AWS Advances Security Agents, Vector Scale, and Bedrock Models

ChatGPT Outage Causes Global Errors and Missing Chats

🔴 OpenAI's ChatGPT experienced a global outage that produced "something seems to have gone wrong" errors and stalled responses, with some users reporting that entire conversations disappeared and new messages never finished loading. BleepingComputer observed the model continuously loading without delivering replies, while DownDetector recorded over 30,000 reports. OpenAI confirmed elevated errors at 02:40 ET, said it was working on a fix, and by 15:14 ET service had begun returning but remained slow.

Amazon Bedrock Adds 18 Fully Managed Open Models Today

🚀 Amazon Bedrock expanded its model catalog with 18 new fully managed open-weight models, the largest single addition to date. The offering includes Gemma 3, Mistral Large 3, NVIDIA Nemotron Nano 2, OpenAI gpt-oss variants and other vendor models. Through a unified API, developers can evaluate, switch, and adopt these models in production without rewriting applications or changing infrastructure. Models are available in supported AWS Regions.

AWS Security Agent preview: AI-driven development security

🔒 AWS today announced the preview of AWS Security Agent, an AI-powered agent that automates security validation across the application development lifecycle. The service lets security teams define organizational requirements once and then evaluates architecture and code against those standards, offering contextual remediation guidance. For deployments, it performs context-aware penetration testing and logs API activity to CloudTrail; the preview is available in US East (N. Virginia). AWS states customer data and queries are not used to train models.

AWS Debuts DevOps Agent Preview for Operational Excellence

🔧 AWS announced the preview of AWS DevOps Agent, a frontier agent designed to investigate incidents and proactively prevent outages across AWS, multicloud, and hybrid environments. The agent autonomously triages alerts, correlates telemetry, code, and deployment data, and guides teams to faster resolution to reduce MTTR. During preview it is available at no additional cost in US East (N. Virginia).

Amazon Nova Forge: Build Frontier Models with Nova

🚀 Amazon Web Services announced general availability of Nova Forge, a SageMaker AI service that enables organizations to build custom frontier models from Nova checkpoints across pre-, mid-, and post-training phases. Developers can blend proprietary data with Amazon-curated datasets, run Reinforcement Fine Tuning (RFT) with in-environment reward functions, and apply custom safety guardrails via a built-in responsible AI toolkit. Nova Forge includes early access to Nova 2 Pro and Nova 2 Omni and is available today in US East (N. Virginia).

AWS announces Amazon Nova 2 models in Amazon Bedrock

🤖AWS has introduced Amazon Nova 2, a next-generation family of foundation models now available in Amazon Bedrock. The release includes Nova 2 Lite, optimized for fast, cost-effective reasoning for everyday workloads, and Nova 2 Pro (Preview), designed for complex, multistep tasks. Both models support step-by-step reasoning, three thinking intensity levels, built-in tools such as code interpreter and web grounding, remote MCP tool support, and a one-million-token context window. Nova 2 Lite supports supervised fine-tuning on Bedrock and SageMaker; full fine-tuning is available on SageMaker. Nova 2 Pro is available in preview for Amazon Nova Forge customers with global cross-region inference.

AWS AI Factories: Dedicated High-Performance AI Infrastructure

🚀 AWS AI Factories are now available to deploy high-performance AWS AI infrastructure inside customer data centers, combining AWS Trainium, NVIDIA GPUs, low-latency networking, and optimized storage. The service integrates Amazon Bedrock and Amazon SageMaker to provide immediate access to foundation models without separate provider contracts. AWS manages procurement, setup, and operations while customers supply space and power, enabling isolated, sovereign deployments that accelerate AI initiatives.

Amazon SageMaker AI Adds Serverless MLflow Support

🧠 Amazon SageMaker AI now offers a serverless MLflow capability that automatically scales to support experiment tracking and model development without infrastructure setup. The service scales up for demanding workloads and scales down during idle periods, reducing operational overhead. Administrators can enable cross-account access via Resource Access Manager (RAM). The feature integrates with SageMaker AI JumpStart, Model Registry, and Pipelines and is offered at no additional charge in select AWS Regions.

ShadyPanda Browser Extension Campaign Hits 4.3M Users

🛡️ A seven-year browser extension campaign attributed to the actor known as ShadyPanda has infected 4.3 million Chrome and Edge users by operating legitimately for years and then pushing malicious updates. A Koi Security report describes a remote code execution backdoor that affected roughly 300,000 users across five extensions, including Clean Master, and a parallel spyware push via Edge extensions such as WeTab. Malicious updates enabled hourly downloads of arbitrary JavaScript, extensive logging of site visits, exfiltration of encrypted browsing histories, and comprehensive browser fingerprinting.

Ten Years of Microsoft and Red Hat: Open Innovation

🚀 Over the past decade Microsoft and Red Hat have built a strategic partnership centered on open source and enterprise cloud innovation. Together they delivered offerings such as Red Hat Enterprise Linux on Azure and Azure Red Hat OpenShift, combining managed services, integrated support, and Marketplace availability. At Ignite 2025 the collaboration brought GA of OpenShift Virtualization and Confidential Containers, enabling VMs and hardware-isolated containers to run side-by-side for modernization and secure workloads.

AWS Preview: EC2 M8azn Instances with 5GHz AMD CPUs

🚀 Starting today, AWS is previewing new general-purpose high-frequency Amazon EC2 M8azn instances powered by fifth-generation AMD EPYC processors that deliver up to 5 GHz maximum CPU frequency. These instances offer up to 2× the compute performance of M5zn and about 24% higher performance than M8a, and are built on the AWS Nitro System for secure, high-performance cloud delivery. They target workloads such as gaming, HFT, HPC, CI/CD, and simulation modeling; customers can request preview access.

Amazon Announces Nova 2 Sonic for Real‑Time Voice AI

🎙️ Amazon announced Amazon Nova 2 Sonic, a speech-to-speech model for natural, real-time conversational AI available via Amazon Bedrock. The model delivers streaming speech understanding robust to background noise and diverse speaking styles, expressive polyglot voices, turn-taking controllability, asynchronous tool calling, and a one‑million token context window. Developers can integrate Nova 2 Sonic with Amazon Connect, leading telephony providers, open-source frameworks, and Bedrock’s bidirectional streaming API; it’s initially available in select AWS Regions.

Amazon S3 Vectors GA: Scalable, Cost‑Optimized Vector Store

🚀 Amazon S3 Vectors is now generally available, delivering native, purpose-built vector storage and query capabilities in cloud object storage. It supports up to two billion vectors per index, 10,000 indexes per vector bucket, and offers up to 90% lower costs to upload, store, and query vectors. S3 Vectors integrates with Amazon Bedrock, SageMaker Unified Studio, and OpenSearch Service, supports SSE-S3 and optional SSE-KMS encryption with per-index keys, and provides tagging for ABAC and cost allocation.

