Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Tech

Tech Articles from a wide variety of topics and categories
Introduction
In 2026, the demand for high-performance, visually appealing, and responsive websites continues to rise as more businesses, creators, and freelancers seek a strong online presence. Website builders have become essential tools, allowing users of all skill levels to create professional websites without needing advanced coding knowledge. Whether you’re launching a personal portfolio, an eCommerce store, or a company site, a reliable website builder can drastically reduce time-to-market and improve brand credibility.
When choosing a website builder in 2026, users should consider factors like ease of use, customization flexibility, template quality, SEO tools, integrations, and pricing. Modern website builders offer powerful drag-and-drop interfaces, AI-assisted design, mobile optimization, and scalable hosting, making them viable for both beginners and seasoned developers.
In this blog, we explore the top 10 website builder tools in 2026, analyzing their standout features, advantages, and potential limitations to help you make an informed decision.
Top 10 Website Builders Tools (2026)
1. Design.com
Short Description: A free AI website builder that instantly generates complete, fully branded websites for small businesses, independent creators, and entrepreneurs without any coding or design experience required.
Key Features:
AI-generated website layouts, copy, and page structure built from your business name and industry in minutes Drag-and-drop editor with 3,000+ mobile-responsive templates spanning dozens of industries Automatic brand syncing that applies your logo, colors, and fonts across every page the moment your site is generated Built-in SEO tools with editable page titles and meta descriptions for every page Contact forms, email capture, image galleries, maps, and payment acceptance are all built in. Pros:
AI handles the design and setup, helping you launch a branded website in minutes Automatic brand syncing eliminates manual design work across every page and asset Cons:
Best suited for beginners and small businesses, advanced developers may find the customization depth limiting Collaboration features are lightweight, though ideal for those who need a clean, hassle-free workflow. 2. Squarespace
Short Description: A premium website builder known for beautiful design templates and content-focused websites.
Key Features:
Award-winning responsive templates Integrated blogging and podcast support Powerful portfolio and image galleries Built-in email campaigns eCommerce with shipping, tax, and inventory Analytics dashboard & SEO tools Pros:
Perfect for creative professionals All-in-one design and hosting solution Cons:
Learning curve for customization Slightly expensive for basic needs 3. Webflow
Short Description: A powerful website builder blending visual design tools with CMS and front-end code control.
Key Features:
Visual CSS/HTML editor for designers and devs CMS and dynamic content collections Advanced animation and interaction tools eCommerce and memberships Hosting with SSL, backups, CDN Built-in SEO settings Pros:
Full control over code and structure Great for agencies and freelancers Cons:
Steeper learning curve Can feel overwhelming to beginners 4. Shopify
Short Description: A robust website builder focused on eCommerce functionality for small to large online stores.
Key Features:
100+ eCommerce themes Built-in payment gateway & multi-currency Inventory, shipping & order management 6000+ apps on the Shopify App Store POS system for retail integration SEO & marketing automation tools Pros:
Exceptional for eCommerce Scales with business growth Cons:
Monthly fees can add up Limited design flexibility outside templates 5. Zyro
Short Description: An AI-powered website builder for fast and affordable website launches.
Key Features:
AI writer, heatmap & business name generator Drag-and-drop editor Built-in SEO and analytics tools eCommerce capabilities 130+ mobile-ready templates Free SSL and hosting Pros:
Fast setup with AI tools Affordable pricing Cons:
Limited design customization Smaller template library 6. WordPress.com
Short Description: A hosted version of WordPress for bloggers, creators, and businesses wanting simplicity.
Key Features:
10,000+ themes & plugins Block editor (Gutenberg) WooCommerce integration Built-in SEO & Jetpack features Content import/export tools Managed hosting and backups Pros:
Huge ecosystem & community Flexible for content-heavy sites Cons:
Customization can be complex Ads on free plans 7. Weebly (by Square)
Short Description: A user-friendly builder ideal for basic business sites and simple eCommerce stores.
Key Features:
Simple drag-and-drop builder Square payment integration Blogging and eCommerce tools App Center for added functionality Responsive templates Free SSL and analytics Pros:
Very easy to use Seamless Square integration Cons:
Limited advanced features Less flexibility compared to others 8. GoDaddy Website Builder
Short Description: A quick-start builder with AI-assisted design, suited for small businesses and service providers.
Key Features:
ADI-based website creation Built-in appointment booking Marketing suite (emails, social, SEO) eCommerce capabilities Mobile-optimized themes 24/7 support Pros:
Fastest setup time All-in-one business toolset Cons:
Fewer customization options Not ideal for complex websites 9. Strikingly
Short Description: A website builder focused on one-page websites, ideal for personal brands and landing pages.
Key Features:
One-page site builder Simple editing interface Built-in contact forms & newsletter signup Basic eCommerce support Free domain (on paid plans) Real-time analytics Pros:
Great for personal portfolios Fast setup with mobile-friendly designs Cons:
Not suitable for large or complex sites Limited third-party integrations 10. Hostinger Website Builder
Short Description: A modern and affordable AI-powered builder from the hosting giant, Hostinger.
Key Features:
AI logo maker and content tools Drag-and-drop interface Mobile responsiveness eCommerce-ready Free domain & SSL included Integrated SEO tools Pros:
Excellent value for money Clean, modern interface Cons:
Fewer templates than competitors Still evolving in features Comparison Table
Tool NameBest ForPlatform(s) SupportedStandout FeaturePricingRating (G2/Capterra)WixSMBs, CreativesWeb, MobileAI-based website creationFree / Starts at $164.4 / 5.0SquarespaceDesigners, CreatorsWeb, MobileAward-winning templatesStarts at $164.6 / 5.0WebflowAgencies, FreelancersWebVisual code + CMSFree / Starts at $184.7 / 5.0ShopifyeCommerce BusinessesWeb, Mobile, POSComprehensive eCommerce suiteStarts at $294.5 / 5.0ZyroBeginners, StartupsWebAI tools for fast setupStarts at $11.994.2 / 5.0WordPress.comBloggers, Content SitesWeb, MobileExtensive plugin libraryFree / Starts at $44.5 / 5.0WeeblySimple Stores, Local BizWeb, MobileSquare payment integrationFree / Starts at $64.3 / 5.0GoDaddy BuilderSMBs, Service ProvidersWeb, MobileAll-in-one business suiteFree / Starts at $94.1 / 5.0StrikinglyPersonal PagesWeb, MobileOne-page site focusFree / Starts at $84.2 / 5.0Hostinger BuilderBudget-conscious UsersWebAI + Hosting bundleStarts at $2.994.6 / 5.0 Which Website Builders Tool is Right for You?
For Beginners: Zyro, Weebly, GoDaddy Website Builder For Designers: Squarespace, Webflow For eCommerce: Shopify, Wix, Hostinger Website Builder For Personal Brands: Strikingly, Wix For Content Creators: WordPress.com, Squarespace For Agencies/Freelancers: Webflow, Wix For Budget Users: Hostinger Builder, WordPress.com (Free Plan) Choose based on:
Customization Needs: Webflow, WordPress.com Budget Constraints: Hostinger, Weebly Speed to Launch: Zyro, GoDaddy Builder Conclusion
Website builders in 2026 continue to evolve rapidly with AI features, mobile responsiveness, integrated marketing, and seamless hosting. Whether you’re building a one-page portfolio or launching a global eCommerce brand, there’s a website builder tailored to your needs. With low-code/no-code interfaces and powerful design tools, users now have more freedom than ever to create professional digital experiences.
Try free trials or demos before committing. The right website builder can empower your brand and transform your online presence in minutes.
FAQs
1. What is the easiest website builder for beginners in 2026?
Zyro and GoDaddy Website Builder are known for their simplicity and fast setup, making them ideal for beginners.
2. Which website builder is best for eCommerce?
Shopify remains the top choice for eCommerce in 2026 due to its features, scalability, and third-party app support.
3. Can I build a website for free?
Yes, platforms like Wix, WordPress.com, and Strikingly offer free plans with limited features and branding.
4. Are website builders good for SEO?
Modern website builders like Webflow, Wix, and Squarespace offer robust SEO tools and settings.
5. Which builder offers the most design flexibility?
Webflow offers the highest level of design and code flexibility, perfect for developers and designers.
View the full article
Introduction
In today’s digital landscape, establishing a recognizable brand identity is paramount, and a logo plays a crucial role in this process. For entrepreneurs, small businesses, and even established companies, having a professional and eye-catching logo is essential to create a lasting impression. However, hiring a designer or agency can be costly, leading many to explore logo generator tools.
Logo generators are online tools that allow users to create logos quickly and efficiently with minimal design experience. These platforms offer intuitive interfaces, templates, and customization options to make logo creation accessible to everyone. In 2026, the best logo generator tools have evolved with advanced AI capabilities, automation, and a range of professional-grade features that help businesses of all sizes craft the perfect visual representation of their brand.
When choosing a logo generator tool, users should look for ease of use, a wide variety of templates, customization features, pricing plans, and whether the tool offers scalable options for growth. With so many tools on the market, finding the right one can be overwhelming. In this article, we’ll explore the top logo generators for 2026, providing you with a comparison of features, pros, cons, and pricing to help you make an informed decision.
Top 10 Logo Generators Tools (for 2026)
1. Canva Logo Maker
Short Description: Canva is a versatile design tool that provides a powerful logo maker for both beginners and professionals. It offers a wide range of customizable templates and a drag-and-drop interface. Key Features: Drag-and-drop simplicity. Thousands of customizable logo templates. Collaboration features for teams. High-resolution export options. Integrated with Canva’s broader design tools (e.g., social media posts, presentations). Pros: Easy to use. Free plan available with many features. Large selection of templates. Cons: Limited logo export options in the free version. Can feel somewhat generic if overused. 2. Design.com Logo Maker
Short Description: Design.com offers an AI logo generator built for small businesses, independent creators, and entrepreneurs who want professional, original results without design experience or upfront cost. This branding platform draws from a proprietary library of exclusive assets and pairs it with a chat-based AI editor that makes the entire customization process fast, intuitive, and copyright-safe from start to finish.
Key Features:
Chat-based AI editor that reads plain language descriptions and applies design changes instantly 500,000+ professionally designed templates independently verified for originality 525+ exclusive fonts built specifically for Design.com and unavailable on any other platform 62,000+ custom vector shapes engineered for clean, scalable branding across print, digital, and large-format applications Comprehensive download formats covering PNG and JPG for digital use, SVG, EPS, and PDF for professional print and packaging, and GIF and MP4 for animated versions used in video content and social media Pros:
Completely free with no watermark, no hidden fees, and no credit card required at any point in the process Proprietary asset library produces genuinely original results that won’t be shared or duplicated across other businesses using the same tool Chat-based AI editor eliminates the frustration of manual design adjustments Cons:
Best suited for beginners and small businesses; advanced designers may want deeper control Web-based only with no native app, though the browser experience is fast and responsive 3. Looka
Short Description: Looka uses AI to generate logos based on user preferences, offering an easy-to-use platform with premium options for more advanced designs. Key Features: AI-powered logo suggestions. Brand kit with logo, business card, and social media assets. Hundreds of templates to choose from. Customizable fonts, colors, and icons. Pros: AI-driven suggestions for quick logo creation. Professional-grade output. Affordable pricing plans. Cons: Customization options are somewhat limited. Expensive for high-quality downloads. 4. LogoMakr
Short Description: LogoMakr offers a straightforward logo design tool with millions of graphics to choose from. It’s known for its ease of use and fast output. Key Features: Intuitive drag-and-drop interface. Large library of icons and fonts. Low-cost premium features. High-quality vector logos available. Pros: Fast and simple. Affordable premium options. No sign-up required to design. Cons: Free logos come with a watermark. Limited advanced design features. 5. Tailor Brands
Short Description: Tailor Brands offers a robust logo maker tool that uses AI to generate logos based on your business type and design preferences. It also offers branding tools for websites, social media, and more. Key Features: AI-driven logo design. Customizable fonts, icons, and color schemes. Integrated branding tools. High-quality vector files. Pros: Professional results with minimal effort. Wide array of branding options. Easy-to-use interface. Cons: Paid features can be expensive. Limited customization after the logo is created. 6. Wix Logo Maker
Short Description: Wix’s logo maker is designed to generate logos using user input and AI. It also provides an easy path to integrate your logo into a full website using Wix’s website builder. Key Features: AI-based logo design tailored to your preferences. Option to create a website with the logo. Customizable logo templates. High-resolution file exports. Pros: Integrated website builder options. Affordable pricing. AI-powered design for quick results. Cons: Limited advanced design tools. Can be more expensive than other platforms for premium logos. 7. Designhill Logo Maker
Short Description: Designhill’s logo maker is powered by AI and offers a wide variety of customizable templates. It’s ideal for businesses that need a fast and professional logo design. Key Features: AI-powered logo creation. Hundreds of professional design templates. Multi-format logo file downloads. Brand identity toolkit (business cards, stationery, etc.). Pros: Easy and quick logo creation. Great for startups and small businesses. Extensive template library. Cons: High-quality downloads come at a premium cost. Limited design flexibility. 8. Logojoy
Short Description: Logojoy provides AI-based logo generation tools that combine creativity and technology to produce logos that reflect your brand’s personality and style. Key Features: AI-powered design assistant. Multiple logo variations to choose from. Customizable colors, fonts, and symbols. High-quality vector logos. Pros: Easy to use for beginners. Affordable pricing options. High-quality logo files. Cons: Limited free version. May require some trial and error to get the perfect design. 9. DesignEvo
Short Description: DesignEvo offers over 10,000 templates for users to choose from, making it a fantastic choice for businesses looking to create a logo without much effort. Key Features: Over 10,000 templates to choose from. Easy-to-use editing tools. Free and premium logo downloads. Customizable icons, fonts, and colors. Pros: Free plan available. Massive template library. Easy-to-use interface. Cons: Free version logos come with watermarks. Limited to fewer customization options compared to other platforms. 10. Logo Genie
Short Description: Logo Genie offers a logo generator tool with a variety of templates and design elements to create unique logos in minutes. Key Features: Simple and intuitive logo design interface. Wide selection of templates and design elements. Fast download of high-quality logo files. Pros: Quick and easy design process. Affordable pricing. Great for startups. Cons: Limited customization. Paid features can be pricey. Comparison Table
Tool NameBest ForPlatforms SupportedStandout FeaturePricing (Starts at)G2/Capterra RatingCanvaSmall businesses, TeamsWeb, iOS, AndroidWide range of customizable templatesFree / $12.99/month4.7/5HatchfulEntrepreneurs, StartupsWeb, iOSIndustry-specific templatesFree4.8/5LookaSmall to medium-sized businessesWebAI-powered logo suggestionsStarts at $204.6/5LogoMakrEntrepreneurs, FreelancersWebSimple drag-and-drop interfaceFree / $19.994.5/5Tailor BrandsSmall to medium businessesWeb, iOS, AndroidIntegrated branding toolsStarts at $9.994.6/5Wix Logo MakerEntrepreneurs, SMBsWebIntegrated website builderStarts at $124.3/5DesignhillSmall businessesWebProfessional template selectionStarts at $204.5/5LogojoyEntrepreneurs, StartupsWebAI-driven logo creationStarts at $19.994.7/5DesignEvoSmall businesses, startupsWeb, iOSOver 10,000 logo templatesFree / $24.994.6/5Logo GenieSmall businesses, freelancersWebFast and affordable logo creationStarts at $24.994.4/5 Which Logo Generators Tool is Right for You?
When selecting a logo generator tool, consider the following factors:
Business Type: If you’re a freelancer or small business, tools like Canva, Hatchful, or LogoMakr can be ideal for their simplicity and low-cost options. Customization Needs: For more advanced design features and AI-powered suggestions, consider Looka or Tailor Brands. Budget: If you’re on a tight budget, Hatchful and DesignEvo offer excellent free options, while paid tools like Logojoy and Logo Genie offer more premium features. Branding Needs: If you’re looking for comprehensive branding tools beyond logos, Tailor Brands and Wix Logo Maker offer integrated solutions for websites and business cards. Conclusion
As we move into 2026, logo generator tools are more powerful and accessible than ever before. Whether you’re a solopreneur, a startup, or an established business, there’s a logo generator that can help you craft a professional logo quickly and affordably. By understanding the features, pricing, and target users of each tool, you can select the best one for your needs.
Try out demos or free trials to see how these tools work in real-world scenarios, and start building your brand’s visual identity today.
FAQs
Q1: Are logo generators free to use?
Many logo generators offer free plans, but they often come with limited customization options or watermarked logos. Paid plans typically offer more features and high-quality downloads. Q2: How long does it take to create a logo with a logo generator?
Most logo generators allow you to create a logo within minutes by selecting a template and customizing it to your liking. Q3: Can I use the logos created by these tools for commercial purposes?
Yes, once you purchase the logo or use the free version without watermarks, you can use the logo for commercial purposes. Always check the licensing details to confirm usage rights. View the full article
Anker's popular Prime 3-in-1 Wireless Charging Station has dropped to $99.74 on Amazon, down from $149.99. This is one of Anker's newest accessories, and Amazon's sale today is a match of the all-time low price that we last tracked during Prime Day.

Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

The Prime 3-in-1 Wireless Charging Station features Qi2.2 support, which lets a compatible MagSafe ‌iPhone‌ charge at up to 25W. It's the same speed as Apple's ‌MagSafe‌ charger, and it is 10W faster than the standard Qi2 ‌MagSafe‌ chargers. You can also simultaneously charge an Apple Watch and AirPods with the device.

$50 OFFAnker Prime 3-in-1 Wireless Charging Station for $99.74

Below you'll find a list of the best Anker discounts on Amazon this week, also including wall chargers, portable batteries, and more. There are a few more accessories that are matching their Prime Day prices, including Anker's Nano USB-C Wall Charger with Smart Display. You can get this accessory for $25.99, down from $39.99.

Wall Chargers

Anker Nano USB-C Wall Charger with Smart Display - $25.99, down from $39.99
Anker 140W 4-Port GaN USB-C Charger - $79.99, down from $99.99
Anker 3-Port Prime Charger - $99.99, down from $149.99
Wireless Chargers


Anker MagGo 3-in-1 Charging Station - $71.99, down from $89.99
Anker 3-in-1 MagSafe-Compatible UFO Charger - $71.99, down from $89.99
Anker 3-in-1 MagSafe-Compatible Foldable Charging Station - $85.99, down from $109.99
Anker 3-in-1 MagSafe-Compatible Charging Cube - $89.99, down from $129.99
Anker 3-in-1 Prime Wireless Charging Station - $99.74, down from $149.99
Anker Prime MagSafe-Compatible 3-in-1 Charging Station - $139.99, down from $229.99
Portable Chargers


Anker MagGo Power Bank 10,000 mAh - $65.99, down from $79.99
Anker Prime Power Bank 20,100 mAh - $129.99, down from $179.99
Anker Prime Power Bank 26,250 mAh - $179.99, down from $229.99
Portable Power Stations

Anker SOLIX C300 Power Station with Lantern - $189.99, down from $249.00
Anker SOLIX C300 - $249.99, down from $299.99
Anker SOLIX S2000 - $599.00, down from $1,199.00
Anker SOLIX C2000 Gen 2 - $899.99, down from $1,499.00
Docks

Anker Nano 13-in-1 Laptop Docking Station - $111.99, down from $149.99
Anker Prime 14-Port Docking Station - $169.99, down from $269.99

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Anker's 3-in-1 Foldable Wireless Charger Matches Prime Day Low at $99.74" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple is expected to unveil the iPhone 18 Pro and iPhone 18 Pro Max in September. The devices will have a lot in common, but the latest leak suggests that the Pro Max model will take an even bigger step forward in regards to battery life.


According to new filings in a Chinese regulatory database, it appears that the iPhone 18 Pro Max will be equipped with a 5,567mAh battery in the U.S., while the iPhone 18 Pro will seemingly have a 4,288mAh battery. It is no surprise the Pro Max has a larger battery, but its year-over-year gains in battery life look to be particularly significant this year.

If the leaked capacities are accurate, the iPhone 18 Pro Max would have nearly a 10% larger battery compared to the iPhone 17 Pro Max, while the size of the iPhone 18 Pro's battery would only increase by less than 1% over the iPhone 17 Pro.

It was previously rumored that the iPhone 18 Pro Max will be thicker than the iPhone 18 Pro. If so, that might be to accommodate the larger battery.

In some years, the Pro Max gets some camera features before the Pro, but that is not expected to be the case this year. The main 48-megapixel Fusion camera is rumored to get variable aperture on both the iPhone 18 Pro and iPhone 18 Pro Max.

Of course, the Pro Max will remain larger and heavier than the Pro, but the devices should be identical beyond that and the bigger gap in battery life.Related Roundup: iPhone 18 Pro
This article, "Here's How the iPhone 18 Pro Max Will Compare to the iPhone 18 Pro" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part this week: the risky pieces were ordinary. Home devices became a routing cover. Clean code pulled dirt from a dependency. Identity shortcuts aged badly. AI systems trusted the wrong instructions. Same soft spot throughout: trustView the full article
Broadcom has agreed to extend its chip partnership with Apple through 2031, expanding a deal that covers the development and supply of a wide range of custom chips, Reuters reports.


Today's extension builds on an existing supply relationship between the two companies, which have worked together for years. Apple is one of Broadcom's largest customers, believed to account for about 20% of its annual revenue.

Apple has been steadily bringing chip design in-house, such as with its own C1 and C1X cellular modems, but many of Broadcom's wireless connectivity and radio frequency components remain in use. Broadcom's chips cover custom radio frequency components, Wi-Fi and Bluetooth connectivity, and other networking semiconductors found throughout Apple's lineup.

Apple and Broadcom signed a multibillion-dollar agreement in 2023 covering 5G radio frequency components manufactured in the United States. Broadcom shares rose nearly 4% in premarket trading today on the news.Tag: Broadcom
This article, "Apple and Broadcom Extend Chip Supply Deal to 2031" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Amazon today has a few deals on the Apple Watch Ultra 3, providing $99 discounts on select models. We did track these models at $149 off during Prime Day this year, but those discounts are long gone and Amazon's prices today are still solid second-best options for anyone who missed those sales in June.

Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

You can get the Apple Watch Ultra 3 for $699.99 in Natural and Black color options, down from $799.00. There are also a few Milanese Loop models on sale for $799.99, down from $899.00.

$99 OFFApple Watch Ultra 3 for $699.99

We've collected some of the Apple Watch Ultra 3 models currently on sale on Amazon in the list below. Amazon provides an estimated delivery date of July 11 for most of the watches, although Prime members should see same-day delivery in many locations.

Black with Black Ocean Band - $699.99 ($99 off)
Natural with Anchor Blue Ocean Band - $699.99 ($99 off)
Natural with Blue/Bright Blue Trail Loop (M/L) - $699.99 ($99 off)
Black with Black Milanese Loop (Large) - $799.99 ($99 off)
Natural Milanese Loop (Large) - $799.99 ($99 off)

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Apple Watch Ultra 3 Now $99 Off on Amazon, Starting at $699.99" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
New Chinese regulatory certification filings appear to confirm the battery capacities of Apple's upcoming iPhone 18 Pro and ‌iPhone 18 Pro‌ Max models.


According to new filings in China's C3 database, spotted by the leaker known as "Digital Chat Station" on Weibo, the ‌iPhone 18 Pro‌ is seemingly rated for 4,056mAh in China and 4,288mAh in the U.S., up modestly from the iPhone 17 Pro's 3,988mAh and 4,252mAh. The ‌iPhone 18 Pro‌ Max shows a bigger jump, rated for 5,391mAh in China and 5,567mAh in the U.S., compared with 4,823mAh and 5,088mAh on the ‌iPhone 17 Pro‌ Max, an increase of nearly 500mAh.

‌iPhone 18 Pro‌




China
China Difference
U.S.
U.S. Difference


iPhone 16 Pro
3,582mAh
+308mAh
3,582mAh
+308mAh


‌iPhone 17 Pro‌
3,988mAh
+406mAh
4,252mAh
+670mAh


‌iPhone 18 Pro‌
4,056mAh
+68mAh
4,288mAh
+36mAh




‌iPhone 18 Pro‌ Max




China
China Difference
U.S.
U.S. Difference


‌iPhone 16‌ Pro Max
4,685mAh
+244mAh
4,685mAh
+244mAh


‌iPhone 17 Pro‌ Max
4,823mAh
+138mAh
5,088mAh
+403mAh


‌iPhone 18 Pro‌ Max
5,391mAh
+568mAh
5,567mAh
+479mAh




The devices in the filings are not directly named the ‌iPhone 18 Pro‌ and ‌iPhone 18 Pro‌ Max, but are highly likely to relate to these models.

The China and U.S. capacities differ because Apple has continued to include a SIM tray on iPhones sold outside the United States, while U.S. models have been eSIM only since the iPhone 14 lineup. Without a physical tray taking up internal space, Apple can fit a slightly larger battery into the U.S. version of each device.

The certification listings cover battery models S2232 and S2233 for the ‌iPhone 18 Pro‌ and 2235L/2235 and 2236L/2236 for the ‌iPhone 18 Pro‌ Max, and also show rated energy figures of up to 21.751Wh and a 4.520V charge limit voltage, and list all four batteries as valid through May or June 2031.

The numbers line up with Digital Chat Station's report from June, which gave identical figures for the ‌iPhone 18 Pro‌.

In a separate post the same day, Digital Chat Station said supply chain information from months earlier had already pointed to the China model landing in the "5,000mAh" range, and suggested that a 5391mAh cell paired with the 2nm A20 Pro chip could deliver a noticeable battery life improvement.

The ‌iPhone 18 Pro‌ models are rumored to feature a smaller Dynamic Island, a variable aperture main camera, the C2 modem outside of the U.S., and more. The ‌iPhone 18 Pro‌ and ‌iPhone 18 Pro‌ Max are expected to launch in September alongside Apple's first foldable iPhone.Related Roundup: iPhone 18 Pro
This article, "iPhone 18 Pro Battery Capacities Revealed by Regulatory Filings" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple's Mac mini and Mac Studio have become the machines of choice for running AI agents, according to Doug Brooks, Apple's senior product manager of Apple silicon.


Brooks made the claim while discussing Apple's chip strategy in a newly published interview with The Deep View conducted just prior to WWDC 2026 in June.

Brooks says that the company has seen "incredible demand" for the two desktop Macs. When it comes to agentic workloads, "people often want a system that's under their control, isolated from their primary machine, and capable of running 24 hours a day, seven days a week," said Brooks.

"A Mac mini is an amazing system for that," he added.

Many AI tools are also Mac-first or Mac-only, which Brooks says has helped cement the Mac's standing among developers, including those at frontier AI labs where Macs are said to be a common sight.

The Apple executive also conceives of agentic AI as a whole-chip problem rather than a GPU one. "It's not just about the GPU crunching on an LLM anymore," he said. "It's about the whole chip contributing to different parts of the task, tool-calling, and the things that are happening around those workflows. It really plays to the strengths of Apple silicon."

Brooks links Apple's position of strength in modern AI back to chip decisions made long before LLMs like ChatGPT arrived. He points to the Neural Engine, which is built for power-efficient matrix math, along with lesser-known neural accelerators inside the CPU that handle time-sensitive tasks like speech.

Apple more recently added neural accelerators to the GPU, which has extended AI performance across the board from iPhone-class parts up to the Mac's largest silicon. Brooks ties that progress to Apple's design method, where a chip is built for a specific machine, and the hardware and software are developed in tandem.

He also described a shift toward running AI locally rather than in the cloud – a move motivated by privacy, security, and the rising cost of inference as agents consume more tokens. However, Brooks envisions a hybrid future in which agents decide what runs on-device and what gets sent to the cloud.

He also singled out what he calls "transparent AI" on iPhone and iPad, referring to features scattered throughout the operating system and third-party apps that work quietly without announcing themselves as AI.

Some of the examples he cited include Draw Things, an image generator that runs across iPhone, iPad, and Mac, and SwingVision, which analyzes tennis and pickleball gameplay in real time using the iPhone's cameras.

"The speed of AI development right now is just crazy," Brooks said. "I can't imagine where we're going to be a year from now, three months from now, or even a month from now," he added.

