Agregátor RSS

Apple na své vývojářské konferenci WWDC26 (Worldwide Developers Conference, keynote) představil řadu novinek. Vypíchnout lze novou generaci Apple Intelligence a zbrusu novou Siri, která dostala název Siri AI. Kvůli Aktu o digitálních trzích (DMA) však funkce Siri AI nebudou v systémech iOS 27 a iPadOS 27 k dispozici uživatelům v Evropské unii.

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to steal developer secrets. [...]

Byla vydána nová verze 1.18.0 distribučního frameworku Flatpak (Wikipedie), tj. technologie umožňující distribuovat aplikace v podobě jednoho instalačního souboru na různé linuxové distribuce a jejich různá vydání. Přehled novinek na GitHubu. Vypíchnout lze podporu rozhraní /dev/kfd pro výpočty na kartách AMD (AMDKFD).

Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container. The flaw, CVE-2026-23111, sits in the kernel's nf_tables packet-filtering code and was patched upstream on February 5, 2026. Exodus Intelligence released its full technical walkthrough on June 8, and it is not even

Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container. The flaw, CVE-2026-23111, sits in the kernel's nf_tables packet-filtering code and was patched upstream on February 5, 2026. Exodus Intelligence released its full technical walkthrough on June 8, and it is not even Swati Khandelwalhttp://www.blogger.com/profile/[email protected]

aMule (Wikipedie), tj. multiplatformní klient pro peer-to-peer sdílení souborů pro sítě eD2k and Kademlia, byl po více než pěti letech od vydání poslední verze 2.3.3, vydán v nové major verzi 3.0.0 (GitHub). S novou webovou stránkou a dokumentací.

WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks. [...]

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI coding agents.

In all, multiple researchers said, 73 packages were flagged as malicious when automated systems on GitHub blocked them on the platform. Rather than noting they are malicious—and that developers who used AI agents to work with them should assume their systems are compromised—the Microsoft-owned GitHub said it disabled the packages “due to a violation of GitHub's terms of service.” The text went on to encourage the package owner to contact GitHub.

Devs: Assume compromise and proceed accordingly

It wasn’t until Monday that Microsoft even raised the possibility the packages were infected. In an email, the company stated: “We have temporarily removed some repositories as we investigate potential malicious content.”

Read full article

Comments

Check Point released an emergency fix on Monday for a critical authentication bypass vulnerability affecting its Remote Access VPN and Mobile Access deployments - but attackers, including ransomware criminals, got a month-long head start. Attacks against the bug, tracked as CVE-2026-50751, began on May 7, according to Check Point VP of research Lotem Finkelstein, and picked up in early June. The security software vendor spotted suspicious activity and began investigating the zero-day on June 4, Finkelstein said in a Monday blog. “We have observed indications that exploitation has been limited to a relatively small number of targeted organizations (several dozen globally), primarily over the past few days,” Finkelstein wrote, adding that, in at least one case, investigators observed post-compromise activity associated with a Qilin ransomware affiliate. This same ransomware scum is also likely exploiting other VPN-related vulnerabilities in Palo Alto Networks, Fortinet, and F5 products, Finkelstein said. CVE-2026-50751 is due to a logic-flow weakness in the Remote Access and Mobile Access certificate validation process, and it allows remote attackers to bypass authentication and establish a remote access VPN connection without a user password. It affects Mobile Access/SSL VPNs, Remote Access VPNs, and Spark Firewalls configured to use the deprecated IKEv1 key exchange protocol. While investigating CVE-2026-50751 and affected VPN components, Check Point found another vulnerability, CVE-2026-50752, in its Security Gateways and Spark Firewall products. It’s due to a bug in the certificate validation logic of the deprecated IKEv1 key exchange method, and can lead to man-in-the-middle attacks on the VPN site-to-site configuration. Check Point says that it hasn’t received any reports of in-the-wild exploitation of CVE-2026-50752. Check Point urges customers running vulnerable gateways and firewalls to apply the hotfixes, and the vendor also provided alternative mitigation options with instructions in the security advisories. The software provider also published a list of indicators of compromise, including attacker IPs, and recommends customers search Check Point SmartConsole logs for possible VPN certificate authentication attempts associated with observed attacker infrastructure and certificate subject names for at least May 7 through June 5. ®

Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it's filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users. "They tried to trick people into clicking on malicious links to drive them to external websites

Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it's filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users. "They tried to trick people into clicking on malicious links to drive them to external websites Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Cloud software security firm Minimus today expanded its product portfolio with the general availability of Minimus Supply Chain Protection and minicli. The tools introduce a unified approach to managing third-party software risks and container image configurations.

