said it has overcome some of these major hurdles with its new open-source Video Joint Embedding Predictive Architecture 2 (V-JEPA 2), the first world model trained primarily on video. V-JEPA 2 can predict next actions and respond to environments it hasn’t interacted with before.

“Meta’s recent unveiling of V-JEPA 2 marks a quiet but significant shift in the evolution of AI vision systems, and it’s one enterprise leaders can’t afford to overlook,” said Ankit Chopra, a director at Neo4j. “Built on self-supervised learning and optimized for agentic, low-supervision use, V-JEPA 2 moves beyond the confines of traditional computer vision, introducing a model that is both leaner and more predictive.”

Trained for predictive tasks on more than 1 million hours of video

Meta says V-JEPA 2, the follow-up to its first video-trained model, V-JEPA, released last year, achieves state-of-the-art performance on visual understanding and prediction in physical environments. It can also be used for zero-shot planning, when robots successfully navigate new settings.

The model represents a “genuine step forward,” said Wyatt Mayham, lead AI consultant at Northwest AI Consulting. “The core challenge in robotics has always been operating in unpredictable and unstructured environments,” he said. “V-JEPA 2 is certainly designed to tackle that.”

The 1.2-billion-parameter V-JEPA 2 was trained through self-supervised learning from more than one million hours of video and one million images from a variety of sources.

“This rich visual data helps the model learn a lot about how the world works, including how people interact with objects, how objects move in the physical world, and how objects interact with other objects,” Meta researchers wrote in a blog post.

The model can support foundational tasks like reaching, picking up objects, and placing them in a new location, achieving a 65% to 80% success rate in pick-and-placing objects. It is equipped with motion understanding, can anticipate and predict what action will be performed one second into the future, and excels on video question-answering benchmarks, they wrote.

V-JEPA 2 has two main components: An encoder that processes raw video and outputs embeddings that capture useful semantic information about the world, and a predictor that takes in a video embedding and additional context and outputs predicted embeddings.

“This evolution has far-reaching implications,” said Chopra. “V-JEPA 2 is not just more efficient, it can enable AI systems that understand, adapt, and evolve with operational workflows.”

A step towards ‘advanced machine intelligence’; new benchmarks for model performance

Meta says V-JEPA 2 is the next step toward its goal of achieving “advanced machine intelligence (AMI)” where AI agents can effectively operate in the physical world. According to Meta researchers, these models should be capable of observing the world (including recognizing objects, actions, and motions); predicting how the world will evolve and change if it takes action; and planning sequences of actions that achieve a given goal.

“As we work toward our goal of achieving AMI, it will be important that we have AI systems that can learn about the world as humans do, plan how to execute unfamiliar tasks, and efficiently adapt to the ever-changing world around us,” Meta researchers wrote.

Meta is also releasing three new benchmarks to evaluate how well models can use video to reason about the physical world. These include IntPhys 2, which measures models’ ability to distinguish between physically plausible and implausible “physics breaking” scenarios, minimal Video Pairs (MVPBench), which tests models’ physical understanding abilities through multiple choice questions, and CausalVQA, which measures models’ ability to answer questions related to physical cause-and-effect.

Potential use cases in enterprise

Neo4J’s Chopra pointed out that current models rely on labeled data and “explicit visual features”. V-JEPA 2, on the other hand, focuses on inferring missing information in the latent space, “in essence capturing abstract relationships and learning from context rather than pixel-perfect details.”

This means it can reliably function in unpredictable environments where data is sparse, making it particularly well-suited for use cases including manufacturing automation, surveillance analytics, in-building logistics, or robotics, said Chopra. Other use cases could include autonomous equipment monitoring, predictive maintenance, and low-light inspections. Meta’s own data center operations could serve as an initial testing ground. And, over time, it could power more advanced scenarios such as autonomous vehicles performing self-diagnostics and initiating robotic repairs.

Ultimately, Chopra said, V-JEPA 2 marks a shift from passive perception to active decision-making, and a new phase of automation where “AI doesn’t just see, but acts.”

“For decision-makers tasked with modernizing industrial systems, reducing maintenance costs, or scaling automation without constant retraining, V-JEPA 2 introduces a new playbook,” he said. “It opens the door to self-learning systems that can operate in low-visibility environments or dynamically respond to changing inputs, arming critical capabilities for sectors like logistics, infrastructure, and defense.”