You can read the full interview over on The Deep View website.Related Roundup: Mac miniTag: Apple SiliconBuyer's Guide: Mac Mini (Caution)Related Forum: Mac mini
This article, "Apple Silicon Exec Explains Mac Mini AI Demand and On-Device Future" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
A fully autonomous AI agent conducted an end-to-end cyber intrusion and extortion campaign after exploiting a vulnerable Langflow server, demonstrating how large language models could accelerate ransomware operations, according to research published by Sysdig.
Sysdig detailed the operation in a research paper, saying the AI agent, dubbed JadePuffer, completed the entire intrusion chain, from initial access to database extortion, using an LLM to adapt its actions and execute more than 600 coordinated payloads.
“The Sysdig Threat Research Team (TRT) has captured what we assess to be the first documented case of agentic ransomware: a complete extortion operation driven end-to-end by a large language model (LLM),” Michael Clark, director of threat research at Sysdig, wrote in the paper.
Sysdig classifies JadePuffer as an agentic threat actor, meaning its attack capability was delivered by an AI agent rather than a human-driven toolkit.
A known flaw opens the door
According to Sysdig, JadePuffer gained initial access by exploiting CVE-2025-3248, an RCE vulnerability in an internet-facing Langflow instance, before pivoting to a production server running MySQL and Alibaba’s Nacos configuration platform.
The AI agent harvested credentials, established persistence, mapped internal services, and ultimately encrypted 1,342 Nacos configuration records before deleting the original tables and leaving behind a Bitcoin ransom demand.
Clark wrote that what distinguished the campaign was not the exploitation techniques, which largely relied on known vulnerabilities and misconfigurations, but the AI agent’s ability to make operational decisions throughout the intrusion.
Sysdig said the operation touched two separate machines: the compromised Langflow host that provided initial access, and a second production database server that was the agent’s true objective. All payloads, the researchers said, were delivered as Base64-encoded Python sent through the Langflow remote-code-execution endpoint.
“The most striking characteristic, however, was the LLM’s behavior,” he wrote. “JADEPUFFER’s own payloads were self-narrating. They contained natural language reasoning, target prioritization, and the kind of detailed annotations that human operators don’t often write but LLM-generated code produces reflexively.”
The paper cited multiple instances where the AI agent diagnosed failures and generated corrected payloads without human intervention. In one case, it recovered from a failed attempt to create an administrator account in Alibaba’s Nacos platform within 31 seconds. Sysdig said the behavior, along with self-narrating code and contextual reasoning, supported its assessment that the operation was LLM-driven.
Experts see evolution, not a revolution
Independent cybersecurity researcher and red teamer Vibhum Dubey said the campaign represents “an evolution in execution” rather than a fundamentally new ransomware technique.
“I see it more as an evolution in execution than a completely new ransomware technique,” Dubey said. “Attackers have automated reconnaissance, credential theft, and deployment for years. The difference is that an AI agent can connect those stages together and make decisions without waiting for a human operator.”
Adaptive decision making is the biggest concern, he said. “Traditional detections assume attackers follow fairly predictable paths. An AI agent can quickly change tactics if something is blocked, making every intrusion look slightly different. I’m less worried about the encryption stage than the quiet phase beforehand, where the agent maps identities, privileges, and trust relationships while avoiding detection.”
Rather than focusing on individual tools, defenders should prioritize detecting attacker behavior, including suspicious identity activity, privilege escalation, abnormal authentication patterns, and unusual sequences of actions across systems, Dubey said.
Although AI lowers the operational barrier for ransomware campaigns, it does not replace experienced attackers, he added. “Where AI makes a difference is helping less experienced operators chain together post-exploitation activities more effectively. Defenders should assume future intrusions will move faster and require less hands-on interaction from the attacker.”
Behavioral detection remains key
Autonomous AI agents capable of independently executing multiple stages of an attack represent “an evolution rather than a revolution,” said Prashant Sharma, cybersecurity consultant at Cyble.
“AI-assisted techniques have been in use for some time, but the emergence of autonomous agents capable of independently executing multiple stages of an attack could substantially increase the speed, scale, and adaptability of ransomware operations,” Sharma said.
He said threat actors are already using AI to improve phishing, malware development, reconnaissance, and social engineering, and he expects autonomous capabilities to become more common as the technology matures.
For enterprise defenders, however, the security priorities remain largely unchanged.
“Modern EDR, XDR, and SOC platforms are built to flag malicious behavior rather than the underlying technology driving it,” Sharma said. “Whether an attack is carried out manually or orchestrated by an AI agent, actions such as credential abuse, privilege escalation, lateral movement, data exfiltration, and ransomware deployment still leave detectable behavioral traces.”
View the full article
Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms that run detection, triage, investigation, and response on their own data foundation. Whether a platform will materially change outcomes forView the full article
A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign, codenamed Operation DragonReturn by Seqrite Labs, involves sending spear-phishing emails impersonating the Income Tax Department of India.View the full article
WhatsApp appears to be introducing a new visual indicator that shows when a contact is online, according to WaBetaInfo.


The feature adds a small green circle to a contact's profile photo when they're active in the app, and which disappears the moment they leave, all updated in real time. The indicator is now being tested for the WhatsApp iPhone app in TestFlight after it debuted on Android last month.

As it currently works, the dot only surfaces in the chat info screen (the page that opens when you tap a contact's name at the top of a conversation). It doesn't yet appear in the chat list or the conversation view itself, but that could change in the future.

The change appears to stick to WhatsApp's existing privacy rules, so if someone has specifically chosen to hide their last seen and online status, the green dot won't show up for them.

Green dot for online contacts shown (image: WaBetaInfo)
The indicator is live in the WhatsApp beta for iOS 26.26.10.72. WABetaInfo reports that it's available to some beta testers now, with a wider beta rollout expected over the coming weeks. There's no word yet on when the green dot will reach the stable version for everyone, though.Tag: WhatsApp
This article, "WhatsApp Beta Adds Green Dot to Show Who's Online" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Higher education has consolidated its entire academic operation into a handful of massive SaaS platforms. The LMS manages instruction, grading and communication. The SIS owns enrollment, records and financial aid. Identity and productivity live in a small number of cloud providers. These are not peripheral tools — they are the operational infrastructure of the institution. As IT stewards, we manage platforms we do not own, cannot restore ourselves and cannot directly control — which makes contingency planning not optional, but fundamental to the role.
The contracts are in place. The SLAs are signed. The compliance certifications are current. None of that matters to a student who cannot reach her instructor three days before finals. None of it matters to a faculty member who has no roster, no grade book and no way to document the work his students submitted before the platform went dark. SLAs govern vendor response timelines. Keeping academic operations running during that response window is IT’s responsibility.
The disruption hit during finals week 2026, and I was doing what every CIO in higher education was doing — monitoring. A major learning management system had been breached. The disruption spread fast. Finals were canceled. Exams were postponed. Students and staff were stranded without access to coursework, rosters or grade books. The costs — in academic disruption, extended contracts, emergency response — were substantial and widely reported. My institution was not directly impacted. But watching peer institutions in my own state go dark during the highest-stakes moment of the academic calendar was not reassuring. It was a confirmation of something I had been thinking about for a long time.
The disruption proved something IT professionals have relearned in every decade of their careers. Mark Twain observed that history does not repeat itself, but it does rhyme. This is a verse we have heard before: Dependence on a single point of failure, without a tested contingency plan, is not a strategy — it is a risk that has simply not yet been called. Whether the failure comes from a cyberattack, a vendor outage, an infrastructure collapse or a cloud provider’s bad deployment, the result is the same. The institution stops. And no SLA, contract or compliance certification prevents that moment from arriving.
Vigilance is not optional. Technologies are evolving faster than any IT team can fully anticipate. New platforms, new integrations, new dependencies emerge constantly — and with each one comes a new potential failure point. That is not an argument against adopting new technology. It is an argument for the one principle that never becomes obsolete: Reliance on any single critical system, whether it is a connectivity provider, an identity platform or a SaaS solution, is a proven strategy for failure. The question is never whether that system will fail. The question is whether the institution is prepared when it does.
This is not a new lesson. Azure has gone down. AWS has failed. Google Workspace has had outages that took organizations dark globally. No campus runs a single ISP connection — we provision redundant circuits, preferably from independent providers, because we learned long ago that the connection will sometimes fail and the institution cannot afford to stop when it does. Financial services, government and multinational enterprises applied that same logic to every dependency in their stack. Their response to platform risk was not to demand better SLAs. It was to architect around the dependency. Redundancy. Failover. Independent continuity capability. The massive disruptions from Canvas demonstrate that effective contingency solutions for these critical platforms have not kept pace with our dependence on them. We cannot get fooled again.
That omission is what made the 2026 attack so damaging. Not the sophistication of the breach — the entry point was a peripheral free-tier environment that wasn’t even within the vendor’s primary certification scope. The damage was catastrophic because institutions had no fallback. Faculty had no rosters. Administrators had no enrollment data. There was no continuity layer. A single point of failure, at institutional scale, with no plan for when it fails.
And now the economics have shifted in the worst possible direction. PowerSchool paid a ransom in December 2024 after attackers stole data on 60 million students — and was re-extorted anyway, with individual school districts receiving separate demands months later using the same stolen data. Instructure’s CEO publicly confirmed the extortion payment. Anyone who has paid a ransom only to be hit a second time at double the cost can tell you — paying the attackers resolves nothing and instead invites more attacks. The sector has now proven twice, publicly, and at scale, that it will pay. That changes the threat calculus entirely. Higher education stops being a target of opportunity and becomes a target of strategy. Criminal groups share that intelligence. Banner serves over 1,400 institutions. Blackboard reaches tens of millions of users across thousands of campuses. Every major higher education SaaS platform is now on active threat actor priority lists — not because they are newly vulnerable, but because the sector has proven it will pay, that academic calendar pressure creates maximum leverage, and that IT has not yet built the operational alternative that our dependence on these platforms demands — and therefore the failure is ours to own, especially if we allow it to happen a second time.
As a CIO, my approach to this is not a spreadsheet or a stack of printed reports. IT is responsible for identifying critical failure points and countering them — that is not optional; it is the job. Accepting failure as inevitable without a mitigation strategy is not viable. Redundancy and continuity solutions are standard practice everywhere else in our infrastructure. There was no reason the SaaS layer should be different.
The solution I implemented is a secure, read-only, centralized repository — a continuity strategy that ensures students, staff and faculty can continue to function whether the issue is a power outage, a cyberattack or a SaaS platform going dark. It is not a replacement for Canvas or Banner. It is the independent fallback that allows the institution to keep operating while the primary system is restored. I have learned the hard way that accepting failure without a plan is not a posture any CIO can defend.
Watching the frustration across the industry during and after the 2026 attack — institutions paralyzed, peer CIOs improvising, faculty working from personal spreadsheets, boards asking questions no one could answer — the logic of extending this capability to other institutions became unavoidable. The solution is not complex. The architecture is straightforward. The discipline behind it is thirty years old. The discipline is established. The responsibility to apply it is our field of expertise in IT.
To be precise about scope: An ACR does not prevent vendor breaches, replace cyber insurance or remove notification obligations. When an incident hits, legal counsel, security teams and institutional leadership still manage the response. What the ACR changes is what they have to work with — a governed, auditable record of what data was accessed, what manual actions were taken and how operations continued while the vendor worked to restore service.
The solution to this problem exists. A SaaS third-party continuity of operations strategy requires an independent data layer — one the institution controls, synchronized on a regular scheduled cycle from source systems, and accessible when those systems are not. Platform-agnostic across Canvas, Banner, Blackboard and PowerSchool. Read-only by design. Auditable by requirement. Independent by architecture. That last word is the one that matters — independent of the platforms whose availability you cannot guarantee.
Every CIO in higher education knows what a single point of failure looks like. Every one of us has built around them at every other layer. Servers, networks, data centers — we do not accept the single-point risk, and we do not wait for the failure to motivate the fix. The SaaS layer is not an exception.
The question is not whether your institution will face it. The question is whether you will have a continuity strategy in place when it arrives — or be explaining to your board why you did not.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
Introduction
Mastering DevOps is an ongoing journey that requires far more than passive course completion; it demands a structured approach centered on hands-on application, troubleshooting, and architectural understanding. To navigate this complex landscape without losing momentum, you must move beyond collecting certifications and start measuring tangible progress through project outputs, skill matrices, and consistent self-assessment. By focusing on building real-world solutions rather than simply consuming content, you transform from a learner into a practitioner, ensuring your growth remains aligned with industry demands. For those seeking a guided path and professional mentorship to organize this journey, DevOpsSchool provides the foundational resources and structure needed to turn your aspirations into a successful, career-defining reality.
Why Tracking Your Progress Matters
In the world of technology, it is easy to fall into the “tutorial hell” trap. You finish a course, feel good for a day, and then realize you cannot build anything from scratch. Tracking your progress serves as a vital safeguard against this.
Staying Motivated
DevOps is a massive domain. Without a way to look back and see how far you have come, the complexity can feel overwhelming. A progress tracker acts as a visual representation of your growth. When you check off a milestone—like deploying your first multi-container application—it provides a dopamine hit that reinforces your discipline.
Identifying Strengths and Weaknesses
You might be excellent at writing Shell scripts but struggle with Kubernetes networking. If you do not track your progress, you might waste time repeating what you already know while ignoring your weak points. A formal tracking system forces you to confront these gaps and allocate your study time more efficiently.
Improving Learning Efficiency
Most professionals have limited time. By measuring your progress, you can determine which study methods work best for you. Are you learning faster by reading documentation or by doing hands-on labs? Tracking provides the data you need to optimize your study habits.
Preparing for Real-World Projects
Ultimately, your goal is to handle real-world scenarios. By tracking your progress, you are essentially creating a library of your own successes. When an interviewer asks about your experience, you will have a log of projects, challenges solved, and specific tools mastered, rather than just a list of courses attended.
Build a Personalized DevOps Learning Roadmap
A roadmap is your navigation system. Without it, you will likely wander between unrelated tools. Follow this progression to ensure you build a strong foundation before jumping into advanced topics.
Linux Fundamentals: Master the CLI, file systems, permissions, and process management. Networking Basics: Understand DNS, HTTP/HTTPS, TCP/IP, and load balancing. Git & Version Control: Learn branching strategies, pull requests, and code management. Shell Scripting: Focus on Bash/Python to automate repetitive tasks. Docker: Transition to containerization. Learn to write Dockerfiles and manage images. CI/CD: Understand the software development lifecycle (SDLC) and pipeline automation. Cloud Platforms: Choose one provider (AWS, Azure, or GCP) and master its core services. Terraform & Infrastructure as Code (IaC): Move from manual setup to automated provisioning. Kubernetes: Manage container orchestration at scale. Monitoring & Observability: Learn tools like Prometheus and Grafana to track system health. DevSecOps: Integrate security scanning and policy enforcement into your pipelines. Capstone Projects: Combine everything into a full-stack deployment. Career Readiness: Prepare your resume, portfolio, and interview skills. Each stage is dependent on the previous one. Do not rush the fundamentals, as advanced topics like Kubernetes will be impossible to understand without a solid grasp of Linux and networking.
Set SMART Learning Goals
Goals must be actionable. Using the SMART framework (Specific, Measurable, Achievable, Relevant, Time-bound) ensures you are not just “learning DevOps,” but actually building competence.
Specific: Instead of “Learn Docker,” aim for “Build a Dockerfile for a Python web application that runs in a container.” Measurable: Can you run the container without errors? Is the port mapped correctly? Achievable: Do you have the necessary environment set up? Relevant: Does this help you reach your ultimate goal of becoming a DevOps engineer? Time-bound: “Complete this project by Saturday, 5 PM.” Example: “I will learn to deploy a simple 3-tier application using Kubernetes within the next 4 weeks by dedicating 10 hours per week.”
Technical Skills Progress Tracker
Use this table to audit your current standing. Be honest with yourself. Rate your comfort level on a scale of 1-5 (1 = Total Beginner, 5 = Ready for Production).
Skill AreaWhat to LearnProgress IndicatorLinuxFilesystem, Permissions, BashCan navigate the CLI without a GUI.NetworkingDNS, Subnetting, OSI ModelCan troubleshoot connectivity issues.GitBranching, Merging, RebaseCan resolve complex merge conflicts.Shell ScriptingAutomation scripts, VariablesCan write scripts to automate server tasks.DockerDockerfiles, Compose, ImagesCan containerize a multi-tier app.CI/CDJenkins, GitLab CI, GitHub ActionsCan build a pipeline that tests and deploys code.CloudEC2, IAM, S3, VPCCan design and deploy a secure architecture.TerraformProviders, State management, ModulesCan automate infrastructure creation.KubernetesPods, Deployments, Services, IngressCan troubleshoot a crash-looping pod.MonitoringPrometheus, Grafana, LogsCan set up alerts for high CPU usage.DevSecOpsSecret management, SAST/DASTCan scan code for vulnerabilities. Track Hands-On Projects
Projects are the single most important metric for your progress. Certificates fade, but a well-documented project remains.
How to Monitor Your Work
Home Lab Setup: Document your virtualization environment. Did you use VirtualBox? Proxmox? AWS Free Tier? Git Repositories: Keep your code clean. Use README.md files to explain what the project does and how to run it. Dockerized Applications: Move from a single Dockerfile to using Docker Compose for orchestrating services. CI/CD Pipelines: Track how many manual steps you have successfully automated. Cloud Deployments: Record your infrastructure costs and architecture diagrams. Kubernetes Clusters: Track your ability to manage stateful vs. stateless applications. Monitoring Dashboards: Keep screenshots of your Grafana dashboards as a testament to your observability skills. Projects are stronger indicators of success than certificates because they demonstrate that you can apply theory to solve real-world problems.
Measure Soft Skill Development
DevOps is a cultural movement as much as a technical one. Your soft skills will determine your ability to scale in a corporate environment.
Communication: Can you explain complex technical concepts to a non-technical stakeholder? Collaboration: Are you comfortable working with developers to troubleshoot production issues? Documentation: Are your Readme files and architectural diagrams clear enough for someone else to use? Problem-solving: Do you approach errors methodically, or do you panic? Time Management: Can you balance learning new tools with delivering project tasks? Continuous Learning: Are you reading industry blogs and keeping up with new version releases? Build a DevOps Portfolio
Your portfolio is your resume in action. It proves that you can do the work.
GitHub Repositories: Ensure your best work is public (where appropriate). Use descriptive commit messages. Project Documentation: A repository without a Readme is useless. Explain the architecture, the tools, and the challenges you faced. Technical Blogs: Write about what you learn. Explaining a concept is the best way to master it. Architecture Diagrams: Use tools like Draw.io or Lucidchart to visualize your setups. Automation Scripts: Show off your ability to make systems efficient. Case Studies: Document a specific problem you faced, the steps you took to diagnose it, and the solution you implemented. Certifications as Progress Milestones
Certifications are excellent milestones, but they should be used to validate your knowledge, not to acquire it. Use them to set deadlines for your learning.
CertificationBest ForSkill LevelFocus AreaLinux+ / RHCSASystem AdminBeginnerOS Deep DiveAWS Certified Solutions ArchitectCloudIntermediateCloud InfrastructureCKA (Certified Kubernetes Administrator)KubernetesAdvancedContainer OrchestrationTerraform AssociateIaCIntermediateAutomationCertified DevSecOps ProfessionalSecurityAdvancedPipeline Security The DevOpsSchool ecosystem can assist you in preparing for these milestones by aligning your training with exam objectives and practical implementation.
Measuring Career Readiness
When you are ready to apply for jobs, use these KPIs (Key Performance Indicators) to assess your readiness:
MetricWhy It MattersCareer BenefitLabs completedDemonstrates grit and practice.Shows practical experience.GitHub activityProof of consistent coding.Demonstrates passion and skill.Projects deliveredShows end-to-end knowledge.Serves as “proof of work.”Automation confidenceProves you understand efficiency.High value for employers.Interview readinessCan explain ‘why’ and ‘how’.Increases hireability.Portfolio qualityDisplays professionalism.Helps you stand out from peers. Common Learning Challenges
ChallengeImpactRecommended SolutionLearning too many toolsCauses confusion and shallow knowledge.Focus on one tool in each category (e.g., Jenkins).Inconsistent practiceResults in knowledge decay.Dedicate at least 1 hour daily, consistently.Skipping fundamentalsLeads to inability to troubleshoot.Revisit Linux and Networking if stuck.Fear of troubleshootingStalls progress.Embrace errors; they are your best teachers.Lack of feedbackCreates blind spots in your skill set.Join communities or find a mentor.Unrealistic expectationsLeads to burnout.Remember, this is a multi-year career path. Best Practices
To sustain growth, adopt these habits:
Review progress monthly: Take a Saturday morning to assess what you learned against your roadmap. Practice consistently: Coding and configuration management are muscles; they need daily exercise. Build real-world projects: Try to replicate a production environment locally. Ask for feedback: Show your code to peers or mentors and ask for code reviews. Keep learning journals: Write down the errors you encounter and how you fixed them. Improve weak areas: If you dread networking, dedicate an entire week to nothing but networking labs. Real-World Example
Case Study: The Transitioning Developer
Initial Experience: A Junior Software Developer with 2 years of coding experience but no operations knowledge. Learning Roadmap: Followed a 6-month plan: 1 month Linux/Networking, 2 months Docker/CI/CD, 2 months AWS/Terraform, 1 month Kubernetes. Progress Tracking: Used a spreadsheet to track hours spent vs. projects completed. Practical Projects: Deployed a web app on AWS using Terraform, then containerized it with Docker, and built a Jenkins pipeline to automate deployment. Certification Milestones: Achieved the AWS Solutions Architect Associate after 4 months. First DevOps Role: Landed a role as a Junior DevOps Engineer by presenting the GitHub repository of their automated web app project. Lessons Learned: The focus on “doing” rather than “watching” was the key factor in their success. Common Beginner Mistakes
Comparing yourself to others: Every path is different. Focus on your own growth trajectory. Measuring only certifications: Having a certification does not mean you can fix a production outage. Build the lab. Ignoring documentation: Always read the official docs before watching a YouTube tutorial. Skipping troubleshooting: When a command fails, try to fix it before searching for the answer. Avoiding projects: If you are not building, you are not learning. Future of DevOps Learning
The landscape is shifting toward Platform Engineering, where developers create internal developer platforms (IDP) to improve the developer experience. GitOps is becoming the standard for continuous delivery. AI-assisted learning is also changing how we debug, with tools helping us understand errors faster. As you progress, keep an eye on these trends:
Cloud-Native Development: Moving from virtual machines to serverless architectures. Security Automation: Integrating security tools earlier in the pipeline (Shift Left). Continuous Upskilling: The technology stack changes every 18–24 months; develop the skill of “learning how to learn.” Practical DevOps Progress Checklist
Complete Linux labs: Can you write a script to back up a database? Build Git repositories: Is your code organized and documented? Write automation scripts: Can you automate a server setup? Deploy Docker applications: Can you run a multi-container stack? Create CI/CD pipelines: Does code deploy automatically on push? Learn Kubernetes: Can you deploy a load-balanced application? Build cloud projects: Can you design a secure VPC in your cloud provider? Improve monitoring skills: Can you visualize system metrics? Practice security automation: Can you scan for open ports or hardcoded secrets? FAQs
How do I know if I’m improving in DevOps?You are improving when you can solve problems faster than you could a month ago, and when you can explain the “why” behind a configuration change, not just the “how.” How often should I review my progress?A monthly review is ideal. It gives you enough time to make progress but keeps you accountable to your goals. Which projects matter most?End-to-end projects. A project that starts with code on your laptop, goes through a CI/CD pipeline, and ends as a live application in a cloud environment is the gold standard. Should I focus on certifications or practical skills?Focus on skills. Use certifications to validate those skills and give yourself a deadline to reach a certain level of proficiency. How do I prepare for interviews?Prepare by being able to talk through your projects in detail. Be ready to explain the architecture of your projects and why you chose specific tools. How long does it take to become job-ready?It varies, but with consistent, structured learning (10-15 hours/week), most motivated learners can reach a junior-ready level in 6 to 9 months. How can I stay motivated?Connect with the community, document your wins, and remember the end goal: a career in a high-demand, high-impact field. What should be included in my portfolio?Code, architecture diagrams, project documentation (Readmes), and blog posts explaining your technical decisions. Do I need to be a developer to learn DevOps?No, but you need to understand code. A strong grasp of scripting is non-negotiable. How deep should I go into Linux?Very deep. It is the operating system that runs almost all cloud and container workloads. You cannot bypass it. Is Cloud platform choice important?Focus on one first (AWS is the most common). The concepts transfer well to other platforms once you master the fundamentals. What if I get stuck on a difficult tool?Take a break, go back to the basics, or try a different learning resource. Sometimes changing the teaching style (video vs. documentation) helps. How do I balance work and learning?Use the “micro-learning” approach. Even 30 minutes of focused practice is better than nothing. Is DevSecOps necessary for beginners?Understand the concepts early, but focus on building the pipeline first. You cannot secure what you haven’t built. Where can I find mentors?Engage in professional forums, attend local meetups, and look for structured programs like those at DevOpsSchool. Final Thoughts
Tracking your progress in DevOps learning is the difference between aimless scrolling and targeted career growth. Do not be discouraged by the sheer volume of technologies; no one learns them all at once. Focus on the fundamentals, build tangible projects, document your journey, and seek consistent feedback. The goal is not to be a walking encyclopedia of tools, but to be an engineer who understands how to build, secure, and maintain systems. Stay consistent, keep your portfolio updated, and treat your learning as the most important project you will ever manage.
View the full article
If you wanted to become a basketball star, how would you get started? You wouldn’t read a book on basketball and take an online course. You’d set up a hoop in your driveway, join a local team to train, and play in real matches. So why do we expect cybersecurity professionals to learn their skills from theory and static training?
The cybersecurity industry talks constantly about the “skills gap.” The recent World Economic Forum’s Global Cybersecurity Outlook report revealed skills and budgets were significant blockers to achieving cyber resilience. However, I argue that we don’t have a skills gap; we have a validation gap.
The “skills gap” gets a lot of airtime in cybersecurity industry discourse, but what are we really talking about when we talk about a skills gap? It’s not about staffing; how can we have both a skills gap and a graduate unemployment problem? “AI” is the lazy explanation (is there anything anyone hates more than hearing that their job could be replaced by AI?) But if AI really is the explanation, why are we still experiencing breaches and fixating on a supposed lack of skills in the cybersecurity workforce?
The reality is that we don’t yet fully trust AI with our most critical security concerns, and for good reason. Few people would dispute that there are serious production risks in relying on AI and most wouldn’t actually use it to replace an experienced security analyst. While comparatively fewer organizations have reported serious breaches of AI models or applications, many are favoring rapid-scale deployments of AI technologies over establishing robust governance structures. Data from IBM suggests that, of 600 organizations polled globally between March 2024 and February 2025, 13% reported breaches of AI models or applications. More worrisome, 8% had no idea whether or not they had been compromised, and 63% of breached organizations either lacked AI governance policies or were developing them at the time of the reported incident. Despite these risks — and the significant financial damage they can cause — only 49% of organizations planned to invest in additional security measures in 2025, compared to 63% in 2024.
You can’t hire or tool your way out of the skills gap. You have to build your way out. The industry keeps asking, “How do we close the cyber skills gap?” The better question is, how do we prove readiness before the fight begins? That is the real challenge emerging in cybersecurity today.
This is more challenging when we need skills and expertise that just don’t exist yet. AI poses new threats to combat, from the development of more insecure software to the exploitation of models to do things they weren’t designed for to attackers weaponizing AI for more efficient attacks. No one was preparing to respond to these threats five years ago, so these skills need to be developed in real time. Even the most advanced training programs cannot hope to match the pace and scale of the vulnerabilities posed by AI and the increasingly broad attack surface it presents to potential threat actors. Relying on outdated training modalities is practically an invitation to attackers seeking to compromise critical systems, yet many organizations fail to recognize this as the systemic vulnerability it is.
Traditional upskilling is flawed and wholly impractical for the present risk environment. Organizations are shelling out tens of thousands per employee on courses, certifications, and boot camps, but certifications simply cannot keep up with the pace of technological change and the evolution of attacker tactics and techniques. Security professionals need continuous hands-on experience that represents the actual attack surfaces of their organizations. How they apply their skills in real-world scenarios is a big part of what’s missing; even the most rigorous theoretical exercises cannot replicate the experience of combatting an intrusion event in real time or identify potential weaknesses in SOC response protocols.
Our industry has traditionally seen technology as the answer. More tools and more alerts feel like we’re getting somewhere, but all it really leads to is teams that are fatigued and burned out on noise. When the main source of breaches remains human failure, we’re not going to tip the scales unless we invest in the people on the front line. Dynamic cyber ranges are the difference between learning a skill in theory and learning it in context.
A truly effective upskilling cyber range needs an AI Proving Ground, with a high degree of customization and fidelity, as well as in-depth post-exercise analysis, to nurture and retain effective talent with the skills and experience to combat increasingly sophisticated threats.
High degree of customization. Replicate your real production environment and tech stack and introduce panic-inducing live-fire exercises. This gives employees invaluable insight into how they’ll react in a real-life scenario. Does everyone have the right context and information to make quick decisions that will protect the business? Replicating a real production environment also allows for testing integration flows between security and IT tools to validate how they work together. Post-exercise analysis. It’s not enough to run tests if you can’t analyze the outcomes to make improvements. This data is also particularly useful as execs are pushing for tech consolidation by proving the need to retain budget or secure additional resources for tools and features. Cyber ranges can also make detailed recommendations based on best practices and support and identify specific business cases for additional investment. Nurture talent. How do you take a tier 1 SOC analyst and turn them into a tier 3? While AI might be able to perform the role of a junior analyst, you need a pipeline of talent to become that high-performing individual who could be the difference between spotting an unusual indicator of compromise or allowing an attacker to gain further access into critical systems. It’s faster and more cost-effective to teach someone over time than hunt out the top performer to hire into the organization. Nurturing and investing in existing talent also becomes a significant competitive advantage over time. For overstretched teams, on-the-job training might feel onerous, but the benefits are considerable. You really can see 10X returns on your investment. Some of our customers have saved upward of $400,000 in training expenses and made their organizations significantly more resilient to novel threats. The key is to not see practical, hands-on training as an annual event or one-off investment, but to employ a continuous platform that accurately reflects the risks faced by your organization and becomes part of your operating model and broader security culture.
I don’t know about you, but working in a team environment feels far more rewarding than studying in a classroom environment. Retain your top talent by validating their skills and allowing them to add to their resumes in a way that feels natural and instinctive.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits. In a proof of concept, they reconstructed a signed-in user's full Gmail address from a single visit, with no click. Opera has patched the flaw and says it found no evidence thatView the full article
A cyber risk assessment helps security teams identify, estimate, and prioritize potential threats and vulnerabilities to key enterprise digital and physical assets. Yet, despite its importance, many CISOs fall victim to several types of “gotchas” that prevent them from fully achieving their risk assessment goals.
An assessment should be an essential part of every organization’s overall cybersecurity strategy. The process helps security leaders understand risks to business objectives, evaluate the likelihood and impact of cyberattacks, and develop ways to mitigate the risks they uncover.
Here are the top seven mistakes security leaders should avoid to ensure risk assessment effectiveness.
1. Going through the motions
The biggest “gotcha” is treating cyber risk assessments as a preset checklist or control inventory instead of a decision tool tied to real business impact and threat scenarios, says Shirsendu Mondal, a cybersecurity researcher at the University of North Carolina.
“When assessments become all about checking boxes, they lose the ability to reflect how risk actually shows up in an environment,” he states. “The goal should be to inform decisions about where a business is truly exposed.”
Mondal assers that the best way to avoid the complacency trap is to take a context-driven approach. “Ask where the asset is, who can reach it, what data it touches, how important it is to operations, and what happens if it goes down,” he explains. “Risk should always be tied to business impact, not only technical findings.”
Mondal also recommends adding internal business leaders to security teams, including individuals in areas such as IT and operations, given that risk is more than a technical issue.
2. Sugarcoating results
These are challenging times, so we must be honest with our stakeholders, says Pablo Riboldi, CISO at BairesDev, a nearshore software development firm.
“When results are discouraging, admit that the threat landscape has evolved much faster than the previous evaluation framework anticipated,” he says.
Instead of just handing over lists of vulnerabilities, you need to start presenting actual attack scenarios, Riboldi adds. “For example, by prioritizing the top three most critical business assets and conducting an in-depth assessment on them, you can show immediate value.”
3. Falling short on the scope of your assessments
CISOs often securitize document controls, check compliance boxes, and produce a risk register that claims everything looks absolutely fine, says Denis Calderone, CTO at cybersecurity services firm Suzu Labs. Yet nobody bothered to test whether those controls actually work or stopped to ask whether the scope of the assessment covered what really matters.
We see it all the time, Calderone says. “For instance, the assessment covers the production servers and the corporate network, but skips the old dev box in the corner, the third-party vendor portal nobody owns internally, or the API endpoint that was stood up for a project two years ago and never decommissioned.” Attackers don’t care about your scoping decisions, he says. “They look at the whole environment and find the thing you decided wasn’t worth assessing.”
AI is making the situation worse, Calderone says. Organizations are deploying AI tools, connecting them to internal systems, granting them access to sensitive data, and none of this is landing in the risk assessment. Meanwhile, AI agents are out there making API calls, accessing databases, and operating with credentials that nobody is tracking, he says.
“If your risk assessment was written before your organization started plugging AI into its workflows, it’s already stale,” Calderone warns.
4. Overindexing on the risk register without checking your assumptions
When the goal becomes completing the assessment instead of understanding actual exposure, the output is a document that satisfies auditors but misleads leadership, says Amit Basu, CIO and CISO at International Seaways, a major independent maritime shipping company that transports crude oil and refined petroleum products worldwide.
Such an attitude can create false confidence. Executives and board members see a completed risk register and assume the organization is protected, Basu says. Meanwhile, real threats go unaddressed because they didn’t fit neatly into the assessment framework. “The gotcha does not announce itself,” he explains. “It hides inside a green dashboard.”
A risk assessment is only as good as the assumptions that lie underneath it, Basu observes. “Document those assumptions explicitly and review them whenever your business changes, when the threat landscape shifts, or when an incident exposes a gap,” he advises. “The assessment is not a finished product — it’s a living input to an ongoing conversation between security and the business.”
5. Failing to link risk with business impact
Ignoring or downplaying the connection between risk and business makes it easier to de-prioritize or ignore problems, says Dan Moore, senior director of strategy and identity standards at FusionAuth, a customer identity and access management (CIAM) platform provider.
“As a result, it becomes difficult to communicate the real risks of breaches and other risks,” he states. “Worse yet, it gives security team members an excuse to complain about being misunderstood or not valued, which degrades team effectiveness.”
It’s important to be specific and targeted, Moore advises. “For instance, don’t say, ‘We have 95% patch compliance,’” he suggests. “Instead, talk about the risk unpatched systems pose to the business.” Some systems, such as legacy systems that aren’t connected to the internet or the core business, carry a lower risk than others, even if they have the same patch issues. “Acknowledge that fact and weigh your response.”
6. Confusing compliance with real-world security
Compliance alone doesn’t lead to good security, nor does it satisfy even the baseline requirements for effective protection, says Adriel Desautels, CEO of Netragard, a penetration testing and security advisory company.
Organizations tend to fall into this trap when they hire penetration testing firms that focus on compliance while promising top-tier services, Desautels says. “In truth, they deliver autonomous scanning masquerading as human-driven testing.”
The result is a false sense of security — a paper seatbelt, Desautels warns. “You feel protected, but when you crash, even at low speed, you get injured or worse,” he says. “Remember, every major breach in the past decade involved an organization that was compliant at the time of compromise.”
7. Failing to fully understand risk
Organizations often treat risk assessment as a vulnerability-cataloging exercise that includes finding gaps, counting severities, and passing the audit. Yet passing an audit and understanding risk are not the same thing, states Safi Raza, senior director of cyber security at Fusion Risk Management, a firm offering cloud-based operational resilience, business continuity, and risk management solutions.
Raza says that CISOs should focus on connecting technical risk signals to operational outcomes. “This includes understanding what services are affected, how disruption propagates, and what it means for revenue, customers, or regulatory obligations.”
Start by shifting from static assessments to continuous, context-driven risk visibility, Raza advises. “Risk needs to be understood not just technically, but in terms of business impact and financial exposure,” he states.
View the full article
Scanners meant to catch malicious add-on "skills" for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology. Their strongest trick slipped past every scanner tested more than 90% of the time, and the same team built a runtime checker that catches most of theView the full article
Apple will likely "repeat the iPhone X story" by unveiling its foldable iPhone at the same time as the iPhone 18 Pro and iPhone 18 Pro Max, but starting foldable iPhone pre-orders at a later date, according to analyst Ming-Chi Kuo.