The release of Supply Chain Protection directly targets vulnerabilities found within the application package universe, where interwoven dependencies are frequently maintained by isolated third parties. Operating seamlessly as a pull-through proxy for NPM and PyPI, the solution evaluates public packages based on popularity, commit data, and cooling-off periods before they reach CI/CD pipelines. Platform teams can deploy multiple configurations tailored to the risk tolerances of different development environments.

In tandem, Minimus has launched minicli, a public command-line tool downloadable for macOS and Linux (AMD and ARM). The utility allows developers to inspect custom image structures—including internal file bundles and environment variables—and manage private images directly from the terminal. By converting image recipes into YAML files, teams can easily integrate change controls and automation into their existing technology stacks.

Together with Minimus Images, which eliminate up to 98% of standard container base image vulnerabilities, these updates offer an end-to-end strategy for securing both OS packages and application dependencies.

About Minimus

Minimus delivers a modern foundation for secure container software, open-source dependency management, and software supply chain security. The company was founded in October 2022 by container security pioneers Ben Bernstein, Dima Stopel, and John Morello (co-authors of NIST SP 800-190 and founders of Twistlock) to solve the ongoing operational burden of cloud vulnerability remediation. By engineering high-security container images directly from upstream project sources with only the absolute minimum software required to run, Minimus completely neutralizes 98% of typical cloud software vulnerabilities. Minimus offers a highly scalable, developer-friendly solution that deploys instantly via standard tools, and is backed by a $51M seed investment from YL Ventures and Mayfield. 

Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including private ones). [...]

Česká republika bude mít poprvé svého zástupce na Mezinárodní vesmírné stanici. ESA podepsala 8. června 2026 jménem státu dohodu se společností Vast o vyslání českého astronauta na ISS a oznámila to na tiskové konferenci. Pilotem mise bude Aleš Svoboda, vojenský pilot stíhaček Gripen. Do vesmíru ...

Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root privileges and without authentication. [...]

An Illinois high school won't reopen until Wednesday at the earliest after suffering a ransomware attack on Sunday, June 7. Evanston Township High School (ETHS), located 14 miles north of Chicago, said it would be closed today and tomorrow, and that the closure also affected summer school, sports camps, and on-campus activities, which are all canceled. "Upon discovering the incident, we immediately activated our incident response procedures and engaged external cyber breach attorneys and cybersecurity forensic experts to assist with the investigation and recovery process," ETHS said in a statement issued via a dedicated information page. "We are working with these specialists to determine precisely what information may have been accessed or acquired and to restore normal systems operations as quickly as possible. The district is cooperating with the Federal Bureau of Investigation (FBI) as part of the ongoing investigation." It said that phone systems are down and staff have limited access to emails. Children and their families may also not be able to access certain online resources, all of which suggests the institution may still be in the containment phase of remediation. Among the online resources currently offline is Home Access Center, which is powered by PowerSchool. PowerSchool itself was was at the center of a cybersecurity disaster in late 2024. However, ETHS has not linked the platform to the ransomware attack. All staff other than safety and operations workers were told to work from home, although their work will be limited since, for the time being, they're locked out of the district's Google accounts and "other network systems, including eSchool." "We understand this situation is disruptive and appreciate your patience and flexibility," ETHS went on to say. "Additional updates and instructions will be provided as they become available." No major ransomware group has claimed responsibility for the intrusion at the high school yet. Education under attack The ETHS incident follows a separate attack on the education sector disclosed on June 4 that affected 13 schools in Powys, Wales. Powys Council set up its own information page about the attack, although it has not revealed much, saying it is awaiting the outcome of investigations by external specialists. However, it said the attack has affected "some school systems" and personal data belonging to both staff and pupils was accessed. The council identified 13 affected schools, although the compromised data only appears to have been taken from one of these, according to current information. Its information page repeatedly uses the phrase "because of the sensitive nature of the data." The council cites this as the reason for not revealing information such as which schools were affected, how many individuals are affected, what types of data have been accessed, and whether this included sensitive or safeguarding-related data. It also refused to say whether the attack involved ransomware or who was responsible for it. However, it said the risk of identity fraud would vary by individual, hinting that different types of personal data may have been accessed. Powys Council confirmed that all schools across the region remain open, and the cyberattack does not affect their day-to-day safety or operations. Education remains a strong target for cybercriminals. Given the sensitivity of the data these organizations store, it makes the sector one of the most attractive for financially motivated criminals looking for an extortion payment. In the UK, the Information Commissioner's Office said that between 2022 and 2024, pupils were responsible for 57 percent of 214 school data breaches, often using stolen login details. ®

Musím přiznat, že mi Elon Musk usnadňuje práci – na tyhle články už mám šablonu. Jen doplním, kolikátý je to odklad, jaký je nově slíbený termín premiéry a pak to proženu generátorem ironie (mrk, mrk). Naposledy Musk koncem dubna slíbil, že nový Roadster představí „za měsíc, nebo tak něco.“ Tedy ...

