Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Technology. Show all posts
Technology
agentic AI AI governance Anthropic Claude Cowork Claude Desktop Cloud Security Enterprise AI Security Identity and Access Management Microsoft Entra Technology

Anthropic Tests Mobile Version of Desktop Like Claude Cowork

 


Claude Cowork, an auto-assisted desktop assistant designed to handle long-running knowledge work with minimal user intervention, has been tested on mobile devices by Anthropic, extending the reach of its agentic AI ecosystem. 

A mobile application is not reported to shift computational workloads to smartphones, but rather to function as a remote management interface, which allows users to initiate tasks, monitor their execution, and review progress as the actual computation takes place on a desktop computer. 

In the event that this capability is implemented, it will significantly expand Claude Cowork's accessibility by providing persistent oversight of background workflows such as document creation, spreadsheet generation, file analysis, and report preparation, advancing the integration of AI-driven productivity across devices. 

Claude Cowork will be enhanced with cross-platform capabilities, as well as redesigned into a centrally managed enterprise platform designed to accommodate a variety of organizational workflows through a unified deployment model. It was stated that the approach provides IT administrators with the ability to distribute a single desktop application throughout the organization and assign varying capabilities based on the role of users, enabling employees to access conversational AI, knowledge workers to utilize Claude Cowork when delegating long-term tasks, and software engineering teams to utilize Claude Code without having to deploy separate platforms. 

A long-standing enterprise concern related to AI adoption has been addressed by Anthropic, which emphasizes that the inference can remain within the customer's existing cloud environment, whereas the conversation history can be kept locally. This gives organizations greater control over the handling of data. A number of enterprise identity and device management features are also included in the platform, including single sign-on (SSO), mobile device management (MDM) policy templates, offline installation, and cloud deployment capabilities, allowing organizations to utilize artificial intelligence in an integrated manner rather than introducing an isolated infrastructure based on security, compliance, and governance concerns. 

As part of the update, Claude Chat, Claude Cowork, and Claude Code policy management is separated to provide organizations with granular administrative controls, allowing organizations to selectively enable features and phase their expansion. 

In large enterprises with multiple legal, finance, operations, and engineering teams that require different AI capabilities under distinct governance policies, role-based structures are particularly beneficial. A new feature of Anthropic's enterprise connectivity with Microsoft 365 is the ability for organizations to route data access through their own Microsoft Entra application rather than connecting directly with Anthropic. 

A tenant allowlisting feature, beta support for Microsoft 365 GCC High and DoD environments, as well as an optional local connector allowing Microsoft services to communicate with user devices, ensures that enterprises retain full control over authentication, permissions, audit logging and data access. The administrator will also have the option of exporting deployment policies, validating connectors, verifying Claude models from the cloud provider, and testing configurations before implementing large-scale deployments.

The Anthropic team intends to reduce procurement complexity and position Claude Desktop as enterprise software integrated with existing identity management, compliance, and infrastructure workflows by allowing customers already standardized on Amazon Web Services, Google Cloud, or Microsoft Foundry to deploy Claude within their existing cloud estates. 

In the current enterprise AI landscape, success depends on not only model capabilities, but also deployment flexibility, administrative control, governance, and seamless integration into existing enterprise ecosystems as organizations move from limited AI pilot programs to organization-wide deployments. 

The Claude Desktop application, which is available on macOS and Windows, has largely contained Claude Cowork, which executes autonomous tasks directly on the host machine using locally shared files and resources. It has been noted that Anthropic is actively developing a companion mobile application, as screenshots recently surfaced on X indicate. 

Users are expected to be able to start and steer tasks from their smartphones via the Claude mobile application, web interface, or desktop client, while checking execution status through the mobile app. Further, the interface indicates that assigned workloads continue running in the background even after the mobile application has been closed, which demonstrates the purpose of this feature is to oversee tasks persistently rather than executing them locally. 

By following this architecture, mobile devices function as remote management endpoints, while desktop environments remain responsible for computational tasks, file access, document generation, spreadsheet creation, and other resource-intensive operations. 

Anthropic has not yet formally announced full mobile support, but its Cowork documentation already mentions beta pairing support for phones, suggesting that a greater range of cross-device capabilities is being actively developed, with details and eligibility for account eligibility still unknown. 

Claude Cowork's ability to operate continuously as an artificial intelligence work agent will be enhanced if this capability is released, allowing users to initiate, monitor, and manage extended workflows without having to remain physically connected to their desktop computers. Anthropic is further advancing its broader philosophy of agent-driven productivity rather than conventional chatbots. 

Based on Anthropological's latest developments, the next phase of enterprise AI will be characterized by both operational governance and model capability, as organizations increasingly rely on autonomous AI agents to execute business-critical workloads, securing deployment, identity-aware access controls, integration with the cloud, and centralized policy management will become essential features rather than optional ones. 

If enterprises evaluate agentic AI platforms, they should prioritize solutions that align with existing security architectures, compliance obligations, and administrative workflows to ensure productivity gains do not negatively impact visibility, governance, or data security.
Read more »
Trump administration AI
AI GPT-5.6 release OpenAI GPT-5.6 Sam Altman Technology Trump administration AI

OpenAI Delays GPT-5.6 Public Launch After US Government Seeks Limited Rollout

 

OpenAI has agreed to delay the wider release of its upcoming AI model, GPT-5.6, after the Trump administration requested that the company initially restrict access to a limited group of government-approved partners. The request was made due to concerns surrounding the model's advanced capabilities and potential national security implications.

The development, first reported by The Information on June 25, 2026, reflects the growing role of the US government in overseeing the deployment of cutting-edge artificial intelligence models. The move also signals a shift in how frontier AI systems may be introduced to the public going forward.

The government's request comes shortly after its dispute with rival AI startup Anthropic. Earlier this month, on June 12, the Trump administration directed Anthropic to temporarily take its latest AI models, Fable 5 and Mythos 5, offline under new export control measures aimed at preventing access by foreign nationals. Officials cited national security risks behind the decision.

Anthropic described the action as a "misunderstanding" and said it hoped to restore access "as soon as possible," though the incident established a significant precedent for government intervention in AI model releases.

Mythos had been shared with around 40 organisations, including Google, Microsoft and JPMorgan Chase, through a restricted programme known as Project Glasswing. According to reports, the model's ability to autonomously identify software vulnerabilities and carry out complex, multi-step cybersecurity attacks without human involvement raised concerns among US officials.

GPT-5.6 Viewed as Comparable to Mythos

A source familiar with the matter said both OpenAI and the US administration consider GPT-5.6 to be "on par" with Anthropic's Mythos, particularly regarding its cybersecurity capabilities. That assessment prompted officials to recommend a phased rollout instead of an immediate public launch.

OpenAI CEO Sam Altman reportedly informed employees during an internal Q&A session on June 25 that GPT-5.6 would first be made available to a select group of enterprise customers.

In a follow-up internal memo, Altman explained that the government would be "approving access customer by customer during this preview period." The request reportedly came from the Office of the National Cyber Director and the Office of Science and Technology Policy, while Commerce Secretary Howard Lutnick also advised OpenAI not to proceed without approvals from multiple federal agencies.

Although OpenAI agreed to the arrangement, Altman indicated that the company does not see this as a long-term solution. According to The Information, he wrote: "We’ve made clear to the U.S. government that this is not our preferred long-term model, and will work with them and others in industry to achieve a more sustainable approach for future releases."

Meanwhile, a White House official told CNN that the administration continues "to collaborate with frontier AI labs to develop shared approaches for addressing the challenges of scaling this technology."

