Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Tech

Tech Articles from a wide variety of topics and categories
An anonymous HTTP request can run code on a WordPress site. The bug is in core, so a bare install with zero plugins is exploitable. Every 6.9 and 7.0 site was in range until Friday, when WordPress shipped 6.9.5 and 7.0.2 and enabled what it calls forced updates through its auto-update system. Adam Kues at Assetnote, Searchlight Cyber's attack surface management arm, found the flaw and reportedView the full article
Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a message that never arrives. On the glibc systems Okta tested, that memory is gone until the process restarts. OpenSSL shipped the HollowByte fix in June with no CVE, no advisory, and no changelog entry pointing at it. Okta's Red Team, which reported the denial-of-service bug and named it, published theView the full article
CISOs at government organizations and universities have an unexpected ally coming to their aid: OnlyFans models.
For some time, hackers have exploited weaknesses in the websites of universities or government departments to host scams or malware, using content stolen from the OnlyFans website as bait to attract victims.
Now, according to security researchers at Upguard, the fightback has begun: creators of adult content on OnlyFans are leveraging Google search results and the protection offered by copyright law to break up the traffic distribution systems created by bad actors.
These distribution systems work in three stages: entry points using adult or other content to attract and capture web traffic, a routing system sends it to destination sites, and those sites monetize the traffic through scams and malware. It has proved to be a lucrative business for the scammers.
Google recognizes the approach and calls such actors SEO parasites as they benefit from the reputations of other organizations — in particular government or academic sites, which Google views as having high authority.
Since the creators of OnlyFans content are also the copyright holders, they are able to issue Digital Millennium Copyright Act (DMCA) take-down notices for the stolen content posted by the bad actors to other sites. Upguard was able to track this through Google’s DMCA Transparency Report, and through the Lumen Database, another tracker of takedown notices, to which it was granted research access.
“This allows us to identify likely compromised sites: government and university domains advertising unlicensed adult content,” Upguard said.
The OnlyFans creators’ action has two benefits for the operators of the affected websites: The adult content associated with their domain disappears from Google search results, no longer affecting their reputation — and if they receive takedown notices for such content they can check their webservers for the vulnerabilities that enabled the bad actors to post it there in the first place.
View the full article
After raising prices on all Macs and iPads worldwide last month, Apple has now increased the price of iPhone models in Japan.


As spotted by the Spanish blog iPhoneros, the iPhone 16, iPhone 17e, iPhone 17, iPhone Air, iPhone 17 Pro, and iPhone 17 Pro Max all received price increases on Apple's online store in Japan today. Prices increased by up to 11%.



Model
Previous Price
New Price
Increase


iPhone 17 Pro Max
¥194,800
¥214,800
10.3%


iPhone 17 Pro
¥179,800
¥194,800
8.3%


iPhone Air
¥159,800
¥177,800
11.3%


iPhone 17
¥129,800
¥142,800
10%


iPhone 17e
¥99,800
¥107,800
8%


iPhone 16
¥114,800
¥124,800
8.7%



Apple attributed the Mac and iPad price increases last month to the ongoing memory chip shortage, which has driven up chip prices. In this case, however, the increases are likely due to the Japanese yen's depreciation against the U.S. dollar over the past year.

Apple did not raise iPhone prices today in the U.S. or any other countries that we checked.

Apple also raised the prices of iCloud+ and Apple Music plans in many countries today, including Japan, so price increases are a theme this Friday.Related Roundups: iPhone 17, iPhone 17 Pro, iPhone 17e, iPhone AirTag: JapanBuyer's Guide: iPhone 17 (Neutral), iPhone 17 Pro (Caution), iPhone 17e (Neutral), iPhone Air (Neutral)Related Forum: iPhone
This article, "Apple Raises iPhone Prices in Japan" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple momentarily became the world's most valuable publicly traded company again today after its market valuation surpassed that of Nvidia, according to CNBC. However, the two companies have since traded places during today's session.

The price of Apple's stock has increased by around 20% since it closed at $275.15 on June 25, pushing the company's valuation to nearly $5 trillion. AAPL is now trading above the $332 mark on the intraday market.

Saudi Aramco technically remains the world's most valuable company, but it is often overlooked in this context because it is largely state-controlled.Tags: AAPL, Nvidia
This article, "Apple Passed Nvidia to Become World's Most Valuable Company Again" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator's own dashboard claims 3,811 unique AWS keys. A Shodan harvester keeps the scan queue stocked with ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio: the image generators, local model runners, and workflow builders that teams stand up fast and firewall late. The intel feed behind that counterView the full article
Cybersecurity researchers have attributed the April 2026 DigiCert security incident to a threat activity cluster dubbed CylindricalCanine. Expel, which shared technical details of the event, described the threat actor as a sub-group of GoldenEyeDog (aka APT-Q-27, Dragon Breath, and Miuuti Group), a Chinese cybercrime group known for its targeting of the gambling and gaming sectors usingView the full article
Apple has increased the price of iCloud+ in Nigeria, Türkiye, Vietnam, Japan, Egypt, New Zealand, the Philippines, and Indonesia, according to an updated version of its iCloud support document.


Price increases range from 11 percent to 55 percent depending on the plan and the country. Nigeria saw the biggest hike, and a 50GB plan is now ₦1,300, up from ₦900. Türkiye saw the next largest increase, with a 50GB plan priced at 49.99 TL, up from 39.99 TL.

Apple has likely adjusted pricing due to currency fluctuations. The Japanese Yen has weakened over the past year, for example, and the dollar is up almost 10 percent against the yen. The Turkish Lira has also depreciated, increasing the value of the U.S. dollar.

A full list of price changes can be found on Apple's iCloud website. U.S. pricing has not changed, nor has pricing in any other country not listed above.

All Apple Accounts receive 5GB of free ‌iCloud‌ storage. Apple's ‌iCloud‌+ plans give users extra storage, as well as perks like Hide My Email, HomeKit Secure Video, and ‌iCloud‌ Private Relay.Tag: iCloudRelated Forum: Apple Music, Apple Pay/Card, iCloud, Fitness+
This article, "Apple Raises iCloud+ Prices in 8 Countries" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple today increased the price of Apple Music and some Apple One subscription bundles. An individual ‌Apple Music‌ subscription is now $1 more expensive in the United States, going from $10.99 to $11.99 per month.


Pricing on the ‌Apple Music‌ Family plan increased by $3, increasing from $16.99 to $19.99. Student pricing is up $1, with the plan now priced at $6.99.

The price of the individual ‌Apple One‌ plan hasn't changed, but the Family and Premier plans have gone up $2. The Family plan is now $27.95 per month and the Premier plan is $39.95 per month. Apple has also raised prices in Brazil.

In a statement to Music Business Worldwide, Apple said it was raising prices due to the "result of ricing licensing costs." ‌Apple Music‌ prices were last increased in October 2022.Tag: Apple Music
This article, "Apple Music Now Costs $11.99 as Apple Increases Subscription Prices" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple is working to settle an antitrust lawsuit with the U.S. Department of Justice, reports Bloomberg. Apple has proposed several offers and is now in early settlement talks with the DOJ.


The DOJ sued Apple for antitrust violations in 2024 as part of an expansive antitrust investigation into major tech companies. The government accused Apple of getting customers "hooked" on its platform through a long-running history of anti-competitive behavior.

The lawsuit accused Apple of restricting "super apps" with broad capabilities, limiting cloud gaming, preferencing its own Messages app over third-party apps, and limiting the function of third-party digital wallets and smartwatches.

Since the lawsuit was filed in 2024, Apple policy changes have addressed many of the claims, weakening the DOJ's position.

While the talks are ongoing, Bloomberg says there's no guarantee an agreement will be reached. Apple attempted to have the lawsuit dismissed last year, but was unsuccessful. So far, no trial has been scheduled.Tags: Apple Antitrust, Apple vs. DoJ, DOJ, Apple Lawsuits
This article, "Apple and DOJ Hold Early Settlement Talks in iPhone Antitrust Case" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
For this week's giveaway, we've teamed up with Satechi to offer MacRumors readers a chance to win a MacBook Neo and a set of color-matched MacBook Neo accessories to go along with it. A second-place winner will also get a set of Satechi's new accessories.


The MacBook Neo collection includes the $45 OntheGo 5-in–1 Multiport Adapter, the $45 USB-C Snap Hub, and the $30 Slim EX Wireless Mouse. All of the accessories come in Citrus, Blush, Indigo, and Silver to match the ‌MacBook Neo‌ color options.


Satechi's OntheGo 5-in–1 Multiport Adapter plugs into the USB-C port on the ‌MacBook Neo‌ and adds five additional ports. It has two USB-C ports, a 5Gb/s USB-A port, an HDMI port that supports up to a 4K 60Hz external display, and an SD card slot. One of the USB-C ports offers 60W passthrough charging and the other supports 5Gb/s data transfer speeds.

An included magnet lets it attach to a MagSafe iPhone or to the lid of the MacBook with a 3M adhesive magnet mount ring. The matching built-in USB-C cable is braided for durability, and it rolls up into the adapter, making it a compact travel option. It measures 2.57 inches in diameter and it's 0.87 inches thick.


Satechi's USB-C Snap Hub also adds ports, but it has a different design. It plugs into both of the ‌MacBook Neo‌ USB-C ports, expanding them into six connections. There are two USB-C ports, an HDMI port that supports a 4K 60Hz display, a 5Gb/s USB-A port, an SD card slot, and a microSD card slot. One USB-C port supports 45W passthrough charging, and the other offers 5Gb/s data transfer speeds.


The hub fits flush to the side of the ‌MacBook Neo‌, and it has a dual-material design. The top is an anodized aluminum that matches the ‌MacBook Neo‌'s body, while the base is a soft-touch ABS plastic meant to match the keyboard finish.


Satechi's Slim EX Wireless Mouse completes the collection, and it's made from color-matched aluminum. The mouse supports two Bluetooth channels and a 2.4GHz wireless connection, and it is able to work across macOS, iPadOS, Windows, and Android. It features quiet click switches and a precision-machined scroll wheel, plus there is a USB-C rechargeable, user-replaceable battery for longevity.


We have a ‌MacBook Neo‌ and a Satechi accessory set to go along with it for one lucky MacRumors reader, and a second winner will get the ‌MacBook Neo‌ accessory kit. To enter to win, use the widget below and enter an email address. Email addresses will be used solely for contact purposes to reach the winner(s) and send the prize(s). You can earn additional entries by subscribing to our weekly newsletter, subscribing to our YouTube channel, following us on Twitter, following us on Instagram, following us on Threads, or visiting the MacRumors Facebook page.

Due to the complexities of international laws regarding giveaways, only U.S. residents who are 18 years or older, UK residents who are 18 years or older, and Canadian residents who have reached the age of majority in their province or territory are eligible to enter. All federal, state, provincial, and/or local taxes, fees, and surcharges are the sole responsibility of the prize winner. To offer feedback or get more information on the giveaway restrictions, please refer to our Site Feedback section, as that is where discussion of the rules will be redirected.


Satechi Giveaway
The contest will run from today (July 17) at 9:00 a.m. Pacific Time through 9:00 a.m. Pacific Time on July 24. The winner will be chosen randomly on or shortly after July 24 and will be contacted by email. The winner will have 48 hours to respond and provide a shipping address before a new winner is chosen.Related Roundup: MacBook NeoTag: GiveawayBuyer's Guide: MacBook Neo (Buy Now)Related Forum: MacBook Neo
This article, "MacRumors Giveaway: Win a MacBook Neo Plus Color-Matched Satechi Accessories" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
It is now mid-July, and that means the iPhone 18 Pro and iPhone 18 Pro Max are now just two months away. The devices are expected to look similar to the iPhone 17 Pro and iPhone 17 Pro Max, but there will still be many year-over-year changes, with rumored features including a smaller Dynamic Island, 5G via satellite, and more.


Apple is expected to unveil the iPhone 18 Pro, iPhone 18 Pro Max, and a foldable "iPhone Ultra" in the first half of September, and the devices should be released in the second half of the month. The regular iPhone 18, a lower-end iPhone 18e, and a second-generation iPhone Air will reportedly be announced around March 2027.

Below, we have recapped 12 features rumored for the iPhone 18 Pro models, as of July:Smaller Dynamic Island: It has been rumored that Face ID's flood illuminator will be moved under the screen on the iPhone 18 Pro models, paving the way for a smaller Dynamic Island on the devices.
LTPO+ Displays: The next Pro models are expected to have the same overall design as the iPhone 17 Pro models, including 6.3-inch and 6.9-inch display sizes and a "plateau" housing three rear cameras. However, the displays will reportedly use so-called LTPO+ display technology, which should contribute to longer battery life.
Variable Aperture: The main 48-megapixel Fusion camera on both iPhone 18 Pro models is rumored to have a variable aperture, which would allow users to control the amount of light that passes through the camera's lens and reaches the sensor. This would provide greater control over depth of field. However, given that iPhones have smaller image sensors due to smartphone size constraints, it is unclear exactly how meaningful this improvement would be.
A20 Pro Chip: Apple's next-generation A20 Pro chip is expected to use TSMC's first-generation 2nm process, whereas the A19 Pro chip is 3nm. With a 2nm architecture and a new packaging design, the A20 Pro chip should deliver solid year-over-year performance and power efficiency gains.
C2 Modem: Apple's custom C1 cellular modem for 5G and LTE debuted in the iPhone 16e last year, and that was followed by a C1X chip in the iPhone Air. Apple says the C1X modem is up to twice as fast as the C1 modem, and the most power-efficient modem in an iPhone ever. The improvements should continue with Apple's third-generation C2 modem in the iPhone 18 Pro models.
5G via Satellite: With the C2 modem, the iPhone 18 Pro models will reportedly support 5G via satellite for web browsing without Wi-Fi or cellular connectivity.
N2 Chip: Most of the iPhone 17 models and the iPhone Air are equipped with an Apple-designed N1 chip that enables Wi-Fi 7, Bluetooth 6, and Thread. Apple says the N1 chip also improves the overall performance and reliability of features like Personal Hotspot and AirDrop. iPhone 18 Pro models are expected to have Apple's next-generation N2 chip, but it is not yet known what improvements would come with this upgrade.
Dark Cherry: The special color for the iPhone 18 Pro models will reportedly be Dark Cherry, alongside Light Blue, Dark Gray, and Silver. The existing Cosmic Orange and Deep Blue colors are expected to be discontinued.
Simplified Camera Control: Apple is expected to simplify the Camera Control button on the iPhone 18 Pro models, by removing touch sensitivity and haptic feedback. The redesigned button will only have pressure sensitivity.
Redesigned Rear Ceramic Shield: The rear Ceramic Shield area for MagSafe is rumored to feature a more frosted and seamless appearance on the iPhone 18 Pro models compared to the current two-tone design.
Larger Battery (iPhone 18 Pro Max): According to alleged Chinese regulatory database filings, the iPhone 18 Pro Max will have nearly a 10% larger battery compared to the iPhone 17 Pro Max.
Thicker Design (iPhone 18 Pro Max): It has been rumored that the iPhone 18 Pro Max will be thicker than both the iPhone 17 Pro Max and the iPhone 18 Pro.Bookmark our iPhone 18 and iPhone 18 Pro roundups to stay up to date with more rumors.Related Roundup: iPhone 18 Pro
This article, "iPhone 18 Pro Launching in Two Months With These 12 New Features" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
The European Union is stepping up its actions against US tech giants under the Digital Markets Act, which is intended to ensure fair competition between digital platforms. On Thursday, the European Commission issued two rulings to limit Google’s dominance.
The Commission ordered Google to open up the Android operating system to AI assistants other than its own Gemini, ensuring that they had the same access to applications and operating system services. A second ruling ordered Google to share search data that only it is big enough to collect with other search engines.
Google has hit back at the measures, warning that they could create security issues for users. “Today’s decisions risk undermining vital privacy and security guardrails for millions of Europeans. We have repeatedly offered solutions to safeguard users while satisfying the DMA’s goals, but these rulings discount extensive evidence of user harm,” said Kent Walker, Google’s President of Global Affairs, in a company blog post.
The EU move doesn’t just cause problems for Google but for CISOs as well, warned Roman Stanek, CEO of Good Data AI. “Enterprise security has always leaned on a simple assumption, that apps are boxes, and the OS decides what crosses the box. But once multiple agents get equal system-level reach, access to screen context, cross-app actions, background execution, that assumption breaks.
“CISOs need to stop treating ‘AI assistant’ as a single, well-understood permission and start treating it as a category risk, one they have to govern like they govern app stores and MDM policies today. That requires device policies that name which agents can hold system-level permissions, not just which apps are installed. It means DLP and conditional access rules that account for an agent reading and acting on data, not just an app requesting it.,” he said.
This article first appeared on Computerworld.
View the full article
iPhone owners are sticking with the platform at a higher rate than a year ago, with new research firm CIRP putting iPhone loyalty at 87% for the first quarter of 2026.


CIRP's latest quarterly survey found that just 12% of new iPhone buyers in the March quarter had come over from an Android phone, with the remaining 1% arriving from a feature phone, a different smartphone platform, or buying a smartphone for the first time. That puts loyalty three percentage points above the same quarter a year earlier, when 14% of buyers switched from Android and the overall loyalty figure sat at 84%.

The firm has been tracking this movement for years by asking iPhone buyers what device they owned right before their purchase, among other questions about how they shop. Across the periods it measured recently, the share of buyers coming from Android has held in a fairly narrow 11% to 15% band, a much smaller pool of switchers than in the iPhone's early years, when Apple was still expanding beyond AT&T to other U.S. carriers and picking up large numbers of new users in the process.

The trend held steady in early 2024 too, when 13% of buyers arrived from Android and loyalty came in at 85%. CIRP's numbers suggest the bulk of smartphone owners settled on a platform long ago, and only a small slice change sides each year. This is a pattern other recent surveys have pointed to as well, even if their methodology and figures differ from CIRP's.

Apple will roll out Siri AI, its overhauled AI assistant, in iOS 27 later this year, which could help retain existing iPhone owners. Attracting Android converts is a separate challenge, though Apple's upcoming foldable iPhone will introduce a new form factor that may appeal to some existing Android foldable owners.Tags: Android, CIRP
This article, "iPhone Loyalty Rate Climbs to 87% as Switching to Android Slows" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
This week's episode of The MacRumors Show looks ahead to the 20th anniversary iPhone, the radically redesigned model that Apple is expected to launch in 2027.

Subscribe to The MacRumors Show YouTube channel for more videos

Apple's plans for the device's name remain unclear. The company skipped "iPhone 9" and moved straight to the iPhone X for the device's 10th anniversary in 2017, and it is widely expected to skip "iPhone 19" in the same way. Rumors have referred to the 2027 models as both the "iPhone 20" and the "iPhone XX" as placeholder names, and it is still possible that they will sit above the iPhone 18 Pro and 18 Pro Max as a separate, higher-tier directly, even though they are more likely to replace them as usual. Apple has reset iPhone branding before with the iPhone Air, whose successor is expected to be the iPhone Air 2.

The 2027 iPhone is rumored to be the biggest redesign since the iPhone X. Apple is reportedly aiming for a near bezel-less design with curved glass that wraps around all four edges and a return to a glass back, in line with the single slab of glass that former design chief Jony Ive long described as a goal. The frame is said to be a thin polished band, potentially in a material other than the aluminum used on Apple's straight-edged models, with the display curving onto the sides rather than following one consistent curve.

Displays that curve down the sides can be prone to accidental touches, an issue seen on earlier Android handsets with waterfall edges, though Apple is expected to engineer the device to work with a case. The extent of the curvature, and how far the display appears to refract at the edges, is not yet clear.

Apple reportedly wants a front with no cutouts, but some of the under-display technology is unlikely to be ready in time, meaning some form of front-facing cutout is expected to persist. Current reporting points to a gradually shrinking Dynamic Island, Face ID components moving beneath the panel, and an under-display camera arriving last, since image quality still degrades when a lens sits behind the display.

Apple is also rumored to be revisiting solid-state haptic buttons, reviving the "Project Bongo" effort that reached prototype hardware years ago before being shelved. Reports have cited several potential motivations, including a cleaner frame with no moving parts, a reduction in the mechanical button failures that account for many AppleCare repairs, and additional internal space for a larger battery or additional haptic engine.

Apple is reported to be developing a custom image sensor that would replace the Sony sensors currently used across the iPhone lineup, following the company's move to bring its silicon, modem, Wi-Fi, and Bluetooth chips in-house. The rear camera plateau is likely to remain, owing to the space required by the folded optics used for the telephoto lens.

The anniversary models are expected to share a second-generation 2-nanometer A21 chip, along with efficiency gains and a newer Apple modem. A 6,000mAh battery has appeared in some rumors, though it is unclear whether that figure is based on supply chain information.

Reverse wireless charging appeared in the same report and would let the iPhone top up accessories such as AirPods or an Apple Watch. The underlying hardware is already present, since iPhones can charge a MagSafe battery pack through their wireless coil, but Apple has never enabled the capability for other devices, a feature Samsung has offered on its phones for several years. Its viability on the anniversary model may depend on the larger battery and efficiency gains rumored for the device, given how much charge reverse wireless charging draws from the handset itself.

This year's ‌iPhone 18 Pro‌ models are rumored to be a more modest update, with the larger redesign reserved for the 20th anniversary model. It is expected to arrive in the fall of 2027, following the iPhone 18, iPhone 18e, and ‌iPhone Air‌ 2 in the spring. The MacRumors Show has its own YouTube channel, so make sure you're subscribed to keep up with new episodes and clips.

Subscribe to The MacRumors Show YouTube channel!

You can also listen to ‌The MacRumors Show‌ on Apple Podcasts, Spotify, Overcast, or other podcast apps. You can also copy our RSS feed directly into your player.



If you haven't already listened to the previous episode of The MacRumors Show, catch up to hear our discussion about the future of Apple's increasingly tangled high-end MacBook lineup, including the entry-level MacBook Pro and the rumored "MacBook Ultra."

Subscribe to ‌The MacRumors Show‌ for new episodes every week, where we discuss some of the topical news breaking here on MacRumors, often joined by interesting guests such as Kayci Lacob, Kevin Nether, John Gruber, Mark Gurman, Jon Prosser, Luke Miani, Matthew Cassinelli, Brian Tong, Quinn Nelson, Jared Nelson, Eli Hodapp, Mike Bell, Sara Dietschy, iJustine, Jon Rettinger, Andru Edwards, Arnold Kim, Ben Sullins, Marcus Kane, Christopher Lawley, Frank McShan, David Lewis, Tyler Stalman, Sam Kohl, Federico Viticci, Thomas Frank, Jonathan Morrison, Ross Young, Ian Zelbo, and Rene Ritchie.

‌The MacRumors Show‌ is on X @MacRumorsShow, so be sure to give us a follow to keep up with the podcast. You can also email us at [email protected] or head over to The MacRumors Show forum thread. Remember to rate and review the podcast, and let us know what subjects and guests you would like to see in the future.Tag: The MacRumors Show
This article, "The MacRumors Show: iPhone XX? Next Year's Major Upgrades Will Change Everything" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security.
Follow this column to keep up with new appointments to senior-level security roles and perhaps gain a little insight into hiring trends. If you have an announcement of your own that you would like us to include here, contact Peter Sayer, executive editor of news, at [email protected].
New CISO appointments in July 2026
Datavault AI appoints Barry Childe CISO
Barry Childe, a co-founder of quantum encryption company Arqit, has joined Datavault AI as CISO. Childe previously served as a distinguished engineer at HSBC, and held other senior technology roles at Barclays Capital and VMware.
Jason Cradit joins EverLine as CISO and CTO
Critical infrastructure technical services provider EverLine has hired Jason Cradit as CISO and CTO. Cradit has previously held leadership roles in consulting, software, and infrastructure operations, and founded software vendor Pivvot.
New CISO appointments in June 2026
Infoblox names Henrik Smith CISO
Former Amazon executive Henrik Smith has joined security platform vendor Infoblox as CISO. Smith most recently served as head of security for devices and systems at Amazon, and prior to that was vice-president of security at Salesforce.Former Amazon executive Henrik Smith has joined security platform vendor Infoblox as CISO. Smith most recently served as head of security for devices and systems at Amazon, and prior to that was vice-president of security at Salesforce.
GitLab hires Chaim Mazal as CISO
Chaim Mazal, previously chief AI and security officer at Gigamon, has joined GitLab as CISO. He’s been a GitLab customer for over eight years, and moved into the CISO role after serving on the company’s advisory board.
Paras Malhotra joins Starburst as CISO
Enterprise intelligence platform Starburst has hired Paras Malhotra as CISO. He previously served as senior director of information security at Datadog and, prior to that, held a variety of security roles at AWSAmazon Web Services.
Socure hires Mark Carter as CISO
Mark Carter has joined identity infrastructure provider Socure as CISO. He has previously worked as CISO at Navan, Tesla, and Vimeo.
SolarWinds appoints Justin Henkel as CISO
IT management software vendor SolarWinds has named Justin Henkel its new CISO. Henkel was previously deputy CISO at OneTrust, and before that spent 25 years as an intelligence officer in the US Air Force.
New CISO appointments in May 2026
Backstory names Victor Chang CISO
Backstory, formerly People.ai, has appointed Victor Chang as CISO. Chang has previously served as CISO at Amdocs, among other senior security roles.
Adam Dimopoulos is Entrust’s new CISO
Entrust has appointed former Synchrony VP of Information Security Adam Dimopoulos as its new CISO. Dimopoulos has also previously worked in advisory roles at Microsoft and Gartner.
New CISO appointments in March 2026
Kathy Wang joins micro1 as CISO
Frontier AI model training company micro1 has hired Kathy Wang as CISO. She was most recently CISO at hospitality software developer Otelier, and has previously held top cybersecurity roles at Discord and GitLab.
Green Impact Exchange names John Visneski CISO
John Visneski has joined stock exchange operator Green Impact Exchange as CISO. He was previously CISO at MGM Studios, and following that company’s acquisition by Amazon became head fo security for mergers and acquisitions. His cybersecurity career began with the US Air Force, where he served as cyber advisor to the Secretary and Chief of Staff of teh Air Force.
New CISO appointments in January 2026
Julien Mousqueton joins Cohesity as field CISO for Europe
Data security firm Cohesity has hired Julien Mousqueton as field CISO for Europe. His previous role was as CTO at IT service provider Computacenter. He is a reservist advisor for OFAC, the French national police force’s anti-cybercrime division, and created the real-time ransomware activity-tracking platform ransomware.live.

View the full article
A San Francisco City Attorney has sent cease-and-desist letters to Apple and Google demanding the removal of 13 AI "face-swap" apps that can generate nonconsensual nude images, according to WIRED.


The letters, sent on Thursday, target eight apps on the App Store and five on the Play Store that market themselves as face-swapping tools but are used to "undress" photos of real people. The attorney's office wants both companies to cut ties with the developers and stop taking a cut of in-app payments, arguing they are effectively "aiding and abetting" the sale of explicit deepfake images. The attorney called the practice "illegal, harmful, and completely unacceptable" and believes Apple and Google have collected millions in fees from the apps.

Both companies have developer rules against pornography and have removed batches of nudify apps in the past after being flagged by researchers. A Google spokesperson told WIRED that the company has deleted "hundreds" of apps with nudifying features for policy violations, including the five named in the letters. In June, it emerged that Apple had already tightened its ‌App Store‌ guideline language on developer responsibility for pornographic content.Tags: Google, Wired
This article, "Apple and Google Hit With Demand to Pull AI 'Nudify' Apps" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Some of the best Apple-related discounts this week include $100 off the Apple Watch Series 11, $150 off the M5 MacBook Air, and up to $500 off the 2026 MacBook Pro. You'll also find great deals on Anker accessories available on Amazon right now.

Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

MacBook Pro


What's the deal? Take up to $500 off MacBook Pro
Where can I get it? Amazon
Where can I find the original deal? Right here
$150 OFF14-inch M5 Pro MacBook Pro (24GB/1TB) for $2,349.00
$500 OFF16-inch M5 Max MacBook Pro (48GB/2TB) for $4,499.00

Amazon's prices on the 2026 MacBook Pro have now joined in on Apple's recent price hikes, meaning we're no longer tracking pre-hike markdowns on these devices. However, there are still notable sales to be found if you're shopping for a MacBook Pro this month, with up to $500 off new prices available right now on Amazon.

Apple Watch Series 11


What's the deal? Take $100 off Apple Watch Series 11
Where can I get it? Amazon
Where can I find the original deal? Right here
$100 OFFApple Watch Series 11 (42mm GPS) for $299.00
$100 OFFApple Watch Series 11 (46mm GPS) for $329.00

Amazon this week has low prices on the Apple Watch Series 11, with $100 discounts across numerous models of the smartwatch. This sale includes a handful of 42mm and 46mm GPS aluminum models, but cellular devices are a bit more rare this time around.

MacBook Air


What's the deal? Take $150 off M5 MacBook Air
Where can I get it? Amazon
Where can I find the original deal? Right here
$150 OFF13-inch M5 MacBook Air (24GB/1TB) for $1,649.00

Amazon is taking $150 off multiple models of the M5 MacBook Air, focused mainly on 13-inch models this time around. These are some of the lowest prices we've seen on the notebooks in the wake of Apple's price hikes last month.

Anker


What's the deal? Save on Anker accessories
Where can I get it? Amazon
Where can I find the original deal? Right here
$50 OFFAnker Prime 3-in-1 Wireless Charging Station for $99.74
$60 OFFAnker SOLIX Power Station with Lantern for $189.99

Anker's popular Prime 3-in-1 Wireless Charging Station has dropped to $99.74 on Amazon, down from $149.99. This is one of Anker's newest accessories, and Amazon's sale today is a match of the all-time low price that we last tracked during Prime Day. There are plenty of other Anker accessories on sale this week, which you can find in our original post.

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Apple Watch Series 11 Drops to $299, MacBook Pro Up to $500 Off in Latest Apple Deals" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Since iOS 26, a malfunctioning iPhone has been able to boot itself into Recovery Assistant, with no Mac or PC required. However, you could only get there if your device failed to start up and dropped into recovery on its own.


In iOS 27, currently in beta, Apple has removed that limitation, and you can now manually boot into a Mac-style recovery screen whenever you like.

The new recovery mode lets you troubleshoot, update, or erase your device without necessarily plugging it into anything. It can connect automatically to a known Wi-Fi network, and it shows your battery percentage in the corner of the screen. Here's how to access it.

How to Boot Into Recovery Mode

Accessing the recovery mode is similar to the equivalent mode on Apple silicon Macs, and it works the same way on iPads running iPadOS 27.

Turn off your iPhone, then wait about a minute to ensure it has fully shut down.
Press and hold the Side button. The Apple logo will appear as it normally does during startup – continue holding the button and you'll see "Continue holding for recovery...".
Release the button when "Loading recovery options..." appears.
Your iPhone will then boot into the new recovery screen instead of loading iOS.


What the Recovery Options Do

The recovery screen offers five options:

Recovery Assistant: Automatically scans for software issues and attempts to fix them without requiring further input.
Software Update: Installs the latest version of iOS available for your device, which can help if a failed update has left your iPhone stuck in a boot loop.
Diagnostics Mode: Runs diagnostics to check for hardware and software issues, and can recommend repairs if needed.
Erase All Content and Settings: Completely wipes your iPhone, just like the equivalent option in the Settings app.
Recovery Mode: Puts your iPhone into the traditional recovery mode for restoring it with a Mac or PC, without requiring the usual button-press sequence.
On newer iPhone models, there's also a sixth hidden option. While on the recovery screen, if you press and hold the Side button again, a popup menu will appear showing the option Nearby Device Recovery. This lets you restore your iPhone using another Apple device close by, similar to an existing recovery feature that debuted on iPhone 16 models.

Exiting the Recovery Screen

To leave recovery mode, tap the power button in the top-right corner of the screen and confirm that you want to restart. Alternatively, press and hold the physical Side button and choose Restart or Shut Down.

You shouldn't need the new recovery screen often, but it's worth knowing the button sequence now in case a beta goes wrong or a failed update bricks your iPhone. iOS 27 is currently in public beta, so you can download and try it out now before it's released in the fall.Related Roundups: iOS 27, iPadOS 27
This article, "iOS 27: Access the New iPhone Recovery Screen" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple's Car Keys feature appears to be coming to TANK vehicles made by Chinese maker Great Wall Motor (GWM), based on code changes discovered by MacRumors in Apple's Wallet app backend.


GWM Tank is a dedicated off-road luxury SUV brand produced by the Chinese automaker.

Car Keys allows an iPhone or Apple Watch with NFC capabilities to unlock a vehicle through the Wallet app. A digital version of a car key is stored in Wallet, and unlocking can be done simply by holding an Apple Watch or ‌iPhone‌ near a compatible vehicle's NFC reader.

What can be done with Car Keys may vary by car manufacturer, but at a minimum, Car Keys can be used to unlock your car, lock your car, and start your car, which are the features available with a physical key.

Apple introduced Car Keys in 2022, and car manufacturers like BMW, Rivian, Kia, and Hyundai have all implemented support for Car Keys. Apple maintains a full list of vehicles that support Car Keys on its CarPlay model availability webpage.Tag: iPhone Car Keys
This article, "Apple Car Key Support Coming to Future GWM Tank SUVs" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
WhatsApp has started rolling out its new username feature, reports WABetaInfo. Some users who reserved their username have started receiving a notification that their username is active, and that they can now use it to send and receive messages to other users without revealing their phone number.