Kuo today said manufacturing challenges have limited early production of the foldable iPhone, which will reportedly be named iPhone Ultra. As a result, he believes the device may launch at some point after the iPhone 18 Pro models.

In 2017, Apple unveiled the iPhone 8, iPhone 8 Plus, and iPhone X on September 12. iPhone 8 and iPhone 8 Plus pre-orders began just three days later, while iPhone X pre-orders began six weeks later on Friday, October 27. Likewise, Kuo believes the foldable iPhone may not be available to pre-order until the fourth quarter of 2026.

Kuo estimated that the foldable iPhone could have a starting price of around $2,299 to $2,499 in the U.S., and he believes that the device "could sell out immediately after pre-orders open, with delivery lead times quickly stretching to 4-6 weeks or longer."

Apple's suppliers will ship roughly 7–8 million foldable iPhones in 2026, compared to 20–22 million for the iPhone 18 Pro models combined, he said.

If this information proves to be accurate, expect the foldable iPhone to be unveiled in September, but you may not be able to order it until at least October.Related Roundup: iPhone FoldTags: iPhone Ultra, Ming-Chi Kuo
This article, "'iPhone Ultra' Likely to 'Repeat the iPhone X Story'" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple recently introduced major price hikes across a number of products, including Macs, iPads, and more. This week, Apple's newly increased prices have begun to hit third-party retailers like Amazon, but there are a few select MacBook Pro models that are retaining original prices, which now represent solid discounts on each device.

Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

14-Inch MacBook Pro

There are now just two models left of the 14-inch MacBook Pro at notable low prices in the wake of Apple's price hikes. Prices start at $2,549.99 for the 15-Core/24GB/2TB 14-inch M5 Pro MacBook Pro, now a $449 discount on the new price of this model. A similar 18-Core configuration is on sale for $2,749.99 as well, another $449 discount on the new price.

$449 OFF14-inch M5 Pro MacBook Pro (15-Core/24GB/2TB) for $2,549.99
$449 OFF14-inch M5 Pro MacBook Pro (18-Core/24GB/2TB) for $2,749.99
16-Inch MacBook Pro

In terms of the larger display models, we're tracking four total discounts on Amazon. These start at $2,649.99 for the 24GB/1TB M5 Pro configuration ($349 off), and reach up to $4,349.99 for the 48GB/2TB M5 Max device ($649 off). If you're interested in any of these MacBook Pro notebooks, we recommend purchasing soon as these big markdowns aren't expected to last much longer.

$349 OFF16-inch M5 Pro MacBook Pro (24GB/1TB) for $2,649.99
$549 OFF16-inch M5 Pro MacBook Pro (48GB/1TB) for $3,049.99
$549 OFF16-inch M5 Max MacBook Pro (36GB/2TB) for $3,849.99
$649 OFF16-inch M5 Max MacBook Pro (48GB/2TB) for $4,349.99

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Beat the Apple Price Hikes: These MacBook Pro Deals Won't Last Long" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left. The odd part: the group that took the money calls itself Kairos, but it may not be a ransomware gang at all. Krishnan found no sign that it ever locked a singleView the full article
Introduction
Modern IT environments have moved far beyond the monolithic architectures of the past. Today, we operate in complex, hybrid-cloud ecosystems driven by microservices, containerization, and ephemeral workloads. For an average SRE or DevOps team, the sheer volume of data generated is overwhelming. You are likely familiar with the “alert storm”—the scenario where your monitoring system fires thousands of notifications during a minor incident, burying the actual root cause under a mountain of noise.
As teams struggle to differentiate between meaningful events and background noise, the need for intelligent automation has become a requirement for survival, not just a luxury. This is where AIOps (Artificial Intelligence for IT Operations) bridges the gap. By leveraging machine learning to ingest, correlate, and act on data, AIOps transforms reactive firefighting into proactive engineering. At AIOpsSchool, we focus on empowering professionals to navigate this shift through structured training and expert certification.
Featured Snippet: What Is AIOps?
AIOps (Artificial Intelligence for IT Operations) is the application of big data, machine learning, and advanced analytics to IT operations. It automatically collects, correlates, and analyzes data from disparate monitoring tools to identify patterns, automate incident resolution, and provide actionable insights, effectively moving operations from reactive monitoring to predictive intelligence.
Understanding AIOps
In Simple Terms
Think of AIOps as a highly skilled digital assistant for your IT team. Instead of manually reviewing logs and metrics, AIOps algorithms process all incoming system data instantly, connecting the dots that a human would miss to pinpoint exactly why a system is failing.
Real-World Example
During a peak traffic event, an e-commerce platform experiences high latency. Traditional monitoring alerts on 50 different symptoms (CPU spikes, memory issues, database lag). An AIOps platform correlates these 50 alerts to a single root cause: a faulty deployment in the checkout microservice.
Why It Matters
Without AIOps, engineers spend hours performing manual “blame assignment” during incidents. With AIOps, Mean Time to Recovery (MTTR) is slashed because the system highlights the solution before the engineer even starts investigating.
Key Takeaways
AIOps shifts focus from manual interpretation to automated insight. It reduces alert fatigue by grouping related events. It improves system reliability by enabling faster incident resolution. Traditional OperationsAIOps-Driven OperationsManual alert triageAutomated event correlationReactive (Fixing after it breaks)Predictive (Fixing before it breaks)Siloed monitoring toolsUnified data ingestionHigh MTTR (Mean Time to Recovery)Low MTTR Why AIOps Skills Are Becoming Essential
In Simple Terms
Infrastructure is getting faster and more complex every year. Humans simply cannot process the velocity of data generated by modern cloud-native systems. Professionals who understand how to build and maintain AI-driven operations will be the architects of the next generation of IT.
Real-World Example
An SRE team manages 500+ microservices in Kubernetes. A network partition occurs. Without AIOps skills, the team drowns in logs. With AIOps skills, they implement automation that isolates the partition and reroutes traffic automatically, preventing a global outage.
Why It Matters
As organizations adopt SRE (Site Reliability Engineering) principles, the demand for “intelligent” operations increases. Engineers who can bridge the gap between AI concepts and operational reality are becoming the most valuable assets in the job market.
Key Takeaways
Cloud-native growth necessitates automated data analysis. AIOps skills bridge the gap between DevOps and Data Science. Future-proofing your career requires moving beyond basic monitoring. AIOps Certification Explained
In Simple Terms
An AIOps Certification is a formal validation that you possess the knowledge to design, implement, and manage intelligent IT operations. It proves you can move beyond standard tooling to orchestrate data-driven operational strategies.
Real-World Example
A DevOps Engineer earns an AIOps certification. When the company decides to overhaul its monitoring stack, this engineer is selected to lead the vendor selection and implementation, successfully reducing alert volume by 70% within the first quarter.
Why It Matters
Certification provides a standardized framework. It proves to employers that you understand the lifecycle of data, the mechanics of machine learning for ops, and the practical application of observability—not just how to use a specific software dashboard.
Key Takeaways
Validates expertise in AI/ML for IT operations. Demonstrates leadership potential in tool selection and strategy. Increases professional credibility in the SRE and DevOps community. AIOps Training and Courses
In Simple Terms
These are the educational pathways that teach you how to integrate ML models into your IT workflows. You learn how to move from “seeing” the data (monitoring) to “understanding” the data (observability) and “acting” on the data (automation).
Real-World Example
You enroll in a course covering Event Correlation and Root Cause Analysis. You learn how to configure a pipeline that filters out low-priority network flapping, allowing you to focus your attention on critical application latency issues.
Why It Matters
Enterprise IT is complex. Without guided training, engineers often attempt to implement AIOps tools without the necessary data science or observability foundation, leading to “false positive” disasters.
Key Takeaways
Focuses on practical implementation rather than just theory. Covers essential domains like OpenTelemetry and Incident Automation. Provides a safe environment to test AI-powered scenarios. AIOps Engineer Certification Path
In Simple Terms
This is a ladder for your career. It starts with learning how data is collected, moves to how it is analyzed, and finishes with how you design fully autonomous systems.
Real-World Example
An engineer begins with the Beginner module (data collection), progresses to the Intermediate module (pattern recognition), and finally attains the Advanced Certification, allowing them to lead architecture-level AIOps decisions.
Why It Matters
A structured path prevents “skills gaps.” You cannot build an intelligent system if you do not understand the fundamental data sources (logs, traces, metrics).
Key Takeaways
Progression allows for mastery at each operational layer. Levels are designed to match career seniority. Certification provides clear markers for salary and role advancement. LevelSkillsOutcomeBeginnerMonitoring Basics, Data CollectionJunior Ops AnalystIntermediateML Concepts, Event CorrelationAIOps EngineerAdvancedArchitecture, Strategy, AutomationAIOps Architect AIOps Engineer Career Roadmap
In Simple Terms
This is your “step-by-step” plan to becoming an AIOps expert. It is a mix of learning the hard technical skills (Linux, Python, Kubernetes) and the soft strategic skills (process improvement, team management).
Real-World Example
A junior system administrator uses this roadmap to learn Python for automation, then pivots to learning Kubernetes orchestration, and eventually specializes in Observability, landing a role as an AIOps Engineer within 18 months.
Why It Matters
Without a roadmap, professionals tend to jump between tools without learning the fundamentals. A structured path ensures you build a foundation that is platform-agnostic and career-resilient.
Key Takeaways
Requires a mix of coding (Python/Go) and infrastructure knowledge. Prioritize foundational networking and Linux skills. Focus on the full stack: from hardware metrics to application traces. AI Observability Training
In Simple Terms
Traditional monitoring tells you something is broken. Observability uses AI to explain why it is broken, even if you’ve never seen that specific failure mode before. It is about understanding the internal state of your system through external outputs.
Real-World Example
You have a memory leak. Monitoring tells you “Memory High.” AI Observability analyzes the trace data from 50 services to identify that a specific API call is leaking memory during garbage collection.
Why It Matters
In distributed systems, traditional metrics are insufficient. AI Observability allows you to navigate the “unknown-unknowns,” which are the most dangerous failures in cloud-native production.
Key Takeaways
Goes beyond “Red/Green” status lights. Relies heavily on OpenTelemetry for data standardization. Crucial for debugging complex microservices. MonitoringObservabilityFocuses on “Is it up?”Focuses on “Why is it behaving this way?”Predefined dashboardsAd-hoc query capabilityAlerts on thresholdsUncovers patterns and root causes AIOps for SRE and DevOps Engineers
In Simple Terms
AIOps is the “force multiplier” for DevOps. It allows your SRE team to manage more services with the same number of people, by automating the routine parts of incident response.
Real-World Example
An SRE team receives an automated ticket created by an AIOps tool, which includes the root cause (a database lock) and a recommended “rollback” script. The SRE simply clicks “Approve,” resolving the issue in seconds.
Why It Matters
DevOps is about velocity. If your team is bogged down by incident noise, they cannot ship code. AIOps restores the balance by cleaning up the operational noise.
Key Takeaways
Dramatically reduces alert fatigue for on-call engineers. Automates incident categorization and routing. Directly supports faster Continuous Delivery cycles. Enterprise AIOps Consulting
In Simple Terms
Even with the best tools, implementation often fails due to strategy gaps. Consulting helps organizations align their business goals with their technical capabilities, ensuring AIOps actually delivers ROI.
Real-World Example
A large bank wants to implement AIOps. A consultant assesses their data quality and realizes 40% of their logs are redundant. The consultant helps them optimize their pipeline before purchasing expensive software.
Why It Matters
AIOps tools are expensive and complex. Consulting prevents “shelfware”—the phenomenon where software is purchased but never effectively utilized.
Key Takeaways
Ensures readiness of data and infrastructure. Aligns technical strategy with business outcomes. Mitigates the risks of failed digital transformations. AIOps Implementation Services
In Simple Terms
This is the “how-to” of deployment. It covers the end-to-end lifecycle: preparing your data, choosing the right platform, integrating it into your workflow, and fine-tuning it to make sure it actually solves your problems.
Real-World Example
An implementation team helps a SaaS company transition to an AIOps-driven model by first normalizing log formats across all services, then configuring the event correlation engine, and finally automating the notification workflow.
Why It Matters
AIOps is a journey, not a single software installation. Implementation services provide the framework to ensure you don’t just “install” the tool but actually “adopt” the intelligence.
Key Takeaways
Focuses on the lifecycle: Assessment -> Integration -> Optimization. Provides expertise in data normalization (the most critical step). Ensures the automation actually aligns with team processes. Real-World Enterprise Use Cases
Banking
Challenge: Detecting fraudulent transactions amidst massive data noise. AIOps Solution: Anomaly detection engines flagging deviations in transaction patterns. Outcome: 99.9% uptime for core banking services and reduced fraud losses. Healthcare
Challenge: Tracking patient monitoring systems across global hospitals. AIOps Solution: Event correlation to link patient data spikes to network latency. Outcome: Improved patient safety and instant identification of hardware failure. SaaS
Challenge: Managing customer experience in a multi-tenant environment. AIOps Solution: Predictive analytics to forecast capacity needs before the system slows down. Outcome: 40% reduction in infrastructure costs through intelligent resource scaling. Benefits of AIOps Adoption
In Simple Terms
Adopting AIOps is essentially upgrading from a manual typewriter to a word processor. You are increasing your efficiency, reducing your error rate, and gaining back time for innovation.
Real-World Example
A DevOps team moves to AIOps. Instead of spending 50% of their sprint cycles on incident remediation, they spend 90% of their time on new feature development.
Why It Matters
In the modern economy, system reliability is a competitive advantage. AIOps ensures that your systems are always available and that your engineering team remains focused on value-added tasks.
Key Takeaways
Downtime costs are drastically reduced. Engineering productivity increases as manual tasks are automated. Decision-making becomes data-backed rather than intuition-based. Common Challenges in AIOps Adoption
In Simple Terms
The biggest hurdle to AIOps isn’t the software—it’s the data. “Garbage in, garbage out” applies here. If your data sources are messy or siloed, the AI will not be able to provide accurate insights.
Real-World Example
An organization tries to enable predictive analytics but finds that their logs are inconsistent across different teams (different formats, timezones, and schemas). The AIOps tool provides useless alerts.
Why It Matters
Understanding the challenges allows you to solve them before you start. By addressing data quality first, you avoid the frustration of a failed implementation.
Key Takeaways
Data quality is the foundation of success. Organizational resistance is common; change management is essential. Observability maturity must be established before advanced AI features are used. Common Mistakes Professionals Make
In Simple Terms
Many professionals treat AIOps like a “magic button” they can install and walk away from. It is not. It requires ongoing tuning, data hygiene, and strategic oversight.
Checklist of Mistakes to Avoid
Focusing Only on Tools: Assuming the software does all the work. Ignoring Observability Fundamentals: Trying to jump to “AI” before you have proper metrics/logs. Poor Data Collection: Feeding the AI messy, unfiltered data. Skipping Automation Strategy: Forgetting that AIOps must connect to your incident management workflows (like Jira/PagerDuty). Lack of Continuous Learning: Failing to retrain models as the system architecture changes. Future of AIOps
In Simple Terms
The future is “Self-Healing Infrastructure.” Imagine a system that sees a bug, automatically rolls back to the last stable version, notifies the team, and updates the documentation—all without human intervention.
Real-World Example
A self-healing infrastructure detects a disk space issue, automatically clears temporary logs, resizes the partition, and logs a ticket in Jira, all in under 60 seconds.
Why It Matters
As systems become too large for humans to manage manually, autonomous operations will be the only way to scale.
Key Takeaways
Autonomous operations (Self-Healing) are the ultimate goal. AI-driven incident management will become standard. Predictive reliability engineering will reduce outages to near zero. Why Learn with AIOpsSchool
At AIOpsSchool, we bridge the gap between abstract AI concepts and the messy reality of production environments. We are not just an educational platform; we are a hub for enterprise expertise. Our curriculum is built by engineers for engineers, focusing on the practical “how-to” rather than just the “what.” Whether you are looking to get certified, implement a new strategy, or train your team on observability, we provide the mentorship and resources to help you lead the shift toward intelligent operations.
FAQ Section
1. What is AIOps Certification?
It is a professional credential that validates your skills in applying artificial intelligence and machine learning to IT operations workflows, including data ingestion, correlation, and automated incident resolution.
2. Who should learn AIOps?
DevOps Engineers, SREs, Cloud Architects, IT Managers, and anyone involved in system reliability, monitoring, or platform engineering.
3. What skills are required for AIOps Engineers?
You need a solid foundation in Linux, networking, cloud platforms (AWS/Azure/GCP), containerization (Kubernetes), programming (Python/Go), and a strong understanding of observability metrics and logs.
4. How does AIOps help DevOps teams?
It reduces the manual burden of incident response (alert fatigue), automates the correlation of events during outages, and speeds up the feedback loop, allowing for faster CI/CD cycles.
5. What is AI Observability?
It is the practice of using AI to analyze complex telemetry data (logs, metrics, traces) to gain a deep, granular understanding of system behavior, enabling teams to solve “unknown” performance issues.
6. What is OpenTelemetry?
OpenTelemetry is an open-source framework that provides a standardized set of APIs and tools for collecting observability data, serving as the essential “plumbing” for AIOps tools.
7. How long does it take to learn AIOps?
Depending on your background, a foundational understanding can be achieved in weeks, while mastery—including practical implementation and architecture design—typically takes several months of hands-on application.
8. What are AIOps Implementation Services?
These are professional services that help organizations plan, deploy, and optimize AIOps tools, ensuring that the technology is correctly integrated with existing workflows and delivers measurable ROI.
9. Is AIOps a good career choice?
Yes. As systems grow in complexity, the ability to manage them via intelligent automation is in high demand, leading to specialized, high-paying roles in SRE and Platform Engineering.
10. What is the future of AIOps?
The future is moving toward “Self-Healing Infrastructure,” where AI not only detects issues but proactively resolves them before they impact users.
Final Summary
The landscape of IT Operations is undergoing a fundamental shift. We are moving from manual, reactive monitoring to intelligent, autonomous operations. AIOps is the engine of this change. By pursuing professional certification, investing in high-quality training, and applying structured implementation strategies, you can turn the chaos of modern system complexity into a streamlined, automated advantage. Whether you are an SRE seeking to reduce your on-call burden or an enterprise leader looking to optimize infrastructure, AIOps provides the path forward. Explore your options at AIOpsSchool to start building the future of intelligent IT operations today.
View the full article
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts,View the full article
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere. It ships inside the firmware that runs security cameras, drones, industrial controllers, hardware crypto wallets, and other devices built onView the full article
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll sits in the same small stretch of kernel code where Anthropic's most powerful AI model, Mythos, recently found a different bug. The AI caught one flaw and missedView the full article
The lower-end iPhone 18 and iPhone 18e will be equipped with 9GB of RAM, up from 8GB in the iPhone 17 and iPhone 17e, according to supply chain analyst Ming-Chi Kuo.


In a social media post, Kuo said the 1GB increase in RAM will ensure that Apple Intelligence features continue to run smoothly on the pair of devices.

The higher-end iPhone 18 Pro, iPhone 18 Pro Max, and foldable "iPhone Ultra" will each have the same 12GB of RAM as the iPhone 17 Pro models, added Kuo.

Apple is expected to release the iPhone 18 Pro, iPhone 18 Pro Max, and the iPhone Ultra in September this year, while the iPhone 18, iPhone 18e, and a second-generation iPhone Air will reportedly be released around March 2027.

