Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

technology
AI AI Systems Nvidia software spacex supply chain technology

Nvidia Introduces AI-Focused PC Chip as Industry Pushes Toward Local AI Processing

 Nvidia has announced a new processor designed to run artificial intelligence applications directly on personal computers, signaling the company's latest effort to expand beyond the data center market and into everyday computing devices.

The announcement was made by Nvidia Chief Executive Officer Jensen Huang during a keynote presentation in Taipei ahead of Computex, one of the world's largest technology trade shows. The new chip, called RTX Spark, was developed as part of a long-running collaboration between Nvidia and Microsoft aimed at adapting personal computers for increasingly complex AI workloads.

Unlike many current AI services that rely on cloud infrastructure to process requests, the RTX Spark platform is designed to execute AI tasks locally on laptops and desktop systems. This allows certain AI functions to operate directly on the device rather than sending data to remote servers for processing. Industry observers believe this approach could improve response times, reduce dependence on internet connectivity, and give users greater control over sensitive information.

Nvidia said the processor was developed in partnership with Taiwanese semiconductor company MediaTek. Systems powered by the chip are expected to become available later this year through several major computer manufacturers, including Dell, HP, Lenovo, ASUS, MSI, and Microsoft's Surface product line. Additional products from Acer and GIGABYTE are also expected to follow.

The launch places Nvidia in more direct competition with companies such as AMD, Intel, Apple, and Qualcomm, all of which are pursuing their own strategies for bringing artificial intelligence capabilities to personal computers. While Nvidia has established a dominant position in hardware used to train large AI models, the company is now increasingly focused on technologies that run AI applications after those models have already been developed.

A major objective behind the RTX Spark platform is support for so-called AI agents. Unlike conventional chatbots that simply answer user questions, AI agents are designed to perform sequences of tasks with limited human intervention. Potential applications include managing schedules, conducting research, organizing information, generating content, and carrying out routine administrative work.

According to Nvidia, future personal computers will need significantly more processing capability to support these systems because AI agents are expected to operate continuously in the background rather than responding only when a user initiates an action.

The company's emphasis on local AI processing reflects a broader trend emerging across the technology sector. Many firms are exploring ways to move AI workloads closer to users instead of relying entirely on cloud-based infrastructure. Supporters of this approach argue that local processing can improve performance while reducing network delays and operational costs.

The commercial success of AI-powered PCs, however, remains uncertain. Although several manufacturers have promoted AI-enabled devices as the next phase of personal computing, adoption has been uneven. Some vendors have reported positive contributions to sales, while others have indicated that demand has not reached the levels initially anticipated when the category was introduced.

Technology analysts nevertheless view the market as an area with long-term growth potential. Neil Shah, co-founder of Counterpoint Research, said the shift from application-centered computing toward AI-assisted systems could fundamentally change how users interact with their devices. He suggested that personal AI agents operating on local hardware may become increasingly common as the technology matures.

During his presentation, Huang also highlighted Nvidia's Vera central processing unit, which he previously described as providing access to a market opportunity worth approximately $200 billion. Nvidia stated that organizations including OpenAI, Anthropic, and SpaceX are among the early adopters evaluating the technology.

The Computex presentation also featured discussion about the future direction of artificial intelligence across the computing industry. Qualcomm Chief Executive Officer Cristiano Amon, speaking separately ahead of the event, argued that the industry is moving beyond AI systems that simply generate responses to prompts and toward software capable of carrying out tasks independently. He described 2026 as a potential turning point for agent-based AI, adding that existing device architectures were largely designed around actions initiated by users rather than autonomous software systems.

Huang also addressed concerns that advances in artificial intelligence could reduce employment opportunities for software developers. Rejecting that view, he argued that AI tools are increasing productivity and enabling organizations to undertake larger software projects, which in turn could create additional demand for engineering talent.

The announcements come as Nvidia continues to expand its presence across multiple segments of the AI market. After becoming one of the leading suppliers of hardware for AI model training, the company is now seeking a larger role in personal computing, inference processing, and AI applications designed to run directly on consumer devices.

The developments were unveiled in Taiwan, a location Huang described as central to the global AI supply chain. The Nvidia chief, who was born in the southern Taiwanese city of Tainan, has repeatedly emphasized the island's importance to the future development and production of advanced computing technologies.

Read more »
Sugar Mill
Cloud Cyber Security Data Breach Harvesting Internet Sugar Mill

Hackers Attack Sugar Mill, Force Operations and Harvesting Shutdown


Australia’s second-biggest sugar producer, Mackay Sugar, is looking into a cyberattack that impacted parts of its operations and temporarily stopped sugarcane harvesting. 

The incident caused the stoppage of milling activities at two of the firm’s facilities while authorities and experts tried to assess the disruption of the attack.

In a recent statement, Mackay Sugar acknowledged the cyberattacks and disruption impacting few of its operations. 

The immediate priorities are ensuring staff safety, continuing business operations safely, and safeguarding operational systems. “Our immediate focus is the safety of our people, protecting operational systems, and maintaining business continuity,” it said. 

About risk assessment

Mackey Sugar is also working with authorities to inspect the incident and recover impacted systems safety.

The incident directly impacted production operations. Local media reports have hinted that the company was compelled to close down its Racecourse and Farleigh sugar mills, two key facilities based in Queensland’s Mackay area. This caused the growers to stop harvesting sugarcane until notified. 

The impact on production

The group also verified that the Farleigh and Racecourse mills' cane hauling and sugar milling operations had been halted. Shortly after both facilities started their yearly sugarcane crushing season, there was an interruption. 

Although many growers in the area have been impacted by the closure, producers in the Marian district have not been immediately impacted. The district's third mill for Mackay Sugar is not expected to start up until next week, according to a report from Australia's ABC News. 

While recovery efforts continue, the sugar producer said it has put in place temporary measures and interim procedures to support critical business operations and minimize operational impact.

Mitigation processes

According to the company, "interim procedures are in place to support critical business functions and minimize disruption where possible." 

Additionally, the company stressed that throughout the event, it is staying in touch with growers, staff, and business partners. 

"We will continue to provide updates as more information becomes available and are in direct communication with our employees, growers, and key partners," Mackay Sugar stated. 

About recovery

Mackay Sugar acknowledged the anxiety brought on by the disruption and reaffirmed that company takes cybersecurity duties seriously. 

"We take extremely seriously our obligation to safeguard our information, operations, and systems. We will give timely updates as we complete our inquiry, and we apologize for any inconvenience or uncertainty this incident may have caused," the business stated. 

Read more »
User Security
Cyber Fraud Cyberabad Police eSim Scam Sim Swapping User Security

Cyberabad Police Busts eSIM Banking Fraud Gang in Hyderabad

 

Cyberabad police have exposed an inter-state cyber fraud racket that used eSIM manipulation, SIM swapping tactics, and OTP diversion to steal money from bank customers. The case underlines how criminals are mixing telecom fraud with banking deception to bypass normal security checks and move money fast. 

Investigators said the accused impersonated staff from a bank’s premium credit card division and contacted victims under the guise of DoT verification. They persuaded targets to convert eSIMs into physical SIM cards, then sent preloaded mobile devices carrying malicious apps, which helped redirect OTPs and banking alerts to the fraudsters. 

Once the OTPs were diverted, the gang could access bank accounts, authorize transfers, and siphon off funds before the victims understood what had happened. Police said six people were arrested in the case: Selim Mondal, Abdul Alim SK alias Mittu, Saiyad Hasim Reza alias Tippu, Mijanur Rahaman Shaik, Bansidhar, and Mehebub Alam Ansary alias Suraj. The fraud amount was put at Rs 77.75 lakh, and police recovered Rs 15 lakh in cash during searches at the accused persons’ homes. 