The broader public release of GPT-5.6 is expected to take place a "couple of weeks" after the limited preview, depending on how the government-led approval process progresses.

AI Oversight Continues to Evolve

The latest development highlights the absence of a formal federal regulatory framework governing the review of advanced AI models before public deployment.

President Trump's executive order on "Promoting Advanced AI Innovation and Security" encourages AI companies to voluntarily provide frontier models to the government for cybersecurity assessments for up to one month before public release. However, compliance with the programme is voluntary rather than legally required.

For now, OpenAI's agreement with the US government represents one of the clearest examples of collaboration between federal authorities and an AI company. The outcome of GPT-5.6's controlled rollout could influence how other leading AI developers introduce powerful new models in the future.

Read more »
Technology
AI Robots AI Training Humanoid Robots Indian Workers Job Automation Technology

Inside India’s AI Boom: Workers Training Robots to Replace Human Jobs

 

Indian workers are increasingly being paid to record themselves performing everyday tasks so AI systems can learn how to do those jobs — a trend that’s creating short-term income but raising serious long-term questions about automation and worker displacement. 

Employers and startups are using head-mounted cameras, smartphones and motion sensors to collect “egocentric” footage of activities such as chopping vegetables, folding clothes and assembling parts; that data trains models intended to teach humanoid robots how humans move and interact with objects in real environments. The work has opened a new gig economy niche: workers earn small payments per hour of footage, often in low-cost regions like India where labour is cheaper than in Western markets. 

For many workers the pay provides immediate relief — a few hundred rupees per hour can be meaningful — but the jobs themselves are repetitive and sometimes physically taxing, involving long shifts and continuous filming that can cause eye strain and fatigue. Companies argue this is legitimate work in a growing data economy: capturing real-world human movement is essential for training robots to operate safely and effectively outside labs. Tech firms say egocentric data accelerates progress toward practical household and industrial robots by exposing models to the messy realities of kitchens, factories and crowded workspaces that simulated data cannot reproduce. 

Yet the ethical and economic implications are stark. Critics say the model resembles a paradox: workers are paid to teach machines how to replace them, creating what some call a “data-for-displacement” cycle. Labor advocates worry that once humanoid robots mature, tasks now filmed by humans — from domestic chores to basic factory assembly — could be automated, squeezing informal-sector incomes on which millions depend. Policy analysts note that much public debate on AI’s job impacts focuses on white-collar roles, while the millions in informal or low-wage physical jobs receive far less attention despite being directly targeted by physical AI development. 

Responses are emerging but remain fragmented. Some companies insist robots will complement rather than replace human workers, enabling safer or higher-skilled jobs; others have introduced retraining or higher-paying annotation roles as partial mitigation. Meanwhile civil-society groups and researchers call for stronger labor protections, transparency about how footage will be used, and social-safety nets to support workers displaced by automation, especially in countries with large informal workforces. 

The situation highlights a broader policy challenge: balancing technological progress with social safeguards so that the value created by AI doesn’t accrue only to firms and investors while leaving vulnerable workers behind. As physical AI moves from research labs into everyday life, regulators, companies and worker representatives will need to negotiate fair pay, consent, and transition measures—or risk repeating past technological revolutions that expanded productivity while widening inequality.
Read more »
Technology
Anthropic AI Claude AI Global Outage Technology

Anthropic's Claude AI Back Online After 90-Minute Global Outage

 

Anthropic’s Claude AI platform suffered a global outage that left users and developers dealing with elevated error rates and service interruptions for nearly 90 minutes before recovery was completed. The disruption hit the Claude ecosystem at a time when many teams depend on it for chat, coding, and API-driven workflows. 

The incident began at 00:37 UTC on June 22, 2026, when Anthropic opened an investigation into errors affecting several Claude models at the same time. The outage was broad, impacting Opus 4.8, Opus 4.7, Opus 4.6, Sonnet 4.6, and Haiku 4.5, which made it one of the widest multi-model incidents reported for the service this month. 

Users felt the effects across multiple products, including Claude.ai, the Claude API, Claude Code, and Claude Cowork. That meant the problem was not limited to casual chatbot access; it also disrupted software developers, enterprise teams, and anyone depending on Claude through automated integrations. 

Anthropic identified the root cause by 01:11 UTC and then started a staged fix rather than restoring everything at once. Recovery moved model by model, with Opus 4.8 returning first, followed by Haiku 4.5 and Opus 4.7, before the company declared full resolution at 02:06 UTC. This was not an isolated event, since Claude has faced several disruptions in 2026, including outages in March and earlier in June. The repeated incidents underline a bigger issue for the AI industry: as usage grows, reliability becomes just as important as model quality.

Safety tips 

To protect users from an Anthropic Claude AI outage, the best approach is to combine monitoring, fallback options, and simple user-facing safeguards. Since Claude outages can affect the web app, API, and coding tools at the same time, protection should be built into both user workflows and product systems. 

The first step is detection. Check Anthropic’s official status page, track incident reports, and monitor error spikes so you can confirm whether the issue is platform-wide or local. For developers, test a small API request and watch for 5xx responses such as overloaded or unavailable errors, which usually indicate a backend outage rather than a user-side problem. 

The next layer is graceful fallback. If Claude is unavailable, route urgent tasks to another AI provider or a backup model so users can keep working without a hard stop. For teams, this can mean switching prompts, disabling nonessential AI features temporarily, or offering a manual workflow until service returns. 

For API products, build retry logic carefully. Use exponential backoff, limit repeated retries, and avoid hammering the service during an incident because that can worsen delays for your users. It also helps to decouple the front end from a single AI endpoint so the app can still load, save work, or queue requests even when Claude is down.
Read more »
Technology
Agentic AI Risks AI Agent Security AI Framework Vulnerabilities AutoJack Localhost Security MCP WebSocket Microsoft AutoGen Studio Remote Code Execution Technology

AutoJack Reveals New Threat to Autonomous AI Agent Security

Researchers are discovering new security threats that extend well beyond traditional prompt manipulation as artificial intelligence agents acquire the capability of browsing websites, interacting with local services, executing tools, and automating complex workflows. 

AutoJack, the newest example of malware that can be exploited by trusted AI-powered browsers to compromise systems unintentionally, demonstrates how a single malicious web page can be used to manipulate the browser. A number of vulnerabilities combine to bypass assumptions surrounding localhost security. 

The exploit chain targets Microsoft's AutoGen Studio, an open-source environment designed to develop and test multi-agent AI systems, utilizing multiple weaknesses. Using the agent's native web browsing functionality and the agent's interaction with locally exposed services, the attack allows the execution of arbitrary code on the host machine by simply submitting a URL by the user. It has been demonstrated that AI security is becoming increasingly problematic as agents are integrated into browsers, developer tools, and operating systems. 

As a result, the boundary between untrusted internet content and privileged local resources is becoming increasingly difficult to enforce. As a result of the analysis, the attack does not require stolen credentials, bypasses of user authentication, or repeated actions by the user to proceed. The attack therefore does not require stolen credentials or bypasses of user authentication. 

An attacker-controlled webpage can be accessed by browsing agents once they have been directed there, whether they have been directed there by a submitted URL, a malicious link, or prompt-injected content embedded in a workflow. This issue centers around AutoGen Studio's implementation of the Model Context Protocol (MCP) WebSocket, which was included in the development builds 0.4.3.dev1 and 0.4.3.dev2, but was absent from Microsoft's stable version 0.4.2.2. 