When someone creates a username, WhatsApp will notify people who already have an active chat with that person. WhatsApp has no directory of usernames to browse, and no username discovery suggestions, so people will need to know a WhatsApp user's exact username to send a message.Tag: WhatsApp
This article, "WhatsApp Begins Rolling Out New Username Feature" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Most organizations I work with have invested heavily in cloud security. They have endpoint detection tools, SIEM platforms, cloud security posture management, and skilled security teams running on a 24/7 shift. And yet, when I ask them a simple question — who has admin access in your Salesforce tenant right now? — The room goes quiet. Nobody knows. Not because they are negligent. Because they genuinely cannot see it.
That is the SaaS blind spot.
Figure 1: The Blind Spot and what SSPM covers.Ashish Mishra
SaaS: Numbers speak volumes
I ask this question in almost every engagement: how many SaaS applications does your organization run? The answers I get range from 30 to maybe 50. The real number, once someone counts, is usually north of three hundred. AppOmni’s 2024 research put it even higher — 49% of Microsoft 365 organizations believed they had fewer than ten apps connected to their tenant when the actual average was over a thousand.
Here is the part that concerns me more than the count. Of all those applications, security teams have clear sight into maybe one in 10. The rest — where your customer records live, where your source code sits, where your financial reports get shared — nobody is watching. Not because the team is careless. Because the tools they have were never built to look there.
The following incidents will discuss these realities.
Salesforce in 2023
In April 2023, KrebsOnSecurity broke the story — Salesforce Community sites were quietly leaking sensitive data belonging to government agencies, banks, and healthcare providers. No sophisticated attack technique. Just the right API endpoint and a misconfigured guest user profile. The exposed records included Social Security numbers, account details, and home addresses. Salesforce was clear in its response: this was not a platform vulnerability. Administrators had misconfigured guest access policies, and nobody had checked.
Guest user profiles in Salesforce Communities can be granted access to data records. When administrators set those permissions too broadly — often without realizing it — unauthenticated external users can query that data straight through the API. Over 150,000 companies were potentially sitting in that window before anyone raised the alarm.
The pattern is always the same. Configuration made under time pressure, default set slightly too permissive, nobody looks at it again. SaaS applications accumulate these quiet exposures over months and years.
GitHub in 2022
In April 2022, GitHub disclosed that an attacker had used stolen OAuth tokens — issued to Heroku and Travis CI — to access and download private repository contents from dozens of organizations, including npm. GitHub’s own systems were never touched. The tokens came from third-party applications that users had authorized to connect to their accounts, and those applications had been quietly compromised.
The entry point was not GitHub. It was not even the organizations that lost their data. It was the CI/CD tools those organizations had connected to GitHub months or years earlier — tools that had been granted broad read and write permissions that were never revisited.
That is the OAuth problem in plain terms. The moment you authorize a third-party application; its security posture becomes your problem too. Most organizations have dozens of these connections sitting open across their SaaS platforms — and no one reviewing them.
Figure 2: The 2022 GitHub breach chain.Ashish Mishra
Microsoft in 2023
The Microsoft case from 2023 is the one I bring up when people assume this only happens to careless organizations. Wiz Research found that Microsoft’s own AI team had exposed 38TB of internal data — private keys, passwords, and more than 30,000 internal Teams messages — through a single misconfigured Azure access token. The token was supposed to share one training dataset on GitHub. Instead, it opened an entire storage account to anyone who found the link.
What gets me about this one is the timeline. That token had been sitting there since October 2021. Nearly two years, inside Microsoft, before anyone caught it. If a team with that level of resources and expertise can leave a door open for two years, the idea that “we’d notice” is not much of a security strategy. And it’s worth noting — this wasn’t a database leak. It was Teams messages. The same collaboration tools your employees use every day are just as exposed as the platforms holding structured records.
Why traditional security tools miss this
Cloud Security Posture Management tools — CSPM — are designed to monitor infrastructure configuration: virtual machines, storage buckets, network rules, and IAM policies at the infrastructure level. They do an acceptable job at that layer. What they do not do is look inside SaaS applications. CISA’s Secure Cloud Business Applications (SCuBA) guidance specifically calls out the gap between infrastructure security tools and SaaS-layer visibility as one of the most under addressed areas in enterprise cloud security.
This is the gap SSPM was built to close. Instead of watching infrastructure, it watches the configuration of the SaaS applications themselves — permissions, sharing settings, who has access to what. And the distinction is not just academic. Infrastructure misconfigurations tend to expose systems. SaaS misconfigurations tend to expose data — directly, quietly, and often without any detectable attack activity at all.
Figure 3: The six core visibility capabilities of SSPMAshish Mishra
What security teams should do now
You do not need to deploy a full SSPM platform tomorrow to start closing the gap. There are practical steps that move the needle immediately.
Audit connected OAuth applications across your primary SaaS platforms. Revoke any integration that cannot be justified by a current business need. Common source of public data exposure: Review guest and external sharing permissions in Salesforce Communities and Microsoft SharePoint. Check whether legacy authentication protocols are disabled in Microsoft 365. Legacy auth bypasses MFA and becomes a potential entry point in enterprise environments. Establish a quarterly access review for high-privilege accounts in SaaS applications. Most organizations run annual reviews at best — that is not frequent enough for platforms that change configuration daily. A map of which SaaS applications hold sensitive data, and which have no security team ownership at all. That list will be longer than you expect. The core issue is not that organizations are careless. It is that they have built security programs around the perimeter and the infrastructure, and SaaS applications grew up inside that perimeter without ever being brought into scope. The data is there. The access is there. The misconfiguration is often there too. What has been missing is the visibility to see it.
SSPM closes that gap. But even before a formal tool is in place, simply asking the question — what can the applications we already run see and share? — is a meaningful first step. In my experience, the answer surprises almost every organization that takes the time to look.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
Threat actors are now abusing an ordinary font file to deliver low-detection malware capable of stealing credentials and establishing persistence on compromised Windows systems.
According to a new research from Fortinet’s FortiGuard Labs, a global phishing campaign is actively using heavily obfuscated JavaScript and a Lua-based loader posing as a TrueType Font (TTF) file to evade security and drop RATs and infostealers.
A TTF file is a standard font file used by operating systems and applications to display text.
The campaign has been deploying malware families such as Agent Tesla, Remcos, XWorm, and a Snake Keylogger variant known as Best Private LOGGER, since at least late March 2026. “In these attacks, the threat actor impersonates several well-known companies, using the guise of business cooperation to launch phishing attacks,” FortiGuard researchers said in a blog post.
Talking about how a new attack technique seems to still rely on conventional phishing tricks, Shane Barney, CISO at Keeper Security, said, “The most sophisticated technical evasion in the world still starts the same way: someone opens an email from what looks like a trusted company and acts on it.”
“The obfuscation layers, the Lua loader disguised as a font file, the fileless execution chain – all of it exists to survive detection after that human decision has already been made, and organizations would do well to keep that in their sightline,” he added.
Business and payment-themed phishing lures used
According to the researchers, victims receive phishing emails impersonating well-known companies and using business collaboration or payment-related themes to trick recipients into opening compressed archives. These archives contain the obfuscated JScript that establishes persistence before dropping either a legitimate Autolt executable or a LuaJIT interpreter, along with a malicious script packaged within a .ttf extension.
The fake font file functions as a Lua-based loader that runs multiple de-obfuscation steps before decrypting and executing shellcode directly in memory.
“Security controls cannot treat a file extension as proof of file type or intent,” said Jason Soroko, senior fellow at Sectigo. “Each component (of the campaign) may appear less suspicious when reviewed alone, while the combined sequence leads to in-memory execution of RATs and infostealers.”
Some of the new variants, the researchers pointed out, are getting more sophisticated by introducing segmented shellcode encryption, Vectored Exception Handler (VEH)- based runtime decryption, AMSI and ETW bypasses, API unhooking, and other anti-analysis techniques designed to evade endpoint defenses.
The final malware payload is delivered using Donut shellcode, allowing execution without writing the payload to disk.
Protection requires targeted mitigations and routine security hygiene
Fortinet’s findings confirm the attackers’ endgame to be stealing credentials and maintaining long-term access. The malware families observed, including Agent Tesla, Remcos, XWorm, and Best Private LOGGER, are all focused on credential theft, surveillance, or remote access.
Barney said organizations should resist focusing exclusively on the loader’s technical sophistication and instead strengthen the systems attackers eventually want to compromise.
In his opinion, identity and access controls are what it comes down to, as signature-based detection often fails against the loader sophistication of this grade. “Limiting what any given set of credentials can reach, enforcing least privilege, requiring re-authentication for sensitive systems, and monitoring for anomalous session behavior will not stop every phishing email from landing, but they significantly constrain what an attacker can accomplish after one succeeds,” he explained.
Soroko, on the other hand, recommends focusing controls on the technical indicators. He urged organizations to restrict Windows Script Host, Autolt, and LauJIT wherever they are not operationally required, monitor for behaviors such as process injection, remote memory allocation, and shellcode execution, and use Fortinet’s published indicators for threat hunting.
The indicators of compromise (IOCs) Fortinet shared include the command-and-control (C2) addresses, file hashes, and filenames.
Soroko warned against relying solely on hashes or C2 infrastructure because the loader has changed over time. “The stronger approach is to detect the stable behavior across versions, then test controls against the complete chain,” he said.
View the full article
Apple has reportedly sent legal letters to dozens of former Apple employees now working at OpenAI, telling them to preserve potentially relevant documents and communications as it continues to pursue its trade secret lawsuit against the AI company.


The Financial Times ($) reports that Apple has targeted around 40 former employees with legal preservation letters, acting on its belief that the alleged misappropriation of confidential information may extend beyond the individuals named in its original complaint.

The development follows Apple's lawsuit filed last week against OpenAI, in which the company alleges a coordinated effort to obtain confidential information relating to its hardware engineering and product development.

Apple claims OpenAI recruited key engineers, including former Apple executives Tang Tan and Chang Liu, and benefited from proprietary designs, manufacturing processes, and other trade secrets. Tan is OpenAI's Chief Hardware Officer and a 24-year Apple veteran who led product design, while Liu is on the hardware team at OpenAI after working as a senior system electrical engineer at Apple.

The complaint says that more than 400 former Apple employees now work at OpenAI and suggests that the alleged misconduct is broader than a few isolated actions by individual employees. OpenAI has denied the allegations, saying in a statement to Bloomberg this week that it is "not aware of any evidence that this complaint has merit."

Apple has requested an injunction requiring OpenAI to cease using any Apple information during the development of OpenAI's AI hardware device. Apple is also seeking damages and suing Tan and Liu for breach of contract for violating their employment agreements. The company believes the evidence uncovered so far may represent only the "tip of the iceberg," according to its lawsuit.Tags: Financial Times, Apple Lawsuits, OpenAI
This article, "Report: Apple Sends Legal Letters to Dozens of OpenAI Employees" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Shadow IT has long been a major problem for CISOs, but the biggest problem may be coming from the executive suite’s hunger for unsanctioned AI.
Nearly two-thirds of senior decision-makers admit to using unapproved AI tools, compared to just 31% of lower-level employees, according to a survey by Microsoft solutions partner TrustedTech.
The use of shadow AI is prevalent among senior executives even though three in four employees acknowledge security or data privacy risks related to the practice.
“Most shadow AI users are not ignorant of the risk,” TrustedTech says in a white paper. “They are deliberately choosing to use these tools anyway. This is not a training issue. It is a culture, incentives, and alternatives issue.”
In many cases, the problem is driven by a lack of approved tools, the report adds.
“People use shadow AI because what their employer hands them is worse than mainstream AI tools, or because nothing has been approved in the first place,” the report says. “That doesn’t change until the sanctioned tools are genuinely worth using.”
A question of authority
The use of shadow AI by CEOs and other C-suite executives can create major problems for CISOs, CIOs, and other IT executives because they may not have the authority to put the kibosh on it.
It also presents a challenge for IT leaders to provide the AI tools that employees and executives want to use.
When executives use shadow AI, CISOs are in a difficult position, because governance only works when it’s modeled from the top, says Andy Nolan, VP of technology at TrustedTech.
“If senior leaders bypass approved AI tools or policies, it sends an implied message that speed matters more than security and compliance,” he adds. “Employees notice that behavior, and it becomes much harder to ask the rest of the organization to follow standards that leadership isn’t following themselves, first.”
Another major problem is that executives often work with highly sensitive information, including financial data, strategic plans, intellectual property, and customer information, he notes.
But CISOs and CIOs also can’t solve the problem by becoming the AI police in every situation, Nolan says, because their role is to help the business innovate safely.
“That requires executive alignment, clear governance, and providing secure AI tools that people actually want to use,” he adds. “When leadership embraces those solutions, the rest of the organization is almost sure to follow.”
All risk, no reward
The use of shadow AI by senior executives puts CISOs and CIOs in an impossible position, agrees Amit Maloo, CISO at AI procurement provider Ivalua. CISOs and CIOs are held accountable for the risk exposure but have no visibility into the problem, he says.
“When senior leaders use ungoverned AI tools for business decisions, those decisions still have consequences, such as financial commitments, contract reviews, and data sharing,” he adds. “But there is no audit trail, no permissions model, or no way to reconstruct what happened or why.”
Part of the problem is that approved AI options often don’t meet the needs of users, Maloo says.
“AI policies alone aren’t enough; organizations need to pair governance with usability,” he adds. “If approved AI tools don’t meet the pace of business, employees at every level, including leadership, will find their own solutions. Successful organizations will be those that make the secure path the easiest path.”
IT leaders can’t solve the problem with more governance, he notes. “Policies and restrictions slow shadow AI down, but they don’t stop it, especially when the people using it are senior enough to absorb the disciplinary risk,” Maloo adds. “What CIOs can do is focus on providing tools that grant users full access to the necessary systems and data, eliminating the need to choose between a capable but ungoverned tool and a safe but limited one.”
Speed over security
The TrustedTech data echoes a June report from employee monitoring software vendor Teramind, which found that more than two-thirds of C-level executives prioritize speed over security when using AI tools, notes Nik Kale, a principal engineer and product architect at Cisco, and member of the Coalition for Secure AI.
In addition, the Teramind report found that two-thirds of enterprise AI activity runs through personal accounts on platforms for which the company already owns licenses, he notes.
“People are paying for the governed version and using the ungoverned version of the same product, so the problem isn’t the tools,” he says. “The approved path is slower, buried in procurement, or disconnected from where the work actually happens, and speed wins every time under a deadline.”
The problem then isn’t with the AI tools, but with the friction involved, he says. “People aren’t going around the front door because the room is locked,” Kale adds. “They’re going around it because the front door is slower.”
In many cases, the use of shadow AI exposes a couple of shortcomings in enterprise processes, adds Matthew Scavetta, chief technology innovation officer at IT solutions provider Future Tech Enterprise.
Many organizations don’t do a good job of making employees aware of the AI tools available to them, he says, and many organizations don’t offer training on the sanctioned applications, which drives users to pick products they are familiar with.
“If you don’t solve problems for people quickly or make people aware of which tools they can use safely, they will find a workaround,” he adds. “AI tools are no different than anything else.”
Shadow AI use by executives puts IT leaders in an incredibly difficult position, he says.
“CIOs, in particular, are under more and more pressure each year to keep up with what’s possible as tech influencers keep preaching about the potential of these tools,” Scavetta says. “CEOs and board members are constantly getting swept up in the hype; meanwhile, there are more and more case studies coming out showing how little ROI some organizations have realized. It’s a never-ending game of balancing possible with practical.”
View the full article
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly patched security flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by July 19, 2026. The vulnerability in question is CVE-2026-58644 (CVSS score: 9.8), a critical deserializationView the full article
For a small vehicle-rental business, the first technology problem is rarely advanced fleet analytics. It is usually much simpler: customers cannot see available vehicles, booking details are buried in WhatsApp, prices are quoted differently by different people, and the same car or bike may accidentally be promised twice.
The best free vehicle rental management software for cars and bikes should solve those immediate problems without forcing a new operator to pay a large monthly subscription before receiving its first online booking.
MotoShare addresses this need through a two-sided rental platform. Customers can search for cars, motorcycles, scooters, and bicycles, while eligible rental partners can register, create vehicle listings, set prices, update availability, receive requests, accept or decline bookings, and manage basic rental activity. MotoShare also provides separate Android applications for customers and partners.
Its clearest advantage is the published pricing model. MotoShare’s homepage says the platform is free for customers, renters, and partners, with no booking fees, commissions, or hidden platform charges. Its Terms add that it does not charge providers to list rental services or enable bookings.
MotoShare is not, however, a complete enterprise fleet-management suite. Its verified strengths lie in vehicle discovery, listings, availability, rental requests, partner controls, mobile access, and handover guidance. Built-in GPS tracking, telematics, fuel analytics, predictive maintenance, accounting integration, route optimization, and ERP functions are not demonstrated as current MotoShare capabilities.
Quick Answer
MotoShare is one of the strongest free options for small car and bike rental businesses that need an affordable way to:
Publish eligible vehicles online Reach customers through a rental marketplace Manage car and bike listings Set rental prices Update availability Receive reservation requests Accept or decline bookings Support hourly, daily, weekly, and longer rentals Give customers website and Android access Organize pickup, inspection, and return procedures Avoid published platform subscriptions, listing fees, booking fees, and commissions MotoShare is especially well suited to independent rental partners, small agencies, tourism-location operators, mixed car-and-bike businesses, and startups moving away from phone-only or spreadsheet-based booking.
It is less suitable as a standalone system for large fleets requiring sophisticated maintenance, telematics, accounting, branch management, financial reporting, or custom integrations.
What Is Vehicle Rental Management Software?
Vehicle rental management software is a digital system that helps a business organize the process of making vehicles available for temporary use.
At minimum, it should help answer:
Which vehicles can customers rent? When is each vehicle available? What price applies? Who requested the booking? Has the request been accepted? Where will pickup and return occur? What condition was the vehicle in? Which documents and rental terms apply? The category includes several different product types.
Software typePrimary purposeRental booking softwareCaptures dates, customer details, and reservation requestsVehicle rental management softwareManages listings, pricing, availability, bookings, customers, and rental operationsRental marketplaceConnects customers with multiple independent providersFleet management softwareManages utilization, servicing, compliance, cost, and vehicle lifecycleTelematics softwareUses connected devices for GPS, diagnostics, mileage, fuel, and driving dataLogistics softwareHandles drivers, routes, deliveries, dispatch, and transport assignments MotoShare combines the first three functions. It is a public vehicle-rental marketplace with basic partner-management and booking capabilities. It is not simply an internal SaaS dashboard that a rental company installs for private use, and it is not a logistics platform.
That distinction matters. MotoShare helps businesses be discovered and receive bookings, whereas a conventional enterprise fleet product may focus more heavily on internal maintenance, accounting, and connected-vehicle operations.
Who Needs This Type of Software?
Small car rental agencies
A local agency may have ten vehicles but no proper online catalogue. Rental software helps it publish vehicle details, rates, and availability instead of sending photos individually to every customer.
Bike and scooter rental operators
Two-wheeler businesses often serve tourists, students, commuters, and delivery workers. Their rental periods can range from a few hours to several weeks, making availability and duration controls important.
Independent rental partners
A partner may need an accessible marketplace rather than a costly custom website. MotoShare’s partner workflow supports free listings and partner-controlled pricing.
Mixed car-and-bike businesses
A provider managing both two-wheelers and four-wheelers benefits from presenting them through one customer-facing platform.
Rental startups
New businesses can test customer demand before investing in a paid enterprise platform or building proprietary software.
Hotels, hostels, tour companies, and travel agencies
These businesses frequently receive requests for local transport but may not want to operate their own booking technology.
Customers
Renters benefit from online search, visible vehicle categories, flexible rental periods, and a more structured booking journey.
Problems the Software Should Solve
Scattered enquiries
One customer writes on WhatsApp, another calls, and a third sends a social-media message. Staff must manually combine those conversations into a booking record.
Unclear availability
A spreadsheet may show that a vehicle is available even though someone has already agreed to rent it over the phone.
Repeated price negotiations
Staff repeatedly explain hourly, daily, weekly, deposit, delivery, fuel, and kilometre charges.
Weak online visibility
Customers cannot rent a vehicle they cannot discover. A marketplace gives a small provider a public search channel without requiring a custom booking website.
Missed or duplicated bookings
Informal processes increase the risk of forgotten enquiries and conflicting reservations.
Inconsistent handovers
Without a standard process, one employee may record fuel and damage while another hands over the vehicle without photographs.
Poor document control
Driving licences, IDs, vehicle documents, receipts, and rental terms can become scattered across phones and paper files.
High software expense
Many established rental systems use paid subscription models. Booqable currently publishes plans beginning at $29 per month when billed annually, while HQ Rental Software bases subscriptions on factors such as fleet size, locations, and advanced functionality.
Confusing software categories
A business may buy GPS software when its main issue is online booking—or choose booking software while overlooking its need for maintenance and accounting. A sensible purchase begins by separating customer-facing rental management from internal fleet operations.
Essential Feature Checklist
FeatureWhat it should achieveMotoShare statusVehicle listingsPublish vehicle type, make, model, images, price, and detailsAvailableCars and bikesSupport two- and four-wheeler rental categoriesAvailableScooters and bicyclesProvide additional mobility categoriesAvailable or advertisedCustomer registrationCreate renter access and booking identityAvailablePartner registrationOnboard vehicle-rental providersAvailableVehicle searchLet customers browse vehicles onlineAvailableAvailability managementControl when vehicles can be requestedAvailable/advertisedOnline bookingCapture dates and customer requestsAvailableInstant confirmationConfirm bookings immediatelyAdvertised; live behaviour not independently demonstratedReservation managementTrack and respond to rental requestsAvailable at a basic levelPartner-controlled pricingLet providers define or adjust ratesAvailableFlexible durationSupport hourly, daily, weekly, and longer rentalsAdvertisedOne-way and round tripsSupport different return arrangementsAdvertisedPickup and drop-offCoordinate vehicle handover locationsAvailable/advertisedDoorstep deliveryDeliver vehicles to selected locationsAdvertised in selected areasMobile appsGive customers and partners phone accessAndroid apps verifiedCustomer supportAssist with booking and rental problems24/7 support advertisedHandover recordsRecord fuel, odometer, condition, and photographsGuidance and digital records mentionedLicence and identity checksHelp confirm renter eligibilityManual guidance availableCommercial complianceDefine eligible vehicle-document requirementsGuidance availableIntegrated paymentsProcess rental payments securelyConflicting official informationVerified providersValidate provider legitimacy and documentsMarketing claim conflicts with TermsMaintenance schedulingPlan servicing and repairsNot verifiedGPS and telematicsTrack location and vehicle-health dataNot verifiedAccounting and ERPConnect finance and enterprise systemsNot verifiedAdvanced analyticsMeasure utilization and profitabilityNot verified beyond basic earnings tracking Complete MotoShare Feature Analysis
MotoShare’s official pages describe a broad set of functions, but not all carry the same evidence level. The most accurate approach is to separate verified platform functions from advertised functions and conflicting claims.
MotoShare capabilityEvidence-based assessmentStatusFree platformHomepage says customers, renters, and partners pay no platform chargeVerifiedNo listing feeTerms say rental services can be listed without a feeVerifiedNo booking-enablement feeTerms say MotoShare does not charge to enable bookingsVerifiedNo commissionHomepage states there are no commissionsOfficially statedNo hidden platform chargesHomepage and partner page make this claimOfficially statedCar listingsCars are a core category on the website and search pagesVerifiedBike listingsBikes are a core category on the website and partner portalVerifiedScootersFeature, service, and app pages include scootersAdvertisedBicyclesHomepage and search page provide a bicycle categoryVerifiedCustomer registrationRenter login and registration links are presentVerifiedPartner registrationDedicated partner registration and login flow existsVerifiedPartner login methodsWhatsApp, SMS, and Google options are shownVerifiedVehicle informationPartners can add make, model, year, availability, and priceVerifiedVehicle searchSearch page provides bike, car, and bicycle discoveryVerifiedPricing controlPartners can set and adjust rental pricesVerifiedAvailability updatesPartner dashboard supports availability updatesVerifiedBooking requestsPartners can receive customer rental requestsVerifiedAccept or declinePartners control whether to accept a bookingVerifiedBooking trackingPartner dashboard advertises booking trackingAvailable/advertisedEarnings trackingPartner dashboard mentions earningsAdvertised; depth not documentedCustomer appAndroid application is publicly listedVerifiedPartner appSeparate Android partner application is publicly listedVerifiedHourly rentalsHomepage, features, services, and app describe hourly periodsAdvertisedDaily rentalsAdvertisedAdvertisedWeekly rentalsFeatures and services describe weekly rentalsAdvertisedLong-term rentalsHomepage, services, and customer app mention longer rentalsAdvertisedOne-way rentalsFeatures and services promote one-way tripsAdvertisedRound-trip rentalsFeatures and services promote round tripsAdvertisedReal-time availabilityFeature page and app claim current availabilityAdvertised; implementation not independently testedInstant bookingFeature and service pages describe immediate confirmationAdvertised; implementation not independently testedTransparent pricingHomepage, feature page, and app make this claimAdvertisedPickup and drop-offMultiple or agreed locations are describedAdvertisedDoorstep deliveryFeature page says it is available in selected areasAdvertised/conditionalCustomer supportHomepage and feature page advertise 24/7 assistanceAdvertisedPartner communicationDashboard and guidelines refer to renter communication and official channelsAvailable/mentionedInspection guidancePhotos, damage, tyres, fuel, and documents are coveredVerified guidanceReturn guidanceReturn time, fuel, cleanliness, and photographs are coveredVerified guidanceDigital handover recordsPlatform guidelines mention digital handover, condition, and agreement recordsMentioned; interface not demonstratedPayment processingProduct pages say payments are processed, but Terms say MotoShare handles no paymentsConflictingVerified providersMarketing pages say verified; Terms deny legal verification and background checksConflictingVerified rentersPartner page makes the claim; exact process is not documentedUnclearRental insurancePartner page says rentals are covered, while other pages place insurance responsibility on providersUnclear/conflictingBuilt-in GPSGuidelines recommend that partners keep GPS enabledNot a verified MotoShare featureMaintenance softwareNo public repair or servicing module foundNot verifiedTelematicsNo connected-vehicle functionality foundNot verified MotoShare’s homepage, feature page, services page, partner workflow, FAQ, applications, and search pages support the core listing, discovery, pricing, availability, booking, duration, mobile-access, and handover claims.
A necessary accuracy warning
MotoShare’s marketing and legal pages currently disagree about important functions.
The feature page says customers can pay by card, net banking, UPI, or wallet. The customer app mentions advance payment or pay at pickup. The partner page says payments are processed through MotoShare and released after the rental.
MotoShare’s Terms and Cancellation Policy state that MotoShare does not accept or process rental payments, deposits, cancellations, or refunds and that all financial arrangements are handled directly between customer and provider. The legal-policy description should therefore be treated as controlling until the website is reconciled.
The same caution applies to “verified providers.” Marketing pages describe providers as verified, but the Terms say MotoShare does not perform background checks, financial audits, or legal verification of listed providers. Customers are told to verify provider authenticity, licences, and documents themselves.
Why MotoShare’s Free Model Is Valuable
MotoShare’s current free model removes a significant barrier for small operators.
A new rental company can create listings, display prices, receive requests, and test online demand without first paying a recurring software subscription. The Terms explicitly confirm that MotoShare does not charge for listing rental services or enabling bookings, while the homepage states that there are no booking fees, commissions, or hidden platform charges.
That can be valuable in four ways:
Lower startup risk
A business can validate whether online customers are interested in its vehicles before investing in a paid system.
Better access for local operators
An agency with only a few cars or scooters may not need a sophisticated enterprise deployment.
Marketplace exposure
Unlike many private back-office systems, MotoShare also provides a customer-facing discovery channel.
No platform commission pressure
MotoShare says partners keep 100% of rental earnings. Because the payment workflow is inconsistent across official pages, this should be understood as a no-platform-commission claim rather than proof of a platform-managed payout system.
“Free platform” does not mean that the rental is free. Providers may still charge rental fees, deposits, taxes, delivery, fuel, tolls, additional kilometres, late-return fees, damage costs, insurance-related charges, or cancellation fees. MotoShare’s policies say these arrangements are agreed directly with the provider.
MotoShare also does not make a permanent contractual “free forever” guarantee. The accurate statement is that the platform is currently published as free.
Ten Strongest MotoShare Features
1. Free car and bike listings
Eligible partners can list cars and bikes without an upfront platform listing fee.
2. A two-sided marketplace
MotoShare gives providers management tools while also giving customers a searchable vehicle catalogue. That combination is more useful to a small operator than a private database that creates no customer traffic.
3. Partner-controlled pricing
Partners can set and adjust their own rental rates rather than being limited to a single platform price.
4. Availability controls
Providers can update vehicle availability and use it to manage incoming demand.
5. Booking-request control
Partners receive requests and decide whether to accept or decline them, preserving operational control.
6. Cars, bikes, scooters, and bicycles
MotoShare’s pages cover commuter bikes, motorcycles, scooters, cars, SUVs, luxury vehicles, and bicycles. Actual inventory depends on provider listings and location.
7. Flexible rental periods
The platform advertises hourly, daily, weekly, and long-term options, allowing providers to serve commuters, tourists, business travellers, and longer-term renters.
8. Customer and partner Android apps
Separate applications are listed on Google Play. The customer app was updated on May 29, 2026, and the partner app on June 11, 2026.
9. Handover and return guidance
MotoShare instructs both parties to record photographs, damage, fuel, odometer readings, documents, and return condition.
10. Commercial-compliance guidance
MotoShare publishes requirements concerning commercial registration, insurance, fitness certificates, pollution certification, permits, and renter-document checks. These are platform guidelines and must still be verified against current government and state-specific rules.
How MotoShare Works
Partner journey
Open the partner registration or login workflow. Authenticate through an available method. Create a vehicle listing. Add the make, model, year, price, and availability. Ensure the vehicle satisfies MotoShare’s eligibility requirements. Receive a rental request. Review the requested dates and renter information. Accept or decline the request. Agree directly on payment, deposit, cancellation, pickup, and return terms. Verify the renter’s driving licence and government ID. Photograph the vehicle and record fuel, odometer, and condition. Complete the handover. Inspect the vehicle again at return. Update its availability before the next rental. The listing, availability, pricing, request, acceptance, and dashboard portions of this journey are described in MotoShare’s partner workflow. The inspection and documentation steps are provided in its guidelines.
Customer journey
Visit MotoShare or open the customer app. Search by location and vehicle category. Review available cars, bikes, scooters, or bicycles. Apply relevant filters where available. Select a rental period. Initiate a booking. Confirm the final price and provider conditions. Verify the provider and vehicle documents. Inspect and photograph the vehicle. Record fuel and odometer details. Return the vehicle at the agreed time and place. Retain payment and communication records. MotoShare’s app describes city, brand, type, and price filters, while the website provides category and location discovery pages.
Benefits for Rental Operators
A public online presence without building a custom booking website Structured listings instead of repeatedly sending photographs Better control of vehicle availability A clearer record of incoming booking requests Partner-controlled rental prices Access through a mobile partner application Marketplace visibility for both cars and bikes Lower technology-entry cost Guidance for pickup, return, and damage documentation These benefits are strongest for smaller operators whose current alternative is manual administration rather than an existing enterprise system.
Benefits for Vehicle Owners and Partners
Eligible partners gain a way to make vehicles discoverable, define prices, control availability, and approve individual requests.
They also retain responsibility for ensuring that vehicles are lawful, roadworthy, appropriately registered, and insured for the intended rental model. MotoShare prohibits private white-plate cars and motorcycles from being listed and requires commercial documents for applicable motor vehicles.
Indian requirements may vary by state, vehicle class, permit, insurance wording, and operating model. The Motor Vehicles Act includes provisions concerning driving licences, transport-vehicle fitness, permits, and mandatory insurance, while Parivahan provides services related to commercial fitness, registration conversion, and permits.
A number-plate colour alone should not be treated as complete proof that a particular rental arrangement is legally authorized.
Benefits for Customers
Customers can use MotoShare to:
Discover car and bike options online Compare vehicle categories Search by location Select a rental duration Initiate a reservation Access the service from an Android app Receive pickup and return guidance Contact support Keep a clearer booking trail than a verbal agreement alone Customers must still verify the provider, registration, insurance, rental-use eligibility, deposit, price, fuel policy, kilometre allowance, cancellation terms, payment recipient, and damage process. MotoShare’s Terms explicitly place provider verification and financial due diligence on the customer.
Realistic Business Use Cases
A small mixed-fleet agency
A local operator with four cars and six scooters can publish both categories, set different rates, and update availability from one partner account.
A tourist-location bike company
The company can give visitors a way to explore scooter and motorcycle choices before arriving.
A new car-rental startup
The founders can test customer demand through free listings before committing to paid software.
An independent commercial vehicle partner
The partner can approve each renter rather than automatically releasing the vehicle to every applicant.
A hotel helping guests
The hotel can direct customers to an online marketplace instead of manually calling several local businesses.
A business moving away from spreadsheets
MotoShare can become the discovery and booking-request layer while the operator retains a spreadsheet temporarily for accounting and maintenance.
A long-term renter
A student, consultant, or temporary worker can search for weekly or long-term options instead of negotiating only daily rates.
An established fleet seeking extra visibility
A larger operator may use MotoShare as an additional marketplace while retaining specialised software for fleet operations.
MotoShare Versus Manual Rental Management
ActivitySpreadsheets, WhatsApp, calls, and paperMotoShareCustomer discoveryDepends on referrals or advertisementsPublic search and category pagesVehicle cataloguePhotos and details scattered across messagesStructured listingsAvailabilityManually checkedPartner availability controlsBooking requestPhone call or chatDigital request workflowConfirmationInformal verbal or message agreementPartner acceptance and notificationPricingRepeated quotationPartner-defined listing priceCustomer accessLimited by staff responseWebsite and Android appPartner accessPersonal files and phonesPartner dashboard and appMultiple vehicle typesOften maintained separatelyCars, bikes, scooters, and bicyclesInspection processDepends on individual staff habitsPublished handover checklistCommunication recordsSpread across private channelsOfficial channels encouragedSoftware costNo subscription, but substantial manual labourNo published platform feeMaintenanceManualNo verified MotoShare moduleGPSSeparate trackerSeparate tracker still requiredAccountingSpreadsheet or accounting toolNo verified built-in accounting MotoShare improves customer discovery and booking organization, but it does not eliminate every manual responsibility. Payment confirmation, legal checks, inspection, maintenance, and physical handover remain operational tasks.
MotoShare Versus Typical Paid Software
CapabilityMotoShareTypical paid rental softwarePlatform subscriptionNone currently publishedMonthly or annual feeListing feeNo fee statedUsually included in subscriptionBooking commissionNone statedGenerally no marketplace commission, but software fee appliesMarketplace visibilityIncludedOften not includedVehicle listingsAvailableAvailableAvailabilityBasic controls advertisedDetailed calendars and allocation rulesBooking managementRequest and acceptance workflowFull reservation lifecyclePricingPartner-definedSeasonal rates, packages, discounts, and dynamic pricingIntegrated paymentsConflicting documentationCommonContracts and invoicesDigital records mentioned; full automation unclearCommonSecurity depositsDirect provider arrangementFrequently automatedCustomer profilesRegistration availableDetailed CRM and historyMaintenanceNot verifiedOften includedGPS and telematicsNot verifiedOptional or integrated in advanced productsDigital signaturesNot verifiedCommon in higher plansDamage inspectionManual photo guidanceStructured or automated in some productsAccounting integrationsNot verifiedCommonMulti-location operationsNot documentedCommon in higher plansAdvanced reportingNot verifiedUtilization, revenue, and profitability reportsAPI accessNot publicly documentedCommon in advanced plansWhite-label websiteMotoShare marketplace brandingFrequently availableCustomer acquisitionMarketplace may generate discoveryUsually remains operator’s responsibility Booqable, for example, offers inventory, orders, contracts, invoices, availability, online payments, reports, and API access across paid tiers. HQ Rental Software advertises reservations, online payments, reporting, agreements, and telematics. Coastr markets bookings, fleet maintenance, real-time tracking, contactless rentals, and keyless entry.
MotoShare does not beat these products on operational depth. Its case is different: it provides essential marketplace and booking functions under a currently free model.
Market Trends and MotoShare’s Readiness
TrendWhy it mattersMotoShare positionCloud-based managementEnables browser access from multiple locationsSupportedMobile-first bookingCustomers expect smartphone accessSupported through Android appMobile partner operationsProviders need access away from the officeSupported through partner appReal-time availabilityReduces unavailable-vehicle enquiriesAdvertisedSelf-service customer portalsLets customers search and initiate bookings independentlySupported at a basic levelPeer-to-peer marketplacesConnects distributed vehicle supply with demandCore MotoShare modelContactless rentalsCombines digital ID, payment, agreements, and key accessFuture/partialDigital identity verificationReduces fraud and manual checksManual guidance; automation unverifiedOnline paymentsSimplifies booking confirmationConflicting documentationElectronic rental recordsImproves evidence and auditabilityPartially supported/mentionedAI-assisted pricingRecommends rates using demand and utilizationFuture opportunityDemand forecastingHelps operators prepare inventoryFuture opportunityGPS and telematicsTracks location, mileage, fuel, and driving eventsFuture opportunityPredictive maintenanceUses vehicle data to anticipate failuresFuture opportunityEV fleet managementTracks battery, range, and chargingFuture opportunityRental analyticsMeasures revenue, demand, and utilizationLimited public evidenceWorkflow automationSends confirmations, reminders, and alertsPartial/unclear Cloud and mobile access
MotoShare already supports browser-based use and separate customer and partner Android applications, placing it within the cloud and mobile-first direction of rental technology.
Contactless and self-service rental
A complete contactless journey typically requires automated identity verification, online payment, digital contracts, remote instructions, and sometimes keyless entry. Paid systems such as Coastr and HQ promote contactless or self-service workflows. MotoShare currently supports online discovery and booking but does not demonstrate that entire chain.
AI pricing and automated scheduling
Advanced software increasingly uses demand, availability, cancellations, and market information to improve pricing or fleet scheduling. Coastr describes machine-learning-assisted scheduling based on real-time operational data. MotoShare currently gives partners manual pricing control rather than a verified AI pricing engine.
GPS, telematics, and driver behaviour
Connected-fleet platforms can collect real-time location, trip, fuel, odometer, diagnostic, and safety data. HQ’s telematics offering includes GPS, geofencing, trip history, driver alerts, fuel, odometer, and maintenance alerts. AWS’s connected-mobility guidance also covers location tracking, safety events, and predictive maintenance.
MotoShare recommends that partners keep GPS tracking enabled, but it does not present GPS as an included platform feature.
Predictive maintenance
Predictive systems use sensor and historical data to identify likely failures before a breakdown. AWS documents connected-vehicle maintenance detection using engine temperature, tyre pressure, battery voltage, and diagnostic codes. MotoShare currently provides inspection and servicing guidance rather than predictive maintenance.
Electric-vehicle management
EV rental fleets increasingly need charge status, range, battery health, charger availability, and charging schedules. The IEA reports that global electric-car sales exceeded 20 million in 2025 and represented one-quarter of new-car sales, indicating why EV-specific fleet tools are becoming more important.
MotoShare can list relevant vehicle categories, but no dedicated EV battery or charging-management capability is publicly demonstrated.
Existing Versus Possible Future Features
Existing or currently advertisedValuable future improvementFree vehicle listingsConsistent pricing and payment documentationCustomer and partner registrationIntegrated payment and deposit handlingCars, bikes, scooters, and bicyclesAutomated refunds and cancellation workflowsOnline vehicle searchAdvanced vehicle and location filtersPartner-controlled pricesAI-assisted pricingAvailability updatesCalendar synchronizationBooking requestsFull reservation modification workflowAccept or decline controlsAutomated remindersCustomer and partner appsiOS applicationsFlexible rental durationsRecurring long-term billingOne-way and round-trip optionsAutomated fleet rebalancingPickup and drop-off optionsContactless and keyless pickupDoorstep delivery in selected areasDelivery routing and dispatchManual document verification guidanceAutomated ID and driving-licence checksInspection and photo guidanceAI-assisted damage comparisonDigital record guidanceE-signatures and generated agreementsSupport channelsIn-app support tickets and service targetsBasic earnings tracking advertisedRevenue and utilization analyticsGPS recommended separatelyIntegrated GPS and geofencingServicing guidanceMaintenance schedules and work ordersGeneral EV listingsBattery and charging managementPartner communicationPublic API and webhooksMarketplace visibilityMulti-branch and ERP integrations Honest Limitations and Best-Fit Guidance
MotoShare is best suited to:
New rental businesses Independent rental partners Small car-rental agencies Motorcycle and scooter operators Bicycle-rental providers Tourism-location businesses Mixed car-and-bike fleets Operators with limited software budgets Businesses dependent on calls and WhatsApp Providers seeking online marketplace visibility It may need to be combined with other products when the business requires:
Workshop and service management Preventive-maintenance schedules Spare-parts records Live GPS Geofencing Route optimization Fuel monitoring Driver-behaviour scoring Telematics Predictive maintenance EV charging management Automated invoicing Accounting integration ERP integration Multi-branch financial control Advanced reports APIs and webhooks Enterprise support agreements MotoShare’s greatest near-term product priority should be consistency. Its payment, verification, insurance, instant-booking, and cancellation descriptions should be aligned across the homepage, feature page, partner portal, apps, Terms, and policies.
Frequently Asked Questions
1. What is the best free vehicle rental management software for cars and bikes?
The best free option depends on the business’s needs. MotoShare is a strong choice for operators seeking free listings, customer discovery, availability controls, booking requests, partner pricing, and mobile access without published platform charges.
2. Is MotoShare completely free?
MotoShare currently says it is free for customers, renters, and partners and that it charges no booking fees, commissions, or hidden platform charges.
3. Does MotoShare charge a subscription fee?
No recurring platform subscription is currently published. MotoShare does not promise that the model will remain unchanged forever.
4. Does MotoShare charge vehicle-listing fees?
Its Terms state that providers are not charged to list rental services.
5. Does MotoShare charge booking fees or commission?
MotoShare’s homepage says it charges neither booking fees nor commissions.
6. Which vehicles can be listed?
MotoShare supports cars, motorcycles, scooters, and bicycles, subject to its eligibility and compliance requirements.
7. Can private white-plate vehicles be listed?
MotoShare’s current policy prohibits private white-plate cars and motorcycles from being listed for rental.
8. Does MotoShare support online booking?
Yes. Customers can search and initiate bookings, while partners can receive and respond to rental requests.
9. Does MotoShare provide instant booking?
MotoShare’s feature and service pages advertise instant confirmation. The precise live conditions under which a booking is automatic rather than partner-approved are not publicly explained.
10. Does MotoShare show real-time availability?
The feature page and customer app advertise real-time availability. Public documentation does not explain the synchronization method or update guarantees.
11. Does MotoShare process online payments?
Official pages conflict. Marketing pages describe platform payments, while the Terms and Cancellation Policy say MotoShare does not process payments. Users should confirm payment directly with the provider and follow the legal policies.
12. Are MotoShare rental providers verified?
Marketing pages use the term “verified,” but the Terms say MotoShare does not perform background checks, financial audits, or legal verification. Customers should independently verify providers and documents.
13. Does MotoShare have customer and partner apps?
Yes. Separate Android applications are listed for customers and partners.
14. Does MotoShare include GPS, telematics, and maintenance?
No built-in GPS, telematics, or comprehensive maintenance module was verified. MotoShare recommends that partners use GPS separately.
15. Is MotoShare suitable for a large rental company?
It can serve as a marketplace and booking channel, but larger businesses will likely need additional systems for maintenance, payments, finance, telematics, analytics, integrations, and branch management.
Conclusion
The best free vehicle rental management software for cars and bikes should make vehicles easier to discover, reduce scattered booking communication, improve availability control, and help operators move online without creating an immediate software bill.
MotoShare offers a persuasive combination of:
Free platform access Free vehicle listings No published booking fee No published commission Cars, bikes, scooters, and bicycles Customer and partner registration Online search Partner-controlled pricing Availability management Booking requests Partner acceptance controls Flexible rental durations Customer and partner mobile apps Pickup and return guidance Vehicle-condition documentation Commercial-compliance guidance Its value is strongest for independent partners, small rental companies, startups, and tourism businesses that need a marketplace and basic rental-management layer—not a full enterprise fleet system.
MotoShare should not be represented as offering advanced GPS, telematics, predictive maintenance, accounting, route optimization, or ERP functions unless those capabilities are added and publicly documented. It should also reconcile its conflicting payment, verification, and insurance statements.
Customers can visit MotoShare to search for available cars and bikes. Eligible rental providers can register as partners, review the compliance requirements, list suitable vehicles, set prices, update availability, and begin receiving rental requests.
View the full article
The European Commission today formally ordered Google to give third-party AI services the same access to Android device features that Gemini has. Europe's Digital Markets Act requires software makers like Apple and Google to grant equal interoperability to third-party apps and services, and the EC is enforcing it.