Still, said Northwest AI Consulting’s Mayham, there has been a lot of hype about robots, but many have only performed well in controlled settings. AI did boost adaptability, and V-JEPA 2 allows bots to think before they act, but it remains to be seen how well it will do with edge use cases.

“It genuinely does seem like real progress,” said Mayham. “But models often disappoint once you deploy them outside the lab.”

But this is a fast-moving area, he noted, and companies building autonomous systems for manufacturing, in delivery, or surveillance should ultimately bet on adaptable AI. “Enterprises should closely monitor and start plotting partnerships now,” Mayham said.

More Meta news:

>

>
Kategorie: Hacking & Security

Trend Micro fixes critical vulnerabilities in multiple products

Bleeping Computer - 12 Červen, 2025 - 21:31
Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. [...]
Kategorie: Hacking & Security

Google Cloud and Cloudflare hit by widespread service outages

Bleeping Computer - 12 Červen, 2025 - 21:04
Google Cloud and Cloudflare are investigating ongoing outages impacting access to sites and various services across multiple regions. [...]
Kategorie: Hacking & Security

WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network

The Hacker News - 12 Červen, 2025 - 19:47
The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help TDS and Disposable TDS, indicating that the sophisticated cybercriminal operation is a sprawling enterprise of its own that's designed to distribute malicious content. "VexTrio is a group of malicious adtech companies that distribute scams and harmful software via Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Graphite spyware used in Apple iOS zero-click attacks on journalists

Bleeping Computer - 12 Červen, 2025 - 19:42
Forensic investigation has confirmed the use of Paragon's Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. [...]
Kategorie: Hacking & Security

WWDC: For developers, Apple’s tools get a lot better for AI

Computerworld.com [Hacking News] - 12 Červen, 2025 - 18:51

Apple announced one important — and immediate — upgrade at WWDC this week, the introduction of support for third-party large language models (LLM), such as ChatGPT from within Xcode. It’s a big step that should benefit developers, accelerating app development.

“Developers play a vital role in shaping the experiences customers love across Apple platforms,” said Susan Prescott, Apple’s vice president of Worldwide Developer Relations. “With access to the on-device Apple Intelligence foundation model and new intelligence features in Xcode 26, we’re empowering developers to build richer, more intuitive apps for users everywhere.”

Xcode 26: GenAI inside

Apple explains that as of now, the LLM integration means developers can connect models directly into their coding workflow to write code, tests, and andocumentation; iterate on a design; fix errors; and more. 

[ Related: Apple WWDC 2025: News and analysis ]

ChatGPT support is built-in, and developers can use API keys from other providers or run local models on Apple silicon Macs. It is interesting that developers can begin to make use of ChatGPT in Xcode without creating an account, though ChatGPT subscribers do get more from that service.

Used alongside Apple’s new Foundation Models framework, which lets you use Apple AI tools within their apps with just three lines of code, it’s pretty clear that even if Apple Intelligence hasn’t yet met the company’s ambitions for AI, the era of artificial intelligence has certainly arrived on its ecosystem. After all, once developers build with AI, they will inevitably create AI services; the rest is an as-yet-unwritten history to be unveiled one application at a time.

How does the ChatGPT integration work?

When developers are working in Xcode, they will be able to access ChatGPT from within the coding pane. The idea is that a developer simply types a prompt in the pane to get ChatGPT to generate previews, fix coding errors, or create new functions. These tools should optimize code development and mean developers can focus their skills on more complex application development tasks.

There was something missing from Xcode, and that was a tool called Swift Assist. Apple announced that tool, which was intended to help developers write code using AI, at WWDC last year. It possibly reflects some of the failures of Apple’s internal AI development projects that the tool hasn’t yet shipped, and the introduction of support for ChatGPT hints that perhaps it won’t.

In the run up to WWDC, expectations had built that Apple might work with Anthropic to power the AI inside Xcode 26. This hasn’t happened, but perhaps that situation will change once the new ’26-branded Apple operating systems ship this fall. Developers equipped with an Anthropic API key can access the service, however, and it is good the company has chosen not to lock developers into one AI approach.

What the developers are thinking

While it is a little early to say for sure, Apple developers do seem accepting of this integration. One developer very swiftly switched on Xcode 26 to build a fully on-device AI ChatBot that makes use of Apple’s Foundation models, making full use of ChatGPT’s code-complete help when he did. “I leaned on the new code-complete features in Xcode to scaffold the project ridiculously fast. There were bugs, of course, but it significantly sped up the development of boilerplate code,” he wrote.