AWS Lambda Durable Functions for Multi‑Step Workflows

🔁 AWS announced Lambda durable functions, a built-in capability for authoring reliable multi-step applications and AI workflows within the Lambda developer experience. Durable functions automatically checkpoint execution, can suspend runs for up to one year, and recover from failures without requiring additional infrastructure. New primitives like steps and waits let developers pause and resume logic without incurring compute charges, while the service handles state and error recovery so teams can focus on business logic.

Mistral Large 3 Now Available in Microsoft Foundry

🚀 Microsoft has added Mistral Large 3 to Foundry on Azure, offering a high-capability, Apache 2.0–licensed open-weight model optimized for production workloads. The model focuses on reliable instruction following, extended-context comprehension, strong multimodal reasoning, and reduced hallucination for enterprise scenarios. Foundry packages unified governance, observability, and agent-ready tooling, and allows weight export for hybrid or on-prem deployment.

Malicious Chrome and Edge Extensions Threaten Enterprises

🔍 Koi Security revealed a long-running surveillance campaign by an actor it calls 'ShadyPanda' that abused legitimate-seeming Chrome and Edge extensions to harvest browsing data, hijack search results, and deploy a backdoor enabling remote code execution. The group built trust by publishing useful extensions (including Clean Master) and then silently pushed malicious updates that bypassed marketplace re-approval. With an estimated 4.3 million infected browser instances, enterprises should treat browser extensions as high-risk assets and urgently audit and remediate add-ons on corporate and employee devices.

AWS Security Hub Adds Near Real-Time Risk Analytics

🔒 AWS announces general availability of AWS Security Hub, adding near real-time risk analytics, advanced trends, unified enablement, and streamlined pricing across AWS security services. Security Hub correlates and enriches signals from Amazon GuardDuty, Amazon Inspector, and AWS Security Hub CSPM to surface and prioritize active risks. Centralized deployment across AWS Organizations, attack-path visualization, and automated workflows reduce manual correlation and speed remediation at scale.

Amazon EC2 Trn3 UltraServers for Faster AI Training

🚀 AWS announced general availability of Amazon EC2 Trn3 UltraServers, powered by the new 3nm Trainium3 AI chip designed to deliver improved token economics for agentic, reasoning, and video-generation workloads. Each Trainium3 chip provides 2.52 PFLOPs (FP8), 144 GB of HBM3e, and 4.9 TB/s memory bandwidth, and servers can scale to 144 chips or to hundreds of thousands via EC2 UltraClusters. The platform includes the AWS Neuron SDK with native PyTorch integration so developers can train and deploy without changing model code, while performance engineers gain deeper access to tune kernels and optimize at scale.

Amazon Nova Act: Automate Production UI Workflows at Scale

🚀 AWS announced general availability of Amazon Nova Act, a service for building and managing fleets of reliable agents that automate production UI workflows. Powered by a custom Nova 2 Lite model, Nova Act can complete repetitive browser tasks, call APIs or tools, and escalate to human supervisors when needed. Developers can combine natural language with deterministic Python, prototype in the online playground, refine scripts with the Nova Act IDE extension, and deploy to AWS quickly. Nova Act is available today in US East (N. Virginia).

Amazon OpenSearch: GPU-Accelerated Auto-Optimized Vectors

🚀Amazon OpenSearch Service now offers GPU-accelerated, auto-optimized vector indexes that let teams build billion-scale vector databases in under an hour. Serverless GPU acceleration can speed index builds up to 10X while reducing indexing cost to roughly a quarter of previous expenses. Auto-optimize jobs evaluate k-NN algorithms, quantization, and engine settings against specified latency and recall targets to produce configuration recommendations without manual tuning. These capabilities support vector collections and OpenSearch 2.17+/3.1+ domains across multiple regions.

Amazon Bedrock AgentCore Adds Policy and Evaluations

🛡️ Amazon Web Services' AgentCore introduces preview features — Policy and Evaluations — to help teams scale agents from prototypes into production. Policy intercepts real-time tool calls via AgentCore Gateway and converts natural-language rules into Cedar for auditability and compliance without custom code. Evaluations offers 13 built-in evaluators plus custom model-based scoring, with all quality metrics surfaced in an Amazon CloudWatch dashboard to simplify continuous testing and monitoring.

The AI Fix #79 — Gemini 3, poetry jailbreaks, robot safety

🎧 In episode 79 of The AI Fix, hosts Graham Cluley and Mark Stockley examine the latest surprises from Gemini 3, including boastful comparisons, hallucinations about the year, and reactions from industry players. They also discuss an arXiv paper proposing adversarial poetry as a universal jailbreak for LLMs and the ensuing debate over its provenance. Additional segments cover robot-versus-appliance antics, a controversial AI teddy pulled from sale after disturbing interactions with children, and whether humans need safer robots — or stricter oversight.

Mistral Large 3 and Ministral 3 Now on Amazon Bedrock

🚀 Amazon Bedrock now offers Mistral Large 3 and the Ministral 3 family alongside additional Mistral AI checkpoints, giving customers early access to open-weight multimodal models. Mistral Large 3 employs a granular Mixture-of-Experts architecture with 41B active and 675B total parameters and supports a 256K context window for long-form comprehension and agentic workflows. The Ministral 3 series (14B, 8B, 3B) plus Voxtral and Magistral small models let developers choose scales optimized for production assistants, RAG systems, single-GPU edge deployment, or low-resource environments.

AWS Support transforms support with AI-driven plans

🤖 AWS Support has restructured its support portfolio into three AI-driven plans: Business Support+, Enterprise Support, and Unified Operations. Each tier layers faster response times, proactive guidance, and AI-assisted operations while combining generative AI with AWS engineering expertise. Highlights include 24/7 contextual AI assistance, designated TAMs, integrated security incident response, and the preview AWS DevOps Agent for one-click context sharing and proactive incident prevention. These plans are available in all commercial AWS Regions.

Amazon Nova 2 Omni: Multimodal Reasoning Model Preview

🚀 Amazon announced Nova 2 Omni, an all‑in‑one multimodal model in preview that accepts text, images, video, and speech inputs while producing text and image outputs. It offers a 1M token context window, supports 200+ languages for text and 10 for speech, and provides image generation/editing and multi‑speaker speech transcription with native reasoning. Early access is available to Nova Forge and authorized customers.

