Skip to content
View in the app

A better way to browse. Learn more.
hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Tech

Tech Articles from a wide variety of topics and categories
Show all categories

Streamlining Development Pipelines with the Perforce System

Let’s be honest – keeping track of changes in software projects can get messy. Different team members, multiple file versions, and questions about who changed what can create confusion. This leads to wasted hours, team conflicts, and sometimes lost work.
That’s where Perforce System Training helps. Think of it as learning how to play an organized team game where everyone wins. You keep your sanity, your team communicates better, and projects finish on time.
What is the Perforce System?
Think back to school group projects. Remember when someone lost their work, or two people edited the same thing and created a mess? The Perforce System is like that organized friend who keeps everything in perfect folders and remembers every change.
In simple terms, it helps you:
Track every change to your files Let multiple people work on files without chaos Remember old versions (helpful for undoing mistakes) Handle not just code, but images, documents, and designs Work well for both small teams and large companies Can’t I Just Learn from YouTube?
Good question! You can learn basics online, but here’s what proper Perforce System Training gives you:
Real-World Skills:
How to fix things when they break (they will!) Best practices real companies actually use How to set up workflows your team will like Time-saving tricks that take years to discover on your own Confidence in Your Skills:
There’s a big difference between “I sort of know how this works” and “I can handle any version control problem.” Training gets you to that second level.
Structured Learning:
Unlike scattered tutorials, training gives you a clear path from basics to advanced skills. Each new concept builds on what you’ve already learned.
What You’ll Actually Learn
The Basics Everyone Needs:
How to save your work so others can see it How to get the latest work from teammates How to organize different versions Simple fixes when things get confused Skills That Make You Valuable:
Handling problems when two people change the same thing Setting up smart workflows for your team Making everything run faster Keeping your work safe with security settings Connecting Perforce with other tools you use Real Practice:
Good training isn’t just watching – it’s doing. Most programs include hands-on practice with situations you’ll actually face at work.
Learning from Experience
When learning something new, who teaches you matters. Rajesh Kumar has over 20 years of experience. He’s seen and solved real problems in real companies.
His approach is practical: “Here’s how you do it, here’s why it works, and here’s what to do when things go wrong.” Students say he makes complicated topics actually make sense.
Different Ways to Learn
People learn differently. Here are your options:
How You Like to LearnTimeBest ForSelf-Paced Videos8-12 hoursBusy people who learn best aloneLive Online Classes8-12 hoursPeople who like group learningOne-on-One Training8-12 hoursThose who want personalized attentionTeam Training2-3 daysWhole teams learning together Who Needs This Training?
More people than you might think:
For Developers:
“If you work on anything bigger than a small project, this will save you hours every week.”
For Project Managers:
“Finally understand what your team is talking about in technical meetings.”
For Game Developers:
“Perforce is great for handling large image and video files that other systems struggle with.”
For Career Changers:
“This is a valuable skill that looks great on a resume.”
Real Benefits You’ll Notice
After training, you’ll see real improvements:
Less stress about losing work or breaking things More efficient workflows (less wasted time) Better teamwork (everyone’s on the same page) More confidence in job interviews and technical talks Better job opportunities (these skills are valuable) Common Questions Answered
“What if I miss a class?”
Good programs record everything so you can watch later.
“Do I need to be a coding expert?”
Not at all. Basic computer skills are enough to start.
“Will this help my career?”
Yes. Many people get raises after improving these skills.
“How do I know if training is good quality?”
Look for lots of hands-on practice, real examples, and good student reviews.
Making Your Decision
Consider these four things:
Your schedule – Be honest about your time How you learn best – Videos? Live classes? One-on-one? Your goals – Basics or expert skills? Your budget – Options exist for different budgets Good to know: Many employers will pay for this training because it makes you better at your job. It’s worth asking!
Ready to Improve Your Skills?
If you’re tired of version confusion or want to add valuable skills, Perforce System Training is a smart choice.
For comprehensive training, DevOpsSchool offers programs many professionals find helpful. They understand people learn differently and provide options that fit real schedules.
Learning from experienced practitioners like Rajesh Kumar makes a difference. There’s value in learning from someone who’s solved real problems for decades.
Next Steps
Think about your biggest challenges with team work or file management Consider what success looks like for you Ask questions – Good programs will answer them Check schedules – Find timing that works for you Questions? Let’s Talk
Have questions about whether Perforce training is right for you? We’re here to help.
Contact:
Email: [email protected] India Phone/WhatsApp: +91 84094 92687 USA Phone/WhatsApp: +1 (469) 756-6329 Website: DevOpsSchool Good training makes you better at your job. That’s an investment that pays off every workday.

View the full article
reporter

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID "466192044." Unlike other disclosures, Google has opted to keep information about the CVE identifier, the affected component, andView the full article
reporter

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID "466192044." Unlike other disclosures, Google has opted to keep information about the CVE identifier, the affected component, andView the full article
Hacker News

How to justify your security investments

In modern corporate environments, investments in security technologies are no longer judged solely on technical maturity. Funding increasingly depends on the extent to which they can generate revenue, mitigate risks, and create shareholder value.
As a result, CISOs are expected to present their strategies not as mere technical upgrades, but as enablers of revenue growth. The challenge lies not only in making the right investment decisions, but also in justifying them at the board level.
CISOs often find themselves on the defensive when they present solutions before the challenge has been clearly defined. This approach creates disconnect instead of consensus. Executives want to understand what their organization can achieve with a new solution, which pitfalls can be avoided, and why cybersecurity investments cannot be postponed.
Therefore, when presenting a cybersecurity strategy, for example, zero trust, the focus of communication with the board should be on how the company’s cyber risk profile can be changed for the better.
Linking security technology with strategic priorities
To be credible in the boardroom, CISOs must define their planned expenditures in line with the company’s objectives. The board focuses on priorities such as entering new markets, improving margins, increasing resilience, and ensuring compliance. A well-thought-out proposal directly addresses these concerns.
When a security platform reduces incident response time, the result is operational stability and therefore greater resilience. When it consolidates tools, it ensures cost efficiency. When it enables secure expansion into new regions, revenue growth follows. Such a line of reasoning builds credibility and helps secure investment approvals.
The language of risks and returns
Boards of directors make decisions considering concepts such as risk and return. These include financial risks, operational risks, and reputational risks for the company. Board members assess the probability, exposure, and impact of incidents in each of these areas. Accordingly, the CISO’s role is to clarify how a proposed investment reduces vulnerabilities, limits the impact of incidents, or increases infrastructure resilience.
These discussions should outline cost models, scenarios for potential security breaches, recovery timelines after a cyberattack, and the business benefits. The goal should be to avoid downtime while speaking the language of the board of directors, without compromising technical integrity.
Consider shareholder value
The maturity level and mindsets of boards regarding cybersecurity vary considerably. Some supervisory boards react only after a major cyber incident or a failed audit. Others are much more proactive in their approach and require cybersecurity assessments as part of their market expansion or M&A activities. Still others incorporate cybersecurity into simulations and ask forward-looking questions about resilience in the face of potential attack scenarios.
Understanding this level of maturity helps in adapting the communication strategy. A reactive board may need a clear explanation of the negative consequences. An informed board is more likely to expect quantifiable results and a roadmap. The best board discussions occur when the CISO adapts to the board’s understanding of technology while carefully broadening its perspective.
Positioning operational excellence as an outcome
One of the most effective arguments in discussions with the board regarding cybersecurity is operational excellence. When companies operate in different regions and industries, they must work agilely, securely, and with control. An IT architecture should:
Address global requirements Support employees who work from anywhere Integrate third parties Meet a number of regulatory requirements Protect intellectual property Such a comprehensive set of requirements can very quickly lead to complex implementation and, consequently, inefficiencies. CISOs, with a strong technology strategy, focus on a simplified infrastructure, enabling secure global data flows and shortening time to market. This positioning elevates the discussion from system selection to a strategic level.
Focus on future risks
A board of directors is expected to focus not only on current risks but also on future scenarios. These include, for example, regulating the ethical use of AI, understanding the impact of data misuse, and preparing for the effects of quantum computing. The board will be responsible and even held liable for the secure and regulated handling of data. These are no longer abstract issues. Therefore, they should already be on the CISO’s agenda as future technological challenges.
The use of AI has increased in companies, and executives are now responsible for data usage. While quantum computing is still in its early stages, the risks this future technology poses to today’s encryption methods already make it a necessary component of any long-term planning. Many CISOs are already seizing the opportunity to raise the issue with the board and explain what measures will be necessary to protect data in the foreseeable future.
The power of numbers
The financial structure is just as important as the strategic approach. As companies continue to move from hardware-intensive architectures to cloud-native SaaS models, the economics of security are changing. Costs are shifting from capital expenditures to operating expenses. While this may initially lead to a decrease in EBITDA (Earnings Before Interest, Taxes, Depreciation, and Amortization), it also eliminates hardware replacement cycles, improves forecast accuracy, and reduces long-term total cost of ownership.
Per-user billing models for cloud services ensure predictability and greater flexibility in responding to changes. Further savings potential lies in consolidating tools onto a few platform providers. Additionally, process automation can reduce the burden on the service desk and improve productivity.
Ultimately, CISOs should demonstrate how potential investments in new technologies will improve cash flow, safeguard margins, and scale with business growth. CFOs and audit committees want to know how each proposal will impact financial results. They also want to understand what can be capitalized, what offsetting effects to expect, and how the investments will align with demand.
Conclusion
Ultimately, justifying security investments isn’t about persuasion, but about exerting influence. It’s about aligning business priorities with secure, scalable, and cost-effective solutions.
Accordingly, CISOs must present a strategy that reduces risks, improves agility, and positions the company for long-term success. When IT leadership speaks the language of added value in their solutions, their proposals no longer sound like technical requirements, but like business necessities.
View the full article
reporter