DMA interoperability rules are why Siri AI won't be available in the European Union when iOS 27 launches. While Apple tried to work out an agreement with regulators before launching ‌Siri‌ AI in Europe, Google did the opposite. Instead of asking, Google just launched Gemini integration on Android and opted to deal with the consequences afterward. Google's strategy gives Android users in Europe full Gemini access while it works on compliance with the DMA.

The European Commission is giving Google a full year to implement changes that will meet the Digital Markets Act requirements, and that's before any legal appeals Google might make.

The European Commission is making many of the same demands of Google that it made of Apple. Google must allow AI apps to access 11 features, such as:

AI services must be accessible through voice commands like "Hey Google" or through access points like the home button or another activation button.
AI services must be able to complete actions in and across apps, including completing long-running tasks in the background.
Google must allow AI services to access context from apps and device sensors so AI can offer proactive services and anticipate user needs.
Google has to give AI apps sufficient hardware and software resources, including access to its on-device AI models to execute tasks.

Google is required to implement the majority of the European Commission's changes by August 1, 2027.

Shortly after announcing ‌Siri‌ AI, Apple said EU regulators would not accept any of its proposed solutions to introduce the feature, and refused to engage on options that "preserve privacy and security." Apple wanted to use a Trusted System Agent that would allow third-party virtual assistants to safely access the same device capabilities as ‌Siri‌ AI.

Apple said the Digital Markets Act would require it to give any AI system "nearly unlimited access to a user's device," along with the ability to act on that information autonomously.

The European Commission claims Apple was "unable to develop interoperability solutions that meet essential EU privacy and security standards" and instead asked for a blanket exemption from the interoperability requirements, which the EC did not grant.

In response to the EC's mandate, Google said the requirements "risk undermining vital privacy and security guardrails for millions of Europeans." Google hasn't given information on its next steps, but it says it plans to "continue advocating for a balanced approach that protects privacy and security while supporting market goals."Tags: Android, European Commission, European Union, Google
This article, "EU Orders Google to Give Rival AI Apps the Same Android Access as Gemini" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Google is expanding AI Mode in Search, allowing users to connect apps to improve search results and "get more done."


Instacart, YouTube Music, and Canva can be connected, and Google explains how the integrations can be useful:

Instacart - If you're using AI Mode to help you plan a grocery list, ingredients can be added right to an Instacart shopping cart for quick ordering.
Canva - If you're creating a flyer, you can get template options from Canva.
YouTube Music - You can use AI Mode to curate a playlist and save it to YouTube Music.

Instacart, Canva, and YouTube Music are the only apps that can be connected right now, but Google may add more in the future. Connected apps were previously available in Gemini, but the feature set is now being expanded to Search.

Connecting apps is limited to AI Mode in the United States, in English. Once an app is connected, users are able to access new features when making a request in Google Search AI Mode. Connected apps can be used in Search both on the desktop and through the Google Search iOS app.

Google suggests users turn on history and personalized recommendations to improve the Google Search experience. Google says it uses people's interactions with Search and the new AI features to develop and improve generative AI experiences.Tag: Google
This article, "Google Search Now Connects to Instacart, Canva and YouTube Music" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Zoom has identified, and patched, a critical security hole that “may allow an unauthenticated user to conduct an account takeover via network access.”
The issue is especially significant given Zoom’s extensive reach; it reportedly has more than 300 million daily active users, including 470,000 paying business customers. Given that reach, Zoom has been impacted by many other security incidents and France recently tried banning its use by French government users. 
 Zoom security bulletins released Tuesday revealed the bug, and three other security issues, which Zoom patched on Wednesday. 
The company originally said that the takeover issue impacted Zoom Desktop Client for Windows before version 7.0.0, Zoom VDI Client for Windows before version 7.0.10 and 6.6.15 and 6.5.18 in their respective branches, and Zoom Meeting SDK for Windows, but on Wednesday, without explanation, it removed Meeting SDK for Windows as an affected product.
The other three holes were less severe, but still significant, and they all involved privilege escalation. They impacted Zoom Workplace for Windows before version 7.0.5, Zoom Workplace VDI Client for Windows before 6.5.17 and 6.6.14 in their respective branches, Zoom Workplace VDI plugin for Windows before 6.5.17 and 6.6.14 in their respective branches, Zoom Rooms for Windows before 7.0.5 and Remote Control for Zoom Contact Center for Windows before version 7.0.0.
A second privilege escalation issue impacted Zoom Rooms for Windows before version 7.1.0, and another impacted Zoom Workplace VDI Plugin for Windows before version 6.6.14.
Zoom did not immediately reply to a request for comment.
‘As bad as it gets’
Frank Dickson, group VP for security at IDC, said the nature of the reported hole is alarming.
This bug “is about as bad as it gets, short of a worm. It is exploitable over the network, low complexity, zero privileges required, no user interaction needed,” he said, pointing out that exploitation is easy once technical details leak or someone reverse-engineers the patch, which is not as challenging as it once was, thanks to AI. “Yesterday’s script kiddies have been empowered,” he said.
Dickson said the only good news is that Zoom discovered the hole itself, and that “no in-the-wild exploitation has been reported by any outlet as of Thursday.”
Consultant Brian Levine, executive director of FormerGov, agreed with Dickson’s characterization of the hole, but said a potentially bigger issue is the high level of sensitive data that Zoom accesses. 
“An attacker with unfettered access to a Zoom account may be able to listen to recordings of sensitive meetings, to eavesdrop on future meetings, and to impersonate the organization in an effort to social engineer its clients and partners. Thus, given that ubiquity of Zoom in large enterprises, this vulnerability is pretty concerning,” Levine said.
He’s encouraged, however, that Zoom found the flaw itself, which indicates its security team is “actually doing the hard, unglamorous work of auditing its code.”
Giuseppe Trotta, principal security researcher at Malwarebytes, has a theory about what was behind the Zoom disclosure. 
“Because the vulnerability requires zero privileges and absolutely no user interaction, the remote network attack vector is highly suspected to involve the mishandling of deep links, such as custom URL schemes like zoommtg:// or zoomworkplace://,” he said. This led him to think that if the Zoom Workplace client for Windows fails to properly sanitize and validate incoming arguments passed via these special browser-to-desktop links, an unauthenticated attacker could craft a malicious string that could trick the desktop application into exposing or redirecting the user’s active session tokens directly to an attacker-controlled server, achieving a seamless and completely silent account takeover.
“Watch out for Zoom links and invites if you are on Windows or VDI and haven’t updated yet,” he advised.
Mike Wilkes, enterprise CISO at Aikido Security, offered kudos to Zoom for discovering the critical flaw, but he wanted to know how such a severe bug got into its software initially.
“This vulnerability raises questions about why the defect was not caught by design review, fuzzing, or pre-release abuse-case testing,” Wilkes said. “A historical defect in Zoom’s product/security relationship has been prioritizing ease of use over security risk.”
All four bugs important
Justin Greis, CEO of consulting firm Acceligence, said that the two types of holes reported by Zoom, account takeover and escalation, are both important, but for different reasons. 
“The critical vulnerability is significant because it has the characteristics security teams worry about most,” Greis said, but the privilege escalation holes “are certainly important to patch as they primarily increase the impact of an attack that has already begun. The critical vulnerability has the potential to be an initial entry point, which is why it deserves the most attention.”
Greis also applauded Zoom’s response, saying that it “reflects a reasonably mature security program.”
He pointed out that no complex software platform will eliminate vulnerabilities entirely. “The differentiator is whether vendors are continuously investing in offensive testing, finding weaknesses before attackers do, and moving quickly to develop and distribute fixes,” he said.
This article originally appeared on Computerworld.
View the full article
Docker Captains are leaders from the developer community that are both experts in their field and are passionate about sharing their Docker knowledge with others. “From the Captain’s Chair” is a blog series where we get a closer look at one Captain to learn more about them and their experiences.
Today we are interviewing Mohammad-Ali A’râbi, a Docker Captain based in the sunniest German city, Freiburg. He is the author of the book “Docker and Kubernetes Security,” a Best DevOps Book of the Year finalist in 2025. He is also a software engineer, public speaker, and community builder, organizing Docker meetups in Freiburg since 2022. Mohammad-Ali is originally from Iran and has a BSc in Mathematics and an MSc in Computer Science.

Caption: Docker Captains Summit in Istanbul, I’m the one with a red hat
Can you share how you first got involved with Docker?
In 2015, I was working at Cafe Bazaar, a tech company in Iran, as a backend engineer. Our backend was running on Django, so for a whole week, I listened to Django Reinhardt while trying to spin up the project. I was failing because of the dependency hell.
A colleague casually mentioned, “You can perhaps try using Docker; we’re using it in the CI.” Docker was 2 years old at the time, and I had never heard of it before.
So, I disappeared for one week, learning Docker, and next thing you know, I was creating CI pipelines for other projects.
Caption: Cafe Bazaar in Iran, I’m the one in the red T-shirt (middle)
What inspired you to become a Docker Captain?
Between 2018 and 2019, I was working in Amsterdam. We had tech meetups quite often there, and I loved it about Amsterdam. We moved back to Freiburg in 2019, and I started working at a smaller company, where I introduced git, CI/CD pipelines, and Docker. People would come to me with their git and Docker questions. So, I decided to write them down on a Medium blog for my own later reference. But I learned the content is useful for the community, so I kept on writing. At some point, I was writing a blog post on git every week.
When the pandemic hit, I got depressed, so I decided to start a meetup group in Freiburg, because otherwise, there was none. I attended an online Docker Community All Hands and an online KubeCon, and in the meantime, I was looking for venues to host my first meetup.

In 2022, I got a LinkedIn message from a CEO trying to hire me. I told him, “I just got a new contract, but we can talk about other collaborations.” We set up a meeting, and I wrote, “I will bring my coffee!” It was because their office was in the same building as where I live. I went down there, having a Docker-branded mug filled with coffee (caffè crema with a stain of milk), saying, “Hello, neighbors!” They agreed on hosting an in-person Docker meetup.


Our first meetup was in November 2022, and we had only one attendee, who came all the way from Strasbourg, France. In the end, it was him, my wife, me, one of the founders and her boyfriend, and an engineer from the company.
Our second meetup was a watching party, watching Docker Community All Hands. By that time, I had two blog posts published on Docker’s blog, I had a talk at that particular event, and I won the title of best Docker Community Leader.
When I applied to become a Captain in early 2023, many already knew me at Docker.
What are some of your personal goals for the next year?
I want to double down on education and storytelling.
I recently published Black Forest Shadow, a fantasy story set in 1865 Freiburg that teaches container security through narrative. It’s part of a bigger idea I’m exploring: making complex DevOps concepts memorable through story, visuals, and characters. One other project I’m working on is the workshop series Docker Commandos, with which I introduce different Docker commands.
On the technical side, I’m working on the second edition of Docker and Kubernetes Security, especially covering Docker Hardened Images.
Caption: Docker Commandos Pack
And on the community side, I want to grow the Freiburg meetup into something more consistent and connected to the broader ecosystem. It’s already a CNCF chapter as well, but I have been playing with the idea of starting a Java User Group (JUG) to attract a wider audience.
If you weren’t working in tech, what would you be doing instead?
I would probably have become a mathematics professor researching logic. I did an unfinished master’s in Iran researching Categorial Grammar, which models natural languages using mathematical logic. My master’s thesis in Computer Science was also basically mathematical logic.
Or I would have become a researcher in ancient languages. I can read Old Persian cuneiform and Book Pahlavi, which is currently not fully deciphered, to be added to the Unicode. If I weren’t doing tech, I would dedicate my time to answering the remaining questions.

Can you share a memorable story from collaborating with the Docker community?
Publishing the book Docker and Kubernetes Security would not have been possible without the Docker community. So, the story goes like this:
Shortly after I became a Docker Captain, Packt, the tech publisher, reached out to me and suggested that I write a book with them. I declined at first, as I didn’t feel I was knowledgeable enough to write a book. But they were very persuasive.
Two years later, I finished my manuscript and threw it over the fence. As I was waiting for them to do their magic, they went through a reorganization, and they finally said they can’t prioritize my title. They wrote to me, “You can find a new publisher.” I found a new publisher, and that was me.
Caption: Docker booth at WeAreDevelopers conference
I started asking Docker Captains to review the work. I gave beta versions to our little Freiburg community. And when it came out, many Docker Captains, Docker employees, and members of the Docker community supported me by buying the book or spreading the word.
What’s your favorite Docker product or feature right now, and why?
Docker Hardened Images, because Shai Hulud is lurking in the deep, and Jack the Bitcoin Miner is installing cryptominers on every vulnerable server, so the ecosystem deserves an open-source, CVE-free set of base images. And this should be available to everyone, not only the paying customers, because we’re all in this boat together.
Caption: Jack the Bitcoin Miner fighting Gord the Guardian
Can you walk us through a tricky technical challenge you solved recently?
Tech problems are usually not tricky; designing the solution is. It’s tricky to understand if you’re overengineering or if your solution is too simplistic and not future-proof. Last week, I was designing a new microservice, and I created a few rules for myself to guard-rail my solution:
Decisions should be able to be postponed. Don’t lock in on a decision yet. I introduced interfaces for our repository and injected its implementation, so that if we decided on using a different database later, all we have to do is add a new implementation and change one line of code to inject it into the service. There should be one way to do things. If you have three different ways to run the project locally, they will eventually go out of sync, and all end up broken. Choose a main solution, don’t do Docker Compose and Devcontainers and local npm start all at the same time. Automate everything. If things are manual, they are more prone to error and more time-consuming. If your deployment is SSHing into a server, changing a commit hash, and restarting the Docker Compose service, you’re doing it wrong. Don’t trust AI. I use Claude Code, and I have to correct it half of the time, saying, “Don’t do that, do this.” If you’re letting the AI write your code while you’re drinking coffee in the kitchen, you’re in for disaster. Research shows that a significant portion of AI-generated code is insecure. Test everything. Add CI checks for everything. I had jobs for formatting, linting, running tests, checking the coverage, checking Docker image vulnerabilities, and even the commit messages. Now, based on the commit messages, I bump the version automatically using semantic versioning and trigger a new release. What’s one Docker tip you wish every developer knew?
You can generate SBOM attestation upon build very easily, it’s just passing a flag on CLI, setting a new argument on the CI job, or two lines of code if you’re using Docker Bake.
Caption: SBOM attestations make it easier to find CVEs
Using the CLI:
$ docker buildx build --sbom=true -t <image> . If you’re using Docker Bake:
variable "TAG" { default = "latest" } variable "REPOSITORY" { default = "mithra-backend" } group "default" { targets = ["backend"] } target "backend" { context = "." dockerfile = "Dockerfile" tags = ["${REPOSITORY}:${TAG}"] attest = [ { type = "provenance" mode = "max" }, { type = "sbom" } ] } Then you can build by:
$ docker bake And in the CI:
- name: Build and push with docker bake uses: docker/bake-action@v5 with: files: ./docker-bake.hcl push: true If you’re not using Docker Bake yet, it’s worth looking into. It makes Docker build more delicious.
Caption: Docker Commandos doing a bake-off competition in Asgard
If you could containerize any non-technical object in real life, what would it be and why?
I would create snapshots of the world so that I can choose which version to live in. Sometimes I play Fallout: New Vegas to escape reality, which is ironic. But at least it has Big Iron in it.
Where can people find you online?
I have a website with all my links: aerabi.com
LinkedIn is my main social media platform; follow me there: /in/aerabi.
And when I miss the good old Twitter, I sometimes write on BlueSky: @aerabi.com.
Rapid Fire Questions
Cats or Dogs?
Homo Sapiens
Morning person or night owl?
Vampire
Favorite comfort food?
Fesenjān, but if you don’t know what that is, sushi
One word friends would use to describe you?
Crazy
A hobby you picked up recently?
Writing dark fantasy. Though honestly, lately I just call it “non-fiction.”
View the full article
Online game platform Roblox today said it is adding a new Build tool that will let iPhone and iPad users create games using AI.


With the mobile-first Build option, Roblox users can write a text-based prompt and have AI turn it into a basic game. A single prompt will create a starting point that can be expanded with playtesting and further commands. The entire game-making process, from creation to uploading on the Roblox platform, can be done on a mobile device.

Right now, creating a game in Roblox requires a Mac or PC app, but Build will extend game creation to mobile users too. Roblox is also adding new AI creation tools to Roblox Studio, its desktop game creation software. Content created using the Build tool can be iterated on with Studio.

Roblox Build is set to roll out to the Roblox mobile app on July 28, beginning with a public alpha test for users in New Zealand. Build will roll out to additional regions in the coming months as Roblox improves the experience.

Roblox has 132 million daily active users, and user-created games like Brookhaven RP, Adopt Me, and Dress to Impress have been wildly popular.Tag: Roblox
This article, "Roblox is Adding AI Game Creation to iPhone and iPad" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Popular password management app 1Password today added Claude support, which means AI service Claude can access credentials stored in 1Password for completing browser tasks.


With the integration, Claude can use 1Password logins and one-time codes without the actual password being exposed to Claude. Passwords never reach Claude's context, memory, or Anthropic's systems.

When Claude wants to sign in to a website, 1Password shows the user which credential Claude wants access to and why. After the user approves the request, 1Password adds the credential directly to the page. Access is limited to the current task and ends when the task has been completed. The 1Password team says that after a password is autofilled, the app checks to make sure secrets were not exposed on the page.


Credit cards and identities in 1Password are not supported at the current time, so Claude's access is limited to logins and one-time codes.

The 1Password browser extension is also being updated with Agentic Mode, which gives users control over browser-based AI agents. When an AI agent takes over, the 1Password extension locks down so passwords are not exposed. The password interface is hidden, and the agent can use logins and one-time codes only when the user gives approval. Agentic Mode works to protect passwords from AI agents even if the integration is not set up.

1Password for Claude is available for Mac, and 1Password business, family, and individual plan subscribers can use it. A Pro, Max, Team, or Enterprise Claude plan is required. 1Password has a help document with detailed information on how to set it up.

Claude can use 1Password logins across sites where Claude in Chrome can complete actions. The 1Password desktop app and browser extension are required, as are the Claude desktop app and the Claude in Chrome browser extension.Tags: 1Password, Anthropic
This article, "1Password for Claude Lets AI Log In Without Seeing Your Passwords" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple this week was sued over a reported "Hide My Email" flaw that could expose a user's real email address. The proposed class action lawsuit alleges that Apple violated California's false advertising law and other consumer protection statutes by knowingly offering a feature that does not work as advertised.

A security researcher disclosed the apparent "Hide My Email" vulnerability to Apple in June 2025, but there are no known instances of it being exploited, as the steps involved have not been shared with the public as a precaution.Tag: Apple Lawsuits
This article, "Apple Sued Over Reported 'Hide My Email' Flaw" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple chip supplier TSMC has announced a $100 billion increase to its U.S. chip investment, bringing its total commitment to $265 billion.


The increase was confirmed by the White House and the Department of Commerce alongside TSMC's second quarter earnings call. Commerce Secretary Howard Lutnick said the investment would "create tens of thousands of American jobs," while TSMC chairman and CEO C.C. Wei told CNBC the new fabrication plants would support "our leading U.S. customers," a group that reportedly includes Apple, alongside Nvidia and Broadcom.

Apple CEO Tim Cook called Apple "TSMC Arizona's first and largest customer" when the company's third Arizona fab broke ground last year, and the company's first Arizona plant already produced some of Apple's A16 chips.

TSMC has historically reserved its most advanced manufacturing processes for its home plants in Taiwan, meaning Arizona made chips have trailed several generations behind whatever Apple ships at any given time. TSMC has since committed to building its own advanced packaging facilities in the US as part of its broader investment plan, according to a regulatory filing.

The new $100 billion is expected to fund up to four more plants, though the exact shape of the plan remains unsettled. The Department of Commerce says the total will reach 12 U.S. facilities, while an official told Bloomberg the eventual mix could be 10 fabrication plants and two packaging facilities, focused on 2 nanometer chips, TSMC's most advanced process commercially available today.

That timing could hinge partly on how much U.S. capacity Apple itself ends up needing, since the company has been separately exploring Intel and Samsung as backup chipmakers to reduce its reliance on TSMC amid the ongoing global chip crunch. Apple is reported to have secured an exemption from a proposed 100% semiconductor tariff partly by pledging its own U.S. manufacturing investment and agreeing to buy chips from Intel.Tag: TSMC
This article, "Apple's Chipmaker Pledges $100 Billion More for US Plants" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple today added the iPad mini with the A17 Pro chip to its refurbished store in the U.S. and Canada for the first time since the device was released in October 2024. Other key features include an 8.3-inch display, a 12-megapixel Center Stage camera, and a Touch ID power button. There is no availability in any other countries yet.


In the U.S., refurbished pricing starts at $509 for a Wi-Fi model with 128GB of storage, down from $599 for the equivalent brand-new model. However, keep in mind that a new iPad mini started at $499 until Apple raised prices last month, so unfortunately the refurbished model costs $10 more than a new model did just a few weeks ago.

Apple says the refurbished iPad mini models include a new battery and outer shell, a plain new box, and all accessories, including a 20W USB-C power adapter and a USB-C charging cable. Apple says it puts refurbished devices through a "thorough cleaning process and inspection," which typically results in a like-new condition.

All refurbished iPads are covered by Apple's one-year warranty. AppleCare+ is available.

Apple reportedly plans to release a new iPad mini with an OLED display and several other upgrades by October, but rumored timeframes can shift.Related Roundup: iPad miniTag: Apple Refurbished ProductsBuyer's Guide: iPad Mini (Don't Buy)Related Forum: iPad
This article, "Apple Begins Selling Refurbished iPad Mini With A17 Pro Chip at a Discount" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
In March, Bloomberg's Mark Gurman said a new entry-level iPad was "still coming this year," but apparently this is no longer the case. Today, he reported that the device is slated for release in the first quarter of 2027 at the earliest.


The main new feature will be a faster processor rather than major design changes, he said, so it sounds like nothing more than a spec bump. While the next iPad mini is expected to have an OLED display, the base iPad will stick with an LCD screen.

Gurman previously said the device would be powered by the A18 chip, but Macworld's Filipe Espósito said it would have an A19 chip. In any case, the device would gain support for Apple Intelligence, as both chips have the minimum 8GB of RAM required for those features. The current entry-level iPad has an A16 chip with 6GB of RAM.

Last month, Apple increased the entry-level iPad's starting price worldwide. In the U.S., for example, the device now starts at $449, up from $349.

Apple also plans to release new 11-inch and 13-inch iPad Air models early next year, according to Gurman. He said the iPad Air will eventually move to an OLED display, but he did not say if that is happening with the next models specifically.

He recently reported that new iPad Pro models will launch early next year too.

All in all, he expects a new iPad mini by October this year, followed by updated entry-level iPad, iPad Air, and iPad Pro models in the first half of next year.Related Roundup: iPadTag: Mark GurmanBuyer's Guide: iPad (Don't Buy)Related Forum: iPad
This article, "Here's When to Expect the iPad 12 to Launch" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Agents have moved from demos to daily work faster than almost anyone planned for. In our State of Agentic AI report, 60% of organizations already run AI agents in production, and yet 40% name security and compliance as the number-one thing holding them back from scaling further. That gap, between what teams have already shipped and what they can safely operate, is the real story of AI agents right now.
But what is an AI agent, and why does the term suddenly stretch from a coding assistant to an autonomous research system? The short version is that an agent doesn’t just respond, it acts: give it a goal and it’ll plan the steps, call tools, check the results, and adjust, usually without stopping to ask. That’s what separates an agent from the generative AI it’s built on, and it’s why where an agent runs matters as much as which model sits behind it.
Key takeaways
•  An AI agent pursues a goal on its own. It reasons, picks tools, and takes actions in a loop rather than answering one prompt at a time.
•  The model decides, tools act, and the environment is where those actions land.
•  Autonomy is the point and the risk. Once an agent can act on its own, where it runs decides how much a wrong move can cost.
•  Building agents is largely an infrastructure problem: framework choice, tool access, and an isolated place to run them safely.
What is an AI agent?
Strip away the hype and an AI agent is software that takes a goal, decides how to reach it, and acts through tools to get there, then uses what it learns to choose its next move. The model supplies the reasoning, the tools give it hands, and the environment is where its actions actually happen. Put those three together and you get a system that can work through a task instead of just describing one.
That’s the difference between an agent and the chatbot experience most people started with. A chatbot answers the question in front of it. An agent takes an objective and works the problem: it breaks the goal into steps, decides which tool fits each step, runs it, reads the outcome, and keeps going until the goal is met or it gets stuck. A coding agent asked to fix a failing test might read the codebase, edit a file, install a dependency, run the suite, and open a pull request, all from one instruction. 
Three properties make that possible:
Autonomy lets it decide the next action without waiting for approval at each step. Tool use lets it reach beyond text to run code, query APIs, and change files. Memory lets it carry context across steps, so later decisions build on earlier ones. Remove any one of them and you’re back to a smarter chatbot rather than an agent.
How do AI agents work?