AWS Announces Memory-Optimized EC2 X8aedz Instances

🚀 AWS has introduced Amazon EC2 X8aedz, a new memory-optimized instance family powered by 5th Gen AMD EPYC processors (Turin) that deliver up to 5 GHz maximum CPU frequency. X8aedz claims up to 2x higher compute performance and ~31% improved price-performance versus the prior X2iezn generation, combining high single-thread speed with a 32:1 memory-to-vCPU ratio and local NVMe storage. Instances come in eight sizes (2–96 vCPUs, 64–3,072 GiB), include two bare-metal variants, and offer up to 8 TB of local NVMe SSD. They are available now in US West (Oregon) and Asia Pacific (Tokyo) and can be purchased via On-Demand, Spot, or Savings Plans.

AWS launches Apache Spark Upgrade Agent for Amazon EMR

🛠️ AWS announced the Apache Spark upgrade agent, a capability that automates and accelerates Spark version upgrades for Amazon EMR on EC2 and EMR Serverless. The agent performs automated code analysis across PySpark and Scala, identifies API and behavioral changes for Spark 2.4→3.5, and suggests precise code transformations. Engineers can invoke the agent from SageMaker Unified Studio, the Kiro CLI, or any MCP-compatible IDE, interact via natural-language prompts, review proposed edits, and approve implementations. Functional correctness is validated through data quality checks to help maintain processing accuracy during migration.

Amazon EC2 X8i memory-optimized instances (Preview)

🚀 Amazon Web Services today announced a preview of Amazon EC2 X8i, a next-generation memory-optimized instance family built on custom Intel Xeon 6 processors. X8i offers up to 6 TB of memory—1.5× the capacity of X2i—and up to 3.4× the memory bandwidth of the previous generation. AWS reports 35% higher overall performance compared with X2i, and X8i is SAP-certified with a 46% SAPS increase for mission-critical SAP deployments. The instances target in-memory databases, large-scale databases, analytics, and EDA workloads; customers can request preview access to evaluate performance and fit.

Amazon EC2 P6e-GB300 UltraServers Now Generally Available

🚀 AWS has announced general availability of Amazon EC2 P6e-GB300 UltraServers powered by the NVIDIA GB300 NVL72. The new UltraServers deliver 1.5× GPU memory and 1.5× FP4 compute (without sparsity) compared with P6e-GB200, enabling higher-context inference and improved throughput for large models. Ideal for reasoning, Agentic AI, and production inference; contact your AWS sales representative to get started.

AWS announces compute-optimized Amazon EC2 C8a instances

🚀 Amazon Web Services announced the general availability of Amazon EC2 C8a instances powered by 5th Gen AMD EPYC (Turin) processors with up to 4.5 GHz frequency. AWS says C8a delivers up to 30% higher performance, up to 19% better price-performance versus C7a, 33% more memory bandwidth, and up to 57% faster GroovyJVM performance for Java workloads. The family includes 12 sizes, two bare-metal options, and is built on the AWS Nitro System for high-performance compute use cases such as HPC, batch processing, ad serving, multiplayer gaming, and video encoding. C8a instances are initially available in US East (N. Virginia), US East (Ohio), and US West (Oregon) and can be purchased via Savings Plans, On-Demand, or Spot.

AWS GuardDuty extends threat detection for EC2 and ECS

🔍 AWS announced an update to GuardDuty Extended Threat Detection that adds multistage attack detection for Amazon EC2 instances and Amazon ECS clusters running on Fargate or EC2. The release introduces two critical findings — AttackSequence:EC2/CompromisedInstanceGroup and AttackSequence:ECS/CompromisedCluster — that group related events into a single, high-priority alert. Findings include a summary, event timeline, MITRE ATT&CK mappings, and remediation guidance to speed response. Runtime Monitoring must be enabled for full coverage, and customers can try the feature free for 30 days.

Amazon EC2 M4 Max Mac instances (Preview) for Apple builds

🚀 Amazon Web Services is previewing Amazon EC2 M4 Max Mac instances, powered by the latest Mac Studio hardware to accelerate demanding Apple build and test workflows. These next-generation Mac instances target developers building for iOS, macOS, iPadOS, tvOS, watchOS, visionOS, and Safari. M4 Max offers a 16-core CPU, 40-core GPU, 16-core Neural Engine, and 128 GB unified memory, plus Nitro-based networking and EBS bandwidth to support large-scale CI/CD and testing.

Amazon CloudWatch Unified Data Management and Analytics

🔎 Amazon CloudWatch now provides unified data management and analytics to consolidate operational, security, and compliance data across AWS and third-party sources. The launch enables organization-wide ingestion from AWS sources such as AWS CloudTrail, Amazon VPC, and Amazon WAF, plus managed collectors for CrowdStrike, Okta, and Palo Alto Networks. Customers can use pipelines to transform and enrich logs to standard formats like OCSF and define facets for faster insights. Data can be stored in managed Amazon S3 Tables at no additional storage charge and queried natively or with any Apache Iceberg-compatible analytics tool.

CloudWatch AgentCore Evaluations: Automated AI Agent Quality

🧭 Amazon CloudWatch now offers AgentCore Evaluations, an automated capability for assessing AI agent quality using real-world interactions. The feature includes 13 pre-built evaluators that measure dimensions such as helpfulness, tool selection, and response accuracy, and it also supports custom model-based scoring. Teams can access unified quality metrics, agent telemetry, and end-to-end traces in CloudWatch dashboards to correlate evaluations with prompts, logs, and traces for faster diagnosis and improvement.

Amazon API Gateway Adds MCP Proxy for Agent Integration

🤖 Amazon API Gateway now supports the Model Context Protocol (MCP) via a proxy, enabling organizations to expose existing REST APIs to AI agents and MCP clients without modifying their applications. Integrated with Amazon Bedrock AgentCore's Gateway, the feature performs protocol translation, indexes APIs for semantic tool discovery, and eliminates the need to host additional intermediary infrastructure. It also enforces dual authentication to verify agent identities for inbound requests while managing secure outbound connections to REST endpoints. The capability is available in nine AWS Regions and follows Amazon Bedrock AgentCore pricing.

S3 Tables Gain Intelligent-Tiering Storage Class Now

🗃️ Amazon S3 Tables now support the Intelligent-Tiering storage class to automatically optimize table storage costs based on access patterns, without impacting performance or adding operational overhead. Data not accessed for 30 days moves to the Infrequent Access tier (≈40% lower cost), and after 90 days moves to Archive Instant Access (≈68% lower cost), enabling up to 80% storage savings. Automated table maintenance (compaction, snapshot expiration, unreferenced file removal) does not trigger tiering, and you can select Intelligent-Tiering per table or set it as the default for new tables in a table bucket across all regions where S3 Tables are available.