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

Huntress is warning of a new actively exploited vulnerability in Gladinet's CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations so far. "Threat actors can potentially abuse this as a way to access the web.config file, opening the door for deserialization and remote code execution," security researcher Bryan Masters said.View the full article
reporter

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

Huntress is warning of a new actively exploited vulnerability in Gladinet's CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations so far. "Threat actors can potentially abuse this as a way to access the web.config file, opening the door for deserialization and remote code execution," security researcher Bryan Masters said.View the full article
Hacker News

Mit MXDR gegen den Fachkräftemangel

G Data
IT-Sicherheit ist für Unternehmen von entscheidender Bedeutung, um die Infrastruktur vor Angriffen zu schützen und die Verfügbarkeit von Ressourcen und Daten zu gewährleisten. Der Bereich erfordet nicht nur spezielles Fachwissen, sondern vor allem Fachpersonal. IT-Sicherheitsexpertinnen und -experten sind jedoch Mangelware und eigene Mitarbeitende für diese Aufgabe zu gewinnen, ist für Firmen oft schwer. Hierdurch sind die Bedingungen für eine effektive Cyberabwehr denkbar schlecht.
So bleibt beispielsweise zu wenig Zeit für eine angemessene Risikobewertung und deren Management. Diese Versäumnisse führen schnell zu ernsten wirtschaftlichen Schäden, wenn eine Cyberattacke erfolgreich ist. Der Einsatz von Managed Extended Detection and Response (MXDR) kann Abhilfe verschaffen. Auf diese Weise erweitern IT-Verantwortliche ihr IT-Security-Team durch Expertinnen und Experten ihres Dienstleisters und nutzen ihre fachliche Expertise. Das wirkt sich positiv auf die IT-Sicherheit aus.
Rund-um-die Uhr-Schutz
Mit MXDR werden die IT-Systeme eines Unternehmens laufend überwacht. Im Fall eines Cyberangriffs erfolgt eine umgehende Reaktion, zum Beispiel die Separierung eines kompromittierten Endpoints vom Netzwerk. Hierzu greift ein Analystenteam auf eine breit gefächerte Sensorik zurück und prüft potenziell schädliche Vorgänge genauestens, um zu entscheiden, ob eine Cyberattacke vorliegt oder nicht. Auf dieser Basis erfolgt sofort eine passende Reaktion.

Hierzu sind die Experten und Expertinnen 24 Stunden täglich und sieben Tage in der Woche im Einsatz, denn Cyberkriminelle kennen kein Wochenende oder Feierabend. IT-Teams in Unternehmen können eine Rund-um-die-Uhr-Schichtabdeckung oft selbst nicht leisten, da dies viel Personal und Arbeitszeit in Anspruch nimmt. Im Regelfall sind die Mitarbeitenden durch das Tagesgeschäft bereits voll ausgelastet. So bleibt keine Zeit für IT-Sicherheit.
Ein weiteres Problem besteht darin, dass IT-Mitarbeitende in Unternehmen oft nicht über das notwendige Security-Spezialwissen verfügen. Sie sind daher nicht in der Lage, schädliche Vorgänge aufzuspüren und detailliert zu analysieren, damit die richtige Reaktion darauf erfolgt. Wird ein Angriff in seinen Anfängen nicht direkt entdeckt und beendet, hat dies weitreichende und fatale Folgen für das betroffene Unternehmen.
Daher ist es sinnvoll, auf externe Expertise zu setzen und im Zuge dessen auf eine gemanagte XDR-Lösung. Das Analystenteam ist fachlich auf dem neuesten Stand und steht in ständigem Austausch über neue Angriffsvektoren und Cybercrime-Trends mit einem internationalen Netzwerk. Von diesem Wissen und der Erfahrung profitieren Unternehmen, gerade wenn es um Handlungsempfehlungen abseits der reinen Überwachung geht. Diese häufige Komponente von Managed Extended Detection and Response sorgt in Unternehmen für weitere IT-Sicherheit.
Eine Investition in Managed Extended Detection and Response ist für eine Firma damit auch eine Investition in die eigene Sicherheit und die eigene Zukunft – ohne dass zusätzliche Fachkräfte benötigt werden. Die Analystinnen und Analysten werden Teil des IT-Teams eines Unternehmens und arbeiten für den Schutz der IT-Infrastruktur eng mit der Kernbelegschaft zusammen. Die Auswahl an unterschiedlichen Managed-XDR-Lösungen ist allerdings groß, daher sollten IT-Verantwortliche alle Angebote kritisch prüfen.
Lesetipp: Die 11 besten XDR-Tools
Checkliste für die Wahl des richtigen MXDR-Anbieters
Um den passenden Managed-XDR-Anbieter zu finden, sollten Unternehmen Folgendes beachten:
Handelt es sich um eine reine Extended-Detection-and-Response-Lösung oder eine gemanagte Variante? Wenn die Dienstleistung nicht gemanagt wird, muss das Unternehmen ein eigenes Analystenteam beschäftigen, um selbst schädliche Vorgänge zu identifizieren und sofortige Gegenmaßnahmen einzuleiten. 24/7-Service ist ein Muss: Ein Anbieter sollte eine Rund-um-die-Uhr-Dienstleistung anbieten, um Cyberangriffe jederzeit zu entdecken und zu stoppen. Ansonsten ist ein umfangreicher Schutz nicht gewährleistet. Auf die Expertise kommt es an: Der Managed-XDR-Dienstleister sollte sehr erfahren in Sachen IT-Sicherheit sein und die Lösung selbst programmiert haben. So ist sichergestellt, dass das Analystenteam Meldungen richtig versteht und angemessen darauf reagiert. Datenschutz: Es ist sehr wichtig, wo sich der Sitz des Anbieters befindet, da hiervon der geltende Datenschutz und die Gesetzgebung abhängig sind. Deutsche Dienstleister unterliegen den strengen deutschen und europäischen Datenschutzgesetzen. Sie sind außerdem dazu verpflichtet, Daten nur im Verdachtsfall einzusehen und auch nur diejenigen zu prüfen, die für die Analyse notwendig sind. Der gleiche Aspekt ist auch für den Standort der Server relevant, auf denen die Daten verarbeitet werden. Individuelle Betreuung unerlässlich: Der Dienstleister sollte einen Kundenservice haben, der immer erreichbar ist und einen Support in deutscher Sprache anbietet. Handlungsempfehlungen müssen leicht verständlich sein. Wichtig ist auch, dass Firmen die XDR-Lösung individuell für ihre IT-Systeme konfigurieren können und zum Beispiel festlegen, in welchen Fällen oder auf welchen Devices keine Response erfolgen soll. Sichere Datenübertragung: Die Kommunikation zwischen dem Agent der Managed-Extended-Detection-and-Response-Lösung (der auf den Kunden-Devices installiert ist) und der XDR-Plattform muss zwingend mehrstufig abgesichert sein. Ansonsten bietet sich Unbefugten eine Möglichkeit zum Eingreifen in die IT-Systeme des Unternehmens. Testmöglichkeit nutzen: Es ist sinnvoll, eine Managed-XDR-Lösung zunächst auf einer begrenzten Anzahl an Endpoints unter realen Bedingungen zu testen. So lässt sich prüfen, ob der Anbieter und die Dienstleistung zur individuellen IT-Infrastruktur passen. (jm) Sie möchten regelmäßig über wichtige Themen rund um Cybersicherheit informiert werden? Unser kostenloser Newsletter liefert Ihne alles, was Sie wissen müssen.
View the full article
reporter

Mit MXDR gegen den Fachkräftemangel

G Data
IT-Sicherheit ist für Unternehmen von entscheidender Bedeutung, um die Infrastruktur vor Angriffen zu schützen und die Verfügbarkeit von Ressourcen und Daten zu gewährleisten. Der Bereich erfordet nicht nur spezielles Fachwissen, sondern vor allem Fachpersonal. IT-Sicherheitsexpertinnen und -experten sind jedoch Mangelware und eigene Mitarbeitende für diese Aufgabe zu gewinnen, ist für Firmen oft schwer. Hierdurch sind die Bedingungen für eine effektive Cyberabwehr denkbar schlecht.
So bleibt beispielsweise zu wenig Zeit für eine angemessene Risikobewertung und deren Management. Diese Versäumnisse führen schnell zu ernsten wirtschaftlichen Schäden, wenn eine Cyberattacke erfolgreich ist. Der Einsatz von Managed Extended Detection and Response (MXDR) kann Abhilfe verschaffen. Auf diese Weise erweitern IT-Verantwortliche ihr IT-Security-Team durch Expertinnen und Experten ihres Dienstleisters und nutzen ihre fachliche Expertise. Das wirkt sich positiv auf die IT-Sicherheit aus.
Rund-um-die Uhr-Schutz
Mit MXDR werden die IT-Systeme eines Unternehmens laufend überwacht. Im Fall eines Cyberangriffs erfolgt eine umgehende Reaktion, zum Beispiel die Separierung eines kompromittierten Endpoints vom Netzwerk. Hierzu greift ein Analystenteam auf eine breit gefächerte Sensorik zurück und prüft potenziell schädliche Vorgänge genauestens, um zu entscheiden, ob eine Cyberattacke vorliegt oder nicht. Auf dieser Basis erfolgt sofort eine passende Reaktion.