The bigger concern is that this type of scam is highly scalable. It does not depend on hacking a bank’s servers; instead, it exploits human trust, weak verification habits, and the phone number as a security key. If a criminal gets control of your SIM or eSIM flow, they may also gain access to banking apps, password resets, and other sensitive services that rely on SMS verification.

Mitigation tips 

To stay safe from this type of eSIM banking fraud, never share OTPs, PINs, card details, or recovery codes with anyone over call, SMS, or WhatsApp, even if the caller claims to be from a bank or telecom company; verify any eSIM or SIM change request only through your operator’s official app, website, or helpline; avoid clicking suspicious links or scanning unknown QR codes.

Additionally, do not insert a SIM into any courier-delivered or unfamiliar device; enable banking alerts, use strong passwords and authenticator apps instead of SMS-based verification where possible; and if your phone suddenly loses signal or you suspect a SIM hijack, immediately contact your mobile provider, freeze transactions with your bank, and report the issue through India’s cybercrime helpline 1930 or the official cybercrime portal.
Read more »
Enterprise Security Risks
CVE CVE vulnerability Cyber Attacks Cybersecurity Threats Data Breaches enterprise cybersecurity Enterprise Security Risks

ShinyHunters Exploits Oracle PeopleSoft Zero-Day to Breach Universities and Enterprise Systems

 

A breach tied to the hacking collective ShinyHunters emerged during a wave of intrusions leveraging an undisclosed weakness in Oracle PeopleSoft platforms. Unauthorized entry occurred because security gaps went unpatched - access followed swiftly after initial compromise. Data theft unfolded across multiple campuses and research-focused entities throughout May into June's first days. Evidence gathered by Google Cloud Mandiant analysts pointed directly toward systemic exploitation prior to any public alert from Oracle. Control over affected servers enabled extraction of confidential information before patches were available. 

One security team links these actions to a hacking cluster known internally as UNC6240. Exploiting a weakness labeled CVE-2026-35273, they triggered unauthorized code on Oracle PeopleSoft systems. This issue sits near the top of risk scales - rated 9.8/10 - given how easily it can be abused. With nothing more than an open HTTP connection, intruders bypass login checks entirely. Access unfolds remotely; no clicks or credentials required by victims. 

Within the PeopleSoft platform, the weakness lies specifically in the Environment Management Hub. Though Oracle officially acknowledged issues in PeopleTools 8.61 and 8.62, earlier versions - no longer supported - could still face risks. Because exploitation began prior to Oracle's public notice, the vulnerability acted like a real zero-day during the entire attack period. Hidden weaknesses emerged when hackers mistakenly left key systems visible on the web. 

A closer look revealed open servers storing malware frameworks, communication hubs, admin utilities masked as legitimate cloud documents, along with automation codes designed to navigate internal corporate environments. Spread through connected devices began once access was gained, followed by bundling sensitive material before sending it toward platforms tied to ShinyHunters’ operations. Mandiant found over 100 groups facing possible system exposure, alerting each to the danger. Higher education made up close to 68% of these cases, primarily within the U.S. 

While certain schools stopped threats in time, several faced verified intrusions alongside leaked information. Among the earliest cases made public stood the University of Nottingham. Reports tracking data leaks indicate the exposed records include around 455,000 distinct email addresses, followed by private details such as full names, residential locations, telephone numbers, passport identifiers, ethnic background, and data tied to disabilities. Confirmation of the event came directly from the institution itself. 

Turning off the Environment Management Hub service is a step Oracle suggests when feasible, while limiting outside connections to vulnerable endpoints. Experts in cybersecurity point out that checking system logs matters, along with hunting down odd-looking files. Uncommon patterns in data leaving the network should catch attention. Applying fixes from Oracle promptly stands as another measure worth taking. 

Surprisingly, ShinyHunters once stuck to phishing, compromised logins, or manipulating people through psychological tricks. Now, though - using a previously unknown flaw in server software suggests their methods have taken a sharper turn. This shift hints at ERP platforms being eyed more closely going forward, even if nothing is certain yet.
Read more »
red hat
Cybersecurity Digital Supply Chain Risk GitHub malware red hat

Red Hat Investigates npm Package Compromise After Malware Found in Official Repository

 



Security researchers have identified malicious code in dozens of packages distributed through Red Hat's official @redhat-cloud-services namespace on npm after attackers gained unauthorized access to the repository.

The incident was first reported by researchers at Aikido Security, who found that software packages published through the trusted Red Hat namespace had been modified to include malware capable of collecting credentials from developer environments. Because the affected namespace is used for legitimate Red Hat cloud-related packages, developers may have installed the compromised versions without suspecting unauthorized changes.

According to researchers, more than 30 package versions were affected. Several remained available for download when the activity was initially disclosed, creating a risk for organizations that automatically pull dependencies into development workflows.

Technical analysis showed that the malicious code was designed to run during package installation. This means exposure could occur as soon as a package is installed, even if the software itself is never executed inside an application.

Researchers found that the malware searched infected systems for authentication data commonly used by developers and cloud administrators. The targeted information reportedly included GitHub Actions secrets, npm access tokens, Kubernetes credentials, Vault secrets, and other cloud-service authentication material that could provide access to source code repositories, deployment environments, and internal infrastructure.

The malware also contained mechanisms intended to expand the compromise beyond the initial victim. If credentials with sufficient privileges were discovered, the malicious code could attempt to publish altered packages through repositories or accounts available to the infected environment. This behavior could allow attackers to use one compromised system as a stepping stone into additional software projects.

Investigators further observed that stolen information was encrypted before being transmitted from infected systems. Reports indicate that the malware included backup methods for data exfiltration, including the ability to use compromised GitHub repositories if its primary communication channel became unavailable.

Researchers noted signs that the incident may have involved CI/CD infrastructure. Continuous Integration and Continuous Delivery systems automate software building, testing, and deployment, making them attractive targets because a compromise can provide access to multiple projects simultaneously. Evidence reviewed by researchers suggested that GitHub Actions OpenID Connect workflows may have been involved in publishing the affected packages.

The exact method used to gain access to the Red Hat namespace remains under investigation. Researchers have not publicly attributed the initial compromise to a specific technique, although they believe unauthorized access to publishing credentials likely played a role.

Security firms examining the incident linked the malware to a variant of "Shai-Hulud," a credential-stealing program that has appeared in recent software supply-chain investigations. Researchers noted that code associated with the malware has circulated publicly, increasing the likelihood that similar attacks could be adopted by multiple threat actors.

Following notification of the issue, Red Hat removed the affected packages and began an internal investigation. In a public statement, the company said the compromised packages were intended for internal development purposes and were not distributed to customers through Red Hat production services. The company also stated that it had not identified evidence of impact to customer environments, partner systems, or production infrastructure at the time of its investigation.

Security experts recommend that any organization or developer who installed affected package versions review their systems immediately. Response measures should include rotating credentials, examining CI/CD environments for unauthorized activity, reviewing repository permissions, and checking software dependencies for indicators associated with the compromise.

The incident illustrates a recurring challenge in modern software development: trust placed in widely used package repositories can become a point of failure when an attacker gains access to a legitimate publishing channel. When that occurs, malicious code can reach downstream users through routine software updates rather than through traditional intrusion methods. 

Read more »
wordpress
Malicious Payload Malicious Payloads malware Malware Steam Profiles wordpress

WordPress Malware Campaign Hides Payloads in Steam Profiles

 

WordPress malware campaign hides payloads in Steam profiles, marking one of the most unconventional cyberattacks in recent security history. Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control data, according to GoDaddy security engineers who uncovered the campaign. This bizarre attack chain demonstrates how threat actors increasingly exploit legitimate platforms to evade traditional detection methods. 

