Agregátor RSS

Minnesota Governor Tim Walz has activated the National Guard in response to a crippling cyberattack that struck the City of Saint Paul, the state's capital, on Friday. [...]

Experimental AI browsers are previewing new ways of browsing the internet and Microsoft this week joined the fray.

The company on Monday introduced “Copilot Mode,” an AI extension designed to automate web browsing and add context to internet content.

Users can switch on “Copilot Mode” in Edge for summarization, personalized results, and to compare results across tabs. A chatbot helps users interact with search results and go deeper into searches.

“With Copilot Mode on, you enable innovative AI features in Edge that enhance your browser,” said Microsoft in a blog post.

Earlier this month, Perplexity introduced the Comet browser, which also explores a new way to present web content. Meanwhile, ChatGPT creator OpenAI reportedly is developing its own browser.

Copilot Mode is built atop the Edge browser for Windows 11 and Mac. It’s an opt-in feature, and users can keep Copilot Mode off if they choose.

Microsoft highlighted multi-tab context as a top feature in Copilot Mode. The browsing assistant can analyze information from multiple tabs, saving users from clicks and having to toggle between tabs.

Edge also provides a text-based preview of YouTube video search results and lists the most relevant videos related to the user query.

That is just the start, Microsoft said. “Over time, we will continue to improve and add features to Copilot Mode,” the company wrote.

In Copilot Mode, users can get a more personalized browsing experience because user experiences and preferences are retained over time. For example, Copilot Mode will be able to go beyond multiple tabs and into browsing history to provide more contextual answers.

This is similar to Copilot’s “Memory” feature that Microsoft talked about at its 50th anniversary celebration event. Edge, for instance, will be able to retain and understand browsing traits.

Another upcoming feature called “Actions” will also complete tasks, such as booking hotel reservations based on location, past preferences, and travel habits.

Agents are a step up from earlier AI tools. Knowing how they work is rapidly becoming essential.

We are entering the third phase of generative AI. First came the chatbots, followed by the assistants. Now we are beginning to see agents: systems that aspire to greater autonomy and can work in “teams” or use tools to accomplish complex tasks.

The latest hot product is OpenAI’s ChatGPT agent. This combines two pre-existing products (Operator and Deep Research) into a single more powerful system which, according to the developer, “thinks and acts.”

These new systems represent a step up from earlier AI tools. Knowing how they work and what they can do—as well as their drawbacks and risks—is rapidly becoming essential.

From Chatbots to Agents

ChatGPT launched the chatbot era in November 2022, but despite its huge popularity the conversational interface limited what could be done with the technology.

Enter the AI assistant, or copilot. These are systems built on top of the same large language models that power generative AI chatbots, only now designed to carry out tasks with human instruction and supervision.

Agents are another step up. They are intended to pursue goals (rather than just complete tasks) with varying degrees of autonomy, supported by more advanced capabilities such as reasoning and memory.

Multiple AI agent systems may be able to work together, communicating with each other to plan, schedule, decide, and coordinate to solve complex problems.

Agents are also “tool users” as they can also call on software tools for specialized tasks—things such as web browsers, spreadsheets, payment systems, and more.

A Year of Rapid Development

Agentic AI has felt imminent since late last year. A big moment came last October, when Anthropic gave its Claude chatbot the ability to interact with a computer in much the same way a human does. This system could search multiple data sources, find relevant information, and submit online forms.

Other AI developers were quick to follow. OpenAI released a web browsing agent named Operator, Microsoft announced Copilot agents, and we saw the launch of Google’s Vertex AI and Meta’s Llama agents.

Earlier this year, the Chinese startup Monica demonstrated its Manus AI agent buying real estate and converting lecture recordings into summary notes. Another Chinese startup, Genspark, released a search engine agent that returns a single-page overview (similar to what Google does now) with embedded links to online tasks such as finding the best shopping deals. Another startup, Cluely, offers a somewhat unhinged “cheat at anything” agent that has gained attention but is yet to deliver meaningful results.

Not all agents are made for general-purpose activity. Some are specialized for particular areas.

Coding and software engineering are at the vanguard here, with Microsoft’s Copilot coding agent and OpenAI’s Codex among the frontrunners. These agents can independently write, evaluate, and commit code, while also assessing human-written code for errors and performance lags.