Hierzu sind die Experten und Expertinnen 24 Stunden täglich und sieben Tage in der Woche im Einsatz, denn Cyberkriminelle kennen kein Wochenende oder Feierabend. IT-Teams in Unternehmen können eine Rund-um-die-Uhr-Schichtabdeckung oft selbst nicht leisten, da dies viel Personal und Arbeitszeit in Anspruch nimmt. Im Regelfall sind die Mitarbeitenden durch das Tagesgeschäft bereits voll ausgelastet. So bleibt keine Zeit für IT-Sicherheit.
Ein weiteres Problem besteht darin, dass IT-Mitarbeitende in Unternehmen oft nicht über das notwendige Security-Spezialwissen verfügen. Sie sind daher nicht in der Lage, schädliche Vorgänge aufzuspüren und detailliert zu analysieren, damit die richtige Reaktion darauf erfolgt. Wird ein Angriff in seinen Anfängen nicht direkt entdeckt und beendet, hat dies weitreichende und fatale Folgen für das betroffene Unternehmen.
Daher ist es sinnvoll, auf externe Expertise zu setzen und im Zuge dessen auf eine gemanagte XDR-Lösung. Das Analystenteam ist fachlich auf dem neuesten Stand und steht in ständigem Austausch über neue Angriffsvektoren und Cybercrime-Trends mit einem internationalen Netzwerk. Von diesem Wissen und der Erfahrung profitieren Unternehmen, gerade wenn es um Handlungsempfehlungen abseits der reinen Überwachung geht. Diese häufige Komponente von Managed Extended Detection and Response sorgt in Unternehmen für weitere IT-Sicherheit.
Eine Investition in Managed Extended Detection and Response ist für eine Firma damit auch eine Investition in die eigene Sicherheit und die eigene Zukunft – ohne dass zusätzliche Fachkräfte benötigt werden. Die Analystinnen und Analysten werden Teil des IT-Teams eines Unternehmens und arbeiten für den Schutz der IT-Infrastruktur eng mit der Kernbelegschaft zusammen. Die Auswahl an unterschiedlichen Managed-XDR-Lösungen ist allerdings groß, daher sollten IT-Verantwortliche alle Angebote kritisch prüfen.
Lesetipp: Die 11 besten XDR-Tools
Checkliste für die Wahl des richtigen MXDR-Anbieters
Um den passenden Managed-XDR-Anbieter zu finden, sollten Unternehmen Folgendes beachten:
Handelt es sich um eine reine Extended-Detection-and-Response-Lösung oder eine gemanagte Variante? Wenn die Dienstleistung nicht gemanagt wird, muss das Unternehmen ein eigenes Analystenteam beschäftigen, um selbst schädliche Vorgänge zu identifizieren und sofortige Gegenmaßnahmen einzuleiten. 24/7-Service ist ein Muss: Ein Anbieter sollte eine Rund-um-die-Uhr-Dienstleistung anbieten, um Cyberangriffe jederzeit zu entdecken und zu stoppen. Ansonsten ist ein umfangreicher Schutz nicht gewährleistet. Auf die Expertise kommt es an: Der Managed-XDR-Dienstleister sollte sehr erfahren in Sachen IT-Sicherheit sein und die Lösung selbst programmiert haben. So ist sichergestellt, dass das Analystenteam Meldungen richtig versteht und angemessen darauf reagiert. Datenschutz: Es ist sehr wichtig, wo sich der Sitz des Anbieters befindet, da hiervon der geltende Datenschutz und die Gesetzgebung abhängig sind. Deutsche Dienstleister unterliegen den strengen deutschen und europäischen Datenschutzgesetzen. Sie sind außerdem dazu verpflichtet, Daten nur im Verdachtsfall einzusehen und auch nur diejenigen zu prüfen, die für die Analyse notwendig sind. Der gleiche Aspekt ist auch für den Standort der Server relevant, auf denen die Daten verarbeitet werden. Individuelle Betreuung unerlässlich: Der Dienstleister sollte einen Kundenservice haben, der immer erreichbar ist und einen Support in deutscher Sprache anbietet. Handlungsempfehlungen müssen leicht verständlich sein. Wichtig ist auch, dass Firmen die XDR-Lösung individuell für ihre IT-Systeme konfigurieren können und zum Beispiel festlegen, in welchen Fällen oder auf welchen Devices keine Response erfolgen soll. Sichere Datenübertragung: Die Kommunikation zwischen dem Agent der Managed-Extended-Detection-and-Response-Lösung (der auf den Kunden-Devices installiert ist) und der XDR-Plattform muss zwingend mehrstufig abgesichert sein. Ansonsten bietet sich Unbefugten eine Möglichkeit zum Eingreifen in die IT-Systeme des Unternehmens. Testmöglichkeit nutzen: Es ist sinnvoll, eine Managed-XDR-Lösung zunächst auf einer begrenzten Anzahl an Endpoints unter realen Bedingungen zu testen. So lässt sich prüfen, ob der Anbieter und die Dienstleistung zur individuellen IT-Infrastruktur passen. (jm) Sie möchten regelmäßig über wichtige Themen rund um Cybersicherheit informiert werden? Unser kostenloser Newsletter liefert Ihne alles, was Sie wissen müssen.
View the full article
reporter

Fortinet admins urged to update software to close FortiCloud SSO holes

Admins using FortiCloud SSO (single sign on) to authenticate access to Fortinet products are urged to upgrade the software running some of the company’s gateway products as soon as possible, or risk their networks being compromised.
“Users of Fortinet appliances should, for now, disable SSO until they are able to patch the devices,” advised Johannes Ullrich, dean of research at the SANS Institute. “However, in the long run, this is not a reason to abandon SSO, and it should be re-enabled after the patch is applied.”
The holes, CVE-2025-59718 and CVE-2025-59719, are cryptographic signature vulnerabilities in the FortiOS operating system that runs Fortinet devices, as well as in the FortiWeb, FortiProxy and FortiSwitchManager products. They allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML (security assertion markup language) message, if that feature is enabled on the device. 
In an advisory, Fortinet notes that the FortiCloud SSO login feature is not enabled in default factory configurations. However, when an administrator registers the device with FortiCare product support from the device’s GUI, single sign-on login is enabled unless they turn off the setting “Allow administrative login using FortiCloud SSO” on the registration page.
Single sign-on allows users to enter one password to access many applications or services, and in this case it enables an admin to oversee several Fortinet devices. Ullrich calls it “a crucial component in providing a unified authentication and access control experience across an organization. Integrating devices like FortiNet’s offerings is important, and organizations are typically advised to enable this feature.”
Fortinet uses SAML as the underlying protocol, he explained, noting, “this is a complex protocol, and numerous implementations of it have encountered issues in the past. Just yesterday, the same day Fortinet patched its systems, Ruby released a patch for its SAML library.”
He added that SAML implementations often suffer problems due to the intricacies of XML parsing and ambiguities in interpreting the result.
To prevent being affected by this flaw, Fortinet says admins should turn off the FortiCloud SSO login feature (if enabled) until after upgrading to a non-affected version. To turn off FortiCloud login, it said, go to System -> Settings, then toggle “Allow administrative login using FortiCloud SSO” to Off. Alternatively, admins can use the command line interface and enter:
config system global
set admin-forticloud-sso-login disable
end
Affected applications should then be updated to the latest versions, and SSO re-enabled.
Robert Beggs, head of Canadian-based incident response firm DigitalDefence, said that fortunately the vulnerability was identified by FortiGuard’s internal team. “If it had been announced by a third party, then it would have been more likely a vulnerability that was being actively exploited in the wild,” he observed. “It appears that this may have been identified in time to get a warning out and minimize potential compromises.”
The fact that a pair of vulnerabilities affects a number of a manufacturer’s offerings shows the downside of having a shared code base for their products, Beggs added. While on the one hand, it allows the vendor to rapidly scale the number and functionality of products and to ensure integrated operation, on the other hand, the codebase becomes a single point of failure. These FortiGuard issues demonstrate both sides of the coin.
“The vulnerability is critical, and security teams must apply the recommended steps,” he said.
Fortinet was asked for comment, but did not respond by publication time.
View the full article
reporter

Security researchers given new boost

Computer security researchers are in the spotlight as governments look to tackle the growing threat of cybercrime.
Last week, British security minister Dan Jarvis set out a new approach to combatting computer crime, highlighting the damage that security breaches have done to the UK economy and emphasizing the importance of computer security researchers. The next day, the Portuguese parliament passed an act giving more protection to the same group.
In his speech, Jarvis explained how the UK’s 1990 Computer Misuse Act had outlived its usefulness, stating, “it can leave many cyber security experts feeling constrained in the activity that they can undertake. These researchers play an important role in increasing the resilience of UK systems, and securing them from unknown vulnerabilities. We shouldn’t be shutting these people out, we should be welcoming them and their work.”