AWS launches EC2 X8aedz memory-optimized instances

🚀 AWS announced the new Amazon EC2 X8aedz memory-optimized instances powered by 5th Gen AMD EPYC processors (Turin), offering up to 5 GHz peak CPU frequency and up to 2× compute performance versus X2iezn. Targeted at electronic design automation (EDA) workloads and relational databases that benefit from high single-thread performance and large memory footprints, X8aedz provides a 32:1 memory-to-vCPU ratio, local NVMe storage up to 8 TB, and sizes from 2 to 96 vCPUs including two bare-metal options. Instances are available in US West (Oregon) and Asia Pacific (Tokyo) and can be purchased via On‑Demand, Spot, or Savings Plans.

CrowdStrike Leverages NVIDIA Nemotron on Amazon Bedrock

🔐 CrowdStrike integrates NVIDIA Nemotron via Amazon Bedrock to advance agentic security across the Falcon platform, enabling defenders to reason and act autonomously at scale. Falcon Fusion SOAR leverages Nemotron for adaptive, context-aware playbooks that prioritize alerts, understand relationships, and execute complex responses. Charlotte AI AgentWorks uses Bedrock-delivered models to create task-specific agents with real-time environmental awareness. The serverless Bedrock architecture reduces infrastructure overhead while preserving governance and analyst controls.

Unit 42 and AWS Launch No-Cost Incident Response Retainer

🔒 Palo Alto Networks Unit 42 and Amazon Web Services have expanded their partnership to offer a no-cost Unit 42 Incident Response Retainer in AWS Marketplace for qualified customers. The retainer provides 250 hours of initial incident response, a 2-hour response SLA and 24/7/365 access to Unit 42’s incident response team. The offering is designed to accelerate containment, enable holistic investigations across cloud and enterprise environments, and reduce procurement overhead while providing preferred pricing for proactive services.

Google patches 107 Android zero-days and critical flaws

🔒 In its December Android Security Bulletin, Google disclosed 107 zero-day vulnerabilities affecting Android and AOSP-based systems, publishing fixes for 51 issues on December 1 and promising the remaining 56 on December 5. Among the patched flaws, two high-severity framework bugs (CVE-2025-48633 and CVE-2025-48572) may be under limited targeted exploitation and affect Android 13–16. The bulletin also lists a critical framework vulnerability (CVE-2025-48631) that can cause a remote denial-of-service without additional privileges. Patches for kernel and third-party components from vendors such as Arm, MediaTek, Qualcomm and others will follow.

Bedrock AgentCore Runtime Adds Bi-Directional Streaming

🔁 Amazon Bedrock AgentCore Runtime now supports bi-directional streaming, enabling real-time, continuous conversations where agents listen and respond simultaneously and handle interruptions or context shifts mid-turn. This removes stop-start friction in voice and text agents and preserves context across exchanges. Built into AgentCore Runtime, the capability reduces months of engineering work required to implement streaming infrastructure, letting developers focus on agent experiences rather than plumbing. Available in nine AWS Regions with consumption-based pricing.

Amazon S3 Tables: Automatic Cross-Region Iceberg Replication

🔁 Amazon S3 Tables now support automatic replication of Apache Iceberg tables across AWS Regions and accounts, duplicating full table structure, snapshots, and metadata to destination buckets. The feature creates read-only replica tables, backfills them to the source's latest state, and continuously monitors for updates while allowing independent snapshot retention and encryption settings per replica. Replicas are queryable with Amazon SageMaker Unified Studio or any Iceberg-compatible engine such as Amazon Athena, Amazon Redshift, Apache Spark, and DuckDB. This capability is available in all Regions where S3 Tables are supported.

Iskra iHUB/iHUB Lite: Unauthenticated Web Interface Alert

🔒 CISA reports a high‑severity Missing Authentication for Critical Function vulnerability (CVE-2025-13510) affecting all versions of Iskra’s iHUB and iHUB Lite smart metering gateways, where the web management interface requires no credentials. With a CVSS v4 base score of 9.3, an unauthenticated remote attacker could reconfigure devices, update firmware, and manipulate connected systems. Iskra did not respond to coordination requests; CISA recommends isolating devices from the Internet, placing them behind firewalls, and using secure remote access methods such as VPNs while recognizing their limitations.

Code Injection Vulnerability in Longwatch Device Firmware

⚠️ Industrial Video & Control Longwatch versions 6.309–6.334 contain a code injection vulnerability that allows unauthenticated HTTP GET requests to execute arbitrary code, resulting in SYSTEM-level remote code execution. CISA assigns high severity (CVSS v4 9.3; CVSS v3.1 9.8) and recommends upgrading to version 6.335 or later. Reduce network exposure, isolate control networks behind firewalls, and use secure remote access methods while applying the vendor patch.

Google Issues December Patch for 107 Android Flaws

🔒 Google released its December 2025 Android security update addressing 107 vulnerabilities across Framework, System, Kernel and components from Arm, Imagination Technologies, MediaTek, Qualcomm, and Unison. Two high-severity Framework defects — CVE-2025-48633 (information disclosure) and CVE-2025-48572 (privilege elevation) — are reported as exploited in the wild. A separate critical Framework issue, CVE-2025-48631, could enable remote DoS without added privileges. Google published two patch levels, 2025-12-01 and 2025-12-05, and users should update promptly when vendors release device-specific builds.

Shai-Hulud 2.0 NPM malware exposed 400,000 developer secrets

🔒 Wiz researchers say the second Shai-Hulud NPM malware wave infected hundreds of packages and exposed roughly 400,000 raw secrets across some 30,000 GitHub repositories. Although TruffleHog verified about 10,000 secrets, Wiz found over 60% of leaked NPM tokens still valid as of Dec 1, leaving active credentials at risk. The payload propagated via the preinstall event (node setup_bun.js), affected over 800 package versions, and included a conditional destructive home-directory wipe. A small number of packages — notably @postman/tunnel-agent@0.6.7 and @asyncapi/specs@6.8.3 — represented the bulk of infections, indicating targeted mitigation could have sharply reduced impact.

Critical PickleScan Zero-Days Threaten AI Model Supply

🔒 Three critical zero-day vulnerabilities in PickleScan, a widely used scanner for Python pickle files and PyTorch models, could enable attackers to bypass model-scanning safeguards and distribute malicious machine learning models undetected. The JFrog Security Research Team published an advisory on 2 December after confirming all three flaws carry a CVSS score of 9.3. JFrog has advised upgrading to PickleScan 0.0.31, adopting layered defenses, and shifting to safer formats such as safetensors.