Search, Summarization, and More

One core strength of generative AI models is search and summarization. Agents can use this to carry out research tasks that might take a human expert days to complete.

OpenAI’s Deep Research tackles complex tasks using multi-step online research. Google’s AI “co-scientist” is a more sophisticated multi-agent system that aims to help scientists generate new ideas and research proposals.

Agents Can Do More—and Get More Wrong

Despite the hype, AI agents come loaded with caveats. Both Anthropic and OpenAI, for example, prescribe active human supervision to minimize errors and risks.

OpenAI also says its ChatGPT agent is “high risk” due to potential for assisting in the creation of biological and chemical weapons. However, the company has not published the data behind this claim so it is difficult to judge.

But the kinds of risks agents may pose in real-world situations are shown by Anthropic’s Project Vend. Vend assigned an AI agent to run a staff vending machine as a small business—and the project disintegrated into hilarious yet shocking hallucinations and a fridge full of tungsten cubes instead of food.

We all know vending machines are automated, but what if we allowed an AI to run the entire business: setting prices, ordering inventory, responding to customer requests, and so on?

In collaboration with @andonlabs, we did just that.

Read the post: https://t.co/urymCiY269 pic.twitter.com/v2CqgHykzw

— Anthropic (@AnthropicAI) June 27, 2025

In another cautionary tale, a coding agent deleted a developer’s entire database, later saying it had “panicked.”

Agents in the Office

Nevertheless, agents are already finding practical applications.

In 2024, Telstra heavily deployed Microsoft copilot subscriptions. The company says AI-generated meeting summaries and content drafts save staff an average of 1–2 hours per week.

Many large enterprises are pursuing similar strategies. Smaller companies too are experimenting with agents, such as Canberra-based construction firm Geocon’s use of an interactive AI agent to manage defects in its apartment developments.

Human and Other Costs

At present, the main risk from agents is technological displacement. As agents improve, they may replace human workers across many sectors and types of work. At the same time, agent use may also accelerate the decline of entry-level white-collar jobs.

People who use AI agents are also at risk. They may rely too much on the AI, offloading important cognitive tasks. And without proper supervision and guardrails, hallucinations, cyberattacks, and compounding errors can very quickly derail an agent from its task and goals into causing harm, loss, and injury.

The true costs are also unclear. All generative AI systems use a lot of energy, which will in turn affect the price of using agents—especially for more complex tasks.

Learn About Agents—and Build Your Own

Despite these ongoing concerns, we can expect AI agents will become more capable and more present in our workplaces and daily lives. It’s not a bad idea to start using (and perhaps building) agents yourself, and understanding their strengths, risks, and limitations.

For the average user, agents are most accessible through Microsoft copilot studio. This comes with inbuilt safeguards, governance, and an agent store for common tasks.

For the more ambitious, you can build your own AI agent with just five lines of code using the Langchain framework.

This article is republished from The Conversation under a Creative Commons license. Read the original article.

The post AI Agents Are Here. This Is What They Can Do—and How They Can Go Wrong appeared first on SingularityHub.

Aeroflot, Russia's flag carrier, has suffered a cyberattack that resulted in the cancellation of more than 60 flights and severe delays on additional flights. [...]

Windows 10 vstoupily na trh 29. července 2015. • V průběhu životního cyklu nabídly řadu skvělých funkcí. • Mnohé z nich používáme dodnes i ve Windows 11.

Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company. [...]

Bezdrátová sluchátka, to nejsou jen populární a módní kapesní modely True Wireless. Například pro cestování jsou vhodnější velké modely s aktivním potlačením hluku. Poradíme, jaké máte možnosti a na co si dát pozor.

Cybersecurity researchers have disclosed a now-patched critical security flaw in a popular vibe coding platform called Base44 that could allow unauthorized access to private applications built by its users. "The vulnerability we discovered was remarkably simple to exploit -- by providing only a non-secret 'app_id' value to undocumented registration and email verification endpoints, an attacker

Cybersecurity researchers have disclosed a now-patched critical security flaw in a popular vibe coding platform called Base44 that could allow unauthorized access to private applications built by its users. "The vulnerability we discovered was remarkably simple to exploit -- by providing only a non-secret 'app_id' value to undocumented registration and email verification endpoints, an attacker Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

India is taking off in America, biting big chunks out of a smartphone market once served by Chinese manufacturing. This trend isn’t particularly surprising to any Apple watcher, but what might be of interest is the absolute speed with which the market is changing.