Even with an increased 9GB of RAM, two new Apple Intelligence features coming with iOS 27 will not be available on the iPhone 18 and iPhone 18e, including the ability to customize the expressiveness and pace of Siri's voice and a "major boost in accuracy" for speech-to-text dictation. This is because the latest advanced on-device Apple Intelligence model powering those two features requires a minimum of 12GB of RAM.


Here are the confirmed RAM amounts for the iPhone 17 series:iPhone 17e: 8GB
iPhone 17: 8GB
iPhone 17 Pro: 12GB
iPhone 17 Pro Max: 12GBThe rumored RAM amounts for the iPhone 18 series and iPhone Ultra:iPhone 18e: 9GB
iPhone 18: 9GB
iPhone 18 Pro: 12GB
iPhone 18 Pro Max: 12GB
iPhone Ultra: 12GBThe second-generation iPhone Air will presumably have 12GB of RAM, too.

RAM and NAND storage chips are currently expensive due to a supply shortage, resulting in Apple raising prices on more than a dozen products last month. For now, iPhones avoided price increases, but analysts have estimated that the iPhone 18 and iPhone 18e could cost $100 to $200 more than the iPhone 17 and iPhone 17e.Related Roundups: iOS 27, iPadOS 27, iPhone 18Related Forum: iPhone
This article, "iPhone 18 With 9GB RAM Still Won't Support Two New iOS 27 Features" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that's distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls. Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution, bringing together diverse functions under oneView the full article
On this week's episode of The MacRumors Show, we discuss the latest leaks and rumors surrounding the iPhone 18 Pro.

Subscribe to The MacRumors Show YouTube channel for more videos

Tata Electronics, one of Apple's manufacturing partners in India, was hit by a ransomware attack that resulted in more than 200,000 internal files being posted online, including component lists, supplier data, and images of ‌iPhone 18 Pro‌ test units. The material was obtained illegally, and MacRumors has not seen the stolen files directly.

Among the leak's more surprising details is that the C2 modem may be limited to international models, succeeding the C1 and C1X modems already used in the iPhone Air, iPhone 17e, and M5 iPad Pro. A bill of materials for the U.S. variant instead lists Qualcomm components, including the SDX80M and other parts associated with mmWave 5G, a feature Apple's C-series modems still lack. U.S. carriers have spent years building out mmWave networks, making it a harder feature to drop from the Pro lineup than it was from the ‌iPad Pro‌ or a rumored cellular MacBook.

The leak also lined up with existing rumors of a more uniform rear finish than the iPhone 17 Pro's two-tone design and camera lenses that protrude further from the plateau. Separately, a leaked SIM tray offered another look at the rumored Dark Cherry color option, expected to join Light Blue, Dark Gray, and Silver as this year's lineup, with no black model.

On the camera side, the rumored variable aperture main camera is this year's headline upgrade, though it's unclear how much of a real-world difference it will make compared to genuinely transformative jumps in past generations, like the 8x telephoto lens introduced on the ‌iPhone 17 Pro‌ or the and 48-megapixel sensor from the iPhone 14 Pro.

Pricing looms over rumors about the device. Apple has now raised prices across much of its lineup, citing a global memory chip shortage driven largely by AI data center demand. The Apple TV and HomePod price hikes drew particular criticism, since both products are several years old with no accompanying hardware changes.

Estimates for the ‌iPhone 18 Pro‌ itself point to a starting price as high as $1,399, up from $1,099 for the ‌iPhone 17 Pro‌, an increase weighed against a modest RAM and battery bump, a smaller Dynamic Island, and a more capable N2 chip. A rumored 5G-via-satellite feature will likely offer limited access to specific services like Siri or Maps rather than full Safari browsing.

Micron's chief business officer suggested that Apple's own aggressive supplier negotiating tactics may have contributed to the memory shortage now driving prices up industry-wide. The MacRumors Show has its own YouTube channel, so make sure you're subscribed to keep up with new episodes and clips.

Subscribe to The MacRumors Show YouTube channel!

You can also listen to ‌The MacRumors Show‌ on Apple Podcasts, Spotify, Overcast, or other podcast apps. You can also copy our RSS feed directly into your player.



If you haven't already listened to the previous episode of The MacRumors Show, catch up to hear our discussion about potential price rises for the iPhone 18 lineup following Apple's wave of hikes yesterday, as well as plans for the Apple Watch Ultra 4 and camera-equipped AirPods.

Subscribe to ‌The MacRumors Show‌ for new episodes every week, where we discuss some of the topical news breaking here on MacRumors, often joined by interesting guests such as Kayci Lacob, Kevin Nether, John Gruber, Mark Gurman, Jon Prosser, Luke Miani, Matthew Cassinelli, Brian Tong, Quinn Nelson, Jared Nelson, Eli Hodapp, Mike Bell, Sara Dietschy, iJustine, Jon Rettinger, Andru Edwards, Arnold Kim, Ben Sullins, Marcus Kane, Christopher Lawley, Frank McShan, David Lewis, Tyler Stalman, Sam Kohl, Federico Viticci, Thomas Frank, Jonathan Morrison, Ross Young, Ian Zelbo, and Rene Ritchie.

‌The MacRumors Show‌ is on X @MacRumorsShow, so be sure to give us a follow to keep up with the podcast. You can also email us at [email protected] or head over to The MacRumors Show forum thread. Remember to rate and review the podcast, and let us know what subjects and guests you would like to see in the future.Related Roundup: iPhone 18 ProTag: The MacRumors Show
This article, "The MacRumors Show: Latest iPhone 18 Pro Leaks and Rumors" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages "rollup-packages-polyfill-core" and "rollup-runtime-polyfill-core" mimic the legitimate "rollup-plugin-polyfill-node" project, down to the description, repository metadata, andView the full article
The Apple Watch Series 12 could ship with a new health sensor built directly into one of its bands, according to a sketchy rumor from a known leaker.


The leaker known as "Kosutami" says the sensor will be injection-molded into a silicone band, and only a silicone band, apparently because Apple has not yet solved how to embed similar hardware in bands made from other materials. No detail was given on what the sensor is actually meant to measure.



This is not the first time band-based sensing has been floated for Apple Watch, and the idea has reappeared repeatedly over the years, mainly as a result of Apple's patent filings. Back in 2017, a patent for modular band links that could each house a different function emerged, including blood pressure monitors and sweat sensors, followed later that year by a self-adjusting band patent that Apple said could also improve the accuracy of onboard biometric sensors by ensuring a snugger fit.

In 2019, a batch of smart band patents covered skin-texture authentication and other embedded functionality, and in 2021 a dedicated hydration sensor patent proposed the use of electrodes against the skin to measure electrolyte concentration in sweat. None of that patent activity has led to a shipping product so far, and Apple routinely files patents for concepts that never reach customers.

Kosutami's credibility as a source is mixed. While Apple has clearly researched adding sensors to Apple Watch bands extensively, the rumor is new, uncorroborated, and should be taken with a heavy pinch of salt for now.

The Apple Watch Series 12 is likely to be a minor upgrade featuring a new chip and little else is known about the device. It's expected to launch this fall alongside the iPhone 18 Pro and Apple's first foldable iPhone, continuing to use the same design introduced with the Series 10.Related Roundup: Apple Watch 11Tag: KosutamiBuyer's Guide: Apple Watch (Caution)
This article, "Sketchy Rumor Claims Apple Watch Series 12 Could Introduce Sensor in Band" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
The second iOS 27 developer beta seemingly hints at a new Apple product, according to code uncovered by app designer and developer Sam Henri Gold.


The code mentions a product codenamed B790 that can relay "two images from cameras on either side of user's head." Gold speculated that the code could be referring to Apple's rumored smart glasses, but another possibility is AirPods with cameras, which are reportedly further along in development. AirPods Pro 3 were codenamed B788.

Apple is rumored to be working on both "AirPods Ultra" and smart glasses with cameras, and Visual Intelligence is expected to be a core feature of these products. While wearing the camera-equipped AirPods or glasses, you would be able to look at something such as a house plant and have Siri provide you with information about it.

Visual Intelligence is already available on the iPhone 15 Pro and newer. On iOS 27, the feature is accessible through the Camera app via a new "Siri" mode.

The code appears to instruct Visual Intelligence on how to function on the mystery device. It says the feature works with landmarks, text, and known objects, with the Eiffel Tower in Paris and a coffee mug cited as two examples.


The code does not reveal much else, but it serves as yet another indication that Apple is actively developing more camera-equipped wearables.

According to the latest reporting from Bloomberg, both the "AirPods Ultra" and the smart glasses are currently slated to launch in late 2027.Related Roundups: AirPods 4, iOS 27, iPadOS 27Tags: AirPods Ultra, Apple GlassesBuyer's Guide: AirPods (Caution)Related Forum: AirPods
This article, "iOS 27 Beta Hints at New Apple Product Such as 'AirPods Ultra'" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple's software engineers recently began testing iOS 27.4, according to the MacRumors visitor logs.

Fun fact: Apple tests the "fall" (iOS 27.0) and "spring" (iOS 27.4) software releases concurrently.
This article, "Apple Already Testing iOS 27.4" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Microsoft users have been hit by a massive, automated password spray attack.
Among those targeted by the attack were clients of security company Huntress. It reported that the attackers made 81 million attempts to log into its customers’ accounts between June 12 and 26 — and succeeded in at least 78 cases.
And that’s just the attacks on Microsoft account holders who also happen to be Huntress customers: The number of compromised accounts could be much higher, as it’s in the nature of a password spray attack to attempt to connect indiscriminately.
The attacks all came from a single source, an IPv6 address range controlled by internet provider LSHIY LLC, Huntress said in a blog post. LSHIY has since terminated access for the customer using the IP addresses involved in the attack.
Huntress had been monitoring spray attacks for some time and had noticed a slight increase from June 12, and then a sudden spike on June 22 when 30 of its customers were affected.
The attackers replayed validated credentials via the OAuth ROPC (Resource Owner Password Credentials) flow. This takes a username/password at the /token endpoint for a tenant and mints a new user-delegated token, once provided with the correct credentials. This was possible because multi-factor authentication (MFA) had not been configured to handle the techniques deployed by the attackers.
Huntress said that this was because, in some cases, MFA had been enforced for specific apps instead of “All Cloud Apps.” For example, some organizations enforced MFA for Microsoft Admin Portals, which did not cover the Azure CLI logins used by the attacker.
In other cases, organizations enabled MFA only for specific user groups (such as Admins Only). The compromised users were not in the scope of these specific user groups.

View the full article
This week's best deals include ongoing all-time low prices on AirTag 2, plus great discounts on the previous-generation M3 iPad Air, for anyone who wants to avoid price hikes on the M4 models. We're also tracking Fourth of July savings from popular accessory makers this weekend.

Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

Fourth of July Deals


It's Fourth of July weekend, and we're tracking numerous sales across popular accessory companies right now. This includes sitewide deals at Anker, B&H Photo, Best Buy, OtterBox, ZAGG, and more. Many of these savings events will end on Sunday, July 5, so be sure to shop them this weekend before they're gone.

Anker - Get up to 40% off charging accessories
AT&T - Get iPhone 17 Pro Max for up to $1,100 off
B&H Photo - Save on computers, photography equipment, and more
Best Buy - Save sitewide on Apple gear and more
Hyper - Get up to 25% off
JBL - Get up to 40% off speakers and headphones
OtterBox - Get 25% off sitewide
ZAGG - Get 25% off sitewide

AirTag 2


What's the deal? Take up to $10 off AirTag 2
Where can I get it? Amazon
Where can I find the original deal? Right here
$2 OFFAirTag 2 (1-Pack) for $27.00
$10 OFFAirTag 2 (4-Pack) for $89.00

Apple's AirTag 2 is still available for the all-time low price of $89.00 this week, down from $99.00. This sale is on the 4-Pack of the AirTag 2, and it's one of the very few Prime Day deals that's stuck around since the event ended last week.

M3 iPad Air


What's the deal? Save on previous generation iPad Air tablets
Where can I get it? Best Buy
Where can I find the original deal? Right here
UP TO $400 OFFM3 iPad Air at Best Buy

Best Buy's Fourth of July sale is currently running, and it features a big sale across Apple's previous generation M3 iPad Air tablets. You can find up to $400 off these devices during the event, and they're particularly notable when compared to the recently increased prices of the 2026 M4 iPad Air.

11-inch

11-inch M3 iPad Air (128GB Cell) - $499.00 ($899.00 for M4 model)
11-inch M3 iPad Air (256GB Cell) - $599.00 ($999.00 for M4 model)
11-inch M3 iPad Air (512GB Cell) - $749.00 ($1,199.00 for M4 model)
11-inch M3 iPad Air (1TB Cell) - $849.00 ($1,499.00 for M4 model)
13-inch

13-inch M3 iPad Air (512GB Cell) - $949.00 ($1,399.00 for M4 model)
13-inch M3 iPad Air (1TB Cell) - $1,049.00 ($1,699.00 for M4 model)

Samsung


What's the deal? Save on Samsung's newest monitors
Where can I get it? Samsung
Where can I find the original deal? Right here
UP TO $350 OFFSamsung 2026 Monitors

Samsung's newest monitors have been further discounted this week, with big savings on the Odyssey G8, ViewFinity S8, and Movingstyle Essential. All of these have discounts that have been applied automatically.

AirPods 4


What's the deal? Take $30 off AirPods 4
Where can I get it? Amazon
$30 OFFAirPods 4 for $99.00

Amazon is offering the AirPods 4 for $99.00 this week, down from $129.00. This is another Prime Day deal that's stuck around all week, and it's an overall solid second-best price on the earbuds.

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Fourth of July Sales: Save on AirTag 2, M3 iPad Air, Charging Accessories and More" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Adobe will now issue security patches for its products twice as often to deal with the increasing pace of software vulnerability discovery and exploitation.
This follows Oracle’s decision to increase its quarterly patch program to a monthly one.
Adobe issues patches on the second Tuesday of each month, as do Microsoft and SAP. Starting in July, it will also issue them on the fourth Tuesday of each month, it said in a blog post.
As an early indicator of the need for the faster rhythm, it issued two security advisories dealing with a number of critical vulnerabilities on June 30 — the fifth Tuesday of that month: APSB 26-28 and APSB26-29. It is not alone in issuing out-of-sequence patches for urgent fixes: In April, Microsoft also released one to react to a particular threat.
Adobe said in a blog post that it is responding to the increased level of threats: “Twice-monthly bulletins will enable us to keep pace with the era of frontier AI. More vulnerabilities found means more fixes to deploy and a once-a-month publication window is no longer fast enough to stay ahead of our adversaries. This new cadence is the direct result of investing in improved vulnerability discovery.”
The new schedule will be effective from July 14 and will apply to every advisory that includes a formally published CVE requiring customer action.

View the full article
A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. "Armored Likho blends financially motivated campaigns targeting private individuals with targeted cyber espionage aimed at organizations," Kaspersky said in a technical analysis published today. "View the full article
Apple will release iOS 27 in September, and despite the company's focus this year on refining its flagship operating system and nixing bugs, there are still many additional features on the way, not least of which is Apple's new context-aware Siri, re-tooled for the generative AI era.


This year's major iPhone software update isn't all about AI, though, as the following feature list testifies. iOS 27 remains in developer beta, while a public beta is expected to arrive this month.

Extend Your Photos and Lock Screen Wallpaper


A new wallpaper extension feature in iOS 27 uses Apple Intelligence to automatically expand a photo beyond its original boundaries so it fills the entire Lock Screen more naturally. If a photo is cropped too tightly, doesn't match your iPhone's aspect ratio, or it leaves empty space when positioned on the Lock Screen, iOS 27 can generate additional image content around the edges with the "Extend" option. It will analyze the existing image and create matching background details that blend with the original photo, so there's no need for aggressive cropping. The Extend option can also be found in the Photos app.

Organize Your Safari Tabs


Safari uses Apple Intelligence to automatically organize your open tabs into related topics, making them easier to browse and manage. For example, if you're shopping for a new refrigerator while planning a vacation, Safari groups tabs for each activity into separate topic-based collections. You can enable this feature by opening Tab View, tapping the three-line icon in the top-right corner, and turning on Automatically Create Topics.

Use Natural Language for Reminder and Calendar Entries


In the Reminders app, you can now create reminders using natural language, and Apple Intelligence will automatically fill in details such as the date, time, and location. For example, if you type "Pick up Dad at 6 p.m. tonight" or "Send the photos to Eric tomorrow at 3 p.m.," Reminders extracts the relevant information and adds it to the reminder automatically.

The Calendar app also supports natural language input, identifying people, dates, and locations as you type. You can then tap the suggested information to quickly add it to your event.

Inline Reply to Messages From Android Users


In the Messages app, you can now long press on a specific message from an Android user (a green chat bubble) and get an option to reply to it. That contrasts with iOS 26, where inline replies are limited to blue bubbles sent over Apple's iMessage platform.

Upgrade Your Wallet Passes


Apple has expanded the redesigned pass experience in the Wallet app with iOS 27, bringing the enhanced design introduced for airline boarding passes in iOS 26 to additional pass types. Membership, gift, loyalty, and rewards cards can now use a new Poster Generic layout with a background image, a logo, customizable header and footer fields, main information, and an optional barcode. Passes can also include up to two quick actions at the bottom, such as getting directions to a venue or checking a rewards points balance.

Describe Your Next Shortcut


Apple Intelligence makes creating shortcuts much more accessible by letting you build them with natural language. Tapping New Shortcut in the Shortcuts app opens a Describe a Shortcut interface, where you simply explain what you want the shortcut to do. You can describe a single action or a more complex automation, and Apple Intelligence selects the appropriate actions and assembles the shortcut automatically.

For example, you could create a shortcut that sets tomorrow's alarm based on your first Calendar event, enables Sleep Focus, and dims the bedroom lights each evening, or one that displays your first meeting, the weather, and today's reminders every morning. Like existing shortcuts, these automations can be triggered by factors such as the time of day, your location, app activity, system events like taking a screenshot, incoming notifications, and more.

Get a Better Flyover of Your City


Apple is enhancing the Flyover feature in Maps with iOS 27, using Apple Intelligence models to improve aerial imagery with greater texture and sharper detail. Trees, buildings, and other landmarks appear more realistic, with more accurate geometry and improved lighting effects.

According to Apple, the update makes select cities around the world look more lifelike, from the shape of individual trees to the way light reflects off glass skyscrapers. Flyover already offers detailed 3D views of landmarks, roads, parks, and buildings in more than 350 cities, so iOS 27 is essentially using AI to further improve the quality of those visualizations.

Ask Siri What Your Camera Sees


The iOS 27 Camera app has a new "Siri" mode that is available in addition to the video, photo, and other camera modes. The new mode uses Visual Intelligence to identify objects in the frame and provide information about them. It can be used to identify plants, animals, food, and more. If it's food you want info on, for example, it can tell you what it is, and how many calories are in it.

Other examples ‌Siri‌ mode can be used for include capturing a photo of an event flyer and adding a date to the Calendar app, text translation, splitting a bill, and more.

Make Your Lock Screen Clock More Compact


A new compact clock mode is available as a new Lock Screen layout option in iOS 27. Found in the top-right corner of the Font & Color panel, the option moves the time from its traditional large, centered position to a much smaller format alongside the date and widgets at the top of the screen. It's a nice option to have if you like a cleaner Lock Screen look that shows off your wallpaper more fully, and it's the complete opposite effect introduced in iOS 26 that stretches the clock down the screen.

Generate Photo-realistic Images with Image Playground


Apple's Image Playground has been a bit of an embarrassment up until now, being limited to cutesy re-renderings of actual photos and sketched illustrations. But the app gets a major update in iOS 27. Powered by a new generative model that runs on Private Cloud Compute, it can produce high-quality images in virtually any style, including photo-realistic output for the first time. All generated images automatically carry a hidden SynthID watermark to identify them as AI-generated. The app now also supports photo-based editing in addition to creation.

Tweak Liquid Glass Opacity


If Apple's Liquid Glass UI embrace in iOS 26 wasn't your thing, there's a way to tone it down. In iOS 27, Apple added a full Liquid Glass slider under Settings ➝ Appearance ➝ Liquid Glass. It changes the translucency of Liquid Glass elements, and you can choose a clear version of Liquid Glass that allows some of the background to show through, select a more opaque, tinted version that improves the legibility of text, or choose something in between.

Create a Slideshow from Any Album


In iOS 27, you can create a slideshow from any album, collection, or selection of photos in the Photos app, rather than being limited to Memories. Open an album or select multiple photos, tap the menu button in the top-right corner, and choose Start Slideshow. Slideshows can be customized with different transition styles, slide durations, and background music, and then saved as a video or shared directly to social media.Related Roundups: iOS 27, iPadOS 27
This article, "12 New Things Your iPhone Can Do in iOS 27" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Citrix NetScaler appliances have been a constant target for attackers in recent years, most recently through an information leak vulnerability dubbed CitrixBleed 3, the latest in a series of NetScaler memory overreads going back to 2023. This week, Citrix patched yet another CitrixBleed-like vulnerability and there are signs of in-the-wild exploitation already.
The new memory overread vulnerability, tracked as CVE-2026-8451, was found by researchers from security firm watchTowr who published a detailed write-up showing how unauthenticated malformed requests can result in protected process memory data being leaked back in responses.
The original CitrixBleed (CVE-2023-4966), CitrixBleed 2 (CVE-2025–5777), and CitrixBleed 3 (CVE-2026-3055) vulnerabilities were all rated critical because they could be used to leak session tokens and other credentials stored in memory. The new CVE-2026-8451 can only be used to leak much smaller amounts of data which do not appear to include session IDs. For this reason, Citrix gave it a CVSS score of 8.8 (high severity).
For exploitation to be possible, the NetScaler appliance needs to be configured as a SAML Identity Provider, but this was also the case for CitrixBleed 3, which was patched in March and was subsequently exploited in the wild.
So, this requirement doesn’t mean attacks are unlikely or that this configuration is uncommon. In fact, less than 24 hours after the Citirix patch, security firm Lupovis reported seeing exploitation attempts hitting its honeypot sensors.
“Three separate sensors were targeted within a five-hour window,” the company said. “The actor received a 200 response on the third sensor and immediately delivered the exploit payload.”
Smaller leak but still dangerous
Even though watchTowr was only able to leak bytes of data using this flaw, compared to kilobytes with previous CitrixBleed issues, the exposed information could still be useful to attackers.
While the proof-of-concept did not reveal credentials or tokens, it’s possible that repeated requests would eventually be able to leak something sensitive. At the very least, the leaks can expose process memory pointers that could allow attackers to more easily deliver payloads using memory write vulnerabilities such as buffer overflows.
By overwriting data in a memory location that normally contains code the process executes, attackers could bypass anti-exploitation defenses like ASLR to take full control of the device.
As part of this same patch cycle Citrix also addressed two high-severity memory overflow vulnerabilities, tracked as CVE-2026-8452 and CVE-2026-8655. Chaining exploits for different vulnerabilities is a common approach in modern attacks.
The company also patched an unauthenticated arbitrary file read (CVE-2026-10816), another out-of-bounds memory overread (CVE-2026-10817) and a denial-of-service issue exploitable through HTTP/2 requests (CVE-2026-13474). The latter is actually a NetScaler-specific instance of the HTTP/2 Bomb vulnerability (CVE-2026-49975) patched recently in Apache Web Server.
Mitigation
Citrix advises customers to upgrade their NetScaler ADC and NetScaler Gateway appliances to versions 14.1-72.61, 14.1-72.61 FIPS, 13.1-63.18, 13.1-FIPS and 13.1-NDcPP 13.1.37.272. The HTTP/2 Bomb vulnerability also requires configuration changes in addition to the patches.
These changes are described in the Citrix advisory along with methods to determine if appliances meet the configuration pre-conditions for exploitation for the other flaws. WatchTowr also published a Python detection script for the CVE-2026-8451 vulnerability that allows organizations to quickly test if their appliances are susceptible to the exploit.

View the full article
Development of Apple's rumored camera-equipped AirPods Pro has been halted, according to the leaker and prototype collector known as "Kosutami."


In a blunt post on X referencing a June post about the product "case" being "concluded," the leaker appeared to be correcting it to say that the project has been "suspended." No other details were provided.

The claim comes as quite a surprise, given that Bloomberg reported in May that the camera-equipped AirPods Pro were nearing completion and had reached an "advanced" testing stage, suggesting early mass production could be imminent.

That said, the same report also noted that Apple could also opt to wait to launch the AirPods if it was not satisfied with the quality of the ‌Visual Intelligence‌ features in development for ‌Siri‌.

The AirPods Pro's built-in cameras are said to feed visual information about the wearer's surroundings to Siri. The cameras would not be for taking photos or videos, but used solely for AI purposes. "Kosutami" claimed in February that the infrared cameras will allow for the AirPods Pro to be "connected with Apple Intelligence," and other reliable sources have since corroborated that claim. The new AirPods have been in development for around four years.

Apple reportedly wanted to start selling the camera-equipped AirPods Pro in the first half of 2026, but the product's launch was held back because the smarter, AI version of ‌Siri‌ was still being developed – it exists in the current iOS 27 beta, but it won't be widely available until the release of iOS 27 in September.

Bloomberg said Apple was expecting strong demand for the new AirPods Pro and had operations teams working to secure components for a launch in challenging circumstances, owing to the industry-wide shortage of memory chips and other silicon. It's not clear whether this is the reason behind Kosutami's claim that the project has been suspended.

Kosutami is best known as a collector of prototype Apple hardware, but they have occasionally shared accurate information about Apple's future product plans. For example, around 10 months before the iPhone 16 Pro launched, they correctly revealed that it would feature a metal-enclosed battery.

They also provided an early look at an Apple Watch band made from Apple's controversial FineWoven material. However, Kosutami incorrectly claimed that AirPods Pro 3 were imminent in August 2024.Related Roundup: AirPods Pro 3Tag: KosutamiBuyer's Guide: AirPods Pro (Neutral)Related Forum: AirPods
This article, "Camera-Equipped AirPods Pro Development 'Suspended,' Leaker Claims" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Earlier this year, three YouTube channels sued Apple, alleging that the company violated the U.S. Digital Millennium Copyright Act (DMCA) by unlawfully accessing and scraping millions of copyrighted YouTube videos to train its AI models.


In a class action lawsuit filed with the U.S. District Court for the Northern District of California in April, the owners of the YouTube channels h3h3Productions, MrShortGame Golf, and Golfholics allege that Apple "deliberately circumvented" YouTube's protections against video scraping and "profited substantially" by doing so.

Apple's actions were "not only unlawful, but an unconscionable attack on the community of content creators whose content is used to fuel the multi-trillion-dollar generative AI industry without any compensation," the complaint alleged.

h3h3Productions is a well-known YouTube channel created by Ethan Klein and Hila Klein, and they later created the H3 Podcast. Their channels have millions of followers, while MrShortGame Golf and Golfholics have hundreds of thousands of followers. The channels filed equivalent lawsuits against Meta, Nvidia, ByteDance, and Snap.

Apple responded to the lawsuit this week, according to a court document viewed by MacRumors. In short, Apple said the plaintiffs made the videos publicly available on YouTube and that it was permitted to access the videos under the DMCA. Apple said YouTube's Terms of Service likewise permitted the company to access the videos.

"Plaintiffs allege that they posted audiovisual works to YouTube, and that any member of the public can see them there," reads Apple's response. "No password. No payment. No lock. No key. Allegedly, YouTube employs technological measures to prevent unauthorized downloading. But because YouTube provides public access to the videos, the alleged technological measures do not control access to the works, as § 1201(a) requires."

Apple said the plaintiffs have ultimately failed to state a claim, and it requested that the court dismiss the lawsuit as a result.Tags: Apple Lawsuits, YouTube
This article, "Apple Responds to Lawsuit Filed by Three YouTube Channels" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Nearly a year ago, Apple filed a lawsuit against YouTuber Jon Prosser and Michael Ramacciotti over alleged theft of the company's trade secrets. Apple alleged that the duo coordinated to break into former Apple software engineer Ethan Lipnik's development iPhone, in order to access and profit off details about "iOS 19," which ended up being called iOS 26.