His work confirmed some positives to Apple’s approach, particularly that developers concerned about code privacy can hook Xcode up to their own internal AI models, including locally hosted ones. Developers curious to use ChatGPT in Xcode must also be running macOS 26 beta, so they may want to wait a while before using this on primary machines.

These new GenAI code-creation features will make a difference to app developers. But Apple also introduced a host of supporting technologies and APIs to unleash machine learning across its ecosystem, including Foundation Models, improved speech-to-text capabilities, improvements to Metal 4, App Intents, and welcome enhancements to the open source library MLX, which helps you train your own LLMs.

There’s an excellent in-depth developer talk explaining some of the latter new features here.

The bottom line? Apple might not have made Siri the smart assistant it wants it to become quite yet, but it has still decisively enriched its offering to enable developers to build AI-informed applications, all while using Apple silicon Macs capable of the best computational performance in the industry. 

It appears reports of the demise of the company might have been somewhat exaggerated.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Kategorie: Hacking & Security

Password-spraying attacks target 80,000 Microsoft Entra ID accounts

Bleeping Computer - 12 Červen, 2025 - 16:40
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. [...]
Kategorie: Hacking & Security

New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes

The Hacker News - 12 Červen, 2025 - 15:52
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model's (LLM) safety and content moderation guardrails with just a single character change. "The TokenBreak attack targets a text classification model's tokenization strategy to induce false negatives, leaving end targets vulnerable to attacks that the implemented Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Microsoft Edge now offers secure password deployment for businesses

Bleeping Computer - 12 Červen, 2025 - 15:20
Microsoft announced that a new Edge feature allowing employees to share passwords more securely in enterprise environments has reached general availability. [...]
Kategorie: Hacking & Security

AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar

The Hacker News - 12 Červen, 2025 - 15:06
AI is changing everything — from how we code, to how we sell, to how we secure. But while most conversations focus on what AI can do, this one focuses on what AI can break — if you’re not paying attention. Behind every AI agent, chatbot, or automation script lies a growing number of non-human identities — API keys, service accounts, OAuth tokens — silently operating in the background. And here’[email protected]
Kategorie: Hacking & Security

First-ever zero-click attack targets Microsoft 365 Copilot

Computerworld.com [Hacking News] - 12 Červen, 2025 - 15:02

Imagine an attack so stealthy it requires no clicks, no downloads, no warning – just an email sitting in your inbox. This is EchoLeak, a critical vulnerability in Microsoft 365 Copilot that lets hackers steal sensitive corporate data without a single action from the victim. 

Discovered by Aim Security, it’s the first documented zero-click attack on an AI agent, exposing the invisible risks lurking in the AI tools we use every day.

Kategorie: Hacking & Security

GitLab patches high severity account takeover, missing auth issues

Bleeping Computer - 12 Červen, 2025 - 14:26
GitLab has released security updates to address multiple vulnerabilities in the company's DevSecOps platform, including ones enabling attackers to take over accounts and inject malicious jobs in future pipelines. [...]
Kategorie: Hacking & Security

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

The Hacker News - 12 Červen, 2025 - 13:11
A novel attack technique named EchoLeak has been characterized as a "zero-click" artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 (M365) Copilot's context sans any user interaction. The critical-rated vulnerability has been assigned the CVE identifier CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Non-Human Identities: How to Address the Expanding Security Risk

The Hacker News - 12 Červen, 2025 - 13:00
Human identities management and control is pretty well done with its set of dedicated tools, frameworks, and best practices. This is a very different world when it comes to Non-human identities also referred to as machine identities. GitGuardian’s end-to-end NHI security platform is here to close the gap. Enterprises are Losing Track of Their Machine Identities Machine identities–service [email protected]
Kategorie: Hacking & Security

Windows 11 24H2 emergency update fixes Easy Anti-Cheat BSOD issue

Bleeping Computer - 12 Červen, 2025 - 12:43
Microsoft has released an emergency Windows 11 24H2 update to address an incompatibility issue triggering restarts with blue screen of death (BSOD) errors on systems with Easy Anti-Cheat. [...]
Kategorie: Hacking & Security

Nvidia, Perplexity to partner with EU and Middle East AI firms to build sovereign LLMs

Computerworld.com [Hacking News] - 12 Červen, 2025 - 12:23

Nvidia and AI search firm Perplexity said they are joining hands with model builders and cloud providers across Europe and the Middle East to refine sovereign large-language models (LLMs) and accelerate enterprise AI uptake in local industries.