He went on to say that the government is looking to upgrade current legislation. “We are looking at a legal change to the Computer Misuse Act. This would create a ‘statutory defense’ for these researchers to spot and share vulnerabilities, which would protect them from prosecution, as long as they meet certain safeguards.”
The Portuguese legislation also offers a degree of protection to security researchers, provided that they don’t seek to gain financial advantage and don’t breach data protection laws.
These updated approaches from the UK and Portugal are in line with other countries’ statutory protection for researchers; the Netherlands, France and Belgium have all introduced similar guidelines.
Jarvis’s proposals have been warmly received by the security industry. Charlotte Wilson, head of enterprise business, UK and Ireland at Check Point Software, said that the Computer Misuse Act was outdated and not fit for purpose. “As it stands, it treats security researchers in much the same way as cybercriminals, even when they are acting in good faith to strengthen defenses rather than undermine them,” she pointed out.
But, she added, “the solution is relatively simple: create a legal safe space that allows researchers to test systems and report vulnerabilities responsibly, without fear of prosecution. Portugal has recently taken this important step by introducing clear rules for good-faith testing and a framework for responsible disclosure. It’s a pragmatic model that recognizes the essential role researchers play in identifying and fixing security weaknesses and something the UK should seriously consider adopting.”
Wilson stressed, however, that organizations should not be entirely dependent on government action; businesses could also take steps to help researchers. “They should publish a clear vulnerability disclosure policy that outlines how researchers can safely report issues; respond swiftly to vulnerabilities and define boundaries by being transparent about what testing is permitted, how to report findings, and what the process entails.”
Her views were echoed by Dray Agha, senior manager of security operations at Huntress. “Organizations can support the process by rewarding responsible disclosure, avoiding knee-jerk legal threats, participating in community initiatives, and advocating for reforms that strike the right balance between preventing abuse and enabling legitimate research,” he said.
He added that the government should ensure that researchers are fully protected, calling for an independent oversight body to validate and support responsible research. “This could provide rapid advisory opinions, mediate disclosure disputes, and issue assurance letters so researchers are not left exposed when organizations are slow or uncooperative.”
And, he noted, companies are often slow to disclose security breaches, something which needs to change. “User organizations should be legally obliged to maintain a disclosure channel, acknowledge reports promptly, and work within a set remediation window. This lifts the burden from researchers and reduces the grey zone where they feel legally at risk,” he said.
This will be music to the ears of Dan Jarvis, who, in his speech, stressed the need for co-operation. “This work is not the responsibility of the government alone,” he said. “We need a whole of society approach. We can only create a proper deterrence through partnership, which is why the government and business are working together to improve our security. For too long, businesses and politicians have been under the misapprehension that cyber investment is a drag on growth. But this is a mistake. Cyber security keeps us safe – and is a key enabler of growth.”
Jarvis’s speech is only a precursor to any legislation, but it is clear that the UK is set to go down the path that other countries have taken, finally giving security researchers their day in the sun.
View the full article
reporter

YouTube TV Launching Cheaper Sports, News, and Entertainment Bundles in Early 2026

YouTube TV will be updated with more than 10 genre-specific television packages in 2026, YouTube announced today. The upcoming YouTube TV Plans will be more affordable than the current version of YouTube TV, which is priced at $82.99 per month.


There will be packages for sports, news, family, entertainment, and more. A YouTube Sports Plan will include top broadcast networks along with all ESPN networks and sports networks like FS1 and NBC Sports networks.

YouTube has not provided information on the pricing for each of the YouTube TV Plans, nor what specific channels will be included. YouTube TV Plans will have most of the same features as the standard YouTube TV subscription, like unlimited DVR, key plays, fantasy view, and multiview.

YouTube TV has more than 100 channels, and YouTube subscriptions VP Christian Oestlien said that the company's goal is to provide users with more control over what they want to watch. The current plan will remain available, with the added plans included as a lower-priced option.Tag: YouTube TV
This article, "YouTube TV Launching Cheaper Sports, News, and Entertainment Bundles in Early 2026" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

Hidden .NET HTTP proxy behavior can open RCE flaws in apps — a security issue Microsoft won’t fix

Researchers uncovered an unexpected behavior of HTTP client proxies when created in .NET code, potentially allowing attackers to write malicious code to arbitrary files. This in turn can open remote code execution (RCE) attack paths through web shells and malicious PowerShell scripts in many .NET applications, including commercial products.
Microsoft does not plan to fix this issue in the .NET Framework itself, saying that application developers are responsible for not passing untrusted and user-controlled URLs to the code classes that initialize HTTP client proxies.
“The impact depends on how each application uses the proxy classes, but in practice we achieved RCE in almost every product we investigated,” Piotr Bazydło, a researcher with security firm watchTowr said in a report. Bazydło also authored a technical whitepaper that he presented Wednesday at the Black Hat Europe conference.
By taking advantage of this unexpected .NET behavior, the researcher found RCE issues in Barracuda Service Center, Ivanti Endpoint Manager, Umbraco 8 CMS, Microsoft PowerShell, and Microsoft SQL Server Integration Services. However, he believes many more products and private enterprise apps are likely vulnerable.
“The most powerful exploitation path arises when applications generate HTTP client proxies from attacker-supplied WSDL files using the ServiceDescriptionImporter class,” he said. “That mechanism alone enabled successful exploitation in products from Barracuda, Ivanti, Microsoft and Umbraco, and it took only a few days of review to find working cases.”
HTTP client proxies can handle non-HTTP protocols
The .NET Framework and ASP.NET are among the most popular programming languages for enterprise applications. When a developer wants their application to communicate with an XML Web Service over HTTP they must create a proxy class that is derived from the built-in HttpWebClientProtocol class.
The Framework also provides three proxy classes — SoapHttpClientProtocol, HttpGetClientProtocol, and HttpPostClientProtocol — that enable support for SOAP, HTTP-GET, and HTTP-POST, respectively. The SoapHttpClientProtocol, which allows SOAP requests to be performed inside .NET applications, is particularly popular, because SOAP is a widely used protocol for exchanging XML-formatted messages between web services over HTTP.
Therein lies the core of the issue: As the names of these classes — and their official documentation — imply, they are meant to be used for HTTP communication. However, what Bazydło found is that passing URLs with the file:// scheme to these proxy classes will result in the FileWebRequest handler being called instead of HttpWebRequest.
“Wait, what? Why does a SOAP proxy need to be able to ‘send’ SOAP requests to a local file?” he said. “Nobody on this planet expects to receive a valid SOAP response from the filesystem.”
Because there is no mention in the documentation that these classes also work with the FILE or FTP protocol schemes, and there’s no reasonable expectation that they would, many developers are likely not aware of this behavior and have not taken additional steps to prevent this.
A path to exploitation
While this strange behavior enables exploitation, it does not guarantee it. First, an attacker would need to be able to control the URL passed to one of these classes in the application code. Although Microsoft seems to suggest this should not happen, in practice plenty of application developers expose SOAP API endpoints in their applications, sometimes without authentication.
One example found by Bazydło was in Barracuda Service Center, a popular enterprise Remote Monitoring and Management (RMM) platform. The issue, now tracked as CVE-2025-34392, was patched in hotfix 2025.1.1.
By being able to pass an arbitrary URL to a SOAP API endpoint in an affected .NET application, an attacker can trigger a leak of NTLM challenge. For example, a file:// URL pointing to a remote attacker-controlled SMB server will cause the system to send its NTLM credentials in encrypted form to that server. The attacker can then either attempt to crack them or use them in an NTLM relay attack.
To cause a more powerful local arbitrary file write, however, the attacker needs to be able to also control the arguments sent to the SOAP method, which will mean arbitrary strings can be inserted inside the XML output written to the controlled path on disk. Controlling this will often be enough to write a web shell in CSHTML (server-side templates) format on the server hosting the vulnerable app.
But it doesn’t stop here. Another way to exploit this is through Web Services Description Language (WSDL) imports. WSDL is an XML-based language web services use to provide information about their features and available interfaces. A service can provide a WSDL file to a client application, which then parses it to automatically build valid SOAP requests to the service.
Generating client SOAP proxies from WSDL imports is a fairly common functionality in .NET applications, and this is achieved by parsing WSDL files using the ServiceDescriptionImporter class. As Bazydło found, ServiceDescriptionImporter does not validate that the service definition in the WSDL file is HTTP or HTTPS.
“To summarize, WSDL imports create a very powerful exploitation path for the invalid cast issue in HttpWebClientProtocol,” he said. “If an attacker controls the imported WSDL, they also control: The target URL, which allows the proxy to interact with the filesystem; the SOAP method names; the names and types of method arguments.”
This was the case for the Barracuda Service Center vulnerability, but also for Umbraco 8 CMS — one of the most popular content management systems written in .NET — and Ivanti EPM. Umbraco 8 reached end-of-life in February so no longer receives security patches.
“At a high level, the story is simple,” the watchTowr researcher said. “The .NET Framework allows its HTTP client proxies to be tricked into interacting with the filesystem. With the right conditions, they will happily write SOAP requests into local paths instead of sending them over HTTP. In the best case, this results in NTLM relaying or challenge capture. In the worst case, it becomes remote code execution through webshell uploads or PowerShell script drops.”
View the full article
reporter

Mophie Releases New GaN-Powered Speedport USB-C Wall Chargers

Mophie today announced the launch of a new line of Speedport wall chargers that are powered by Gallium Nitride (GaN) for faster, more efficient power delivery.


There are several charger options with single, dual, and triple ports for powering laptops, tablets, smartphones, and more. Prices range from $15 to $100.

Speedport 20 ($14.95) - 20W with one USB-C port.
Speedport 35 ($24.95) - 35W with one USB-C port.
Speedport 45 ($39.95) - 45W with two USB-C ports.
Speedport Plus 67 ($59.95) - 67W with two USB-C ports and a built-in retractable 60W USB-C cable for charging up to three devices at once.
Speedport 70 ($49.95) - 70W with two USB-C ports.
Speedport 100 ($79.95) - 100W with two USB-C ports. 
Speedport 140 ($99.95) - 140W with three USB-C ports.

