Agregátor RSS

A vulnerability in DoorDash's systems could allow anyone to send "official" DoorDash-themed emails right from company's authorized servers, paving a near-perfect phishing channel. DoorDash has now patched the issue, but a contentious disclosure dispute has erupted, with both sides accusing each other of acting in bad faith. [...]

The office of Pennsylvania's attorney general has confirmed that the ransomware gang behind an August 2025 cyberattack stole files containing personal and medical information. [...]

Law enforcement agency’s referral blitz hit gaming platforms hard, surfacing thousands of extremist URLs

Europol's Internet Referral Unit (EU IRU) says a November 13 operation across gaming and "gaming-adjacent" services led its partners to report thousands of URLs hosting terrorist and hate-fueled material, including 5,408 links to jihadist content, 1,070 pushing violent right-wing extremist or terrorist propaganda, and 105 tied to racist or xenophobic groups.…

Readiness metrics have flatlined since 2023, with most sectors slipping backward as teams fumble crisis drills

Teams that think they're ready for a major cyber incident are scoring barely 22 percent accuracy and taking more than a day to contain simulated attacks, according to new data out Monday.…

​Microsoft is working to resolve a known issue preventing users from installing the Microsoft 365 desktop apps on Windows devices. [...]

Once upon a time, Apple introduced a new iPhone every year. These days, in some years it introduces five of them. Have we reached saturation point? Possibly. Solution? Ship six iPhones a year. As expected, Apple is building a new market dynamic.

Think of it this way. Until now, competitors knew the pace of Apple releases, a cadence that gave them confidence in the market share struggle. By dividing iPhone releases into two, Apple creates an opportunity to move its devices in multipole directions – some will be faster, some will be thinner, others will be more advanced. It means that rather than competing with just one high-end iPhone, competitors will fight with six high-end devices, each slightly different from one another, with prices spanning mid- to high-range markets. Each iPhone will host its own powerful Apple Silicon processor, and splitting the cadence across two years will let Apple pour massive quantities of new tech into the highest-end models.

What we’re hearing

So what’s the claim? The idea is that Apple will introduce three high-end iPhones in fall 2026, with lower-end iPhones, possibly including a new edition iPhone Air 2, set to ship in 2027. (The Air is expected to gain a 2nm A20 processor, which will make for much better battery life.) In what is really just a rehash of speculation reported earlier this year, the cadence of the release, according to Bloomberg, will be like this:

• Fall 2026: iPhone 18 Pro, iPhone 18 Pro Max, and the hotly-anticipated new folding iPhone.
• Spring 2027: iPhone 18, iPhone 18e, iPhone Air.

These alternating launches will then be repeated in future years, and we’ll no doubt see the difference between Apple’s Pro and other iPhone models accentuate over time. (The 20th anniversary iPhone might be part of this.) The Pro Max will likely be the most technology-packed smartphone money can buy, while the folding device is likely to be the most advanced device on the planet. It is also worth noting that — reading between the lines of the report — Apple doesn’t necessarily intend to update all of these models annually, nor will it need to as it continues to diversify the range.

Daring to be different(iated)

The decision to diversify the iPhone offer didn’t come that easily to Apple. Until now, the company has woven a delicate dance in which, while offering multiple devices, somehow all of those smartphones were seen as one iPhone. 

Moving to split the release between mid-range and high-end launches means the company is deliberately putting distance between both types of iPhone. It also means bad news for some of the other mobile manufacturers who shore up their share with mid-range sales. Even as Apple’s A-powered MacBook is coming to grab a slice of the healthiest part of the PC market (low/mid-range sales), the company is also moving to seize some of that part of the smartphone business. This will inevitably put further price pressure on others in that part of the space, and might prompt another wave of mergers and acquisitions, as that is where most mid-tier manufacturers make their business. 

The medium is the message

Beyond market dynamics, messaging could be another reason Apple might be moving to segmentalize its market. Think about the most recent iPhone launch and how many of the nuances of each model were buried by more generalized reporting across all of them. The iPhone 17 I’m using myself maintains everything about the iPhone range, but the vast majority of reports on the new models focused on the higher-end devices.

With that in mind, it makes sense for Apple to put partition between its iPhone families. Doing so will enable it to explain the benefits of each product better. It gains freedom, flexibility, and the opportunity to build an iPhone range that encompasses a variety of different forms, builds, and features. Diversification, it thinks, is power.

I believe the move will help Apple sell more iPhones. It’s also worth noting that this is not actually a major departure from what the company already does, with some devices already usually appearing in spring. Apple is setting the scene for change, and as the company does everything for a reason, that means it has plenty more planned.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

5200 děr v Peru mohlo být tržiště a později účetní kniha Inků • Drony odhalily 60 bloků děr a analýza pylu potvrdila uskladněné plodiny • Skeptici namítají, že chybí desítková soustava a mohl to být geoglyf

Červená, oranžová a zelená. Tak to známe a význam barev je naprosto jasný. Výzkumníci americké University of North Carolina navrhují přidat čtvrté světlo s bílou barvou. Bylo by aktivní, když by se v okolí objevilo vyšší procento autonomních vozidel. Bílá by znamenala, že řidiči klasických aut ...