Under the deal, model builders and AI consortia from the region will fine-tune their language models with Nvidia’s Nemotron techniques, a move the company says will slash costs and boost accuracy for enterprise tasks, including emerging agentic AI.

Some of the model builders and AI consortia that Nvidia and Perplexity will be working with include Barcelona Supercomputing Center (BSC), Bielik.AI, Dicta, H Company, Domyn, LightOn, the National Academic Infrastructure for Supercomputing in Sweden (NAISS) together with KBLab at the National Library of Sweden, the Slovak Republic, the Technology Innovation Institute (TII), the University College of London, the University of Ljubljana and UTTER.

The models will be trained and run on servers within Europe supplied by Nvidia Cloud Partners through the DGX Cloud Lepton marketplace, Nvidia said in a statement.

“The open, sovereign models will provide a foundation for an integrated regional AI ecosystem that reflects local languages and culture,” Nvidia added. “Europe’s enterprises will be able to run the models on Perplexity, an AI-powered answer engine used to answer over 150 million questions per week.”

Strengthening EU presence

The deal cements Nvidia’s role in Europe’s sovereign-AI drive and expands Perplexity’s regional distribution reach.

“This not only increases model choice for enterprises but also disrupts legacy procurement patterns for GPUs, cloud capacity, and AI infrastructure,” said Sanchit Vir Gogia, chief analyst and CEO at Greyhound Research. “As Nvidia rolls out its AI Factories across Europe, including large-scale H100 and Blackwell GPU clusters, supply will rise, but so will competition for priority access.”

In a separate statement, Nvidia has said it will help build an AI factory in Germany to power industrial AI workloads for European manufacturers.

“For CIOs, the implication is clear: GPU reservation and pricing are no longer background infrastructure but board-level variables,” Gogia added. “Enterprises must now negotiate burst entitlements, reserve tiers, and failover pathways to hedge against partnership-induced resource contention. This alliance may strengthen Europe’s AI sovereignty, but it also intensifies infrastructure nationalism, and buyers must recalibrate accordingly.”

Other analysts said the partnership could further strain Europe’s supply of high-end GPUs.

“This move will likely intensify demand for high-performance compute (HPC) resources across Europe,” said Himanshu Mhatre, senior analyst at Everest Group. “As more organizations train or fine-tune models locally, enterprise access to GPUs, especially H100s and upcoming Blackwell chips, may tighten, causing spot-market pricing to spike and longer lead times for new deployments.”

Managing data compliance concerns  

The agreement >comes amid growing scrutiny of AI firms’ data handling, with the EU’s AI Act set to require general-purpose and high-impact models to disclose how they are trained, fine-tuned, and updated.

Almost 67% of CIOs in France, Germany, and the Nordics carry out quarterly audits of their AI systems to check compliance with the EU AI Act, and 54% of those executives cite “local hosting without upstream transparency” as a regulatory blind spot, according to Greyhound Research.

“Hosting such models in European data centers supports compliance with GDPR and national data sovereignty ambitions but does not absolve vendors of obligations under Articles 13 and 53–55 of the AI Act,” Gogia said. “These require a ‘sufficiently detailed summary ‘ of training data, technical documentation on model risks, and structured record-keeping for public audits.”

CIOs should make vendors disclose where their training data comes from, including synthetic or non-EU sets, explain how the models produce results, and ensure back-end services do not send data outside the bloc, Mhatre said.

Kategorie: Hacking & Security

Surprise! Employers are using AI to interview you

Computerworld.com [Hacking News] - 12 Červen, 2025 - 12:00

One-in-five employers in the US and the U.K. now use generative AI (genAI) tools to interview candidates, according to the results of a TestGorilla survey of 1,084 organizations in the two countries. TestGorilla, an Amsterdam-based pre-employment testing platform company, found that these kinds of hiring tools are no longer experimental, they are embedded in everyday HR and hiring operations.

Twenty-one percent of organizations in the US and 20% of those in the UK use genAI to conduct at least initial interviews with prospective hires, TestGorilla’s State of Skills-Based Hiring 2025 report showed.

Organizations are now refocusing on quality of hiring — and the use of genAI to aid in those efforts, according to TestGorilla and others.

