Agregátor RSS

Nejlevnější routery stojí šest stovek, nejdražší klidně dvacet tisíc. • Vybrali jsme ty nejlepší nebo nejvýhodnější, které podporují Wi-Fi 6 a novější. • Při pokrývání velkých ploch nehledejte jedno zařízení, ale vsaďte na mesh.

Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. According to reports from Aikido Security, Onapsis, OX Security, SafeDep, Socket, StepSecurity, and Google-owned Wiz, the campaign – calling itself the Mini Shai-Hulud – has affected the following packages associated with Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be exploited to obtain access to the control panel without authentication. [...]

Apple is building new AI photo editing tools to introduce with its next major software updates this fall, and these won’t be the only AI tools and services it wants to talk about at the Worldwide Developers Conference (WWDC) in a few weeks’ time.

While it is correct to say Apple has had setbacks in AI development, it has also had successes. Was it ready for the generative AI (genAI) juggernaut? Probably not, nor has it successfully developed its own response in-house. Is Apple’s platform ready for AI? Indisputably, with the power and performance across all its hardware products to run AI on the edge, in the cloud, and as-a-service. Right now, Apple doesn’t offer the world’s best AI services, but does offer the world’s best platform on which to run them.

Given you can’t have one without the other, no matter how you slice and dice it, Apple has therefore seen partial success in AI. Now, it just needs to add the software and the services, about which we’ll find out much more in June.

What can we expect from the New Apple AI?

Apple’s AI photo editing updates will join the existing Clean Up tool and include tools that include Extend, Enhance, and Reframe:

• Extend: Extends an image beyond the original frame using the source image as a guide, this works in a similar way to Adobe Photoshop’s Generative Expand.
• Enhance: Scan the image and optimize it improved color, lighting, and other effects.
• Reframe: A spatial feature that can shift the perspective of an image, so a photo of the side of someone’s head can become a portrait shot, thanks to AI.

Bloomberg tells us development of these new tools isn’t yet complete and warns they may be delayed, though that only makes it possible they will arrive later in the iOS 27 beta testing process. We know the company is working on additional tools.

We also know Apple will improve Siri and expand other Apple Intelligence features. To accomplish this, its engineers are working with Google Gemini to build dedicated large language models (LLMs) capable of running on the devices themselves, or via its own Private Cloud Compute. The company also intends to roll out a dedicated Siri app with a chat interface similar to that used by all the other genAI services, such as ChatGPT. 

The idea that Apple will turn Siri into an app implies plans to permit users to download alternative LLM-based apps to use. Apple likely recognizes it might need to provide that level of choice to avoid giving regulators yet another stick to slap it with. 

Big plans for AI services

Apple’s actions in AI show that its management believes AI services are likely to become commodities, which means they will continue to be highly reliant on the platforms where they run, which is good news for Apple’s hardware. Apple’s move to secure its processor development road map with more advanced 1.4nm and smaller chips over the coming years will only build up the company’s advantage. As Apple Senior Vice President Johny Srouji put it, the recently introduced M5 chip “ushers in the next big leap in AI performance for Apple silicon.” He means it — and when it comes to hardware, Apple knows to expect imitators.

The approach also suggests the company will offer AI services via an App Store for AI. You might purchase or subscribe to AI agents for specific tasks via a customer-focused App Store, for example. Offering these commodities via a dedicated online portal makes sense, while the company’s famed curation model means customers will be able to use those agents in relative confidence that their data isn’t being swiped in the process.

If I’m right, then the face of Apple’s so-called “AI failure” looks liked a combined hardware/software/services model in which customers have complete choice in which breeds of AI services they want to use, boosted by an App Store for useful AI services, Apple’s own Apple Intelligence tools supported by Google Gemini, all running happily on best-in-the-industry hardware with enough horsepower to handle most tasks natively.

Now, I may be an Appleholic, but I find it pretty difficult to see that connected AI ecosystem as much of a failure at all. I predict at WWDC 2026 we’re going to see the story change from one of losing the AI race to another fable of iconic AI recovery. That’s assuming, of course, the company manages to meet its own promises this time.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Textový editor Zed dospěl do verze 1.0. Představení v příspěvku na blogu.

Panasonic TB-65Z60AEG loni stál 45 tisíc, teď může být váš za 20 990 Kč. • Jde o nejlevnější 65" OLED televizor na trhu. • Má hezký obraz, 120 Hz, HDR, ale jen omezený operační systém TiVo.

GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough

The Cybersecurity and Infrastructure Security Agency (CISA) is warning anyone who uses GrassMarlin, a tool developed by the National Security Agency (NSA), about a new vulnerability that attackers can use to snoop on sensitive information.…

Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic's Claude Opus large language model (LLM). The package in question is "@validate-sdk/v2," which is listed on npm as a utility software development kit (SDK) for hashing, validation, encoding/decoding, and secure random generation. However, its real Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Austrian and Albanian authorities dismantled a criminal ring accused of running a large-scale cryptocurrency investment fraud operation that caused estimated losses of over €50 million ($58.5 million) to victims worldwide. [...]

Námořnictvo poprvé nasadilo certifikovaný kovový díl vyrobený na 3D tiskárně • Rychlá aditivní výroba pomáhá řešit současnou dodavatelskou krizi • Úspěšná instalace vytváří precedent pro mnohem rychlejší údržbu

Ministerstvo životního prostředí zavádí nový systém energetických poradců a renovační pasy. Ty budou nově potřeba pro dílčí renovace v rámci NZÚ i NZÚ Light.

A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach shows a compromised OAuth app can lead to widespread impact across downstream customers. [...]