The technical sophistication lies in how the malware uses invisible Unicode characters to encode its payload. The threat actor uses six specific invisible Unicode characters: Zero-width non-joiner (U+200C), Zero-width joiner (U+200D), Function application (U+2061), Invisible times (U+2062), Invisible separator (U+2063), and Invisible plus (U+2064). The decoder ignores visible characters and maps invisible ones to corresponding numbers, then converts them to binary representation to reconstruct bytes. This encoding allows binary data to embed within normal-looking text, with visible characters serving as camouflage while invisible characters carry the actual payload. 

Since the campaign was first uncovered in July 2025, researchers have found malware on approximately 1,980 WordPress websites, though the initial infection vector remains unclear. Attackers likely breached websites through stolen admin logins, compromised FTP/SFTP credentials, vulnerable WordPress themes or plugins, or supply-chain compromises. The first-stage malware uses WordPress page loads to reach specific Steam profiles and extract text from benign-looking comments that sometimes include ASCII art disguised malicious text. The decoded payload builds a hello-mywordl[.]info URL serving JavaScript code injected into every frontend WordPress page. 

GoDaddy describes several evasion mechanisms including obfuscated strings using octal and hex escapes, randomized function names, fake disabled logging code, and standard WordPress APIs that blend with normal activity. The campaign pairs this encoding with a server-side backdoor enabling attackers to remotely rewrite any plugin or theme file using a simple POST request with the right cookie, meaning even removed injected scripts can reinstall. This dual approach makes the malware particularly persistent and difficult to eliminate completely. 

Site owners can defend by checking for Steam Community URL references, suspicious external JavaScript injections, outbound connections from WordPress servers to Steam, and unexpected scripts loading from domains like hello-mywordl[.]info. Other indicators include invisible Unicode characters, suspicious transient_caption cache entries, disabled SSL verification in cURL requests, and POST requests containing malware authentication cookies or the new_code parameter. This attack underscores the importance of monitoring unusual outbound connections and implementing comprehensive security scanning for invisible character anomalies in web content.
Read more »
Technology
AI Akira Convention Center Data Ransomware Technology

Akira Gang Claims Ransomware Attack at Convention Center, Extorts $250 Million


Akira gang extorts $250 million

Akira, the infamous ransomware gang has extorted over $250 million from businesses globally. It is now blackmailing to leak 46 GBs of data allegedly extorted from the Buffalo Convention Center. The stolen data includes financial information, contracts, employee records, and private data linked to around 1,80,000 people.

What do the experts say?

Resilience director at Gate 15, Ben Taylor has warned that ransomware gangs often boast the amount of data stolen. The alleged figure of 1,80,00 impacted people suggests data retrieved via a third-party provider, exaggerated claims to extort victims, or direct breach of venue systems. 

The dark web monitoring firm Breach Sense verified the Buffalo Convention Center data breach. The FBI has classified Akira as a ransomware-as-a-service gang that extorted over $250 million from hundreds of businesses since 2023.

Convention centres have become a lucrative target for hackers

Convention centers, which increasingly act as repository for guest registrations, exhibitor information, payment data, contracts, and operational systems, are facing an escalating cybersecurity issue as a result of the alleged incident.

Ransomware gangs claim that they have gained access to a company in order to obtain leverage for a swift and simple payment. According to Taylor, there are situations in which these assertions are true and some that are not.

Ransomware as double extortion

Additionally, the attack illustrates how contemporary ransomware operations have evolved. "Double extortion" is a common method used by organizations such as Akira. Before encrypting networks, they take confidential files and threaten to reveal the information if payment is not received.

According to Taylor, developments in AI are intensifying the problem by making it simpler to scale and customize phishing campaigns and other cybercrime tactics.

About the victims

Buffalo Convention Center was not the only enterprise to suffer a ransomware attack. 

High-case hospital hacks showcase the operational effect of a ransomware attack. According to MGM Resorts, in 2023, a cyberattack leaked personal data linked to millions of guests and impacted hotel operations for days. Another famous enterprise, Caesars Entertainment was also breached and allegedly paid $15 million in ransom to hackers.

The dangers go beyond convention centers. In April, Carnival Corporation was attacked by a gang that claims to have stolen over 8.7 million records such as dates of birth, names, and other personal data. 

Read more »
Technology
AI In Manufacturing AI Robotics automotive technology Factory Automation Humanoid Robots Industrial Automation Physical AI Smart Manufacturing Technology

BMW advances humanoid robotics in vehicle production, testing AI-powered automation designed to improve efficiency and factory flexibility


 

In response to the increasing efforts of automotive manufacturers to modernize factory processes, BMW is exploring an innovative approach to industrial automation that goes beyond conventional robotics. As part of its Leipzig facility, the company is testing humanoid robots developed by Hexagon Robotics, signaling a shift toward machines designed to work within existing production environments rather than require a separate infrastructure. 

The human-shaped robotic system has differences from traditional robotic arms in that it is able to maneuver factory floors, interact with standard workstations, and perform tasks along with workers. The technology is expected to be deployed by BMW later this summer, as the company anticipates a practical step towards more flexible, scalable, and digitally integrated manufacturing in which humanoids will perform repetitive physical tasks while adapting to production workflows previously designed for humans. 

AEON, the humanoid platform developed by Swiss technology company Hexagon Robotics and specifically designed for industrial environments, is at the core of BMW's latest initiative. Its height is approximately 1.65 meters and its weight is 60 kilograms. Aside from offering human-like mobility, the robot also has practical manufacturing capabilities, such as the ability to handle loads up to 15 kilograms for short-term tasks and 8 kilograms when operated continuously. 

A number of strategic areas within the automotive sector will require new production requirements as a result of vehicle electrification, including high-voltage battery assembly and component manufacturing. Despite the widespread application of advanced robotics in automobile manufacturing since the 1940s, BMW's objective goes beyond traditional automation by incorporating automated welding cells, guided transport systems, and digital quality control technologies. 

In order to improve the safety and efficiency of manufacturing operations, the company is testing AI-enabled humanoid systems that are capable of performing repetitive, physically demanding, and safety-sensitive tasks within existing production environments without the need for significant changes to existing factory layouts. 

Earlier pilot programs at BMW's Spartanburg plant have already provided valuable insights into the project, enhancing the group's strategy to enhance manufacturing efficiency and competitiveness by combining engineering expertise, artificial intelligence, and production digitalization. The BMW Group has established a Center of Competence for Physical AI in Production to accelerate adoption of emerging technologies. 

The validation process includes laboratory testing, integration assessments, and live factory deployments prior to implementing full-scale pilot programs. In collaboration with Hexagon, a longstanding BMW collaborator in sensor technologies and industrial software, this framework is now being applied to the Leipzig rollout, which is currently underway. 

After an initial test deployment in December, as well as expanded evaluations beginning in April, the project has entered its pilot phase. AEON will be evaluated during the summer of Europe in real-life production conditions. A multi-grip mechanism, scanning tool, and wheeled mobility systems have been incorporated into the robot's architecture to enable it to move across factory floors while adapting to a wide range of manufacturing tasks. 

Additionally, the initiative is based upon lessons learned from BMW’s collaboration with Figure AI at Spartanburg Plant, where the Figure 02 humanoid robot was instrumental in producing more than 30,000 BMW X3 vehicles over a ten-month period. Over 90,000 component-handling actions were completed over a period of approximately ten months, and approximately 1,250 operating hours were accumulated, demonstrating the system's ability to perform precision-intensive welding preparation tasks with millimeter-level accuracy over a period of approximately ten-hour shifts daily. 