Regulator reports suggest telco was extorted, but company remains coy as to whether it paid

French telco Eurofiber says cybercriminals swiped company data during an attack last week that also affected some internal systems.…

This week showed just how fast things can go wrong when no one’s watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It’s not just about hacking anymore. Criminals are building systems to make money, spy, or spread malware like it’s a business. And in some cases, they’re using the same

This week showed just how fast things can go wrong when no one’s watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It’s not just about hacking anymore. Criminals are building systems to make money, spy, or spread malware like it’s a business. And in some cases, they’re using the same Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Chatbots once symbolized digital transformation — those polite text boxes on corporate websites and service portals promised to make support smarter and cheaper. The addition of generative AI (genAI) to the tools in recent years has made them seem more natural in conversations, but they’re still just automated answer engines. Now as 2025 comes to an end, traditional chatbots are beginning to look like relics of an earlier era.

A new wave of agentic AI is taking shape: systems that not only converse but also reason, plan, and act within enterprise workflows. These agents are not assistants that talk; they are digital colleagues that think.

[ Related: Agentic AI – Ongoing news and insights ]

Across industries, companies are reengineering their operations to harness this new capability. They’re discovering that agentic AI isn’t simply an upgrade to chatbots — it’s a redefinition of how digital work gets done.

From reactive bots to proactive partners

Jesse Flores, founder and CEO of web development firm SuperWebPros, has watched this transition unfold firsthand. “Traditional chatbots,” he said, “were basically decision trees — if keyword X, then response Y.” They worked well for FAQs and appointment scheduling, but their world was bounded by the script.

Even when connected to large language models such as GPT-5, most chatbots still lack deep knowledge of a company’s data or business context. “They’re language-driven responders,” Flores explained. “They talk, but they don’t think or act.”

According to Flores, agentic AI changes that equation. Each agent has a name, a mission defined by its system prompt, and a connection to company data through retrieval-augmented generation. Many of them also wield tools such as CRMs, databases, or workflow platforms. “An agent is like hiring a new employee who already knows your systems on day one,” Flores said. “It doesn’t just respond — it executes.”

This new mode of collaboration also changes how employees interact with technology. Flores noted that his clients often name their agents, treating them as teammates rather than tools. “When marketing needs to check something, they’ll say, ‘Let’s ask Marco,’” he added. “That naming makes adoption easier — it feels human.”

Other insights can be gleaned from Moody’s, an organization well known for its information services. According to Cristina Pieretti, head of digital content and innovation at Moody’s, agentic AI changes the very nature of what a company can offer its clients.

“With a chatbot, you’re just having a conversation about a topic. Agents can actually perform tasks that humans would normally do,” she said.

Moody’s has begun developing agents to automate parts of its customers’ work directly, Pieretti said — for example, generating credit memos and financial analyses. Instead of retrieving one data point at a time, users can configure an agent to pull information from multiple systems, assemble the correct sections, and deliver a finished report at the click of a button.

“It shifts us from being a supplier of insights to being a workflow partner,” she said. The result: AI that doesn’t just inform decisions but helps execute them.

Building the foundations: governance and trust

At IBM, Matt Lyteson, CIO of Technology Platform Transformation, is applying the same principle on a global scale. His team is embedding agentic AI into every layer of the company’s operations — HR, IT support, procurement, and sales — serving 280,000 employees worldwide.

“Chatbots handled tasks through rigid, step-by-step flows that could easily break,” Lyteson said. “Agentic AI transforms that, enabling systems that reason through a process dynamically. That’s where the future of work is heading.”

One of IBM’s first success stories came with password resets — an unglamorous but ubiquitous use case. Two agents now collaborate: one triages the request, while the other verifies credentials and performs the reset, all under the company’s identity-and-access-management system. Each agent has its own digital identity, ensuring audit trails and preventing impersonation. “It’s a good example of multi-agent collaboration anchored in enterprise security,” Lyteson said.

Those same principles now underpin IBM’s broader Enterprise AI Platform, built on watsonx Orchestrate. The company’s AskHR, AskProcurement, AskSales, and AskIBM systems all rely on small, specialized agents operating within a unified governance framework. Every IBM employee interacts with these agents daily, likely making it one of the largest agentic AI deployments in the world.

The payoff has been dramatic. According to Lyteson, IBM’s AskIT system now resolves 82% of support requests without human intervention, freeing IT staff to focus on complex issues and allowing IBM to close its IT Service Desk phone lines. “We’re now focused on trust and collaboration — humans working confidently alongside multiple agents,” he said.