Claude ploughs through months of work in rapid time, helps Wiz researchers nab lucrative award

Wiz researchers are set for a tidy payday thanks to their discovery of a high-severity flaw in GitHub's git infrastructure that handed remote attackers full read/write access to private GitHub repositories using a single command.…

BOIT Rizikové E-shopy vás upozorní na podvodné nebo podezřelé obchody. • Jde o doplněk pro Chrome a jeho odvozeniny, chystá se i verze pro Firefox. • Má vlastní detekci podezřelého chování a vychází také z databáze ČOI.

EU member states and the European Parliament failed to agree on changes that would have softened the bloc’s AI Act and pushed back its toughest enforcement deadlines.

The talks ran for about 12 hours on Tuesday and ended without an agreement, Reuters reported, citing a Cypriot official who said it had not been possible to reach a deal with Parliament. Cyprus holds the rotating presidency of the EU Council, which negotiates on behalf of member states. According to the report, the talks broke down over the insistence by some member states and lawmakers that industries already covered by sectoral safety rules be left out of the AI legislation.

Tuesday’s session was the last political trilogue on the Digital Omnibus on AI scheduled before formal adoption, according to the European Parliament’s legislative tracker. Talks will resume in May, and if no deal is reached before August 2, the AI Act’s high-risk obligations will apply that day as originally drafted.

The European Parliament’s co-rapporteurs on the file, Arba Kokalari and Michael McNamara, were scheduled to brief journalists in Strasbourg on Wednesday on the negotiations to update EU rules, but the briefing was cancelled at the last moment.

Neither of the rapporteurs’ offices immediately responded to a request for comment. The Cypriot presidency press service also did not respond by the deadline.

Why were the deadlines to be pushed back

The Digital Omnibus on AI, which the trilogue was meant to finalise, was proposed by the European Commission on November 19 last year. The Commission framed it as part of a wider effort to simplify the EU’s digital rulebook for businesses, in response to the Draghi report on EU competitiveness.

Both the Council and the Parliament had agreed before trilogue that the deadlines should be pushed back. The Council, in its March 13 negotiating mandate, proposed new dates of “2 December 2027 for stand-alone high-risk AI systems, and 2 August 2028 for high-risk AI systems embedded in products.” Parliament voted to adopt the same dates on Mar. 26 by 569 votes to 45, with 23 abstentions.

The deadlines were pushed back because the technical standards that companies need to demonstrate compliance with are not ready. Communications from CEN-CENELEC’s Joint Technical Committee 21, which is drafting the standards, suggest the full set may not be available before December 2026, according to a client note from law firm Morrison Foerster.

What Council and Parliament could not agree on was an exemption Parliament wanted for AI used in products that already fall under EU safety rules, such as machinery, toys, and medical devices, the report added.

The exemption “faced limited enthusiasm in the Council, with different compromise proposals being discussed,” the Center for Democracy and Technology Europe said in its April bulletin.

Consumer, medical, and academic groups have opposed the exemption. Forty such organisations warned in an open letter earlier this month that the proposals “still risk reopening core elements of this framework, crucially weakening the AI Act.”

For affected industries, the case for the exemption is the cumulative compliance burden, said Neil Shah, vice president for research and partner at Counterpoint Research. “In already highly regulated industries such as medical, an additional AI regulation further increases compliance and headaches for the enterprises,” he said. “Complying with both physical and digital safety is important, but there has to be a way to reduce the compliance burden and be answerable to a single regulatory authority.”

What happens next

CIOs should treat August 2 as a hard deadline regardless of what happens in May, Shah said. “I believe CIOs are in a tough spot right now. They should be prepared, irrespective of the regulatory limbo, and treat this summer as a hard deadline. If it gets delayed, then it’s a bonus and if not, then it would be a regulatory risk.”

If lawmakers fail to land a deal before August 2, the high-risk obligations apply as drafted, regardless of whether harmonised standards or national enforcement authorities are ready. Patchy readiness across member states does not reduce the risk for businesses, said Enza Iannopollo, vice president and principal analyst at Forrester.

“It’s obvious that if the authorities responsible for enforcing the rules are not in place, there won’t be enforcement, despite the deadlines,” she said. “But Member States can accelerate that process and put those authorities in place rather quickly. Some countries have already named them. The risk is that businesses lose track of developments across each Member State and find themselves exposed to regulatory scrutiny and fines.”

Other parts of the AI Act will keep moving on their original schedule. The prohibitions on unacceptable-risk AI have applied since February 2025. The general-purpose AI rules came into force in August 2025. The transparency obligations under Article 50, including disclosure for chatbot interactions and labelling of deepfakes, are set to apply from August 2.

For CIOs, Iannopollo said, the underlying compliance work continues regardless of trilogue politics. “Waiting is not an option. CIOs must start building the foundations of AI governance and compliance,” she said. “If they are not inventorying their AI use cases, assessing risks in light (also) of the EU AI Act’s risk categorisation, and defining risk management measures, they risk not only fines. They risk reputational damage and the inability to effectively scale their AI initiatives.”

The Cypriot presidency runs until June 30, after which Ireland takes over.

In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private repositories. [...]

'Online platforms can rely on our app,' says Commish, 'there are no more excuses'

The European Commission has recommended EU member states adopt an age verification app designed to protect children from harmful online content.…

In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate attacks directly into the kill chain. We aren't just talking about AI writing better phishing emails anymore. We’re talking about autonomous agents mapping Active Directory and seizing Domain Admin credentials in minutes. The problem? Most defensive [email protected]