Agregátor RSS

V květnu AMD ohlásila podporu FSR 4 (konkrétně tedy FSR 4.1) pro starší grafické architektury. Radeony RX 7000 ji přinesou již v červenci, ale Radeony RX 6000 až začátkem roku 2027. Již je znám důvod…

Vědci si původně mysleli, že nejstarší kmeny moru nedokázaly zabíjet ve velkém. Nový výzkumu DNA z pohřebišť lovců a sběračů na Sibiři ukazuje, že už v době kamenné mor dokázal vymazat celé tlupy. Lidé ho tam zřejmě chytili od svišťů, kteří ho ostatně přenášejí dodnes.

From August 3, 2026, Google will use IP addresses from UK, EEA and Switzerland users for ad measurement and personalization. It lands as the ICO weighs new consent rules, and years after Google itself called using such signals to identify devices "wrong." [...]

Researchers have uncovered a massive breach of Fortinet firewalls that has given Russian-speaking attackers near-unrestricted access to some of the world’s largest and most powerful organizations, including Oracle, Chevron, Lenovo, Federal Express, a NATO defense contractor, and Fortinet itself.

Nearly 74,000 Fortinet devices from more than 21,000 IP addresses in 194 countries have been compromised and their plaintext credentials exposed online, Bob Diachenko, a security researcher and head of SecurityDiscovery.com, said online and in an interview. He said he found the data after gaining access to the attackers’ command-and-control server and other infrastructure. The exposed data also included the industry, revenue, and employee count for each compromised organization.

Exceptional scale, poor opsec

Independent researcher Kevin Beaumont reported that “almost all” of the compromised devices remained online as of Wednesday morning. He went on to say that he has confirmed with multiple organizations found in the attackers’ logs that the credentials are real and current. In many cases, once the threat actors compromised the devices, they went on to access affected organizations’ centralized authentication systems, such as Radius servers and Microsoft Active Directory. The number of compromised devices comprises roughly half of all Internet-facing Fortinet firewalls, based on polling from Shodan.

Read full article

Comments

Tesco, a retail conglomerate headquartered in the United Kingdom, is moving 40,000 server workloads off of VMware amid "abusive conduct" from Broadcom, recent legal filings claim.

Tesco filed a lawsuit in the UK’s High Court against Broadcom alleging breach of contract last year. According to a September report from The Register, the lawsuit claimed that in January 2021, Tesco bought perpetual licenses for VMware’s vSphere Foundation and Cloud Foundation, a subscription to VMware Tanzu, plus support services until 2026, with the option to extend support for four additional years.

But when Broadcom took over VMware in November 2023, it would not honor the deal and instead tried to get Tesco to pay “excessive and inflated prices for virtualization software for which Tesco has already paid” and would not allow it to buy support services for its perpetually licensed software without buying “duplicative subscription-based licenses for those same Software products," the initial complaint read, The Register reported at the time.

Read full article

Comments

Adobe’s Firefly Graph is now available to Creative Cloud customers, offering a node-based workflow tool designed to help business create content at scale with generative AI (genAI). 

With Firefly Graph, users can connect multiple tools in visual workflow, with each “node” performing a specific task before passing its output to the next node. This gives creative professionals more control over generated outputs, according to Adobe, and makes it easier to try out ideas by swapping, adjusting or adding components.

For example, a user could start with a text prompt box that connects to a node that generates an image using an AI model from Adobe or third-parties such as Google and OpenAI. Further along the chain, the user could add nodes to remove a background or upscale an image, for instance, before producing an image, video or other asset ready for use.

Changing one aspect, such as adding a reference image or adapting the text prompt, would change the final output.

It’s an approach similar to node-based workflow tools such as ComfyUI — a startup valued at $500 million which claims more than 4 million users. Others include Weavy, acquired by Figma last year for a reported $200 million. 

With so many AI tools available to creative professionals, workflows can get complex and hard to replicate, said Elliot Sedegah, director for strategy and product marketing at Adobe. Firefly Graph provides access to more than 300 different node types, including images, video editing and AI generation tools across Adobe’s portfolio and third-party tools. 

“Whether you’re working at a mom-and-pop shop or a larger enterprise, you’re looking for consistency and then bringing that into a workflow so that you’re not hopping in and out of different tools,” he said. “Putting all that together takes massive amount of time, and sometimes it’s very difficult to even know what you did.”

Once created, workflows can be shared across an organization as repeatable processes for other individuals or teams to use. “Think of that rock star creative that you have and the recipes they create: those are now canonized as workflows, as assets, that the rest of the organization can take and reuse over and over again,” said Sedegah.