“Right now, AI is mainly a screening tool, not a decision-maker — most commonly for writing job descriptions, screening resumes, and sourcing candidates,” said Wouter Durville, CEO and Co-Founder at TestGorilla.But we’re also seeing a sharp rise in AI-led interviews, with 21% of US employers now using them. That’s a clear sign these tools are moving quickly from the fringes to the mainstream.”

Seven in 10 (70%) of employers use genAI in hiring, but only 38% seek AI-specific skills — that’s down from 52% last year — as they now value human talents such as critical thinking and communication. Fifty-seven percent of US employers have dropped college degree requirements; 74% use skills tests, according to TestGorilla.

Additionally:

  • 60% of employers surveyed say soft skills are more important in 2025 than they were five years ago.
  • 66% say evaluating candidates holistically (including skills, personality, and values) improves hiring outcomes.

Employers who focus on skills-based hiring are more likely to:

  • Hire for AI skills (39% vs. 30%).
  • Upskill for AI (34% vs. 19%).
  • Use AI tools in workflows (53% vs. 40%).
  • Use AI in hiring (70%) and use AI for interviews (20%).

GenAI-based talent acquisition software runs the gamut across different areas of the recruiting landscape, according to Lisa Rowan, a vice president of human capital management research at IDC Research. For example, Beamery offers job recruit marketing software. For applicant tracking, there are software and services providers such as iCIMS, Jobvite, Smartrecruiters, SAP SuccessFactors, Oracle, and Workday. And for data analysis, firms such as Modern Hire, Seekout, Eightfold, and Phenom are among the leaders.

“Employers want people who can think critically, adapt, and collaborate. That’s why more are investing in tools to assess values, behaviors, and soft skills, not just technical ability,” Durville said in a statement. “The best hiring strategies now combine objective data with a holistic view of the candidate—their skills, values, and cultural alignment.”

According to TestGorilla, 82% of US employers report bad hires due to a lack of soft skills or poor cultural fit.

TestGorilla

A report last year from Indeed on data-driven hiring showed that both employers and job seekers support skills-first hiring over more hiring based on traditional degrees.

Job seekers are also increasingly using genAI, though it appears they’re not fooling hiring managers and HR experts. Of those surveyed by TestGorilla, 76% said they’re seeing more AI-generated resumes; 72% find them easy to spot.

Joel Wolfe, president of HiredSupport, a California-based business process outsourcing (BPO) company, said he’s also seeing a lot of easy-to-catch AI-generated resumes and AI used to answer interview questions. “We’re seeing this a lot with our tech hires, and a lot of the sentence structure and overuse of buzzwords is making it super obvious,” Wolfe said.

 HiredSupport has more than 100 corporate clients globally, including companies in the eCommerce, SaaS, healthcare, and fintech sectors.

Wolfe, who weighed in on the topic on LinkedIn, said he’s seeing genAI-enhanced resumes “across all roles and positions, but most obvious in overembellished developer roles.”

Sixty-six percent of US employers now use genAI to help write job descriptions, 61% to screen resumes, and 52% to find candidates, according to TestGorilla.

TestGorilla

On average, the vast majority of the employers who use genAI in the hiring process say it’s brought efficiencies — 97% for US employers and 92% for UK organizations, the data showed. Even so, not all employers use AI; 30% don’t, citing a lack of importance (44%), cost and complexity (32%), and data security risks (30%).

“Of course, AI interviews are still finding their footing. Some companies have reported efficiency gains, while others are working through the quirks of the technology,” Durville said. “But as we add more safeguards, transparency, and human oversight — particularly to prevent bias creeping in — we can expect these tools to mature and become a well-used tool for busy hiring teams.”

As genAI tools automate routine tasks, remaining jobs require higher skills, so 74% of US employers use skills tests beyond resumes, the survey showed.

Another way genAI is being used by employers is to instantly scan thousands of resumes, identify the most-qualified candidates, and match them to open roles based on skills — not just job titles.

Employer skepticism around using the fast-moving technology is fading, with many now reconsidering genAI tools after seeing competitors attract top talent by engaging applicants more effectively from the start, said Cliff Jurkiewicz, vice president of global strategy at HR tech firm Phenom.

“The outcomes of AI are well-researched, proven and backed by science, and are hard to deny that at this point,” Jurkiewicz siad. “The benefit of AI is felt by both employers and applicants, but the biggest benefactors are the candidates. They have been ignored for so long. Today, they have a more engaging, consumer-grade experience to find their next role.”