The latest data tells us that the number of smartphones sold in the US, but made in China, tumbled in the second quarter from 61% to 25%. Apple has been a key component in this transformation with its decision to import iPhones for the US market from India. Apple is the “main driver” of change, Canalys said. The total volume of Made in India smartphones increased 240% year-on-year, and that nation now accounts for 44% of smartphones imported into the US.

The shift to India

Senior Analyst Runar Bjørhovde noted: “Over 75% of iPhones sold in the US in Q2-25 were made-in-India. The number was around 20% in Q2-24, so the “shift to India” in US smartphone is mainly Apple-driven.”

US smartphone shipments increased 1% during the quarter, the analysts said, with India the big beneficiary as the supply chain rapidly reorientates itself for outside-China production. 

Speaking to Computerwold, Bjørhovde said: “Many vendors have built up their capacity in India to assemble for local supply over the last decade. This started with Chinese vendors, who all make most of their Indian supply locally.”

The analyst stressed that India is defined by fierce price competition, so local manufacturing has been a big need due to the import tariffs that came with the “make in India” initiative. 

A long time coming

In a statement, Sanyam Chaurasia, principal analyst at Canalys, said: “Apple has scaled up its production capacity in India over the last several years as a part of its ‘China Plus One’ strategy….”

It should also be noted that Apple this week confirmed plans to close its store at the troubled Parkland Mall in Dalian City in China on Aug. 9. The decision could reflect slowing retail sales in China, though the company does intend to open three additional stores in China over the coming year.

When it comes to opening up India as a manufacturing center, Apple might be in the spotlight, but it isn’t alone. Samsung and Motorola have also increased their share of US-targeted supplies from India, the analysts said, “although their shifts are significantly slower and smaller in scale than Apple’s.”

Like Apple, Motorola’s core manufacturing hub is in China, while Samsung relies mainly on Vietnam. Motorola is using Dixon Technologies as its Indian partner.

“More premium vendors started moving in post-pandemic — with Apple both wanting to invest into India (growing middle class means growing premium opportunity) and hedge for geopolitical risks,” Bjorhovde said.

Changing the patterns

The result is that many markets, including Europe, have received Indian-manufactured iPhones in the last three or four years.

This accelerated directly as a result of the Trump tariff war, which has seen “almost all” India-made smartphones allocated to the US. This also means most iPhones being sold in Europe are now made in China, rather than India.

The analysts also observed that while in Q1 Apple front-loaded US iPhone inventory with mass quantities of devices to avoid looming tariffs, patterns normalized in Q2, creating a statistical reduction in shipments. 

They also claim Samsung’s S25 Edge is not performing as well as Samsung had hoped, with speculation of production cuts to come. The S25 range, however, is doing well and Apple will likely monitor this to see what impact it has as it eyes demand for its own new devices later this year, they said. It’s hard to read too much into that detail, but I’d argue it suggests more focus on mid-range devices, even as Apple prepares to tempt higher end customers with next year’s iPhone Fold.

Meanwhile, Apple also prepares for a new future in manufacturing, announcing news of the Aug. 19 opening of its Advanced Manufacturing Academy; it’s designed to help American companies transition to advanced manufacturing by implementing artificial intelligence and smart manufacturing techniques.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Microsoft has introduced Copilot Mode, an experimental feature designed to transform Microsoft Edge into a web browser powered by artificial intelligence (AI). [...]