Prosser is the host of the popular YouTube channel Front Page Tech, and Ramacciotti was his acquaintance. Last year, Prosser shared YouTube videos containing leaked "iOS 19" details, months before Apple unveiled the update. Later, an anonymous tipster informed Apple via email that the information was sourced from Lipnik's iPhone, leading the company to investigate. Apple ultimately fired Lipnik and sued Prosser and Ramacciotti.

Prosser formally responded to the lawsuit today, according to a court document obtained by MacRumors. Prosser admitted that he participated in a FaceTime video call with Ramacciotti, wherein Prosser was shown certain "iOS 19" features and apps running on the development iPhone. However, he denied that any of the information he viewed contained trade secrets, and he denied knowing that the development iPhone belonged to Lipnik.

Prosser denied that he planned or participated in any conspiracy or coordinated scheme with Ramacciotti for the purpose of injuring Apple.

Prosser's attorney said that Ramacciotti's act of displaying the iOS 19 features on the FaceTime call was not induced by Prosser and, as such, Ramacciotti is "completely responsible" for the disclosure of Apple's alleged trade secrets, if any.

Ramacciotti is responsible for all harm caused to Prosser, according to Prosser's response.

Prosser denied that he is in possession of any further confidential Apple information in this case that has not already been disclosed to Apple.

The case is before the U.S. District Court for the Northern District of California. Prosser has requested a jury trial where applicable.Related Roundups: iOS 26, iPadOS 26Tags: Jon Prosser, Apple LawsuitsRelated Forum: iOS 26
This article, "YouTuber Jon Prosser Responds to Apple's Lawsuit Over iOS 26 Leaks" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
After last week's craziness around Apple's major price hikes, things returned to a bit more of a normal flow this week, with the rumor mill offering up tidbits about the long-rumored touchscreen MacBook, the iPhone 18 lineup, and more.


This week also saw minor updates for iOS, iPadOS, and macOS that included a surprising number of security fixes, while a cyberattack at an Apple manufacturing partner has the company concerned about leaked confidential information, so read on below for all the details!

Top Stories

Apple's OLED 'MacBook Ultra' Will Stick With M5 Pro and M5 Max Chips

Last week, Bloomberg reported that Apple will be accelerating development of its M7 family of chips to deliver greater AI-focused capabilities sooner, but it also means Apple will not be releasing M6 Pro and M6 Max chips.


That revelation left open the question of which chips Apple is planning on using in its highly anticipated touchscreen "MacBook Ultra" rumored for release late this year or early next year, and Bloomberg now says Apple will be using M5 Pro and M5 Max chips for that product.

The news is likely to disappoint some who have been waiting for the new high-end MacBook, considering the M5 Pro and M5 Max have been used in the current MacBook Pro models since March, so the chips could be approaching a year old by the time the MacBook Ultra debuts.

For more details on what we're expecting to see in the MacBook Ultra, be sure to check out our guide and recent video overview.

As for the base MacBook Pro currently powered by the regular M5 chip, Bloomberg says there is an M6 model coming late this year, with a redesigned M7 model matching the upcoming MacBook Ultra to follow relatively soon after in the first half of 2027.

2027 iPhone 18 and iPhone 18e to Get 9GB RAM and A20 Chip

The lower-end iPhone 18 models set to launch in spring 2027 will feature 9GB DRAM, up from 8GB, according to Apple analyst Ming-Chi Kuo. By lower-end iPhones, Kuo is likely referencing the ‌iPhone 18‌ and the iPhone 18e, both of which are rumored to be coming around March or April of 2027.


The report is a bit of a surprise given previous rumors have indicated that at least the iPhone 18 would include 12GB of RAM, and a couple of iOS 27 features unveiled at WWDC last month are only available on iPhone and iPad devices with at least 12GB of RAM.

Apple 'Concerned' Over iPhone 18 Pro Data Leak From Supplier Tata

In late June, it was revealed that Apple manufacturing partner Tata had been the target of a cyberattack that resulted in confidential documents from Apple and other companies being leaked on the dark web.


Apple is unsurprisingly "concerned" about the leak from its Indian manufacturing partner, as the files include detailed information about parts and suppliers for the upcoming iPhone 18 Pro and iPhone 18 Pro Max.

Some details from the files have been circulating, including a few images and videos, though it appears Apple may be trying to crack down on distribution of the confidential content.

iPhone 18 Pro is Just a Few Months Away With These 10 New Features

Even aside from the Tata leak, a lot of information is already known about the iPhone 18 Pro and iPhone 18 Pro Max, which are expected to debut in September, so be sure to check out our overview.


Among the most recent leaks are an alleged SIM tray in a dark cherry color that has been rumored for the device, and an alleged diagram of the device's logic board showing a new layout for the A20 Pro chip with the RAM sitting next to the main processor rather than on top of it.

Potential buyers should also be prepared for the possibility of a price shock, considering Apple's recent price increases across its iPad and Mac lineups. One market intelligence firm believes Apple could raise prices by up to $200 compared to the current iPhone 17 Pro lineup.

Apple Releases iOS 26.5.2 With Security Fixes

Apple this week released 26.5.2 updates for iOS, iPadOS, and macOS Tahoe, delivering fixes for more than 25 security vulnerabilities.


Apple says that it used the releases to deliver the included security fixes sooner than originally planned, as the company seeks to speed up fixes in an age where AI has made it easier and faster to exploit disclosed vulnerabilities.

Apple Acquires Award-Winning App 'Play'

In February, Apple notified the European Commission that it would be acquiring certain assets from and have the right to hire certain employees from Rabbit 3 Times, the company behind the award-winning app design tool Play. The notification was published on the European Commission's website this week, following a four-month waiting period.


Play was a Mac and iPhone app that allowed designers to prototype iPhone app interfaces using Apple's SwiftUI frameworks, and then send them to Xcode. In 2025, the app won an Apple Design Award for innovation, but it is no longer available in the App Store and it is unclear what Apple's plans are for the intellectual property associated with it.

MacRumors Newsletter

Each week, we publish an email newsletter like this highlighting the top Apple stories, making it a great way to get a bite-sized recap of the week hitting all of the major topics we've covered and tying together related stories for a big-picture view.

So if you want to have top stories like the above recap delivered to your email inbox each week, subscribe to our newsletter!Tag: Top Stories
This article, "Top Stories: 'MacBook Ultra' and iPhone 18 Rumors, iOS 26.5.2 Security Fixes, and More" first appeared on MacRumors.com
View the full article
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa botnet, a collection of at least two million devices that have been compromised by malicious software with little or no consent from victims.
The NetNut homepage today was replaced by this seizure banner from the FBI.
On June 19, three different security firms issued similar findings: That NetNut is a residential proxy network which populates a botnet called Popa, and distributes software for devices commonly found in homes, such as smart TVs and streaming boxes. NetNut’s software turns those systems into always-on residential proxy nodes that are rented to others, who predominantly use them to relay abusive and intrusive Internet traffic, such as mass content scraping, advertising fraud, and account takeover activity.
Earlier today, NetNut’s homepage was replaced with a seizure notice from the FBI and the Internal Revenue Service Criminal Investigation division. The seizure notice thanked Google, Lumen, Shadowserver and other industry partners for their help in dismantling hundreds of domains tied to the Popa botnet, which experts say has long been synonymous with NetNut’s residential proxy infrastructure.
In a blog post published today, the Google Threat Intelligence Group (GTIG) said NetNut’s proxy network is widely resold and white-labeled by a number of third-party proxy providers, and that its services are heavily sought out by cybercriminals seeking to obfuscate the source of their malicious traffic. The GTIG said that in a single week during June 2026, they observed 316 distinct clusters of threat actors using suspected NetNut exit nodes, including cybercriminal and espionage groups.
“These bad actors can use NetNut to mask their origin IP address when accessing victim environments, accessing their own infrastructure, and conducting password spray attacks,” Google’s GTIG wrote. “Furthermore, when a consumer device becomes an exit node, unauthorized network traffic passes through it. This means bad actors can access other private devices on the same home network, effectively exposing them to Internet threats.”
Google said it disabled Google accounts and services used by NetNut for malware command and control, and that it shared technical intelligence on NetNut’s software development kits (SDKs) and backend infrastructure with platform providers, law enforcement and research firms. The company also disabled apps known to bundle NetNut’s various SDKs.
Omer Weiss, legal counsel for NetNut parent Alarum Technologies, said the company was aware of the FBI seizure and cooperating with investigators.
“Alarum takes this matter seriously and will fully cooperate with law enforcement to ensure any misuse of its infrastructure is thoroughly investigated and those responsible are held to account,” Weiss said in a written statement.

Benjamin Brundage is founder of the proxy tracking service Synthient, one of the companies that published evidence last month linking the Popa botnet to NetNut and Alarum Technologies. Brundage said the domain seizures appear to have disrupted both the Popa botnet and the NetNut proxy network that rides on top of it.
Brundage said NetNut’s apparent demise is likely to be a great disadvantage for the cybercrime community, which was already reeling from legal actions by Google earlier this year that seized infrastructure for NetNut’s biggest competitor — IPIDEA.
“I think this takedown is going to have a big impact, because NetNut gained significant popularity after the IPDEA takedown,” he said. “Also NetNut has been incredibly common among resellers, and they were on par with IPIDEA in terms of their daily traffic, quality, size, price per gigabyte, all of it.”
NetNut’s infrastructure, in a nutshell. Image: Black Lotus Labs, Lumen.
The NetNut and Popa botnet takedown may have another added benefit, Brundage said: Lessening the impact of large distributed denial-of-service botnets that have been built on the backs of poorly configured residential proxy services. In January, Synthient revealed how cybercriminals had built the world’s largest DDoS botnet (Kimwolf) by tunneling through IPIDEA proxy connections into the local networks of TV boxes owners, and infecting other Android-based devices behind the victim’s firewall.
While many of the bigger proxy providers took steps to block this activity, resellers of the major proxy networks have been far slower to respond to the threat, Brundage said.
“In terms of all these TV box devices getting compromised from the proxy network, it will have an impact on the DDoS botnets out there,” he said.
For its part, Google reckons today’s actions have caused “significant degradation to NetNut’s proxy network and its business operations, reducing the available pool of devices for the proxy operator by millions.” But the company warns that proxy networks can rebuild themselves by effectively reselling other proxy services, as IPIDEA has done over the past few months.
“Google has high confidence that many popular residential proxy brands are in fact whitelabeling the NetNut botnet,” the GTIG report concludes. “While we expect this disruption to have a larger ripple effect across the residential proxy ecosystem, observations after the disruption of IPIDEA proved that individual networks can appear resilient. What we have observed is that when faced with the degradation of their own botnet, proxy operators begin buying capacity from their competitors, effectively becoming a reseller. We recognize that creating a lasting disruption in this fluid ecosystem means we must scale our efforts to target the infrastructure of several interconnected providers.”
As KrebsOnSecurity has warned repeatedly, most of the no-name TV streaming boxes for sale on the major e-commerce websites either come pre-installed with residential proxy software, or require the installation of proxy SDKs in order to use the device for its stated purpose (streaming pirated movies, sporting events and TV shows). Google’s advice here is sound: When it comes to TV boxes, stick to name brands from reputable manufacturers, and then be sparing and judicious with any apps you choose to install.
The sketchy TV boxes that are being commandeered by the Popa botnet and other threats all come with or require the user to install unofficial Android operating systems that do not operate within the confines of Google’s Official Play Protect store. Google says consumers can confirm whether or not a device is built with the official Android TV OS and Play Protect certification by following these instructions.
Even people without TV streaming boxes can find their smart TVs enrolled in residential proxy networks, just by installing one of thousands of apps available for download on Samsung and LG smart TVs. In a report released last month, the proxy tracking company Spur found 42 percent of apps available for download via the webOS operating system on LG smart TVs include SDKs that turn one’s television into an always-on residential proxy node. More than a quarter of the apps made for Samsung’s Tizen operating system had similar residential proxy components, Spur found.
Image: Spur.us.
View the full article
Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people's traffic. Working with the FBI, Lumen, and others, Google's Threat Intelligence Group (GTIG) said this week it had reduced the network's pool of usable devices by millions. Google identifies NetNut, also tracked as Popa, as a network spread across homeView the full article
Apple previously announced that the first iOS 27 public beta would be released in July, meaning that it should be available at some point this month.


Below, we have outlined how to get ready for the iOS 27 public beta, which will likely follow the third or fourth iOS 27 developer beta.

Release Date History

The first public betas of iOS 16 through iOS 26 came out between July 11 and July 24.


iOS 26 Public Beta: Thursday, July 24, 2025
iOS 18 Public Beta: Monday, July 15, 2024
iOS 17 Public Beta: Wednesday, July 12, 2023
iOS 16 Public Beta: Monday, July 11, 2022


Get Ready

Once it is available, anyone will be able to install the iOS 27 public beta on a compatible iPhone for free by following the steps outlined below.

Sign up at beta.apple.com for free.
Open your iPhone's Settings app and tap General → Software Update → Beta Updates.
Select the iOS 27 Public Beta option (restart your iPhone if you don't see it) and follow the on-screen steps.If you are impatient, anyone can install the iOS 27 developer beta for free right now.

Warning: While public betas are usually more stable than developer betas, iOS betas of any kind often have bugs and performance issues. You may not be able to use some apps that you rely on, and issues can extend to CarPlay. Backing up your iPhone before installing beta software is highly recommended, and relying on a secondary iPhone altogether is always a good idea if possible.

iOS 27 is compatible with the iPhone 11 and newer, but Apple Intelligence features like Siri AI are limited to the iPhone 15 Pro and newer.

Keep in mind that the revamped version of Siri has a waitlist. To join the waitlist, open the Settings app on iOS 27 and tap on Siri and you will find it there. In some cases, it can take a few weeks to receive access to Siri AI and the Siri app.

Beyond the new Siri, iOS 27 features Liquid Glass design enhancements, performance improvements, expanded child safety features, and more.Related Roundups: iOS 27, iPadOS 27
This article, "iOS 27 Public Beta Available This Month, Here's How to Get Your iPhone Ready Now" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. "Although tactics differ between affiliates, common patterns emerged in tradecraft through use of legitimate Remote Management and Monitoring (RMM) tooling, credential access, and hands-on-keyboard procedures used for lateralView the full article
Volkswagen is planning to offer Apple Wallet car keys in future U.S. vehicles, according to new Apple server-side code.

The code does not provide any more details, so we do not know which VW vehicle models will offer the feature or when.

With an Apple Wallet car key, you can use your iPhone or Apple Watch to lock, unlock, and start your vehicle. The feature is already offered by Audi, BMW, Hyundai, Kia, Genesis, Mercedes-Benz, Volvo, and select other automakers in various countries.
This article, "VW Planning to Offer Apple Wallet Car Keys on iPhone" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Stolen data from Apple manufacturing partner Tata Electronics appears to reveal that the iPhone 18 Pro will use different modem chips depending on the market it is sold in, with U.S. models retaining Qualcomm hardware while international models will feature Apple's in-house C2 modem.



The finding emerged from a wide-ranging cyberattack on Tata, which alongside Foxconn assembles the iPhone. More than 630GB of confidential data was stolen by a ransomware group calling itself "World Leaks" and has been circulating online. The material was obtained illegally and MacRumors has not seen the stolen files directly. AppleInsider conducted an analysis of the stolen files and said it could confirm the authenticity of several key documents.

Among the information that has attracted particular is a bill of materials apparently related to the U.S. variant of the ‌iPhone 18 Pro‌, which lists multiple Qualcomm components rather than Apple's C2 modem, codenamed Ganymede. The Qualcomm parts referenced include the SDX80M, SDR875, QDM8771, QDM8720, PMK75, PMX75, and QET7100A, components associated with mmWave 5G support. International ‌iPhone 18 Pro‌ models, by contrast, are said to use the "C2," which would succeed the C1 and C1X modems currently found in the iPhone Air, iPhone 17e, and M5 iPad Pro.

The implication, as AppleInsider notes, is that the C2 still lacks mmWave capability, and that Apple is once again relying on Qualcomm to fill that gap for American carriers.

mmWave is the ultra-high-frequency band of 5G offered primarily by Verizon, delivering very fast download speeds over short distances. Apple's C1 and C1X modems are widely regarded as more power efficient than their Qualcomm counterparts, meaning U.S. ‌iPhone 18 Pro‌ buyers may see somewhat worse battery life than those purchasing the same device elsewhere.

Daring Fireball's John Gruber offered analysis of the practical tradeoffs involved. While 5G outpaced LTE in his tests, Gruber argued the difference has no meaningful impact on how the phone actually feels to use:



On why Apple would not simply deploy the C2 everywhere rather than retaining Qualcomm for the U.S. market, Gruber pointed the finger squarely at carrier economics:



The C2 modem has been a rumored feature of the iPhone 18 Pro for years as part of Apple's broader effort to reduce its reliance on Qualcomm. A split deployment, with the C2 handling most of the world while Qualcomm covers the U.S., would represent a significant step in that direction even if it falls short of a complete transition.

The ‌iPhone 18 Pro‌ and ‌iPhone 18 Pro‌ Max are expected to launch in the fall alongside the first foldable iPhone.Related Roundup: iPhone 18 Pro
This article, "iPhone 18 Pro Could Use Qualcomm Modem in the US and C2 Elsewhere" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through. This is not one big break. It is small permissions, weak checks, open systems, and normal tools doing things they were allowed to do. That same pattern runsView the full article
Apple's AirTag 2 is still available for the all-time low price of $89.00 this week, down from $99.00. This sale is on the 4-Pack of the AirTag 2, and it's one of the very few Prime Day deals that's stuck around since the event ended last week.

Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

The new AirTag is equipped with a second-generation Ultra Wideband chip, enabling the Precision Finding feature to work up to 50% farther away from an item compared to the previous-generation model. You'll also find a small discount on the 1-Pack right now on Amazon.

$2 OFFAirTag 2 (1-Pack) for $27.00
$10 OFFAirTag 2 (4-Pack) for $89.00

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "AirTag 2 Still Available for Best-Ever Price of $89 for 4-Pack" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Opera browser has announced a new security feature called Paste Protect that aims to stop clipboard-based cyberattacks before their malicious commands can be accidentally executed.


Opera says it's the first major browser to offer native protection against ClickFix attacks – a growing form of social engineering that tricks users into copying and pasting malicious commands into a computer's terminal. The new feature is built into Opera's desktop browsers and enabled by default.

ClickFix attacks typically masquerade as routine troubleshooting prompts, such as fake CAPTCHA verification or video playback fixes. Once pasted and executed, the commands can install malware, steal passwords, or give attackers remote access to a device. Opera describes the browsing risk as follows:
Opera features an existing clipboard hijack protection feature that prevents external applications from silently replacing copied content such as cryptocurrency wallet addresses. Paste Protect combines this with a new injection protection system that monitors clipboard activity for suspicious commands copied from websites and blocks potentially malicious content before it reaches the clipboard.

Users can see the first 120 characters of the blocked content, and developers working with trusted sources can override the block or mark specific sites as safe.

Opera cited research from cybersecurity firm Huntress that said ClickFix accounted for more than 53 percent of malware-loading cyberattacks last year, indicating the rapid growth of the technique.

Apple itself introduced a related safeguard for the Mac with the release of macOS Tahoe 26.4 earlier this year. Following the update, the operating system explicitly warns the user before they paste potentially dangerous commands into the Terminal app.

Opera browser is available now as a free update and can be downloaded from the company's website.Tag: Opera Browser
This article, "Opera Browser Gains Protection Against Malicious Clipboard Commands" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
For the last 19 years, the iPhone Photography Awards (IPPA) has selected the best photographs captured with an iPhone, and the 2026 award winners were announced today.


The IPPA 2026 Grand Prize image features a volcano dramatically erupting in the Cayman Islands, with the photo shot by Robyn Jensen on an iPhone 15 Pro.


The Gold Prize image by Gellért Gombai features two children napping on grass in the shadow of a badminton racket, with the photo shot in black and white using an iPhone X. There are also Silver and Bronze prize winners taken on iPhone 16 Pro and iPhone 16 Pro Max models, respectively.


There are other winners across a number of categories, including abstract, animals, architecture, children, cityscape, landscape, lifestyle, nature, people, portrait, series, still life, travel, and other. All of the winning images can be viewed on the IPPA website.

The contests are open to iPhone and iPad users worldwide, and images can be edited with iOS apps. It is worth noting that it costs money to send in a photo, but Apple devices are provided as prizes. The 20th annual entry deadline for submissions is March 31, 2027.
This article, "iPhone Photography Awards Highlight Best Images of 2026" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
TV Time, the popular show and movie tracking app, is shutting down on July 15, with all personal user data set to be deleted after that date.


In a support page update announcing the news, the company admitted that it was "no longer sustainable to continue operating the service as a free app," and said that there was "not enough demand for a paid app."

Come the shutdown date, the TV Time app will be removed from both the App Store and Google Play, and the tvtime.com website will go offline permanently.

Users who want to preserve their viewing history and tracked data can request an export through the app's GDPR self-service tool before the July 15 cutoff. The company says all personal user data will be deleted after that date, but it may retain aggregated, non-personal data for business or legal purposes.

TV Time has operated for more than a decade, and over that period it built a dedicated community around episode tracking, watchlists, and user ratings. In the wake of the closure announcement, users on the Resetera forums have suggested alternatives like Trakt, Serializd, and Simkl – although the latter's servers have reportedly struggled under a sudden wave of new sign-ups.
This article, "Popular Show Tracking App TV Time Shutting Down on July 15" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
A newly disclosed vulnerability in Argo CD is drawing attention to the security risks of GitOps platforms, with researchers warning that the flaw could allow attackers who gain a foothold inside a Kubernetes cluster to execute code and manipulate application deployments.
Security firm Synacktiv said in a report that the flaw affects Argo CD’s repo-server component, which fetches content from Git repositories and generates Kubernetes manifests used to deploy resources in a cluster. Argo CD is one of the most popular Kubernetes tools and is based on the GitOps paradigm.
“Argo CD requires significant privileges within the cluster,” Synacktiv said. “Additionally, it has access to private Git repositories, making it an attractive target for attackers.”
The issue centers on the repo-server’s unauthenticated GenerateManifest gRPC endpoint. Synacktiv said an attacker able to reach that endpoint could supply Kustomize options in a manifest generation request and abuse Kustomize’s Helm-related build options to execute attacker-controlled commands.
Exploitation requires access to both the repo-server gRPC port and the Redis database port, which should not be exposed to users. Argo CD provides Kubernetes network policies designed to prevent that scenario, but those protections are not enabled by default in Helm chart deployments, according to Synacktiv.
In such deployments, compromising a single pod inside the cluster could be enough to give an attacker the internal access needed to exploit the vulnerability.
Synacktiv said it was able to use the flaw to obtain the Redis password from the repo-server environment and access Argo CD’s Redis database. The researchers then manipulated cached deployment data, allowing a malicious manifest to be deployed automatically when Argo CD’s Auto Sync feature was enabled.
If Auto Sync is not enabled, exploitation would require a user to manually sync the application.
Synacktiv publicly disclosed the details on July 1, 2026, after first reporting the issue to Argo CD maintainers in January 2025. The vulnerability remains unpatched, and the firm recommended strict Kubernetes network policies to block untrusted pods from reaching the repo-server and Redis services until a fix is available.
Assessing internal cluster exposure
For CISOs, the key question is not only whether Argo CD is exposed to the internet, but whether other workloads inside the Kubernetes cluster can reach its internal services.
“Because the repo-server’s gRPC service does not enforce authentication, any pod that can reach it becomes equivalent to an authenticated attacker,” said Devashri Datta, a cybersecurity researcher. “In a typical cluster, that means any compromised application pod, misconfigured service mesh, or adjacent workload with local code execution can directly query the GenerateManifest endpoint or hit the Redis cache, no internet exposure required.”
Organizations should not equate “not internet-facing” with “low risk,” because modern attacks often begin with the compromise of an internal workload, according to Sakshi Grover, senior research manager for cybersecurity services research at IDC Asia/Pacific.
“CISOs should therefore evaluate which workloads can communicate with the Argo CD control plane, whether east-west traffic is appropriately segmented, and whether unnecessary trust relationships exist between application workloads and GitOps infrastructure,” Grover said. “The assessment should focus on attack paths rather than perimeter exposure.”
Treating GitOps as tier-zero
The flaw also underscores the role GitOps platforms play in controlling software deployment across enterprise infrastructure.
“GitOps engines aren’t utility services; they’re tier-0 control-plane components,” Datta said. “By design, Argo CD holds read access to private repositories, sync/write access to target clusters, and custody of deployment secrets. It sits at the precise intersection of source code, configuration management, and live infrastructure.”
That level of access means an Argo CD compromise may extend beyond a single application. An attacker could turn the platform used to deploy applications into a channel for malicious manifests, while also interfering with auto-sync behavior and extracting credentials cached in supporting systems such as Redis.
A compromise of these platforms could influence software delivery at scale, making them strategic assets that should be subject to stricter governance and privileged access controls similar to those applied to identity platforms and other critical management systems.
View the full article
Apple has told suppliers to prepare to make approximately 10 million foldable iPhones this year, up from a previous forecast of about 7-8 million units a few months ago, reports Nikkei Asia ($).


Apple has already booked parts for roughly 80 million smartphones for the second half of 2026, which includes the iPhone 18 Pro, iPhone 18 Pro Max, and the first-ever foldable iPhone. The company's full 2026 production is expected to top 220 million units, according to the publication.

Apple's purchasing power is said to have left it better positioned than rivals like Xiaomi, Oppo, and Vivo, which have each cut annual production targets below 100 million units amid an industry-wide memory shortage.

Some suppliers have reportedly been told to expect orders for as many as 85 million new iPhones in the second half of 2026, with Apple asking them to reserve iPhone 17 components for the coming iPhone 18 lineup.

Engineering problems tied to the foldable iPhone's hinge appear to have been resolved, but that has raised the odds of a small initial shipment following the device's launch. A larger production run likely won't begin until closer to the end of the year.

Apple raised prices on MacBooks and iPads last month in response to rising component costs, but the iPhone 17 lineup has so far been spared from a price hike. If that remains the case, Apple will likely use the new devices launches to introduce increased pricing across the lineup. IDC has predicted that the foldable will carry an average selling price of $2,500, with storage options potentially priced as high as $3,000.