Under the hood, an agent runs a loop. It takes in the current state of its task, reasons about what to do next, acts through a tool, observes what changed, and feeds that back into the next round of reasoning. The loop repeats until the goal is reached or a stopping condition kicks in.
In one pass of the loop, the agent perceives first, gathering context like the goal, relevant memory, and the results of whatever it did last. In the reason step, the model plans the next action and picks a tool. In the act step, it invokes that tool, a shell command, an API call, a database query. In the observe step, it reads the result, including errors. Then it adapts, updating its plan based on what happened, because a failed test isn’t a dead end for an agent, just new input for the next loop.
The parts that make it run
Most agent frameworks assemble the same core pieces, even when they name them differently.

Component
What it does
Model
The reasoning engine. It interprets the goal, plans steps, and decides which tool to call next.
Tools
The connections to the outside world: code execution, file operations, API calls, database queries, web search.
Memory and context
What the agent carries between steps and sessions, so later actions build on earlier results instead of starting fresh.
Orchestration
The control logic that runs the loop, enforces limits, and coordinates multiple agents when a task is split across them.
Environment
Where the agent’s actions actually execute: your laptop, a server, or an isolated sandbox. This is the part most explanations skip, and the part that decides your risk.
What are AI agents used for?

Here are a few common examples of AI agents: 
Coding agents read a repository, write and refactor code, run tests, and open pull requests. Support agents triage tickets, pull answers from internal docs, and take action in connected systems. Data agents query multiple sources, reconcile the results, and write a summary. Operations agents watch infrastructure, investigate alerts, and run routine fixes. What ties these together is the shape of the work. If a task can be described as a goal plus a handful of tools plus a definition of done, an agent can usually attempt it. That’s also why agents are showing up in so many roadmaps at once. 
Agents vs. chatbots, vs. generative AI
Agents, chatbots, and GenAI often get used interchangeably, which muddies the water. Generative AI produces content in response to a prompt. A chatbot wraps that in a conversation. An agent adds autonomy and tools on top, so it can act on the world rather than just describe it. The clearest way to see it is side by side.

Capability
Chatbot
AI agent
Responds to a prompt
Yes
Yes
Uses external tools
Rarely
Yes
Plans and runs multiple steps
No
Yes
Acts without approval at each step
No
Yes
If you want a deeper comparison between generative and agentic systems, we cover it in GenAI vs. agentic AI. But in essence, the moment a system can take actions on its own, you’re no longer just evaluating output quality. You’re also deciding what that system is allowed to touch.
How AI agents are changing software development
An agent is only as safe as the environment it runs in and the access it’s granted. While a chatbot that hallucinates gives you a wrong answer. An agent that goes wrong can delete files, leak secrets, or push a broken change. The autonomy that makes agents productive is the same autonomy that widens the blast radius when something misfires.

Scenario spotlight: Consider what can go wrong when an agent runs directly on a developer’s machine. A vaguely worded cleanup instruction leads a coding agent to run a destructive delete against the wrong directory, which is exactly the kind of failure Docker documented in the rm -rf incident. The agent was trying to help. Nothing contained the mistake, so it reached real files.
This is why experienced teams treat agents as an infrastructure decision, not just a model choice. The interesting engineering questions are about containment: where does the agent execute, which tools can it call for this specific task, whose credentials does it use, and how do you see what it did afterward. Get those right and you can let an agent run without approving each step.
Common misconceptions about AI agents

A few beliefs cause most of the confusion.
“More autonomy is always better.” Not quite. Autonomy is a dial, not a switch. More of it means more speed and a larger blast radius at the same time. “Agent security is the model’s job.” The model can’t contain itself. Real safety comes from the infrastructure around it, which is the whole point of securing AI agents at the isolation and access layers. “Governance is only for big enterprises.” Even a solo developer benefits from basic guardrails. As soon as more than one person runs agents, you need shared rules, which is where AI governance starts to earn its keep. How to start building and running agents safely

You don’t need a platform team to begin, just a few deliberate choices. Pick a harness that matches your task rather than the one with the loudest launch. Connect only the tools the agent needs for the job in front of it, not every tool it might ever want. And decide where it runs before you hand it real access.
That last choice does the most work. Running an agent inside an isolated, disposable environment gives it a real place to work, install packages, edit files, run services, while keeping it away from your host, your credentials, and your other projects. If something goes wrong, you throw the environment away and start a new one. This is the same reasoning behind sandbox security and the microVM architecture that makes strong isolation practical without slowing the agent down. Permission prompts feel like control, but they mostly train you to click allow. A boundary gives you both speed and safety.
Running agents you can actually trust
AI agents are the rare technology where the hard part isn’t getting them to do something, it’s deciding how much they’re allowed to do and where. Once you see an agent as a model plus tools plus an environment, the path forward gets clearer: choose the model, scope the tools, and put real thought into the environment. The first two get most of the attention. The third is where safety actually lives.
That’s the gap Docker Sandboxes is built to close. Each agent runs in its own disposable microVM with control over networking, filesystem access, and resource limits, so it can move fast inside a boundary instead of loose on your machine. And when you’re running agents across a team, AI Governance lets you set the rules once, which actions are allowed, what the network can reach, which credentials and tools are in play, and enforce them everywhere developers work. Define the boundary, then let the agents run.
Frequently asked questions

What is an AI agent in simple terms?
An AI agent is software that takes a goal and works toward it on its own, reasoning about what to do, using tools to act, and adjusting based on the results. Unlike a chatbot, which answers a single prompt, an agent runs a loop of decisions and actions until the task is done.
What is the difference between an AI agent and a chatbot?
A chatbot responds to what you type. An agent pursues an objective across multiple steps, calling tools to change files, run code, or query systems along the way. The agent decides its own sequence of actions rather than following a fixed script.
What are AI agents used for?
Common uses include writing and testing code, triaging support tickets, analyzing data across multiple sources, and handling routine operations tasks. The common thread is multi-step work that involves some judgment and a few tools, rather than a single question and answer.
Are AI agents safe to run in production?
They can be, if you contain them. Because agents act autonomously, safety comes from the environment they run in and the access they hold, not from the model alone. Isolation, scoped tool access, dedicated credentials, and monitoring are what make production use responsible.
Do I need special infrastructure to run AI agents?
For experiments, no. For anything that touches real code, data, or credentials, you want an isolated place for the agent to run so a mistake can’t reach your host. That’s why sandboxed, disposable environments have become the default pattern for running capable agents.

View the full article
Why Docker is excited to co-host the first WeAreDevelopers World Congress North America
When we announced our partnership with WeAreDevelopers, AI agents were still mostly something developers experimented with. Today, they’re becoming part of everyday software development.
That’s why the timing for this year’s WeAreDevelopers World Congress couldn’t be better.
In the months since that announcement, the developer landscape has changed dramatically. If you’re writing software today, your workflow probably looks very different than it did a year ago. You’re prompting AI agents, reviewing AI-generated code, deciding what to accept and what to reject, and thinking about security much earlier in the development process.
Developers are no longer spending all of their time writing code. They’re designing systems that generate code, supervising autonomous agents, deciding what those agents can access, reviewing AI-generated changes, and making sure software is secure before it reaches production. 
That shift feels a lot like the rise of data science a little over a decade ago. We didn’t replace programmers. We created an entirely new discipline that blended software engineering, mathematics, and statistics into something bigger.
I think we’re seeing the beginning of a similar transformation. Whether we continue calling ourselves developers, builders, or something entirely new almost doesn’t matter. The role itself is changing. 
The best engineers of the next decade won’t simply write software. They’ll orchestrate teams of AI agents, establish the guardrails those agents operate within, and ultimately remain accountable for the systems they create.
That’s the conversation our industry needs to have. It’s also why this year’s WeAreDevelopers World Congress feels so important.
A conference built around developers
From September 23 through 25, thousands of developers will gather at the San Jose McEnery Convention Center for the first ever WeAreDevelopers World Congress North America.
Docker is proud to serve as a presenting partner, but our goal isn’t to make this a Docker event.
Our goal is to help create a place where developers can learn from each other.
That’s why we partnered with WeAreDevelopers in the first place. They’ve spent more than a decade building one of the world’s strongest developer communities by focusing on the people building software, not the companies selling it. As AI reshapes how software gets built, North American developers need more than another vendor conference. They need a place to compare notes, share what’s actually working, challenge assumptions, and learn from peers facing many of the same questions.
The best developer conferences have never been about product launches. They’re about conversations. They’re about seeing how other engineers solve problems, discovering tools you didn’t know existed, and leaving with ideas you can actually use on Monday morning.
That’s what has made WeAreDevelopers so successful around the world, and that’s what we’re excited to help bring to the U.S.
The conversation has changed
Over the last year, nearly every conversation I’ve had with engineering leaders has landed in the same place.
Everyone wants the productivity gains that AI agents promise.
If you’ve spent any time with Claude Code, Cursor, Codex, or another coding agent, you’ve probably experienced it yourself. You can move faster than ever before. Then you stop and ask a different set of questions.
What is the agent actually doing?

Can it reach internal systems?
What credentials is it using?
Where is my data going?
How much autonomy am I comfortable giving it?
Those questions aren’t theoretical anymore. They’re becoming everyday engineering problems.
At Docker, they’ve shaped much of what we’ve been building.
We’ve introduced Docker Sandboxes so developers can run AI agents safely without changing how they work. We’ve launched Docker AI Governance to give organizations visibility and control over autonomous agents. We’ve continued investing in Docker Hardened Images because supply chain security only becomes more important as AI generates more code.
They’re all pieces of the same philosophy.
You shouldn’t have to choose between moving fast and staying secure.
The tooling should make both possible.
Meet the Docker team
We’ll have Docker engineers and leaders speaking throughout the event, including:
Mark Cavage, President & COO Tushar Jain, EVP of Engineering & Product Mark Lechner, CISO We’ll also have engineers throughout the conference sharing what we’ve learned building for the next generation of software development, from AI-native workflows and developer productivity to security, containers, and the infrastructure that powers modern applications.
If you’ve been experimenting with agents, thinking about governance, or trying to figure out what secure AI development looks like inside your organization, we’d love to continue the conversation.
See you in San Jose
One thing has remained true throughout every shift in our industry.
Developers learn best from other developers.
That’s what makes communities like WeAreDevelopers special. It’s what has always made the Docker community special too.
AI will continue changing how software gets built. The tools will evolve. Our workflows will evolve right along with them.
What’s next won’t be shaped by any one company. It will be shaped by developers sharing ideas, challenging assumptions, experimenting with new ways of working, and building together.
That’s exactly what we hope to see in San Jose.
Whether you’re exploring AI agents for the first time, figuring out how to govern them at scale, or simply curious about where software engineering is headed next, we’d love to continue the conversation.
Come see what Docker is building for the next generation of software development, and join thousands of developers who are helping define what’s next.
Register today. We’ll see you in San Jose.

View the full article
The US Cybersecurity and Infrastructure Security Agency (CISA) has urged organizations to immediately secure Microsoft SharePoint deployments after warning that three vulnerabilities affecting the on-premises collaboration platform are being actively exploited.
A recent advisory from the federal cybersecurity watchdog asked administrators to patch vulnerable servers, review Microsoft’s mitigation guidance, and assume that internet-facing SharePoint instances remain attractive targets for attackers seeking an initial foothold into enterprise environments.
While applying patches remains the immediate priority, security experts caution that organizations should view the advisory as more than another Patch Tuesday exercise.
“This is what separates an IT incident from a business crisis,” said Chris Boehm, field CTO at Zero Networks. “One compromised SharePoint box is a ticket. That same box, with a clear path to your domain controllers, backups, and file shares, is how you end up with an encrypted infrastructure and a disclosure event. Segmentation stops the first from becoming the second.”
CISA’s advisory highlights CVE-2026-332201, CVE-2026-45659, and the newly added CVE-2026-56164, all of which have now been confirmed as exploited in the wild and added to the agency’s Known Exploited Vulnerabilities (KEV) catalog.
Exploitation tells a different severity story
The latest addition to CISA’s KEV catalog is CVE-2026-56164, an elevation-of-privilege vulnerability affecting Microsoft SharePoint Server. Although assigned a CVSS score of 5.3, the flaw can be exploited remotely without authentication, making it significantly more dangerous in practice than its severity rating alone suggests.
Microsoft has released security updates for supported SharePoint versions and recommended enabling the Antimalware Scan Interface (AMSI) integration to help detect malicious requests associated with exploitation attempts.
CISA also advised organizations to follow Microsoft’s incident response guidance, hunt for indicators of compromise, and rotate SharePoint machine keys where appropriate, acknowledging that patching alone may not fully remove attacker persistence from already compromised servers.
Older vulnerabilities remain active entry points
Alongside the newly disclosed flaw, CISA reiterated the urgency of addressing CVE-2026-45659, an insecure deserialization vulnerability allowing RCE that Microsoft had marked as “exploitation less likely” in its advisory in May. Another old bug CISA flagged is CVE-2026-32201, an improper input validation flaw that allows spoofing over a network.
Both of these flaws are being actively exploited in the wild.
CISA called out organizations failing to catch up with SharePoint updates, adding that attackers are increasingly targeting N-days rather than relying exclusively on newly discovered zero-days.
On concerns of patching speed, Boehm noted resilience is becoming an architectural challenge as much as an operational one.
“Stop measuring this in patch speed,” he said. “That’s a race you eventually lose. Some of these landed as zero-days with no fix on day one, and the window between disclosure and exploitation keeps shrinking. So the board-level question isn’t whether a server gets compromised. Assume one will. It’s how much of the business a single-owned system can take down with it.”
Boehm argued that limiting network reachability through segmentation should sit alongside patch management and threat hunting as a core defensive strategy. Reachability, he said, is a control that organizations own, not patch timing. CISA has given Federal Civilian Executive Branch (FCEB) agencies three days to remediate CVE-2026-56164 under Binding Operational Directive (BOD) 22-01.
View the full article
Amazon's prices on the 2026 MacBook Pro have now joined in on Apple's recent price hikes, meaning we're no longer tracking pre-hike markdowns on these devices. However, there are still notable sales to be found if you're shopping for a MacBook Pro this month, with up to $500 off new prices available right now on Amazon.

Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

14-Inch MacBook Pro

Prices start at $2,349.00 for the 24GB/1TB 14-inch M5 Pro MacBook Pro, down from $2,499.00. The 24GB/2TB model is on sale for $2,997.50, which is a $201 discount on the new price.

$150 OFF14-inch M5 Pro MacBook Pro (24GB/1TB) for $2,349.00
$201 OFF14-inch M5 Pro MacBook Pro (24GB/2TB) for $2,997.50
16-Inch MacBook Pro

In terms of the larger display models, we're tracking four total discounts on Amazon. These start at $2,818.34 for the 24GB/1TB M5 Pro configuration ($180 off), and reach up to $4,499.00 for the 48GB/2TB M5 Max device ($500 off).

$180 OFF16-inch M5 Pro MacBook Pro (24GB/1TB) for $2,818.34
$300 OFF16-inch M5 Pro MacBook Pro (48GB/1TB) for $3,299.00
$300 OFF16-inch M5 Max MacBook Pro (36GB/2TB) for $3,999.00
$500 OFF16-inch M5 Max MacBook Pro (48GB/2TB) for $4,499.00

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Missed Pre-Hike MacBook Pro Prices? Amazon's New Deals Still Save Up to $500" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple is planning to release a new iPad mini model with an OLED display by October this year, according to Bloomberg's Mark Gurman.


Apple already updated the iPad Pro with an OLED display in May 2024, but the iPad mini, iPad Air, and entry-level iPad are all still equipped with LCD screens. The move to OLED technology would result in the next iPad mini offering improved image quality, thanks to richer colors and higher contrast ratio with true blacks.

Given that OLED displays are generally more expensive than LCDs, the next iPad mini could have a higher starting price compared to the current model.

Gurman did not provide any other details about the next iPad mini today, but he previously reported that the device would receive a vibration-based speaker system and increased water resistance. The next iPad mini is also rumored to be powered by either an A19 Pro or A20 chip, up from the A17 Pro chip in the current model.

The current ‌model launched in October 2024, with the A17 Pro chip enabling Apple Intelligence.Related Roundup: iPad miniTag: Mark GurmanBuyer's Guide: iPad Mini (Don't Buy)Related Forum: iPad
This article, "New iPad Mini With Four Upgrades Reportedly Launching by October" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
The Cybersecurity and Infrastructure Security Agency (CISA) and four international cybersecurity agencies have published guidance urging software manufacturers and online service providers to establish coordinated vulnerability disclosure (CVD) programs, saying structured engagement with security researchers can help improve vulnerability management and product security.
Published jointly with the US National Security Agency (NSA), Japan Computer Emergency Response Team Coordination Center (JPCERT/CC), the Netherlands’ National Cyber Security Centre (NCSC-NL), and the UK’s National Cyber Security Centre (NCSC-UK), the guidance, “Establishing a Coordinated Vulnerability Disclosure Program to Work With Security Researchers,” outlines how organizations can build public programs for receiving, assessing, and responding to vulnerability reports involving software, hardware, and network products.
According to the guidance, a well-defined CVD program enables software manufacturers and online service providers to better assess potential risk, improve vulnerability management processes, and make informed decisions that strengthen product security.
CISA said the guidance supports its Secure by Design initiative, which encourages technology providers to build more secure products and take greater responsibility for identifying and remediating vulnerabilities.
“Coordinated vulnerability disclosure is foundational to building a secure software ecosystem,” Chris Butera, CISA’s acting executive assistant director for cybersecurity, said in a statement.
“The practices in this guide help protect customers, strengthen products, and support CISA’s Secure by Design initiative, which encourages companies to be transparent and responsible in how they build and maintain their technology,” Butera said.
Building an effective disclosure program
The guidance recommends that organizations publish a clear vulnerability disclosure policy describing how researchers can report vulnerabilities, what testing activities are permitted, how reports will be handled, and what researchers should expect throughout the assessment process. CISA said maintaining communication with researchers helps keep the process transparent and builds trust between vendors and the security research community.
Piyush Sharma, co-founder and CEO of cybersecurity firm Tuskira, said the guidance addresses a key operational requirement for both researchers and security teams.
“CISA is right to emphasize that vulnerability disclosure requires a clear process,” Sharma said. “Researchers need to know where to report a flaw, while security teams need defined ownership to validate, prioritize, and remediate findings.”
Andrew Costis, engineering manager of the Adversary Research Team at AttackIQ, said establishing a reporting channel is only the beginning of the process.
“Creating a clear path for researchers to report vulnerabilities is a great first step, but the real work starts once that report lands,” Costis said. “Security teams have to understand what the weakness could give an attacker access to and how urgently it needs to be addressed.”
According to CISA, security researchers can help software manufacturers and online service providers identify weaknesses before they are exploited, but only if organizations provide a clear and safe mechanism for reporting vulnerabilities.
Prioritizing vulnerabilities at scale
The guidance comes as AI-assisted vulnerability discovery is increasing the volume of security findings that enterprise security teams must assess and remediate, according to Sharma.
“The challenge is that AI-assisted vulnerability discovery is increasing the volume of disclosures faster than most organizations can manually assess them,” he said.
Sharma said organizations should avoid treating every disclosed vulnerability as equally urgent and instead determine whether a flaw creates a reachable attack path, identify exposed assets, and evaluate whether existing controls can interrupt an attack while remediation is underway.
Costis echoed that view, saying vulnerability management should focus on exploitability rather than severity scores alone.
“Vulnerabilities can’t be treated as isolated findings or prioritized on severity alone,” he said. “Teams need to understand how a weakness connects to the rest of their environment and whether it creates a viable path to critical systems.”
Where patches are unavailable, Sharma said validating compensating controls can significantly reduce enterprise risk until remediation is completed.
Costis said organizations should also verify that remediation has eliminated exploitable attack paths rather than simply confirming that a vulnerability has been patched.
“Closing a ticket is one thing,” he said. “Proving the attack path is broken, and the fix holds against real-world adversary behavior is another.”
View the full article
Apple has ramped up orders for vapor chamber cooling components said to be destined for its upcoming foldable iPhone and 20th-anniversary iPhone models, according to a Chinese leaker.


The Weibo account known as "Fixed Focus Digital" claims the increased order volume will first support the manufacture of Apple's book-style foldable, or "iPhone Ultra," which is expected to debut in September. Apple has reportedly asked suppliers to produce approximately 10 million foldable iPhones in 2026, up from an earlier forecast of seven to eight million units.

Fixed Focus Digital previously said Apple's first foldable iPhone would feature "impressive" vapor chamber cooling, claiming that the company is "going all out" with the device's thermal engineering. While there's no corroborating evidence, it's quite possible that the foldable design Apple is adopting could present unique cooling challenges because of its thinner internal structure and limited space for heat dissipation.

Apple introduced vapor chamber cooling to the iPhone lineup with last year's iPhone 17 Pro. The system uses a small amount of deionized water to move heat away from the A19 Pro chip and distribute it through the device's aluminum unibody frame.

Meanwhile, next year's 20th-anniversary iPhone will reportedly feature an edge-to-edge display with glass that curves around all four sides, with the aim of creating a nearly borderless appearance. If indeed we see such a device with a substantially redesigned enclosure, there's a good chance that it too will require a more advanced cooling system.

Apple is expected to offer two anniversary models in 2027 in sizes similar to the forthcoming iPhone 18 Pro and iPhone 18 Pro Max. The latter devices are rumored to retain the 6.3-inch and 6.9-inch dimensions of the current iPhone 17 Pro models, suggesting next year's commemorative lineup could use the same display sizes.

Earlier this week, Fixed Focus Digital claimed that Apple's "preferred approach" for the iPhone 20 is a return to glass, and that the relevant manufacturing facilities have already been renovated in advance of the project.Tags: 20th-Anniversary iPhone, Fixed Focus Digital, Foldable iPhone
This article, "Apple Reportedly Ramps Up Vapor Chamber Orders for Foldable iPhone" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Artificial intelligence (AI) is changing offensive security, but it has not changed the standard that matters most: a finding has to be proven before it becomes useful. AI-assisted tools can read code quickly, generate payloads, summarize attack surfaces, explain unfamiliar APIs, and run repetitive testing workflows at impressive speed. That is a real advantage for security teams. It alsoView the full article
Most security leaders I know working on AI robotics are being shown the same kind of video. A humanoid folds a shirt, sorts a bin, walks a warehouse aisle and a vendor uses the clip to move an embodied AI system from pitch to purchase order. Someone then has to sign off. Robot demos create procurement momentum before security teams receive the artifacts needed to evaluate the system as cyber-physical infrastructure.
Before the book, I prepared cloud infrastructure operating in China and the United States for cybersecurity compliance audits and for the Multi-Level Protection Scheme, China’s mandatory security-grading regime that determines whether a system is allowed to operate. That work taught me a lesson I carry into every AI conversation now. You cannot secure what you cannot see into, and the buyer rarely sees in. A demo makes it worse. It shows one task, completed once, under conditions the vendor chose. None of what a security team must evaluate is on screen.
This used to be a research-lab problem. It is now a procurement line item. The risk changed when embodied AI moved from a research demo to a purchase order.  Vendors are asking security teams to approve embodied AI before the category has audit evidence, logging norms, supplier transparency or a shared-responsibility model.
Embodied AI puts a model inside a machine that operates in the physical world: a robot, an arm, a humanoid. Once a model gains motors, sensors and a body, it ceases to be a software endpoint and becomes a cyber-physical system. It inherits hardware, firmware, a supply chain, an installer and a set of remote-access paths. Every one of those is an attack surface that the demo video doesn’t show. An embodied system is sold like software and behaves like a fleet of networked machinery on your floor.
Evaluate these systems across five questions: provenance, access, integrity, evidence and accountability. Here is what each means.
Evaluation question #1: Provenance
What is inside, and who controls it? A humanoid is an assembly of actuators, lidar units, battery packs, joint modules and controllers, most from a supply chain the buyer never vetted, each running firmware the buyer cannot read. Software teams already fought this fight, which is why the software bill of materials became standard practice. Lack of transparency creates systemic risk. Embodied systems raise the stakes because the firmware now lives in dozens of parts that move. The risk does not depend on whether the robot is Chinese, American, German or Japanese. It depends on how much of the system the buyer can see: the hardware, firmware, remote-access paths and maintenance relationships behind it.  China installs more industrial robots than any other country and sits near the center of the battery supply chain, as well as parts of the lidar and machine-vision supply base, which these systems draw on. Lidar, short for Light Detection and Ranging, uses pulsed laser beams to map an environment in 3D; machine vision handles optical inspection and guidance. Much of that lineage traces to suppliers your team has no relationship with. This is the hardware and firmware version of the third-party risk NIST’s supply chain guidance was written for, except that the component has motors. Demand a hardware and firmware bill of materials, then use it. Flag unsigned firmware. Map which supplier holds update authority for each part. Require a way to verify integrity, and treat any component you cannot identify as unmanaged.
Evaluation question #2: Access
Who can reach the fleet? Someone installs these machines, someone services them and the vendor pushes software updates.  Where teleoperation is part of the support model, treat it as a privileged remote-access path, not a convenience feature.  Each is a standing path into a machine that moves and lifts. Security teams have seen this story before. Operational Technology (OT) security went mainstream once industrial systems joined IT networks, and the recurring failure is unmanaged remote access that nobody inventoried. According to one industry survey, roughly half of attacks on OT assets originate in an IT network breach. SolarWinds showed why a trusted update channel deserves scrutiny when one delivered a backdoor to thousands of networks. Embodied systems add the harder part. The compromised endpoint can move. A remote operator on that channel can drive a machine and push code to every unit at once. Treat the fleet like high-value OT. Inventory every remote path, segment it from the production network, default to deny, require signed and verified updates, apply privileged-access controls to vendor maintenance, and treat an always-on teleoperation link as a backdoor until it is governed.
Evaluation question #3: Integrity
Whether the machine can be made to misperceive or misbehave. Researchers have shown that lidar spoofing can cause an autonomous system to brake for an obstacle that is not there or miss one that is. The same class of sensor and model manipulation, on a humanoid sharing a floor with people, produces motion, not a wrong answer on a screen. This is where safety engineering and security part ways. Functional safety stops hazardous motion when a component fails. It plans for accidents. Security plans for an adversary. A hardwired safety circuit can stay independent of the control plane, and a good one does. What it does not tell you is how an attacker reached that control plane, altered the model’s inputs or seized the fleet-management path. Ask the vendor to threat-model sensor spoofing and model manipulation as a path to physical motion. Then ask how you will even know it happened. A spoofed sensor does not announce itself. It shows up as a machine acting incorrectly with confidence.
Picture the failure in plain terms. A warehouse robot takes a routine vendor update that changes how it navigates. The buyer cannot verify the firmware, cannot identify the supplier of the sensor module and has no logs to distinguish a spoofed sensor from a model error. The machine keeps moving, and no one can say why.
Evaluation question #4: Evidence
Whether the claims are true. You have not found an independent audit of embodied-AI field performance, so the uptime and reliability numbers come from the vendor. You are buying a claim, not a track record. Require independently verified uptime, intervention rate and incident history from a named deployment you can call. “Cutting-edge” is not a control.
Evaluation question #5: Accountability
Who owns the risk when it fails? Cloud taught security teams shared responsibility the hard way, after years of arguing which side of the line a breach fell on. Embodied AI arrives without that model, and the stakes are physical: the machine can injure someone. In my compliance work, the question that decided everything was always who is accountable when this thing breaks. Put it in the contract. Define the responsibility boundary, an incident-disclosure timeline, a right to audit and liability for physical harm. A vendor who will not commit in writing is showing you who bears the risk.
These five questions share one root. For a decade, the security question was whether you could trust what a model generates. The embodied question is who can reach the machine and what they can make it do. A demo answers neither.
Before any embodied system reaches your floor, make these five demands of the vendor.
Provenance. A hardware and firmware bill of materials with named suppliers, integrity verification and a vulnerability-disclosure record. No bill of materials, no deal. Access. A full map of who installs, who services and every update and teleoperation path, with segmentation, default-deny and signed updates required. Integrity. A threat model for sensor spoofing and model manipulation that treats the failure as physical motion, plus logging that a defender can use. Evidence. Independently verified uptime, intervention and incident history from a named deployment you can call. Accountability. A contract that defines the responsibility boundary, incident-disclosure timelines, audit rights and liability for physical harm. The robot demo is built to make you feel the future has arrived. My job, and now yours, is the unglamorous question behind it. Ask what the machine’s attack surface looks like once it is bolted to your floor, wired to your network and updated by someone you have never met.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
Pull the certificate off the flash of a Shark RV2320EDUS robot vacuum, and you can run root commands on other people's Shark vacuums across the same AWS region: watch the camera, drive the robot, read the map of the house, and take the Wi-Fi password in plaintext. A researcher publishing under the handle tokay0 put the method online on Monday, having tested it only against vacuums heView the full article
A few years ago, I was retained to conduct a digital risk review for the chief executive of a mid-sized financial services firm. The brief was standard. Assess what was publicly available about the executive, identify exposure and advise on remediation. The AI tools I used completed the substantive reconnaissance in under ten minutes.
What came back was a synthesized profile. Board memberships and the dates they started. A pattern of public commentary that revealed which policy positions the executive held strongly and which ones he would likely bend on under pressure. A philanthropic interest that explained which causes he would respond to if someone framed an ask around them. None of this information was sensitive in isolation. But assembled into a single, queryable narrative, it was something an attacker could use immediately.
What I was looking at was a publicly accessible query to a general-purpose AI tool. And that is the problem most executive protection programs have not yet confronted. The reconnaissance phase for a targeted social engineering attack now takes minutes, not days, and the inputs required are trivial.
AI-aggregated executive data has become an attack surface. Most security programs have not yet adapted to it.
The reconnaissance phase has effectively collapsed
Traditional OSINT work against an executive target required skill and patience. A competent analyst could build a useful profile over several days by working through search engines, corporate filings, social platforms and archived media. That work was a meaningful barrier. It took time and it required judgment about which sources to trust. It also left trails if the attacker was careless.
AI aggregation removes all three constraints.
The speed advantage is obvious but it is not the most important change. The more significant shift is synthesis. A search engine returns documents. An AI tool returns a coherent narrative with inferred relationships and interpreted significance. When I query a major AI platform for a senior executive by name, I get a structured account of their career arc, their professional relationships, their areas of visible influence and frequently their personal interests, relationships and public-facing affiliations.
The MGM Resorts incident reported in 2023 illustrated the principle at scale. Attackers reportedly identified an MGM executive on LinkedIn, used that public profile information to impersonate them in a call to the IT help desk and obtained access credentials within minutes. The OSINT required was minimal and the manipulation was straightforward. What AI tools have done since is make that kind of reconnaissance faster, more complete and available to actors who lack the manual tradecraft to run it themselves.
As the Verizon Data Breach Investigations Report consistently documents, the human element is present in the majority of confirmed breaches, and social engineering remains one of the most reliable initial access vectors.
The accessible nature of AI tools is also expanding the threat population. Attacks that previously required a skilled analyst to design now require only a motivated actor with internet access. That changes the volume and targeting calculus. Executives who were previously too obscure to justify a sophisticated manual attack are now viable targets for anyone with a grievance and a query box.
What should CIOs and CISOs do about it?
The instinct in many organizations is to route anything involving an executive’s public profile to the comms or PR function. That instinct made sense when the risk was reputational. It no longer covers the exposure.
What follows is how I advise clients to structure this work.
Monitor regularly
The starting point is establishing visibility into what AI tools are actually returning about your executive population. Not a one-time audit conducted during a board meeting and forgotten. The profiles shift continuously as new content is indexed, old content is reweighted and the models are updated.
Assign ownership to run structured queries across the major platforms, including ChatGPT, Gemini, Perplexity and the Microsoft Copilot stack, on a regular cadence. Document what you find and track changes. Treat the output the same way you would treat a vulnerability scan as something to be prioritized and acted upon.
Reduce the available attack surface
Work with each executive to identify content that expands their AI-indexed profile without serving any legitimate business purpose. This includes legacy conference bios that contain personal details, social posts that reveal schedule patterns or family context and board announcements that, in aggregate, map an executive’s full professional network. For some of this content, removal is possible and worth pursuing with a targeted effort.
The more important conversation is around future behavior. Executives who habitually overshare on LinkedIn or in conference panels need to understand, concretely, what that sharing enables.
Family member exposure is a consistent blind spot. An attacker who cannot pressure an executive directly may look for leverage through a spouse, a sibling or a child. Executives rarely consider their family members’ public digital footprint as part of their own security posture. It is.
Shape the narrative where reduction isn’t possible
Public company executives, board members with mandatory disclosure obligations and individuals whose public profiles are central to their organizations’ credibility cannot simply go dark.
The objective shifts from reduction to shaping in these cases. The goal is to ensure that what AI tools synthesize from the indexed content is professionally bound and does not inadvertently surface high-value pretext material. This is a joint exercise between security and communications, with security defining risk boundaries and communications executing the strategy.
Train executives on what their own profile looks like
The most effective single intervention I have seen in executive briefings is also the simplest. Open a browser and query an AI platform on the executive in the room. Let them see the output. The reaction is consistent. They are surprised by the synthesis, uncomfortable with specific details that surface and immediately more engaged with the rest of the conversation than they were before.
Abstract threat briefings about social engineering risks rarely land with senior leaders who feel they understand their own security position. Demonstrated evidence of their AI-mediated profile lands every time. As covered in the context of executive-targeted attacks, awareness is a prerequisite for the behavior change that makes protection programs effective.
Integrate this into the executive protection program
This work belongs alongside endpoint security, credential management and physical protection in a unified executive protection program. When it remains a communications function, it lacks the reporting structure, budget authority and operational discipline that security work requires.
Assign an owner with a security mandate. Include AI exposure in the risk register. Report on it at the same cadence as other executive protection metrics. The organizations that have done this well have not created a separate program for it. They have extended an existing one.
What effective executive protection programs now include
The organizations that have integrated AI exposure into their executive protection work share a few characteristics that distinguish them from those still treating it as a communications edge case.
They treat the executive’s public information footprint as a managed attack surface with a named accountable party. Someone is responsible for it, the same way someone is responsible for endpoint patching or identity governance. They include AI-assisted reconnaissance as a starting condition in red team exercises. Before any social engineering simulation begins, the red team runs the same queries an attacker would run. The pretext they design is based on what those queries return. Their executive protection briefings include an AI profile review as a standing agenda point. Physical security considerations, credential exposure and public information risk are reviewed together because they are connected. An attacker who knows an executive’s schedule from their public-facing content can time a credential reset attempt or a vishing call with equal precision. The executive I reviewed several years ago had no idea what his AI-indexed profile contained or what it enabled. Most of the executives I work with today are in the same position. By the time you finish reading this, it is likely those queries have already been run on someone in your organization. The question is whether your program is positioned to detect it and respond in time.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
Apple has made the first macOS 27 Golden Gate public beta available for testing before the new Mac operating system's official release in the fall. Keep reading to learn whether you should install it on your Mac, and if so, how to go about it.