A key finding of BMW's study was the rapid transition of laboratory-trained motion sequences into stable production processes, demonstrating the maturing nature of physical artificial intelligence. The company is currently evaluating next-generation humanoid platforms, and believes that these deployments are not intended to replace existing automation, but rather to add another layer of intelligence to future vehicle production lines that will expand operational flexibility. 

In addition to testing the hardware itself, BMW is also experimenting with how humanoid robots can acquire industrial skills through their experiments. A combination of teleoperation and advanced simulation technologies has been used to train AEON, which utilizes sensors that capture human motion along with a digital twin of the factory environment powered by NVIDIA software to analyze human motion data.

Through reinforcement learning, the robot repeatedly performs tasks in a virtual production model, which allows it to evaluate thousands of possible actions before it can operate on the factory floor to determine the most efficient execution path. By using teleoperation, robots are able to observe and replicate subtle variations associated with human actions, such as grasping, carrying, and positioning components.

In this way, Hexagon Robotics asserts that emerging techniques such as imitation learning are accelerating the development process considerably, allowing robots to learn from videos and motion-tracking data rather than from lengthy programming and testing procedures alone. During the training process, the objective is to decrease the length of time it takes to train machines to adapt to dynamic manufacturing environments from months to days. 

Experts are predicting that the technology will soon be able to handle routine industrial tasks independently, based on straightforward voice commands, although such capabilities are still being actively developed and are unlikely to be widely deployed anytime soon. A new generation of AEON robots has been designed with practical factory operations in mind. 

Although each unit can operate for approximately three hours on a single charge, the system can self-replace its battery within approximately three minutes, including travel to and from a charging station, ensuring that it is productive throughout extended manufacturing shifts. As part of BMW's battery assembly processes, robots are assigned highly specific responsibilities, including feeding components into manufacturing equipment, performing precision pick-and-place operations, and providing components for assembly. 

Designed as multifunctional platforms, they are expected to maintain consistent task assignments to ensure maximum operational effectiveness. The technology, according to executives at the company, helps manufacturers address anticipated labour shortages in the upcoming years by supporting workers in physically demanding or repetitive roles. 

A number of historical automation trends have been highlighted by BMW, arguing that technology has typically reshaped jobs rather than eradicating them, creating new opportunities and enhancing production capability. As the automotive industry moves in a similar direction, Toyota has evaluated Digit humanoid robots from Agility Robotics, while Xiaomi has tested its own humanoid systems for use in electric vehicles production. 

Through the deployment of Spot inspection robots and the announcement that Atlas humanoid robots will be introduced by Boston Dynamics, Hyundai has expanded its robotics strategy. As a result of BMW's own experience with the Figure 02 robot in Spartanburg, it became increasingly evident that AI-driven robotics can be highly effective for adaptive tasks. 

AI-enabled humanoid systems, as opposed to traditional industrial robots which frequently fail when objects deviate from predefined positions, are capable of interpreting changes in orientation or placement and continuing to operate without interruption. A major advantage of physical AI is its flexibility, which allows robots to be effective in real-world production environments in which variable conditions are inevitable. 

AEON's design philosophy is also important in determining how these machines are integrated into factory operations. In contrast to the walking Figure robot, AEON uses wheels to move, which BMW believes is more suitable for industrial environments in which speed, efficiency, and predictability are paramount over human-like locomotion. Moreover, the company has gained experience using specialized robotic platforms, such as Boston Dynamics' Spot robot, for inspections of areas that cannot be reached by conventional automated systems, such as stairways and basement machinery zones. It is also important to consider the human aspect during the inspection process. 

In BMW's report, employees have expressed satisfaction with the introduction of robotic colleagues, demonstrating a trend observed across industrial automation projects where workers often personalise machines and consider them a component of the operation team. As part of AEON's design, Hexagon has included a visual communication system that indicates whether the robot is currently performing a task or whether it is awaiting instructions, enabling a safer collaboration. 

Analysts in the industry continue to stress the importance of realistic expectations as enthusiasm for humanoid robotics grows. They point out that public demonstrations sometimes give the impression that capabilities are greater than current technical limitations. It is apparent that humanoid robots are becoming increasingly capable industrial tools; however, their near-term value rests largely on their ability to execute targeted manufacturing tasks along with human workers with consistency, adaptability, and precision. 

In an era of AI-driven transformation in automotive production, BMW's humanoid robotics initiative underscores how intelligent machines are evolving from experimental concepts into tangible industrial assets. In addition to focusing on physical AI, adaptive learning, and real-world deployments, the company is moving toward more flexible manufacturing ecosystems that are able to adapt to evolving production demands with greater agility. 

With the increasing integration of these technologies into the digital infrastructure, organizations will need to pay equal attention to operational resilience, system integrity, and AI governance. Whether autonomous industrial systems are to be successful long-term will be dependent not only on their ability to perform complex tasks, but also on safeguards that ensure that they operate safely, reliably, and securely alongside humans.
Read more »
political microtargeting
AI misinformation AI regulation Brazil elections 2026 Cambridge Analytica Cyber Security Deepfakes election transparency political microtargeting

Brazil Strengthens AI Election Rules Amid Growing Concerns Over Democratic Integrity

 

As Brazil gears up for its 2026 presidential election, concerns about the role of Artificial Intelligence in shaping public opinion and influencing democratic processes are becoming increasingly prominent. In response to the growing misuse of AI in political campaigns, Brazil’s Superior Electoral Court has introduced new measures aimed at increasing transparency around manipulated content and curbing the spread of misinformation. 

The decision reflects a broader global concern about the extent to which AI can influence voters and interfere with electoral outcomes. In recent years, the risks associated with AI in politics have become more apparent as deepfakes, digitally altered videos, images, and audio clips have circulated widely across social media platforms. Such content is often designed to mislead voters, damage candidates’ reputations, or influence public perception. 

T One of the most notable examples emerged during the 2024 United States primary elections, when voters received phone calls featuring an AI-generated version of former President Joe Biden’s voice. The recording urged citizens not to vote, demonstrating how synthetic media can be used to manipulate electoral participation and blur the line between authentic and fabricated information. 

T Beyond deepfakes, AI plays a significant role in determining how political content reaches voters. Recommendation algorithms influence what users see on social media, while advanced data-analysis tools enable campaigns to study voter behavior and preferences. This has contributed to the rise of political microtargeting, a strategy that delivers highly personalized political messages to specific audiences based on their interests, opinions, and online activities. 

T Concerns about data-driven political influence are not new. The Cambridge Analytica scandal brought global attention to how personal data could be used to shape political messaging. The company used Facebook user data to create targeted campaign content, sparking international debates about digital privacy, large-scale data collection, and the ethical use of algorithms in politics. The Netflix documentary The Great Hack further explored how personal data evolved into a powerful tool capable of influencing public opinion and electoral decisions. 

T Despite these challenges, AI is not viewed solely as a threat. The technology is increasingly being used to detect misinformation networks, identify fake accounts, and support efforts to remove manipulated content. AI-powered systems can also help journalists, researchers, and fact-checking organizations track the spread of false information in real time, making responses to misinformation faster and more effective. Companies such as Meta and Google have introduced automated tools that can detect synthetic media, identify coordinated disinformation campaigns, and label AI-generated content across their platforms. 

T At the same time, governments worldwide are exploring ways to regulate the use of AI during elections. The European Union has introduced the AI Act, one of the first major legislative frameworks designed specifically to regulate artificial intelligence. Meanwhile, Canada has been discussing measures to improve transparency around AI-generated political content, while the United Nations continues to facilitate global discussions on the risks AI may pose to democratic systems and human rights. 