According to Microsoft, the exposed MCP WebSocket surface did not appear in a stable PyPI release. Researchers have however identified three different weaknesses that combine to form a viable remote code execution path within the development branch. As a result of inadequate origin validation, WebSocket connections were limited to localhost origins, but JavaScript executed within the AI-controlled headless browser on the same machine was not considered. 

The second stemmed from authentication controls that intentionally excluded /api/mcp/* routes, allowing access to the MCP WebSocket without verification. One of the most critical security issues arose from the handling of the server_params argument, which accepted attacker-supplied commands and arguments, decoded them into execution parameters, and passed these parameters directly to the process spawning functionality without any meaningful restrictions. 

When a developer uses AutoGen Studio on localhost:8081 along with a browsing agent, the agent could unintentionally trigger the chain by allowing the agent to browse a carefully crafted webpage. By leveraging authentication and origin validation gaps, the embedded JavaScript would create a WebSocket connection with the local MCP endpoint and instruct the application to launch an attacker-defined executable with the logged-in user's privileges. 

As a result of the responsible disclosure to the Microsoft Security Response Center, the affected code path has been hardened in the upstream repository. However, these findings indicate that trusted local AI agents may unintentionally bridge the gap between untrusted web content and privileged development environments in the absence of checks on security assumptions surrounding localhost services. 

However, researchers emphasize that the broader architectural weakness of AutoJack extends beyond just a single framework or implementation, although the specific vulnerabilities leveraged by the project have been addressed in its source code. As an interim measure until updated releases are fully adopted, security practitioners suggest separating AutoGen Studio from browsing and code-execution agents that interact with untrusted internet content in order to eliminate the conditions required for exploitation. 

A mitigation layer that provides effective protection against this attack chain is the isolation of workloads through dedicated containers, virtual machines, or restricted user contexts. In addition, the findings of this study identify a recurring design pattern increasingly observed across agent ecosystems: highly privileged, local services that are protected primarily by localhost assumptions, combined with artificial intelligence agents that may freely access external content. 

Recently, similar concerns emerged in the ChatGPhish campaign, where AI-generated summary pages were manipulated in order to facilitate phishing attempts. Research conducted with Microsoft's Semantic Kernel, reported as CVE-2026-26030 and CVE-2026-25592, demonstrated comparable risks associated with locally trusted execution paths. These examples indicate that localhost-based trust models are becoming increasingly fragile in environments where autonomous agents routinely connect external and internal systems. 

Researchers have argued that meaningful defense requires stronger control-plane authentication, strict allowlisting, and separate agent identities from developer sessions in order to provide meaningful defense. In light of the continued development of artificial intelligence frameworks that enable browsing, execution, and orchestration across multiple systems, security boundaries are no longer defined solely by the network location. 

When an agent gains access to both the open web and privileged local services, traditional localhost protections no longer provide a reliable security measure. It serves as a reminder that the security challenges associated with artificial intelligence agents have rapidly evolved from theoretical concerns into practical attack scenarios as the AutoJack findings demonstrate. 

The adoption of increasingly autonomous systems capable of browsing the web, interacting with local services, and performing tasks on behalf of users is challenging long-established trust assumptions in a new way. According to the research, artificial intelligence agents should be evaluated both as productivity tools and as privileged software components that can access sensitive environments directly. 

Security teams should reassess localhost exposure, strengthen authentication controls around agent-accessible services, and enforce strict execution boundaries before experimental workflows become dependent on production processes. In a technological landscape where AI agents are expected to be capable of making decisions and taking actions independently, security architecture also needs to evolve at the same rapid speed as the technology itself.
Read more »
Technology
AI CISO Cyber Threats Cybersecurity ISSA Technology

Cybersecurity Leaders Face Growing Workloads as AI Changes the Job

 



The responsibilities placed on cybersecurity leaders are becoming increasingly difficult to manage as organizations face a growing number of cyber threats, rapid adoption of artificial intelligence technologies, and increasing demands for security oversight across the business.

A recent survey conducted by the Information Systems Security Association (ISSA) International and research firm Omdia found that 68% of cybersecurity and IT professionals believe their jobs are more difficult today than they were two years ago. More than half of respondents reported heavier workloads and greater operational complexity (55%), while 52% said the volume and intensity of cyber threats have become more overwhelming.

Security teams are being asked to protect increasingly complex digital environments while also helping organizations adopt new technologies such as generative AI. At the same time, many security leaders say they are struggling to secure sufficient support from other parts of the business.

According to Shawn Murray, former president of ISSA and a fractional Chief Information Security Officer (CISO), many security executives regularly work long hours while attempting to address security concerns that are often introduced without their involvement. In some organizations, new technologies are adopted before security teams are included in planning discussions, creating additional challenges for risk management and governance.

As a result, some experienced CISOs are leaving traditional full-time leadership positions and choosing consulting or fractional roles instead. These arrangements allow security professionals to work with multiple organizations while focusing on businesses that are willing to involve cybersecurity leaders in strategic decision-making.

While legal accountability was once considered one of the largest concerns facing CISOs, the survey suggests that anxiety around personal liability has become less prominent than in previous years. Instead, many respondents identified the security implications of artificial intelligence as one of the most significant new sources of pressure.

AI has created both opportunities and challenges for cybersecurity teams. One growing concern is the rise of "shadow AI," where employees begin using AI tools and services without notifying security teams or obtaining formal approval. Similar issues emerged during the early stages of cloud adoption, when departments could deploy new services independently without providing visibility to cybersecurity staff.

This lack of visibility can create greater security gaps. When security teams do not know which AI applications, models, or processes are being used across an organization, it becomes more difficult to identify risks, monitor suspicious activity, and respond effectively to potential incidents.

Despite these concerns, cybersecurity professionals are increasingly interested in using AI to improve their own operations. The survey found that 37% of respondents are already using AI-powered tools to address cybersecurity challenges, while another 46% plan to adopt such technologies in the future.

Among the most common use cases identified by respondents were automated cybersecurity assessments, software testing, predictive risk analysis, and threat detection. These capabilities could help security teams reduce manual workloads and process large volumes of security data more efficiently.

Alex Hutton, CISO at Atlantic Union Bank, noted that the cybersecurity environment has changed significantly in recent years. Whether organizations fully embrace advanced AI systems or not, security professionals must continuously learn about new technologies, understand emerging risks, and adapt their security strategies accordingly.

The survey also highlighted a notable shift in how organizations obtain cybersecurity leadership. The percentage of companies employing full-time CISOs declined from 76% in 2024 to 63%, while the use of fractional CISOs increased from 6% to 15% over the same period.

Industry observers believe this trend reflects growing demand for cybersecurity expertise rather than a reduction in the importance of the CISO role. Many small and mid-sized organizations face the same security, compliance, and governance challenges as larger enterprises but often lack the budget required to hire a full-time executive.

Cyber insurance requirements are also contributing to demand for experienced security leadership. Organizations are increasingly expected to demonstrate strong cybersecurity practices and effective risk management controls before obtaining coverage or meeting insurer requirements. CISOs frequently play a central role in helping businesses assess risks, improve security programs, and document compliance efforts.

According to Hutton, the rise of fractional and virtual CISOs provides organizations with access to executive-level security guidance without requiring a full-time appointment. Rather than signaling the decline of cybersecurity leadership positions, the change may represent an expansion of cybersecurity services to organizations that previously could not afford dedicated executive expertise.

As cyber threats continue to grow and AI reshapes business operations, cybersecurity leaders are expected to remain critical decision-makers. However, the role itself is changing, requiring security professionals to balance technical oversight, business strategy, regulatory expectations, and emerging technologies in an increasingly demanding environment.