Everybody is watching to see what comes from Apple at its annual Worldwide Developer Conference (WWDC) today. There’s a great deal at stake, as when it comes to artificial intelligence (AI) today’s event represents an existentially important moment for the company. 

Apple execs absolutely must convince developers, industry watchers, users — all of us — that it has learned from its well-publicized mistakes of the past two years and put together a serious proposition for AI across its platforms.

What we think we know

Right now, we think Apple intends to offer a hybrid of its own self-developed AI tools and services combined with others made with Google Gemini — all supported by an open approach to using AI services from third-party providers such as Anthropic or OpenAI. 

When it comes to implementation, this should mean a contextually sensitive Siri that can respond to what you have on the screen of your device, or in the viewfinder of your camera app. The idea here is that you’ll be able to do contextual tasks like book restaurants or send a message to your granny, translate a sign, or even navigate around a room. More than this, you should also be able to combine tasks giving Siri complex — agentic AI — tasks it can then transact on your behalf.

Many of these functions will take place on device. Some will rely on Apple’s own fleet of Private Cloud Compute servers, supported by additional capacity from Google and Nvidia. When Apple Intelligence/Google Gemini can’t accomplish a task, you’ll be able to request that another service handle it on your behalf outside Apple’s managed garden. Siri itself will also gain a brand new interface.

What developers expect and how we got here

As discussed here, developers expect Apple will make access to many of its new Apple Intelligence APIs available to them.  This will let them deploy useful functionality in their apps at no charge, in part because the intelligence takes place on the device. 

It will also be possible for developers to permit their apps to run without being opened, which means a user should be able to ask Siri to do complex tasks that also include functionality from their apps. During this past weekend, we were warned that some or all of the new Siri functionality might be introduced on a staggered basis using a waiting list.

Apple has come a long way since that tense meeting in early 2025 when the company’s senior leadership established a new approach to AI. With Apple CEO Tim Cook taking an uncharacteristic interest in driving his teams to pull their act together, Apple developed a new, partnership-based approach to try to recapture lost ground.

Has Apple achieved it? That’s the test

Has Apple finally regained the initiative?

To a great extent, that will be the big focus across the industry once the company tells us what it’s done. Cook’s final WWDC as CEO sees a company at the absolute top of its game in so many ways, including soaring Mac sales. But to some extent he will be judged on how successfully Apple’s AI pivot comes across.

Weekend analyst notes summed it up, with bears and bulls tossing insights along. In one camp, you’ll find the true believers who argue that if Apple does come to us with something convincing, it has a chance to absolutely dominate consumer AI. “Siri/Apple Intelligence 2.0 has the potential to become the ultimate AI resource offload and deliver a form of Agentic AI to the consumer at a lower cost than incumbents,” said Morgan Stanley analyst Eric Woodring.

Cynics, however, warn that Apple really must demonstrate the kind of contextual, agentic AI it first announced (and failed to ship) two years ago; they want a chatbot with muscle, and will see right through any attempt to place a PR veneer over something weaker than what others already provide. If Apple fails to deliver on this, it can expect its stock to be utterly savaged over the next few days, though some analysts believe that Apple’s previous missteps mean the damage is already priced in.

A chance to shine, but can it?

Ultimately, of course, in addition to convincing industry watchers, Apple will need to find a way to deliver the kind of AI power consumers have been told to expect — while also protecting privacy. If it does get that right, particularly if it truly exploits its powerful hardware to ensure the most common tasks take place directly on the device, it has a major opportunity to deliver a form of Agentic AI at a lower cost than incumbents can. And it can do so while leaving the core AI bubble to burst as and when it will.

Will Apple succeed? We’ll know in a few hours, when you should check back for first takeaways on what Apple has to share. Join me on the Core for the headline summaries.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon and The Core.

Browser Choice Alliance už dva roky tlačí Microsoft k úpravě Windows. • Chrome, Opera nebo Vivaldi chtějí rovné postavení s Edgem. • Microsoft by měl upravit sedm sporných bodů.

A Linux server gets cleaned up after an intrusion. The suspicious process is terminated, credentials are rotated, and the system is rebooted during maintenance. Everything seems secure. A few hours later, the same outbound connection appears again.