All of the Speedport chargers feature a similar design, adopting plastics made from 75 percent post-consumer recycled materials and foldable prongs for travel.

With the exception of the Speedport 67 with integrated cable, all of the new chargers are available for purchase from the Mophie website as of today.Tag: Mophie
This article, "Mophie Releases New GaN-Powered Speedport USB-C Wall Chargers" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

Apple Music and Apple TV Experiencing Outage

Apple Music and Apple TV are experiencing an outage that could be causing issues for some users, according to Apple's System Status page.


The outage started at 2:53 p.m. Eastern Time, and it is impacting ‌Apple Music‌, ‌Apple TV‌, and ‌Apple TV‌ Channels. Apple says that some users may run into intermittent problems, though specifics have not been provided. There don't appear to be a large number of complaints about the services on social media at this time.

We'll update this article when Apple's services are back up and running.
This article, "Apple Music and Apple TV Experiencing Outage" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

iPad 12 Rumored to Get iPhone 17's A19 Chip, Breaking Apple Tradition

The next-generation low-cost iPad will use Apple's A19 chip, according to a report from Macworld. Macworld claims to have seen an "internal Apple code document" with information about the 2026 ‌iPad‌ lineup.


Prior documentation discovered by MacRumors suggested that the ‌iPad‌ 12 would be equipped with an A18 chip, not an A19 chip. The A19 chip was just released this year in the iPhone 17, and it would be unusual for Apple to use a current-generation chip in the low-cost ‌iPad‌ due to cost.

Apple's most affordable ‌iPad‌ has not had a current-generation chip since the ‌iPad‌ 4, which is back when Apple was still designing AX chips for its tablet lineup. The ‌iPad‌ 5 that came out in 2017 used the A9 chip that was originally introduced in the 2015 iPhone 6s, and since then, the ‌iPad‌ has been equipped with an A-series chip that's a generation or two behind the chip in the most recently released ‌iPhone‌.

The current ‌iPad‌ 11 that was released in March 2025 uses the A16 chip that first debuted in the ‌iPhone‌ 14 in 2022, for example. The ‌iPad‌ 10 (October 2022) used the A14 (September 2020), the ‌iPad‌ 9 (September 2021) used the A13 (September 2019), and the ‌iPad‌ 8 (September 2020) used the A12 (September 2018). A 2024 A18 chip for the 2026 ‌iPad‌ would be in line with prior launches.

The model numbers listed in Macworld's report are also unusual. It says that J581 and J588 are the codenames for the upcoming 12th-generation ‌iPad‌, but codenames are typically sequential. Codenames are how Apple references unreleased devices in its software. In prior code leaks, J581 and J582 appeared to reference the low-cost ‌iPad‌ 12.

Prior leaks have suggested that the iPad mini will use the A19 chip, but the ‌iPad mini‌ was previously referenced in Apple code as J510 and J511. Apple sometimes changes its plans and makes updates to unreleased devices, so the A19 chip for the ‌iPad‌ can't be ruled out entirely.

It is not yet clear if Macworld is correct about the A19 chip for the ‌iPad‌ given previous information, but other parts of the report seem more in line with expectations. Macworld suggests the next-generation iPad Air will use an M4 chip, and that both the upcoming ‌iPad‌ and ‌iPad Air‌ will be equipped with Apple's N1 networking chip.

The ‌iPad Air‌ typically gets an M-series chip that's a generation behind the chip in the iPad Pro, and since it's been updated to the M5, the M4 makes sense for the next ‌iPad Air‌. Apple has also been adding the new N1 networking chip to newly released devices, starting with this year's iPhones. The N1 chip is an Apple-designed Bluetooth and Wi-Fi chip that's more energy efficient than chips designed by third-party companies.

Apple is expected to release the new ‌iPad Air‌ and ‌iPad‌ models early in 2026.Related Roundup: iPadBuyer's Guide: iPad (Neutral)Related Forum: iPad
This article, "iPad 12 Rumored to Get iPhone 17's A19 Chip, Breaking Apple Tradition" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware families, according to new findings from Huntress. This includes a Linux backdoor called PeerBlight, a reverse proxy tunnel named CowTunnel, and a Go-basedView the full article
Hacker News

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware families, according to new findings from Huntress. This includes a Linux backdoor called PeerBlight, a reverse proxy tunnel named CowTunnel, and a Go-basedView the full article
reporter

Most Downloaded iPhone Apps of 2025: ChatGPT, Threads, and Google

Apple today shared a list of the most downloaded U.S. App Store apps and games in 2025, highlighting the top free and paid iPhone and iPad titles.


ChatGPT was the number one free app that ‌iPhone‌ users downloaded in 2025, followed by Threads, Google, TikTok, and WhatsApp. Google Gemini was the only other chatbot app to make the list, coming in at number 10. Top paid ‌iPhone‌ apps included HotSchedules, Shadowrocket, and Procreate Pocket.

Top free iPhone games included Block Blast, Fortnite, and Roblox, while Minecraft, Balatro, and Heads Up were among the top paid ‌iPhone‌ games.

YouTube was the number one free ‌iPad‌ app downloaded in 2025, followed by ChatGPT, Netflix, Disney+, and Amazon Prime Video. Procreate, Procreate Dreams, forScore, ToonSquid, and Nomad Sculpt were the top paid ‌iPad‌ apps.

Roblox, Block Blast, and Fortnite were the top free ‌iPad‌ games, with Minecraft, Geometry Dash, and Stardew Valley taking the top three spots on the paid ‌iPad‌ game list.

Apple also included the most downloaded Apple Arcade games. NFL Retro Bowl '26, NBA 2K25 Arcade Edition, and Balatro+ were at the top of the list.

Apple's full list of top downloaded apps and games across 2025 can be found in the ‌App Store‌.Tag: App Store
This article, "Most Downloaded iPhone Apps of 2025: ChatGPT, Threads, and Google" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has codenamed the "invalid cast vulnerability" SOAPwn, said the issue impacts Barracuda Service Center RMM, Ivanti Endpoint Manager (EPM), and Umbraco 8. But the number of affected vendors is likely to beView the full article
Hacker News

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has codenamed the "invalid cast vulnerability" SOAPwn, said the issue impacts Barracuda Service Center RMM, Ivanti Endpoint Manager (EPM), and Umbraco 8. But the number of affected vendors is likely to beView the full article
reporter

Tim Cook Goes to Washington to Fight App Store Age Verification Legislation

Apple CEO Tim Cook was in Washington, D.C. today to meet with US lawmakers about the upcoming App Store Accountability Act, reports Bloomberg. The App Store Accountability Act would require Apple to verify a person's age when an Apple Account is created using a "commercially available method or process," and get parental consent for each app that a child under 16 downloads.


Apple is against the ‌App Store‌ Accountability Act because it does not want to be legally responsible for verifying user age, obtaining parental consent, or ensuring that developers follow the rules, nor does it want to collect the required documentation. It is Apple's opinion that age verification should be the responsibility of app creators.

Cook pushed lawmakers not to require app store platforms to collect data for age verification purposes, instead suggesting that parents should be providing the age of a child when creating a child's account (which is how account creation works now).

To head off legislation, Apple has introduced new age assurance features, such as simpler tools for parents to oversee children's Apple accounts, new age categories for app content, and the Declared Age Range API that provides developers with a privacy-forward way to ensure kids aren't exposed to in-app content meant for adults.

Apple has argued that it already has extensive parental controls with Screen Time, and that the legislation would require it to collect excessive amounts of information from all users just to verify the age of children. Apple says that it could be required to collect data like a driver's license, passport, or Social Security number, which is "not in the interest of user safety or privacy."

The House Energy and Commerce Committee will consider the bill on Thursday morning.

Texas recently passed a similar bill, SB2420. Starting on January 1, 2026, Apple users located in Texas will need to confirm whether they are 18 years or older when creating an Apple Account. Apple will need to verify age and parental identity, and the ‌App Store‌ will need to provide additional information to parents.Tags: App Store, Tim Cook
This article, "Tim Cook Goes to Washington to Fight App Store Age Verification Legislation" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

Apple Pay Promo Offers 30% Off Mattel Toys

Apple has teamed up with Mattel for a 30 percent discount on Mattel toys when using Apple Pay to check out on the Mattel website. The discount is available for Barbie, Hot Wheels, Masters of the Universe, and other Mattel branded toys.


The ‌Apple Pay‌ deal is available from December 8 to December 14 at 11:59 p.m. Pacific Time. To get the discount, users will need to use ‌Apple Pay‌ for their purchase on the Mattel website, and enter the promo code APPLEPAY at checkout.

The deal excludes shipping and handling, gift cards, taxes, and Mattel Creations Memberships. There are no minimum or maximum purchase limits listed, so the deal should apply to all purchases made on the website through December 14.Tag: Apple Pay Promo
This article, "Apple Pay Promo Offers 30% Off Mattel Toys" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

Google is testing AI-powered article overviews on select publications’ Google News pages

Google is testing AI-powered article overviews on participating publications’ Google News pages as part of a new pilot program, the search giant announced on Wednesday. News publishers participating in the pilot program include Der Spiegel, El País, Folha, Infobae, Kompas, The Guardian, The Times of India, The Washington Examiner, and The Washington Post, among others. […]View the full article
reporter

Apple Unveils New Stores in India and China

Apple today unveiled its fifth retail store in India, at the DLF Mall in Noida. The store opens to customers this Thursday, December 11, at 1 p.m. local time.