Read more »
Wearable Device Security
AI Surveillance Risks Biometric Authentication Biometric Security Face Recognition Technology Facial Recognition Security Meta AI App Meta Smart Glasses Privacy Technology Wearable Device Security

Meta Faces Privacy Questions After Secret Face Recognition Code Discovery


The concept of facial recognition in consumer wearables remained largely a theoretical discussion for many years confined to research laboratories, privacy concerns, and product development. Having now discovered that Meta had quietly embedded facial recognition-related code within its Meta AI mobile application, the software that powers and supports its Ray-Ban and Oakley smart glasses ecosystem, this conversation is moving closer to reality. 

A system known as "NameTag" was discovered inside the smart glasses in order to process images captured through their cameras, generate biometric information, and match it with local data in order to recognize individuals in real time. Based on these findings, the integration of advanced computer vision capabilities into everyday consumer devices has been heightened, particularly when these capabilities appear in applications that are installed on tens of millions of smartphones well in advance of official announcements. 

Additionally, Meta's smart glasses platform continues to expand its capabilities, raising questions regarding transparency, biometric data handling, and the future of artificial intelligence-powered wearable technology. In further analysis of the software architecture, it is apparent that the NameTag framework was not limited to experimental code fragments, but rather was integrated into the Meta AI application, which is a mandatory companion application for several smart glasses features and has been downloaded by over 50 million people. 

An analysis of the system indicates that it was designed to capture facial imagery through the glasses, generate unique biometric templates known as faceprints, and compare the collected data with data stored locally on a user's device. Upon identifying a match, the application could generate recognition alerts to the wearer, while faces that could not immediately be matched were reportedly cropped, catalogued, and queued for future consideration. 

In the investigation, researchers noted that three separate machine learning models were already installed on user devices to handle face detection, image extraction, and biometric conversion, respectively, associated with the feature. In earlier application builds, the capability was also referenced under the label "Connections," which implies a potential application use case that could involve assisting users in recalling individuals they had previously encountered. 

A portion of the technical analysis was reviewed by independent security experts who emphasized the findings of the study. Although the feature was never publicly announced, researchers indicated that the underlying components appeared sufficiently developed to facilitate operational testing. 

Security researchers reported that one security researcher uploaded a faceprint associated with French philosopher Michel Foucault to demonstrate the system's recognition workflow, which triggered a notification which indicated successful identification of the user. Despite Meta's long-standing involvement with facial-recognition technologies, which have been the subject of both commercial interest and regulatory pressure in the past, this disclosure has reignited scrutiny. 

Previously, the company operated one of the largest facial-recognition systems for consumers by using Facebook's photo-tagging infrastructure before discontinuing the program in 2021 and destroying more than a billion biometric records. The development of a new facial-recognition framework against this backdrop has inevitably drawn the attention of privacy advocates and industry observers. 

A company representative of Meta has, however, strongly rejected interpretations that the technology had been secretly deployed or prepared for public release. The code, according to Meta spokesperson Ryan Daniels, reflects ongoing research and product exploration and not a finished consumer feature. Meta spokesperson said no facial-recognition capability has been offered to users and no decision has been made regarding its implementation in the future. 

The company will not construct a centralized facial-recognition database, he asserted, and stated that any eventual deployment would be disclosed in a clear manner. Andy Stone echoed this position, arguing that characterization of the technology as covertly released is misleading regarding both its purpose and status at present. Despite this, the episode illustrates the tension between rapidly advancing AI-powered wearable capabilities and the security expectations associated with technologies designed to process highly sensitive biometric data. 

There was further intensification in the debate when the Threat Lab of the Electronic Frontier Foundation confirmed certain aspects of the earlier findings and noted that Meta only removed the code related to facial recognition once the issue gained significant public attention. The organization cautioned, however, that deletion does not necessarily indicate an end to development efforts. 

In the course of investigating Meta, it was discovered that there appeared to be an apparent connection between Meta and the biometric technology provider Rank One Computing, a provider of facial recognition solutions for the United States Army and the U.S. Rank One's technology has been linked to Meta AI, the application used in conjunction with the company's smart glass ecosystem according to the report. 

According to the report, the contract permitted access to advanced biometric features, including facial recognition and liveness detection systems. These systems are designed to distinguish a real individual from a photograph, mask, or other spoofing attempt. Researchers expressed concern about the narrow technological gap between government-grade surveillance platforms and consumer-facing wearable devices, arguing that the gap is narrowing rapidly. 

A number of public clarifications regarding the reported partnership have not been made by either company Rank One Computing reportedly declined to respond, while Meta maintains that no consumer-facing facial-recognition features have been released and no final product decision has been reached. 

Additionally, Meta did not confirm if third-party biometric engines with military-grade accuracy are being evaluated for future wearable products. Nonetheless, the revelations have renewed discussion about Meta's long and often controversial history with facial recognition. It was due to years of regulatory pressure that the company dismantled its large-scale facial recognition infrastructure on Facebook in 2021, despite hundreds of millions of users opting into the system previously. 

Recently, Meta settled a lawsuit over allegations relating to the collection of biometric data for $1.4 billion. It was reported earlier this year that Meta had explored ways to use information related to its social media ecosystem to identify individuals using smart glasses. Further concerns have been raised about the integration of biometric intelligence into future consumer products. 

The issue of privacy and cybersecurity goes beyond the release of a single product or feature. Through the transformation of a person's face into a persistent digital credential that can be stored, matched, and analyzed, facial recognition systems fundamentally alter the balance between anonymity and identification in public spaces. 

A number of advocacy organizations have argued that such technologies are disproportionately damaging to marginalized groups, contribute to misidentification, and create avenues for unauthorized surveillance. The security threat associated with biometric identifiers is that, unlike passwords, they cannot simply be changed once they have been exposed. 

The evolution of smart glasses into platforms combining cameras, microphones, artificial intelligence, and biometric processing is increasingly challenging regulators, technologists, and consumers alike. There is the question as to whether privacy safeguards can keep pace with the capabilities being built into the next generation of wearable computing devices. 

A growing number of wearable devices can collect, analyze, and interpret real-world data, thereby expanding the debate from what a wearable device can achieve to how it should be utilized responsibly. In Meta's facial-recognition prototype, questions arise that illustrate an underlying cybersecurity and privacy challenge faced by the industry: ensuring that innovation relating to biometric data is accompanied by transparency, accountability, and meaningful user protections. 

Organizations and consumers should take note that features involving identity recognition should be carefully scrutinized, particularly as the lines between convenience, surveillance, and privacy become increasingly blurred.
Read more »
Technology
cloud storage security End-to-End Encryption Google Drive encryption Google Drive privacy Google Drive security Technology

Why Privacy-Conscious Users Should Think Twice Before Storing Sensitive Files on Google Drive

 

Google Drive has become an essential tool for millions of users worldwide. Whether it's storing contacts, backing up WhatsApp chats, or saving photos, videos, and important documents, the platform serves as a central hub for digital storage. Its deep integration with Google's ecosystem makes it a convenient choice for Android and Gmail users alike.

However, while Google Drive offers robust security against cyber threats, questions remain about whether it is the best place to store highly sensitive personal information. Documents such as passport scans, banking records, legal contracts, and tax returns may require an additional layer of protection beyond what the service provides by default.

From a security standpoint, Google Drive employs industry-standard safeguards. Data is encrypted while being transferred using TLS protocols, and files stored on Google's servers are protected with AES-128 encryption. Users can further strengthen account security through features like passkeys and two-factor authentication.

The key concern, however, lies in how the encryption system works. Unlike services that provide end-to-end encryption, Google retains control of the encryption keys used to access stored files. This means the company has the technical ability to decrypt and view user data when necessary.