Getting access to the macOS Golden Gate public beta is simple, and can be done by enrolling your Mac in Apple's free Apple Beta Software Program. The steps you need to complete to install the software on your Mac are provided towards the end of this article, but before you jump ahead, here are a few things worth considering.

Should I Install macOS Golden Gate Public Beta?

With macOS Golden Gate, Apple includes the same Siri AI features as iOS 27 and iPadOS 27, accessed through Spotlight with the Command + Space keyboard shortcut. Siri can search the web, find information in your photos, emails, and messages, answer questions about what's on your screen with Visual Intelligence, and complete actions within and across apps. A dedicated Siri app also supports ongoing conversations.

Apple has also refined the Liquid Glass design introduced last year. A new transparency slider lets you adjust the overall system effect, while updated opacity improves readability by better diffusing complex content. Additional interface refinements also add depth and separation, making it easier to identify the active window. There are a lot more improvements beyond the above, so the availability of the public beta will no doubt generate a lot of interest among Mac users.

But before you commit, bear in mind that Apple does not recommend installing macOS beta updates on your main Mac. However stable you may have heard it is anecdotally, this is beta software, which means there are almost certainly bugs and issues that can prevent certain software from working properly or cause other problems with the system. Indeed, one of the reasons that Apple releases the beta early is so that users can feed back problems and help Apple debug them. If you have a spare Mac hanging around, by all means use that, otherwise consider holding off until the general release in the fall.

Is My Mac Supported?

The update confirms the end of Intel Mac support. Apple said last year that macOS Tahoe would be the final release to run on pre-Apple silicon machines, and macOS 27 makes that official – you'll need an Apple silicon Mac to install it.

Here are the Macs compatible with macOS Golden Gate:

MacBook Neo (2026)
MacBook Air with Apple silicon (2020 and later)
MacBook Pro with Apple silicon (2020 and later)
iMac with Apple silicon (2021 and later)
Mac mini with Apple silicon (2020 and later)
Mac Studio with Apple silicon (2022 and later)
Mac Pro with Apple silicon (2023 and later)
Four models that ran macOS Tahoe didn't make the cut this year. They include the MacBook Pro (16-inch, 2019), the MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), the iMac (2020), and the Mac Pro (2019).

Don't Forget to Back Up Your Mac

Be sure to back up your Mac using Time Machine before installing the software using the method, otherwise you won't be able to revert back to the previous version of macOS if things go wrong.

How to Install macOS Golden Gate Public Beta

Head over to Apple's Beta Software Program website and sign up using your Apple Account credentials, then agree to the terms and conditions if required.

Next, open System Settings on your Mac and select General ➝ Software Update.
Look for "Beta Updates" and click the info (i) symbol next to it.

Choose macOS 27 Golden Gate Public Beta from the dropdown list.

Click Upgrade Now to begin the update process to macOS 27.

That's all you need to do. The installation process will complete just like a standard macOS update, so sit back and let the installation finish, after which your Mac will boot directly into the macOS Golden Gate beta.
This article, "How to Install macOS 27 Golden Gate Public Beta" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple's annual Back to School promotion is now live in the United States and Canada, following earlier rollouts in Asia. This year's promotion offers a free Apple gift card with the purchase of an eligible Mac or iPad.


Apple is offering a $150 gift card with any new MacBook Pro, and a $100 gift card with any new MacBook Air, iPad Pro, and iPad Air. The gift card can be used towards purchases of Apple products and accessories, App Store apps, subscriptions to services like Apple Music, iCloud+ storage, and more.

The MacBook Neo is not an eligible product. Neither are the iPad mini, entry-level iPad, or any desktop Macs.

The promotion runs through August 27, 2026, in the U.S., according to Apple's terms and conditions. The gift card is offered in addition to Apple's standard education pricing, which provides discounts of roughly 5% to 10% on most Macs and iPads.

The offer is available through Apple's online Education Store and Apple Store locations. Eligible customers include current and newly accepted higher-education students, faculty and staff at higher-education institutions, parents purchasing on behalf of an eligible student, employees of K-12 institutions, and select other qualifying customers.

UNiDAYS verification is now required on Apple's education store in the U.S. and Canada.Tag: Back to School Promotion
This article, "Apple's 2026 Back to School Offer Goes Live in the US: Up to $150 Gift Card With Mac or iPad" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Zoom has released security updates for a critical security flaw impacting Zoom Workplace for Windows that could facilitate account takeover. The vulnerability, tracked as CVE-2026-53412 (CVSS score: 9.8), affects Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. "Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client forView the full article
Security experts are calling on enterprises to revise their vulnerability management strategies and move towards “just in time” patching in response the increased pace of vulnerability exploitation.
Attackers are turning to AI to increase the rate of vulnerability exploitation and supply chain compromise so that traditional forms of vulnerability management are no longer keeping pace.
Muhammad Yahya Patel, vCISO and cybersecurity advisor for EMEA at managed security services vendor Huntress, recently told CSO that “organizations need to shift their vulnerability management program to a risk-based, continuous [approach], tied to real-time exploitation intelligence — not scheduled patch cycles that leave exploitation windows wide open for days and weeks.”
Wild frontier
Frontier AI tools such as Claude Mythos have signaled a structural shift for cybersecurity, readily surfacing vulnerabilities at a huge scale — a development that, as government security assurance organizations such as the UK’s National Cyber Security Centre point out, is likely to lead to a surge in patches.
“Most organizations already struggle to fix known issues quickly, so a spike in AI-driven discovery could easily overwhelm teams and widen the gap between finding problems and fixing them,” Andrew Woodford, CTO at network security vendor Titania, tells CSO. “In many ways, this just exposes a problem that’s already there.”
Shane Fry, CTO at cybersecurity vendor RunSafe Security, argues that patching as a security strategy has been in crisis for years, and AI-accelerated vulnerability discovery has simply pushed it over the edge.
Some experts contend that virtual patching — a technique that involves blocking exploit attempts at a security layer rather than fixing vulnerable code — represents a sound mitigation strategy, but Fry has reservations about the approach.
“While virtual patching will play a role going forward, its effectiveness is limited and leaves security teams chasing a gap they will never be able to close,” Fry says.
Instead, security teams need to shift toward mitigation-first approaches that make it impossible for attackers to exploit bugs in software.
“Removing entire classes of exploits upfront takes the heat out of the patch gap, and allows patching to become strategic rather than reactive,” Fry argues.
‘Assume Autonomy’
The conventional patch management model was designed around a world where vulnerability discovery happened at human speed: A human researcher finds a flaw, reports it, a CVE gets assigned, vendors ship a fix, enterprises test and deploy it — a process that can take weeks.
AI-powered vulnerability discovery blows this model out of the water.
“If offensive AI can identify, validate, and exploit vulnerabilities without human authorization, a 43-day median patch time, as noted in Verizon’s DBIR, is the least of your problems,” argues Rik Ferguson, vice president of security intelligence at Forescout. “An AI system doesn’t wait for a proof-of-concept to circulate on GitHub or a CVSS score to land in a dashboard. It finds the flaw, confirms exploitability, and moves.”
Ferguson advocates a change of approach toward what he describes as “Assume Autonomy.”
“The question is what compensating controls you put in place between discovery and remediation, and how you constrain what an attacker can do with access they’ve already acquired,” Ferguson explains.
Just-in-time patching fits in with this philosophy and is a desirable goal but may be difficult to achieve in practice especially for the many enterprises that struggle with asset management.
“Just-in-time patching is sound in principle: prioritize and deploy fixes as exploitation intelligence emerges rather than waiting for the scheduled window,” Ferguson says. “But achieving it has some real-world requirements: continuous asset visibility, knowing precisely what you have, where it is, and what its current exposure status is.”
For example, Ferguson adds, “you can’t patch just-in-time against a vulnerability in a device you didn’t know was on your network.”
Virtual patching
Gunter Ollmann, CTO at pen testing as a service firm Cobalt, notes that just-in-time patching makes sense if and when a patch is available — but that’s not always possible.
“The major problem lies in the discovery of new vulnerabilities in code or systems that the business has no rights or capabilities to fix themselves, and they have a dependence upon third parties to develop the fix or patch — and are therefore subject to external SLA [service level agreement] turnarounds,” Ollmann explains.
In such cases, enterprises will need to deploy virtual patches capable of blocking or deflecting the exploitation vectors of the vulnerable system.
“Businesses are in desperate need of quickly deciphering a new vulnerability and dynamically creating an appropriate blocking rule — or rules — for their layered defenses,” Ollmann says.
Virtual patching may mitigate security threats particularly in operational technology (OT) and IoT environments where applying a vendor patch to a running production system risks unplanned downtime or safety system interruption but only serves as a stop gap, Ferguson tells CSO.
“A network-layer control that blocks exploitation of a known flaw, while you work through the testing and deployment cycle for the actual fix, is a compensating control,” notes Ferguson, who warns that virtual patches come with multiple drawbacks.
“Virtual patches require accurate detection signatures, they don’t remediate the underlying vulnerability, and they can create a false sense of closure that delays proper patching indefinitely,” Ferguson argues. “The risk is that temporary becomes permanent. The underlying vulnerability stays open, and the virtual patch becomes the reason nobody revisits it.”
Just-in-time risk reduction
Douglas McKee, director of vulnerability intelligence at Rapid7, advocates what he describes as just-in-time risk reduction rather than just-in-time patching because of the practical difficulties with the latter.
“In the real world, especially in OT, medical devices, and business-critical systems, you can’t always patch the second a CVE drops,” McKee argues. “You still need testing, maintenance windows, rollback plans, and someone who actually owns the asset. However, the old monthly scan, report, and remediation cycle will not survive this pace.”
Tips for modernizing vulnerability management
The enterprise attack surface has expanded significantly of late, and patch management models haven’t kept up. In response, security leaders’ vulnerability management strategies have to become more of a continuous monitoring function, not a triage and remediation process.
Modernizing enterprise approaches to vulnerability management involves “real-time exploitation intelligence integrated into prioritization, compensating controls deployed at discovery rather than at patch release, and visibility across the full asset estate that conventional patch management tools were never designed to cover,” Ferguson says.
Rapid7’s McKee stresses that security teams need to separate “known vulnerable” from “actually reachable and exploitable in my environment.”
This process can be achieved through a combination of asset inventory, internet exposure mapping, KEV tracking, vulnerability intelligence, ownership, and emergency change paths.
“Prioritization based on risk factors like public exposure, known exploitation, automation potential, and technical impact is key,” McKee concludes.
View the full article
Google and Epic Games this week withdrew their joint settlement agreement after it became clear the court was unlikely to allow it.


With the settlement out, Google is bound by a permanent injunction issued in October 2024 requiring it to allow alternative app stores on Android devices. In a court filing [PDF], Google said that it plans to begin supporting alternative app stores on July 22. In a statement to The Verge, Google said it decided to withdraw the motion to avoid a prolonged legal fight.

‌Epic Games‌ sued Google at the same time that it sued Apple, but the cases had different judges and different outcomes. The lawsuit largely went in Apple's favor, but ‌Epic Games‌ came out ahead in the Google case after a jury found Google abused its power by operating an app store monopoly and charging developers fees that were too high.

Google went through an appeals process before reaching an agreement with ‌Epic Games‌ in an attempt to avoid the permanent injunction, but now it will need to comply. Back in March, Google said it would launch a worldwide Registered App Store program for sideloading later in the year, but in the U.S., alternative app stores will be an option on Android starting next week.

Third-party U.S. app stores will be able to distribute the Google Play catalog of apps, and Google has published a guide on the process. The app stores will be available through the Google Play Store, and Google will charge alternative marketplaces a $5,000 annual access fee. Apps downloaded through alternative stores will still use the Google Play system, and Google will collect its service fee on those transactions.

Google's agreement to lower fees for apps and accept alternative payment options is separate from the injunction requiring it to support third-party marketplaces in the Play Store. Google is still cutting its fees and supporting alternative payment methods.

The injunction forcing Google to support third-party app stores doesn't have a direct impact on Apple, but it is a legal outcome Apple has been fighting worldwide. The European Union's Digital Markets Act requires Apple to support alternative app marketplaces and app sideloading in the EU, and Apple has repeatedly said the requirement weakens user privacy and protections. Google adding support for third-party app stores through the Android Play Store could eventually impact Apple's own Epic fight or future regulatory changes.

Though Apple largely won its legal fight against ‌Epic Games‌, the case is ongoing. Apple was ordered to allow link-outs and alternative payment options in the U.S. in 2021, and compliance problems later led to a contempt ruling. Apple has now appealed to the Supreme Court, and the court will hear Apple's argument in late 2026 or early 2027.Tags: Android, Epic Games, Google
This article, "Google and Epic Abandon Settlement, Clearing the Way for Rival Android App Stores" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Mac users should watch out for macOS malware called CrashStealer, according to Jamf Threat Labs. The malware impersonates Apple's crash reporting framework, and it's meant to steal all kinds of sensitive information.


CrashStealer collects browser data, password manager data, cryptocurrency wallet extensions, and keychain data, and Jamf first noticed it circulating in a fake Apple-notarized app called Werkbit. With notarization, the malware is not stopped by Gatekeeper, which is part of the macOS security system.

It targets more than 80 cryptocurrency wallet extensions, and 14 password managers like 1Password, LastPass, and Dashlane. It searches through the Document and Downloads folders to look for information worth collecting.

The app looks legitimate and uses a typical macOS install procedure for software downloaded through the web, with the process detailed on Jamf's website. A fake CrashReporter.app is downloaded through Werkbit, and it's meant to impersonate Apple's own crash reporter. A user clicking on the app would likely see it as a legitimate Apple utility.

It requests full disk access "for system administration," and uses a native password prompt that looks like a genuine macOS authorization request. The password entered is used to access the login keychain. Data collected is encrypted with AES–256-GCM through Apple's CommonCrypto and sent to the attacker's IP address.

Jamf says the way CrashStealer was implemented "shows real care," with the concealment steps setting it apart from standard infostealers. The malware was reported to Apple after first being spotted in May and found actively in use in July.

Apple revoked the Werkbit app's signing credentials, so the specific attack vector outlined by Jamf has been disabled, but the malware could surface again. The original version was gated behind a PIN required for installation, suggesting it was aimed at specific people.

Apple's notarization system is meant to protect Mac users from malware, and Apple says that notarized apps are checked for malicious components. CrashStealer makes it clear there are methods for hiding malware from Apple's security process.

When downloading software, users can protect themselves from CrashStealer by being aware that Apple's crash reporter is built-in. Any download that uses CrashReporter is a red flag, as is an app that asks for a system password right when it's launched.Tag: Malware
This article, "CrashStealer Malware Impersonates Apple Tool to Steal Mac Passwords and Crypto" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Carrier-financed iPhones purchased from Apple will soon be locked to the carrier, ending a workaround customers used to purchase an unlocked iPhone on a payment plan.


Until the rule change, buying an iPhone from Apple and opting for financing through Verizon or T-Mobile meant you would get an iPhone not locked to either carrier's network. That's no longer the case, and now iPhones financed through Verizon or T-Mobile will not be able to be used with a different network. AT&T-financed smartphones were always locked to the AT&T network.

Apple's new policy was highlighted on Reddit after a user saw a new "Will my iPhone be unlocked?" FAQ item.

An unlocked smartphone means it can be used with any carrier, while a locked smartphone is limited to the carrier it was purchased through. Locked smartphones can be problematic when traveling internationally, because activating a second eSIM for another network is blocked.

Apple hasn't said why it's making the change, but buyers were able to use carrier trade-ins and promotional discounts to get an unlocked iPhone. Some buyers may have purchased iPhones and sold them off without making the carrier payments, and carrier locking is a standard practice to prevent unpaid devices from being resold.

Apple's checkout process still says iPhones financed through T-Mobile and Verizon are unlocked, so the new policy may not have gone into effect yet.

iPhones purchased outright or with Apple Card Monthly Installments remain unlocked from the time of purchase. When iPhones purchased through carrier plans are paid off, they are unlocked.Tags: T-Mobile, Verizon
This article, "Apple Closes Unlocked iPhone Loophole for T-Mobile and Verizon Financing" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple is increasing the price of some AppleCare+ subscription plans, reports Bloomberg. Monthly ‌AppleCare‌+ subscription plans for Macs and iPads are now $0.50 more expensive in the U.S., while annual plans are $5 more.


The price increases apply to new subscriptions, so customers who already have an ‌AppleCare‌+ subscription for a device will keep their current prices.

The ‌AppleCare‌+ pricing change follows price hikes on all iPads and Macs due to global memory shortages and increasing component costs. Price increases range from $100 to $1,300.

Apple has not raised the price of its ‌AppleCare‌ One subscription plan that rolled out last year. ‌AppleCare‌ One covers up to three Apple devices with a $19.99 per month fee. Additional products can be added to ‌AppleCare‌ One for $5.99 per month.

Apple previously increased iPhone ‌AppleCare‌+ plans by 50 cents in early 2025, and prices could go up again when the new iPhones launch this September.Tag: AppleCare
This article, "AppleCare+ for Macs and iPads Just Got More Expensive" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple this week shared a new Advertising Services policy outlining the kinds of ads that won't be allowed in the Maps app.


As noted by TechCrunch, Apple has a list of ad categories that are not permitted in Apple Maps.

Home services - Ads that directly or indirectly promote home services are not allowed. That includes but is not limited to plumbing, electrical, locksmith, HVAC, pest control, roofing, and general contracting services.
Bail bonds - Ad content that directly or indirectly promotes bail bond services or surety bond services related to criminal pretrial release is not allowed.
Cryptocurrency ATMs - Ad content that directly or indirectly promotes ATMs for cryptocurrencies is prohibited.

Apple says ads that promote or reference medical services may be allowed, and will be evaluated on a case-by-case basis.

Google allows home services ads, and it's one of the largest local ad categories, so Apple's restrictions will set it apart. Apple seems to be limiting ads to businesses with a physical location that customers can visit.

In addition to these rules, Maps ads have to adhere to Apple's other advertising rules. Apple does not allow ads for controlled or intoxicating substances like marijuana or tobacco, and it has a long list of rules for alcohol-related ads, dietary supplement ads, financial product ads, religious ads, gambling ads, prescription drug ads, and contest ads. Ad content for weapons or ammunition isn't allowed, and ad content that contains or promotes violence, harm, or antisocial behavior is prohibited.

Ads that promote false, fraudulent, or deceptive claims are not allowed, nor are ads that include defamatory or profane content, discriminatory content, illegal or criminal content, or intellectual property violations.

Anti-Apple ads are prohibited, as are ads that promote or facilitate the sale of products or services that compete with Apple hardware products. Apple also does not allow political ads, ads with unproven health-related products and services, or ads with offensive, controversial, or inappropriate content.

Apple plans to start showing ads in the Maps app in the United States and Canada this summer. Ads will show up in search results and in the Suggested Places section of the app.

Ads will have a clear "Ad" label, and a user's location and the ads they see and interact with in ‌Apple Maps‌ are not associated with their Apple account. Apple also does not collect ad data or share it with third parties.Tag: Apple Maps
This article, "Apple Won't Allow These Ad Categories in the Maps App" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Attacks targeting developer ecosystems are increasing in frequency and sophistication, with Node.js developers firmly in this week’s crosshairs, as multiple npm packages belonging to the open-source AsyncAPI and Jscrambler Code Integrity were poisoned with malware following compromised development credentials.
The incidents highlight the cascading effect of software supply chain attacks in which stolen credentials are then used to perpetrate additional compromises. Security researchers advise organizations to completely rebuild from clean images any developer machines that have installed a poisoned package — and to rotate all npm tokens, source control access, cloud credentials, CI/CD secrets, SSH keys, signing keys, and browser sessions.
Affected packages include: [email protected], [email protected], [email protected], [email protected], [email protected], @asyncapi/[email protected], @asyncapi/[email protected], @asyncapi/[email protected], @asyncapi/[email protected] and @asyncapi/[email protected].
However, packages that list any of the above poisoned packages as dependencies may also be impacted, including those from the same projects, such as jscrambler-webpack-plugin 8.6.2, gulp-jscrambler 8.6.2, grunt-jscrambler 8.5.2, and jscrambler-metro-plugin 9.0.2.
Vulnerable GitHub Actions workflow used as entry point
The attack against AsyncAPI, an open-source reference specification and toolset for implementing event-driven architectures and asynchronous APIs, occurred on Tuesday and was independently detected by multiple security companies monitoring the npm registry, including Upwind, Socket.dev, Wiz, StepSecurity, and Aikido Security.
According to the researchers’ analysis, attackers took advantage of a known configuration vulnerability in a GitHub Actions CI/CD workflow that had been reported in April. The flaw involves the pull_request_target event, which executes whenever a new pull request is made. When triggered, the workflow automatically checks out and executes the developer’s submitted pull request code in the Actions container, but this is done in the context of the base repository with full access to secrets.
The AsyncAPI project had a proposed fix since May 17, but the fix had not yet gone through the full review and was not merged into the main branch.
“At 05:08 UTC, the attacker opened PR #2155 containing a markdown file with obfuscated JavaScript hidden after approximately 1,000 bytes of whitespace,” researchers from Wiz explained in their report. “The payload was designed to scan the GitHub Actions runner’s environment for secrets and exfiltrate them to a dead-drop URL on the rentry.co pastebin.”
When a GitHub Actions workflow is triggered and is executed in an environment, a temporary GITHUB_TOKEN is generated to allow for authenticated git commands against the repository. Other tokens might also be included.
In this case, the attackers managed to obtain a token associated with asyncapi-bot, a service account that had access across the entire AsyncAPI organization on GitHub. This allowed them to perform malicious code commits in two separate repositories. Those commits then triggered automated build workflows that generated and published the npm packages.
The payload bundled in the packages shares some similarities with a malware framework called Miasma that was used in previous supply chain compromises. However, the malware code appears to be significantly different from previously documented variants.
The first-stage code downloads a secondary trojan payload that has variants for Linux, Windows, and macOS. This is a modular malware framework with credential theft capabilities that targets passwords and cookies saved inside browsers, SSH keys, npm and GitHub tokens, AWS credentials, macOS Keychain, and cryptocurrency wallets.
The trojan communicated with a command-and-control server and can accept remote commands to perform file operations, list directories, and exfiltrate data.
Jscrambler compromised via leaked npm credential
The Jscrambler attack happened over the weekend on July 11 with attackers publishing multiple trojanized versions in two waves. Jscrambler Code Integrity is a client-side security library designed to protect JavaScript-based web and mobile applications against tampering and reverse engineering.
Jscrambler published an advisory in response to the incident in which it clarified that the attackers published malicious versions of the package using a npm publishing credential. However, unlike the AsyncAPI case, how that credential was leaked in the first place is not clear.
Initially the attackers released new package versions with two malicious scripts that get executed at install time using a preinstall hook in the configuration script. The scripts also execute platform-specific binaries for Linux, macOS, and Windows embedded in an obfuscated container.
Because preinstall or postinstall hooks are common ways to deliver malware in npm packages, they are automatically checked by security tools. To avoid detection, the attackers pivoted to a method that involved injecting the malicious code directly in the dist/index.js and dist/bin/jscrambler.js files. This changed the malware execution from package installation time to when the package gets imported into other projects or the Jscrambler CLI is invoked.
The embedded malware executables for different platforms are written in Rust and, according to Socket.dev’s analysis, were “a broad, developer-focused credential and secret harvester” that targeted browser-extension crypto wallets, API keys from AI coding assistants and MCP servers, cloud credentials for AWS, Azure and GCP, authentication tokens for messaging applications (such as Discord, Slack, and Telegram), password stores from browsers, Steam, and KDE.



View the full article
Apple recently updated its website with a list of products eligible for upcoming 2026 sales tax holidays in select U.S. states, including Alabama, Arkansas, Florida, Massachusetts, Missouri, New Mexico, South Carolina, Tennessee, Virginia, and West Virginia.


The tax-free holidays run between July 17 and August 20 depending on the state, with the exact dates in each state outlined on Apple's website.

Sales tax holidays provide a limited-time opportunity to purchase select Apple products online or in stores without paying sales tax. Apple says tax savings may not appear during checkout, but will be reflected on the final receipt.

Apple products that are eligible for the tax-free holidays vary by state, and there are also price limits in some states. The most common eligible products include select Macs, iPads, and related accessories, but the iPhone and Apple Vision Pro are also eligible in a few states. All of this information is outlined on the page.

Sales tax holidays are especially beneficial to students, as the tax savings can be combined with Apple's Back to School promotion, which offers students a free or discounted accessory or gift card with the purchase of an eligible Mac or iPad. The promotion just started rolling out in select Asian countries today and will likely begin in the U.S. soon.Tag: Apple Store
This article, "Apple Lists Products Eligible for Tax-Free Holidays in 10 U.S. States" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple's annual Back to School promotion is now live in select countries in Asia, including China, India, Malaysia, the Philippines, Singapore, Taiwan, Thailand, and Vietnam.


The offer provides college students and educational staff with a free item with the purchase of an eligible Mac or iPad model. The exact offer varies by country, with options including a pack of four AirTags, AirPods 4, an Apple Pencil Pro, or an Apple gift card. You can also opt to receive a discount on some higher-value accessories.

In China, Singapore, and Vietnam, eligible students and educators can receive a pack of four AirTags with the purchase of any new MacBook Air, MacBook Pro, iPad Air, or iPad Pro through Apple's education store.

In India, you can receive a pack of four AirTags or AirPods 4 with a MacBook Air or MacBook Pro, or an Apple Pencil Pro with an iPad Air or iPad Pro.

Apple is offering a gift card in Malaysia, the Philippines, Taiwan, and Thailand.

Notably, the MacBook Neo is not an eligible product in any of the countries, and the iPad mini, entry-level iPad, and desktop Macs are excluded too.

In these countries, the offer is available through August 27.

Apple has yet to begin its Back to School offer in the U.S., Canada, or Europe, but it is presumably rolling out on a time zone basis today.Tag: Back to School Promotion
This article, "Apple's 2026 Back to School Offer Just Went Live in Select Countries" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Nomad is celebrating its anniversary by offering up to 30 percent off sitewide this week, giving shoppers a chance to save on the brand's best wireless chargers, iPhone cases, Apple Watch bands, and more. This sale does not require a coupon code as all the discounts have been automatically applied, and it will last for this week only.

Note: MacRumors is an affiliate partner with Nomad. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

One highlight of the event is Nomad's Stand One Qi2 2-in-1 charging station, available for $90, down from $129. This accessory simultaneously charges your iPhone and AirPods, supporting both horizontal and vertical orientations for the iPhone.

UP TO 30% OFFNomad Anniversary Sale

You'll find a collection of iPhone 17 cases in this sale, including Nomad's Sport Case for $39 ($10 off), Modern Leather Case for $55 ($14 off), and Rugged Leather Case for $60 ($25 off).

iPhone 17 Cases

Sport Case - $39, down from $49
Modern Leather Case - $55, down from $69
Rugged Leather Case - $60, down from $85
Charging

Stand One - $90, down from $129
Base One Max - $119, down from $159
iPad Cases

Leather Folio for iPad Air - $97, down from $129
Apple Watch Bands

Sport Slim Band - $44, down from $59
Rugged Case - $48, down from $119

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Nomad Kicks Off Anniversary Sale With Up to 30% Off Sitewide" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Now that Siri AI is ready to launch in iOS 27, iPadOS 27, and macOS 27 Golden Gate, Apple can finally introduce new smart home products built to work with the smarter version of ‌Siri‌.

Subscribe to the MacRumors YouTube channel for more videos.
Apple has multiple new home devices in development, several of which are rumored to launch before the end of the year. We're waiting on a new version of the Apple TV 4K, a smart home hub, a new HomePod, and a new HomePod mini.

Home Hub

Similar to an iPad in design, but with a 7-inch square display. There will be a wall mount option or a speaker base option. The speaker base has a hemispherical dome, similar to the base of the iMac G4. The device will have a built-in camera for video calls, facial recognition, and presence detection. It'll run apps like Safari, Calendar, Photos, and Home, and it will integrate with ‌Siri‌ AI. Rumors suggest it could be priced around $350.

Apple TV 4K

The next ‌Apple TV‌ 4K will have the same form factor as the current model, but it's expected to have an A17 Pro chip or better that supports Apple Intelligence and ‌Siri‌ AI. There are no ‌Apple Intelligence‌ features on the ‌Apple TV‌ right now, so a more powerful chip will bring quite a few changes. It could also get more RAM and Apple's N1 networking chip for Wi-Fi 7, Bluetooth 6, and Thread.

HomePods

Apple is expected to refresh both the ‌HomePod‌ and the ‌HomePod mini‌, but we're not expecting new form factors.

The speakers will get new chips that are faster and could support ‌Siri‌ AI via the iPhone like the Apple Watch. A faster processor could bring improvements in sound quality, and an upgraded Ultra Wideband chip could bring connectivity improvements and new features.

The ‌HomePod mini‌ is expected to get new colors.

Cameras

Apple is designing its own security camera, and it could launch as soon as this year. HomeKit Secure Video cameras are getting several upgrades in ‌iOS 27‌, including 4K video recording, AI summaries, and the option to stitch video from different cameras together for tracking a single event across rooms.

All of these features would be ideal for an Apple-created camera, so it's not hard to imagine the update is meant for Apple hardware. A 2026 launch isn't a sure thing for the camera, and it could come at a later time.

The ‌Apple Intelligence‌ Home app features require an ‌Apple TV‌ or ‌HomePod‌ to serve as a hub, and Apple's upcoming home hub will likely also serve as a hub for accessories like cameras.

Launch Timing

With so many home devices planned for the end of the year, we could get them alongside the new iPhone models at Apple's September event, or Apple could do a second home-centric event around the October timeframe. Apple often holds two fall events. The second event is typically for iPads or Macs, but there's no reason it couldn't be home products this year.

So far, we haven't heard concrete rumors on when Apple will debut its smart home devices, but as we get closer to fall, we should hear more.Related Roundups: Apple TV, HomePodTag: Apple Command CenterBuyer's Guide: Apple TV (Don't Buy), HomePod (Caution)Related Forum: Apple TV and Home Theater
This article, "Apple's 2026 Smart Home Lineup: New Apple TV, HomePod, and Home Hub" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
OnePlus is exiting the U.S. and European smartphone markets as part of a broader restructuring at parent company Oppo, Bloomberg reports.


OnePlus is a wholly-owned subsidiary of Oppo. The change could happen as early as this week, according to a person familiar with the matter who spoke to Bloomberg. Realme, another Oppo-owned mobile brand, will exit the China market as part of the same restructuring. Outside China, OnePlus' withdrawal is expected to expand to the rest of the world, including India, at some point in 2027.

OnePlus built a loyal following among some Android enthusiasts in its early years for pairing solid performance and lightweight software with aggressive pricing that consistently undercut Apple and Samsung by hundreds of dollars, but its influence has waned considerably in recent years.

Apple and Samsung continue to dominate the U.S. smartphone market, with Apple capturing a record 20% of the global smartphone market in the second quarter of 2026 as Samsung held the top spot at 22%, according to Omdia. OnePlus, meanwhile, trails far behind smaller contenders like Motorola and Google in the U.S.

In China, Oppo trails market leaders Huawei and Apple, and the broader market is under strain from surging memory costs. IDC said this week that total smartphone shipments in China fell 4.3% year-over-year in the second quarter to roughly 66 million units, the fifth consecutive quarterly decline, with Apple and Huawei the only major vendors to grow. The slowdown is tied to the same memory chip shortage that has forced Apple to raise prices across much of its product lineup, with CEO Tim Cook calling the increases "unavoidable."

Counterpoint Research said Chinese brands like Oppo face greater pressure than Apple and Samsung from the memory crunch, since thinner margins leave less room to absorb rising component costs, particularly in the entry-level segment where costs have jumped 20% to 30% since early 2025.

OnePlus' most recent flagship, the OnePlus 15, launched globally on November 13, 2025, but OnePlus postponed the U.S. sale specifically because the FCC certification process was backed up due to the federal government shutdown, which had just ended the day before the launch.Tags: Bloomberg, Mark Gurman, OnePlus
This article, "Report: OnePlus to Pull Out of US and Europe" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple today announced that Major League Soccer is returning to the Apple TV streaming service tomorrow, July 16, with the regular season resuming as the 2026 FIFA World Cup wraps up.