Apple Noida
The store features familiar amenities, including an Apple Pickup station for in-store pickup of online orders, and a Genius Bar for tech support and repairs.


Apple operates four other stores in India:
Apple Saket in New Delhi
Apple BKC in Mumbai
Apple Koregaon Park in Pune
Apple Hebbal in Bengaluru
In addition, the Apple Store app launched in India earlier this year.

Earlier this month, Apple opened a new store in China, at the Livat Centre in Beijing. This store also has an Apple Pickup station and a Genius Bar, plus a dedicated seating area where customers can demo the Apple Vision Pro.

Apple Livat Beijing
Apple remains committed to expanding its retail presence in international markets, such as China, India, Saudi Arabia, and the United Arab Emirates.Tag: Apple Store
This article, "Apple Unveils New Stores in India and China" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

Amazon Takes $50 Off Apple Watch SE 3, Starting at $199

Amazon this week has the Apple Watch SE 3 on sale at all-time low prices, starting at $199.00 for the 40mm GPS model. These prices are matching the Black Friday discounts we tracked last month, and they are some of the few sales that have consistently stuck around since that event ended.

Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

You can also get the 44mm GPS Apple Watch SE 3 on sale for $229.00, down from $279.00. Both models are available in Midnight and Starlight Aluminum options, with multiple sizes on sale as well. As of writing, all models can be delivered in time for the Christmas holiday.

$50 OFF40mm GPS Apple Watch SE 3 for $199.00
$50 OFF44mm GPS Apple Watch SE 3 for $229.00

In addition to the Apple Watch SE 3 discounts, Amazon has $100 off the Apple Watch Series 11 right now, which are new record low prices on the wearables. If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find this holiday season? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Amazon Takes $50 Off Apple Watch SE 3, Starting at $199" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

How can staff+ security engineers force-multiply their impact?

Staff+ engineers play a critical role in designing, scaling and influencing the security posture of an organization. Their key areas of expertise include developing security strategy and governance, incident response leadership, automation, compliance/risk management and cross-org collaboration to shape security culture. Together, these capabilities are essential to enhance application security and the effectiveness of their organizations.
However, in our experience, we have seen that many staff+ security engineers face scaling challenges. Instead of leveraging their expertise to drive broad, cross-stack impact, they tend to concentrate on specific incidents or focus areas, which limits their ability to extend their influence and strategic reach. Such a scaling problem has consequences on the organization and its personal goals. 
Also, leadership considers staff+ engineers as trusted advisors, helping them make high-judgment decisions. However, when engineers tend to get stuck on specific tactical incidents or solutions, leaders are left without their strategic insights. Conversely, staff+ engineers who are too busy in the weeds, miss to proactively look out for their “leaders’ problems.” Leaders perceive these engineers as too busy and hesitate to increase their scope and loop them in broader discussions, which ultimately leads to missed opportunities for the staff+ security engineers. 
There are plenty of practices that staff+ engineers can adopt to enable them to scale and force-multiply their impact across their organization. Remember, you, as a staff+ security engineer, are ultimately an enabler, not a bottleneck!
Practical ideas to help you scale
One of the most common ideas in people management, “scaling through others,” is well-applicable to staff+ security engineers. It basically means amplifying your impact not by doing more work yourself, but by enabling many others to work more effectively and productively with your influence. In other words, you’ll not do best by being a hero, but by creating “mini you’s” across the organization. When applied with discipline, scaling through others’ work well in practical settings. Here are some ideas you can consider: 
Create mechanisms that allow you to scale
Mechanisms enforce or reinforce a behavior automatically. Also, they are not one-size-fits-all, but with some trial and error, we have observed that strong mechanisms consistently support desired behavior. For example, a policy-as-code framework integrated into CI/CD pipelines automatically enforces security and compliance policies, reducing manual checks and human error. While this is an example of a technical mechanism (which we will talk more about in the next section), mechanisms can also be people-oriented, say, mentorship programs or mentorship trees.
Determine where to dive deeper and where to delegate
Being an expert in the area, staff+ engineers can pretty much dive in anywhere from critical incidents to strategic initiatives. They may be drawn in by urgent team needs, their own curiosity or something else. But it is crucial for them to carefully evaluate where to make and avoid costly commitments. Asking a set of targeted questions can provide valuable insight: “What is the potential impact on security posture or risk to the organization?”; “Is there an established process or tooling (‘paved path’) to address this?”; and “Is this a one-time incident or a recurring security challenge that requires a scalable, strategic solution?” Often, true learning comes from failure. If the risk is manageable, allow others to step up and learn from their own failures.
Create a trusted group
To scale through others, you will need a group to rely on. Some organizations solve this problem via job levels, where staff+ engineer roles are defined to scale through other roles like senior security engineers. In other cases, you might need to define your selection criteria and training path. Just creating this group is not enough; an action plan and thorough execution are critical. In practice, such working groups run brown-bag sessions, create mentorship and recognition programs and discuss/review solutions that help lift the organization’s security KPIs. Additionally, mentorship sessions and office hours from staff+ engineers help build working relationships that last.
Employ non-security engineers to the cause
Involving application engineers in the security cause is an often-overlooked “hack” that works well in industrial settings. This “shift-left” approach involves embedding security practices directly into the software development pipeline, enabling development teams to take ownership of security controls and assessments early in the lifecycle. Programs such as security champions or security reviewers empower application engineers to integrate standard security and compliance practices as part of their regular workflows, reducing bottlenecks and fostering a security-first mindset. Staff+ security engineers should look for opportunities to drive the creation of these programs, enable cross-functional collaboration and scale through application engineers to increase their impact. 
Eliminate anti-patterns
Lastly, we would recommend staff+ security engineers to inspect and eliminate anti-patterns in their (and peer) organizations. These anti-patterns work against scaling and make them and their organizations bottlenecks, instead of enablers. One example we have commonly seen is when security engineers act as permanent gatekeepers. This “block by default” approach is expensive and needs significant time investment for staff+ engineers and slows down business. Similarly, policies without exceptions are a time drain for both security and application teams. We highly recommend staff+ security engineers to proactively identify such patterns and replace them with mechanisms.
Technical mechanisms to consider
To effectively scale their impact, staff+ security engineers should champion a comprehensive technical approach that integrates secure practices into every layer of the organization, technology and culture. This ultimately acts as a mechanism or guardrails for their organizations, ensuring their guidance is automatically enforced and allowing them time for strategic influence. Key elements include:
Incorporate focused action areas in the organization-wide security strategy: While staff+ security engineers are responsible for developing a clear, actionable security strategy, we recommend they encompass policy-as-code enforcement, risk gates and continuous monitoring. Leverage the trusted group to assign ownership by appointing area leaders who drive accountability and progress within their domains. Review their findings and tune the strategy periodically. This helps staff+ engineers avoid the need to inspect every aspect of a large organization’s security strategy. Adopt reference architectures and secure-by-default reusable modules: We recommend staff+ security engineers to build and provide trusted, opinionated blueprints, golden images, baseline policies and reusable components that make secure design the path of least resistance for development teams. Building such “paved paths” enables seamless and secure development for teams without developer whiplash. Finally, using trusted groups to drive adoption, they can effectively influence teams’ technical direction. Shift-left security practices: Briefly discussed before, integrating security early in the development lifecycle is the central theme of modern-day DevSecOps practices. Embedding automated controls, threat modeling and validation tools into pull requests, CI/CD pipelines and infrastructure-as-code (IaC) plans enables developers to catch and fix issues before deployment without workflow disruption. Consequently, this allows staff+ engineers (and their organizations) to reduce security bugs that reach production. Leverage AI-driven scanning tools and automation cautiously: The rapid development of GenAI has unlocked significant capabilities in security tooling. AI tools are now available that strengthen security practices through adaptive learning, risk prioritization and context-aware detection. Staff+ security engineers should champion the adoption of these tools to enhance vulnerability detection and streamline workflows. Supplementing these tools with expert reviews helps mitigate false positives and assess the impact of security vulnerabilities effectively. Guardrails over Gates: We recommend staff+ security engineers to build checks that enforce blocking only on high confidence and high impact security signals, while warning or logging lower risk issues to maintain velocity. Using compensating controls like monitoring, automated remediation and risk scoring to manage risks without blocking progress. The overall guiding principle we recommend for all staff+ security engineers is to make the secure way the easiest and most intuitive path for all engineers; this helps security to scale sustainably alongside business growth. We believe this guiding principle, along with the above technical framework, enables staff+ security engineers to force-multiply their impact by embedding robust security foundations, fostering a culture of shared ownership and automating enforcement. The result is a resilient, scalable and developer-friendly security posture.
Incident influence
So, how can staff+ security engineers force-multiply their impact during active security incidents? The most critical tool that the engineer has in such a scenario is their mindset: “You’re the stabilizer, not the savior.” Take the role of an orchestrator: If you get too deep into the logs, other areas that need support will suffer. Look to assign tactical work to different individual contributors and focus on leading the incident, coordinating across roles and managing leadership communications. 
Next, it is critical to identify inflection points. You will be expected to make high-velocity, high-judgement decisions that decide the course of incident management. Determine thresholds beyond which upper leadership involvement or additional support is essential. Utilize the inflection points to guide you when to move from containment to recovery to retrospective. Once the situation is in control, switch to an influencer role and scale through others, in line with your standard engagement mechanisms.
Act as a bridge between leadership and teams
Lastly, note that you are a link between management/leadership and engineers on the ground. Managers may not fully understand the details of execution or delays in identifying/remediating vulnerabilities in the software. Teams will rely on you to identify and bridge process gaps or represent them to leadership for decision-making. For example, in our case, our team was hesitating to adopt a powerful static analysis tool. While the team identified it as a critical need, it had high licensing costs, leading to multiple back-and-forth discussions. When our principal staff engineer learned about it, she promptly created a one-page document with the pros and cons and aligned leaders on funding it due to the high return-on-investment. She resolved a two-week team debate and analysis in just one afternoon. 
Conversely, you are also the leadership’s representative on the ground, shepherding the team along the leadership’s direction. Consider influencing the teams in building and reviewing deep visibility dashboards that accurately capture key security insights. This provides leaders with a strong feedback loop and real-time visibility on the consequences of their decisions.
Final thoughts
The journey of a staff+ security engineer is about transitioning from individual contributions to a force multiplier. This is especially important as AI and automation redefine scale; the leaders who design for empowerment will define the next era of cybersecurity engineering. 