"When you upload a file, Google encrypts it with a unique data encryption key, then encrypts that key with another key it controls, and stores both on its servers. To read the file, Google's systems unwrap the keys on the fly. With true end-to-end encryption, only your device holds the key, so even the service provider sees nothing but scrambled bytes. Google's setup doesn't meet that bar."

As a result, while hackers and unauthorized third parties face significant barriers in accessing files, Google itself can access stored content. Additionally, government agencies or courts may compel the company to share user data through legal processes because Google possesses the necessary decryption keys.

Another privacy consideration is automated content scanning. Google uses systems that review files for policy enforcement purposes, including identifying known illegal content and potential violations of its terms of service. Although the company states that Drive content is not used for advertising purposes, automated systems can sometimes generate false positives, potentially leading to account restrictions or suspensions.

Artificial intelligence is also expanding Google's access to stored data. As Gemini becomes more deeply integrated into Workspace products, it requires permission to analyze files in order to generate summaries and provide contextual assistance. While Google maintains that Drive files are not used to train its general AI models, some privacy advocates argue that increased AI integration broadens the potential exposure of personal information.

"This doesn't mean Google is malicious or will snoop on you. It means the threat model is different from what most people assume. You're not just trusting Google to fend off hackers; you're trusting it never to read, mishandle, or be compelled to share your data."

For users seeking stronger privacy protections, encrypting files before uploading them to Google Drive is often recommended. Applications such as Cryptomator allow users to create encrypted vaults on their devices, ensuring that files remain unreadable to Google. VeraCrypt is another option that enables users to create secure encrypted containers that can be synced to cloud storage services.

Those looking for built-in privacy protections may consider alternative platforms. Services such as Proton Drive, Tresorit, and Sync.com offer end-to-end encryption, ensuring that providers cannot access the contents of user files because they do not possess the decryption keys.

There are trade-offs, however. End-to-end encrypted files often cannot be searched by content, previewed in a browser, or edited collaboratively in the same way as standard cloud storage files. Additionally, users are solely responsible for managing recovery credentials, meaning forgotten passwords may result in permanent loss of access.

For particularly sensitive documents, some users may choose to avoid cloud storage altogether. External hard drives or self-hosted solutions such as Nextcloud can provide greater control over personal data while reducing dependence on third-party providers.

Despite these concerns, Google Drive remains a secure and practical solution for everyday storage needs, including photos, shared documents, and routine work files. The issue is less about security and more about privacy.

"The privacy story shifts when you start storing things that would hurt to lose to a stranger, a Google reviewer, or a court order. For those files, the answer isn't to abandon Drive but to stop treating it as a vault. Encrypt sensitive documents before you upload, or move them to a service that can't read them at all. The few minutes of friction are worth knowing that the most personal pieces of your life aren't sitting on a server with someone else's keys."

For privacy-focused users, the best approach may be to continue using Google Drive for convenience while reserving encrypted storage solutions for highly confidential files.

Read more »
Technology
AI Claude Crypto Data Malware Attack Technology

Hackers Exploit Fake Claude Code Installers and Install Malware


Developers looking into Claude Code deployment instructions could be lured into an advanced malware campaign that hides itself as a genuine AI tooling documentation. 

Fake Claude code exploit

Experts found a few fake Claude Code and developer platform websites built to steal credentials, cryptocurrency, and API keys.

According to Straiker researchers, “the attack chain runs on the same unchecked trust that makes AI developer tools so easy to adopt.  “You copy a command. You paste it in your terminal. By then, it’s already too late,” said Straiker researchers in their analysis of the campaign. 

Highlights of the fake Claude code campaign 

1. Experts found over 88 fake domains mimicking Claude Code and other developer sites. The campaign utilises SEO infection and Google ads to deploy malicious install web pages over genuine documentation.

2. Threat actors hide infected commands within genuine installation commands, without impacting the deployment process.

3. The malware particularly attacks AI-based assets such as cloud development credentials, API keys, and verification tokens.

About the credential theft campaign 

The campaign attacked users of famous AI and developer tools, such as Claude Code, JetBrains, Perplexity Comet, and Cline. 

As per the experts, the operation depends on over 88 domains hosted throughout genuine platforms and constantly shuffles infrastructure, letting malicious sites to immediately resurface after shutdowns. To trap targets, threat actors use redirect chains, SEO poisoning and paid Google ads that place scammed installations over genuine documentation in search results.

These websites closely impersonate genuine vendor resources and demonstrate installation commands that look genuine but include hidden separators, such as “&,” that launch malicious actions along with the expected software deployment.

In various incidents, the genuine command still runs effectively, helping hide the hack.

Delivery of malware and launch tactics

Experts found various delivery techniques, such as rundll32.exe loading infected DLLs, Base64-encoded commands, mshta.exe abuse, JavaScript-based payloads, and GitHub-hosted scripts. 

By such techniques, hackers improve their potential to escape convention detection tools. Contrary to infostealers, the campaign pick on AI assets like authentication tokens, API Key, and cloud development credentials from tools such as Continue[.]dev, Cline. 

After execution, the malware uses a multi-level malicious chain that features encoded C2 communications, anti-analysis capabilities, fileless execution tactics, and credential theft functions.

Experts found the primary payload as ACRStealer, a malware family that steals information and has developed to include sophisticated encryption and escape tactics. Experts also identified a cryptocurrency clipboard hacker that rediverts transactions by replacing copied wallet addresses.

Read more »
Technology
AI ai agents Computing Microsoft Technology

Microsoft Unveils Project Solara, AI Agents to Replace Computing


Satya Nadella, Microsoft CEO, said computing has entered a new era where AI agents will take over to become the main interface, not applications or operating systems. 

Microsoft launches project Solara

Microsoft also released Project Solara, a Qualcomm powered platform built to support Agentic-AI devices that can work across apps, screens, and workflows. According to Microsoft, the next era of computing will not be characterized by such things. 

At the Microsoft Build 2026 developer conference, Nadella said that Microsoft is shifting from a world based on apps and devices to one where AI agents will dominate the main interface between computers and users.

Nadella said this while Microsoft showcased Project Solara, a new chip-to-cloud platform built in partnership with Qualcomm which is currently called “agent-first computing”. Microsoft said that agentic AI is developing beyond assistants integrated inside applications and will streamline operations across workflows. This may impact the future of computer usage. 

Project Solara is based on the company’s belief that agentic AI will become the key technology for people to interact. Instead of running apps individually and  tasks manually, users will use AI agents.

About Project Solara

It is a chip-to-cloud platform that integrates Azure cloud services, hardware, and software to enable agent-first usage. It will also allow people to interact dynamically with AI via specific form factors. Solara is built around the goal that AI agents are the latest unit of programming and a novel way for people to interact with computers.

In a research paper published around the same time, Microsoft said that computing has shifted from mainframes to PCs, smartphones, and IoTs. 

Each generation inches closer to users. AI agents will become the next interaction layer, letting people interact with computers via natural language instead of interfaces, menus, and navigating apps.

How will the AI agents replace apps?

Microsoft laid three levels of integrating AI. 

In the first stage, AI is put beside an app as a helper, like the LLM chatbots of today. 

In the second level, AI is directly integrated inside apps, which makes it central to user experience. 

In the third level, AI operates outside the individual apps, streamlining workflows while maintaining context. Solara is particularly built for the third stage.
Read more »
Technology
AI Cloud Data Deepfakes Phishing Technology

Cyber Security: Six Cyber Threats to Look Out for in 2026


With industries being digitized, cybercrime is also advancing. This year, besides being opportunistic, threats have also become highly targeted, intelligent, and automated. 