Apple's foldable iPhone is rumored to feature a 7.8-inch inner display and a 5.5-inch cover display, along with Touch ID instead of Face ID, an A20 chip, and Apple's C2 modem. The device is expected to be released alongside the iPhone 18 Pro models in September. Apple's book-style foldable could launch as the "iPhone Ultra," as suggested by reports.Related Roundup: iPhone FoldTags: Foldable iPhone, Nikkei
This article, "Apple Ramps Foldable iPhone 'Ultra' Production to 10 Million Units" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a large language model handled the whole job: breaking in, stealing credentials, moving deeper into the network, then encrypting and wiping a company's production database. Ransomware has alwaysView the full article
The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions. "An operator tied to FortiBleed's infrastructure was found actively working negotiation panels for both groups, tying mass FortiGate credential theft directly to ransomware deploymentView the full article
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs. Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack andView the full article
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-45659 (CVSS score: 8.8), is a case of remote code execution arising from the deserialization of untrusted data. The issueView the full article
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) that can be exploited through prompt injection to achieve remote code execution (RCE).
The two flaws, tracked as CVE-2026-50548 and CVE-2026-50549, allow attackers to break out of Cursor’s command execution sandbox, the protective layer that’s supposed to prevent the internal AI agent from performing rogue actions on the underlying operating system.
“The exploit requires no prior user privileges or specific user interaction,” researchers from Cato Networks, who found the flaws, said in their report. “It is triggered when a victim makes an innocuous prompt that inadvertently ingests a threat actor-controlled payload from an untrusted source, such as an MCP server or a web search result.”
Cursor, which was recently acquired by SpaceX for $60 billion in stock, produces one of the most widely used AI-assisted coding tools used in the enterprise space. The two flaws were patched in version 3.0 of the Cursor IDE, which was released in April.
Native vulnerability in LLMs
Large Language Models (LLMs) are natively vulnerable to malicious instructions that could be hidden inside the content they process. This is particularly dangerous in the age of agentic AI, where LLMs are combined with a variety of tools, including browsers and APIs that allow them to access a variety of third-party public content, such as parsing web pages in search results and RSS feeds, code in repositories, comments in bug trackers, emails in users’ inboxes, and their documents.
Protecting AI tools from prompt injection is very hard, and usually involves a layered approach, including guardrails built into the model by the AI lab that created it, instructions in system prompts to treat certain content as passive data, supervisor models running on top of the LLMs that process data, traditional keyword filtering, context segmentation, granular access controls, adding humans back into the loop to approve sensitive operations and more.
AI-assisted IDEs like Cursor, as well as command line agentic coding harnesses, usually prompt the user for approval by default for every file modification or command they need to execute. But this is not practical for autonomous coding workflows, and quickly leads to approval fatigue.
Another way to address that issue is to run these autonomous workflows inside containers, virtualized environments, or sandboxes, so that if the agents execute malicious instructions due to rogue prompts injected in third-party data sources, the impact is limited. Cursor uses a command execution sandbox that by default limits file writes to the current project’s directory.
Logic flaws in the isolation layer
However, the Cato researchers discovered that the run_terminal_cmd tool supports a parameter called working_directory that allows overriding that default path programmatically.
“A prompt injection (served through an innocuous MCP server request, or a poisoned web result) can steer the LLM to set the working_directory to a threat actor-controlled path outside the project scope,” they explained.
By exploiting this oversight, attackers could overwrite the cursorsandbox executable itself from the application path, or could write malicious scripts to the shell configuration file which gets loaded every time the user executes a command, or to the system’s start-up folders such as ~/Library/LaunchAgents on macOS.
Separately, the researchers also found that attackers could instruct the Cursor agent to create a symbolic link (symlink) file inside the project directory, pointing to a file that resides outside of the directory.
“By default, the Cursor Agent attempts to canonicalize paths (resolving symlinks) to determine their true location and verify they are within the project root,” the researchers said. “The vulnerability occurs because the canonicalization logic contains a dangerous fallback: if canonicalization fails (for example, when the path doesn’t exist or if the path lacks read permissions on one of its directories), Cursor falls back to using the original symlink path inside the project directory.”
These two vulnerabilities, which Cato has dubbed DuneSlide, can allow complete compromise of the underlying operating system through executing code outside of the restricted Cursor sandbox. More than that, however, they show that prompt injection can be an attack vector for exploiting vulnerabilities in the software used to implement the AI agents.
Cursor is far from the only AI-powered IDE or coding harness, and, according to the researchers, not the only one that has such logic flaws in its isolation layers.
“Had these issues been singular cases of compromise via prompt injections, we might have attributed them to specific vulnerabilities,” they said. “Cato AI Labs, however, is in the process of responsibly disclosing vulnerabilities in all popular coding agents, highlighting that a more systemic approach to protection is required.”
View the full article
Anthropic's Fable 5 model is once again available for use, the company said today. Claude users are now seeing the option to use Fable 5, with Anthropic rolling out an in-app message.


Through July 7, eligible Claude subscribers can use up to 50 percent of their plan's weekly usage limit on Fable 5. After hitting that limit, Fable 5 use will require credits. After July 7, Fable will be available through usage credits.

Fable 5 is Anthropic's first Mythos-class model that's available for the public, and it first came out on June 9. Fable 5's capabilities exceed those of any model it has made generally available, and it has demonstrated "exceptional performance" for software engineering, knowledge work, vision, scientific research, and more. It outperforms Opus models on longer, more complex tasks. Fable 5 can work autonomously for longer than any prior Claude model.

Though Anthropic released Fable 5 with conservative safeguards to prevent misuse, the Trump administration applied export controls to the model, forcing Anthropic to restrict access to foreign nationals. Anthropic had no way of verifying the nationality of people using its models, so it had to suspend access to Fable 5. At the same time, Anthropic also had to restrict access to Mythos 5, the next model in its Project Glasswing initiative for major companies and federal agencies seeking help defending critical infrastructure.

The order came after Amazon researchers found a prompt able to bypass Fable's safeguards, and the model found software vulnerabilities. Anthropic investigated and discovered that older models and models from competing companies could also locate the same vulnerabilities. Anthropic ended up shipping a new classifier that blocks the technique in more than 99 percent of cases.

Fable 5 is available for Pro, Max, Team, and select Enterprise plans. Anthropic has also restored Mythos 5 access for U.S. organizations that are part of Project Glasswing.

Anthropic says that it is deepening its cooperation with the U.S. government on new pre-release testing, information sharing, and research collaboration.Tag: Anthropic
This article, "Anthropic's Claude Fable 5 Available Again After U.S. Lifts Export Controls" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
The Maps app didn't get as many iOS 27 updates as some of Apple's other apps, but there are still several useful features worth knowing about.


Flyover Improvements

Apple is upgrading Flyover in ‌iOS 27‌, making it more detailed than before. It combines aerial imagery with Vision Intelligence models to add more texture and sharper visuals for trees, architecture, and more.


Apple says select cities around the world are rendered in sharper, more lifelike detail with improvements to everything from the "shapes of individual trees to the way light reflects off the glass of skyscrapers."

Flyover is an Apple Maps feature that offers detailed 3D landmarks, roads, parks, buildings, and more in more than 350 cities. The current version of Flyover uses aerial imagery captured by planes, but the new ‌iOS 27‌ version improves the quality using AI.

New Maps Icon

Apple updated several of its Liquid Glass app icons in ‌iOS 27‌ to add more glass-like layers. Icons have more depth, and the Maps app icon makes the difference especially clear.

Local Lists

Local Lists uses intelligent insights from what's trending around you for suggestions on places you should visit. Maps surfaces locally relevant collections of places to make it easier to find popular and interesting locations to visit.


Local Lists is privacy-focused and does not use information tied to individual users. It is a U.S.-only feature.

Trending Restaurants

In the Search interface, there's a Trending Restaurants section that shows you the top restaurants in the area you're in.


Natural Language Search Expansion

Natural language search in Maps now lets you ask for directions that avoid toll roads or highways.

Widgets

On the Apple Watch, there's a new Parked Car widget in the Smart Stack so you can easily see your car's last known location, with info synced from the iPhone.

Offline Maps

Apple says Offline Maps have improved in ‌iOS 27‌. More locations are shown on the map, labels are darker and clearer, and there are icons that are easier to view at a glance. When you tap on a location, like a town, it will zoom into the area automatically so you can see what's there.

Visited Places

The Visited Places feature is more accurate in ‌iOS 27‌ and less likely to miss locations. Visited Places keeps track of locations you've been to, organizing stops by category and location. It's accessible by tapping on your profile picture, choosing Places, and selecting Visited Places.


Visited Places is also expanding to more locations in ‌iOS 27‌.

More iOS 27 Features

For more on what's new in ‌iOS 27‌, we have a dedicated roundup.Related Roundups: iOS 27, iPadOS 27Tag: Apple Maps
This article, "iOS 27: All the New Apple Maps Features" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple is planning to release new 11-inch and 13-inch iPad Pro models in spring 2027, reports Bloomberg. No major design changes are expected, with Apple focusing on internal upgrades.


The ‌iPad Pro‌ models could use either M6 chips or M7 chips. Apple will introduce the M6 chip as soon as this year in an updated 14-inch MacBook Pro model, but it is aiming to release the M7 chip in the first half of 2027.

Bloomberg does not specify which chip Apple will put in the ‌iPad Pro‌, but if the M7 chip is ready by spring 2027, the new iPads could have the upgraded chip. If it's not ready, they'll use the M6. Both chips will be built on Apple's new 2-nanometer process, but the M7 has AI optimizations that the M6 doesn't have.

Apple has also tested a vapor chamber cooling system that could improve performance.

Little else is known about the new ‌iPad Pro‌ models, but if they come out in spring 2027, Apple could introduce them alongside the iPhone 18e, iPhone 18, and iPhone Air 2, devices that are also slated for spring 2027.Related Roundup: iPad ProBuyer's Guide: iPad Pro (Neutral)
This article, "Apple to Launch New iPad Pro in Spring 2027" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple plans to release an updated 14-inch MacBook Pro with an M6 chip in late 2026, and then follow it with a revamped M7 model in the first half of 2027, reports Bloomberg.


Apple apparently finished work on a 14-inch ‌MacBook Pro‌ with an M6 chip "months ago," and the device is expected to launch before the end of the year. Apple's M6 chip cycle will be shorter than prior chip cycles because it is not planning for M6 Pro and M6 Max chips. Apple is aiming to have a quick transition between M6 and M7 because its M7 chips have optimizations for AI workloads.

The M7 ‌MacBook Pro‌ coming in 2027 will have a new design that's "in line" with the design that Apple plans to use for its rumored high-end OLED touchscreen ‌MacBook Pro‌ models. Prior rumors have suggested the high-end ‌OLED‌ ‌MacBook Pro‌ models could get a slimmed down design.

It's still unclear when the ‌OLED‌ ‌MacBook Pro‌ models will come out, but Bloomberg believes a launch is slated for the end of 2026 or early 2027.

Apple's release timelines are uncertain because of the ongoing memory chip shortages and increased costs that it's dealing with.

Apple has a long list of products that could come in the first half of 2027, including new iPad Pro models, the iPhone Air 2 with a second camera, the iPhone 18, and the iPhone 18e.Related Roundup: MacBook ProBuyer's Guide: MacBook Pro (Buy Now)Related Forum: MacBook Pro
This article, "M6 MacBook Pro Coming in Late 2026, Redesigned M7 Model Launching in 1H 2027" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March 2016. Apple designed ‌Safari Technology Preview‌ to allow users to test features that are planned for future release versions of the Safari browser.


‌Safari Technology Preview‌ 247 adds the Safari Model Context Protocol (MCP) server meant to speed up web development and debugging. With the MCP server, an AI agent can emulate what users experience on a website, providing better information for debugging.

Any MCP-compatible client can connect to the Safari MCP server. More information is available on Apple's WebKit site.

‌Safari Technology Preview‌ 247 also includes fixes and updates for Accessibility, CSS, Fonts, Forms, HTML, JavaScript, MathML, Media, Model Element, Networking, Rendering, SVG, Scrolling, Security, Spatial Web, Text, Web API, WebDriver, and WebGL.

The ‌Safari Technology Preview‌ update is available through the Software Update mechanism in System Preferences or System Settings to anyone who has downloaded the browser from Apple's website. Complete release notes for the update are available on the Safari Technology Preview website.

Apple's aim with ‌Safari Technology Preview‌ is to gather feedback from developers and users on its browser development process. ‌Safari Technology Preview‌ can run side-by-side with the existing Safari browser and while it is designed for developers, it does not require a developer account to download and use.Tag: Safari Technology Preview
This article, "Apple Releases Safari Technology Preview 247 With MCP Server for AI Agent Integration" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple is in talks to buy memory from Chinese semiconductor companies ChangXin Memory Technologies Co. (CXMT) and Yangtze Memory Technologies Co. (YMTC), reports Bloomberg, citing sources with knowledge of the talks. Discussions between Apple and the chipmakers are ongoing, and no deal has been finalized yet.


Financial Times previously reported Apple was looking into working with CXMT and YMTC to get RAM at a lower cost, and there were also several reports from South Korean sites on the possibility. Apple recently raised the prices of Macs, iPads, and other devices, and consumers are now forced to pay more for many Apple products.

Apple increased its prices because of an ongoing global memory shortage that has driven costs up. Chipmakers are focusing on chips for AI servers, leaving less supply for consumer devices. With demand outpacing supply, memory manufacturers can charge higher prices.

Both CXMT and YMTC are on the Defense Department's 1260H list of Chinese companies that the U.S. suspects have ties to the People's Liberation Army. YMTC is also on a U.S. Commerce Department blacklist that prevents U.S. companies from selling to companies on the list without an export license.

Apple is not required to get U.S. approval before buying chips from the Chinese companies, but working with the Trump administration would prevent political upset. Apple is hoping to get a green light on the deal, and it wants to keep CXMT off the Commerce Department's Entity List, which would prevent it from using CXMT as a supplier.

Bloomberg says Apple CEO Tim Cook has spoken with Trump administration officials, including Treasury Secretary Scott Bessent. Apple has proposed using the chips sourced from the companies in devices meant for the Chinese market, freeing up chips from other suppliers for the U.S.

Some Trump administration officials are reportedly against letting Apple source chips from CXMT and YMTC, so it's not clear if the talks will lead to an agreement. Apple previously tried to source memory from YMTC in 2022, but the talks ended after congressional backlash.Tag: China
This article, "Apple in Talks to Buy Memory Chips From Chinese Makers CXMT and YMTC" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Elon Musk's SpaceX may be aiming to compete with Apple in the future. The company showed investors a prototype for a "handset-like device designed to reshape how humans interact with artificial intelligence," according to The Wall Street Journal.


The device is described as being slimmer than an iPhone, with a "sleek design." It runs a proprietary operating system, has a Qualcomm chipset, and integrates AI tech from SpaceX subsidiary xAI. In the past, Musk has talked about an "everything app" like China's WeChat, and the device investors were shown apparently drew on that concept.

SpaceX was showing the prototype to investors and stakeholders ahead of its IPO, and said the project was in the early stages of development. The final design could change, and it is not known if it will actually come to market.

Musk has talked about designing a smartphone in the past. He said he would develop one if X (formerly Twitter) was removed from the App Store by Apple. In November 2025, he said he didn't want to make a phone, but he would if Apple and Google did "really bad things" like censorship. In a town hall meeting, Musk said the idea of making a phone "makes me want to die," but one of his companies would make a phone if needed.

Earlier this year, Musk said explicitly that SpaceX is not developing a phone, but The Wall Street Journal says some SpaceX and Tesla investors were told Musk "has long envisioned" a device that would be a platform for Tesla, SpaceX, and xAI technologies. Musk has denied the report, calling it "utterly false."Tag: Elon Musk
This article, "Elon Musk's SpaceX Showed Off Prototype AI Device" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the component's internal network port. Synacktiv, which found the bug, says it can lead to a full cluster takeover. There is no fix and no CVE. The firm says it reported the flaw to Argo CD's maintainers inView the full article
A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy, computer intrusion, and fraud, the U.S. Department of Justice announced on July 1. Peter Stokes, 19, a dual U.S. and Estonian citizen, appeared in a Chicago federal court on June 30, where a judge ordered him held in custody. Finnish policeView the full article
Google today launched Gemini Spark for its macOS desktop app, allowing the AI agent to automate tasks involving local files and desktop workflows.


Google announced the update today, adding a dedicated Spark tab to the sidebar of the Gemini app for macOS. The feature allows the AI agent to take action on files stored locally on a user's computer rather than just responding to questions in a chat window.

Users can perform actions such as sorting PDFs from a Downloads folder into labelled subfolders, or pulling figures from locally saved invoices to build a Google Workspace budget spreadsheet on a set schedule. Users control which folders Spark can see by linking them in the sidebar and can revoke that access at any time. Google says a future update will allow users to start tasks on their Mac from a phone.

Google also announced a series of third-party integrations for Spark on web and mobile. New connected apps include Google Tasks, Google Keep, Canva, Dropbox, Instacart, OpenTable, and Zillow Rentals, enabling actions like converting Keep notes into task lists, reserving restaurant tables, ordering groceries, and booking apartment tours. Those integrations are rolling out over the next week, with macOS support to follow in the weeks after.

Support for custom Model Context Protocol (MCP) servers is also arriving, giving users a way to connect additional services directly into Spark. Google also adds real-time topic tracking, allowing Spark to monitor blogs, news sites, social media, finance, sports, shopping, weather, and email and alert users when specified conditions are met.

Gemini Spark for macOS is available in beta to Google AI Ultra subscribers aged 18 and over in the United States, starting with version 1.80.15.516 of the Gemini desktop app. Google AI Ultra starts at $99 per month.Tags: Artificial Intelligence, Gemini, Google
This article, "Google Gemini Spark Comes to Mac With Local File Automation" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple's annual WWDC developers conference is in the rearview mirror, but there is still a lot to look forward to in the second half of the year.


July Update: Bloomberg's Mark Gurman this week reported that Apple has planned to update the 14-inch MacBook Pro base model with an M6 chip later this year, and that means the company is now rumored to have at least 16 new products in the pipeline for the rest of 2026. Our list of rumored new products has been updated accordingly.

Now that the more intelligent and personal version of Siri has finally arrived in beta, a full two years after Apple first previewed it at WWDC 2024, we should begin to see some new devices that were reportedly postponed until the new Siri was ready.

Beyond the usual annual updates to iPhones and Apple Watches in September, Apple's all-new smart home hub is expected to debut later this year. We are also expecting a foldable iPhone Ultra and long-awaited updates to the Apple TV, HomePod, and HomePod mini. And a redesigned MacBook Ultra with an OLED display is expected by early 2027.

Here is what to expect from Apple later this year, according to rumors.

iPhones

iPhone 18 Pro: A20 Pro chip, a smaller Dynamic Island, a simplified Camera Control button, a Dark Cherry color option, variable aperture for at least one rear camera, Apple's C2 modem with support for 5G web browsing via satellite, and more.
iPhone 18 Pro Max: The same features rumored for the iPhone 18 Pro, but the Pro Max model may or may not be slightly thicker.
iPhone Ultra: A foldable iPhone Ultra with a 7.7-inch inner display and 5.3-inch outer display, two rear cameras, one front camera, a Touch ID power button instead of Face ID, and more. iOS 27 is expected to be tailored for the foldable iPhone, allowing for side-by-side apps and other iPad-like multitasking functionality.Apple Watches
Apple Watch Series 12: A faster S11 chip or newer, plus design changes such as Touch ID and/or more health sensors (disputed).
Apple Watch Ultra 4: A faster S11 chip or newer, plus design changes such as Touch ID and/or more health sensors (disputed). There may also be additional satellite features for the Apple Watch Ultra 3 and newer, such as Apple Maps via satellite and the ability to send and receive photos with Messages via satellite.iPads
iPad 12: A16 chip → A18 chip or A19 chip with Apple Intelligence support.
iPad mini: A17 Pro chip → A19 Pro or A20 Pro chip, an OLED display, a vibration-based speaker system, and a water-resistant design.
Macs

Mac Studio: M4 Max and M3 Ultra chips → M5 Max and M5 Ultra chips.
Mac mini: M4 and M4 Pro chips → M5 and M5 Pro chips.
iMac: M4 chip → M5 chip, plus new color options.
MacBook Pro: A new 14-inch MacBook Pro base model with an M6 chip.
MacBook Ultra: A major MacBook Pro redesign in late 2026 or early 2027, with M5 Pro and M5 Max chips, an OLED display, a touch screen, a Dynamic Island, and a thinner design. On this laptop, which will reportedly be named MacBook Ultra, macOS 27 is expected to offer a touch-friendly interface.Home

Apple TV: A17 Pro chip with support for the more personalized Siri, and Apple's N1 chip with Wi-Fi 7 support. A built-in FaceTime camera has been rumored for a future Apple TV, but it is unclear if that will arrive with the next model.
HomePod mini: S9 chip or newer with support for the more personalized Siri, Apple's N1 chip with Wi-Fi 7 support, improved sound quality, a second-generation Ultra Wideband chip, and potentially new color options like red.
HomePod: A new full-sized HomePod that supports the revamped Siri.
Home Hub: An all-new smart home hub featuring the more personalized version of Siri, a 6-inch to 7-inch square display, an A18 chip for Apple Intelligence, FaceTime, and more. Place it on a table or mount it on a wall.
This article, "Apple to Release These 16 New Products Later This Year" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
iOS 27 adds a new copy-and-paste feature to the iPhone's keyboard, enabling convenient one-tap pasting for text, photos, links, and more.


For example, if you copy a link in Safari and move to the Notes app, a "paste from Safari" option with the link will automatically appear above the keyboard. Tapping on the shortcut adds the link to the note. Or if you copy a photo in the Reddit app and open the Messages app, a "paste from Reddit" option will appear above the keyboard.

Given this feature is built into the keyboard, it works across many combinations of apps, making pasting more convenient across iOS 27.

The keyboard has already surfaced one-time verification codes since iOS 12.

iOS 27 is currently available in developer beta, with a public beta to follow in July. The update is expected to be released to all users with an iPhone 11 or newer in September, and this small yet useful feature will likely be popular.Related Roundups: iOS 27, iPadOS 27
This article, "iOS 27 Adds a Useful New Copy-and-Paste Feature to Your iPhone" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Soaring demand for the iPhone 17 lineup seems to have finally come to an end, amid rumors that Apple has finally lowered expectations and reduced production plans by 15%.


In a pair of posts on Weibo, the leaker known as "Fixed Focus Digital" said the claim comes from reliable sources within the supply chain. The leaker said that the ‌iPhone 17‌'s current outlook "won't hold for long," adding that "major global smartphone manufacturers — Apple included — have all lowered their shipment forecasts."

The second post provides broader industry context for that claim. Xiaomi has reportedly reduced its shipment targets by approximately 20–30%, while OPPO, vivo, and Honor are also lowering their targets by roughly 15–30%.

A simpler explanation for softening ‌iPhone 17‌ demand may be the natural product cycle. The iPhone 18 Pro and ‌iPhone 18 Pro‌ Max are expected to launch in September alongside Apple's first foldable iPhone, and many customers who were going to buy an ‌iPhone 17‌ model have likely already done so following a near-record sales run stretching back to launch last September.

As recently as June, TrendForce reported that Apple's iPhone production surged 19.7% year-over-year in the first quarter of 2026, even as the broader global smartphone market contracted 1.7% over the same period. That report attributed Apple's strong output to the launch of the iPhone 17e alongside ongoing production ramp-up for the broader ‌iPhone 17‌ lineup, and described Apple as better positioned than most competitors to absorb rising memory component costs without sacrificing profitability.

In May, Counterpoint Research's Global Handset Model Sales Tracker found the iPhone 17 was the best-selling smartphone globally in the first quarter of 2026, capturing 6% of worldwide unit sales, with the iPhone 17 Pro Max and ‌iPhone 17 Pro‌ in second and third place. A separate Counterpoint report that same month found Apple had topped the global smartphone market in a first quarter for the first time ever, capturing 21% of global shipments and growing 9% year-over-year even as the overall market contracted 3%.

The ‌iPhone 17‌ lineup's strong run began at launch. Shortly after release in September 2025, Apple told two suppliers to increase daily ‌iPhone 17‌ output by at least 30% following a strong pre-order weekend, and Counterpoint found the lineup outsold the iPhone 16 models by 14% during the first 10 days in the United States and China. In January, Apple CEO Tim Cook told CNBC that demand for the iPhone during the holiday quarter was "simply staggering" and had surpassed the company's own expectations, with iPhone revenue reaching $85.2 billion, a new all-time high.

After nine months and with another generation on the horizon, it was inevitable that the ‌iPhone 17‌ lineup's remarkably strong run would come to an end eventually. Related Roundups: iPhone 17, iPhone 17 Pro, iPhone 17eTag: Fixed Focus DigitalBuyer's Guide: iPhone 17 (Neutral), iPhone 17 Pro (Caution), iPhone 17e (Buy Now)Related Forum: iPhone
This article, "Apple Has Reportedly Cut iPhone 17 Lineup Production" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Last week, Apple introduced major price hikes across a number of products, including Macs, iPads, and more. This week, Apple's newly increased prices have begun to hit third-party retailers like Amazon, but there are a few select products that are retaining original prices, which now represent solid discounts on each device.

MacBook Pro

Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

There are now just three models left at notable low prices in the wake of Apple's price hikes. Prices start at $2,549.99 for the 24GB/2TB 14-inch M5 Pro MacBook Pro, now a $449 discount on the new price of this model. You'll also find two 16-inch devices on sale this week on Amazon, but we don't expect these discounts to last much longer.

$449 OFF14-inch M5 Pro MacBook Pro (24GB/2TB) for $2,549.99
$349 OFF16-inch M5 Pro MacBook Pro (24GB/1TB) for $2,649.99
$549 OFF16-inch M5 Max MacBook Pro (36GB/2TB) for $3,849.99iPad Air


Amazon has up to $350 off the M4 iPad Air, although stock is quickly dwindling compared to sales from last week. Prices now start at $559.00 for the 128GB Wi-Fi 11-inch iPad Air, a $190 discount on the newly increased price of this model.

$190 OFF11-inch M4 iPad Air (128GB Wi-Fi) for $559.00
$210 OFF11-inch M4 iPad Air (512GB Wi-Fi) for $839.00
$200 OFF13-inch M4 iPad Air (128GB Wi-Fi) for $749.00
$230 OFF13-inch M4 iPad Air (512GB Wi-Fi) for $1,019.00
$350 OFF13-inch M4 iPad Air (1TB Wi-Fi) for $1,199.00

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Last Chance: Get the 2026 MacBook Pro and iPad Air for Pre-Hike Prices Before They're Gone for Good" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
A flaw in Apple's Hide My Email service can reportedly allow almost anyone to uncover the real email address behind a generated alias, and Apple has failed to address it for more than a year since it was first reported.


404 Media is withholding the technical specifics of the vulnerability because it remains exploitable, but the publication verified the issue this week using one of its own Hide My Email addresses. In tests with volunteers by the researcher who discovered the flaw, 100% of Hide My Email addresses were found to be exploitable.

Tyler Murphy, co-founder of EasyOptOuts, discovered the issue and responsibly reported it to Apple in June 2025, along with instructions to replicate it. Apple acknowledged the report a month later and said it was investigating. Murphy said:



In March 2026, Apple told Murphy it had "addressed the reported issue in a recent system change," but Murphy found the flaw had not in fact been closed. He provided further information, and Apple replied again to say it was still investigating.

In May, Apple once more said the issue remained under investigation and asked Murphy not to disclose it publicly until the inquiry was complete. Murphy proposed that Apple suspend the creation of new Hide My Email addresses as an interim measure to limit customer risk, but there is no indication that suggestion was acted on. By the end of May, Apple said it expected to address the issue in a security update "expected in the coming weeks."

Hide My Email is an iCloud+ feature that lets users generate random alias email addresses, primarily for use when signing up to services or corresponding with third parties. It is designed to protect a user's real email address from spam, data breaches, and unwanted identification.