T As AI technologies continue to evolve, their influence on politics is expected to grow. While experts remain divided on whether AI alone can determine election outcomes, there is broad agreement that these technologies are already shaping public opinion. The challenge for democracies now lies in balancing technological innovation with safeguards that protect electoral integrity and public trust.
Read more »
Messaging Security
AI Phishing Attacks Cyber Attacks Cyber Phishing Cyber Scams Encrypted Chats links Malicious Link Messaging Security

Signal Users Targeted in Sophisticated Phishing Campaigns Aimed at Stealing Chat Backups

 

Recently uncovered cyber threats now focus on people relying on Signal’s encrypted messaging service. Fake notifications, appearing legitimate at first glance, lead recipients to counterfeit pages through deceptive URLs. These attempts aim straight at stored conversation archives linked to user accounts. 

Cyber experts highlight how realistic these fake prompts look, mimicking official alerts almost perfectly. One wrong move could expose personal message history without the owner realizing immediately. Deception unfolds quietly - often beginning with an urgent-looking notice arriving unexpectedly. Trusting such messages opens the door to hidden data theft beneath a surface of authenticity. 

Now showing up more often, the trend reflects how cyberattacks are changing direction. Instead of cracking tough encryption on private chat apps, criminals lean toward tricks that target people's habits. Starting with fake messages that look familiar, these schemes build pressure through time-sensitive demands. Victims then give away passwords or backup codes - without realizing it was never the real service asking. 

Experts say the scam focuses on accounts tied to backups. Messages showing up look real, yet they steer people toward counterfeit sites aiming to grab passwords, restore keys, or similar details. Success means hackers could enter stored backup files online, possibly viewing personal chats once thought secure. Though Signal encrypts messages fully while they move between devices, specialists emphasize that such protection fails when people accidentally hand over private login data. When saved access codes get stolen, chat histories risk exposure even with strong built-in shields. 

Despite robust design, a weak link often lies not in code but human action. Warnings emerge from security experts about rising complexity in phishing efforts. These days, fake emails frequently include convincing logos, web pages built to mimic real ones, along with wording nearly identical to legitimate notices. Personalized versions of such scams now exist, tailored to single users - harder to spot when compared to broad, generic blasts sent without targeting. Caution pays off when messages pop up out of nowhere asking you to confirm your account, bring back old data, or open a web address. 

Before typing in passwords, take a moment - look closely at where you are online; mimicry sites can look real but aren’t. Never hand over access keys or sign-in details, even if someone sounds trustworthy. When extra safeguards exist inside apps like Signal, turning them on simply makes sense. One more time, an attack shows human behavior often matters more than digital safeguards. When hackers trick someone into sharing private data, even strong software fails. 

Because scams grow smarter, staying alert helps block many breaches. Questioning unusual messages first can stop problems later. People stay safer by pausing before reacting to urgent demands.
Read more »
Remote Access Trojan
Android Malware Android Security BTMOB Malware Cybercrime Operations malware Mobile Cybersecurity Mobile Threats Phishing Attacks Remote Access Trojan

Researchers Uncover BTMOB Malware Capable of Taking Over Android Phones


 

In the Android threat landscape, a new malware operation has been rapidly expanding, reducing the barriers to entry for cybercriminals while simultaneously enhancing their offensive capabilities significantly. Security researchers have identified BTMOB, an Android remote access trojan (RAT) derived from the SpySolr malware family, as an emerging malware-as-a-service platform that enables operators to remotely monitor, manipulate, and control compromised devices with minimal technical expertise. 

Malware primarily distributes itself through phishing campaigns and fraudulent applications masquerading as legitimate online services, combining extensive device takeover functionality with a no-code campaign-building framework, which facilitates the customisation of lures, automatic deployment, and targeting of multiple regions using the malware.

BTMOB's evolution reflects a broader shift in the mobile threat landscape, where commercially packaged malware platforms are transforming advanced Android attack capabilities into scalable cybercrime services available to a wider range of threat actors.  As malware's commercialisation model increases, its reach is closely linked. In contrast to being operated by a single threat group, BTMOB serves as a subscription-based cybercrime service with public-facing marketing channels for the purpose of attracting potential customers. 

The malware is marketed through a dedicated surface-web portal that directs buyers to a Telegram-based operator. Additional marketing is conducted via social media accounts on X and Instagram. The commercialisation of the malware provides valuable insight into how its operators have transformed a technical threat into a structured cybercrime service designed for scale. 

Access to the platform has reportedly been advertised for approximately $5,000, along with recurring support fees. Researchers note that the cost remains relatively low compared with the potential returns from successful fraud operations, making the service attractive to a broader range of cybercriminals. Further aggravating the risks is the fact that the malware is circulated outside the commercial ecosystem. 

BTMOB-related files appeared briefly on a dark web forum in January of 2026 as a free download before disappearing, showing how malware distributed through commercial channels can rapidly spread through unauthorised sharing and reselling networks. Consequently, security teams are faced with an increasingly dynamic threat, as new builds and modified payloads emerge more rapidly than traditional detection mechanisms can react. 

Beyond its commercial appeal, BTMOB's effectiveness ultimately depends on its ability to compromise devices at scale through carefully crafted social engineering campaigns. In order to achieve operational success, BTMOB will continue to rely heavily on phishing-driven infection chains designed to maximize the trust of the user base. 

The threat actors often redirect targets to counterfeit websites masquerading as streaming platforms, cryptocurrency services, or other widely recognised online brands in order to divert them to fraudulent application repositories containing malicious Android applications. Additionally, attacks have been observed that are tailored to align with local institutions and government entities, including operations impersonating Argentine tax and public sector agencies as lures. 

Upon sideloading, the malware seeks elevated privileges by exploiting Android's Accessibility Services, giving it the ability to silently grant it additional permissions without the user having to take any further action. The BTMOB establishes communication with attacker-controlled command-and-control infrastructure with these privileges, allowing the operator to remotely manage the compromised device and maintain persistent access in order to monitor, steal credentials, and conduct other malicious activities on the compromised device. A significant challenge for defenders is the commercial framework underpinning BTMOB.

A report by security researchers indicates that the malware's pricing structure includes a lifetime license that costs approximately $5,000 plus recurring support fees, which are relatively modest expenditures when compared to the potential financial gains that could be realized from successful credential theft and fraud. These economic factors have accelerated the malware's adoption across underground communities, expanding its operational reach beyond highly skilled threat actors.

In January 2026, a dark web forum briefly advertised BTMOB-related files as free downloads before going offline. The incident illustrates how commercially distributed malware can quickly spread beyond its intended customer base through resale networks, private exchanges, and closed underground communities. 

It is quite possible that competitors can replicate the successful design elements of the original malware by borrowing campaign management features and payload customisation mechanisms that facilitate large-scale operations even where the original malware is inaccessible. This combination of rapid distribution and continuous modification creates additional challenges for defenders attempting to track the malware's evolution. As a result, defenders face an increasingly fluid threat environment in which payloads, infrastructure, and delivery techniques can change faster than conventional detection strategies can adapt.

ESET currently identifies MSIL/BtmobRat as the primary malware framework, while associated Android variants have been detected under several classifications, including Android/Spy.Agent.EED, Android/Spy.Agent.EIJ, and Android/Spy.Agent.EIK. As a result of its rapid development, the pace of development has already demonstrated its capacity for rapid evolution; a Cyble analysis of February 2025 observed the emergence of approximately fifteen distinct samples of BTMOB v2.5 within a relatively short timeframe. 