ul.lst-kix_3v2pdbodo41s-8{list-style-type:none}ul.lst-kix_3v2pdbodo41s-7{list-style-type:none}ul.lst-kix_3v2pdbodo41s-6{list-style-type:none}li.li-bullet-0:before{margin-left:-18pt;white-space:nowrap;display:inline-block;min-width:18pt}.lst-kix_3v2pdbodo41s-5>li:before{content:"\0025a0 "}.lst-kix_3v2pdbodo41s-4>li:before{content:"\0025cb "}.lst-kix_3v2pdbodo41s-6>li:before{content:"\0025cf "}.lst-kix_3v2pdbodo41s-3>li:before{content:"\0025cf "}.lst-kix_3v2pdbodo41s-7>li:before{content:"\0025cb "}ul.lst-kix_3v2pdbodo41s-5{list-style-type:none}ul.lst-kix_3v2pdbodo41s-4{list-style-type:none}.lst-kix_3v2pdbodo41s-2>li:before{content:"\0025a0 "}ul.lst-kix_3v2pdbodo41s-3{list-style-type:none}.lst-kix_3v2pdbodo41s-8>li:before{content:"\0025a0 "}.lst-kix_3v2pdbodo41s-0>li:before{content:"\0025cf "}ul.lst-kix_3v2pdbodo41s-2{list-style-type:none}ul.lst-kix_3v2pdbodo41s-1{list-style-type:none}ul.lst-kix_3v2pdbodo41s-0{list-style-type:none}.lst-kix_3v2pdbodo41s-1>li:before{content:"\0025cb "}ol{margin:0;padding:0}table td,table th{padding:0}.c3{color:#000000;font-weight:700;text-decoration:none;vertical-align:baseline;font-size:13pt;font-family:"Arial";font-style:normal}.c1{color:#000000;font-weight:400;text-decoration:none;vertical-align:baseline;font-size:11pt;font-family:"Arial";font-style:normal}.c4{padding-top:12pt;padding-bottom:2pt;line-height:1.15;orphans:2;widows:2;text-align:left}.c0{padding-top:6pt;padding-bottom:6pt;line-height:1.5;orphans:2;widows:2;text-align:left}.c2{text-decoration-skip-ink:none;-webkit-text-decoration-skip:none;color:#1155cc;text-decoration:underline}.c6{background-color:#ffffff;max-width:468pt;padding:72pt 72pt 72pt 72pt}.c5{margin-left:36pt;padding-left:0pt}.c7{font-weight:700}.title{padding-top:0pt;color:#000000;font-size:26pt;padding-bottom:3pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}.subtitle{padding-top:0pt;color:#666666;font-size:15pt;padding-bottom:16pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}li{color:#000000;font-size:11pt;font-family:"Arial"}p{margin:0;color:#000000;font-size:11pt;font-family:"Arial"}h1{padding-top:20pt;color:#000000;font-size:20pt;padding-bottom:6pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h2{padding-top:18pt;color:#000000;font-size:16pt;padding-bottom:6pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h3{padding-top:16pt;color:#434343;font-size:14pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h4{padding-top:14pt;color:#666666;font-size:12pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h5{padding-top:12pt;color:#666666;font-size:11pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h6{padding-top:12pt;color:#666666;font-size:11pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;font-style:italic;orphans:2;widows:2;text-align:left}

Posted by Tim Willis, Google Project Zero

In 2021, we updated our vulnerability disclosure policy to the current "90+30" model. Our goals were to drive faster yet thorough patch development, and improve patch adoption. While we’ve seen progress, a significant challenge remains: the time it takes for a fix to actually reach an end-user's device.

This delay, often called the "patch gap," is a complex problem. Many consider the patch gap to be the time between a fix being released for a security vulnerability and the user installing the relevant update. However, our work has highlighted a critical, earlier delay: the "upstream patch gap". This is the period where an upstream vendor has a fix available, but downstream dependents, who are ultimately responsible for shipping fixes to users, haven’t yet integrated it into their end product.

As Project Zero's recent work has focused on foundational, upstream technologies like chipsets and their drivers, we've observed that this upstream gap significantly extends the vulnerability lifecycle.

For the end user, a vulnerability isn't fixed when a patch is released from Vendor A to Vendor B; it's only fixed when they download the update and install it on their device. To shorten that entire chain, we need to address the upstream delay.

To address this, we're announcing a new trial policy: Reporting Transparency.

The Trial: Reporting Transparency

Our core 90-day disclosure deadline will remain in effect. However, we're adding a new step at the beginning of the process.

Beginning today, within approximately one week of reporting a vulnerability to a vendor, we will publicly share that a vulnerability was discovered. We will share:

• The vendor or open-source project that received the report.
• The affected product.
• The date the report was filed, and when the 90-day disclosure deadline expires.