Anyone even considering genAI use is already ahead of the curve, according to Trey Causey, Indeed’s Head of Responsible AI. “Adopting new AI tools is the name of the game in the talent industry right now. But as many of you can probably attest, the journey to implementation isn’t always seamless.”

For example, in March, HR tech platform provider Remote released an AI-infused hiring tool that has access to 800 million global candidate profiles using natural language and advanced filtering settings. Based on the provided job description — and other factors like candidate motivations, remote work preferences, employment eligibility — Recruit AI surfaces a tailored batch of matching candidate profiles within seconds.

Other companies have turned to genAI for hiring:

  • HR tech firm HireVue uses genAI to screen resumes and prioritize candidates based on job fit and likelihood to succeed in the role.
  • Unilever uses HireVue’s software to conduct AI-powered video interviews, where candidates respond to pre-set questions on camera; the tool then analyzes facial expressions, tone, and language to score responses, leading to a 75% reduction in hiring time and improved diversity metrics, with successful candidates advancing to human interviews.
  • IBM has said its genAI now answers 94% of HR questions, nearly eliminating HR Business Partner roles except for senior leaders. (The company is eyeing cuts to HR staff and a reallocation funds to sales and engineering.)
  • Tech giant Siemens has been integrating AI into its recruitment processes to enhance efficiency and reduce time-to-hire. The company uses AI in its recruitment process to conduct initial interviews and analyze candidate responses for quicker shortlisting.
  • McDonald’s in the US and Australia has been using Paradox’s chatbot “Olivia” to conduct initial interviews via SMS or mobile web, automatically scheduling in-person interviews for candidates who meet basic qualifications, with the goal of speeding up hiring for high-turnover frontline role.
  • Hiring assistant vendor Eightfold AI recently unveiled AI Interview, which conducts real-time, conversational assessments with candidates. The company also released its Digital Twin, which uses a personalized large language model (LLM) to capture each employee’s skills, experiences, and contributions by integrating workplace tools.
  • Tata Communications and Postmates used Eightfold AI to match candidates to roles based on skills and potential, not just experience.

Beyond those efforts, genAI is clearly streamlining hiring — 92% of users say it’s improved their processes — and it’s prompting a shift toward more holistic evaluation, according to Durville. With 76% of US employers spotting AI-generated applications, resumes alone aren’t enough. The trend is clear, he said: “Organizations are using both human judgment and AI to assess skills, motivation, and fit, moving toward a more well-rounded, multi-measure approach.”

Kategorie: Hacking & Security

Fog ransomware attack uses unusual mix of legitimate and open-source tools

Bleeping Computer - 12 Červen, 2025 - 11:45
Fog ransomware hackers are using an uncommon toolset, which includes open-source pentesting utilities and a legitimate employee monitoring software called Syteca. [...]
Kategorie: Hacking & Security

Windows 10 Insider Previews: A guide to the builds

Computerworld.com [Hacking News] - 12 Červen, 2025 - 11:16

Microsoft never sleeps. In addition to its steady releases of major and minor updates to the current version of Windows 10, the company frequently rolls out public preview builds to members of its Windows Insider Program, allowing them to test out — and even help shape — upcoming features.

Although Windows Insiders can choose to receive Windows 11 preview builds in one of four channels — the Canary, Dev, Beta, or Release Preview Channel — Microsoft currently offers Windows 10 Insider previews in the Beta and Release Preview Channels only.

The Release Preview Channel typically doesn’t see action until shortly before a new feature update is rolled out; it’s meant for final testing of an upcoming release and is best for those who want the most stable builds. The Beta Channel previews features that are a little further out.

Below you’ll find information about recent Windows 10 preview builds. For each build, we’ve included the date of its release, which Insider channel it was released to, a summary of what’s in the build, and a link to Microsoft’s announcement about it.

Note: If you’re looking for information about updates being rolled out to all Windows 10 users, not previews for Windows Insiders, see “Windows 10: A guide to the updates.”

Releases for Windows 10 version 22H2 Windows 10 Build 19045.6029 (KB5061087)

Release date: June 12, 2025

Released to: Release Preview Channel

This build adds several new minor features, including ugrading the curl tool to version 8.13.0. Several minor bugs have been fixed as well, including one that caused jump lists to disappear from the Start menu.

(Get more info about Build 19045.6029.