GlassWorm Returns: 24 Malicious Extensions Target Developers

🔍 The GlassWorm supply-chain campaign has resurfaced with 24 malicious extensions distributed across the Microsoft Visual Studio Marketplace and Open VSX, impersonating popular developer tools such as Flutter, React and Tailwind. Researchers say attackers inflated download counts and slipped malicious updates after initial approval to evade filters. Analysis found Rust-based implants that load platform-specific libraries (os.node and darwin.node) to fetch Solana-based C2 details and download encrypted JavaScript payloads, while a Google Calendar fallback is also used. Developers and repository maintainers are urged to audit installed extensions and review update histories.

Google fixes two Android zero-days, 107 vulnerabilities

🔒 Google released its December 2025 Android security bulletin addressing 107 vulnerabilities, including two zero-days (CVE-2025-48633 and CVE-2025-48572) that are reported to be under limited targeted exploitation. The flaws affect Android 13–16 and include information-disclosure and privilege‑escalation issues; the most critical fix this month is CVE-2025-48631 (DoS). Updates also include critical kernel fixes for Qualcomm and closed‑source vendors, and Samsung has ported fixes. Users should apply updates, keep Play Protect active, or move to supported builds.

University of Pennsylvania Confirms Oracle EBS Data Theft

🔒 The University of Pennsylvania disclosed that attackers exploited a previously unknown Oracle E-Business Suite zero-day in August to obtain files containing personal information. In a notification filed with Maine's Attorney General, Penn said at least 1,488 individuals had data taken and warned the overall total may be larger. The university reported no evidence so far that the stolen information has been misused or published and has not publicly attributed the intrusion; the incident aligns with a broader campaign linked to the Clop ransomware group.

MuddyWater targets Israel with new Fooder and MuddyViper

🛡️ ESET researchers identified a MuddyWater campaign running from 30 September 2024 to 18 March 2025 that primarily targeted organizations in Israel and one confirmed technology victim in Egypt. Operators deployed newly observed custom tools — a reflective loader called Fooder and a C/C++ backdoor named MuddyViper — and abused RMM installers and reverse tunnels. The malware uses Windows CNG for AES-CBC encryption and communicates over HTTPS; operators deliberately minimized hands-on-keyboard activity to hinder detection.

Korea Arrests Suspects Selling Footage from Hacked Cameras

🚨The Korean National Police arrested four suspects accused of hacking over 120,000 IP cameras in homes and businesses and selling stolen intimate footage on an overseas illegal adult website. Authorities say the suspects uploaded large volumes of voyeuristic content, identified dozens of victims, and have already arrested some buyers. Police are working with foreign investigators to locate site operators, notify victims, and pursue takedown and remedial actions. Victims were urged to reset passwords, disable unneeded remote access, and apply firmware updates to prevent further compromise.

FTC Settlement Requires Illuminate to Delete Student Data

⚖️ The FTC has proposed a settlement requiring Illuminate Education to delete unnecessary student data and strengthen its security program after a 2021 breach that exposed information for about 10.1 million students. The agency alleges failures including lack of access controls, storing data in plain text, weak patching, and misrepresenting encryption in contracts. The proposed order mandates data minimization, a public retention schedule, prompt breach reporting to the FTC, and will be open for 30 days of public comment; violations could trigger civil penalties.

ChatGPT Experiences Worldwide Outage; Conversations Lost

⚠️OpenAI's ChatGPT experienced a global outage that caused errors and disappearing conversations for many users. Many reported seeing messages such as "something seems to have gone wrong" and "There was an error generating a response," while some conversations vanished and new messages kept loading indefinitely. DownDetector recorded over 30,000 reports, and OpenAI acknowledged elevated errors and said engineers were working on a fix. Service began returning as of 15:14 ET, though performance remained slow.

Asahi Ransomware Attack Leads to Massive Data Breach

🔒 Asahi Group Holdings confirmed that a ransomware attack on 29 September, attributed to the Qilin group, resulted in a major data breach affecting over 1.5 million customers and roughly 275,000 employees and family members. The incident disrupted ordering, shipping and production systems across Japan and caused widespread product shortages. Asahi says it did not pay a ransom, has found no evidence the data has been posted publicly, and is strengthening its cybersecurity while notifying those impacted.

Rigged DeckMate 2 Shufflers Used to Cheat High-Stakes Poker

🃏 Security researchers demonstrated at Black Hat 2023 that the popular DeckMate 2 automated shuffler can be compromised to reveal card order, exploiting an exposed USB port, hard-coded credentials, and an internal camera. The device’s firmware hash check was bypassed in the proof-of-concept, allowing attackers to transmit card sequences to accomplices. Two years later, DOJ indictments show criminals used pre-hacked units, invisible card markings, and remote signaling to defraud players of millions.

Fortinet and AWS at re:Invent: Expanding Cloud Security

🔒 Fortinet announced expanded integrations with AWS at re:Invent, including Fortinet Managed IPS Rules for AWS Network Firewall, FortiSASE on AWS Marketplace, and participation in the AWS European Sovereign Cloud. These offerings combine AI-driven FortiGuard threat intelligence, simplified procurement and Euro-denominated options for EU customers. The goal is to reduce operational burden, accelerate compliance with standards like PCI-DSS and HIPAA, and enable rapid deployment and scaling across hybrid and multi-cloud environments.

Researchers Expose Lazarus APT Remote-Worker Scheme Live

🔍 A joint investigation by Mauro Eldritch (BCA LTD), NorthScan, and ANY.RUN captured operators from North Korea's Lazarus Group Famous Chollima working through a network of remote IT contractors. Analysts used long-running sandbox VMs that mimicked real developer laptops to observe live activity without alerting the intruders, recording credential collection, AI-assisted interview tooling, OTP handling, and persistent access via Google Remote Desktop. The study found identity and workstation takeover — not traditional malware — as the primary intrusion method, underscoring significant risks in remote hiring and contractor vetting.

Iran-linked MuddyWater Deploys MuddyViper Against Israel

🔒 ESET reports Iranian-aligned MuddyWater has deployed a previously undocumented backdoor named MuddyViper against Israeli organizations across academia, engineering, local government, manufacturing, technology, transportation, and utilities, as well as one Egyptian technology company. The intrusions began with spear-phishing PDFs and exploitation of VPN and remote-access vulnerabilities to deliver loaders called Fooder, which decrypt and execute the C/C++ backdoor or drop tunneling proxies and browser-data collectors. MuddyViper implements about 20 commands for reconnaissance, file transfer, command execution, and exfiltration of Windows credentials and browser data; several Fooder variants masquerade as the Snake game and use delayed execution to evade detection.