Apple TV subscribers in more than 100 countries can watch every MLS match. A separate subscription is no longer required.
This article, "Apple TV Announces Return of MLS Following the 2026 FIFA World Cup" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple is looking to acquire AI chip companies as part of an effort to reduce its dependence on Nvidia for demanding AI workloads, according to The Information.


Apple currently handles some AI processing in its own data centers using its own chips, but relies on Nvidia hardware housed within Google Cloud for more demanding tasks, an arrangement that includes the Gemini model powering the overhauled version of Siri. Apple's own AI server chip, internally code-named Baltra, had been expected to ship this year but has been delayed, according to people said to be familiar with the project.

Apple has historically limited its acquisitions to deals in the hundreds of millions of dollars and avoided large purchases, but that approach appears to be shifting. In January, Apple completed its acquisition of Q.ai, an Israeli company specializing in interpreting speech through facial micromovements, paying close to $2 billion, second only to the $3 billion Apple paid for Beats Electronics in 2014.

Apple also signaled a change in financial strategy during its most recent quarterly earnings call, when CFO Kevan Parekh told analysts the company would no longer target "net cash neutral" status, a policy under which it had kept its cash reserves roughly in line with its total debt. Apple did not explain the reasoning behind the change, though the added flexibility could free up capital for larger acquisitions.

Apple is already reportedly pursuing acquisitions of AI companies that could help shrink AI models for more efficient use on iPhone.

It is also worth noting that Apple's own in-house chip design capabilities originated with an acquisition. In 2008, the company acquired PA Semi for $278 million, a deal that laid the foundation for the custom processors now used across many of its product lines.

Impending leadership transitions could also bring a more aggressive approach to dealmaking, with hardware chief John Ternus set to succeed Tim Cook as CEO in September, and chip executive Johny Srouji being given expanded responsibility over all of Apple's hardware engineering, in addition to semiconductors.

Apple's chip design team has traditionally focused on battery-powered mobile devices rather than the high-performance server chips required to compete with Nvidia, the dominant supplier of AI server hardware. That limitation became apparent during development of the revamped Siri, when engineers reportedly attempted to run Google's Gemini models on Apple's own server infrastructure but found that the chips, designed with Mac workloads in mind, could not handle a model of that scale. As a result, Apple was required to process portions of the new ‌Siri‌'s workload using Nvidia chips within Google's cloud infrastructure.

Acquiring outside chip expertise would complement work already underway internally. Apple is currently developing a server chip based on the M5 Ultra chip, according to Bloomberg, while a future M7 Ultra chip is reportedly intended to substantially improve AI performance to a level that could begin to rival Nvidia's Blackwell chip. The M7 Ultra is expected to support up to 1.5TB of memory, roughly double the capacity of M5 Ultra, though Bloomberg added that a server chip based on M7 Ultra is unlikely to be ready before 2029.

Acquisitions represent only one avenue Apple is pursuing to reduce its reliance on Nvidia. The Information first reported Apple's collaboration with Broadcom on an AI server chip in 2024, and Broadcom confirmed in a securities filing last week that the companies had extended that partnership through 2031.Tags: Apple Intelligence, Nvidia, The Information
This article, "Apple Reportedly Looking to Acquire AI Chip Companies" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple has introduced 36-month financing for cellular iPad purchases through AT&T and Verizon, adding to the 12-month option previously available via Apple Card.


The new financing, first reported by 9to5Mac, replaces Apple Card Monthly Installments as the sole route to spreading out a cellular ‌iPad‌ purchase. That plan paid off the balance interest-free over 12 months; the new carrier options extend across Apple's full cellular ‌iPad‌ lineup, including the ‌iPad‌, iPad mini, iPad Air, and iPad Pro.

Both carriers restrict eligibility to subscribers activating a new line of service, rather than those adding a cellular ‌iPad‌ to an existing plan. The principal distinction between the two options is term length. Extending repayment from 12 months to 36 months substantially reduces the monthly cost, although the total amount financed remains unchanged.

The addition follows Apple's ‌iPad‌ price increases from late June, which affected the entire lineup. The extended financing term offers a way to offset the impact of those higher prices at checkout.

The 11-inch ‌iPad Pro‌'s cellular configuration now starts at $1,399, up from $1,199 prior to the price increase, which amounts to $116.58 per month under the 12-month ‌Apple Card‌ plan. Financed through AT&T or Verizon instead, the same purchase costs approximately $38 per month over 36 months.Related Roundups: iPad, iPad Air , iPad Pro, iPad miniBuyer's Guide: iPad (Don't Buy), iPad Air (Buy Now), iPad Pro (Neutral), iPad Mini (Don't Buy)Related Forum: iPad
This article, "Apple Adds 36-Month Carrier Financing for Cellular iPads" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
The European Commission yesterday adopted new exemptions to its Batteries Regulation that free the Apple Watch and AirPods from having to offer user-removable and replaceable batteries.


The EU's Batteries Regulation generally requires consumer products sold in the region to let users swap out their own batteries, a push meant to keep devices in use longer and make it easier to recover materials for recycling. The Commission has now expanded its list of exempt product types to six additional categories, folding in wearables like smartwatches and fitness trackers.

The reasoning largely mirrors why devices like electric toothbrushes were already exempt: Opening a compact, sealed enclosure and failing to reseal it properly could let water in and create a safety risk. Products can also qualify for exemption if their construction makes battery removal inherently dangerous, or if there is no realistic way to build in user access given current manufacturing methods.

The new categories effectively cover the Apple Watch and AirPods, both of which rely on the kind of small, sealed designs the Commission is now carving out, along with Meta's smart glasses. The change follows months of pressure from U.S. officials over rules that had reportedly complicated ‌Meta‌'s plans to bring its newest display-equipped smart glasses to Europe.

The iPhone was already exempt from the removability rule under the original regulation, thanks to its battery cycle life and water resistance rating. Apple offers battery service through Apple Stores, authorized providers, and its Self Service Repair program, which lets owners handle certain repairs, including batteries, at home. Not every device gets the same pass: Nintendo has now said it will sell a version of the Switch 2 in the EU with a user-replaceable battery to meet the incoming rules.

The delegated act still has to clear scrutiny from the European Parliament and the Council of the EU. It takes effect 20 days after publication in the Official Journal of the EU if neither body objects, ahead of the regulation's wider rollout in 2027.Related Roundups: AirPods 4, Apple Watch 11Tags: European Commission, European UnionBuyer's Guide: AirPods (Caution), Apple Watch (Caution)Related Forum: AirPods
This article, "EU Drops Battery Removal Requirement for Apple Watch and AirPods" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Attackers who already have administrator privileges on a Windows machine have newer ways to slip past endpoint security without exploiting a vulnerable driver or modifying trusted binaries.
Bitdefender researchers have warned against three techniques that abuse Windows Bind Links, a legitimate filesystem virtualization capability, to occupy security tools with clean files while malicious ones execute undetected.
The techniques can be used “to blind EDR sensors and bypass built-in Windows defenses such as AMSI and AppLocker,” the researchers said in a blog post shared with CSO ahead of its publication on Wednesday. Dubbed File Binding, Process-Binding, and Silo-Binding, the techniques exploit the way Windows’ Bind Filter driver “bindflt.sys” redirects file paths in memory.
While Microsoft reportedly assessed the issues as low severity because exploiting the techniques requires admin privileges, Bitdefender argued its importance by comparing the threat to Bring Your Own Vulnerable Driver (BYOVD) attacks.
Microsoft did not immediately respond to CSO’s request for comment.
Three attack paths from one weakness
Bitdefender’s research focused on Bind Links, a Windows feature designed for legitimate virtualization scenarios such as Windows Sandbox, Windows containers, and Store applications. Bind Links operate entirely within “bindflt.sys,” allowing one file path to transparently resolve to another without creating a visible filesystem object or modifying the original file.
Bitdefender demonstrated how attackers can progressively weaponize this capability.
The first technique, File-Binding, redirects trusted DLL or file paths to attacker-controlled replacements. The researchers showed PowerShell loading what appeared to be a legitimate amsi.dll, but the Bind Link instead served a malicious DLL that exported identical functions while silently disabling malware scanning.
Process-Binding extends the concept to executable files. Here, the researchers said, Windows reports a trusted executable like “winever.exe” is running, while the operating system actually executes another binary, such as cmd.exe. Because many security products rely on executable paths for allowlisting, signatures, and process identity, the mismatch can trick both security policies and analysts.
The most sophisticated of the three, Silo-Binding, leverages Windows silos, the isolation technology in Windows containers, to present different filesystem views inside and outside an isolated environment. The researchers demonstrated a potential malware executing inside the silo as a trusted application, while security tools operating outside the silo read them as legitimate files.
Bitdefender demonstrated bypasses against AppLocker, Windows Firewall, Sysmon, and even executed Invoke-Mimikatz under a trusted process identity to evade detection.
A potential post-compromise attack vector
Addressing Microsoft’s low-severity assessment, the researchers noted these techniques to be effective post-compromise evasion attacks, rather than a remote code execution vulnerability.
“Every Windows 10 RS4+ and Windows 11 system is exposed once an attacker has administrator access on it,” they said. “Every AV and EDR that trusts the image-file path returned by standard process-notification routines is affected.”
Bitdefender also disclosed a related privilege escalation scenario involving Docker Desktop, where members of the “docker-users” group could leverage Bind Links to reach SYSTEM privileges.
Following the disclosure, Docker reportedly updated its documentation to clarify the security implications of the group’s permissions.
While Windows 24H2 introduces a veto mechanism that can block bind-link creations, the researchers described it as only a partial mitigation because it is limited to newer systems, applies only in certain scenarios, and can be bypassed.
Instead, they recommended resolving the real backing file rather than trusting process paths, revalidating file identity whenever a file is reopened for hashing or scanning, and enumerating active bind-link mappings to detect silo-scoped abuse.
View the full article
The White House is expanding the use of AI beyond cyber threat detection into vulnerability management, launching a new program that aims to help government agencies and critical infrastructure operators identify, prioritize, and remediate software vulnerabilities faster.
Called Gold Eagle, the initiative will act as a centralized clearinghouse for cybersecurity vulnerabilities, coordinating vulnerability reporting, verification, and remediation across federal agencies, open-source software communities, and operators of critical infrastructure, the White House said in a statement.
“This new model will leverage frontier AI capabilities to continue advancing faster than adversaries, reduce duplicative scanning efforts, and deliver prioritized and actionable threat and remediation information to defenders across the Federal government and the private sector,” the statement added.
The initiative stems from President Donald Trump’s June 2 executive order on advanced AI innovation and security, which directed federal agencies to expand the use of frontier AI to strengthen cybersecurity while working more closely with the private sector.
The administration said the program has already begun receiving vulnerability reports from multiple industries and coordinating validation and remediation efforts.
For enterprise security leaders, the announcement signals a government effort to move beyond traditional vulnerability disclosure toward coordinated vulnerability response.
A move toward coordinated vulnerability response
Prabhjyot Kaur, senior analyst at Everest Group, said Gold Eagle should be viewed as “a significant evolution” of existing vulnerability disclosure and government-industry coordination mechanisms rather than a replacement for them.
“Its potential significance lies in creating a more operational clearinghouse that can consolidate vulnerability findings, reduce duplicative scanning, validate exposure across sectors, and coordinate remediation with critical infrastructure operators and open-source software communities,” Kaur said.
The more meaningful shift, she said, is from largely distributed vulnerability disclosure processes toward centralized prioritization and coordinated action. Whether the initiative changes enterprise vulnerability management, however, will depend on execution, including industry participation, information-sharing protocols, and whether it can shorten the time between vulnerability discovery, validation, and remediation.
The White House said Gold Eagle has already begun receiving and prioritizing vulnerability reports from multiple industries, coordinating scanning verification, and supporting remediation efforts using existing federal authorities and resources.
AI can accelerate prioritization, not replace judgment
The administration said the initiative is designed to help government and industry reduce duplicative vulnerability scanning and accelerate remediation by using AI to prioritize findings.
Treasury Secretary Scott Bessent said the program reflects closer collaboration between the government and the private sector to protect financial institutions and other critical infrastructure.
“Treasury, along with our partner agencies, will continue to harness frontier AI capabilities to stay ahead of our adversaries and defend the American people from emerging threats,” Bessent said in the statement.
Kaur said AI is likely to deliver the greatest value in vulnerability triage and prioritization.
“It can correlate findings from multiple scanners, remove duplicate alerts, link vulnerabilities to known exploitation activity, assess internet exposure, and combine technical severity with asset criticality and potential business impact,” she said.
However, she cautioned that AI-generated prioritization is only as reliable as the underlying asset inventories, vulnerability data, and threat intelligence.
“AI should therefore support, rather than replace, human validation, compensating-control analysis, and enterprise-specific risk decisions,” she said.
Apeksha Kaushik, senior principal analyst at Gartner, said the initiative reflects a broader shift toward measuring cybersecurity performance by reducing actual risk exposure rather than simply increasing patch counts.
By helping unify and accelerate vulnerability coordination between government and industry, the initiative could address long-standing challenges around fragmented reporting and inconsistent disclosure practices, enabling enterprises to respond more quickly and efficiently to vulnerabilities, she said.
Execution will determine enterprise impact
The announcement outlines Gold Eagle’s objectives but provides few operational details about how organizations will participate, how AI will validate or prioritize vulnerabilities, or how the initiative will work alongside existing coordinated vulnerability disclosure and vulnerability management programs.
Kaur said CISOs should view the initiative as an additional source of vulnerability intelligence rather than a replacement for enterprise risk management.
“The biggest takeaway is that vulnerability response is moving toward faster, more intelligence-led, and more coordinated prioritization across government and industry,” she said.
Even if government coordination improves the quality and timeliness of vulnerability intelligence, enterprises will continue to own remediation decisions, Kaur added. “Government coordination may improve the quality and timeliness of intelligence, but enterprise context must continue to determine the final remediation priority.”
View the full article
Amazon is taking $150 off multiple models of the M5 MacBook Air, focused mainly on 13-inch models this time around. These are some of the lowest prices we've seen on the notebooks in the wake of Apple's price hikes last month.

Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

In terms of 13-inch models, Amazon has the 16GB/1TB 13-inch MacBook Air for $1,449.00, down from $1,599.00. This one is available in one color on Amazon, and it's accompanied by a similar discount on the 24GB/1TB model.

$150 OFF13-inch M5 MacBook Air (16GB/1TB) for $1,449.00
$150 OFF13-inch M5 MacBook Air (24GB/1TB) for $1,649.00

We aren't currently tracking any discounts on the 15-inch M5 MacBook Air models this week. If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Amazon Offers $150 Discount on M5 MacBook Air Models" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Two vulnerabilities found in Anthropic’s Claude for Chrome extension remain exploitable months after they were reported to the company, a research by Manifold Security noted.
According to the researchers, the flaws can allow a malicious browser extension to trigger Claude into performing privileged actions, including reading Gmail messages, Google Docs content, and Calendar entries on behalf of a user.
In a new blog post, the researchers said the issues are reproducible in Claude for Chrome version 1.0.80, released on July 7, and remain unresolved eight releases after they were first reported in May.
“Anthropic shipped v1.0.73 through v1.0.80 in the weeks following our report,” the researchers added. “The internal tracking issue covering this class of vulnerability was marked ‘resolved’ in the weeks following our report.”
However, the content script and side-panel handlers in the latest version remain “byte-identical” to v1.0.72 the researchers originally tested. Researchers drew parallels with the earlier ClaudeBleed disclosure, where the issue was found exploitable despite Anthropic announcing a fix.
Anthropic did not immediately respond to CSO’s request for comment.
Synthetic clicks trick trusted AI
The first vulnerability stems from how Claude for Chrome handles user interaction before executing privileged actions. According to Manifold, the extension’s click handler does not verify whether an approval click originated from a real user through the browser’s “event.isTrusted” property.
Meaning, another browser extension capable of injecting scripts into Claude.ai can generate synthetic clicks that Claude accepts as legitimate.
In default configurations, the attack can automatically trigger one of Claude’s predefined browser tasks before presenting an approval dialog. However, if users have enabled the extension’s “Act without asking” mode, Claude may execute those actions silently, allowing an attacker to retrieve Gmail content, Google Docs data, or Calendar information, the researcher noted.
Rather than exploiting a flaw in Chrome itself, the attack abuses the trust placed in Claude as an authorized browser agent. Manifold demonstrated an exploit in six lines of JavaScript.
The researchers said the flaw can simply be fixed with one added line, “if (!n.isTrusted) return;” at the top of the click handler.
A problematic privilege mode
The second finding focuses on how Claude’s side panel initializes its permission model.
Manifold found that loading the panel with “?skipPermissions=true” parameter makes the extension enter a privileged mode meant to bypass repeated confirmation prompts. While the researchers did not identify a direct external path to control this parameter today, they argued that the design creates a latent security risk because privileged behavior depends on a URL value rather than user-controlled inputs.
Any future vulnerability capable of influencing that parameter could inherit elevated privileges without requiring additional security checks, the researchers noted.
To address both findings, Manifold recommends validating genuine user interactions before executing privileged actions, avoiding URL-driven privilege transitions, and strengthening the authentication of internal extension workflows.
View the full article
Apple Intelligence has been approved by Chinese regulators, opening the door for the AI system to reach iPhones in the country for the first time.


Reuters reports that China's Cyberspace Administration registered Apple's on-device generative AI service this week, putting it on a list of newly cleared providers that also includes homegrown systems from Chinese phone makers.

An unnamed source told the outlet that Apple's AI features in the country will draw on models from both Baidu and Alibaba. In February 2025, Alibaba was reported to be building the primary system and Baidu contributing on a smaller scale.

Alibaba confirmed its part of the arrangement directly, telling Reuters that its Qwen model will power ‌Apple Intelligence‌ functions across iOS, iPadOS, macOS, and visionOS for Chinese users, including both text and image generation. No launch date has been given, though approval typically precedes a rollout by only a few months, putting a China debut roughly in line with Apple's usual fall software release cycle.

Apple actually briefly switched the features on early for some Chinese users back in March, months ahead of getting the green light, and a feedback form aimed at Chinese users appeared on Apple's site late last year as the company inched closer to approval.

iPhone shipments in China climbed 24.4 percent year-over-year in the second quarter, making Apple the fastest-growing smartphone brand in a market that otherwise kept shrinking. A working version of ‌Apple Intelligence‌ could help sustain that momentum, though Apple is still catching up to domestic rivals that built AI features into their phones well before it did.Tags: Apple Intelligence, China
This article, "Apple Intelligence Finally Cleared to Launch in China" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
With the World Cup in full swing, stadiums across North America are currently accommodating thousands of fans every match day. That said, the stadiums’ biggest security challenge isn’t of a physical nature.
It is not hyperbolic to say that football stadiums are some of the most chaotic endpoint environments in enterprise IT. On game days, tens of thousands of unmanaged, unknown devices connect to stadium networks, alongside payment systems, digital displays, operations platforms and venue staff devices. This creates a massive attack surface with a potential for serious disruptions, such as payment outages at concessions, delays in live streaming and interruptions to other venue operations.
In this article, we’ll examine the World Cup stadiums’ unique cyber environments, while also providing steps that venues can take to harden their connectivity and ensure that their networks are protected.
For World Cup stadiums, real-time visibility is far more important than device control
Given that stadiums like Dallas’s AT&T Stadium, Mexico City’s Estadio Azteca and New Jersey’s MetLife Stadium can all accommodate over 80,000 soccer fans per game, it is impossible to control all these fans’ devices. Hence, network segmentation and real-time visibility are key.
The fan-device layer obviously must remain entirely separate from the payment systems and operational infrastructure. All fan devices need to be relegated to the public WiFi, and treated as hostile by default. Although this segmentation is technically a form of device control, real-time visibility is truly the only way to maintain a Zero Trust environment within these stadiums.
Continuous monitoring across networks, endpoints and identity systems is vital
To achieve a Zero Trust architecture inside these massive football venues, it is important to have identity-centric zero-trust solutions firmly in place.
With so many vendors, stadium personnel and operations workers requiring different levels of access to different systems, a robust identity security solution is crucial. All modern football stadiums require adaptive MFA, single sign-on, and conditional access based on users’ roles, locations, time of access request and device type.
Without a robust identity access tool in place, a bad actor could compromise a single user’s credentials and gain access to payment systems or other operational technologies within the stadium.
Besides an effective identity security tool, stadiums require network visibility and endpoint protection. All operational endpoints inside the arenas, including point-of-sale terminals, digital displays and staff devices, need to be managed and monitored via a robust endpoint management platform. With such a tool, IT teams can correlate telemetry across all network activity, which helps them to isolate compromised devices before a bad actor can execute malicious lateral movements.
With real-time traffic visibility, IT personnel can detect anomalies, monitor network performance across all segments and receive alerts whenever unusual traffic patterns emerge. Although stadiums can’t control 80,000 fan devices per se, empowered IT workers can observe everything from the network level.
Automation can help to ensure timely patching and audit readiness
A unified log management and security analytics tool is vital in the World Cup setting. During a high-stakes event like the World Cup, SIEM platforms pull real-time logs from all the devices, endpoints, applications on the network.
By using an effective patch management software in conjunction with a SIEM platform with automated alerts, stadium IT personnel can automatically patch hundreds of endpoints, while also accelerating incident response time.
The very best SIEM tools will also use behavioral analytics to conduct real-time threat detection; if any anomalous activity is flagged on the network, automated alerts are triggered and incident response workflows will commence.
SIEM tools also help when it comes to building out compliance reports and maintaining audit readiness. The IT departments inside these enormous football stadiums require a host of different compliance reporting capabilities, including PCI-DSS for stadium payment systems, SOC 2 compliance for third-party vendors handling fan data, ticketing and other operations, as well as GDPR compliance for loyalty programs, identity verification, WiFi registration and any biometric data captured within the stadium.
Key steps that stadium IT personnel should take during the World Cup
Firstly, a Zero Trust environment should be maintained inside all the stadiums. The 2026 World Cup contains far more integrated technologies than ever before. Today’s in-stadium technologies are borderline futuristic; referees wear body cameras, and there is even motion sensors embedded inside all World Cup game balls. Given this ultra-high-tech environment, all users, APIs and devices need to be continuously authenticated and treated as hostile-by-default.
Secondly, in such a high-stakes, highly integrated environment, real-time monitoring and centralized visibility is crucial. With centralized visibility across the network, IT personnel can effectively conduct deep traffic flow analyses, identifying which devices are attempting to communicate with which systems. This way, all lateral movement attempts can be identified, and any fan-device that tries to reach a payment or operational technology segment can be flagged.
Thirdly, IT teams should conduct incident simulations. Given the complex environment of broadcasting infrastructure, digital ticketing systems, POS, WiFi and commercial cellular networks, it is vital that IT personnel test their incident response processes to ensure they avoid service disruptions and prevent data leaks during matches.
The bottom line: The 2026 World Cup stadiums require robust cybersecurity solutions
From a cybersecurity perspective, the 2026 World Cup is a unique event. With matches taking place across sixteen different cities in three different countries (not to mention the currently heightened geopolitical tensions), there is a strong potential for state-backed cybercriminals and hacktivist groups to target stadium infrastructure.
It is vital that stadium IT personnel are equipped with adequate cyber solutions, including robust SIEM, IAM, patch management and network management tools. There’s no reason to give bad actors a free kick.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
Ask any medical doctor, and they’ll tell you that prevention is better than cure. It’s more cost-effective and it has better outcomes.
The same is true in cybersecurity. But we believe that our industry has veered too far away from this simple concept. We observe that most new tools are detection-focused, and we are calling for cyber innovators and venture capital to re-emphasize and invest resources into blocking rather than just discovering problems.
The reasons that cybersecurity relies on detection are understandable, and they are based on the history of networked systems. Early systems were fragile. Recovery was slow and downtime was costly. So, the first security controls were designed to restrict unauthorized access. They blocked execution and prevented exploitation, because if an attack succeed – such as a computer virus running successfully – the consequences might have been irreversible.
When the internet exploded in the 1990s, prevention solutions multiplied. Vendors developed firewalls and antivirus platforms to stop threats before they started.
But attackers adapted, of course, and networks grew more complex. Perimeter controls were no longer good enough on their own. The cyber industry responded with intrusion detection systems and later with Security Information and Event Management. Detection got a boost from large-scale log aggregation and analytics.
This was a great complement to prevention. But it was never meant to replace it.
Detection didn’t reduce risk
Security today focuses on visibility, alerting and response. Executives use metrics like mean-time-to-detect and mean-time-to-respond, and compromise is often assumed to be inevitable. But as detection improves, this has not caused a proportional decline in compromise rates.
IBM’s Cost of a Data Breach Report consistently shows that faster identification and containment reduce financial impact. But the average global cost of a breach is still millions of dollars – because detection does not prevent the initial compromise.
The initial problem continues to come from the usual places: known vulnerabilities, stolen credentials or misconfigurations. In other words, detection reduces impact in the short term, but it does not reduce structural risk.
The limits of a detection-first model
When we gather for industry forums like the RSAC Conference, the topics include automation, AI-driven response and operational resilience. These are certainly important, but they have limits. Detection produces false positives and noise. The volume of alerts begins to outpace human capacity to sift through it for the genuine issues. Alert fatigue is real, and talent shortages continue.
We observe that the ratio of detection tools versus prevention tools is getting bigger. RSAC Conference runs the largest startup competition in cybersecurity. Over the past three years more than 500 new cybersecurity companies have entered the competition, and we estimate that more than 70 percent of these companies are shipping detection tools, not prevention tools.
Detection activates only after a failure has occurred, and unfortunately modern adversaries now operate at machine speed. Vulnerabilities are attacked through automation, and artificial intelligence generates phishing campaigns at a massive scale.
As AI lowers barriers to entry and speeds up capabilities, the attack surface will expand even more. Advances in some of the frontier AI models, such as Anthropic’ s Mythos and OpenAI’s GPT-5.5, may unearth previously unknown zero-day risks while chaining together various low-risk vulnerabilities.
If that’s not enough, quantum computing raises concerns about cryptographic resilience. Relying primarily on faster alerting is not the best response to all these threats that will simply multiply faster.
Prevention changes the economics
On the other hand, prevention changes defensive economics. To shrink the problem space, a professional can do these things: enable phish-resistant multifactor authentication (MFA), block malicious execution, segment networks and proactively manage vulnerabilities.
As exposure decreases, alert volume declines. Detection becomes more effective because noise is reduced.
Research shows that organizations have fewer high-impact breaches when they have mature identity governance, proactive patching and zero trust principles. Preventative maturity correlates with reduced incident severity and lower long-term costs. It doesn’t require perfection to be valuable.
We think that security leaders, therefore, should reconsider how to define success. Reducing dwell time – the time an attacker is inside your systems – is important. Reducing entry points is fundamental. But when budgets favor post-compromise visibility over preventive architecture and governance, cybersecurity is not fulfilling its original mandate.
AI will only amplify the imbalance, as capabilities that once required years of training can now be deployed quickly. Offensive toolkits are readily available.
Achieving a better balance
We believe that scalable prevention architectures and capabilities present a better path forward than expanding analyst headcount.
Cyber threats will accelerate and detection will remain essential. But our profession shouldn’t be defined by how efficiently we observe compromise. It should be defined by how effectively we reduce the likelihood of compromise in the first place.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
Security engineers play a pivotal role in enterprise cybersecurity, because they are the professionals who design, build, and deploy security systems to protect an organization’s data, applications, systems, networks, and other IT components against a variety of cyber threats.
Finding not just qualified security engineers, but the best and brightest available, needs to be a priority for CISOs and others overseeing security at their organizations. That’s especially true with the rapid rise of AI and the threats that brings to the enterprise.
Here are some of the key skills and traits of elite security engineers to look for when hiring — or to acquire in order to uplevel your cybersecurity career.
Acumen with AI-powered tools
These days, AI-related skills are in demand regardless of domain, and this certainly applies to security engineers. There’s a wealth of solutions leveraging AI in the market, tools that engineers can add to their defense arsenal.
“AI is transforming security engineering from reactive alerting to predictive threat detection,” says Praveen Margabandhu, digital engineering anchor at financial services firm Navy Federal Credit Union. “AI-driven anomaly detection now identifies behavioral patterns that indicate fraud or compromise before traditional threshold-based systems would fire. This shifts the security engineer’s role from incident responder to threat model designer.”
AI-powered tools have taken over a large portion of the detection and triage work that used to be the core of a security engineer’s day, says Maruf Ahmed, cofounder and CEO of global tech staffing firm Dexian. “Vulnerability scanning runs on its own now,” he says. “Threat flagging that used to require a team pulling through logs for hours happens in minutes.”
This has freed up capacity on most security teams and changed what the day-to-day work looks like, Ahmed says. “With detection increasingly automated, the engineer’s value sits more in interpreting what gets flagged and deciding what to do about it,” he says.
Keen understanding of emerging and established AI threats
Engineers must also have a thorough understanding of the risks AI presents, including AI-enhanced cyberattacks using large language models (LLMs) to automate and scale highly personalized social engineering attacks, craft sophisticated malware, and generate deepfakes.
Other AI threats they need to be aware of include prompt injections, data and model poisoning, disclosure of sensitive information, model theft, supply chain compromises, and excessive agency.
“The same generative tools that help security teams work faster are available to adversaries, and it shows,” Ahmed says. “Phishing campaigns read better and land more precisely than they did a year ago. Social engineering is harder to catch when the language is polished and tailored to the target, and security engineers are now defending against threats built with the same class of technology they use on the defensive side.”
That has raised the bar for what reliable detection looks like, Ahmed says. “The objective shift I hear most from clients is about trust in their own systems,” he says. “Two years ago, the priority was visibility — making sure you could see across your environment. Most organizations have that now. The harder problem is knowing whether what those tools are telling you holds up under scrutiny and having people on the team who can stand behind those findings in front of a regulator or a board.”
Appreciation of performance and business goals
The best security engineers understand how performance and security intersect, says Margabandhu, who leads performance engineering across Navy Federal Credit Union’s digital banking infrastructure, including real-time fraud detection, identity and access management, and cybersecurity infrastructure resilience.
“A fraud detection system that is secure but too slow to catch transactions in real-time is not secure at all,” Margabandhu says. “Elite engineers optimize for both simultaneously.”
Engineers must be able to put things in business context, Ahmed says. “An engineer who can work across domains, validate AI outputs, and learn new tools fast is valuable. But that value compounds when the person also understands what the organization is trying to protect and why,” he says.
Security engineers who understand the business make better risk decisions, write more effective policies, and generate less friction with the teams around them, Ahmed says. “That is the profile employers are hiring toward right now, and it is where the talent shortage is most pronounced,” he says.
Systems mindset
“One of the biggest misconceptions in cybersecurity hiring is that elite security engineers are defined purely by technical certifications or tool familiarity,” says Juan Mathews Rebello Santos, an independent cybersecurity researcher and ethical hacker.
“Technical skill absolutely matters, but the strongest engineers I’ve worked with consistently share a combination of analytical thinking, operational adaptability, communication ability, and deep systems understanding,” Santos says.
Elite security engineers understand how infrastructure, cloud services, identity systems, applications, APIs, networks, users, and business operations connect, Santos says.
“Modern attacks rarely target a single isolated component anymore,” he says. “Threat actors chain together weaknesses across environments. Engineers who can understand those relationships holistically are significantly more effective at both prevention and incident response.”
Cross-disciplinary fluency and broad stack know-how
Being an elite software engineer today means having a range of technology experience and knowledge. “Organizations want engineers who can work across more of the stack than they used to,” Ahmed says. “A role that might have asked for deep specialization in one area now expects someone who can move between cloud infrastructure, application security, and compliance without needing a handoff at every boundary.”
The attack surface has continued to get wider, and the job descriptions for security engineers has followed suit. “That cross-domain fluency matters because security incidents rarely stay contained in one layer,” Ahmed says. “The engineer who can follow a problem from the network through the application to the data governance framework resolves it faster, with fewer people involved.”
The strongest security engineers bridge infrastructure, application, and business domains, Margabandhu says. “They can speak to a CISO, a developer, and a cloud architect in the same conversation,” he says. “An engineer who can explain what an authentication problem means for fraud exposure moves faster in a room full of executives than one who can only describe it in infrastructure terms. I’ve watched technically brilliant people lose that race repeatedly.”


Having the ability to communicate technical risk clearly to non-technical leadership can mean the difference between success and failure of attacks.
“Many security failures today are not caused by lack of tooling, but by misalignment between technical teams and business decision-makers,” Santos says. “Elite engineers can explain operational risk, prioritization, and security tradeoffs in language executives understand.”
Deep understanding of third-party risk and non-human threats
Threats can come from anywhere, including supply chains and non-human combatants. Third-party cybersecurity risks are on the rise. The 2026 Global CISO Leadership Report by executive search firm Hitch Partners, based on a survey of more than 625 information security executives across the US and Canada, says 43% put third-party risks as the No. 1 priority.
“Most teams are still better at securing what they own than securing what they depend on,” Margabandhu says. “The mental shift from perimeter thinking to dependency thinking is real and not everyone has made it. The engineers who treat every API call, every credentialed vendor, every third-party model as part of their attack surface approach design differently.”
Another growing source of potential threats are not human. Machine identities now outnumber human identities by ratios exceeding 100 to 1 in most enterprise environments, with some sectors closer to 500 to 1, according to the ManageEngine Identity Security Outlook 2026 report.
This includes service accounts, API keys, automation tokens, and AI agents, any one of which can present data governance and security risks.
Many organizations are still managing machine identities through manual processes that weren’t designed for scale, Margabandhu says. “Engineers who understand non-human identity governance are rare and increasingly important. This is not a future problem.”


Willingness to keep learning
Security engineers need to have a desire to never stopped learning.
“That sounds obvious until you work with people who’ve been doing this for 15 years and are still operating from the same threat models they built in 2012,” Margabandhu says. “Security changes fast enough that standing still is the same as going backwards.”
The security engineers who keep up aren’t reading one report a year. “They’re genuinely curious about what attackers are doing right now, this month, and they adjust how they think accordingly,” Margabandhu says. “That quality is harder to hire for than most technical skills, because it’s not on a resume.”