Windows 10 Build 19045.5912 (KB5058481)

Release date: May 15, 2025

Released to: Release Preview Channel

This build adds description text for the weather button on the rich calendar flyout and brings back the clock view that displays seconds. It also fixes several bugs, including one in which some GB18030-2022 characters in plane 2 were not rendered in GDI/GDI+.

(Get more info about Build 19045.5912.)

Windows 10 Build 19045.5794 (KB5055612)

Release date: April 14, 2024

Released to: Release Preview Channel

This build fixes two bugs, one in which the check for GPU paravirtualization was case-sensitive in Windows Subsystem for Linux 2 (WSL2), which potentially caused GPU paravirtualization support to fail, and another in which additions to the Windows Kernel Vulnerable Driver Blocklist (DriverSiPolicy.p7b) blocklisted drivers with security vulnerabilities that have been used in Bring Your Own Vulnerable Driver (BYOVD) attacks.

(Get more info about Build 19045.5794.)

Windows 10 Build 19045.5674 (KB5053643)

Release date: March 13, 2025

Released to: Release Preview Channel

This build fixes a variety of bugs, including one in which thumbnails in File Explorer crashed and caused white pages to appear instead of the actual thumbnail.

(Get more info about Build 19045.5674.)

Windows 10 Build 19045.5552 (KB5052077)

Release date: February 13, 2025

Released to: Release Preview Channel

This build fixes a variety of bugs, including one in which Open Secure Shell (OpenSSH) refused to start, stopping SSH connections.

(Get more info about Build 19045.5552.)

Windows 10 Build 19045.5435 (KB5050081)

Release date: January 17, 2025

Released to: Release Preview Channel

This update introduces a new calendar and the new Outlook app. It also fixes a variety of bugs, including one that depleted virtual memory, causing some apps to fail, and another in which the Capture Service and Snipping Tool stopped responding you pressed Windows key + Shift + S several times while Narrator was on.

(Get more info about Build 19045.5435.)

Windows 10 Build 19045.5194 (KB5046714)

Release date: November 14, 2024

Released to: Beta Channel and Release Preview Channel

For Windows Insiders in the Beta Channel, the recommended section of the Start menu will show some Microsoft Store apps from a small set of curated developers. If you want to turn this off, go to Settings > Personalization > Start. Turn off the toggle for Show suggestions occasionally in Start. Note that this feature is being rolled out gradually.

Windows Insiders in the Beta and Release Preview Channels get several bug fixes, including for a bug in which when you dragged and dropped files from a cloud files provider folder, it might have resulted in a move instead of a copy.

(Get more info about Build 19045.5194.)

Windows 10 Build 19045.5070 (KB5045594)

Release date: October 14, 2024

Released to: Beta and Release Preview Channels

In this build, those in the Beta Channel who have chosen to get features as soon as they are rolled out get new top cards that highlight key hardware specifications of their devices.

Insiders in both the Beta and Release Preview Channels get a new account manager on the Start menu. The new design makes it easy to view your account and access account settings. Those in the Beta and Release Preview Channels also get fixes for a variety of bugs, including one in which a scanner driver failed to install when you used a USB cable to connect to a multifunction printer.

(Get more info about Windows 10 22H2 Build 19045.5070.)

Windows 10 19045.4955 (KB5043131)

Release date: September 16, 2024

Released to: Beta Channel and Release Preview Channel

This build fixes several bugs, including one in which playback of some media could have stopped when you used certain surround sound technology, and another in which Windows Server stopped responding when you used apps like File Explorer and the taskbar.

(Get more info about Windows 10 22H2 Build 19045.4955.)

Windows 10 19045.4842 (KB5041582)

Release date: August 22, 2024

Released to: Beta Channel and Release Preview Channel

This build fixes several bugs, including one in which when a combo box had input focus, a memory leak sometimes occurred when you closed that window, and another in which some Bluetooth apps stopped responding because of a memory leak in a device.

(Get more info about Windows 10 22H2 19045.4842.)

Windows 10 Build 19045.4713 (KB5040525)

Release date: July 11, 2024

Released to: Beta Channel and Release Preview Channel

In this build, Insiders in the Beta Channel get a fix in which they will see a search box on their secondary monitors when the setting for search on the taskbar is set to “Search box.”

Insiders in the Beta Channel and Release Preview Channel get fixes for a variety of bugs, including one in which the TCP send code often causes a system to stop responding during routine tasks, such as file transfers. This issue leads to an extended send loop.