Responsible intelligence and the next phase of AI

Murali Swaminathan, CTO of IT services firm Freshworks, believes this new age of agentic AI must be guided by responsibility as much as innovation. He describes AI’s evolution in three stages: traditional chatbots, which were scripted and brittle; agent-assist systems, which indexed knowledge for humans; and now agentic AI, which understands context and acts on it. “It’s like moving from guided driving to full self-driving,” he said.

The company’s Freddy AI platform, launched in 2018, has evolved from chat support into a system that automates end-to-end workflows. In HR, for instance, an employee can request vacation time, and the agent determines which HR system to query, checks policy and balance, and executes the request. “It’s about reasoning and action, not just retrieval,” he said, adding that customers such as UK-based Frasers Group are already deflecting about a quarter of support cases using these agentic workflows.

Swaminathan emphasized that responsible AI isn’t a marketing promise — it’s a technical discipline. Freshworks’ Freddy Trust Framework embeds fairness, transparency, and privacy into every agentic workflow, he said.

The framework includes profanity and content filters, automatic masking of personally identifiable information, and rules that prevent customer data from being stored beyond an active session. Clients can also add their own guardrails. “Every deployment is designed to protect user data by default,” he said.

Freshworks has also launched the Freddy Agentic AI Studio, a no-code development environment where businesses can build and deploy agents safely. Templates, preconfigured prompts, and embedded filters make experimentation easy but controlled. “We serve everyone from small businesses to large enterprises,” Swaminathan said. “Simplicity and control must coexist.”

He calls this philosophy safe empowerment — democratizing AI while preserving trust. “Our goal,” he said, “is to help organizations adopt AI quickly and confidently — with guardrails, clarity, and simplicity at every step.”

Taking the leap from chatbots to agentic AI: A practical roadmap

Agentic AI isn’t a software upgrade — it’s a redesign of how digital work gets done. Each of the leaders interviewed for this story emphasized that success depends as much on data and governance as on culture and experimentation. Before moving beyond chatbots, IT directors should ask not only “Can we do this?” but “Where should we start — and how do we do it safely?”

Start small — and pick the right problem.

Flores at SuperWebPros recommends beginning with what he calls a “four-out-of-ten pain point” — a problem that’s mildly frustrating but not business-critical. “You want a PR win, not a huge risk,” he said. A 90-day pilot should aim to prove value quickly and visibly. Early success builds momentum and creates internal advocates.

Pieretti at Moody’s agrees: start with repeatable, well-defined workflows that deliver measurable value. “Don’t try to boil the ocean,” she advised. “Use genAI where processes are consistent and automation clearly adds business impact.”

Build on strong data and governance foundations.

IBM’s Lyteson warns against “AI sprawl” — dozens of uncoordinated pilots touching sensitive data. “Start with an enterprise AI platform that enforces identity, access, and auditability from day one,” he said. IBM’s Enterprise AI Platform gives each agent its own digital identity, mirroring employee permissions and ensuring accountability.

Swaminathan at Freshworks applies a similar principle through the Freddy Trust Framework — embedding fairness, privacy, and transparency into every agentic workflow. “With great power comes great responsibility,” he said. “Guardrails aren’t optional; they’re architectural.”

Shape culture, not just code.

Flores pointed out that human adoption is often harder than technical integration. “People resist change,” he said. “We name our agents — Marco, Betty, Harry — to make them feel like teammates rather than threats.”

Pieretti has seen the same challenge at Moody’s. “The key is shifting the mindset from ‘AI will replace me’ to ‘AI will empower me,’” she said. Training, communication, and co-creation help employees feel like part of the transformation instead of victims of it.

Adopt an iterative, governed rollout.

Both Lyteson and Swaminathan advocate continuous monitoring and versioning — agent 1.0, 1.1, 1.2 — with each release tested for drift, bias, and reliability. Pieretti’s team at Moody’s performs adversarial “jailbreaking” tests before and after deployment to ensure agents behave safely under pressure.

Swaminathan advises measuring success with hard metrics like deflection rates, resolution time, and user satisfaction. “There’s no plug-and-play AI,” he said. “Start small, measure results, and scale confidently.”

Ask the right readiness questions.

Before committing to agentic AI, IT leaders should assess four fundamentals:

• Strategy: Have we identified use cases where automation will yield measurable results?
• Data & Integration: Are our systems well-documented and accessible through secure APIs or metadata?
• Governance: Do we have clear guardrails for identity, permissions, and audit trails?
• Culture: Do we have internal champions who will model productive, responsible use?

Across all four organizations — SuperWebPros, Moody’s, IBM, and Freshworks — one message stands out: agentic AI thrives where governance meets imagination. Chatbots respond; agents reason and act. But they can only do so safely in environments built for trust, transparency, and collaboration. IT leaders who invest early in those foundations will be the ones to turn AI from a talking tool into a true digital colleague.