With AI presenting new and more sophisticated threats, keeping up with the latest developments is perhaps more important than ever. “Strong engineers are naturally investigative,” Santos says. “They actively study attack techniques, test assumptions, reverse engineer failures, and continuously adapt their understanding of risk.”
The best security engineers are often the people who remain intellectually uncomfortable because they know the landscape is always evolving, Santos says.
Employers have started paying closer attention to how fast someone can learn, Ahmed says. “The threat landscape and the defensive toolkit are both moving faster than any certification program can track, so hiring managers are probing for adaptability in interviews: how candidates have responded to recent shifts, whether they have picked up unfamiliar platforms on their own, how they work through problems they have not seen before,” he says.
View the full article
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution. The vulnerabilities are listed below - CVE-2026-15409 (CVSS score: 10.0) - A Server-side request forgery (SSRF) vulnerability that a remote unauthenticated attacker could exploit toView the full article
Passkeys have been around for some time, but enterprise-wide adoption to this point has been slow for a number of reasons. But soon, many Microsoft customers won’t have a choice.
Starting September 1, Microsoft will roll out passkeys as the default authentication method in its cloud-based identity and access management (IAM) service Entra ID. And following a transition period, Microsoft-provided SMS and voice authentication will officially end on February 1, 2027.
With this move, Microsoft seems to be underlining the urgent need for a more secure authentication standard, as attackers up their game with AI.
This is an “important milestone,” because it moves passwordless authentication from an optional security enhancement to the expected standard, noted Ensar Seker, CISO at SOCRadar. “That shift is significant as attackers increasingly rely on AI to automate phishing campaigns, generate convincing login pages, and conduct large-scale credential theft.”
Microsoft’s six-month passkey roll-out
Passkeys require users to authenticate via a fingerprint, facial scan, or lock screen mechanism, rather than a password. They can be stored on physical USB keys (like YubiKey), or as digital credentials on computers, phones, or in cloud accounts.
This method, Microsoft contended, reduces reliance on phishable authentication tools like SMS and voice, and hardens protection against credential theft.
Passkeys “work better for users and worse for cyberattackers,” Nadim Abdo, Microsoft corporate VP for identity and network access engineering, wrote in a blog post.
Microsoft’s announced timeline for rolling out passkeys is relatively aggressive:
September 1, 2026: All SMS or voice-enabled users will be “auto-enabled and nudged” to register a passkey upon multifactor authentication (MFA) sign-in. September 18, 2026: Pricing, commercial terms, and a list of supported telecom providers will be shared for scenarios that still require SMS or voice authentication due to regulation or technical or operational challenges. October 30, 2026: Enterprises still using SMS and voice must select and configure a supported telecom provider through the Microsoft Security Store. From then on, they will be responsible for any telecom-related costs. February 1, 2027: Microsoft-provided telecom delivery for SMS and voice authentication ends as a native Microsoft Entra capability. After February 1, enterprises that require SMS or voice for MFA must register a passkey before sign-in. There will be no opt-out option.
It’s important to note that these dates apply to public cloud-hosted Entra ID. Support for other cloud environments will follow a separate timeline; additional guidance and dates are to come.
While SMS and voice have served their purpose well, Abdo said, bringing MFA to billions of users who otherwise would have had none, the threat environment has changed in “speed, scale, and sophistication,” necessitating this move to passkeys.
The benefits of passkeys
SOCRadar’s Seker pointed out that passkeys fundamentally change the attack surface because, unlike with passwords, there is no transmission of shared secrets that can be stolen by threat actors. Authentication requires possession of the user’s device, along with biometric verification or a PIN.
“Even highly convincing AI-generated phishing pages cannot simply trick users into handing over a passkey the way they can with passwords or one-time codes,” he said.
So why haven’t we seen widespread enterprise adoption? Identity ecosystems are “fragmented,” Seker noted, and many enterprises still rely on legacy applications that only support passwords. They also struggle with cross-platform compatibility, lifecycle management, recovery processes, shared accounts, and employee onboarding and offboarding.
Further, “until recently, many organizations viewed passkeys as a consumer technology rather than an enterprise identity strategy,” he said.
Microsoft’s move changes that equation, because Entra sits at the center of many organizations’ identity infrastructure, Seker noted. Default settings are typically the strongest drivers of security adoption, so when passwordless authentication becomes required rather than optional, organizations are far more likely to deploy it at scale.
Its biggest benefit would be a “dramatic reduction” in credential-based attacks, Seker said. He pointed out that most successful compromises still begin with stolen credentials obtained through phishing, infostealer malware, password reuse, or adversary-in-the-middle attacks. Passkeys “eliminate or significantly reduce” many of those attack paths, while reducing password fatigue and the help desk costs related to password resets.
In addition, rather than trying to continuously improve users’ ability to detect increasingly sophisticated phishing attempts, passkeys remove the credential from the equation altogether, Seker noted. “That represents a more sustainable long-term security strategy than relying solely on user awareness training.”
Still, passkeys are not a silver bullet, as they do not stop endpoint compromise, session token theft, malicious insiders, or attackers who already have control of a trusted device. Enterprises must complement passkeys with endpoint protection, continuous monitoring, conditional access policies, and identity threat detection, Seker advised.
How enterprises can prepare
To prepare for the shift to passkeys, Microsoft advised enterprises to review their authentication policy and identify the groups still using SMS or voice authentication. They should then select the best authentication method for user devices and workflows, and ensure all employees are given passkeys and security keys.
Entra ID supports both synced passkeys (those stored in platform credential managers like iCloud Keychain and Google Password Manager), and device-bound passkeys such as Microsoft Authenticator passkeys, Entra passkey on Windows, or FIDO2 security keys.
Seker advised enterprises to evaluate support for FIDO2 and passkeys across their identity infrastructure, and to develop clear enrollment and recovery procedures. They should also educate users on what’s changing, how passkeys work, and how they can complete registration. Further, Seker said, it’s important to establish secure device management practices and to continue enforcing least privilege, conditional access, and risk-based authentication policies throughout the transition.
Ultimately, he pointed out, the move is crucial. “Over the next several years, organizations that continue relying primarily on passwords will likely face higher operational risk as AI continues to lower the cost and increase the effectiveness of credential-based attacks,” he said.
This article originally appeared on Computerworld.

View the full article
Earlier this month Microsoft warned that, because the latest AI models can now help discover vulnerabilities, CSOs will see a higher volume of security updates every month. It wasn’t kidding.
Today the company issued a record number of patches, with 59 rated as critical. And Microsoft is now recommending that customers accelerate their patching schedules to more quickly deal with critical flaws.
“Normally we have to wait for October or November to determine if we’ll break the previous [annual] patch volume record,” which was 1,245 vulnerabilities found in 2020, commented Satnam Narang, senior staff research engineer at Tenable. But not this year. Tenable counted 569 CVEs that were patched officially as part of this month’s Patch Tuesday, excluding the server-side updates not requiring user intervention, smashing last month’s record of 198 fixes
It’s probable, he said, that by the end of this year, Microsoft will have found over 3,000 common vulnerabilities and exposures (CVEs).
Today’s volume of holes is “striking,” he added, “but it reflects how good these tools have become at finding bugs, not how many of those bugs actually pose a risk to organizations.” 
Separately, SAP released 20 new and updated security patches, including a critical memory corruption vulnerability in NetWeaver Application Server ABAP, SAP Kernel, and frontend services tied to SAP GUI for HTML, which has a CVSS score of 9.9.
Microsoft patches
Among the huge number of CVEs that Microsoft found were three zero-days that need to be patched, including two that have been exploited in the wild. 
Those two are both elevation of privilege vulnerabilities: CVE-2026-56155, an Active Directory Federation Services (AD FS) flaw that allows attackers with limited access to elevate privileges to administrator, and CVE-2026-56164, a Microsoft SharePoint Server vulnerability. 
The third is CVE-2026-50661, a security feature bypass in Windows BitLocker, which was noted as having been publicly disclosed. “We surmise that this could be related to a flurry of zero-day vulnerabilities disclosed by the researcher known as Nightmare Eclipse or Chaotic Eclipse,” Narang said, “though no official confirmation was made. We also know that the researcher promised to drop something on Patch Tuesday.”
While these were the most noteworthy flaws this month, Narang said, for CSOs the July patches prove that the state of the Exploitability Index, which rates how likely a vulnerability is to be exploited, must shift, given the machine speed of exploit discovery. For example, he pointed out, in May, Microsoft originally tagged CVE-2026-45659, a SharePoint vulnerability, as exploitation less likely. However, the vulnerability was added to the US Cybersecurity & Infrastructure Security Agency’s list of known exploited vulnerabilities on July 1.
He added that Anthropic’s Red Team’s own findings for known vulnerabilities (n-days) revealed how fragile the monthly Patch Tuesday system has become, with its Mythos Preview model being able to produce proof-of-concept exploits for 13 of 14 vulnerabilities that were rated as Exploitation Less Likely or Exploitation Unlikely.
“What this means is that our way of looking at Patch Tuesday has changed, because the exploitability index is centered around humans, not AI tools, and as these tools continue to improve, defense needs to improve alongside it,” Narang said.
Dustin Childs, head of threat awareness at TrendAI’s Zero Day Initiative, agreed.
“To call this record-breaking is a massive understatement,” said Childs. “This is the ‘Mother of All Releases’. The bug apocalypse has fully descended upon us, with July’s numbers pushing the year-to-date CVE count past every single full-year total of the last 20 years. Security teams need to take an extended break from their regularly scheduled activities to eat this elephant one byte at a time, starting immediately with active exploits in Active Director FS and SharePoint.”
He particularly drew attention to a near-perfect 9.9 CVSS flaw in Windows VMSwitch (CVE-2026-57092) that allows low-privileged attackers to escape virtual machine boundaries for full host compromise.
Jack Bicer, director of vulnerability research at Action1, agreed that IT leadership should prioritize immediate remediation of the actively exploited Active Directory Federation Services elevation of privilege vulnerability and the SharePoint Server elevation of privilege vulnerability .
After that, he said, priority should be given to these critical vulnerabilities: Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2026-54121), which introduces the possibility of attackers impersonating trusted systems and potentially compromising AD through certificate abuse; a Windows Active Directory Domain Services remote code execution vulnerability (CVE-2026-49164) which enables unauthenticated remote code execution against one of the most critical components within Windows enterprise environments; a Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central remote code execution vulnerability (CVE-2026-55944); a Microsoft Exchange Server spoofing vulnerability (CVE-2026-55008); Microsoft SQL Server remote code execution vulnerabilities (CVE-2026-54118 and CVE-2026-54117); and multiple Windows DHCP Server vulnerabilities.
These holes create opportunities for attackers to compromise financial systems, communication platforms, databases, and core network infrastructure, Bicer pointed out, systems which often provide direct access to sensitive business information and frequently serve as high-value targets for ransomware operators and advanced threat actors. 
There are also important security updates for Microsoft Defender, Bicer added, noting that vulnerabilities affecting endpoint protection software deserve immediate attention because successful exploitation undermines one of the organization’s primary defensive controls.
IT teams must prioritize
AJ Grotto, a research scholar at the Centre for International Security and Co-operation and former Senior White House Director for Cyber Policy, said that Microsoft’s July Patch Tuesday “is a stark reminder that security teams are now operating in an era of vulnerability volume and velocity. With 570 vulnerabilities patched, including three actively exploited zero-days, the biggest concern for CSOs isn’t just the number of flaws, but the concentration of risk around identity systems, collaboration platforms, and privilege escalation pathways. The actively exploited vulnerabilities in Active Directory Federation Services and SharePoint are especially concerning because they target technologies that sit at the center of enterprise trust and access.”
He added, “for CSOs, the challenge is no longer just defending against threat actors, it’s keeping up with an accelerating cycle of vulnerabilities and updates across the Microsoft ecosystem in the AI era. Security leaders should think critically about diversifying their vendors to protect their enterprise and save time and money on patching an increasing list of bugs that nearly tripled month-over-month.”
“While the sheer number of [Microsoft] vulnerabilities might seem alarming on the surface,” said Nick Carroll and Rain Baker of the Nightwing ShadowScout threat intelligence team, “this can actually be seen as a positive sign for enterprise security. It means vendors are finding and fixing flaws before adversaries can weaponize them en masse.”
And Josh Taylor, lead cybersecurity analyst at Fortra, noted that 26 of the Microsoft vulnerabilities have a CVSS base score above 9.0, and 13 of those sit at 9.8. “That matters,” he said, “but CVSS is still only one part of the risk story. The real triage problem this month is the mix of exploited issues, a publicly disclosed BitLocker flaw, and a massive concentration of vulnerabilities in Windows and Office.”
He said, “for patching teams, this is the kind of month that rewards discipline. The right move is not panic, it is sequencing: put exploited issues and exposed infrastructure first, then let the normal validation process do its job.”
Others increasing their patch cadence too
Chris Goettl, vice-president of product management at Ivanti, noted many software vendors in addition to Microsoft are increasing their security update cadence. For example, Cisco Systems has just shifted to a risk-based, twice-monthly disclosure model (the first and third Wednesday of each month), Mozilla is on a near weekly security update march, and Oracle’s new Critical Security Patch Update (CSPU) program has been delivering targeted critical-severity fixes on the 3rd Tuesday of non-CPU months since May.
Nightwing also noted that Adobe issued 12 separate security bulletins for products in its first twice-monthly bulletin. Administrators must treat today’s Priority 1 ColdFusion update (APSB26-82) with urgency, as it patches a critical 9.9 CVSS path traversal vulnerability (CVE-2026-48318). It’s one of 11 ColdFusion vulnerabilities patched.
Additionally, retail and web administrators should immediately prioritize Adobe Commerce (APSB26-73), which resolves a 9.6 CVSS flaw allowing unrestricted uploads of dangerous file types (CVE-2026-48356).
SAP vulnerabilities
Jonathan Stross, senior product manager for cybersecurity research and innovation at Pathlock, said the most critical of the SAP fixes is Note 3747367, a memory corruption vulnerability in NetWeaver Application Server ABAP, with a CVSS score of 9.9. The vulnerability affects the ABAP Application Server, SAP Kernel, and frontend services tied to SAP GUI for HTML.
 According to SAP, an authenticated attacker can trigger logical memory-management errors that may lead to unauthorized data access, data modification, or system unavailability. The likely attack scenario involves a compromised account or malicious insider abusing a crafted request that reaches the vulnerable code path. 
“Because a successful exploit can impact confidentiality, integrity, and availability at the platform level, while potentially destabilizing a core ABAP system, organizations should treat this as the highest-priority patch in the July release,” Stross said. 
Prioritize the critical ABAP kernel issue, plus the AppRouter request smuggling note, and the Commerce Cloud sample-credential issue first, he said, because these are the most likely to produce direct security impact in real environments.
But do not treat the updated notes as noise, he added. The July overview includes three re-released items that still matter operationally, and this should be reflected in patch planning and change records. The attack surface is distributed: ABAP, Java, BTP, Commerce, SAProuter, UI5, and supporting libraries all appear in the same monthly cycle, so patching needs coordinated platform ownership.
Thomas Fritsch, an SAP researcher at Onapsis, described the SAP Security notes in detail and noted that SAP teams who can’t immediately install the NetWeaver memory corruption fix can, as a temporary workaround, disable all ICF nodes with a specific property in transaction SICF. However, since the workaround will disable opening transactions in SAP GUI for HTML, it is not an option for all customers and it is strongly recommended to install the patched ABAP Kernel version.
Patching should become continuous
“AI is likely to expose new classes of weaknesses, and will introduce some of its own through AI-assisted development,” commented Gene Moody, Field CTO at Action1. “Logically, with that in mind, the future of updating must become more continuous, more adaptive, and less tied to a fixed calendar. Discovery will not follow business logic; it will be swift and unforgiving. We must accept that, and be just as diligent in our defense, because the cost of failure is higher than the inconvenience of change.”
He added, “in my crystal ball, I see a future where Microsoft and others move steadily away from scheduled monthly patch cycles in favor of rolling updates for most security issues in as close to live time as they can be researched and released. That would be a win for the entire industry. Faster patch creation and delivery, paired with more agile practices on the customer side, would finally start to align patching with the pace of modern discovery and exploitation.”
“What needs to happen is simple,” he said. “Patching on a calendar is no longer a safe assumption in today’s threat landscape. Patching where and when needed versus scheduled is the only path forward.”
View the full article
LEGO today said the iMac G3 project submitted for consideration on its "Ideas" site has been moved to Parking Lot status, which means it hasn't been ruled out and could still possibly be turned into an official LEGO set.


On its "Ideas" website, LEGO lets fans submit mockups and suggestions for future LEGO sets. Any project that gets at least 10,000 votes goes to the LEGO Review Board and has a chance to become a LEGO set. Back in August 2025, LEGO fan terauma submitted a recreation of Apple's 1998 ‌iMac‌ G3 in Bondi Blue.


The LEGO creation captures the distinctive look of the ‌iMac‌ G3, featuring an all-in-one computer design, "hockey puck" mouse, matching keyboard, and accompanying cables. The design uses translucent blue LEGO pieces in a shade close to Bondi Blue, and the interior has details like a cathode ray tube and a circuit board.

The design successfully reached 10,000 supporters to make it to the LEGO Ideas team, and LEGO has been considering turning it into a set. Parking Lot status means LEGO needs more time to review the project, and in this case, LEGO could be communicating with Apple for permission.


Many Ideas set proposals get early rejections, so it's somewhat promising that LEGO is taking the time to further consider making an ‌iMac‌ G3 LEGO set. The Downton Abbey and The Old Man and the Sea LEGO sets were in the Parking Lot before making it to production.

The third 2025 Ideas review round that the ‌iMac‌ G3 set was in had 75 total qualifying ideas. Three were chosen to become sets, four (including the ‌iMac‌ G3) were given Parking Lot status for further consideration, and the rest were rejected. Projects can remain in the Parking Lot for up to three review periods before a final decision is made.

LEGO will share updates in the future on whether the ‌iMac‌ G3 project will move forward or will be rejected. A LEGO Apple Store proposal went through the same process, but it was rejected outright.Related Roundup: iMacTag: LEGOBuyer's Guide: iMac (Don't Buy)Related Forum: iMac
This article, "LEGO Considering Bondi Blue iMac G3 Set" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
OpenAI's first AI hardware product is a mobile smart speaker without a display, reports Bloomberg. The device is at the heart of a new legal dispute with Apple, with Apple accusing OpenAI of stealing trade secrets that have contributed to the development of the product.


OpenAI's speaker-like product is designed to "serve as a humanlike AI companion that lives in the home," according to Bloomberg. It will be able to control smart home accessories, answer questions, play media, respond to messages, and more, with the device powered by ChatGPT. It is meant to learn more about the user over time, becoming more personalized and proactive, using GPT-Live to communicate with users.

The device will have a personality, and will be able to "connect on a humanlike level with users." It has mechanical elements that can move on their own, to create a sense that the device is alive. There's also a camera so it can understand a user's surroundings. The AI product includes a rechargeable battery and it can be carried from room to room.

OpenAI CEO Sam Altman and former Apple designer Jony Ive have teased the device several times, suggesting it will have "incredible contextual awareness" about a user's life, and describing it as a new type of computer built for AI. The two have suggested prototypes are "jaw-droppingly good" and "exciting."

In a lawsuit filed against OpenAI for theft of trade secrets, Apple claims OpenAI used its confidential information developing the AI device, including gaining access to a proprietary metal finishing technique. "OpenAI's nascent hardware business now rests on the shakiest of foundations, rotten to its core by its illegal reliance on misappropriated trade secrets," reads Apple's filing.

People familiar with the project told Bloomberg that the device is different from anything Apple has on the market today, and it is "unlikely" it violates Apple trade secrets. Though Apple has the HomePod and HomePod mini speakers, OpenAI does not see Apple's speakers as comparable to its hardware product.

Apple is also working on a home hub device that sounds similar to what OpenAI is developing. Apple's smart home hub is rumored to have a 7-inch square display, a speaker, a camera for video chats and facial recognition, and Siri AI integration.

Initial rumors suggested OpenAI's hardware device could come out as soon as 2026, but it's now not expected to launch until 2027. OpenAI could unveil the AI product this year ahead of its 2027 release, but the Apple lawsuit could change the timing. Apple has asked the court for an injunction, and if granted, OpenAI could be prohibited from releasing hardware.Tag: OpenAI
This article, "OpenAI's First AI Device Will Be a Portable Smart Speaker" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
OpenAI says it is "not aware" of any evidence that Apple's allegations of trade secret theft have merit in a statement provided to Bloomberg.


Apple filed a lawsuit against OpenAI on Friday, accusing the company of intellectual property theft. Apple said OpenAI employees Tang Tan and Chang Liu schemed to steal confidential Apple information to further hardware development at OpenAI. Tan is OpenAI's Chief Hardware Officer and a 24-year Apple veteran who led product design, while Liu is on the hardware team at OpenAI after working as a senior system electrical engineer at Apple.

Tan and Liu allegedly asked Apple employees interviewing at OpenAI to come prepared with details on unreleased devices, components, manufacturing processes, and vendor relationships. Liu is also accused of keeping an Apple-issued laptop and exploiting an authentication bug to view confidential documents while working at OpenAI. From the lawsuit:

When Apple first filed the suit, OpenAI gave a dismissive response. "We have no interest in other companies' trade secrets," said OpenAI spokesperson Drew Pusateri. "We remain focused on building innovative technology that empowers people everywhere."

OpenAI's new statement about employee mobility hints at how it will frame the case publicly. In the lawsuit, Apple said more than 400 Apple employees have migrated to OpenAI, so OpenAI can point to its hiring of former Apple employees as motivation for Apple's lawsuit.

Apple is aiming for a jury trial, and is hoping to uncover more evidence through discovery. Apple has requested an injunction requiring OpenAI to cease using any Apple information during the development of OpenAI's AI hardware device. Apple is also seeking damages and suing Tan and Liu for breach of contract for violating their employment agreements.Tags: Apple Lawsuits, OpenAI
This article, "OpenAI: No Evidence Apple's Trade Secret Complaint Has Merit" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Microsoft Corp. today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the number of vulnerabilities the software giant fixed in its record-smashing Patch Tuesday release last month. Microsoft attributed the burgeoning patch counts to vulnerability discoveries aided by artificial intelligence.

Nearly 60 of the bugs quashed in July’s Patch Tuesday earned a “critical” severity rating, meaning miscreants or malware could use them to seize remote control over a Windows device with little or no help from the user. Microsoft also addressed three zero-day flaws that are already being exploited in the wild.
Two of the zero-day weaknesses allow an attacker to elevate their user rights on a Windows system, as do approximately 250 other elevation of privilege flaws fixed this month; they include CVE-2026-56155 — an Active Directory Federation Services bug — and CVE-2026-56164, a Microsoft Sharepoint vulnerability.
CVE-2026-50661 is a security feature bypass in Windows BitLocker that could allow attackers to gain access to encrypted data if they have physical access to the device. Microsoft said this bug has been detailed publicly, but that it is not aware of any active exploitation.
In a blog post on July 9, Microsoft Executive Vice President Pavan Davuluri wrote that Windows users will notice “a higher volume of security updates included in each security release” as a result of AI aiding in the discovery of vulnerabilities.
“The pace of vulnerability discovery is changing with advances in AI making it possible to find more issues, faster, across more code, with new mechanisms that can accelerate both discovery and analysis,” Davuluri wrote.
Jack Bicer, director of vulnerability research at Action1, called attention to CVE-2026-48561, a remote code execution flaw in Microsoft Copilot (with a 9.6 CVSS threat score) that allows an unauthorized attacker to execute code over the network. Microsoft says an attacker could exploit this bug by hosting a malicious website that causes Microsoft Edge for Android to automatically send crafted prompts to Copilot when a user visits the site.
As AI advances the state of vulnerability discovery and remediation, it is also making it easier for attackers to quickly devise working exploits for known software flaws. Microsoft has long labeled security bugs using its “exploitability index,” which is Redmond’s best guess as to how likely it is that attackers will be able to figure out a reliable way to exploit a given vulnerability.
But Satnam Narang, senior staff research engineer at Tenable, argues that Microsoft’s exploitability index needs to do a better job of shifting with the machine speed of discovery. For example, Microsoft originally gave this month’s SharePoint zero-day an exploitability rating of “less likely,” although the flaw was added to CISA’s Known Exploited Vulnerabilities list on July 1.
“Anthropic’s Red Team’s own findings for known vulnerabilities (n-days) revealed how fragile this system has become, with its Mythos Preview model being able to produce proof-of-concept exploits for 13 of 14 vulnerabilities that were rated ‘Exploitation Less Likely’ or ‘Exploitation Unlikely,'” Narang said. “What this means is that our way of looking at Patch Tuesday has changed, because the exploitability index is centered around humans, not AI tools, and as these tools continue to improve, defense needs to improve alongside it.”
Chris Goettl at Ivanti observed that the record patch numbers from Microsoft come as a number of other major software makers are increasing their patch cadence, including Adobe which announced today it is moving to twice-monthly security bulletins published on the 2nd and 4th Tuesday of each month (Adobe also cited AI for accelerating their patch cycles). Cisco, Mozilla and Oracle also are shipping updates more frequently, while Google’s patch batches in June 2026 totaled more than 900 security fixes, Goettl noted.
Backing up your Windows system and/or data is always a good idea before applying operating system updates. Given the volume of patches addressed this month it may be wise for end users to wait a few days before applying these fixes. It’s not uncommon for security patches to introduce system stability issues, and those chances probably increase quite a bit with the gigantic patch count released today.
Further reading:
Action1’s Patch Tuesday blog
Automox’s rundown
View the full article
Amazon has introduced a big discount on the Nintendo Switch 2: Choose Your Game Bundle, now available for $449.99 when you add the product to your cart, down from $499.00. As the name implies, this bundle allows you to choose from three games, all of which retail between $69.99 and $79.99, making this deal even better.

Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

Games available to choose from in this bundle include Donkey Kong Bananza, Mario Kart World, and Pokémon Pokopia. You'll pick one of these games as a digital game download on your new Switch 2 system.

Note: You won't see the deal price until checkout.
$49 OFFNintendo Switch 2 Bundle for $449.99

Considering the impending price hike coming to the Switch 2 in the fall, Amazon's deal today could be the last big markdown on the console before that price increase happens. Nintendo has announced that the Switch 2 console with no game will increase from $450 to $500, so we can expect the console game bundles to increase at that point as well.

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Amazon Hosts Rare Nintendo Switch 2 Deal, Get $49 Off Game Bundle" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple today released new AirPods beta firmware available for public testers. The firmware has a build number of 9A5314b, and it is available for the AirPods Pro 2, AirPods Pro 3, AirPods 4, and AirPods Max 2. The public beta firmware is identical to the third developer beta Apple released last week.


In iOS 27, iPadOS 27, and macOS Golden Gate, Apple is adding a new AirPods interface, a slider for Adaptive mode, and support for custom EQ, so the firmware lets public beta testers use those features. AirPods are also compatible with the new Siri AI.

When the AirPods are connected to an iPhone, iPad, or Mac running iOS 26, iPadOS 26, or macOS 26 or later, there is a beta firmware option that can be accessed in the AirPods settings interface. Toggling on beta updates allows users to install the beta firmware.

Firmware updates can be downloaded by connecting the AirPods to an Apple device and connecting them to power. It can take a few hours for new firmware to be installed because there is no straightforward software update option like there is for other Apple devices.Related Roundups: AirPods 4, iOS 27, iPadOS 27Buyer's Guide: AirPods (Caution)Related Forum: AirPods
This article, "Apple Releases New iOS 27 AirPods Firmware For Public Beta Testers" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
SAP has rolled out updates to address multiple vulnerabilities as part of its July 2026 security updates, including a critical flaw in SAP NetWeaver Application Server ABAP. The vulnerability in question is CVE-2026-44747 (CVSS score: 9.9), an out-of-bounds write flaw that allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that couldView the full article
macOS 27 Golden Gate is available to public beta testers as of this week, which means you can try out Siri AI and the other changes coming in the update before it launches this fall.

Subscribe to the MacRumors YouTube channel for more videos.
We don't recommend betas for devices that serve a critical function, and it's always best to test on a secondary device. macOS Golden Gate is a stable beta compared to past releases, but it's still in development and there can be some bugs to contend with. Before installing the update, make sure to create a Time Machine backup so you can go back to macOS Tahoe if you need to.

Liquid Glass

Apple added a Liquid Glass slider in macOS 27, and you can adjust the transparency level. You can select a clearer version of Liquid Glass that lets some of the background show through, or a more opaque version for improved legibility. Since it's a slider, you can also pick something in between.

Apple also tweaked the overall opacity of Liquid Glass, and it better diffuses complex content behind navigation bars and buttons. Darkened edges and brighter specular highlights add more depth and separation for different UI elements.

Toolbars, Sidebars, and Windows

Uniform toolbars in apps make text headings and groups of controls more legible, and Apple has cut back on the number of icons that are used in menu interfaces. Windows have the same corner radius for more consistency, and you'll notice that app corners are not as dramatically rounded.

Changes to window shadows and the Liquid Glass updates make it a lot easier to tell which window is active when you have several apps open.

Sidebars no longer float and are edge-to-edge, which is a less distracting design. Sidebar icons once again use color, too.

Siri AI

‌Siri‌ AI is the biggest change in ‌macOS Golden Gate‌. ‌Siri‌ is smarter, more capable, and functions like a chatbot. On the Mac, you can ask ‌Siri‌ anything using the Spotlight interface that comes up with Command + Space. Spotlight is now a unified "Search or Ask" bar where you can search for files, apps, and other content, or ask ‌Siri‌ to complete tasks or answer queries.

You can also interact with ‌Siri‌ using the dedicated ‌Siri‌ app, which is where you can view past conversations and start new conversations. ‌Siri‌ conversations sync across all of your devices, and the ‌Siri‌ app is cross-platform.

‌Siri‌ can see what's on your screen and access your personal information like emails, messages, and photos to answer questions. ‌Siri‌ can also search the web and complete tasks in apps for you. It's a huge change from the prior version of ‌Siri‌, and ‌Siri‌ can handle far more than it could before.

We have more on some of the tasks you can complete with ‌Siri‌ in our Siri AI guide.

Visual Intelligence

Apple brought the iPhone's Visual Intelligence feature to the Mac in macOS 27. You can ask ‌Siri‌ questions about what's on your screen with ‌Visual Intelligence‌, choosing the entire screen or just a portion.

‌Visual Intelligence‌ on the Mac works when you press Command + Shift + Space or Command + Shift + 6 to capture one area of the display. If you press Command + Shift + 5 (also used for recording your display and capturing screenshots), you can click on the ‌Visual Intelligence‌ icon to get an adjustable selection square for selecting an area of the screen.

‌Siri‌ can search for images, summarize, translate, identify objects, add information from the screen to apps like Calendar or Reminders, answer questions about what you're looking at, and more. ‌Visual Intelligence‌ on Mac has all of the same features as Visual Intelligence on iPhone, and it includes the new ‌Visual Intelligence‌ features like telling you nutritional information for food or splitting out a bill.

Write with Siri

There is a system-wide Write with ‌Siri‌ feature that goes beyond the Apple Intelligence Writing Tools available in ‌macOS Tahoe‌. ‌Siri‌ can compose entire emails or messages for you, give you feedback on your writing, change out words, and complete other editing tasks.

To use Write with ‌Siri‌ on Mac, right-click in an app and choose the Ask ‌Siri‌ option. If you select text before the right-click, you can ask ‌Siri‌ for editing help. If you have a blank document, you can ask ‌Siri‌ to generate something for you. When drafting emails or messages, ‌Siri‌ can analyze your past communications and generate something in your own writing style.

Apple also expanded spell correction in ‌macOS Golden Gate‌, and your Mac will now also give you grammar suggestions and fixes.

iPhone Mirroring

You can resize the iPhone Mirroring window in ‌macOS Golden Gate‌, dragging at the corner to make a window larger or smaller. Depending on the app, you may be limited to a portrait iPhone aspect ratio, but other apps support iPad or landscape layouts.

Shortcuts

It's easier for anyone to create a Shortcut in just a few minutes in ‌macOS Golden Gate‌. The Shortcuts app on Mac opens to an interface that lets you describe what you want a shortcut to do using natural language.

AI creates the shortcut for you, and you can refine it with further natural language commands or manually edit it. You can activate your shortcuts through the app or with ‌Siri‌ commands.

Safari Extensions

Safari has a customizable extension feature in ‌macOS Golden Gate‌, and you can use the Describe Extension option to type in what you want an extension to do. The extension is created using AI and is available to use right away.

To use it, click on the settings icon on the right side of the URL bar and choose the Describe Extension option. Some Apple examples:

Display a reading time estimate as a badge on the extension
Close duplicate tabs pointing to the same URL when I click the extension
Highlight this word
Create a 3-minute focus timer for the page
Set the minimum font size to 14pt
Every time I open a new tab, draw me a flower
Highlight and show the dimensions of webpage elements when I click them
Enter design mode for a website so that I can edit the contents
Save this recipe

Safari Tab Grouping and Notifications

Safari also has an intelligent tab grouping feature. Tabs in related categories are automatically grouped together in the tab view.

You can also set Safari to monitor a webpage for updates, with Hourly, Daily, Weekly, and Monthly checks available. When you set this feature up, you'll get a notification when the content on the webpage changes.

Performance Improvements

In addition to introducing ‌Siri‌ and new ‌Apple Intelligence‌ features, ‌macOS Golden Gate‌ cleans up underlying code. Apple made multiple refinements to speed up performance.

Animations and interactions are faster and smoother, and you'll notice a difference when scrolling Safari and other apps, opening Mission Control and Spaces, and using other Mac interface elements.

AirDrop transfers complete more quickly, browsing through files on attached network devices is faster, and window positioning is more stable when using external displays. Messages also sync faster and more reliably across devices.

Apple rebuilt its search foundation for Spotlight, Photos, Mail, and Messages, and indexing is quicker. When you search for something recent, it's more likely to come up right away than before, and in Mail, there's a ranking system that surfaces the emails you're most likely looking for. Mail search indexing is more reliable than before, and Spotlight search suggestions are more relevant.