In addition, while creative professionals are needed to created high quality assets, reusable workflows can be put into the hands of broader teams to create content for large audiences, said Sedegah.

Firefly Graph addresses a challenge that most large creative organizations face, said Lisa Gately, principal analyst at Forrester — namely that their best creative workflows “live inside the heads of a few experts.

“Teams can generate images and video with AI, but reproducing the exact sequences of creative decisions, model selections, edits, and refinements that lead to a high-quality result is difficult and inconsistent. Firefly Graph turns those workflows into reusable assets,” she said.

While other node-based workflows aim to address similar problems, Adobe’s pitch is that Firefly Graph provides customers with the benefit of integration into its product suite. 

“Firefly is a full, broader AI creative studio, not just a node-based tool, so [Firefly Graph] is a part of a bigger picture,” said Sedegah. “The strength is having everything in one place with the tools that people know.” 

“Where Adobe differentiates is in enterprise integration,” said Gately, with Adobe connecting Firefly Graph to a range of other Adobe tools. Those include Creative Cloud applications; Firefly Boards for ideation; and Firefly Creative Production. 

“The workflow becomes part of a broader content supply chain instead of a standalone creation tool,” she said. ”Organizations committed to other tools are unlikely to migrate for a node-based canvas — making a change is about the broader content supply chain.”

Firefly Graph is available now to Adobe Creative Cloud for Enterprise subscribers (pricing details were not immediately available), and in a public beta for teams and individual users; the wait list sign up is available here.

An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research. The threat actor also has at their disposal a dedicated WordPress phishing page that acts as the central hub, alongside GitHub and SourceForge projects promoted by fake accounts, a YouTube channel, and a Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Late last week, Anthropic took its new Claude Fable 5 and Mythos 5 AI models offline following a United States government export-control directive barring “any foreign national” from using the services. The company has been in talks with the White House since Friday but has yet to secure an agreement that would allow it to reinstate the offerings.

Since Mythos debuted in April, Anthropic has claimed—and warned—that the model has advanced capabilities for not only finding software vulnerabilities to help defenders patch them, but also figuring out ways to exploit them that could be used by bad actors. Anthropic itself noted this double-edged sword in its launch of Mythos 5 and Claude Fable 5. “A great deal of advanced usage of AI models is dual use: the same queries that are beneficial in the hands of cybersecurity professionals and biology researchers could be dangerous if available to malicious actors,” the company wrote in a blog post last week.

With this in mind, the company initially released a version called Mythos Preview to a select consortium as part of a working group known as Project Glasswing. Mythos 5 was also privately released to this group last week, while Claude Fable 5, which is a Mythos-grade model, was released to the general public with specific blocks on its ability to give responses to questions about biology and cybersecurity.

Read full article

Comments

Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet. The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw. "Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft DefenderRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

UPDATED If you have a Fortinet firewall, it's time to stop and change your passwords. Intruders somehow gained access to around 75,000 Fortinet firewall devices and stole credentials belonging to major corporations across 194 countries, in some cases leading to full network compromise. Security researchers say that they have verified the data, and the cracked FortiGate passwords belong to accounts spanning multinational corporations including FoxConn, Samsung, Comcast, Siemens, Lenovo, FedEx, PxW, Accenture, Oracle and many others. Check to see if your organization made the list of affected domains – and immediately rotate all passwords associated with Fortinet VPN and administrative interfaces. Make sure multi-factor authentication is turned on, too, as this type of massive credential leak can lead to very serious consequences, giving attackers full, remote access to not only the firewall but the entire corporate network. Hudson Rock, which analyzed the data, said the leak affects 21,632 unique domains. “The scale of this breach touches nearly every sector of the global economy, sparing no industry. The threat actors have built a verified database of working credentials for some of the largest enterprises on the planet,” the security shop said on its Infostealer blog. Researcher Volodymyr “Bob” Diachenko first spotted the intrusions and attributed them to a Russian-speaking group. “They intercept SSL VPN authentication, crack hashes on a 45-GPU cluster managed via Hashtopolis, and pivot into internal Active Directory environments,” he wrote on LinkedIn. “The operation processed 1.16 billion credential attempts against 320,777 FortiGate targets and 2.1 billion attempts against 163,650 MSSQL servers.” Plus, according to Diachenko, the criminals fully pwned at least four organizations, including a Turkish NATO defense contractor, and, in that case, stole classified defense documents. Security sleuth Kevin Beaumont, who also verified the stolen credentials, said “the data is legit.” “I have worked with several orgs listed, and can confirm the logins and passwords are real,” Beaumont wrote. “Many of the devices sampled are on fairly recent patches.” According to device search engine Shodan, the massive heist comprises about half of all internet-facing Fortinet firewalls. Plus, Beaumont noted, most of the compromised Fortinet devices remain online. So if you’re still reading this story: stop now, and go reset your Fortinet firewall passwords stat. After we first published this story, Fortinet responded to us, denying that the attacks are fresh and claiming that the data showing up on the dark web comes from prior breaches. "Based on our analysis, the data involved is a resharing of data from previous incidents, as well as bruteforcing of credentials, and is not related to any recent incident or advisory," a Fortinet spokesperson told El Reg. Organizations that follow routine best practices, including regularly refreshing security credentials, as per guidance in this March blog, face minimal risk from credential compromise detail referenced in the reporting.” The Register reached out to the companies affected by the so-called FortiBleed campaign for comment, Lenovo said it was looking into it; we didn't receive responses from the others. ® Updated at 2118 with a statement from Fortinet.