(Get more info about  Windows 10 22H2 19045.4713.)

Windows 10 Build 19045.4593

Release date: June 13, 2024

Released to: Beta Channel and Release Preview Channel

In this build, Insiders in the Beta Channel get bug fixes for Windows Backup. Insiders in both the Beta and Release Preview Channels get a new feature for mobile device management in which when you enroll a device, the MDM client sends more details about the device. The MDM service uses those details to identify the device model and the company that made it.

Insiders in the Beta Channel and Release Preview Channel also get a variety of bug fixes, including for a bug that could have stopped systems from resuming from hibernation after BitLocker was turned on.

(Get more info about  Windows 10 22H2 19045.4593.)

Windows 10 Build 19045.4472 (KB5037849)

Release date: May 20, 2024

Released to: Release Preview ChannelThis build fixes a variety of bugs, including one in which TWAIN drivers stopped responding when you used them in a virtual environment, and another in which the Windows Presentation Foundation (WPF) app stopped responding.

(Get more info about  Windows 10 22H2 19045.4472.)

Windows 10 Build 19045.4353 (KB5036979)

Release date: April 15, 2024

Released to: Release Preview Channel

This build introduces account-related notifications for Microsoft accounts in Settings > Home. A Microsoft account connects Windows to your Microsoft apps. This feature displays notifications across the Start menu and Settings. You can manage your Settings notifications in Settings > Privacy & security > General.

A wide variety of bugs have been fixed, including one in which when your device resumed from Modern Standby you might have gotten the stop error, “0x9f DRIVER_POWER_STATE_FAILURE, and another in which the Windows Local Administrator Password Solution’s (LAPS) Post Authentication Actions (PAA) did not happen at the end of the grace period. Instead, they occurred at restart.

(Get more info about  Windows 10 22H2 Build 19045.4353.)

Windows 10 22H2 Build 19045.4233 (KB5035941)

Release date: March 14, 2024

Released to: Release Preview Channel

This build adds Windows Spotlight, which displays new images as your desktop wallpaper. If you want to know more about an image, click or tap the Learn More button, which takes you to Bing. To turn on this feature, go to Settings > Personalization > Background > Personalize your background and choose Windows spotlight. The update also adds sports, traffic, and finance content to the lock screen. To turn it on, go to Settings > Personalization > Lock screen. Note that these two features will roll out to users gradually.

In addition, in Windows Hello for Business IT admins can now use mobile device management (MDM) to turn off the prompt that appears when users sign in to an Entra-joined machine. To do it, turn on the “DisablePostLogonProvisioning” policy setting. After a user signs in, provisioning is off for Windows 10 and Windows 11 devices.

A wide variety of bugs have been fixed, including one in which some applications that depend on COM+ component had stopped responding. Also fixed was a deadlock issue in CloudAP that occurred when different users signed in and signed out at the same time on virtual machines.

(Get more info about Windows 10 22H2 Build 19045.4233.)

Windows 10 22H2 Build 19045.4116 (KB5034843)

Release date: February 15, 2024

Released to: Release Preview Channel

In this build, using Windows share, you can now directly share URLs to apps like WhatsApp, Gmail, Facebook, and LinkedIn. Sharing to X (formerly Twitter) is coming soon.

The build fixes several bugs, including one in which you weren’t able to use Windows Hello for Business to authenticate to Microsoft Entra ID on certain apps when using Web Access Management (WAM).

(Get more info about  Windows 10 22H2 Build 19045.4116.)

Windows 10 22H2 Build 19045.3992 (KB5034203)

Release date: January 11, 2024

Released to: Release Preview Channel

This update adds eye control system settings. You can back up these settings from the former device while you set up a new device. Then those settings will install automatically on the new device so you can use them when you reach the desktop.

The build fixes a wide variety of bugs, including one in which an MDM service such as Microsoft Intune might not get the right data from BitLocker data-only encryption, and another in which some single-function printers are installed as scanners.

(Get more info about  Windows 10 22H2 Build 19045.3992 (KB5034203).)

Kategorie: Hacking & Security

ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

The Hacker News - 12 Červen, 2025 - 09:42
ConnectWise has disclosed that it's planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due to security concerns. The company said it's doing so "due to concerns raised by a third-party researcher about how ScreenConnect handled certain configuration data in earlier versions.Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Syndikovat obsah