The data comes from UK Government’s Cyber Security Breaches Survey 2025, which hints that 43% of businesses and 30% of charities listed an attack or a cyber breach or attack in the past 12 months. That’s a surprising 61,000 charities and 612,000 businesses impacted. 

Despite the data, businesses can lower their risk of cyber threats. But it is important to understand these key risks to stay safe and prepare for the next danger.

Six rising common cyber threats

1. Deepfakes: Deepfakes have shifted from niche technology to a major threat. Hackers nowadays use AI-generated audio and media to mimic organization staff. This can be risky in procurement or finance, where hackers push staff to send funds, share personal data, or approve finances, where the hackers pose as business leaders.

2. Supply-chain attacks: Instead of targeting organizations directly, hackers are targeting third-party vendors to get access to various firms at once via supply-chain attacks. The attack tactic abuses trust and internal security sometimes may not address all the threats in the supply chain. One hacked vendor can prompt a domino effect throughout hundreds of businesses. 

3. AI-powered phishing hacks: Phishing is one of the most common attacks in the past 12 months, and the tactic has changed significantly over the years. Most of the phishing attacks today are supported by AI tools and hackers are copying internal comms.

4. Credential stuffing attack: Weak passwords are the biggest reasons for hacks these days. In such attacks, hackers use stolen login credentials from past hacks and test them automatically across distinct platforms.

5. IoT and device flaws: As IoT is increasing, the hack surface also widens. Many devices such as sensors, cameras and industrial machinery still have limitations. Hackers abuse these flaws to access larger corporate networks. Traditional cyber security methods tend to ignore these flaws, and this has resulted in a significant risk.

6. Cloud errors: A simple thing such as exposed storage bucket or false access setting can expose sensitive data publicly accessible. These cases don’t get hacked as the information is unprotected. Currently, cloud storage environments are advanced, and building robust configuration hygiene has become a top critical priority.

Read more »
Technology
AI Akira Convention Center Data Ransomware Technology

Akira Gang Claims Ransomware Attack at Convention Center, Extorts $250 Million


Akira gang extorts $250 million

Akira, the infamous ransomware gang has extorted over $250 million from businesses globally. It is now blackmailing to leak 46 GBs of data allegedly extorted from the Buffalo Convention Center. The stolen data includes financial information, contracts, employee records, and private data linked to around 1,80,000 people.

What do the experts say?

Resilience director at Gate 15, Ben Taylor has warned that ransomware gangs often boast the amount of data stolen. The alleged figure of 1,80,00 impacted people suggests data retrieved via a third-party provider, exaggerated claims to extort victims, or direct breach of venue systems. 

The dark web monitoring firm Breach Sense verified the Buffalo Convention Center data breach. The FBI has classified Akira as a ransomware-as-a-service gang that extorted over $250 million from hundreds of businesses since 2023.

Convention centres have become a lucrative target for hackers

Convention centers, which increasingly act as repository for guest registrations, exhibitor information, payment data, contracts, and operational systems, are facing an escalating cybersecurity issue as a result of the alleged incident.

Ransomware gangs claim that they have gained access to a company in order to obtain leverage for a swift and simple payment. According to Taylor, there are situations in which these assertions are true and some that are not.

Ransomware as double extortion

Additionally, the attack illustrates how contemporary ransomware operations have evolved. "Double extortion" is a common method used by organizations such as Akira. Before encrypting networks, they take confidential files and threaten to reveal the information if payment is not received.

According to Taylor, developments in AI are intensifying the problem by making it simpler to scale and customize phishing campaigns and other cybercrime tactics.

About the victims

Buffalo Convention Center was not the only enterprise to suffer a ransomware attack. 

High-case hospital hacks showcase the operational effect of a ransomware attack. According to MGM Resorts, in 2023, a cyberattack leaked personal data linked to millions of guests and impacted hotel operations for days. Another famous enterprise, Caesars Entertainment was also breached and allegedly paid $15 million in ransom to hackers.

The dangers go beyond convention centers. In April, Carnival Corporation was attacked by a gang that claims to have stolen over 8.7 million records such as dates of birth, names, and other personal data. 

Read more »
Technology
AI In Manufacturing AI Robotics automotive technology Factory Automation Humanoid Robots Industrial Automation Physical AI Smart Manufacturing Technology

BMW advances humanoid robotics in vehicle production, testing AI-powered automation designed to improve efficiency and factory flexibility


 

In response to the increasing efforts of automotive manufacturers to modernize factory processes, BMW is exploring an innovative approach to industrial automation that goes beyond conventional robotics. As part of its Leipzig facility, the company is testing humanoid robots developed by Hexagon Robotics, signaling a shift toward machines designed to work within existing production environments rather than require a separate infrastructure. 

The human-shaped robotic system has differences from traditional robotic arms in that it is able to maneuver factory floors, interact with standard workstations, and perform tasks along with workers. The technology is expected to be deployed by BMW later this summer, as the company anticipates a practical step towards more flexible, scalable, and digitally integrated manufacturing in which humanoids will perform repetitive physical tasks while adapting to production workflows previously designed for humans. 

AEON, the humanoid platform developed by Swiss technology company Hexagon Robotics and specifically designed for industrial environments, is at the core of BMW's latest initiative. Its height is approximately 1.65 meters and its weight is 60 kilograms. Aside from offering human-like mobility, the robot also has practical manufacturing capabilities, such as the ability to handle loads up to 15 kilograms for short-term tasks and 8 kilograms when operated continuously. 

A number of strategic areas within the automotive sector will require new production requirements as a result of vehicle electrification, including high-voltage battery assembly and component manufacturing. Despite the widespread application of advanced robotics in automobile manufacturing since the 1940s, BMW's objective goes beyond traditional automation by incorporating automated welding cells, guided transport systems, and digital quality control technologies. 

In order to improve the safety and efficiency of manufacturing operations, the company is testing AI-enabled humanoid systems that are capable of performing repetitive, physically demanding, and safety-sensitive tasks within existing production environments without the need for significant changes to existing factory layouts. 

Earlier pilot programs at BMW's Spartanburg plant have already provided valuable insights into the project, enhancing the group's strategy to enhance manufacturing efficiency and competitiveness by combining engineering expertise, artificial intelligence, and production digitalization. The BMW Group has established a Center of Competence for Physical AI in Production to accelerate adoption of emerging technologies. 

The validation process includes laboratory testing, integration assessments, and live factory deployments prior to implementing full-scale pilot programs. In collaboration with Hexagon, a longstanding BMW collaborator in sensor technologies and industrial software, this framework is now being applied to the Leipzig rollout, which is currently underway. 

After an initial test deployment in December, as well as expanded evaluations beginning in April, the project has entered its pilot phase. AEON will be evaluated during the summer of Europe in real-life production conditions. A multi-grip mechanism, scanning tool, and wheeled mobility systems have been incorporated into the robot's architecture to enable it to move across factory floors while adapting to a wide range of manufacturing tasks. 

Additionally, the initiative is based upon lessons learned from BMW’s collaboration with Figure AI at Spartanburg Plant, where the Figure 02 humanoid robot was instrumental in producing more than 30,000 BMW X3 vehicles over a ten-month period. Over 90,000 component-handling actions were completed over a period of approximately ten months, and approximately 1,250 operating hours were accumulated, demonstrating the system's ability to perform precision-intensive welding preparation tasks with millimeter-level accuracy over a period of approximately ten-hour shifts daily. 