Civil recovery order targets PlugwalkJoe's illicit gains while he serves US sentence

British prosecutors have secured a civil recovery order to seize crypto assets worth £4.11 million ($5.39 million) from Twitter hacker Joseph James O'Connor, clawing back the proceeds of a scam that used hijacked celebrity accounts to solicit digital currency and threaten high-profile individuals.…

Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in particular has become a hotbed for phishing attacks, and for good reason. Attackers are running sophisticated spear-phishing attacks against company executives, with recent campaigns seen targeting

Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in particular has become a hotbed for phishing attacks, and for good reason. Attackers are running sophisticated spear-phishing attacks against company executives, with recent campaigns seen targeting [email protected]

Jako programující redaktor a věčný kutil mám oproti profesionálům tu výhodu, že si mohu kódovat i naprosté blbinky a zkoušet nejrůznější techniky bez zjevného praktického dopadu. Jedna z nich před pár dny pobavila i mé obecenstvo na sociální síti X, a tak se s ní na den sváteční pochlubím i s ...

The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT. The campaign, which is primarily aimed at Chinese-speaking users, employs trojanized NSIS installers masquerading as legitimate like Google Chrome and Microsoft Teams, according to Elastic Security Labs. "The

The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT. The campaign, which is primarily aimed at Chinese-speaking users, employs trojanized NSIS installers masquerading as legitimate like Google Chrome and Microsoft Teams, according to Elastic Security Labs. "TheRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

Nabídka procesorů Xeon Diamond Rapids, jejichž vydání chystá Intel na příští rok, bude proti původním plánům omezená. Levnější 8kanálové modely byly zrušeny, pokračuje se jen v přípravě 16kanálových…

In the era of cloud-first distributed enterprises where people collaborate across time zones and device types, the Zero Trust security methodology is increasingly key.

According to research by Foundry, over half of organizations either have Zero Trust in production or are piloting it. The Zero Trust security market is expected to be worth $88.8bn by 2030, at a compound annual growth rate of just over 16%.

And this investment is urgent: according to research, 98% of CISOs expect cyber attacks to increase over the next three years. These attacks can have huge consequences: US financial services firm Equifax incurred $1.4bn in settlements after a single vulnerability in a web application was exploited by hackers.

It’s clear that security leaders must use the most effective tactics available to counter these threats.

Zero Trust is a holistic approach to security, rather than a product or service. It assumes there will be a breach, and that hostile actors could already be inside the network.

In order to counter threats, the architecture is therefore based on an approach of constant verification. And security is delivered not just at the network layer, but at the application level too.

shutterstock/Gorodenkoff

Beyond walls

This approach delivers more effective and efficient security. It does not replace existing network or endpoint security measures, but layers defenses in a way that makes the organization more resilient.

As Germany’s Bundesamt für Sicherheit in der Informationstechnik (BSI) states, “Zero Trust describes an architectural design paradigm developed from the ‘Assume Breach’ approach.” Zero Trust, the BSI says, provides better protection for applications and reduces the damage from cyber attacks.

But this does not mean no trust, it means constant verification, across the network and applications.

As the UK’s NCSC puts it: “As a term, ZT [Zero Trust] can be misleading, as there is actually plenty of trust required… The key principle is don’t inherently trust any user or service requesting access to systems or data.”

Conventional security measures are no longer sufficient

Hostile groups can breach or bypass defenses, often through phishing. Once inside, they can move across networks (lateral movement) and use privileged access to attack other systems.

These risks are greater still as organizations use more IoT and personal devices, more cloud applications, and employ more remote workers.

Restoring trust, building security

Both businesses and regulators are putting more emphasis on organizational resilience. The EU’s NIS2 directive, for example, requires Zero Trust.

To implement this successfully, security leaders must have a clear view on their  infrastructure.

This includes multifactor authentication, microsegmentation with granular access controls, least privilege access, device access control, endpoint protection, data encryption, and identity and access management (IAM).

Microsegmentation allows organizations to contain any threats that break through perimeter defenses, isolating hostile traffic within the network. It is software defined, so it can respond quickly to evolving threats.

Managed detection and response (MDR) adds another layer of defense. It shields endpoints, detecting and blocking attackers before they can move into the organization. Moreover, MDR draws on the latest threat intelligence and network analysis to stop breaches before they cause damage. Vitally, these controls are dynamic and context aware. They continuously verify user identity and device health.

Zero Trust is often described as a journey, not a destination

Smart security leaders need to keep their progress towards Zero Trust under constant review, as the threat landscape changes, and technology evolves. The key is to establish a Zero Trust mindset, and implement a strategy aligned with business objectives.

Find out how T-Systems can help security teams on their journey to Zero Trust.