This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
reporter

Check Out These Fun New Apple Cash Stickers in the Messages App

Apple today updated its Apple Cash feature to introduce a set of stickers that can be used in the Messages app. The stickers are Apple Cash themed, featuring emoji that you might want to use when sending or receiving a payment.


Each sticker is animated, and has an iridescent texture that gives a glinting effect as the sticker moves.

The Apple Cash stickers are rolling out to users starting today. You can find them by opening up the Messages app and selecting a conversation, then tapping on the "+" button next to the text bar. From there, tap on the "Stickers" option and swipe over to Apple Cash.






Apple Cash stickers will show up in the Messages Sticker list automatically, and there is no option to download them from the Sticker App Store. The stickers also aren't able to be removed, because Apple Cash is not an app that can be uninstalled. Tags: Apple Cash, Messages
This article, "Check Out These Fun New Apple Cash Stickers in the Messages App" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

Hundreds of Ivanti EPM systems exposed online as critical flaw patched

Ivanti has patched a critical vulnerability in Endpoint Manager that enables attackers to hijack administrator sessions without authentication and potentially control thousands of enterprise devices.
The company released EPM version 2024 SU4 SR1 to address four vulnerabilities, including the critical flaw tracked as CVE-2025-10573, which carries a CVSS score of 9.6. Three additional high-severity flaws could also enable code execution but require user interaction, Ivanti said in its December security advisory on Tuesday.
Ivanti said the vulnerabilities were reported through its responsible disclosure program, adding that it was not aware of any customer systems being exploited at the time of disclosure.
EPM has been targeted before. In March, CISA added three EPM vulnerabilities to its Known Exploited Vulnerabilities catalog after confirming exploitation in the wild. The flaws had been patched in January after being reported privately to Ivanti.
Given EPM’s history of being targeted by attackers and the severity of the flaw, security teams should treat this as a patch-immediately situation rather than a routine update.
The December update also fixed CVE-2025-13659 and CVE-2025-13662, which allow attackers to execute arbitrary code when users connect to an untrusted core server or import untrusted configuration files. Another enables unauthorized file writes on the server.
Unauthenticated attack vector
The most severe vulnerability is a stored cross-site scripting flaw discovered by Ryan Emmons, staff security researcher at Rapid7, who reported it to Ivanti in August.
According to Rapid7’s technical disclosure, also published Tuesday, attackers can submit malicious device scan data to EPM’s incoming data API without authentication, The malicious data gets processed and embedded in the EPM web dashboard, where it executes when administrators view affected pages.
“An attacker with unauthenticated access to the primary EPM web service can join fake managed endpoints to the EPM server in order to poison the administrator web dashboard with malicious JavaScript,” Emmons wrote in the report.
Once the malicious JavaScript executes, attackers gain control of the admin session with full privileges to remotely control endpoints and install software on devices.
Nick Tausek, lead security automation architect at Swimlane, warned, “Exploitation of this flaw would grant threat actors access to many managed devices at once, allowing for the execution of malicious code, deployment of ransomware, or exfiltration of sensitive data.”
The patching challenge
Despite the severity of such threats, organizations frequently struggle to address critical vulnerabilities quickly: Tausek said Swimlane research found 68% of organizations leave critical flaws unpatched for over 24 hours and 55% don’t have a comprehensive system for prioritizing vulnerabilities.
The delay is particularly risky for endpoint management systems, which run with elevated privileges and control thousands of devices. Successful exploitation could bypass security controls and allow attackers to push malware to managed endpoints, modify security configurations, or establish persistent backdoors across the enterprise.
“The potential for a serious exploitation campaign should not be overlooked,” Tausek said.
Pattern of exploitation
That concern is not theoretical. EPM’s history makes rapid patching more urgent. CISA added three EPM vulnerabilities (CVE-2024-13159, CVE-2024-13160, and CVE-2024-13161) to its Known Exploited Vulnerabilities catalog in March after confirming active exploitation. The agency flagged another exploited EPM flaw (CVE-2024-29824) in October.
The repeated targeting demonstrates EPM’s value to attackers seeking persistent network access and lateral movement capabilities. Once attackers compromise endpoint management infrastructure, they can spread across the enterprise rapidly.
Deployment guidance
The patch is available through the Ivanti License System and applies to EPM versions 2024 SU4 and earlier. Organizations running the 2022 branch should note that it reaches end of life in October 2025 and will no longer receive security updates after that date, the  Ivanti advisory added.
Security teams should prioritize updating EPM instances to version 2024 SU4 SR1 immediately, particularly any installations accessible from untrusted networks. Organizations with internet-facing EPM instances face the highest risk and should patch within 24 hours.
For organizations that can’t patch immediately, the advisory recommended ensuring EPM management interfaces aren’t exposed to the public internet and implementing strict network segmentation to isolate management servers from untrusted networks.
Tausek also recommended training administrators to recognize social engineering attacks, since the critical XSS vulnerability requires viewing a poisoned dashboard page to trigger.
“Since EPMs often run with high privileges, any misuse of it risks bypassing security controls and rapidly escalating the impact of a breach,” Tausek added.
View the full article
reporter

Behind the breaches: Case studies that reveal adversary motives and modus operandi

In today’s threat landscape, it’s no longer enough to focus solely on malware signatures and IP addresses. Defenders must understand how adversaries think, organize and operate, because attacker intent and methodology are now just as critical as technical artifacts. Recent developments have provided rare visibility into the internal processes of modern threat groups, how they coordinate, communicate, exploit vulnerabilities and adapt their tooling in real time. This kind of behind-the-scenes insight is becoming indispensable as cyber threats grow more sophisticated, more specialized and more tightly aligned with financial or strategic objectives. 
We’ve analyzed a series of recent real-world incidents to better understand evolving threat actor behavior. Let’s take a closer look at what these cases reveal.
The BlackBasta chat leak
BlackBasta is often viewed as a tightly run ransomware operation, but internal leaks tell a very different story. The BlackBasta chat leak exposes the group’s behind-the-scenes reality, revealing not a polished, corporate-style criminal enterprise but a fragmented ecosystem marked by hierarchy issues, operational stress, shifting loyalties and deep-seated mistrust among members.
At the top of the structure sits Oleg (aka Tramp), acting as the de facto operations director. The chats depict him as the ultimate decision-maker on campaigns, revenue distribution and targeting rules, including strategic exclusions such as avoiding Russian financial institutions. His leadership, however, is portrayed as opaque and self-interested, with several members openly questioning whether their earnings and workloads reflect fair compensation.
Bio functions as the operation’s central technical architect, managing everything from infrastructure stability to access orchestration. His background under the alias “Pumba” in the Conti collective reinforces the well-known pattern of talent migrating across ransomware-as-a-service ecosystems. Despite his skill set, the chats show Bio repeatedly expressing paranoia about state surveillance, especially following his release from detention, underscoring the constant psychological pressure faced by operators.
Lara handles administrative tasks under heavy workload and stress, reportedly receiving less compensation than others despite being central to operations.
The presence of actors like Cortes, with ties to Qakbot, demonstrates how ransomware crews frequently outsource expertise, rely on external access brokers or pull in operators with malware-specific experience as needed. This kind of crossover, visible only when internal dialogues spill out, shows how interconnected the cybercriminal ecosystem truly is.
The chats further reveal operational inefficiencies that contradict the polished image these groups try to project. Members complain about slow decision-making, unclear leadership directives and disorganized workflows. Disputes over profit sharing, workload assignment and campaign prioritization point toward a group struggling to maintain cohesion. Even discussions around infrastructure updates, task delegation and encryption deployments show signs of technical debt and inconsistent coordination.
Ultimately, the BlackBasta chat leak demystifies the myth of ransomware groups as disciplined, unified machines. Instead, it exposes a loose federation of operators bound together by profit but pulled apart by mistrust, emotional strain, resource imbalance and competing for personal agendas. For defenders, these insights offer not only a rare psychological snapshot of threat actor behavior but also a reminder that even the most feared cybercriminal groups are vulnerable to the same organizational weaknesses that plague legitimate enterprises.
The dual life of EncryptHub
What if the same threat actor breaching networks turned around and got a “Thank-you” note for reporting the flaws they once exploited? In a curious twist, Microsoft credited “EncryptHub“, a persona long tied to malware campaigns, credential theft and access brokering, for responsibly disclosing two Windows vulnerabilities in March 2025. Better known by aliases like SkorikARI and LARVA-208, this actor demonstrates a striking contradiction: simultaneously engaging in cybercrime while positioning themselves as a security researcher. When adversaries start submitting bug reports, the boundary between black-hat activity and legitimate vulnerability disclosure becomes increasingly blurred.
Both vulnerabilities patched in Microsoft’s March Patch Tuesday were attributed to an individual with a documented history of malicious operations, including distributing malware through spoofed WinRAR websites and compromising hundreds of high-value targets across Europe and Asia. Unlike hierarchical ransomware groups, EncryptHub functions as a solo operator, shifting fluidly between freelance development, ad-hoc bug bounty submissions and illicit intrusion campaigns. Reports also indicate the use of ChatGPT to automate code generation, reconnaissance scripting and communication, reducing workload while enabling faster operational tempo.
This case highlights a growing trend in the threat landscape: actors who no longer fit into fixed categories. Instead of being exclusively criminal or exclusively “researcher,” many now oscillate between both based on financial incentives, operational pressure and perceived risk. The acknowledgment from Microsoft underscores the uncomfortable reality that modern threat actors are increasingly hybrid strategic, opportunistic and adaptive. Understanding this duality is essential for evaluating their psychology, long-term intent and the evolving gray zone where legitimate security research and cybercrime increasingly intersect.
BlackLock’s open recruitment tactics
What happens when ransomware operators start posting job ads? BlackLock’s recent recruitment campaigns reveal an increasingly brazen and industrialized cybercrime ecosystem, one where threat actors no longer rely solely on stealth but openly solicit personnel to scale their operations. The group has been aggressively searching for “traffers,” a role dedicated to funneling compromised traffic and delivering ready-to-exploit victims. These recruitment efforts, found across Russian-language underground forums such as RAMP as well as gated Telegram channels, highlight a maturing supply-chain model in ransomware operations.
This traffer-driven workflow is designed to offload the riskiest phase of the attack chain – initial access to external contractors. By outsourcing victim acquisition, BlackLock minimizes its operational exposure while ensuring a consistent inflow of compromised endpoints, credentials and exploitable network footholds. The model mirrors legitimate gig-economy structures but operates with criminal specialization, where traffers focus exclusively on harvesting access through phishing, malware loaders or traffic distribution systems, while the core BlackLock operators handle encryption, negotiation mechanics and monetization.
This level of open recruitment signals growing confidence within the ransomware underground. It further reflects the shift toward modular cybercrime-as-a-service ecosystems, where roles are distributed, attack components are interchangeable and entry barriers for aspiring threat actors continue to fall. Understanding this recruitment strategy is crucial, as the traffer economy significantly accelerates ransomware proliferation and underscores how deeply commoditized initial access has become.
Understanding, foresight, anticipation
Through this analysis, we’ve explored not just isolated incidents, but the broader behavioral patterns, operational workflows and strategic decision-making that define modern threat actors. By understanding how these adversaries adapt, coordinate and exploit emerging opportunities, we gain the foresight needed to anticipate their next moves and continuously refine our defense strategies. As threat actor behaviors evolve, we’ll continue to publish deeper insights and actionable intelligence to help the cybersecurity community stay informed, resilient and one step ahead.