Behavioural monitoring and continuous threat intelligence correlation become increasingly critical with such turnover, which complicates traditional signature-based detection efforts. As BTMOB is predominantly driven by social engineering and the installation of unauthorised applications, security experts emphasise the importance of preventive measures. 

As a precautionary measure, organisations should implement policies which limit software installation to trusted application repositories, as well as educate users about the risks associated with unsolicited links received via email, messaging platforms, social media platforms, and online advertisements. In order to ensure the security of mobile devices is as high as that of workstations and servers, dedicated mobile threat defence solutions must be deployed. 

Additionally, researchers warn that one unauthorised application installed on a corporate device may create a pathway to sensitive business information. Employee awareness is a critical component of organisational resilience in the face of cybersecurity threats. It is important to note that, despite BTMOB's rapid mutation, static indicators of compromise remain useful signals for incident response teams conducting threat hunting and compromise assessments despite the rapid mutation of the BTMOB system. 

BTMOB highlights the continued evolution of cybercrime from isolated malware campaigns to commercially supported attack platforms capable of scaling sophisticated Android intrusions. As mobile threats become easier to acquire, customise, and deploy, organisations can no longer treat smartphones as secondary assets within their security programs. Strong application controls, user awareness, and continuous monitoring remain essential for reducing exposure to increasingly adaptable mobile threats.
Read more »
US
AI Cyber Attacks Data Donald Trump MyPillow Play Gang Ransomware US

Play Gang Claims Responsibility for MyPillow Hack, Company CEO Denies the Breach


The US military has always known that threat actors could use location data to spy on troops’ devices. The military also knows the easy solutions for the problem. But the Pentagon implemented none of these security measures. 

Recently, CySecurity reported that threat actors were using digital advertising data to attack US soldiers in war zones. The US law enforcement recently warned about the “anti-tech” extremism because the AI criticism was growing in the country.

Play gang takes responsibility 

The Play ransomware hacking group claimed the data theft behind the US pillow manufacturer called MyPillow. It stole personal and private confidential data from the victim. 

About the target

MyPillow was founded by 2020 Minnesota gubernatorial candidate and 220 election conspiracy theorist Mike Lindell.

The stolen data claim first surfaced on Play’s blog recently, it threatened that it was able to steal an unknown amount of information which may be exposed soon which may leak “"private and personal confidential data, clients and etc. documents, budget, payroll, IDs, taxes, finance information."

The claim, which appeared on Play's dark web leak portal earlier this week, threatens that an undeclared amount of data will be released on Friday, potentially exposing "private and personal confidential data, clients and etc. documents,budget, payroll, IDs, taxes, finance information."

High profile case

Straight Arrow News first reported about the incident. But MyPillow’s high-profile CEO Mike Lindell has denied claims of any ransomware attack which happened at all.

MyPillow was a lucrative victim for the threat actors, as Lindell’s role in pumping the controversial claims that the 2020 US presidential campaign was rigged against the now President Donald Trump.

According to Straight Arrow News, Lindell claimed in a recent interview on his website, Lindell TV, that political attacks during the previous few years cost MyPillow $400 million in damages. 

What next?

Lindell stated that he will submit an application for reimbursement from Trump's $1.8 billion "Anti-Weaponization Fund," which was established as part of Trump's settlement of an Internal Revenue Service lawsuit. 

The settlement, according to critics, offered Trump a slush fund to compensate rioters on January 6 and other individuals who have spread election conspiracy theories.

Whether MyPillow was hacked is not confirmed at the time of writing. The company denies the claim, whereas Play gang takes responsibility.
Read more »
USB C
Android Connectors Ethernet Hardware HDMI SD USB C

Why a USB-C Hub Is Becoming an Essential Accessory for Modern Phones and Laptops

 





The push toward thinner smartphones and lightweight laptops has transformed device design over the last decade. While manufacturers have succeeded in reducing size and weight, the transformation has often come at the cost of connectivity. Many modern devices now rely on a single USB-C port for charging, data transfer, and external accessories, leaving users without many of the ports that were once standard.

As a result, consumers frequently turn to individual adapters whenever they need to connect older hardware. A separate adapter may be required for an external monitor, another for a USB flash drive, and yet another for reading camera memory cards. What begins as a simple attempt to restore missing functionality can quickly turn into a collection of small accessories that must be carried, organized, and replaced when lost.

Technology users who work across multiple locations often encounter this challenge. A forgotten HDMI adapter can prevent a presentation from being displayed on a monitor. Leaving behind a memory card reader can delay the transfer of photos and videos. Even a missing USB adapter may stop a user from connecting a keyboard, mouse, or storage device when it is needed most.

Multi-port USB-C hubs have emerged as one solution to this growing connectivity problem. Instead of requiring separate accessories for different tasks, these devices combine multiple ports into a single unit that connects through a USB-C interface. Depending on the model, a hub may include HDMI output, USB-A ports, SD and microSD card readers, Ethernet connectivity, and pass-through charging support.

The primary advantage is convenience. Rather than managing several individual adapters, users only need to carry one accessory capable of supporting a wide range of devices. For people who frequently travel or work remotely, reducing the number of cables and connectors can simplify setup and minimize the chances of leaving behind a critical component.

Many hubs also allow smartphones to support more advanced desktop-style workflows. Certain Android devices can connect to external displays through HDMI, enabling users to work on a larger screen while simultaneously using a keyboard and mouse. This approach can create a workstation-like environment without requiring a traditional computer for basic productivity tasks.

However, not all USB-C hubs deliver the same level of performance. Buyers should examine specifications carefully before making a purchase. Factors such as transfer speeds, display resolution support, charging capacity, and the total number of available ports can vary considerably between products.

Power management is another important consideration. When multiple accessories are connected simultaneously, a hub may draw power from the host device. For this reason, many manufacturers offer pass-through charging capabilities that allow a charger to supply power to both the hub and the connected phone or laptop. Some models advertise support for charging rates up to 100 watts, although part of that power is consumed internally to operate the hub and connected peripherals.

Despite the industry's migration toward USB-C, many commonly used accessories continue to rely on older USB-A connections. Flash drives, printers, wireless mouse receivers, gaming controllers, and other peripherals still use the legacy standard. A hub can serve as a bridge between newer devices and existing hardware without requiring users to replace all of their accessories.

Memory card support remains particularly useful for photographers, videographers, and drone operators. Integrated SD and microSD slots allow media files to be transferred directly from cameras and storage cards without requiring dedicated readers. Some higher-end hubs can access both card formats simultaneously, reducing the need to repeatedly swap storage media during large file transfers.

Display connectivity is another frequently used feature. Many USB-C hubs provide HDMI output capable of supporting high-resolution external monitors. When paired with compatible devices, this allows users to extend their workspace, view content on larger screens, and improve multitasking capabilities.

Cost considerations may also influence purchasing decisions. While individual adapters often appear inexpensive when purchased separately, the combined cost of HDMI adapters, memory card readers, USB converters, and Ethernet accessories can exceed the price of a single multi-port hub. Consolidating these functions into one device may also reduce the need for repeated replacement purchases caused by misplaced or damaged adapters.

As manufacturers continue to streamline hardware designs and reduce the number of built-in ports, USB-C hubs are increasingly being used to restore connectivity options that many users still depend on. For individuals who regularly connect external displays, storage devices, memory cards, or older peripherals, a multi-port hub can provide a practical way to expand the capabilities of both smartphones and laptops through a single connection.