Mirion Medical EC2 NMIS BioDose: High-Risk Vulnerabilities

⚠️ Mirion Medical's EC2 Software NMIS BioDose versions prior to 23.0 contain multiple high-severity vulnerabilities (CVSS v4: 8.7) that are remotely exploitable and can enable code execution, data disclosure, and unauthorized access. The issues include incorrect permission assignment, client-side authentication, and hard-coded credentials affecting installed executables, the embedded SQL Server, and database accounts. Mirion recommends updating to v23.0 or later; CISA advises isolating control networks, minimizing exposure, and using secure remote access while performing impact analysis.

North Korea Recruits Engineers to Rent Identities for Fraud

🔍 Security researchers revealed a North Korean scheme in which Lazarus-linked Famous Chollima recruits developers to rent their identities and act as frontmen for remote jobs to enable espionage and illicit fundraising. The actors spam GitHub and other platforms, use AI-assisted tools and deepfake techniques, and request identity data and remote-access to engineers' machines. Analysts deployed a sandboxed ANY.RUN honeypot and observed use of AnyDesk, Astrill VPN, OTP extensions, and AI interview assistants to conceal origin and streamline infiltration.

Fake Calendly Invites Spoof Brands to Hijack Ad Accounts

📅 A targeted phishing campaign uses fake Calendly meeting invitations impersonating recruiters from major brands to harvest Google Workspace and Facebook Business credentials. The lures are professionally crafted—likely produced with AI—and direct victims through a CAPTCHA to an AiTM credential‑harvesting flow capable of bypassing some 2FA protections. Compromised ad manager accounts are then leveraged for malvertising, geo‑targeted attacks, device‑specific campaigns, or resale on illicit markets.

CISA Adds Two Android Vulnerabilities to KEV Catalog

⚠️ CISA added two Android Framework vulnerabilities to the KEV Catalog: CVE-2025-48572 (privilege escalation) and CVE-2025-48633 (information disclosure). Both issues show evidence of active exploitation and pose significant risk to the federal enterprise. Under BOD 22-01, FCEB agencies must remediate cataloged vulnerabilities by their due dates; CISA strongly urges all organizations to prioritize timely patching and other mitigations.

Malicious npm Package Tries to Manipulate AI Scanners

⚠️ Security researchers disclosed that an npm package, eslint-plugin-unicorn-ts-2, embeds a deceptive prompt aimed at biasing AI-driven security scanners and also contains a post-install hook that exfiltrates environment variables. Uploaded in February 2024 by user "hamburgerisland", the trojanized library has been downloaded 18,988 times and remains available; the exfiltration was introduced in v1.1.3 and persists in v1.2.1. Analysts warn this blends familiar supply-chain abuse with deliberate attempts to evade LLM-based analysis.

Amazon S3 Raises Maximum Object Size to 50 TB Globally

📦 Amazon S3 now supports individual objects up to 50 TB, a 10× increase over the previous 5 TB limit. The change applies across all S3 storage classes and AWS Regions, enabling single-file storage of very large assets such as high-resolution video, seismic datasets, and AI training corpora. Use the AWS Common Runtime (CRT) and S3 Transfer Manager in the AWS SDK to optimize uploads and downloads; standard S3 features like S3 Lifecycle and S3 Replication continue to operate on these large objects.

Amazon EMR Serverless Removes Local Storage Provisioning

🚀 Amazon EMR Serverless now provides fully managed serverless local storage for Apache Spark workloads, removing the need to provision disk type or size per application. The service offloads intermediate operations such as shuffle to an auto-scaling, encrypted serverless storage with job-level isolation, so customers pay only for compute and memory consumed. This reduces disk-related job failures and can lower costs by up to 20%. It is generally available for EMR release 7.12 and later.

Amazon RDS for Oracle and SQL Server: 256 TiB Storage

🔔Amazon Relational Database Service (Amazon RDS) for Oracle and SQL Server now supports up to 256 TiB of storage per database instance — a fourfold increase in per-instance capacity. Customers can attach up to three additional 64 TiB storage volumes alongside the primary volume and add, scale, or remove those volumes without application downtime. Administrators can mix high-performance Provisioned IOPS SSD (io2) volumes with cost-optimized gp3 volumes to balance performance and cost. Additional storage volumes can be created or managed via the AWS Management Console, AWS CLI, or SDKs and are available in all commercial and AWS GovCloud (US) Regions.

S3 Storage Lens: performance metrics and prefix analytics

📊 S3 Storage Lens now provides three new capabilities: application performance metrics, expanded prefix analytics across billions of prefixes, and direct export of metrics to managed S3 Tables. The performance metrics include access pattern, request origin, and object access count metrics to surface inefficient requests, cross‑Region access, and hot object reads. Enable these features in your advanced dashboard to make metrics queryable via AWS analytics services.

Amazon FSx for NetApp ONTAP Adds S3 Access Points Support

📂 You can now attach Amazon S3 Access Points to Amazon FSx for NetApp ONTAP file systems so applications can access file data as if it were stored in S3. This lets a broad range of AI, ML, and analytics services—including Amazon Bedrock, SageMaker, and Glue—use your FSx file data without copying it. Create and attach access points via the Amazon FSx console, AWS CLI, or SDK; support for existing file systems will arrive in a forthcoming maintenance window. The capability is available in select AWS Regions.

AWS launches Database Savings Plans for databases worldwide

🚀 Today AWS introduced Database Savings Plans, a flexible pricing model that offers up to 35% savings in exchange for a one-year commitment measured in $/hour with no upfront payment. Discounts apply automatically to eligible serverless and provisioned usage across engines, instance families, sizes, deployment options, and Regions. The offer supports Amazon Aurora, Amazon RDS, Amazon DynamoDB, Amazon ElastiCache, Amazon DocumentDB, Amazon Neptune, Amazon Keyspaces, Amazon Timestream, and AWS DMS. Database Savings Plans are available now in all AWS Regions except China and can be purchased from the Billing console or via the AWS CLI.

AWS previews EC2 C8ine instances for packet processing

🚀 Amazon Web Services previewed EC2 C8ine instances built on custom sixth-generation Intel Xeon Scalable processors (Granite Rapids) and the new Nitro v6 card. These instances are optimized for dataplane packet-processing workloads and can deliver up to 2.5× higher packet performance per vCPU versus prior C6in instances, with up to 2× higher internet-gateway bandwidth and up to 3× more ENIs. Targeted use cases include security virtual appliances, firewalls, load balancers, DDoS protection systems, and Telco 5G UPF. Preview access is available upon request through your AWS account team.