How to Install

Sign up on Apple's beta testing website, then open up the System Settings app. From there, click on General > Software Update and under the Beta Updates section, click on the "i" to choose macOS 27 Golden Gate Public Beta.

After that, you can install ‌macOS Golden Gate‌ like any other software update.

System Requirements

‌macOS Golden Gate‌ runs on Macs with an M1 chip or later, plus the A18 Pro MacBook Neo. Intel Macs do not support ‌macOS Golden Gate‌ and won't get the new features.

Every Mac that runs ‌macOS Golden Gate‌ supports ‌Apple Intelligence‌ and ‌Siri‌ AI, but some on-device ‌Siri‌ processing features for selecting a natural voice and getting upgraded dictation require an M3 or later.

‌Siri‌ AI is not available in the European Union or China right now, and won't be available when the update launches this fall either.Related Roundup: macOS Golden Gate
This article, "macOS Golden Gate Public Beta: 10 Features to Try First" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Any other browser extension that can run a script on claude.ai can still trigger Claude for Chrome tasks aimed at your Gmail, your latest Google Doc and its comments, and your Calendar. Both this and ClaudeBleed need a rogue extension that can already run a script on claude.ai; the difference is scope. Anthropic restricted the arbitrary-prompt path in May as part of its response to the View the full article
Apple today announced that Madden NFL 27 Arcade Edition is coming to Apple Arcade on August 6, a new entry in the franchise built specifically for the service with a season-based structure and current NFL rosters.


The game is a full Madden title with no ads or in-app purchases, and it includes both Franchise and Quick Play modes, with player ratings drawn from real NFL performances. A weekly story engine drives Franchise mode, casting players as GM and tasking them with guiding a team through shifting storylines, keeping fans onside, and building toward a title. Controller support is available across the iPhone, iPad, Mac, and Apple TV.

Retro Bowl College+ also launches August 6, putting players in charge of one of 250 college programs in this spinoff of the original pixel-art Retro Bowl.

On September 3, NFL Retro Bowl '27 adds a new Gauntlet Mode, where players start with limited resources and try to string together 15 wins in a row for the top spot on the leaderboard, picking between easier matchups or riskier ones that pay out real NFL players and perks. Progress carries over between runs even after a loss, building toward a final matchup against a rival team.

A handful of existing Arcade sports titles are also set to receive updates. NBA 2K26 Arcade Edition now includes Tyrese Maxey as a new Paragon player and has added the 2016-2024 era to its Association mode. PGA TOUR Pro Golf gained a new course, Bear's Best Atlanta, and starting July 16, NFL Retro Bowl '26 is rolling out Historic Super Bowl challenges built around some of the league's most memorable title games.

Apple also pointed to a handful of Arcade games that can now be sampled on the App Store without a subscription, including PowerWash Simulator, Mini Motorways, Cooking Mama: Cuisine!, and Play-Doh World.

‌Apple Arcade‌ is a subscription service that provides access to hundreds of games across the iPhone, ‌iPad‌, Mac, ‌Apple TV‌, and Apple Vision Pro. All of the games are free of ads and in-app purchases. In the U.S., ‌Apple Arcade‌ costs $6.99 per month, and it is also bundled with other Apple services in all Apple One plans. ‌Apple Arcade‌ can be accessed through the ‌App Store‌ and the Apple Games app.Tag: Apple Arcade
This article, "Madden NFL 27 Arcade Edition Coming to Apple Arcade" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Amazon today has the AirPods 4 available for $99.00, down from $129.00. This is a second-best price on the AirPods 4, which is the base model without Active Noise Cancellation, and it's accompanied by a deal on the AirPods 4 with ANC.

Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

Amazon provides a July 19 estimated delivery date for free shipping, with faster delivery options for Prime members. This model hasn't hit its all-time low price since last holiday season, so Amazon's price today remains one of the best we've seen all year on the AirPods 4 base model.

$30 OFFAirPods 4 for $99.00

Additionally, you can get the AirPods 4 with ANC on sale for $148.99 right now on Amazon, down from $179.00. Similar to the base model, we haven't tracked a record low price on the AirPods 4 with ANC in months, making today's deal a solid second-best option for anyone shopping for AirPods this summer.

$30 OFFAirPods 4 (ANC) for $148.99

Head to our full Deals Roundup to get caught up with all of the latest deals and discounts that we've been tracking over the past week.



Deals Newsletter

Interested in hearing more about the best deals you can find in 2026? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season!




Related Roundup: Apple Deals
This article, "Amazon Takes $30 Off AirPods 4 Models This Week" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
We spent the week at AI Engineer World’s Fair in San Francisco, on stage and on the floor. Here’s what we heard, and where we think it lands for anyone building with agents.
The SDLC is being rebuilt in public

This week at AIE felt like a synthesis of what’s been playing out in developer tools for the last few years, for anyone who’s been watching. The software development lifecycle is reshaping itself into an AI-native SDLC, and the industry is naming the new jobs and developer concerns that come with this rapid transformation.
The proof was in the track list: Evals, Context Engineering, Harness Engineering, Memory, Sandbox & Platform Engineering, Inference, plus a whole thread on “software factories.” Two years ago most of these phrases were far from being thought of as categories. Now each one is a discipline with its own sessions, its own vocabulary, and its own crop of companies on the expo floor built to solve that single problem.
So what were most talks about? A little bit less of “can agents and AI do this,” and more of “given this way of building, what decisions and trade offs do we need to think about?” Evals, loops, harnesses, context, memory, isolation, cost. None of this is brand-new, but it’s all getting a whole new level of mindshare, as developers work out the new shape of creating software with AI. Even the model labs spent much of their stage time on how you build with the model: the integration API, the harnesses, the ergonomics, rather than the model itself. 
The job we care most about: securing where agents run

Of all those emerging disciplines, sandboxing is the one that hit critical mass this year. There was a full track dedicated to sandbox and platform engineering, and the sessions inside it were still working out what a sandbox should even be: full VM, lightweight runtime, Kubernetes, something purpose-built. Talks focused on concerns such as running agentic sandboxes at scale and comparing isolation technologies head to head. 
This is the job Docker showed up to talk about, across three sessions.
Give agents more freedom by giving them less surface
Our EVP of engineering, Tushar Jain, gave the mainstage talk: “Unlock Agent Autonomy: The Runtime for AI-Native Systems.” The actors have changed – agents read and write whole codebases, spawn subagents, install dependencies, and call APIs across laptops, CI, cloud, and org boundaries, often unsupervised. Teams leaning into this shift are moving fast, but most organizations still won’t let agents run autonomously, not because the model isn’t capable, but because trust isn’t there yet. This thinking draws on a concept security researcher Simon Willison has written about, the “lethal trifecta”: any useful agent tends to end up with access to private data, exposure to untrusted content, and the ability to act in the outside world, all three, by design. No prompt or policy doc gets rid of that. The durable fix lives one layer down, at the runtime, which is where we spent the last decade: isolation, network policy, trusted images, credentials. Agents are just the next workload.
An agent doesn’t have to be malicious to be dangerous
Rowan Christmas, a staff product manager at Docker, made the risk concrete. In “YOLO Mode, Safely: microVM Sandboxes for Any Agent,” he ran a coding agent on his own laptop with nothing but read access, and no sandbox or unusual permissions. Within a few minutes it had pieced together a surprising amount about his online banking activity from what it could passively see. A destructive command like rm -rf is the obvious fear, but the mundane can bring risk: read access, plus untrusted content, plus the ability to act, is already enough to do damage. An agent doesn’t have to be malicious to expose you. It just has to be able to see. The alternative Rowan showed puts each session in its own Docker sandbox based on a microVM, with a boundary you define across filesystem, network, and tools. It can run Claude Code, Cursor, Codex, or whatever you’re driving.
Once an agent can install packages, run Docker, and reach the network, which describes most genuinely useful agents, a hardware boundary buys you something you can’t easily bolt on later. And where much of the scale conversation is cloud-first, built for fleets of agents running server-side, Docker’s approach starts first on the laptop the developer already uses, because that’s where most people actually run agents today. (We go deeper on the reasoning in “Why microVMs” and our comparison of sandboxing approaches, including what the isolation costs you, because it isn’t free.)
Nobody’s reviewing what your agents just installed
The third talk covered the tool layer. Jim Clark, a principal software engineer on our MCP team, spoke about “Who Approved That MCP Server? Governing the Tool Layer,” and opened with a line that got knowing laughs: “shadow MCP”. Developers install MCP servers faster than security can review them, and an unvetted server is a direct line to your data. That worry was all over the event, not just our session. Jim’s demo put every server behind one org-managed catalog, vetted, signed, default-deny on anything unapproved, with the policy enforced live on stage.
Where this leaves us

So how does it come together? An agent is only as trustworthy as the boundaries around it, and those boundaries live in three places: what it builds on, where it runs, and what it can reach. Miss any one of them and the other two won’t cover for you. A hardened image dependency is no help if the agent can still read your whole filesystem unsandboxed, and a locked-down sandbox is no help if the agent can call an unvetted MCP server straight out of it.
That was the case Docker made all week: harden what agents build on, isolate where they run, control what they can reach, and govern all three from one place. We think this is the part that has to be solved first, because it’s where AI-native developers will start building the apps of the future.
Further reading: 
Docker Sandboxes run standalone (brew install docker/tap/sbx) Docker AI Governance ties sandbox and MCP policy into one console. MCP Catalog, Toolkit, and Gateway are in Docker Desktop today Docker Hardened Images are a drop-in change to your FROM line View the full article
Facilities in Apple's supply chain have finished renovations ahead of "iPhone 20" production, according to a Weibo leaker who says Apple's 20th-anniversary iPhone will move to an all-glass design.


In a new post on Weibo, the leaker known as "Fixed Focus Digital" said the "preferred approach" for the iPhone 20 is a return to glass, with manufacturing quality expected to land somewhere around that of the first-generation iPhone Air. The leaker said the relevant manufacturing facility has "already been renovated" and is now waiting for machining to begin, but didn't name the supplier involved. Lens Technology produces iPhone cover glass and previously took over metal-frame and glass-back assembly plants from fellow supplier Catcher Technology.

Apple's iPhone production typically doesn't reach full-scale manufacturing until a matter of weeks before launch; for the iPhone 17, trial production began in June with full-volume output targeted for August, about a month ahead of the device's September release. The information likely refers to an early step in retooling a production line, which is the kind of groundwork Bloomberg said Apple is already "ramping up" as it develops the 20th-anniversary redesign.

The claim adds fresh supply chain detail to a redesign that has been rumored for well over a year. Bloomberg's Mark Gurman reported that Apple is aiming for a "mostly glass, curved iPhone without any cutouts in the display" to mark the iPhone's 20th anniversary, with curved glass wrapping around all sides of the device and a launch expected in September 2027.

In May, Fixed Focus Digital pushed back on an earlier report from fellow leaker Instant Digital claiming Apple was exploring liquid metal or an improved titanium alloy to replace aluminum on future Pro models, arguing that aluminum remains the only practical choice for now given the heat generated by on-device AI processing.

At the time, Fixed Focus Digital said any material change was unlikely before 2027, in line with the iPhone 18 Pro's expected retention of the same aluminum unibody design introduced on the iPhone 17 Pro. Earlier this month, the leaker reiterated that aluminum mid-frames are "going to be used in straight-edge phones for a long time to come," a distinction that leaves room for a different approach on the curved-edge iPhone 20.

The 20th anniversary iPhone models are expected to launch in the fall of 2027, following the iPhone 18, iPhone 18e, and ‌iPhone Air‌ 2 in the spring.Tags: 20th-Anniversary iPhone, Fixed Focus Digital
This article, "Factories Now Ready for iPhone 20's Glass Redesign, Leaker Claims" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple is allegedly using a 60Hz 8.4-inch display panel in the upcoming OLED iPad mini, which is expected to be released later this year.


The information comes courtesy of a hit-and-miss tipster running the account "yeux1122" on the Korean Naver blog. The leaker claims to have been told by a source in Apple's supply chain that the unreleased iPad mini is equipped with a low-temperature polycrystalline silicon (LTPS) backplane hybrid OLED panel clocked at 60Hz.

Apple's ‌iPad Pro‌ models feature two-stack low-temperature polycrystalline oxide (LTPO) OLED panels‌, which makes the display capable of dynamically adjusting its refresh rate between 10Hz and 120Hz (aka ProMotion). In contrast, LTPS OLED panels are usually paired with fixed refresh rates – such as 60Hz, 90Hz, or 120Hz – and are typically dimmer than LTPO panels.

If the leak is true, it's likely to disappoint iPad mini fans. Previous reports have not been clear on whether the iPad mini 8 will feature a higher refresh rate than the 60Hz LCD display used in the existing iPad mini 7. Given that the base iPhone 17 uses a 120Hz ProMotion panel, some would have believed it was reasonable to expect the same on the first OLED iPad mini. That said, the iPhone 17e goes to show that Apple is still in the 60Hz OLED business, so it might not consider the iPad mini to be a big enough market to justify the more advanced panel technology.

There's still hope of course that the rumor is off the mark. The leaker also said that the smaller form factor iPad is currently in mass production at Samsung Display's A2 Generation 5.5 OLED production line, which is located at its Asan campus in South Korea. Samsung has used the A2 line to manufacture LTPO panels as well as comparatively inferior LTPS panels, so if that piece of information is true, it doesn't mean the new iPad mini will definitely use the latter panel.
OLED iPad Mini: Release Date, Pricing, and What to Expect
Late last month, a report from Korean outlet ETNews claimed that mass production of the iPad mini 8 was underway at a Samsung factory. There are no rumors suggesting exactly when the next ‌iPad mini‌ will be released, but a late 2026 launch is widely expected. Aside from refresh rates, OLED offers several advantages over the LCD technology used in the iPad mini 7, such as higher contrast, deeper blacks, and improved power efficiency.Related Roundup: iPad miniTags: Naver, OLEDBuyer's Guide: iPad Mini (Don't Buy)Related Forum: iPad
This article, "Upcoming OLED iPad Mini Allegedly Uses 60Hz 8.4-Inch Display Panel" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Apple grew iPhone shipments in China by 24.4 percent year over year in the second quarter of 2026, making it the fastest-growing smartphone brand in a market that shrank overall, according to preliminary figures released today by research firm IDC.


Total shipments in China fell 4.3 percent to roughly 66 million units, amounting to a fifth consecutive quarter of decline. Apple and Huawei were the only major vendors to grow, with Huawei up 19.4 percent.

Apple's share of the Chinese market rose from 13.9 percent to 18.1 percent year over year, which was second only to Huawei's 22.6 percent. Meanwhile, Xiaomi suffered the steepest fall among the big brands, with shipments down 21.7 percent.

IDC attributes the market divergence largely to the way vendors reacted to rising memory and component costs amid the AI infrastructure buildout. Most Android vendors raised prices from late March, but Apple and Huawei held theirs steady, instead introducing targeted promotions.

On top of this, Huawei kept widening its lineup to cover more of the market, while Apple's early warnings of upcoming price increases in the second half of the year encouraged some buyers to purchase iPhone 17 series models sooner than they might have otherwise. "That gave hesitant buyers a reason to go ahead and purchase," said IDC analyst Arthur Guo.

The growth came despite a weak June market, as smartphone sales during China's "618" shopping festival fell nearly 15 percent compared to the same period in 2025.


IDC says it expects conditions to deteriorate over the next couple of years. As vendors run down cheaper component inventory, the firm forecasts China's year-over-year decline could widen to around 20 percent in the second half of 2026, right around when Apple is expected to launch its new iPhone 18 Pro models and first foldable iPhone. Storage prices are unlikely to ease meaningfully before 2027, and a broader recovery is not expected until 2028 or 2029, reckons IDC.

On the bright side, the research firm believes customers are postponing upgrades rather than walking away from smartphones, so the delayed demand should return in time. On that basis, a recovery could arrive around 2028–2029 as a fresh replacement cycle comes due.Related Roundup: iPhone 17Tags: China, IDCBuyer's Guide: iPhone 17 (Neutral)Related Forum: iPhone
This article, "iPhone 17 Pricing Helped Apple Buck China's Q2 Smartphone Decline" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
WhatsApp is developing a first-party cloud storage option for chat backups on iPhone, providing users with an alternative to iCloud for the first time, according to app tinkerer WABetaInfo.


Code found in the WhatsApp beta for iOS (version 26.28.10.16), available through TestFlight, suggests that users will eventually be able to pick their preferred backup destination directly from the app's chat backup settings. iCloud however will remain the default.

The feature harks back to one that WABetaInfo spotted in development for Android back in April, which is set to give users on Google's platform a way to store backups off Google Drive.

Under the plan, WhatsApp will reportedly include 2GB of free storage on its own servers, and there will be a 50GB tier priced at around $0.99 per month, similar to Apple's entry-level iCloud+ plan. There is also said to be a 1TB option in the works, although the tiers and pricing could always change before the backup feature goes live.

Image: WABetaInfo
Notably, backups kept on WhatsApp's servers will be protected by end-to-end encryption (E2EE) by default, with no way to switch encryption off. That's firmer protection than what is offered by iCloud backups, whose users must turn on encryption manually by enabling Advanced Data Protection (ADP). WhatsApp will reportedly recommend securing backups with a passkey, but a password or 64-digit key will also work.

WABetaInfo says the feature is still in development and not yet working for beta testers, and WhatsApp hasn't yet stated when it plans to officially launch the backup alternative.Tag: WhatsApp
This article, "WhatsApp Beta Reveals iCloud Backup Alternative for iPhone" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
A newly documented phishing-as-a-service platform distributed through Telegram is lowering the technical barrier to Microsoft 365 account takeovers by giving less-skilled attackers automated tools to evade some authentication controls and retain access after compromise.
The platform, called Forg365, uses AI-assisted lure creation alongside device-code abuse and adversary-in-the-middle techniques, according to research published by security company ZeroBEC.
Forg365 was offered with a five-day free trial, followed by subscriptions priced at $400 per month or $3,800 per year, the researchers said.
Customers can build phishing lures and control email delivery through a single operator panel. They can also manage captured account data and monitor compromised Microsoft 365 mailboxes. The service includes templates that impersonate widely used business platforms such as DocuSign, Adobe Acrobat Sign, SharePoint, and OneDrive.
“Phishing-as-a-service has been around for quite a few years,” said Jonathan Ong, senior analyst for managed security services at Omdia. “But the degree to which AI is integrated into Forg365 and enables users is what makes it concerning.”
Forg365’s significance lies in the industrialization and productization of the operator workflow, according to Devashri Datta, a cybersecurity researcher. “It integrates AI-assisted lure creation, evasion, and post-compromise mailbox operations into a subscription service distributed through Telegram,” Datta said.
How Forg365 works
ZeroBEC said the campaign it investigated began with an email built around a business-document and remittance-approval pretext. The message relied on legitimate cloud and email services before sending the recipient through several redirects.
Forg365 classified visitors before deciding whether to display a device-code phishing page, an adversary-in-the-middle flow, or a harmless decoy.
In the device-code attack, the victim is directed to a legitimate Microsoft authentication process and persuaded to enter a code that authorizes a session controlled by the attacker. The involvement of genuine Microsoft infrastructure can make the request appear credible.
The platform can also relay authentication through an adversary-in-the-middle attack and capture session information. ZeroBEC said suspicious visitors were diverted to a benign page, helping the operators conceal the phishing flow from researchers and automated security tools.
Complicating incident response
A browser extension called ForgCookie allows attackers to generate and refresh Microsoft single sign-on cookies from their own browsers, ZeroBEC said.
Forg365 also advertises tools for keeping sessions active and monitoring a compromised inbox. Read-only access to the mailbox can then be shared through a password-protected link.
As a result, resetting a password may not remove the attacker. Stolen refresh-token material or an attacker-controlled session could remain usable after the password is changed. Any devices registered during the compromise must also be investigated.
“CISOs should treat two controls as co-equal priorities rather than sequential ones,” Datta said, referring to tightly restricting device-code authentication and deploying phishing-resistant MFA such as FIDO2 or WebAuthn passkeys.
Organizations that do not require device-code authentication should consider blocking it in Microsoft Entra ID, said Keith Prabhu, founder and CEO of Confidis. This can disrupt the device-code component of a Forg365 campaign, although it would not stop attacks that rely on adversary-in-the-middle techniques or stolen session cookies.
Companies that still depend on device-code authentication should identify legitimate uses before imposing a broader restriction. Exceptions may be needed for some command-line tools, conference-room systems or other devices with limited input capabilities.
Deploying phishing-resistant authentication may also require hardware security keys or managed smartphones and could increase support requests during the transition, Datta said.
After detecting a compromise, response teams should revoke active refresh tokens and terminate existing sessions. Prabhu also recommended reviewing and revoking unauthorized OAuth permissions. Because ForgCookie runs in the attacker’s browser, defenders should look for repeated silent sign-ins and non-interactive Microsoft Graph activity from unfamiliar addresses, according to ZeroBEC.
Mailbox forwarding rules and delegated access should be reviewed for unauthorized changes, Prabhu said. Such changes could allow attackers to monitor communications or retain access after a password reset.
“IR teams should audit newly registered devices and remove any that cannot be attributed to the user,” Datta said. Teams should also check whether an attacker enrolled an unauthorized authenticator application or passkey during the compromise, she added.
ZeroBEC found that some devices registered during its investigation had names beginning with “Forg365,” giving defenders a possible indicator of compromise.
View the full article
Google has announced the rollout of Chrome's latest AI features to Mac and PC users in the U.K., indicated by a new "Ask Gemini" button with a sparkle icon in the upper right side of the browser.


Gemini in Chrome can work across multiple tabs, which is supposed to make it useful for comparing and summarizing information from several websites at once.

It also integrates with Google services such as Calendar, YouTube, Gmail, and Maps, allowing users to perform tasks like jumping to a specific moment in a YouTube video, scheduling a meeting, or drafting an email without leaving the current webpage.

The rollout includes Nano Banana, a new AI tool that can be used to generate images from text prompts right from the browser's sidebar.

Google says the new AI features will also be coming to iOS in the U.K. next month.

If you're not interested in any of this stuff, you can simply right-click on the Ask Gemini button at the upper right corner of Chrome and select Unpin to remove it from the browser.

Gemini's Chrome integration was initially limited to AI Pro and AI Ultra subscribers, but Google expanded access to all desktop users in the US in September 2025, followed by rollouts to over 50 countries.Tags: Chrome, Google, United Kingdom
This article, "Google Chrome's Gemini AI Features Roll Out to UK Users" first appeared on MacRumors.com

Discuss this article in our forums

View the full article
Seventy-one percent of organizations say AI has access to core business systems. Only 16% govern that access effectively, according to the 2026 CISO AI Risk Report. Ask your IR team three questions: Where is your AI system inventory? What happens if a production model starts generating harmful outputs? Who has the authority to take it offline?
I’ve spent 14 years in security — energy, banking, telecom, manufacturing. Red team work, detection programs and the last several years focused on AI risk and ShadowAI. What I see consistently: Organizations have AI in production, they have an IR playbook and they think those two things are connected. They’re not.
The CISO who thinks their IR playbook covers AI incidents probably hasn’t tested it. The ones who have tested it know it doesn’t.
Two kinds of AI incident — and why that split matters more than the list
AI incidents surged 56.4% from 2023 to 2024, reaching 233 documented cases. Most IR frameworks — including NIST SP 800-61, MITRE ATLAS and the GLACIS AI Incident Response Playbook — provide you with a taxonomy of six incident types and stop there. While useful, it misses the more important split: Failures the model causes on its own, versus failures caused by a human. Your detection approach, your containment logic and your legal exposure are very different between those two groups.
Model-originated failures — degradation, bias, hallucinations — happen when the system does exactly what it was built to do, just badly. The Epic Sepsis Model, deployed across hundreds of US hospitals, had a sensitivity of only 33% at external validation. It missed two-thirds of actual sepsis cases and flooded physicians with false alerts, as a 2021 JAMA Internal Medicine study found. No one attacked it. It just quietly stopped working while every dashboard stayed green.
Externally induced failures — adversarial attacks, data poisoning, privacy breaches — happen when someone corrupts the inputs or the training environment. Tesla’s Autopilot phantom braking cases, investigated by NHTSA across hundreds of thousands of vehicles, show what adversarial input failures look like in a safety-critical system. These two groups need different primary defenses and their own playbooks.
Then there is the hybrid case, which carries the most legal exposure right now. Hallucinations are model-originated but they land in court like human errors. When Air Canada’s chatbot invented a bereavement fare policy, the airline was held liable. When a US federal court let Mobley v. Workday proceed, it accepted that an AI hiring platform could be directly liable as an ‘agent’ of the employers using it. Neither failure looked like a security incident. Both ended up as legal ones. If your legal team is not on your IR call tree, your playbook is already incomplete.
The CIA triad doesn’t cover a hallucination
The CIA triad — confidentiality, integrity, availability — does not apply to most AI incidents. When Air Canada’s chatbot made up a policy, nothing was unavailable, nothing was changed without authorization, nothing was disclosed. The framework simply doesn’t reach it. When the Epic Sepsis Model missed two-thirds of cases, there was no breach, no intrusion, no indicator of compromise. By every traditional IR metric, the system looked fine.
This is not an edge case. Classical IR frameworks assume deterministic failures with static indicators of compromise — an assumption that breaks down against probabilistic systems. Microsoft’s Security Blog said it well in April 2026: A model may produce harmful output today and something completely different from the same prompt tomorrow. The root cause is not a line of code. It is a probability distribution, and as Microsoft’s Security Blog put it, you cannot patch a probability distribution.
The numbers confirm the gap. Average AI incident detection time is 4.5 days. Sixty-seven percent of AI incidents come from model errors, not adversarial attacks — yet security budgets keep funding perimeter tools built for the latter. We are looking for the wrong signals, with the wrong tools, for the wrong failure modes.
What a mature AI IR capability looks like
I get asked this at every conference I speak at. Here is the short answer: Three things that mature teams have in place before any incident occurs.
First, an AI Bill of Materials (AIBOM) for every production system. Think of it like a software SBOM, but for AI: It documents the base model, training datasets, third-party dependencies and the full component stack. Without it, you don’t know what your AI is made of — and you can’t investigate a data poisoning incident or a supply chain compromise without that baseline. The OWASP GenAI Security Project released an open-source AIBOM generator in December 2025 that produces output in CycloneDX format aligned with SPDX standards. It is practical to implement now.
Second, a model card for every production AI system — not a document in a shared drive nobody opens, but something your IR team can pull up in the first ten minutes of a response. Training data provenance. Model version. Known performance limits, including which subpopulations showed weaker accuracy in testing. Access controls. Blast radius if it fails. Most organizations I work with have model documentation written for data scientists that no one in security can use at 2am. That is not documentation. That is liability.
Third, a named data scientist on the IR call tree. Not someone to brief after the incident — someone with authority to interrogate model behavior in real time. Traditional IR has a network engineer on call. AI IR needs the same logic applied to the people who understand how the failing system works.
A fourth thing that very few teams have: A documented rollback threshold for each deployed model. A pre-agreed definition of what anomaly rate, drift metric or fairness deviation triggers containment or a fallback switch. Teams without this spend the first hours of an AI incident debating whether what they are seeing is actually a problem. Teams with a threshold spend those hours responding.
Four things to do before the next incident
Rewrite your detection triggers. Output anomaly scoring, data distribution monitoring for drift and behavioral tracking of model API usage need to be in your detection layer. They will not come from your SIEM. This is instrumentation work at the AI system level.
Redefine containment. For most AI incidents, ‘isolate the system’ is the wrong first move. Switching to a rule-based fallback while keeping the service running may cause less harm than taking the system offline and triggering a business escalation. Each deployed model needs pre-defined rollback criteria and a named fallback. Write those down now.
Get legal in the room before the incident. Mobley v. Workday means both the AI vendor and the deploying organization can carry liability for bias incidents. Air Canada means you cannot disclaim what your AI says to a customer. If your legal team is learning about an AI incident from a press inquiry, something has already gone wrong.
Build your AI inventory and treat it like your asset register. Start with the AIBOM for your highest-risk systems — those with access to customer data, financial decisions or clinical workflows. The GenAI-IRF framework gives you a structured taxonomy for this work and the GLACIS AI Incident Response Playbook maps it to NIST SP 800-61 and MITRE ATLAS procedures your team can adapt without starting from scratch.
Forty-two percent of organizations have already had a suspicious or confirmed AI incident, and more than half say their security posture is catching up, inconsistent or reactive. Updating your playbook isn’t optional. Fix it before you need it.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
View the full article
Enterprises have worked for years to improve detection and response times in the face of increasingly sophisticated attacks that relied on manual hacking and living-of-the-land techniques. AI is now threatening to undo those efforts.
An increasing number of threat actors are automating all phases of attacks, including lateral movement by using LLM-powered agents, severely reducing the time from initial access to deep environment compromises.
“The real shift is speed, scale, and orchestration: familiar cloud attack techniques were executed faster and across more surfaces than defenders could comfortably contain,” wrote researchers from security firm Sygnia last week in a report about an AI-assisted cloud environment compromise they investigated.
Sygnia’s report came on the heels of research from Sysdig about a cyber intrusion and extortion campaign conducted end to end by an autonomous AI agent. Actions undertaken by the agent included harvesting credentials, mapping internal services, and establishing persistence.
What both incidents show is that AI attacks have graduated beyond LLM-written malware scripts and phishing lures to handling all stages of attack chains, including parts that previously required human reasoning and hands-on command execution adapted to the environment.
Last month researchers from the University of Toronto revealed that they managed to create an AI-powered self-replicating worm capable of autonomously finding and exploiting weaknesses in dozens of simulated systems. The researchers achieved this by leveraging an open-weight AI model and building an attack harness to keep it on track.
While it may not be surprising to security experts that this level of AI-assisted attack automation is already happening in the wild, it’s very unlikely that many companies have had time to adapt their defenses.
“What this exposes is a truth that all security personnel must come to terms with: Most breaches won’t hinge on advanced AI, but on unpatched systems, exposed services, and weak identity controls,” Gidi Cohen, CEO and co-founder of AI security startup Bonfy.ai, tells CSO. “AI just makes those gaps impossible to ignore. The organizations that will struggle aren’t the ones lacking AI defenses; they’re the ones still relying on human-speed security in a machine-speed threat environment.”
No need for zero-days
As aptly demonstrated by the U of Toronto study, AI agents don’t need sophisticated zero-day vulnerabilities to break into environments, because many environments have systems and applications with known flaws and generic weaknesses.
The attack documented by Sysdig, which its researchers dubbed JadePuffer, exploited a year-old vulnerability (CVE-2025-3248) in Langflow, ironically a tool for building AI agents. In the new attack documented by Sygnia, attackers exploited a weakness in a web application that enabled them to find a stored AWS key. From there they quickly made their way through the victim’s cloud environment with the help of AI automation.
“The threat actor was not exploiting a single misconfiguration; they were chaining weaknesses across application services, AWS resources, source-control repositories, CI/CD workflows, runtime components, and data stores, while rapidly executing credential discovery, secrets harvesting, cloud enumeration, deployment-pipeline abuse, runtime modification, database access, and operational disruption,” the researchers said.
As with the JadePuffer case, the attackers documented by Sygnia were focused on extorting money from the victim. To achieve this, they compromised as many AWS instances as possible, exfiltrated data but also set up multiple persistence points in the AWS environment. The goal was to put pressure on the victim by demonstrating that despite recovery efforts they still had access to the environment.
Speed is the new game
Once sophisticated attackers break into an environment they often spend weeks or even months slowly moving to other systems. This is in part because it takes time for a human team to gain a thorough understanding of the environment and to find where the most valuable systems are.
This activity is also often trial-and-error: The attackers perform reconnaissance to discover the network’s topology, find exploitable weaknesses in additional systems, and search them for stored credentials that could provide access to more targets, all while using existing OS tools or common system administration techniques that won’t trip malware and intrusion detection systems.
Active threat hunting is one way to counter such techniques that are designed to evade automated detection. When threat hunting, human analysts inspect the organization’s network and systems manually for signs of compromises that might have been missed by tools. This is a slow but effective defensive technique — but only if attackers operate with the same time constraints.
“Traditional incident response often relies on the assumption that attacker progression will generate enough observable signals for defenders to investigate and contain activity before access materially expands across the environment,” Sygnia’s researchers wrote in their report. “The observed attack pattern challenged this assumption. Forensic traces showed rapid, repeated activity consistent with automated or AI-assisted workflows for credential harvesting, permission analysis, vulnerability discovery, and attack-path mapping, allowing the intrusion to progress across multiple stages in a compressed time frame.”
And it wasn’t a case of simple automated scripts going through an attack playbook either, but workstreams that showed clear signs of environment adaptation. Every new access was rapidly assessed and resulted in actions tailored for that specific system, whether an EC2 instance, S3 bucket, SQL database, or a CI/CD runner on GitHub.
Prevention is back in the spotlight
The obvious answer to AI-assisted attacks is AI-assisted defense. But simply the presence of AI-powered features in detection and response products is not a guarantee for thwarting such fast and adaptive attacks. Organizations must ensure all these tools and workflows are well integrated into a coordinated process across their different teams.
Moreover, these attacks show the value of defense-in-depth actions such as continuous validation of configurations, fast patch deployment, frequent secrets rotation, network segmentation, IP-based access control rules, implementing the principle of least privilege for credentials, restricting administrative privileges, enabling multi-factor authentication, and isolating cloud workloads.
Sygnia also recommends building automated response playbooks that can be quickly adjusted and deployed when potential signs of compromise are detected.
“The skill floor for running a ransomware operation dropped to the cost of running an agent,” Dray Agha, senior manager of tactical response at security firm Huntress, tells CSO. “Very mediocre cyber criminals can now ‘level up’ their impact from AI. That should worry defenders more than any single new technique, as it means more attackers, more often, against more of the long tail of unpatched, exposed infrastructure.”
View the full article
Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce environments without exploiting a single flaw in the platform. The way in has been the trust the organization had already extended, usually through the OAuth connections that tie Salesforce to the apps and third-party vendors around it. In View the full article

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.