Read more »
Private Data
Data Breach Data Leak MyPillow Play Ransomware Private Data

MyPillow Private Data Leaked Online After Mike Lindell Denies Hack

 

Mike Lindell, CEO of MyPillow, insists his company was never hacked, but a ransomware group leaked nearly 12,000 internal files online just two days after his public denial. The Play ransomware gang published a 9.8-gigabyte data cache containing sensitive financial, payroll, and personal information from the pillow manufacturer, directly contradicting Lindell’s claim that MyPillow was “the most secure company” in the country. 

The attack began when Play announced on its dark web blog last week that it had stolen data from MyPillow, threatening to publish everything on Friday if ransom demands were not met. In a Wednesday telephone interview with Straight Arrow News, Lindell said he never received any ransom demand and asserted no data was taken, calling the allegations “another hit job by outside sources because I’m running for governor”. He is currently seeking the Republican nomination for Minnesota governor. 

Straight Arrow’s initial analysis of the leaked data revealed nearly 1,000 vendor invoices, including payments to high-profile figures like Trump Media & Technology Group (owner of Truth Social), conspiracy theorist Alex Jones, and Lara Trump. Documents show MyPillow paid Lara Trump $2,156.33 for advertising services in December 2023 and wired $4,023.16 to Jones’ Free Speech Systems the same month for running a company promo. Bank statements, audit files, wire transfers from 2026, and American Express statements for Lindell’s businesses including FrankSpeech (now LindellTV) are also present. 

The data breach exposes severely sensitive personal information, including payroll records with employees’ full names and phone numbers, plus tax forms like 1099s and W-9s containing names, addresses, and Social Security numbers. A folder titled “Aviation” contains private jet expenses and flight logs from 2018 to 2024. The files span from before 2011 through 2026, covering over a decade of internal company operations. 

Lindell claimed his company stores no sensitive data internally and relies on external third parties, but the leaked cache proves otherwise. When Straight Arrow shared photos of the data with Lindell via text, he did not immediately respond. This incident follows MyPillow’s 2019 Magecart credit card hack, raising serious questions about the company’s cybersecurity posture as Lindell campaigns for governor.
Read more »
European Bookseller
AI Advancements AI governance AI technology Cloud Computing Cyber Security Energy sector European Bookseller

Europe Must Balance Water and Energy Demands to Sustain AI Datacenter Growth

 

Europe’s ambitions to expand artificial intelligence and cloud computing infrastructure could be constrained by growing pressure on energy and water resources, according to a new report that calls for stronger policies linking both areas. The study argues that future datacenter growth will depend not only on access to advanced technology but also on how efficiently facilities manage power consumption and water use. 

The report, titled Scale and Secure: Powering Europe’s Digital Sovereignty, was published by Grundfos, a Danish provider of water and energy-efficiency solutions. It highlights how datacenters have evolved into critical infrastructure supporting Europe’s digital economy while also creating challenges related to resource management, environmental sustainability, and technological independence. 

According to the report, datacenters across Europe currently operate with an estimated IT load of around 10 gigawatts. That figure is expected to rise sharply to approximately 35 gigawatts by 2030 as demand for AI services, cloud platforms, and digital applications continues to increase. As a result, datacenters could account for between 7% and 9% of Europe’s total electricity consumption by the end of the decade, up from roughly 3% today. Cooling systems represent one of the largest resource demands within modern datacenters. 

The report estimates that cooling infrastructure accounts for nearly 38% of electricity use in an average facility. Water consumption is also substantial, particularly in hyperscale datacenters, where daily usage can reach between 11,356 and 18,927 cubic meters. Such volumes are comparable to the daily water needs of as many as 155,000 households across the European Union. Researchers warn that rapid datacenter expansion could place increasing strain on local energy grids, water supplies, and municipal infrastructure if growth is not carefully managed. 

Poorly planned developments may also trigger resistance from local communities concerned about environmental impacts and resource availability. To address these challenges, the report recommends integrating water and energy efficiency requirements directly into datacenter governance and planning frameworks. Standardized environmental reporting, improved oversight, and incentives for adopting efficient cooling technologies are among the proposed measures. 

The report also suggests governments introduce tax incentives, grants, and green financing programs to encourage investment in technologies that reduce resource consumption. Another recommendation focuses on improving collaboration between datacenters and district heating networks. Excess heat generated by server facilities could be reused to support local heating systems, although the report notes that regulatory, contractual, and organizational barriers currently limit wider adoption. The findings come as European policymakers increasingly balance digital transformation goals with environmental sustainability commitments. 

As AI adoption accelerates, experts argue that future datacenter expansion must prioritize efficiency and resource conservation to ensure long-term growth without placing excessive pressure on local communities and natural resources.
Read more »
Privacy
Adtech Industry Browser Fingerprinting Commercial Surveillance Data Brokers Digital Tracking Risks Location data Military Cybersecurity National Security Privacy

Digital Tracking Threats Extend Beyond Governments to Everyday Users


 

Technology policy challenges are increasingly being exposed in the debate over digital safety: measures that are intended to address one online risk are often used to raise another set of security and privacy concerns. Critics have warned that the collection of additional personal information could broaden surveillance capabilities and create new targets for abuse as governments push for stricter age-verification requirements and expanded identity checks. 

Separately, a pervasive wave of security threats is emerging at the level of the consumer, where mobile phone theft operations are exploiting weaknesses in the systems for accessing devices and recovering accounts. Whether regulating oversight, privacy, or physical device security is a concern, these developments represent the growing reality of the digital ecosystem. 

Cybersecurity experts, governments, corporations, and cybersecurity professionals are no longer the only ones facing the risks associated with digital tracking and identity information. Increasingly, it is becoming a concern for technology providers, policymakers, and everyday users alike. Digital tracking has become a topic of debate that has moved beyond privacy advocacy into the national security arena. 

Recent disclosures from US lawmakers suggest that the same commercial data ecosystem used for profiling consumers and targeting advertisements may also pose operational risks to military personnel. As reported by Senator Ron Wyden, the US Central Command has been informed that it has received several threat reports regarding the exploitation of commercially available location data in order to monitor or potentially target American personnel deployed in active theaters of operation. 

In spite of the fact that military officials did not identify the responsible actors or particular locations involved, this revelation represents a significant escalation in concern regarding the market for commercial surveillance. Researchers have long warned that location metadata obtained from smartphones, applications, and connected devices can reveal patterns, routes, and recurring gathering points through the collection of location metadata. 

Congress warns that this intelligence can be used to support kinetic threats, including drone strikes, missile attacks, and other forms of battlefield targeting, in addition to surveillance and counterintelligence activities. Increasing scrutiny has been focused on the adtech and data brokerage sectors, where large volumes of geolocation data are routinely collected, aggregated, and resold. Previously considered primarily a consumer privacy issue, this issue is now being examined as a strategic security vulnerability, particularly in light of historical incidents. 

The reports that have been reported that commercially acquired location data was used to track the movements of US Special Operations personnel toward a covert staging facility in Syria demonstrate how seemingly routine smartphone data can reveal sensitive military activities that go beyond their original purpose in revealing sensitive information. There is a fundamental concern among lawmakers and security officials about not only isolated incidents, but also the architecture of the modern data economy itself.

Through GPS, Wi-Fi and cellular network interactions, as well as advertising identifiers embedded throughout countless applications, smartphones continually generate streams of location intelligence. Upon collecting user activity records, brokers often aggregate, package, and resell them to advertisers, analytics firms, and other third parties via a sprawling commercial marketplace. Security specialists have repeatedly warned against the possibility of using such datasets to reconstruct highly sensitive behavior patterns, including visits to military facilities, operational hubs, and transit routes for deployments.