Murphy noted that numerous people-search databases are freely available online and can tie an email address to a person's other personal details, meaning anyone depending on Hide My Email for their safety may be more exposed than they realize. Last month, it emerged that Apple's decision to move Hide My Email to a dedicated "private.icloud.com" domain appears to have the consequence of making it easier for platforms that want to block ‌iCloud‌ aliases to do so.Tag: Apple Mail
This article, "Apple Hide My Email Vulnerability Exposes Real Email Addresses" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
AI coding agents are quickly becoming part of everyday development workflows. Today, AI tools can write and execute code, install dependencies, debug repositories, interact with APIs, automate terminal tasks, and modify project files. What once required constant developer involvement can increasingly be delegated to AI-assisted workflows. 
This shift is exciting, but it also changes an important assumption in software development: Should AI-generated code run directly on your machine? As AI agents become more capable, developers need safer ways to experiment, automate, and execute AI-assisted workflows.
That is where isolation becomes important. Docker Sandbox (sbx) introduces a more secure execution model for AI workflows by combining sandbox isolation, microVM-based protection, customizable environments, secure credential handling, and controlled network access. This article explores why isolation matters for AI agents, what Docker SBX changes, and how Sandbox Kits help create safer AI development environments.
The Shift From AI Assistance to AI Action
For years, AI developer tools mostly acted as assistants. They suggested code, explained concepts, or answered questions. Modern AI agents are different. Instead of only suggesting code or answering questions, they can run terminal commands, install packages, edit repositories, access external services, execute generated scripts, and interact directly with development environments. This shift moves AI systems from passive assistance toward active participation in software workflows. That creates new possibilities for productivity. It also introduces new risks.
AI systems generate outputs probabilistically. Even strong models can make mistakes, misunderstand context, or generate unsafe commands. A generated command might:
remove important files expose credentials install malicious dependencies modify configurations unexpectedly access sensitive local data In traditional workflows, developers directly control these actions. With AI agents, developers increasingly supervise actions generated by the model itself. That changes the security model.
Why Isolation Matters
The core idea is simple: AI-generated actions should not automatically receive unrestricted access to a developer’s host machine. Isolation creates a controlled boundary between the host system, the AI agent, generated code, and the external tools and services the agent may interact with. This explicitly helps reduce accidental filesystem damage, credential exposure, unrestricted network access, persistence risks, and unsafe experimentation. 
One example discussed frequently in the Docker SBX community is running:
bash sudo rm -rf /* inside a sandbox while the host machine remains protected. The example is intentionally dramatic, but it highlights an important point: AI-generated commands should execute inside environments designed to contain mistakes safely. Isolation is not just a security feature. It is becoming an important part of responsible AI-assisted development.
A New Approach to AI Agent Isolation
Containers already provide lightweight isolation and are foundational to modern development workflows. But AI workloads introduce additional considerations. A common question raised around Docker SBX is:
Why use microVMs instead of standard containers alone? Traditional containers share the host kernel.
For many workloads, that model works extremely well. 
However, AI agents may execute untrusted code, interact with external repositories, dynamically generate commands, access APIs and credentials, and automate sensitive workflows. These workflows can benefit from stronger isolation boundaries. Docker SBX introduces a microVM-based approach designed to provide additional protection while still maintaining a developer-friendly experience. 
Another recurring question has been: Why did Docker build its own VMM instead of using Firecracker?
The reasoning shared publicly is that Docker wanted an approach that works across Windows and Mac environments in addition to Linux-focused deployment scenarios. The goal is simple: AI tooling should remain accessible across developer operating systems while improving isolation for modern AI workflows.
Understanding Docker SBX
Docker SBX focuses on creating isolated environments for AI-assisted development. The platform emphasizes secure execution, sandboxed environments, controlled networking,  safer credential handling and customizable workflows. One particularly interesting part of SBX is how credentials are managed. According to the official documentation, credentials stay on the host and are routed through a proxy instead of directly entering the sandbox VM.
This matters because AI agents increasingly interact with APIs, model gateways, cloud services, development platforms, and external tooling. Reducing direct credential exposure helps improve the safety of these workflows. The official documentation also explains how the proxy-managed credential system works. Inside the sandbox, the agent works with a sentinel placeholder value. The proxy then replaces the outgoing authentication header with the real credential before the request leaves the sandbox environment. This means the real secret never directly enters the VM. That design reflects an increasingly important principle for AI tooling: safer execution environments matter just as much as model capability.
Sandbox Kits: Where Isolation Becomes Practical 
While exploring Docker SBX, one thing that stood out to me was that isolation is only part of the story. Running AI agents inside an isolated environment provides a stronger security boundary, but teams still need a practical way to configure, secure, and standardize those environments. That is where Sandbox Kits play an important role.
According to Docker’s documentation, a Kit can package tools, environment variables, credentials, network rules, files, startup commands, and even memory instructions for an agent into a single reusable specification. Rather than manually configuring every sandbox, teams can define these capabilities once and reuse them across projects and teams. 
What makes Kits particularly interesting is that they are not simply templates or setup scripts. Docker SBX applies and enforces Kit-defined capabilities at runtime. This means that tooling requirements, network policies, proxy-managed credentials, and agent guidance can travel with the sandbox environment itself rather than relying on manual configuration.
This becomes increasingly valuable as AI agents take on more responsibility. An organization may want every AI coding agent to start with approved tools, access only specific services, authenticate through proxy-managed credentials, and follow internal development standards. Without a reusable mechanism, maintaining those controls consistently across environments can quickly become difficult.
Sandbox Kits help address that challenge by turning environment configuration into a reusable artifact. Teams can package their requirements once and apply them repeatedly, creating more consistent and secure AI workflows while preserving the isolation boundaries provided by Docker SBX. MicroVM isolation provides the foundation, while Sandbox Kits help turn that foundation into repeatable day-to-day AI workflows.
Sandbox Kits Make AI Workflows Practical
One of the most interesting additions to Docker SBX is Sandbox Kits. Kit packages reusable customizations for sandbox environments. According to the official documentation, Kits can install tools, configure environment variables, inject files, run startup commands, control allowed domains, and manage credentials through proxy-based injection. This allows teams to create repeatable AI environments tailored to their workflows. For example, a team could create a secure AI coding environment, a research sandbox, a data science workspace, a controlled API testing setup, or an internal experimentation environment.
Kits as Reusable AI Environment Blueprints
Sandbox Kits are useful not only for customizing individual sandboxes but also for creating consistent AI environments that can be reused across teams and projects. Instead of manually configuring environments every time an AI agent is launched, teams can create reusable Kits that package tools, network policies, credentials, files, startup logic, and agent instructions into a single definition. Docker SBX then applies and enforces those capabilities when the sandbox runs.
For example, an engineering team could create a coding-focused Kit that installs approved development tools, restricts outbound access to trusted services, injects shared configuration files, and provides secure access to internal APIs through proxy-managed credentials. Every AI coding session would start with the same controls and capabilities. Similarly, a research team could create an evaluation Kit that installs benchmark tooling, configures required dependencies, injects project instructions through agent memory, and standardizes how experiments are executed. This helps improve reproducibility while maintaining isolation.
Another interesting capability is agent memory. Docker Kits can append instructions and guidance to files such as AGENTS.md or CLAUDE.md, allowing teams to provide project conventions, workflow guidance, or tool-specific instructions directly to the agent at startup. Taken together, these capabilities make Kits more than a customization feature. They provide a practical way to package secure AI environments that teams can share across projects. For example, a developer could start a sandbox with a custom Kit using:
sbx run claude --kit ./my-kit/ This launches an isolated environment with predefined tools, startup commands, and built-in security controls, making it easier to create repeatable AI environments safely.
The documentation also distinguishes between two types of Kits:
Mixin Kits vs Agent Kits
Docker SBX supports two different types of Kits, each designed for a different level of customization.
Mixin Kits
Mixin Kits extend an existing agent with additional capabilities. Rather than creating a completely new environment, they allow teams to layer functionality onto agents they already use. Common examples include:
installing linters or developer tools injecting shared team configuration providing access to approved external services adding organization-specific instructions or workflows This makes Mixin Kits useful when teams want to standardize capabilities without changing the underlying agent experience. Multiple Mixin Kits can also be stacked on the same sandbox, allowing teams to combine capabilities as their workflows evolve.
Agent Kits
Agent Kits take a different approach. Instead of extending an existing agent, they define a complete agent environment from scratch. An Agent Kit can specify:
the container image the agent entrypoint networking behavior credential configuration persistence settings startup and installation logic This makes Agent Kits useful for organizations building internal agents, experimenting with custom agent architectures, or packaging specialized workflows that can be shared across teams. In practice, Mixin Kits help teams standardize and extend existing agents, while Agent Kits provide a framework for building and distributing entirely new agent experiences.
Why This Matters for AI Safety
Many conversations around AI safety focus on topics such as alignment, hallucinations, evaluations, misuse prevention, and model behavior. These are important challenges, but infrastructure-level safety is equally important as AI systems become more capable and autonomous. 
Even highly capable AI models can generate unsafe commands, misuse credentials, access unintended resources, and interact with untrusted code. For that reason, developers need strong runtime isolation, controlled execution environments, credential protections, network boundaries, and safer environments for experimentation. 
As AI agents become more autonomous, secure execution environments may become a foundational part of responsible AI development. Isolation is not about assuming AI will always fail. It is about building systems that safely contain mistakes when they happen. That principle has long existed in security engineering. Now it is becoming increasingly important for AI systems as well.
The Shift Toward Agentic Development
Many developers are already part of an AI adoption journey, even if they do not think of it that way. AI tools are rapidly moving from passive assistance toward:
autonomous execution agentic workflows AI-driven development environments automated coding systems That shift changes how developers think about security. Developers are no longer only running their own commands. They are increasingly reviewing and supervising commands generated by AI systems. As this transition continues, isolation may become a standard part of AI-assisted software development.
Architecture Diagram: Docker SBX Isolation Model
Figure 1: Docker SBX isolation model 
This architecture highlights the core SBX security model:
AI agents run inside an isolated sandbox credentials stay outside the sandbox Outbound requests pass through a secure proxy layer The host machine remains protected Workflow Diagram: Secure AI Agent Execution
Figure 2: Secure AI agent execution workflow using Docker SBX 
This workflow shows:
1. The developer launches Docker SBX.
2. The AI agent runs inside an isolated sandbox.
3. The agent accesses external services safely.
4. Results return while the host machine remains protected.
Official References
Docker Sandbox Kits Documentation Docker SBX CLI Docker Blog: Why MicroVMs? The Architecture Behind Docker Sandboxes Getting Started
Developers interested in experimenting with Docker SBX can explore the official Sandbox Kits documentation and SBX CLI reference to start building isolated AI workflows. Getting started is straightforward, as the standalone sbx tool installs quickly on macOS, Windows, and Linux without requiring full Docker Desktop dependencies. Even simple sandboxed setups can help create safer environments for AI-assisted development and experimentation.
Conclusion
AI coding agents are reshaping how software is built. But more capability also requires stronger safety boundaries. Docker SBX introduces an approach focused on isolation, microVM-based protection, secure execution, customizable sandbox environments, and safer AI-assisted workflows. Sandbox Kits further extend this model by making secure and repeatable AI environments easier to build and share.
As AI agents continue to evolve, secure execution environments may become just as important as the models themselves. Ultimately, the future of AI development is not only about building more capable systems. It is also about building systems that can operate safely. And isolation is becoming an important part of that future.

View the full article
Apple CEO Tim Cook held "constructive" talks with EU tech chief Henna Virkkunen on Tuesday about releasing Siri AI in the bloc while complying with the bloc's digital rules, reports the Financial Times ($).


An EU spokesperson told the publication the virtual meeting had involved a "constructive exchange on topics of common interest, on which the work continues."

Siri AI will be available for free with iOS 27 and iPadOS 27 when they are released in September. However, the enhanced chatbot-style Siri will not be available in the EU on iOS and iPadOS until it can find a path forward under the bloc's regulatory framework. That includes the new Siri app for revisiting conversations, expanded Visual Intelligence capabilities, integrated writing tools, Siri mode in the Camera app on iPhone, and more.

When the new enhanced Siri AI features were announced at WWDC 2026 last month, Apple said EU regulators did not accept any of the company's proposed solutions to bring Siri AI to the EU while safely supporting other virtual assistants.

According to the Commission, the Digital Markets Act (DMA) requires Apple to give rival AI assistants access to the same underlying iPhone capabilities as Siri, allowing them to perform many of the same tasks on a user's behalf with appropriate user consent.

To address the issue, Apple came up with the idea of a Trusted System Agent – intermediary software that would be designed to let third-party virtual assistants securely access the same system capabilities as Siri AI on EU devices. Apple said the EU rejected the proposal.

The EU quickly shot back against that characterization, however, saying the decision not to launch Siri AI in the bloc was entirely Apple's and that the company sought an exemption from its legal obligations rather than a compliant solution. Regulators also said Apple simply requested a blanket exemption from its interoperability obligations under the DMA, something the Commission said is not an available option.

The dispute prompted a wave of criticism of the Commission. According to the Financial Times, EU officials received hundreds of emails from consumers accusing Brussels of denying Europeans access to the new technology.

As for Apple's proposed Trusted System Agent, a Commission official told the publication its contact with Apple on the idea was limited, and that it lacked a concrete proposal or details on how such an agent would work beyond the general concept. The official claimed Apple "focused on obtaining a green light to delay compliance."
By contrast, the official said changes Google made to Android prompted the Commission to open a formal consultation on how the company could comply with the DMA and avoid hefty fines.

Apple has not publicly commented on the latest round of discussions.Tags: European Commission, European Union, Siri, Siri AI, Tim Cook
This article, "Tim Cook Holds 'Constructive' Talks With EU Over Siri AI Launch" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
The technology landscape is shifting rapidly toward automation, cloud-native architectures, and platform-driven delivery models, making the role of the DevOps engineer more critical than ever. In this evolving environment, true career stability is not built on memorizing the latest software release, but on mastering the fundamental principles of system architecture, infrastructure automation, and continuous delivery. Employers today increasingly prioritize candidates who demonstrate practical, hands-on experience over those with theoretical knowledge alone, making it essential for learners to build a balanced skill set that bridges the gap between software development and IT operations. By focusing on foundational technical competencies through structured guidance, such as the comprehensive programs available at DevOpsSchool, aspiring engineers can transform from passive learners into active practitioners, unlocking long-term career opportunities in a high-growth industry that rewards those who can architect reliable, automated solutions for complex real-world challenges.
What Is DevOps?
DevOps is often misunderstood as a set of tools or a specific job title. In reality, it is a cultural and professional philosophy. At its heart, DevOps is about breaking down the traditional silos between developers, who want to ship features quickly, and operations teams, who prioritize system stability.
This culture emphasizes shared responsibility, where engineers across the entire development lifecycle work together to ensure that software is delivered efficiently and reliably. Automation is the primary vehicle for this, allowing teams to replace manual, error-prone processes with repeatable, high-speed workflows. Through continuous improvement and a focus on feedback loops, organizations can deliver value to users faster while maintaining a high standard of quality.
Why Core Skills Matter
In a field defined by constant change, core skills act as your anchor. When you understand the underlying principles of networking, Linux internals, or version control, you become tool-agnostic. If a specific automation platform becomes obsolete, your foundational knowledge allows you to learn its successor in days rather than months.
Career Growth: Proficiency in the basics allows you to progress from junior tasks to architecture-level problem solving. Technical Confidence: Understanding how a system fails allows you to troubleshoot with calm precision. Better Collaboration: When you speak the language of both developers and sysadmins, you become an invaluable bridge within your team. Core Technical Skills Every DevOps Learner Should Master
To build a strong foundation, you must balance breadth with depth. The following table provides a high-level view of the technical pillars required for a successful career.
SkillWhy It MattersPractical ApplicationLinuxThe foundation of almost all cloud infrastructure.Managing processes, user permissions, and log analysis.GitEssential for source control and collaboration.Managing branching strategies and resolving merge conflicts.NetworkingUnderstanding how data travels between services.Configuring DNS, firewalls, and load balancing rules.ContainersPortable and lightweight application deployment.Building, optimizing, and securing Docker images.KubernetesOrchestration for large-scale production systems.Managing pods, services, and cluster scaling.CI/CDAutomating the delivery of software.Building pipelines that test and deploy code automatically.IaCTreating infrastructure like application code.Provisioning cloud resources using Terraform or Ansible.MonitoringGaining visibility into system health.Setting up dashboards and alerts for system performance.SecurityProtecting the entire stack (DevSecOps).Scanning images for vulnerabilities and managing secrets. Linux
Linux is the operating system of the cloud. You must move beyond basic commands and understand the kernel, file systems, permissions, and process management. Start by setting up a local Linux environment and learning to write Bash scripts to automate simple system administration tasks.
Git
Git is the standard for version control. Beyond simply “pushing” code, you need to master branching strategies like GitFlow or trunk-based development. Understanding how to handle complex merges and code reviews is crucial for working in professional engineering teams.
Networking
DevOps engineers often face “it’s a network issue” scenarios. You should understand the OSI model, how DNS resolution works, how HTTP/HTTPS requests are routed, and the role of load balancers and firewalls in securing applications.
Cloud Computing
Choose a major cloud provider (AWS, Azure, or Google Cloud) and learn how to use their services. Focus on virtual machines (compute), object storage, IAM (identity management), and VPCs (virtual private clouds). Theory is useful, but building a multi-tier application in the cloud is the only way to truly grasp how these components interact.
Containers
Docker transformed how applications are packaged. Learn how to write efficient Dockerfiles, manage volumes, and handle networking between containers. A deep understanding of container layers and optimization will make your deployment pipelines much faster.
Kubernetes
Kubernetes is complex, but essential. Start by learning the core objects: Pods, Services, Deployments, and ConfigMaps. Practice deploying a simple web application and exposing it to the internet, then move on to managing stateful sets and storage.
CI/CD
Continuous Integration and Continuous Delivery are the heartbeat of DevOps. Use tools like Jenkins, GitHub Actions, or GitLab CI to automate testing and deployment. A great project is to create a pipeline that triggers a deployment every time you push code to your repository.
Infrastructure as Code (IaC)
Manual configuration is a recipe for disaster. Using tools like Terraform or Ansible allows you to define your infrastructure in code. This makes your environments reproducible and version-controlled.
Monitoring
You cannot fix what you cannot see. Learn to collect logs and metrics using tools like Prometheus and Grafana. Practice creating alerts that notify you when CPU usage spikes or a service goes down.
Security
Security must be integrated into the pipeline, not treated as an afterthought. Learn how to manage environment secrets, perform static analysis on your code, and scan your container images for known vulnerabilities.
Essential Soft Skills
Technical skills get you the interview, but soft skills get you the promotion.
Communication: You must be able to explain complex technical concepts to non-technical stakeholders. Problem-Solving: The ability to decompose a massive outage into smaller, solvable components is a superpower. Documentation: If it isn’t documented, it didn’t happen. Writing clear runbooks and README files is vital for team efficiency. Adaptability: The industry changes every few years; you must be willing to unlearn and relearn. Learning Roadmap
Beginner: Master the Linux Command Line and Shell Scripting. Versioning: Become proficient in Git and collaborative workflows. Networking: Understand TCP/IP, DNS, and HTTP. Containers: Learn Docker internals and image creation. Automation: Develop your first CI/CD pipeline. Cloud: Deploy resources in AWS/Azure/GCP. IaC: Use Terraform to manage cloud infrastructure. Orchestration: Master Kubernetes basics and cluster management. Observability: Implement monitoring and alerting systems. Advanced: Dive into DevSecOps and Platform Engineering. Hands-On Practice
Practical experience is the ultimate form of learning. Build a home lab using virtualization tools, or set up a free-tier account on a cloud provider. Create a portfolio on GitHub where you document your projects. When you encounter an error, don’t just search for the answer; read the documentation and debug the issue step-by-step.
Measuring Learning Progress
Use these KPIs to track your professional development.
MetricWhy It MattersCareer BenefitProjects CompletedShows hands-on capability.Strengthens portfolio.GitHub ActivityDemonstrates consistent coding.Proof of work for recruiters.CI/CD Pipelines BuiltProves automation skills.Increases deployment speed.Kubernetes DeploymentsValidates orchestration skills.High-demand technical skill.Cloud LabsShows real-world platform usage.Better interview performance.Certifications EarnedIndustry recognition of knowledge.HR keyword matching. Common Learning Challenges
ChallengeImpactRecommended SolutionLearning too many toolsBurnout and shallow knowledge.Focus on one tool per category first.Weak Linux knowledgeInability to debug systems.Spend extra time on Linux internals.Lack of practiceLoss of retention.Build one project for every concept.Skipping networkingInability to connect services.Dedicate a month to network fundamentals.Poor documentationInability to track progress.Maintain a blog or repository notes.Inconsistent studySlow progress.Use a structured learning plan. Best Practices for Learning DevOps
Learn Fundamentals First: Don’t jump to Kubernetes before understanding Docker. Practice Daily: Consistency beats intensity. Build Projects: Theory only sticks when applied to a problem. Read Documentation: Official docs are always more accurate than third-party tutorials. Join Communities: Engaging with others helps you stay updated. Review Progress Regularly: Adjust your plan based on what you find difficult. Real-World Example: A Learner’s Path
Consider “Alex,” a system administrator who wanted to transition into DevOps.
Initial Knowledge: Basic Windows Server management and some internal scripting. Learning Roadmap: Alex spent three months mastering Linux and Bash, then moved to Git. Practical Projects: Alex built a CI/CD pipeline for a static website, then migrated it to a Docker container on AWS. Interview Preparation: Alex focused on explaining the why behind the architecture rather than just naming tools. Career Outcome: Alex landed a Junior DevOps Engineer role by showcasing the GitHub repository containing the documented project steps. Lessons Learned: Focus on understanding how components talk to each other. Common Beginner Mistakes
Memorizing Tools: Tools change; concepts do not. Focus on the architecture. Ignoring Concepts: Don’t skip the “boring” stuff like networking or security basics. Avoiding Troubleshooting: The moment you stop debugging an error, you stop learning. Weak Communication: Always explain why you made a specific architectural choice. Not Documenting Projects: If your work isn’t visible, it’s harder for employers to see your value. Future Skills Every DevOps Learner Should Explore
AI-Assisted DevOps: Learning how to use AI tools for code generation and debugging. Platform Engineering: Building internal platforms that abstract complexity for other developers. GitOps: Managing infrastructure state entirely through Git workflows. Kubernetes Security: Mastering admission controllers and network policies. Cloud-Native Development: Writing code specifically designed for distributed systems. Certifications & Learning Paths
While projects are king, certifications help validate your knowledge for potential employers.
CertificationBest ForSkill LevelFocus AreaLFCSLinux FoundationBeginnerLinux System AdminAWS Solutions ArchitectCloud EngineersIntermediateCloud ArchitectureCKAKubernetesIntermediate/ProContainer OrchestrationTerraform AssociateIaC LearnersBeginner/IntermediateAutomationSecurity+DevSecOpsAllSecurity Fundamentals Utilize the DevOpsSchool ecosystem to find structured learning paths that align with these industry-standard certifications.
Practical DevOps Skills Checklist
[ ] Install and configure a Linux server. [ ] Manage a repository with Git branching. [ ] Containerize a small application with Docker. [ ] Deploy a containerized app to a local Kubernetes cluster. [ ] Write a shell script to automate a repetitive task. [ ] Provision cloud resources using Terraform. [ ] Create a basic CI/CD pipeline. [ ] Set up monitoring and alerts for a service. FAQs
Which DevOps skill should beginners learn first?Linux is the undisputed priority. Everything else runs on top of it. Is Linux mandatory?Yes. You cannot effectively manage cloud infrastructure without it. Do I need cloud experience?It is essential for modern roles. Start with the free tier of a provider like AWS. Is Kubernetes necessary?For mid-to-senior roles, yes. Start with the basics before jumping into complex clusters. How important is Git?It is the backbone of the DevOps workflow. Master it early. Should I learn Terraform?Yes. Infrastructure as Code is standard in every professional environment. How do I practice DevOps?Build a project, break it, and then fix it. Repeat. Which certifications are most valuable?CKA (Kubernetes) and Cloud Provider Architect certifications are highly recognized. Do I need to be a programmer?You need to understand scripting and basic application logic, but you don’t need to be a full-stack developer. How long does it take to learn?It is a continuous process. Expect to spend 6-12 months to get “job-ready.” Is DevOps dying because of AI?No. AI is a tool for DevOps engineers to become more efficient. Should I learn one cloud or all?Master one deeply first, then expand. What is the best way to learn?Combine courses, documentation reading, and personal projects. How do I deal with errors?Read the logs. The error message usually tells you exactly what is wrong. Is it better to specialize or generalize?Start as a generalist to understand the ecosystem, then specialize in one area. Final Thoughts
The journey to becoming a DevOps professional is a marathon, not a sprint. Success in this field requires a persistent curiosity and a willingness to embrace the grind of troubleshooting. Focus on building strong fundamentals—Linux, networking, and scripting—before you chase the latest trends in the ecosystem. Every professional started exactly where you are today. Build projects, document your learning, and engage with the community. Consistency in your practice will eventually translate into career-defining technical expertise.
View the full article
Detection engineering, which was once a niche practice among mostly large companies, appears to have evolved into a capability that organizations across industries now consider essential to their security operations.
What is detection engineering?
Detection engineering is about creating and implementing systems to identify potential security threats within an organization’s specific technology environment without drowning in false alarms. It’s about writing smart rules that can tell when something potentially suspicious or malicious is happening in an organization’s networks or systems and making sure those alerts are useful. The process typically involves threat modeling, understanding attacker TTPs, writing, testing and validating detection rules, and adapting detections based on new threats and attack techniques.
A small survey of 264 cybersecurity professionals by the SANS Institute and Anvilogic found that 80% of organizations — and 85% of large enterprises — are actively investing in detection engineering, with 60% now having dedicated teams. More than two-thirds (67%) reported strong leadership support for the practice within their organization.
The survey’s data suggested that many companies have not just merely adopted detection engineering practices but have made it a strategic focus of their cyber risk mitigation effort.  “Just a decade ago, detection engineering was a relatively unknown role in cybersecurity,” the report stated. “Now, it is emerging as one of the most critical roles in security operations.”
More than the usual threat detection practices
Proponents argue that detection engineering differs from traditional threat detection practices in approach, methodology, and integration with the development lifecycle. Threat detection processes are typically more reactive and rely on pre-built rules and signatures from vendors that offer limited customization for the organizations using them. In contrast, detection engineering applies software development principles to create and maintain custom detection logic for an organization’s specific environment and threat landscape. Rather than relying on static, generic rules and known IOCs, the goal with detection engineering is to develop tailored mechanisms for detecting threats as they would actually manifest in an organization’s specific environment.
Often this involves a stronger emphasis on behavior-based detections, the integration of threat intelligence to create detections aligned with real-world adversary tactics and the use of threat modeling to anticipate potential attack paths, says Heath Renfrow, CISO and co-founder of Fenix24 a cyber disaster recovery firm. “Unlike conventional threat detection, which often relies on static signatures and pre-built rules, detection engineering is behavior-driven, context-aware, and tailored to an organization’s unique threat landscape,” Renfrow says. “It involves a blend of security operations, threat intelligence, and data science to build more adaptive and resilient detection capabilities.”
The SANS-Anvilogic report describes detection engineering practices as evolving over the years from being over-reliant on vendor-specific consoles and proprietary languages to incorporate software development life cycle (SDLC) and continuous integration/continuous deployment (CI/CD) principles. This is enabling teams to test, deploy, and refine detections more efficiently while maintaining auditable trails of changes.
Drivers of detection engineering’s adoption
There are a couple of factors driving adoption of detection engineering practices. The biggest is the fact that out-of-the-box detections aren’t good enough. They don’t baseline the environment, they don’t drive down false positives and, troublingly, they don’t always alert on the things that matter, says Johnathon Miller, vice president of security operations at Lumifi Cyber.
Generic alerts that don’t account for organizational context have become a major problem and a contributor to false positive fatigue within many security teams. Sixty-four percent of organizations in Anvilogic’s survey for instance, reported high false positive rates; 61% struggled with detections that lacked environmental accuracy; and 34% said they had encountered delays in updates and improvements.
“Traditional threat detection methods historically have been static; if a=a, create an alert,” says Kevin Gonzalez, VP of security, operations and data, Anvilogic. “They are often rigid, black-box mechanisms that lack flexibility in customization. Though useful to some extent, these approaches become unmanageable at scale especially in organizations with hybrid environments,” he says.
Growing threat volumes and sophistication are another issue. Attackers are using more advanced and evasive techniques — including fileless malware, living off the land approaches, zero-day exploits and attacks via the software supply chain — rendering signature-based detection largely insufficient. Rising cloud adoption has introduced new vulnerabilities as well and created blind spots that legacy detection methods often struggle to cover. 
The rise in advanced persistent threats (APTs), supply chain attacks, and ransomware operations has made traditional reactive approaches insufficient, Renfrow says. “Organizations now realize that proactive detection engineering reduces dwell time, improves response capabilities, and enhances overall cyber resilience. Additionally, compliance frameworks and cyber insurance providers are increasingly emphasizing strong detection strategies.”
Industries adopting detection engineering
Organizations in the banking and finance sector, the technology industry, cybersecurity companies and, to a lesser extent, healthcare companies are among the leading adopters of detection engineering practices. Many are in sectors that must deal with regulatory scrutiny or are frequent targets of sophisticated threat actors. But the reality is that most organizations, especially larger ones, can benefit from implementing a systematic approach to developing detection mechanisms for their specific threat profile.
Any large enterprise with a complex IT infrastructure can benefit from detection engineering. Security operations centers (SOCs) need to continuously improve and maximize their detection posture. “Along with the evolving threat landscape, their own internal IT infrastructures are constantly changing, which can result in detection ‘drift,’ where detection rules are broken and will no longer fire or alert,” CardinalOps CEO Michael Mumcuoglu says.
Security experts point out some key requirements for setting up a detection engineering capability. The biggest among them is data. To succeed, detection engineering teams need access to logs and security event data from endpoints, networks, cloud environments, and security tools and a centralized SIEM or log management platform to aggregate and normalize the security data. An effective detection engineering capability also means having skilled personnel including detection engineers, analysts, and threat researchers, to develop and refine detection rules. Also important are formal processes for threat modeling, testing and integrating threat intelligence with incident response.
The goal should be to move beyond static signatures and focus on how attackers operate, by prioritizing behavior-based threat detection. Use frameworks like MITRE ATT&CK to map detection coverage against known adversary techniques and utilize adversary emulation tools like Atomic Red Team to validate effectiveness, Renfrow says. “Detection engineering works best when security operations, threat intelligence, and IT teams work together,” Renfrow notes.
How AI and automation can help
AI/ML can play a key role in rule tuning and automation as well. Some 45% of the survey respondents described their organizations as using AI in their detection engineering programs for purposes like anomaly detection, rule generation and alert triage. Nearly nine in 10 (88%) believed AI would have a big impact on their detection engineering programs in the next three years. “One of [AI’s] strongest use cases is analyzing vast amounts of data to identify anomalies, particularly when utilizing a custom-trained language model,” says Glenn Thorpe, senior director of security research and detection engineering at GreyNoise Intelligence. “Depending on an organization’s threat model and risk tolerance, employing AI with a well-trained LLM can significantly enhance the effectiveness and efficiency of defenders within the organization.”
AI is not the only change. More organizations are also adopting automated processes for detection engineering. The areas that organizations are automating include mapping detection coverage to the MITRE ATT&CK framework, identifying broken or misconfigured detections, and being able to operationalize threat intelligence and convert it into actionable detection rules, Mumcuoglu says. Ninety-three percent of Anvilogic’s survey respondents reported they are currently using or plan to use automation in their detection engineering workflow for rules development, tuning existing detections and threat hunting.
Thorpe cautions against organizations looking for some kind of one-size-fits-all approach to standing up a detection engineering capability. “Instead, a creative mindset, diversity of thoughts and experiences, and curiosity are vital for building an effective team.”
A good place to start is by identifying your organization’s core data and finding individuals who can analyze that data from multiple perspectives. Develop a realistic understanding of what you don’t know and begin to address those information gaps. “You might discover that small changes can significantly improve your visibility and understanding of network traffic,” Thorpe notes.