Vývojáři Ubuntu představili projekt Myna, tj. iniciativu zaměřenou na přidání funkce převodu řeči na text do prostředí desktopu Ubuntu. Dle plánu již v Ubuntu 26.10.

Jak v rozumné cenové hladině vybrat počítač, který univerzálně poslouží v domácnosti? Děti si na něm zahrají i vypracují úkoly, rodičům zase poslouží pro občasnou práci z domu. Nechcete moc číst? Tady jsme celou sestavu naskládali do nákupního košíku na Alze. Na konci článku jsou odkazy na další ...

Společnost Epic Games představila nový open source systém pro správu verzí Lore navržený pro "bezprecedentní škálovatelnost dat i týmů a optimalizovaný pro projekty, včetně her a zábavy, které kombinují kód s velkými binárními soubory, aby uspokojil potřeby vývojářů i umělců". Zdrojové kódy jsou k dispozici na GitHubu pod licencí MIT.

The Joomla Content Editor (JCE), one of the most widely deployed editor extensions for Joomla websites, is currently under active attack due to a critical vulnerability.

Beth Tschida, who became Jamf CEO in May after serving as CTO and as interim CEO, is the first woman to lead the company in its near 25-year history. I spoke with her this week at the London Jamf Nation event, where the company introduced its new AI Governance solution.

How the transition to CEO is going 

“It’s been a great privilege and an adjustment,” she said. “Jamf has always been a company deeply focused on culture, which is exactly why I love being here. Having the ability to influence and improve that culture from this role is something I feel very supported in doing.”

The last few years have seen a variety of changes at Jamf, which was briefly a public company. “We’ve come through a period of change, not all of it easy,” Tschida said. “But we now have a great partnership with Francisco Partners. We’re private, we’re focused on solving customer problems, and we’re finding ways to lean into what we’re good at.”

Women in tech and mentorship

Tschida is a good choice to lead a software engineering company, as she’s an engineer herself. She originally joined Jamf as vice president for software engineering in 2018, moving up to CTO in 2022. She’s also one of the few women in leadership positions in tech. (To Jamf’s credit, the company also has CIO Linh Lam on its team.)

“I think it’s important for women to stay deep in the tech, build their skills and find their voice confidently,” Tschida said. “You’ll never know all the technology out there. Nobody does. What matters is the ability to keep adapting and evolving.”

Tschida stressed the importance of mentorship. “I feel very honored to have a chance to be a role model for other women,” she said. “I had women who forged a path for me, including a female CIO early in my career who I asked to mentor me and learned an enormous amount from. I’m certainly not the first woman in tech, but I do want to play my part in helping others grow in their careers.

“Ultimately, I want to be respected for what I do, not for my gender. That’s how everyone should be judged.”

AI Governance

Tschida’s product focus means she knows what matters to Jamf. “If you focus on the problems customers have and how your product can help fix them, that’ll take you to where you want to go.”

For many in the enterprise, both in and beyond the Apple space, the next big problem is AI — how to deploy it, how to manage it, and how to regulate it.

AI Governance is a new Jamf solution that has been developed in response to those pain points. Countless surveys, including Jamf’s own data, show that AI is being widely used across every company, but IT lacks visibility into its use. It’s hard to know what data is being shared with AI tools, which services are being used, and how to report on that use effectively — particularly in regulated industries.

AI Governance is designed to make it possible for anyone managing an Apple fleet to get granular insight into AI use across their Mac, iPhone, and iPad devices. It uses telemetrics to shed light on that use, offers governance and management tools to help IT gain better oversight and control over it, and provides highly comprehensive reporting tools suitable for internal or regulatory review.

“AI is happening whether organizations know it or not,” said Tschida. “That’s the problem. You can try to block it, but that’s very hard to do well. It’s far better to build visibility and governance around it.”