Legislators are calling for stronger safeguards, including disabling advertising identifiers on military-issued devices, limiting the use of data-hungry applications, and reevaluating software ecosystems heavily dependent upon user tracking, in response to these risks. However, lawmakers have renewed criticism of the Defense Department's approach to digital exposure. Increasingly, it is being acknowledged that commercial surveillance infrastructure can inadvertently provide access to intelligence assets that are not intended for the purposes for which they were intended.

In previous years, concerns were raised when publicly available fitness-tracking data revealed military installations and patrol activities. This demonstrated how seemingly benign consumer technologies may reveal operationally important information. Considering the ongoing military activity of the United States in the Middle East as well as the threat posed by hostile state-backed and proxy entities, the strategic value of location intelligence can no longer be ignored. 

While many large technology companies maintain that their advertising and data-handling systems have security controls, pressure is mounting for stronger federal privacy protections as policymakers reassess the national security implications of data collection on a large scale. Ultimately, the Pentagon's acknowledgement underscores a shift in the threat landscapes of modern civilisations, where intelligence gathering no longer relies solely on satellites, reconnaissance assets, or classified operations, but can also be gained from vast commercial networks, which silently track the digital movements of millions of connected devices every day. 

Moreover, the Pentagon's concerns highlight a fundamental weakness in the digital advertising ecosystem: the same infrastructure, designed to deliver personalised marketing, now serves as an effective surveillance network capable of tracking individuals with remarkable accuracy. Military officials have expressed concern that commercially available data, including advertising identifiers, default location-sharing mechanisms, and browser fingerprinting techniques associated with widely used platforms such as Google Chrome, may be accessed by individuals operating in active conflict environments, according to reports cited by Reuters. 

Rather than focusing on the collection of data itself, the issue is the ease with which detailed behavioral intelligence can be acquired through commercial channels with little or no oversight of who purchases the information and for what purposes.

The Pentagon has been criticised for failing to take sufficient actions to educate and protect its service members from these digital exposure risks; however, lawmakers have also highlighted the large amount of sensitive user information that is monetised by the largely unregulated data brokerage market. Officials argue that, without comprehensive federal privacy safeguards, there are limited practical mechanisms for preventing potentially hostile actors from gaining access to data that can reveal operationally valuable insights. This ecosystem presents an array of threats that go beyond national security concerns.

The recent disclosure of an offshore call tracking and analytics company's role in facilitating large-scale fraud operations relating to tech support has highlighted the potential criminal misuse of trusted commercial technology.

A court-ordered investigation revealed that the former CEO and Chief Security Officer knowingly provided telephone numbers and communications infrastructure to scammers impersonating Microsoft representatives in order to assist them in evading law enforcement scrutiny, identifying new fraudulent opportunities, and expanding their operations in the process. In addition, investigators allege that the individuals went beyond providing services by participating in similar scam networks and even operating their own fraudulent call centers. 

A common challenge that confronts the modern digital economy is illustrated by these developments: systems designed to assist advertisers, analytics analysts, and customers can, when inadequately regulated or maliciously abused, become useful tools for surveillance, deception, and exploitation that go far beyond their intended use. 

Digital tracking poses a number of risks that are becoming increasingly difficult to distinguish from everyday life as the boundaries between commercial technology, personal privacy, and national security continue to blur. As illustrated by the examples presented in both military and consumer environments, data collected for convenience, advertising, or analytics can be exposed, misused, or inadequately managed, causing a variety of consequences beyond their original purpose.

In today's world, organisations, policymakers, and individuals alike face greater challenges than simply addressing cyber threats after they have already arisen. However, it is also important to understand how seemingly routine digital practices can result in unintended security exposures long before an attack occurs. In light of the increasing importance of personal and operational data, strengthening data governance, limiting unnecessary collection, and improving transparency throughout the digital ecosystem are essential.
Read more »
technology
Cloud Provider data centres Hardware Nutanix technology

Nutanix CEO Says Cloud Providers Are Gaining an Edge as Hardware Costs Touch Great Heights

 



Large cloud operators may be becoming a more attractive option for organizations seeking new infrastructure, according to Nutanix CEO Rajiv Ramaswami, who argues that hyperscale providers can often secure servers and components faster than traditional enterprise buyers.

Speaking about current market conditions, Ramaswami said cloud providers benefit from purchasing hardware in enormous volumes. Their buying scale allows them to negotiate directly with manufacturers and secure priority access to components such as memory and solid-state drives. As a result, some enterprises evaluating new infrastructure projects are finding that cloud-hosted bare-metal servers can be available sooner, and in certain cases at lower cost, than purchasing and deploying equipment in their own data centers.

The comments come at a time when organizations continue to face elevated hardware expenses. Memory modules and flash storage remain among the most expensive components in modern server deployments, contributing to overall infrastructure costs. According to Ramaswami, these pricing pressures are unlikely to ease in the near term, meaning enterprises may need to factor longer-term budget impacts into future technology investments.

For infrastructure teams, procurement decisions are increasingly shaped by two practical considerations: acquisition cost and deployment timelines. If a cloud provider can supply computing resources immediately while physical server orders require extended delivery periods, organizations may choose cloud deployment even when they have traditionally preferred on-premises environments.

However, Nutanix is observing a different pattern when artificial intelligence projects are involved. While some conventional workloads are moving toward cloud infrastructure, many businesses continue to deploy AI systems inside their own facilities. Ramaswami said predictable operating costs remain one of the primary reasons for this approach.

Many organizations are still attempting to determine whether AI initiatives generate measurable financial returns. While interest in AI remains high across industries, businesses are increasingly scrutinizing infrastructure spending associated with model training, inference workloads, and data processing. Operating AI infrastructure internally can provide greater visibility into hardware utilization and long-term costs.

According to Nutanix, practical AI applications currently dominate enterprise deployments. Document retrieval systems, knowledge search tools, automated summaries, and internal productivity assistants remain among the most common implementations. Ramaswami said Nutanix has recorded approximately a 10 percent improvement in service response times through AI-assisted operations, while software development teams have accelerated feature delivery by roughly 50 percent after incorporating AI-supported workflows.

The discussion also touched on evolving server architectures. Enterprise customers are increasingly evaluating smaller hardware footprints as they seek to reduce power consumption, rack space requirements, and operational expenses. Some organizations are also exploring Arm-based processors, which have attracted attention because of their energy-efficiency characteristics.

Despite growing industry interest in Arm, Nutanix does not currently see sufficient customer demand to justify a full migration of its software platform. Ramaswami noted that many open-source technologies used throughout the Nutanix ecosystem, including Kubernetes and the KVM hypervisor, already support Arm processors, potentially simplifying future development efforts if adoption accelerates.

The CEO's comments coincided with Nutanix's third-quarter fiscal 2026 earnings announcement. During the quarter, the company added 730 new customers and reported continued demand for its virtualization and hybrid-cloud offerings. Ramaswami stated that many of those customers migrated from legacy infrastructure platforms, although he did not identify specific vendors.

Nutanix also reported growing interest in its support for external storage systems. Historically, the company emphasized its own software-defined storage capabilities. More recently, it has expanded support for third-party storage platforms, giving customers additional flexibility when modernizing infrastructure. According to Ramaswami, the strategy contributed to two separate seven-figure agreements involving organizations that retained storage systems supplied by Pure Storage and Dell.

For the quarter, Nutanix reported revenue of $703 million, representing a 10 percent increase compared with the same period last year. Annual recurring revenue reached $2.43 billion, reflecting a 15 percent year-over-year increase and providing another indication of continued enterprise spending on hybrid-cloud and virtualization technologies.

Read more »
Subscribe to: Posts (Atom)