This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
reporter

Twelve South Introduces 20% Sitewide Discount Exclusive to MacRumors Readers

Twelve South today is kicking off a 20 percent sitewide discount that's exclusive to MacRumors readers, allowing you a chance to save on the company's most popular accessories just in time for the holidays. To get this deal, enter the code MacRumors2025 at checkout to take 20 percent off your cart.

Note: MacRumors is an affiliate partner with Twelve South. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

Our code works sitewide on Twelve South, and takes 20 percent off your entire cart, so you can purchase multiple accessories at once for more savings. Once you enter the code MacRumors2025 at checkout, you should start seeing it automatically applied as you browse Twelve South's website.

Note: Use code MacRumors2025 at checkout.
20% OFFMacRumors Exclusive Sale at Twelve South

This deal will run through Friday, December 19, so you have a little over a week to take advantage of the sale. As of today, Twelve South is still guaranteeing holiday delivery with its economy shipping option, and the cutoff for choosing the ground economy option is December 15.

Twelve South offers a large variety of accessories built for Apple products. Some of its newest accessories include the MagSafe Wallet Stand for iPhone 17, Curve Nano for iPhone, ButterFly SE 2-in-1 Qi2 Charger, and PowerBug Wall Charger. You can get 20 percent off these accessories and many more with our exclusive code.

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find this holiday season? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Twelve South Introduces 20% Sitewide Discount Exclusive to MacRumors Readers" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

Adobe Photoshop and Adobe Acrobat Features Now Available in ChatGPT

Starting today, many Adobe Photoshop, Adobe Acrobat, and Adobe Express features are available to use directly in ChatGPT, allowing you to edit photos, transform PDF documents, design event invitations, and more with conversational prompts.


After connecting the apps, you can use prompts such as "add creative effects to the background" or "create an invitation for my dance party."

Here is what you can do, according to Adobe:
Easily edit and uplevel images with Adobe Photoshop: Adjust a specific part of an image, fine-tune image settings like brightness, contrast and exposure, and apply creative effects like Glitch and Glow — all while preserving the quality of the image.Create and personalize designs with Adobe Express: Browse Adobe Express' extensive library of professional designs to find the best one for any moment, fill in the text, replace images, animate designs and iterate on edits — all directly inside the chat and without needing to switch to another app — to create standout content for any occasion.Transform and organize documents with Adobe Acrobat: Edit PDFs directly in the chat, extract text or tables, organize and merge multiple files, compress files and convert them to PDF while keeping formatting and quality intact. Acrobat for ChatGPT also enables people to easily redact sensitive details.After connecting the apps to ChatGPT in Settings → Apps & Connectors, you can find them by clicking on the plus sign next to the chat field and selecting "More." ChatGPT can also automatically surface the apps if you use a prompt such as "Adobe Photoshop, help me blur the background of this image" or "Adobe Acrobat, help me edit this PDF."



Adobe's app integrations are available to all ChatGPT users worldwide, for free, across ChatGPT.com and the ChatGPT app for the iPhone, iPad, and Mac. Adobe Express for ChatGPT is also available on Android, with support for Photoshop and Acrobat for ChatGPT on Android coming soon, according to the announcement.

If you want to use more advanced features, you an seamlessly move from ChatGPT to Adobe's standalone apps and pick up right where you left off.Tags: Adobe, ChatGPT
This article, "Adobe Photoshop and Adobe Acrobat Features Now Available in ChatGPT" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter

Apple's Pro Display XDR Is Six Years Old Today

The Pro Display XDR is six years old today, making it one of the oldest Apple products still on sale.


Released on December 10, 2019 alongside the redesigned Mac Pro, the Pro Display XDR was Apple's re-entry into the high-end external monitor market, following a three-year hiatus after discontinuing the Thunderbolt Display in 2016. The announcement came at Apple's Worldwide Developers Conference (WWDC) in June 2019, where the company presented the display as a rival to traditional reference monitors. The XDR in its name stands for "Extreme Dynamic Range," a feature that Apple emphasized as a key differentiator from other high-resolution monitors available at the time.

It features a 32-inch Retina display with a 6K resolution of 6,016 by 3,384 pixels, powered by Apple's proprietary LED backlighting system. Apple utilized blue-colored LEDs with custom lenses and reflectors to achieve a maximum brightness of up to 1,600 nits in HDR mode, while sustaining 1,000 nits across the entire screen indefinitely. This allows for what Apple describes as "stunningly accurate colors and contrast," supporting the P3 wide color gamut and delivering a claimed 1,000,000:1 contrast ratio.

The rear of the display features the same lattice pattern used on the 2019 ‌Mac Pro‌, which functions as a heatsink to aid thermal management. The display is also available with matte nano-texture glass to cut down on glare—the first Apple product it's featured on.

Upon its release, the Pro Display XDR garnered significant attention for its high price. In the United States, the display starts at $4,999, and users who opt for the adjustable Pro Stand must pay an additional $999. The Pro Stand, which is sold separately, was met with mixed reactions upon its unveiling. Apple justified the cost by highlighting the engineering involved, with the Pro Stand offering height, tilt, and rotation adjustments, as well as support for both landscape and portrait modes. A VESA mount adapter is also available for those who prefer third-party mounting solutions.

As of its sixth anniversary, the Pro Display XDR remains one of only two external monitors sold by Apple, alongside the Studio Display, which was released in March 2022. Unlike the Pro Display XDR, the Studio Display comes with an integrated A13 Bionic chip, enabling features such as Center Stage for its built-in webcam, spatial audio, and support for Siri voice commands. The Pro Display XDR, however, has no webcam or any internal Apple silicon chip.

Speculation about a second-generation Pro Display XDR has been circulating for some time. In December 2022, Bloomberg's Mark Gurman reported that Apple was working on an updated version of the display, this time with an Apple silicon chip to enhance its capabilities. In July 2023, Gurman reiterated that Apple was still developing multiple new displays. Display supply chain analyst Ross Young added that the next-generation Pro Display XDR will feature quantum dot technology, just like the MacBook Pro.

Evidence of Apple's work on new external monitors has been spotted multiple times. The third beta of macOS 26.1 suggests that the Pro Display XDR 2 will feature a built-in Center Stage camera. The A19 Pro chip is also a possibility, along with a higher refresh rate.Related Roundups: Apple Pro Display XDR, Apple Studio DisplayRelated Forum: Mac Accessories
This article, "Apple's Pro Display XDR Is Six Years Old Today" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
reporter
OHC_logo_transparent_01.jpeg flags-medium.png OHC_logo_blue_square_small.jpeg

 

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.