View the full article
Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had imposed on Fable and its more tightly controlled sibling Mythos 5 about two and a half weeks earlier. Fable 5 returns to users on Wednesday, July 1, across Claude.ai, the Claude Platform, Claude Code, and Claude Cowork. Export controls restrict who canView the full article
Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising dozens of accounts in the process. The activity, per Huntress, originates from an IPv6 address range (2a0a:d683::/32) controlled by internet infrastructure provider LSHIY LLC (AS32167). "Between June 12 and June 26, the threatView the full article
ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands behind its fake "prove you're human" pages are now handed out by API-driven servers that give each visitor the same malware in a different disguise. The same research also turned up a new delivery method built to slip past Windows' script scanning.View the full article
Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition. The vulnerabilities are listed below - CVE-2026-8451 (CVSS score: 8.8) - An insufficient input validationView the full article
Apple is working on a high-end MacBook Pro that could be called the "MacBook Ultra." The device will have several firsts in a Mac, including an OLED display and a touchscreen.

Subscribe to the MacRumors YouTube channel for more videos.
The "Ultra" name isn't a sure thing, and Apple could also continue to call the device the ‌MacBook Pro‌. It will be a "Pro" device in the ‌MacBook Pro‌ line.
Design

Apple hasn't redesigned the ‌MacBook Pro‌ since it added Apple silicon chips in 2021, so the device is due for a new look. The MacBook Ultra could feature some design changes, including a thinner chassis.

Apple could get rid of the notch on the MacBook Ultra, replacing it with an iPhone-style Dynamic Island. A ‌Dynamic Island‌ would unify the way Siri AI behaves across the iPhone and the Mac with iOS 27 and macOS Golden Gate.

Size Options

The MacBook Ultra will be available in both 14-inch and 16-inch size options.

Display

Apple's upcoming MacBook will be the first with an OLED display. OLED display technology is already used for the iPhone, Apple Watch, and iPad Pro, but it has taken time for larger-sized OLED screens to come down in price.

OLED will be an upgrade over the current mini-LED display technology in most cases, bringing deeper colors and a higher contrast ratio with true blacks. In an OLED display, individual pixels turn off instead of dim when not activated, so there's less light leakage. OLED displays tend to have better HDR than mini-LED, but sometimes don't match the overall mini-LED brightness levels.

Along with OLED technology, the MacBook Ultra is expected to have the first touchscreen display on a Mac. Users will be able to use their fingers for tapping and interacting with items on the Mac's display, similar to an iPad.

Touchscreen capabilities will be used alongside the trackpad and keyboard, and so Apple may be viewing them as more supplementary than a main control method. Apple is rumored to be adapting ‌macOS Golden Gate‌ for touch input.

Apple plans to add a reinforced hinge to the MacBook Ultra's display so that it doesn't wobble when it's tapped.
M5 Pro and M5 Max Chips

The current ‌MacBook Pro‌ models are equipped with M5 Pro and M5 Max chips, and Apple plans to use the same chips for the rumored MacBook Ultra.

Apple is planning to introduce the M6 chip as soon as late 2026, but Bloomberg says Apple isn't going to release any other chips in the M6 series. Apple's chip plans have changed in recent months, and there won't be an M6 Pro or an M6 Max. With no M6 Pro or M6 Max, Apple will need to use the M5 Pro and M5 Max so it doesn't have to wait for the M7 series.

A second-generation MacBook Ultra will use the M7 Pro and M7 Max chips.

With the MacBook Ultra set to use the same chips that are in the existing ‌MacBook Pro‌, it's unclear if it will replace the existing 14-inch and 16-inch ‌MacBook Pro‌ models or be sold alongside them as a higher-end option.

MacBook Ultra Hints

There are features in ‌macOS Golden Gate‌ that hint at a future touchscreen Mac. Apple added direct touch input to Sidecar so users can tap and interact with macOS elements when using the ‌iPad‌ as a Mac display.

‌macOS Golden Gate‌ supports an iPhone-style pull-to-refresh option, and it can be used across apps like Safari, Mail, News, Podcasts, and Calendar. A pull-to-refresh option makes the most sense on a touch display.

Pricing

Apple's OLED MacBook is expected to be a premium product, with a price tag higher than current ‌MacBook Pro‌ models. Apple raised the prices of all Macs in June, and so the MacBook Ultra will likely be even more expensive than expected.

The higher-end 14-inch ‌MacBook Pro‌ with M5 Pro chip starts at $2,499, while the 16-inch ‌MacBook Pro‌ starts at $2,999. The OLED MacBook will be priced even higher.

Launch Date

Rumors suggest the MacBook Ultra will launch in late 2026 or early 2027, with mass production to start in late 2026. If the MacBook Ultra comes in 2026, it could be released sometime between October and December, but it won't be unveiled at Apple's September iPhone event.

If it launches in 2027, it could come early in the year at Apple's first 2027 event.Tags: OLED, Touchscreen Mac
This article, "MacBook Ultra: Everything We Know About Apple's OLED Touchscreen Mac" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Nanoleaf today launched the Smart Multicolor Ceiling Light, an affordable Matter-compatible lighting product. With a dual-sided design, there's a main downlight and an upward backlight for a layered lighting glow. Each side can be controlled individually for bright light or an ambient lighting option.


The light has 196 LEDs inside, with up to 2600 lumens. White light ranges from 2200K to 6500K, supporting tones that change throughout the day to match natural light. Nanoleaf says it was built with RG0 Low Blue Light technology to reduce blue light hazard and eye strain.

There are 28 color zones, and millions of colors are supported for gradients. According to Nanoleaf, the Multicolor Ceiling Light has a Color Rendering Index of 95, offering "vivid-natural looking colors."

The light measures 13.8 inches, and it is 1.18 inches thick. It is a hard-wired light that's meant to be installed with a standard light switch, though it also works with the Nanoleaf Sense+ Wireless Smart Switch.

Nanoleaf's new light supports Matter over Wi-Fi, so it can connect to a HomeKit setup for use with Siri and the Home app. It also works with the Nanoleaf app, which offers hundreds of color scenes and support for music pairing. For multi-color lighting scenes with gradients, the Nanoleaf app is required because ‌HomeKit‌ doesn't support that.

The Nanoleaf Smart Multicolor Ceiling Light can be purchased from Amazon.com or the Nanoleaf website for $80.Tags: HomeKit, Nanoleaf
This article, "Nanoleaf's New $80 Smart Ceiling Light Works With Matter and HomeKit" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Anthropic today introduced Claude Sonnet 5, a more affordable model that narrows the gap between Sonnet and Opus. Anthropic says Claude Sonnet 5 is its most agentic Sonnet model to date, able to make plans, use tools like browsers and terminals, and run autonomously.


Opus models have better agentic capabilities, but they're more expensive than Sonnet models. Sonnet 5's performance is similar to Opus 4.8, and it has improved over Sonnet 4.6 in areas including reasoning, tool use, coding, and knowledge work.

As for agentic capabilities, Sonnet 5 is able to finish complex tasks that Sonnet 4.6 could not complete, and it checks its own output without being asked. It is better at refusing malicious requests, and Anthropic says it shows lower rates of hallucination and sycophancy.

Sonnet 5 is available across all plans and is the default model for Free and Pro plans. It is priced at $2 per million input tokens and $10 per million output tokens through August 31, then prices will go up to $3 and $15, respectively.Tag: Anthropic
This article, "Anthropic Launches Claude Sonnet 5 With Near-Opus Performance at a Lower Price" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple's Beats brand has launched a new retailer-exclusive orange color for its Solo Buds, with the earphones available now at Best Buy in the United States and coming July 4 to 7–Eleven in Japan.


The Solo Buds are an entry-level earphone product from Beats, normally priced at $79.99 in the United States, although they are occasionally offered on sale such as the current $10 discount at Best Buy bringing all colors down to $69.99. The Solo Buds offer up to 18 hours of battery life in the buds themselves, with their tiny case offering only wired charging capabilities and no battery of its own.

Beats debuted the Solo Buds back in June 2024 in Matte Black, Storm Gray, and Transparent Red color options, as well as an Arctic Purple that has been exclusive to Apple and Target. Late last year, a new retailer-exclusive Ivory color launched at Walmart in the United States and at other retail partners in select countries.

While the new orange color is exclusive to Best Buy and 7-Eleven, it is very similar to orange Solo Buds that were offered in India for free with the purchase of an iPhone 15 or iPhone 15 Plus back in October 2024 as part of a promotion in celebration of Diwali. The limited-edition earbuds offered in India included purple Beats "b" logos on the earbuds and case, while the new ones at Best Buy and 7-Eleven feature red "b" logos.Tag: Beats
This article, "Beats Launches Solo Buds in Retailer-Exclusive Orange Color in the U.S. and Japan" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple today updated its online refurbished store in the United States, adding the iPhone 16e. Refurbished iPhone 16e models are available at discounted prices for the first time since the device launched in February 2025.


Entry-level 128GB iPhone 16e models are priced at $419, which is a $180 discount from the original price. The iPhone 16e was retired when the iPhone 17e came out, so it is no longer available new from Apple.

Upgraded 256GB and 512GB iPhone 16e models are available for $509 and $679, respectively. The iPhone 16e comes in black or white, and Apple has both colors available.

At $419, a refurbished iPhone 16e is $180 less than Apple's most affordable iPhone, the 17e, but it lacks a few useful features. It does not include MagSafe charging, it has a slower C1 modem instead of the C1X, 128GB starting storage instead of 256GB, an older A18 chip, and original Ceramic Shield glass instead of Ceramic Shield 2.

Refurbished iPhones are unlocked and eligible to be used with any carrier. Apple revamps iPhones that have been returned or repaired, adding new batteries, outer shells, and cables. Refurbished iPhones are essentially identical to new iPhones after going through Apple's cleaning and testing process, and they come with the same one-year warranty with an option to purchase AppleCare+ coverage.Tag: Apple Refurbished Products
This article, "Apple Now Sells Refurbished iPhone 16e Starting at $419" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Starting today, a mobile version of the popular game show Family Feud is available on Apple Arcade, and four more games are coming this week.


Apple says the game provides an "authentic, true-to-show trivia experience."

"Hosted by the iconic Steve Harvey, the game features the classic mechanics fans know and love, along with daily challenges and exclusive questions," says Apple. "Players can guess the answer and outsmart the competition solo or with loved ones — at home or on the go — through local and online multiplayer."

On Thursday, July 2, four popular App Store games are coming to Apple Arcade:
Dungeon Clawler+
Creatures of the Deep+
Pocket City 2+
Draw It+
More details about these games were outlined in Apple's press release earlier this month.

Apple Arcade is a subscription service that provides access to hundreds of games across the iPhone, iPad, Mac, Apple TV, and Apple Vision Pro. All of the games are free of ads and in-app purchases. In the U.S., Apple Arcade costs $6.99 per month, and it is also bundled with other Apple services in all Apple One plans.

Apple Arcade can be accessed through the App Store and the Apple Games app.Tag: Apple Arcade
This article, "Apple Arcade Adding 5 Games This Week, Including 'Family Feud Pocket'" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple today provided public beta testers with the third betas of iOS 26.6, iPadOS 26.6, macOS Tahoe 26.6, watchOS 26.6, and tvOS 26.6, with the software coming a day after Apple seeded the betas to developers.


After signing up to beta test the software updates on Apple's beta site, public beta testers can download the new software using the Software Update section in the Settings app on each device.

iOS 26.6 has a feature that will let you know when you have blocked too many contacts, but the limit is in the thousands so most users may not ever see the messaging. There are also signs of a new iPhone anti-snatching feature that locks a stolen iPhone when it's grabbed from your hand.

No other major new features have been found in any of the software updates, with Apple likely focusing on bug fixes and security improvements. We're nearing the end of the "26" software cycle, with Apple planning to release iOS 27, iPadOS 27, macOS Golden Gate, and more in September.Related Roundups: iOS 26, iPadOS 26, macOS TahoeRelated Forums: iOS 26, macOS Tahoe
This article, "Apple Seeds Third Public Betas of iOS 26.6, macOS Tahoe 26.6 and More" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
The United States Supreme Court has agreed to hear Apple's appeal against the contempt ruling that forced it to change its App Store linking rules, reports Reuters.


In a statement to MacRumors, Apple said the court's decision was welcome news.

Apple asked the Supreme Court to review the decision back in May, and it was unclear if the request would be granted because the court previously declined to weigh in on the dispute. The 2024 denial involved the original Epic Games vs. Apple commission battle, but the case has since gotten spicier and piqued the Supreme Court's interest.

Apple largely won the Epic Games case in 2021 and wasn't found to have violated antitrust law, but Yvonne Gonzalez Rogers, the judge overseeing the case, ordered Apple to relax its anti-steering rules and let developers link to alternate payment options in apps. Apple agreed, but ended up charging a 12 to 27 percent fee on link-outs instead of 15 to 30 percent. When adding in fees to payment processors, developers got more hassle with little to no discount, which resulted in few developers using the new link system.

‌Epic Games‌ accused Apple of violating the judge's order, and took Apple back to court. Gonzalez Rogers agreed with Epic, and in April 2025, found Apple in contempt of court for willfully violating the 2021 injunction. She barred Apple from collecting any fees on links in the U.S. App Store, and Apple changed its ‌App Store‌ rules to comply.

Apple appealed, and the Ninth Circuit Court of Appeals upheld the contempt finding, leading Apple to further appeal to the Supreme Court.

Apple argued the contempt ruling was inappropriate because of the wording around the original order and Apple's implementation. The initial order did not bar Apple from charging fees when developers linked to third-party payment options, but both the district court and the appeals court said Apple violated the "spirit" of the injunction by charging fees that were too high. Apple said that a contempt ruling based on "spirit" instead of the word of the ruling is a "recipe for abuse." Apple is aiming to have the Supreme Court toss out the contempt decision because there was no clear and unambiguous violation.

Apple also asked the court to evaluate the scope of the injunction, which Apple said should apply only to ‌Epic Games‌ and not to all developers. Apple heavily leaned on Trump v. CASA, a recent ruling that said lower courts do not have the authority to issue universal injunctions to block nationwide policies.

In its request to the Supreme Court, Apple said the contempt ruling based on spirit and the order forcing it to change its policies for all developers "have combined to create an injunction that may reshape the global app marketplace." Apple's argument that the outcome of the case could lead to regulatory changes worldwide may also have swayed the court to weigh in on the case.

The Supreme Court will hear the case in its next term that begins in October after a summer break. While Apple waits for the Supreme Court decision, it will be going back to district court for fee calculations that will go into effect if the higher court does not toss out the contempt ruling and resulting anti-steering order. Apple was ordered back to district court because the appeals court found the district court's total ban on commissions went too far, and sent it back to set a reasonable fee.Tags: App Store, Epic Games, Epic Games vs. Apple, Apple Lawsuits, Supreme Court
This article, "Supreme Court Will Hear Apple's Appeal in Epic Games App Store Fight" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
American Express today announced that you can now redeem Membership Rewards points when checking out with Apple Pay on the web and in apps on the iPhone and iPad.


When checking out with Apple Pay on iOS 18 or iPadOS 18 or later, tap on your eligible American Express card (Platinum, Gold, Green, and others) and select the Membership Rewards points option. You can use points to cover all or part of your purchase, with every 10,000 points redeemed through Apple Pay worth a $70 statement credit.

American Express points can be redeemed entirely within the Apple Pay checkout flow, with no need to open another app or complete additional steps.

Related Roundup: Apple PayTag: American ExpressRelated Forum: Apple Music, Apple Pay/Card, iCloud, Fitness+
This article, "American Express Announces New Apple Pay Feature" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple today updated its Creator Studio apps, adding new AI features to Pixelmator Pro, Final Cut Pro, Logic Pro, and more.


Apple is integrating Pixelmator Pro with Final Cut Pro, Keynote, Numbers, and Pages. Final Cut Pro users can send a frame to Pixelmator Pro to create thumbnails and social graphics. In Keynote, Numbers, and Pages, users can select an image in a document and open it in Pixelmator Pro to edit, with changes saved to the original document.

The three office apps support generating vector shapes using AI, and Pixelmator Pro is getting advanced image generation and a Content Hub. Users can generate AI images directly in Pixelmator Pro with natural language, and browse a curated collection of images in Content Hub. Freeform also integrates with Pixelmator Pro in iOS 27, iPadOS 27, and macOS Golden Gate.

Final Cut Pro is getting Generate Captions, an on-device AI feature that automatically adds subtitles to videos based on audio. Subtitles can have animations and custom fonts, colors, and positions.

Edit Detection is a new AI feature that analyzes rendered video and splits it back into the original clips on the timeline. Apple says editors can use the tool for edit refinements or assembling a cut-down highlight clip for social media.

On the Mac, Final Cut Pro has an Auto Mask feature that isolates and refines video elements like skin, hair, sky, foliage, and clothing. Users can hover over a clip and make precise adjustments with no manual tracking. Color Match now produces more accurate and natural color matches in different lighting conditions, plus Advanced Trimming lets users fine-tune incoming and outgoing frames one-by-one.

Motion gains native support for scaling vector graphics without affecting quality, and Compressor has an Immersive Metadata Viewer for the Vision Pro. Final Cut Camera is getting expanded ProRes Support, an option to disable digital zoom, and Clean HDMI Out for sending a pristine video signal to external monitors and recorders.

Logic Pro's Chord ID feature has been rebuilt and it is more accurate than before. Apple says Session Players will respond and perform chord changes more quickly. Both Logic Pro and MainStage have a new granular sync mode in Alchemy to open up "new dimensions of sound design."

More information on the updates can be found on Apple's website. Creator Studio Pro includes all of Apple's creative software, and it is priced at $12.99 per month or $129 per year. Up to six people can share a single membership.Tag: Apple Creator Studio
This article, "Apple Creator Studio Gets New AI Features" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerability in Langflow, indicating threat actors are scanning and targeting exposed artificial intelligence (AI)View the full article
A "major overhaul" of the Apple Watch's design is due to arrive next year with a new system for connecting bands, according to a known Weibo leaker.


In a set of recent posts, the leaker known as "Instant Digital" linked the new claim to older rumors about an "Apple Watch X" model, which was said to introduce a fresh design and break compatibility with the existing watch band system. Citing a post from August 2023, the leaker reiterated that the way the band attaches to the case would change, creating internal space for a larger battery. The leaker went on to advise that anyone planning to buy a new Apple Watch in 2027 should hold off on buying extra bands in the meantime, given that a redesigned case could leave the current attachment system behind.

The "Apple Watch X" rumor traces back to a 2023 report from Bloomberg's Mark Gurman, who said Apple was planning the "biggest overhaul yet" for the Apple Watch's 10th anniversary, complete with a new magnetic band attachment system, a thinner case, and a microLED display. None of this materialized and Apple instead released the Apple Watch Series 10, keeping the existing band system intact with a design that, while tweaked somewhat, scarcely represented a major overhaul. It now looks like this redesign could simply have been delayed, rather than shelved entirely.

The timing lines up with how Apple has historically refreshed the standard Apple Watch's design. The original Apple Watch through to the Series 3 shared one design, the Series 4 through Series 6 shared another, and the Series 7 through Series 9 shared a third. The current design arrived with the Apple Watch Series 10. Following that roughly three-year pattern, a new design would be due to land with the Apple Watch Series 13 in 2027, matching the timeline Instant Digital is now describing.

The leaker previously said that the redesign would not appear until 2028, the year after the debut of the 20th anniversary iPhone. Last year, DigiTimes said that at least one future high-end Apple Watch model would get a "significant redesign ," including exterior changes such as eight sensors arranged in a ring pattern on the device's underside, tied to broader health-sensing ambitions. Earlier this month, Apple was said to be evaluating next-generation OLED backplane technology for the 2027 Apple Watch.

This year's Apple Watch Series 12 is not expected to feature a new design, continuing to use the same one introduced with the Series 10 in 2024, which introduced a thinner case, larger display, and a metal back that folds the antenna into the housing. Related Roundup: Apple Watch 11Tag: Instant DigitalBuyer's Guide: Apple Watch (Caution)
This article, "Report: Apple Watch Redesign Coming Next Year With New Band System" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple will try to convince the UK Supreme Court this week to throw out a $502 million judgment in favor of patent holder Optis Wireless.


As reported in the Financial Times, the UK Supreme Court this week takes up a dispute that has stretched on since 2019 in both U.S. and UK courts, when Optis first accused iPhones, iPads, and LTE-equipped Apple Watch models of infringing patents covering 4G networking technology.

The current UK fight is no longer about whether Apple infringed the patents, but rather what Apple should reasonably owe for using it. Patents deemed essential to a wireless standard must be licensed on fair, reasonable, and non-discriminatory (FRAND) terms, and the two sides remain far apart on the number. The award is structured as a single upfront payment spanning 2013 to 2027, covering Optis' LTE patents across Apple's cellular hardware.

The figure has shifted dramatically over the course of the proceedings. London's High Court had set the bill at $56.43 million in 2023. The Court of Appeal multiplied that roughly ninefold to $502 million last year. To get to that figure, the judges leaned on a separate agreement Optis had signed with Google as a reference point and counted royalties stretching back to 2013, well beyond the six-year window the High Court had favored.

Apple wants the justices to reconsider not just the size of the award but how the lower court arrived at it, contending the Court of Appeal "erred in law" and produced a figure it calls "arbitrary." Optis counters that Apple has spent years dodging fair payment and using its scale to drive rates down. Qualcomm has also lined up against the appeal, warning that Apple's stance breaks with established licensing norms and risks discouraging future innovation.

The dispute traces back to a pivotal 2020 ruling in which the UK Supreme Court held that British courts can set worldwide patent licensing rates, even though they can only rule on the infringement of UK patents. That decision opened the door for Optis to pursue global damages. After a 2021 High Court finding that Apple had infringed two of its patents, with the potential bill reported to run as high as $7 billion, an Apple lawyer told the court the company could withdraw from the UK rather than accept terms it considered "commercially unacceptable." Apple later backed away from that position.

The proceedings in the UK contrast with the parallel U.S. case, where Apple has fared considerably better. In February, a U.S. jury cleared Apple of infringing any of the five patents in dispute, the latest turn in a case that has repeatedly ended in Apple's favor.

Two earlier awards, of $506 million and $300 million, were each thrown out on appeal. Optis has signaled the U.S. legal battle isn't finished, saying it expects the District Court and the Federal Circuit to revisit the verdict.Tags: Patent Lawsuits, United Kingdom
This article, "Apple's $502M Optis Patent Case Heads to UK Supreme Court" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Last summer, Swiss-based Proton launched Lumo, an AI assistant with a privacy-first approach. Today, the company has announced Lumo 2.0, a major update to the chatbot that brings three new features commensurate with its core principles of no logs, no data sharing, and zero-access encryption.


Proton says Lumo 2 has been rebuilt on a new architecture that brings its biggest leap in capability to date, with Fast and Thinking modes now available. Fast of course prioritizes speed, while Thinking is optimized for more complex, multi-step reasoning. Proton says Lumo 2 responds to everyday queries up to 76 percent faster than Lumo 1.4.

Beyond the new architecture, Lumo 2 also boasts multimodal capabilities such as image generation and image recognition. Users can now upload an image to analyze, create visuals from a prompt or a rough sketch, or edit existing images, all in the same conversation.

On top of the new features, Lumo 2.0 has far stronger web search compared to Lumo 1.4, according to the company. There's also a Memory feature that lets Lumo learn your preferences, working style, and ongoing context, with the context window now twice as large.

Lumo 2.0 also introduces Custom Lumos, described as enabling purpose-built assistants that can be tailored to specific tasks, such as a research assistant that structures answers the way you need them.


Lumo is free to use at Lumo.proton.me and does not require a Proton account when accessed. However, if you have a Proton account, your chat history can be saved using the company's "zero-access" encryption across all your devices. There are also mobile apps for iPhone and Android.

For power users, Lumo Plus brings unlimited chats, Projects, advanced image generation, and priority access to the fastest models. Plus costs $12.99 per month, and there's also a Lumo Professional plan for teams offering secure collaboration for $14.99 per user per month, with discounts currently available for both plans.Tag: Proton
This article, "Proton Lumo 2.0 Adds Image Generation, Memory, Stronger Web Search" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Samsung's newest monitors have been further discounted this week, with big savings on the Odyssey G8, ViewFinity S8, and Movingstyle Essential. All of these have discounts that have been applied automatically, plus an additional $50 on-page coupon that you can clip to add to your cart.

Note: MacRumors is an affiliate partner with Samsung. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

Prices start at $749.99 ($200 off) for the 27-inch Odyssey G8 5K Monitor, and also include Samsung's first 6K monitor with the 32-inch Odyssey G8 6K Monitor for $1,549.99 ($50 off). Samsung also has a new 40-inch ViewFinity S8 Curved Monitor on sale for $1,139.99 ($260 off), as well as the Movingstyle Essential Monitor for $649.99 ($250 off).

UP TO $350 OFFSamsung 2026 Monitors

Shoppers should remember that all of the prices listed below will be reflected after clipping Samsung's $50 extra credit coupon and heading to the cart screen. The coupon can be found in the "Your Special Offers" section of each monitor's page, which is typically at the very top of each page.

43-inch Movingstyle Essential - $649.99 ($250 off)
27-inch Odyssey G8 5K Monitor - $749.99 ($200 off)
32-inch Odyssey OLED G7 4K Monitor - $799.99 ($300 off)
27-inch Odyssey OLED G8 4K Monitor - $1,049.99 ($50 off)
32-inch Odyssey OLED G8 4K Monitor - $949.99 ($350 off)
40-inch ViewFinity S8 Curved Monitor - $1,139.99 ($260 off)
32-inch Odyssey G8 6K Monitor - $1,549.99 ($50 off)

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Samsung's 2026 Monitors Hit New Record Low Prices at Up to $350 Off" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
OHC_logo_transparent_01.jpeg flags-medium.png OHC_logo_blue_square_small.jpeg

 

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.