The offering makes it possible for companies to enable the AI use they already know is taking place while protecting corporate interests and enabling fast and accurate reporting. You can find out more details here.

Jamf Empowering better AI

Jamf’s approach is focused on endpoint management. AI Governance means IT can see what’s running on a device, categorize it, and understand what AI tools and models are in use. “If you know how people are running AI on your fleet, you can open it up safely. Then all of your customers and employees can find their way to figure out how AI is going to optimize their workforce,” she said.

What does that look like in practice? Think of it as an orchestration layer. IT can define different AI configurations for different teams: HR might use one set of models, engineers another. And admins can apply opinionated postures per group: what models are permitted, what cloud services they connect to, what’s visible to IT versus the CISO versus the CFO. “It’s an extension of what Jamf has always done, it just now applies to AI endpoints too.”

What about regulatory complexity across geographies? “A lot of governance controls are shared across regulations; a good base set is a healthy way to run regardless. But each regulation has its own twists. Our mission is to make sure customers operating in different markets can expand on that base and fit the specific models and regulations they need, getting the right configurations to the right devices.”

Managers must prepare for AI cost challenges

There’s a second dimension beyond management — cost. The industry is developing quickly, with new AI models appearing almost every week. Yesterday’s leading LLM is tomorrow’s fading star, even while the cost of AI infrastructure goes through the roof. As that churn slows, investors will want to start seeing returns on their bets, which is why token costs — the price of running AI services, at least in the cloud — are climbing fast.  

As costs become more realistic, that’s going to change the nature of AI deployment from the laissez-faire, anything goes approach to a more strategic management of such use. “Models keep dropping fast, but token costs are only going to go up,” said Tschida.

“Organizations will need to decide: just because you can build something with AI, should you? What’s the right model for what work? We’re helping customers move from, ‘We’ll just block it’ or ‘We’ll turn it on and hope for the best,’ toward a place where they have a real viewpoint and can manage and change that viewpoint over time.”

The ever-changing AI world is also prompting Jamf to make more of its APIs externally available. “We’re used across every industry and every geography, at every scale,” said Tschida. “There’s no way we can build every workflow every customer needs, we’d never get to all of them.”

Embracing openness also helps build future foundations. “Thinking about where we’re heading next — agentic endpoint management — having platform APIs allows our customers to build things they can imagine, that we can learn from, in a way that solves their specific problems.”

Apple, WWDC, and the enterprise

Tschida’s comments come shortly after WWDC 2026, where Apple introduced a raft of AI advances that formed a strong foundation for its future, improvements that matter to Jamf. “When Apple innovates, Jamf celebrates,” she said.

“Apple is doing great things in their AI ecosystem, revamping Siri, expanding their AI capabilities, making Apple the platform people want to run AI on because those machines simply perform better. Our job is to take what Apple builds and bring it into the enterprise in the way that enterprises actually need it.”

Most of the industry recognizes that Apple’s enterprise story has changed dramatically as its products see accelerating use, and momentum is not slowing. Tschida reflected on how just a few years ago, Apple in the enterprise was an option in employee choice programs. “Now it’s becoming the clear choice,” she said. “We expect that trend to continue. And the more Apple invests in AI running natively on device, the stronger that argument gets.”

Where is Jamf going?

AI Governance is a unique answer to an increasingly important set of questions that are now beginning to affect the IT management of Apple’s platforms. (It’s not clear whether anything as sophisticated exists for other platforms at al, but as the need to manage AI grows, demand for such solutions will grow.)

Ultimately, the company’s latest move reflects Jamf’s inherent strategy under its new CEO. “Focus on customers, listen to them, solve their problems, and don’t throw tech at it. Ask: what’s the problem? Can we solve it? That focus is what takes you where you need to go.

“We’re on a good trajectory, customers stay with us, and the culture has always underpinned us. Now we’re finding ways to lean into it even further,” she said.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon and subscribe to The Core.

At least 15 malicious plugins and nearly 70,000 installs later, developers are being reminded that trusted marketplaces can become supply-chain attack vectors overnight.  

A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials. Ordinary stuff, until one move near the end. Before his command-and-control server went dark, he installed OpenSSH and Tailscale on a victim's machine, building a way back in that did not run through the C2 at all. When the Havoc server went offline the next Swati Khandelwalhttp://www.blogger.com/profile/[email protected]

Terramow, jejíž sekačky si můžete koupit i na našem trhu, se chystá uvést svou první sekačku s pohonem všech kol. A podařilo se jí přijít s něčím unikátním, co zatím nikdo jiný nenabídl. Nová sekačka Terramow X AWD totiž umí sekat oběma směry. Díky stejným optickým senzorům pro detekci překážek ...