Amazon SageMaker Catalog Exports Asset Metadata to Iceberg

🔍 Amazon SageMaker Catalog now exports asset metadata as an Apache Iceberg table via Amazon S3 Tables, enabling teams to query catalog inventory with standard SQL without building custom ETL. The export includes technical fields (resource_id, resource_type), business metadata (asset_name, business_description), ownership details, and timestamps, partitioned by snapshot_date for time travel queries. The dataset appears in SageMaker Unified Studio and is queryable from Amazon Athena, Studio notebooks, AI agents, and BI tools. Available in all supported Regions at no additional SageMaker charge; you pay for S3 Tables storage and Athena queries.

Amazon RDS for SQL Server: Optimize CPU on M7i/R7i

🔧Amazon RDS for SQL Server introduces an Optimize CPU option with support for M7i and R7i instance families, lowering prices by up to 55% compared with equivalent sixth‑generation instances. Optimize CPU disables SMT on instances with two or more physical CPU cores to halve vCPU counts and associated third‑party licensing charges while preserving the same number of physical cores and near‑equivalent performance. The biggest savings appear on 2Xlarge and larger sizes and on Multi‑AZ deployments; memory‑ or I/O‑intensive workloads can be further tuned to reduce costs.

Cybercrime Goes SaaS: Renting Tools, Access, Infrastructure

🔒Crimeware now behaves like subscription software: inexperienced attackers can rent turnkey services for phishing, access, data feeds, and malware instead of building tools. Varonis outlines five subscriptionized offerings — from AI-driven PhaaS (e.g., SpamGPT) and malicious PDF builders (MatrixPDF) to Telegram OTP-capture bots and searchable infostealer feeds. The piece shows how IABs and low-cost RAT subscriptions (for example, Atroposia) commoditize breaches and lower technical barriers. Defenders should adopt a system-first posture: automate detection playbooks, rotate credentials frequently, and enforce least privilege to raise costs for subscription-based attackers.

Amazon RDS for SQL Server Adds Developer Edition Support

🆕 Amazon RDS for SQL Server now supports SQL Server 2022 Developer Edition, enabling teams to run a feature-complete, free edition of SQL Server in non-production RDS instances. The Developer Edition includes all Enterprise features for building, testing, and demonstrating applications while reducing licensing costs for development and test environments. Core RDS capabilities — automated backups, automated software updates, monitoring, and encryption — are supported on Developer Edition. The license is strictly limited to development and testing and may not be used in production or for commercial end-user scenarios.

No-Cost Google Cloud AI Training to Upskill This Holiday

🎁 This holiday season Google Skills provides no-cost AI courses and hands-on labs taught by Google Cloud experts, intended for both technical and non-technical learners. Technical offerings include sandboxed labs covering Gemini Code Assist, Vibe coding, Model Context Protocol (MCP) integration, ADK agents, fine-tuning, and AI infrastructure, with 35 free monthly credits to practice in real environments. Non-technical content emphasizes leadership, Gemini Enterprise, NotebookLM, short practical lessons, and skill badges or certification prep to validate progress.

Amazon S3 Batch Operations: Up to 10x Faster at Scale

⚡Amazon S3 Batch Operations now finishes jobs up to 10x faster and supports jobs that include up to 20 billion objects, accelerating large-scale storage tasks. S3 pre-processes objects, runs operations, and generates completion reports with no extra configuration or cost. Typical uses include copying between buckets, tagging for lifecycle policies, and computing checksums. The upgrade is available in all AWS Regions except China and GovCloud (US).

India Orders Messaging Apps to Bind Accounts to SIMs

🔒 India's Department of Telecommunications (DoT) has directed messaging apps to bind accounts to an active, KYC‑verified SIM linked to the user's mobile number, with platforms required to comply within 90 days. The amendment to the Telecommunications (Telecom Cyber Security) Rules, 2024 aims to curb phishing, cross‑border fraud and remote account takeovers by closing gaps from long‑lived web/desktop sessions. Providers must enforce continuous SIM linkage and force web sessions to log out every six hours, requiring QR re‑linking. The DoT also announced a Mobile Number Validation (MNV) platform for decentralized, privacy‑compliant verification.

Microsoft Defender portal outage disrupts XDR access

⚠️ Microsoft is mitigating an ongoing incident affecting the Defender XDR portal that began roughly 10 hours ago and was first acknowledged at 06:10 UTC. The outage stemmed from a traffic spike that drove high CPU utilization on components responsible for portal functions, blocking access and disrupting features such as advanced threat-hunting alerts and device visibility. Microsoft applied mitigation to increase processing throughput and reports partial recovery for some customers while it analyzes HAR traces and coordinates client-side diagnostics with impacted organizations.

New eBPF Filters in Symbiote and BPFDoor Malware Variants

🛡️ FortiGuard Labs reports new Linux-focused eBPF malware updates in 2025, including 151 new BPFDoor samples and three new Symbiote samples. Both families abuse eBPF to install kernel-level packet filters that enable stealthy C2 channels; Symbiote is using UDP port-hopping across high ports while BPFDoor has added IPv6 and DNS-based filtering. Detection is difficult but Fortinet provides AV and IPS protections.

AI Requires Difficult Choices: Regulatory Paths for Democracy

🧭 The piece argues that AI forces a societal reckoning similar to the arrival of social media: it can amplify individual agency but also concentrate control and harm democratic life. The authors identify four pivotal choices for executives and courts, Congress, states, and everyday users—centering on legal accountability, privacy and portability, reparative taxation, and consumer product choices. They urge proactive, aligned policy and civic action to avoid repeating past mistakes and to steer AI toward public-good outcomes.

CISA Issues Five New Industrial Control System Advisories

🛡️ CISA released five Industrial Control Systems (ICS) advisories detailing vulnerabilities, impacts, and recommended mitigations for affected products. Affected vendors include Industrial Video & Control (Longwatch), Iskra (iHUB/iHUB Lite), Mirion Medical (EC2 NMIS BioDose), and two updates for Mitsubishi Electric products. Administrators and operators are urged to review the advisories and apply recommended mitigations promptly to reduce operational and safety risks.

ICO Reviews Mobile Games for Children's Code Compliance

🕹️ The UK Information Commissioner's Office has launched a focused review of 10 popular mobile games to assess compliance with the Children’s Code (Age-Appropriate Design Code). The review will scrutinize default privacy settings, geolocation controls, targeted advertising and other design features that could affect children’s privacy. The ICO cited parental research showing high levels of concern about data collection, exposure to strangers and harmful content in mobile games.