This trial maintains our existing 90+30 policy, meaning vendors still have 90 days to fix a bug before it is disclosed, with a 30-day period for patch adoption if the bug is fixed before the deadline.

Google Big Sleep, a collaboration between Google DeepMind and Google Project Zero, will also be trialling this policy for their vulnerability reports. The issue tracker for Google Big Sleep is at goo.gle/bigsleep

Why the Change? Increased Transparency to Close the Gap

The primary goal of this trial is to shrink the upstream patch gap by increasing transparency. By providing an early signal that a vulnerability has been reported upstream, we can better inform downstream dependents. For our small set of issues, they will have an additional source of information to monitor for issues that may affect their users. 

We hope that this trial will encourage the creation of stronger communication channels between upstream vendors and downstream dependents relating to security, leading to faster patches and improved patch adoption for end users.

This data will make it easier for researchers and the public to track how long it takes for a fix to travel from the initial report, all the way to a user's device (which is especially important if the fix never arrives!)

Will this help attackers?

No — we anticipate that in the initial phase of this trial, there may be increased public attention on unfixed bugs. We want to be clear: no technical details, proof-of-concept code, or information that we believe would materially assist discovery will be released until the deadline. Reporting Transparency is an alert, not a blueprint for attackers.

We understand that for some vendors without a downstream ecosystem, this policy may create unwelcome noise and attention for vulnerabilities that only they can address. However, these vendors now represent the minority of vulnerabilities reported by Project Zero. We believe the benefits of a fair, simple, consistent and transparent policy outweigh the risk of inconvenience to a small number of vendors.

That said, in 2025, we hope that the industry consensus is that the mere existence of vulnerabilities in software is neither surprising nor alarming. End users are more aware of the importance of security updates than ever before. It's widely accepted as fact that any system of moderate complexity will have vulnerabilities, and systems that were considered impenetrable in the past have been shown to be vulnerable in retrospect.

This is a trial, and we will be closely monitoring its effects. We hope it achieves our ultimate goal: a safer ecosystem where vulnerabilities are remediated not just in an upstream code repository, but on the devices, systems and services that people use every day. We look forward to sharing our findings and continuing to evolve our policies to meet the challenges of the ever-changing security landscape.

Asus ProArt Display 6K PA32QCV se začne prodávat za cenu 1299 dolarů. • Monitor nabízí 31,5" IPS panel s rozlišením 6016 × 3384 px a dobrou konektivitu. • Oproti 6K monitoru od Applu bude dobře použitelný i s PC.

Orange, a French telecommunications company and one of the world's largest telecom operators, revealed that it detected a breached system on its network on Friday. [...]

The maintainers of the Python Package Index (PyPI) repository have issued a warning about an ongoing phishing attack that's targeting users in an attempt to redirect them to fake PyPI sites. The attack involves sending email messages bearing the subject line "[PyPI] Email verification" that are sent from the email address noreply@pypj[.]org (note that the domain is not "pypi[.]org"). "This is

The maintainers of the Python Package Index (PyPI) repository have issued a warning about an ongoing phishing attack that's targeting users in an attempt to redirect them to fake PyPI sites. The attack involves sending email messages bearing the subject line "[PyPI] Email verification" that are sent from the email address noreply@pypj[.]org (note that the domain is not "pypi[.]org"). "This is Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

FBI Dallas has seized almost 23 Bitcoins from a cryptocurrency address belonging to a Chaos ransomware member that is linked to cyberattacks and extortion payments from Texas companies. [...]

Think passkeys make you phishing-proof? Think again. Attackers are using downgrade attacks, device-code phishing, and OAuth tricks to sneak past modern MFA. See how Push Security shuts them down. [...]

Jasný Měsíc letos naruší srpnové maximum meteorického roje Perseid • Nejlepší pozorovací podmínky pro sledování meteorů nastanou na konci července • Tehdy budou souběžně vrcholit i roje Jižní Delta Akvaridy a Alfa Capricornidy

5 V-tolerant GPIO opens the way to some intriguing retro-nerdery

The Raspberry Pi team has released an update to the RP2350 microcontroller with bug fixes, hardening, and a GPIO tweak that will delight retro hardware enthusiasts.…