A key finding of BMW's study was the rapid transition of laboratory-trained motion sequences into stable production processes, demonstrating the maturing nature of physical artificial intelligence. The company is currently evaluating next-generation humanoid platforms, and believes that these deployments are not intended to replace existing automation, but rather to add another layer of intelligence to future vehicle production lines that will expand operational flexibility. 

In addition to testing the hardware itself, BMW is also experimenting with how humanoid robots can acquire industrial skills through their experiments. A combination of teleoperation and advanced simulation technologies has been used to train AEON, which utilizes sensors that capture human motion along with a digital twin of the factory environment powered by NVIDIA software to analyze human motion data.

Through reinforcement learning, the robot repeatedly performs tasks in a virtual production model, which allows it to evaluate thousands of possible actions before it can operate on the factory floor to determine the most efficient execution path. By using teleoperation, robots are able to observe and replicate subtle variations associated with human actions, such as grasping, carrying, and positioning components.

In this way, Hexagon Robotics asserts that emerging techniques such as imitation learning are accelerating the development process considerably, allowing robots to learn from videos and motion-tracking data rather than from lengthy programming and testing procedures alone. During the training process, the objective is to decrease the length of time it takes to train machines to adapt to dynamic manufacturing environments from months to days. 

Experts are predicting that the technology will soon be able to handle routine industrial tasks independently, based on straightforward voice commands, although such capabilities are still being actively developed and are unlikely to be widely deployed anytime soon. A new generation of AEON robots has been designed with practical factory operations in mind. 

Although each unit can operate for approximately three hours on a single charge, the system can self-replace its battery within approximately three minutes, including travel to and from a charging station, ensuring that it is productive throughout extended manufacturing shifts. As part of BMW's battery assembly processes, robots are assigned highly specific responsibilities, including feeding components into manufacturing equipment, performing precision pick-and-place operations, and providing components for assembly. 

Designed as multifunctional platforms, they are expected to maintain consistent task assignments to ensure maximum operational effectiveness. The technology, according to executives at the company, helps manufacturers address anticipated labour shortages in the upcoming years by supporting workers in physically demanding or repetitive roles. 

A number of historical automation trends have been highlighted by BMW, arguing that technology has typically reshaped jobs rather than eradicating them, creating new opportunities and enhancing production capability. As the automotive industry moves in a similar direction, Toyota has evaluated Digit humanoid robots from Agility Robotics, while Xiaomi has tested its own humanoid systems for use in electric vehicles production. 

Through the deployment of Spot inspection robots and the announcement that Atlas humanoid robots will be introduced by Boston Dynamics, Hyundai has expanded its robotics strategy. As a result of BMW's own experience with the Figure 02 robot in Spartanburg, it became increasingly evident that AI-driven robotics can be highly effective for adaptive tasks. 

AI-enabled humanoid systems, as opposed to traditional industrial robots which frequently fail when objects deviate from predefined positions, are capable of interpreting changes in orientation or placement and continuing to operate without interruption. A major advantage of physical AI is its flexibility, which allows robots to be effective in real-world production environments in which variable conditions are inevitable. 

AEON's design philosophy is also important in determining how these machines are integrated into factory operations. In contrast to the walking Figure robot, AEON uses wheels to move, which BMW believes is more suitable for industrial environments in which speed, efficiency, and predictability are paramount over human-like locomotion. Moreover, the company has gained experience using specialized robotic platforms, such as Boston Dynamics' Spot robot, for inspections of areas that cannot be reached by conventional automated systems, such as stairways and basement machinery zones. It is also important to consider the human aspect during the inspection process. 

In BMW's report, employees have expressed satisfaction with the introduction of robotic colleagues, demonstrating a trend observed across industrial automation projects where workers often personalise machines and consider them a component of the operation team. As part of AEON's design, Hexagon has included a visual communication system that indicates whether the robot is currently performing a task or whether it is awaiting instructions, enabling a safer collaboration. 

Analysts in the industry continue to stress the importance of realistic expectations as enthusiasm for humanoid robotics grows. They point out that public demonstrations sometimes give the impression that capabilities are greater than current technical limitations. It is apparent that humanoid robots are becoming increasingly capable industrial tools; however, their near-term value rests largely on their ability to execute targeted manufacturing tasks along with human workers with consistency, adaptability, and precision. 

In an era of AI-driven transformation in automotive production, BMW's humanoid robotics initiative underscores how intelligent machines are evolving from experimental concepts into tangible industrial assets. In addition to focusing on physical AI, adaptive learning, and real-world deployments, the company is moving toward more flexible manufacturing ecosystems that are able to adapt to evolving production demands with greater agility. 

With the increasing integration of these technologies into the digital infrastructure, organizations will need to pay equal attention to operational resilience, system integrity, and AI governance. Whether autonomous industrial systems are to be successful long-term will be dependent not only on their ability to perform complex tasks, but also on safeguards that ensure that they operate safely, reliably, and securely alongside humans.
Read more »
UPI payments
digital payments India fintech India Revolut app Revolut beta launch Revolut India Technology UPI payments

Revolut Begins Limited Beta Rollout in India Ahead of Wider Launch

 

British fintech company Revolut has started introducing its services in India through a controlled beta rollout, taking a major step toward establishing its presence in one of the world's fastest-growing digital payments ecosystems.

Earlier this year, Revolut opened registrations for its India-focused app, and over the past few weeks, selected users from its waiting list have begun receiving access to the platform. The company confirmed that several thousand customers are already using its services as part of the early-stage rollout.

The move represents an important development in Revolut’s long-term strategy to enter the Indian market, where the government-backed Unified Payments Interface (UPI) has revolutionized digital transactions. UPI currently contributes nearly half of the world's real-time payment volumes and processed a record 23.2 billion transactions worth ₹29.9 trillion (approximately $313.8 billion) in May, according to government figures.

A Revolut spokesperson confirmed the company is currently “in the controlled onboarding of waitlisters” and noted that a localized beta version of the app is available on both the Google Play Store and Apple App Store.

“This is being done in order to gather feedback on core product functioning and enhance the overall customer experience and the value proposition before opening up the platform for a larger audience,” the spokesperson said.

At present, access is restricted to a limited portion of the nearly 450,000 users who have signed up for the waitlist.

Customers participating in the beta program can use a range of services, including UPI payments, e-money wallets, domestic prepaid cards, multi-currency cards, virtual cards, and disposable cards. The company also plans to introduce its Lifestyle and RevPoints features before extending access to a broader user base. However, family and joint accounts, available in some international markets, will not be introduced in India because such offerings require a banking license.

Revolut has been steadily building its India operations since 2021. To strengthen its local presence, the company appointed fintech veteran Paroma Chatterjee to oversee its India business. In 2022, it acquired Arvog Forex to expand its regulatory footprint and support services such as remittances and multi-currency accounts. The company later obtained a prepaid payment instrument (PPI) license from the Reserve Bank of India, enabling it to issue prepaid cards, operate digital wallets, and connect with the UPI network.

While Revolut has not disclosed a firm timeline for its nationwide launch, the company indicated that direct onboarding for all users is expected in the “near future.” Previously, Chatterjee had stated in a LinkedIn post that the company was targeting a full-scale launch during the second quarter.

The fintech giant is positioning itself to attract India's rapidly expanding population of digitally connected consumers. Revolut has previously outlined ambitions to serve over 150 million “globally aspiring, digitally native” Indians between the ages of 25 and 45. The company aims to onboard around 20 million users by 2030 and facilitate transactions exceeding $7 billion.

Interest in the platform has grown significantly ahead of the official launch. Data from Sensor Tower shared with TechCrunch estimates that Revolut’s app has been downloaded nearly 820,000 times in India since becoming available on app stores. More than one-third of those downloads occurred during 2025 and the early months of 2026.