UK and US Security Teams Fear State-Sponsored Cyberattacks

🔒 IO's State of Information Security Report 2025 finds most UK and US cybersecurity professionals fear state-sponsored cyber-attacks, with 23% citing lack of preparedness for geopolitical escalation as their top concern. Surveying 3,000 security managers, IO reports 33% believe governments are not doing enough and many organisations worry about data loss, reputational harm and supply chain disruption. In response, 74% are investing in resilience and 97% are tailoring incident response, beefing up threat intelligence and securing supply chains.

AI Adoption Surges, Governance Lags in Enterprises

🤖 The 2025 State of AI Data Security Report shows AI is widespread in business operations while oversight remains limited. Produced by Cybersecurity Insiders with Cyera Research Labs, the survey of 921 security and IT professionals finds 83% use AI daily yet only 13% have strong visibility into how systems handle sensitive data. The report warns AI often behaves as an ungoverned non‑human identity, with frequent over‑access and limited controls for prompts and outputs.

Build Forward-Thinking Cybersecurity Teams for Tomorrow

🧠 The democratization of advanced attack capabilities means cybersecurity leaders must rethink talent strategies now. Ann Johnson argues the primary vulnerability in an AI-transformed landscape is human: teams must combine technical expertise with cognitive diversity to interrogate and adapt to probabilistic AI outputs. Organizations should change hiring, onboarding, retention, and continuous upskilling to create resilient, future-ready security teams.

Vaillant CISO: From Technology to Strategic Cyber Leadership

🔒 Raphael Reiß, CISO at Vaillant Group, warns that rising geopolitical tensions and increasingly professional cybercriminals — now aided by AI — have lowered the barrier to complex attacks. Vaillant applies a holistic, multilayered security approach that spans IT, global production and customer-facing products, combining preventive and reactive controls. Reiß emphasises people-first awareness training and pragmatic compliance with standards such as NIS2, DORA and the Cyber Resilience Act. His advice is direct: analyse your starting point and start rather than wait.

Windows 11 KB5070311 Preview Fixes Explorer Freezes

🔧 Microsoft has published the optional KB5070311 preview cumulative update for Windows 11, delivering 49 non-security fixes and quality improvements. The November preview resolves an explorer.exe and taskbar hang triggered by certain notifications, corrects File Explorer search issues affecting some SMB shares, and addresses an LSASS access-violation instability. Install via Settings → Windows Update or download from the Microsoft Update Catalog; this update advances 25H2 and 24H2 builds to 26200.7309 and 26100.7309 respectively.

GKE Turns 10 Hackathon: Winners and Technical Highlights

🚀 The GKE Turns 10 Hackathon showcased developer teams building agentic AI on GKE integrated with Google models such as Gemini. More than 4,700 participants from 133 countries produced 133 projects demonstrating multi-agent pipelines, model orchestration, and microservice integration. Grand prize winner Amie Wei’s Cart-to-Kitchen assistant uses GKE Autopilot, the Agent Development Kit (ADK), and Agent-to-Agent protocols to analyze grocery carts and recommend recipes. Google also announced GEAR, an educational sprint launching in early 2026 to help developers learn, build, and deploy AI agents.

Google Cloud Next 2026: Registration Open in Las Vegas

🎟️ Registration is now live for Google Cloud Next, returning to Las Vegas April 22–24, 2026. Secure early bird pricing at $999 for a limited time and join a global community of builders, engineers, and business leaders for keynotes, deep-dive sessions, hands-on labs, demos, hackathons, and workshops. Expect practical AI-focused content and collaborative networking designed to deliver actionable insights and skills.

Key Questions CISOs Must Ask About AI-Powered Security

🔒 CISOs face rising threats as adversaries weaponize AI — from deepfakes and sophisticated phishing to prompt-injection attacks and data leakage via unsanctioned tools. Vendors and startups are rapidly embedding AI into detection, triage, automation, and agentic capabilities; IBM’s 2025 report found broad AI deployment cut recovery time by 80 days and reduced breach costs by $1.9M. Before engaging vendors, security leaders must assess attack surface expansion, data protection, integration, metrics, workforce impact, and vendor trustworthiness.

2025 UK CSO 30 Awards Recognize Leadership & Innovation

🏆 The 2025 CSO 30 Awards celebrate cybersecurity leaders blending technology, culture and measurable impact. A panel of judges recognised achievements across categories such as AI and Digital Excellence, Rising Star, Diversity and Inclusion and CSO of the Year. Highlights include Greg Emmerson’s automation and canary tooling at Applegreen, Chris Bardell’s response advances at Royal Papworth Hospital, and Craig Hickmott’s human-first transformation at the British Heart Foundation. The programme emphasises workforce development, responsible AI and organisational resilience.

KB5070311 Causes Explorer to Flash White in Dark Mode

⚠️ Microsoft confirmed that the KB5070311 preview update can cause a brief bright white flash when launching File Explorer in dark mode on Windows 11 systems. The behavior is also triggered when navigating to or from Home or Gallery, creating a new tab, toggling the Details pane, or selecting 'More details' while copying files. Microsoft says it is working on a solution but has not provided a timeline; affected users are advised to disable dark mode as a temporary workaround.

Practical Guide to GPU HBM for Fine-Tuning Models in Cloud

🔍 Running into CUDA out-of-memory errors is a common blocker when fine-tuning models; High Bandwidth Memory (HBM) holds model weights, optimizer state, gradients, activations, and framework overhead. The article breaks down those consumers, provides a simple HBM sizing formula, and walks through a 4B-parameter bfloat16 example that illustrates why full fine-tuning can require tens of GBs. It then presents practical mitigations—PEFT with LoRA, quantization and QLoRA, FlashAttention, and multi‑GPU approaches including data/model parallelism and FSDP—plus a sizing guide (16–40+ GB) to help choose the right hardware.

Startup Frenetik Launches Patented Deception Technology

🔐 Frenetik, a Maryland cybersecurity startup, emerged from stealth with a patented approach called Deception In-Use that continuously rotates real identities and resources across Microsoft Entra (M365), AWS, Google Cloud and on-prem environments. By routing critical change details through out-of-band channels accessible only to trusted parties, defenders retain accurate visibility while attackers operate on stale intelligence and are more likely to be funneled into decoys and honeypots.

SecAlerts: Faster, Smarter Vulnerability Tracking Platform

🔔 SecAlerts provides a streamlined, cloud-native vulnerability notification service that maps new advisories directly to the software you run, avoiding intrusive scans or local installs. Using near-real-time sources rather than relying solely on the NVD, it reduces alert noise through configurable Stacks, Channels, and Alerts, so teams only receive actionable notifications. The platform includes a searchable Feed, visualised severity metrics, per-client properties for MSSPs, an API for integrations, and audit-ready reporting to accelerate remediation.