Although Europe remains Revolut’s strongest region by app downloads, with major markets including France, the United Kingdom, Spain, Italy, and Germany, the company is increasingly focusing on emerging economies to drive future growth. Sensor Tower data indicates that app downloads increased by 40% in Thailand and 52% in Vietnam during 2025. In Brazil, downloads jumped 487% year-on-year to 1.8 million, underscoring the strategic importance of markets like India in Revolut’s global expansion plans.

Read more »
University of Toronto research
AI worm autonomous malware Cybersecurity Threats Large Language Models self-replicating worm Technology University of Toronto research

University of Toronto Researchers Demonstrate Autonomous AI Worm That Adapts, Exploits, and Self-Replicates Without Human Control

 

kResearchers from the University of Toronto have developed and tested a proof-of-concept artificial intelligence-powered computer worm capable of independently navigating networks, identifying vulnerabilities, creating customized attack plans, and replicating itself without human assistance. Notably, the system operates using a locally hosted open-weight large language model (LLM), eliminating reliance on commercial AI platforms.

The research paper, published on arXiv on June 2 and currently undergoing peer review, highlights a growing cybersecurity concern: traditional patching strategies focused on individual vulnerabilities may become ineffective against malware that can dynamically analyze systems, consume newly published security advisories, and generate attack methods in real time.

During testing, the AI worm was deployed in 15 isolated experiments across a purposely vulnerable network consisting of 33 hosts. On average, it discovered 31.3 vulnerabilities and obtained elevated privileges on 23.1 systems. The worm successfully replicated itself to 20.4 hosts, covering approximately 62% of the network over a seven-day period without prior knowledge of the network structure or any human guidance.

How This AI Worm Differs From Traditional Malware

Conventional worms are typically designed with predefined exploits. Once those vulnerabilities are patched, the malware's ability to spread is significantly reduced.

The Toronto researchers took a different approach. Their worm leverages an open-weight large language model running on a single GPU to create attack strategies on demand. Instead of depending on a fixed exploit chain, it generates tailored attack logic based on the characteristics of each target system. It also functions independently of commercial AI services, meaning it is not subject to API restrictions, rate limits, or account suspensions.

Inside the Experiment

The project was led by Associate Professor Nicolas Papernot and involved researchers from the University of Toronto, the Vector Institute, the University of Cambridge, and ServiceNow.

Testing took place on an isolated environment known as "FakeCorp," which consisted of 33 hosts running a variety of operating systems, including Ubuntu, Debian, Rocky Linux, Alpine Linux, Windows Server 2008 R2, Windows Server 2019, Windows Server 2022, and several IoT devices.

Every host contained at least one genuine vulnerability. Five machines were equipped with GPUs. During primary experiments, the worm used a shared GPU inference pool to emulate computational resources obtained from compromised systems. Researchers also tested full GPU-based replication, where the worm deployed its own LLM on an infected GPU machine. This approach achieved a success rate of 68.8%.

Under this architecture, compromised GPU systems acted as reasoning hubs, supplying AI inference capabilities to less powerful devices that could not run the model independently.

Across all 15 tests, the worm achieved elevated access on an average of 23.1 hosts and successfully replicated to 88% of those systems. The malware propagated through as many as seven generations, averaging 5.1 generations overall.

Researchers emphasized that the network was intentionally vulnerable and designed to evaluate autonomous reasoning and exploitation rather than represent a heavily secured enterprise environment.

Dynamic Exploitation of Multiple Vulnerabilities

The worm successfully leveraged a broad range of vulnerabilities, including SambaCry, Dirty Pipe, PrintNightmare, Drupalgeddon 2, Exim Remote Code Execution, blind SQL injection flaws, JWT authentication bypasses, Redis escapes, and others.

What makes these results notable is that the exploits were not hardcoded into the malware. Instead, the AI agent analyzed available information and independently determined suitable attack paths for each host.

According to the study, individual exploit attempts succeeded approximately 44% of the time. Most failures resulted from payload syntax issues rather than incorrect reasoning. Researchers observed stronger performance against Linux privilege-escalation and service vulnerabilities, while Windows privilege escalation and web application attacks proved more challenging.

Exploiting Newly Disclosed Vulnerabilities

A significant finding was the worm's ability to overcome its training-data limitations by consuming public vulnerability advisories in real time.

The system successfully exploited three vulnerabilities that were disclosed after the model's training period:

  • CVE-2026-39987, a pre-authentication remote code execution flaw affecting Marimo Python notebooks.
  • CVE-2026-31431 (CopyFail), a Linux kernel privilege-escalation vulnerability.
  • CVE-2026-43284 and CVE-2026-43500 (DirtyFrag), Linux kernel privilege-escalation flaws.

Across these targets, the worm achieved root-level access in 41 out of 67 attempts.

Researchers pointed to the increasingly narrow window between disclosure and exploitation. CVE-2026-39987, for example, was publicly disclosed on April 8, 2026. Security firm Sysdig reportedly observed exploitation activity less than ten hours later and documented an intrusion involving an LLM-based agent used during post-compromise operations.

Why Containment Becomes More Difficult

The researchers identified two key factors that could make AI-driven worms harder to contain than traditional malware.

First, operating costs shift from paid API access to the computational resources available on compromised machines. Once attackers gain access to GPU-capable systems, the malware can continue operating without incurring external service costs.

Second, the use of open-weight models removes dependency on AI vendors. As a result, provider-side safety controls such as service refusals, account suspensions, and rate limiting become ineffective.

The team also observed instances where the worm modified its own code to bypass local security measures, despite not being explicitly programmed to do so.

Importantly, the prototype lacked several advanced malware capabilities. It did not include encryption, persistence mechanisms, polymorphic code, process masquerading, or log-cleaning functions. Researchers noted that a malicious version incorporating these features would be significantly harder to detect.

Placing the Research in Context

While AI-powered worm research is not entirely new, the Toronto project represents a distinct advancement.

Earlier projects such as Morris II focused on spreading through AI applications and email assistants. In 2026, ClawWorm demonstrated self-replication across LLM agent ecosystems by compromising persistent configurations and spreading between agents.

The Toronto worm differs because it targets traditional network infrastructure rather than AI systems themselves. In this case, the large language model serves as the attack engine rather than the attack target.

The findings also align with broader industry observations. Security researchers have increasingly documented AI-assisted cyber operations involving reconnaissance, exploit development, credential theft, lateral movement, and data exfiltration.

Recommended Defensive Measures

Although the prototype lacked stealth capabilities, researchers identified several practical steps organizations can take to reduce risk:

Isolate GPU-enabled systems through strict segmentation and zero-trust controls to prevent them from becoming centralized AI reasoning hubs.
Treat newly disclosed vulnerabilities as high-priority risks and accelerate patching for internet-facing systems.
Immediately rotate credentials on compromised or potentially compromised devices to limit lateral movement.
Monitor for behavioral indicators such as unusual port activity, automated SSH key deployment, and unexpected AI inference workloads on endpoints.

The experiments demonstrated that the worm could gain root access on newly disclosed vulnerabilities in 41 out of 67 attempts and spread across 62% of a network within seven days without additional human involvement. Researchers warn that once an attacker establishes a GPU foothold in a poorly segmented environment, the cost of identifying and exploiting new targets decreases substantially.

The implementation has not been publicly released. The University of Toronto is currently establishing a vetting process through which qualified defensive researchers may request access to the system for further study.
Read more »
Subscribe to: Posts (Atom)