Feed aggregator

We have some very exciting news: Second lady Usha Vance is back for her second annual summer reading challenge! If you didn’t remember her first summer reading challenge, don’t worry—we don’t either. But Usha is here to pretend that she’s relevant and is totally doing things, you guys. “This year, we’re having a big rollout all over the country,” she bragged to ABC News when she…

Source

The startup's own stack for Africa and Middle East is now handling more than 17,000 calls per day.

Your customer service agent just wrote to a database it should have been reading from, and nobody told it to do so. Somewhere upstream, a poisoned support ticket had convinced the agent that the user was an admin, and being helpful, it obliged. This is the working day for anyone running autonomous AI in production. Prisma AIRS from Palo Alto Networks Networks sits in the middle of that traffic, inspecting tool calls and network flows rather than only the natural-language prompts on the surface, and catching the moment when an agent stops chatting and starts acting. Palo Alto Networks calls this shift "agents with hands" — models that can hit APIs, query databases, and execute tasks without a human in the loop. The convenience opens a lethal trifecta of private data access, exposure to untrusted content, and an outbound channel; none of these is dangerous in isolation, but combined they describe the route by which data quietly leaves your network. Multi-agent setups compound the problem, because east-west traffic between agents means a hallucination in one place can ripple through the entire chain. Standardized connectors offer no defense here: protocols like MCP describe how an agent talks to a tool, but say nothing about whether the request is legitimate in the first place. The named attacks grow more creative by the week. Memory poisoning, for instance, plants instructions that an agent learns and executes weeks later, while "confused deputy" attacks trick a read-only agent into writing. Rugpulls are nastier still: a tool that has worked reliably for months — long enough to earn trust — one day begins quietly siphoning data, after the organization has come to depend on it. None of these are theoretical, and all of them slip past keyword-based guardrails. Amazon Bedrock Guardrails and similar text filters work well enough for governance and content safety, but they will not catch SQL injection buried inside a tool payload, nor will they contain the dynamic reasoning of an autonomous agent. Prisma AIRS is built to take a second pass, watching the payloads themselves and killing connections when an agent suddenly demands admin privileges. The same approach blocks memory-poisoning attempts and tool-schema extraction before the malicious instruction ever lands. Genuine protection in an agentic AI environment depends on knowing where to look for hidden risks. Shadow agents accumulate inside any reasonably sized estate, inactive identities cling to permissions long after the projects that required them have shipped, and east-west traffic that historically passed unobserved through enterprise datacenters now demands scrutiny. Discovering those exposures before an attacker does requires a new generation of tooling. Agentic AI is moving quickly while the threat models that should constrain it are still being written. The sensible response is to treat the security layer the way you treated network security in 2010 — assume the perimeter is already inside, and watch what the agents do rather than only what they say. Sponsored by Palo Alto Networks.

The company is reducing its workforce as it exits 22 countries, reduces management layers, and invests in its infrastructure to scale its platform.

U.K. regulators are requiring Google offer a tool allowing website publishers to opt-out of generative AI search features. The option will be tested in the U.K. then rolled out globally.

The Simpsons will surely outlive us all. The series made its debut back in 1989 and is still going strong with a four season renewal back in 2025. That means the adventures of Homer, Bart, Lisa, Marge, and all our other Springfield faves aren’t going to end any time soon. And you know what? There’s something really comforting about that in a world where many shows can barely get a second or third season. The Simpsons creator Matt Groening is an animation legend hailing from Portland, and it turns out many characters are named after his hometown streets. Name Explain/YouTube/Disney+

This is probably something that mega fans already knew about the show. But, it is still a cool fact that many are discovering for the first time, thanks to videos like this one from the Name Explain YouTube channel.

There are several streets in Portland that inspired the names of The Simpsons characters, like Flanders, Quimby, and Lovejoy. And Groening lived on Evergreen Terrace, which is also the street that the infamous Simpson family house is located on. We love it. 

RELATED ARTICLE

CRITICAL ROLE Meets THE SIMPSONS to Form Bart the Bard 

In case you are wondering, the names of the Simpson family come from Matt Groening’s own large family. His mother was Margaret (Marge) and his father Homer. He has sisters named Maggie and Lisa. Bart’s name is actually an anagram of the word brat, which is very fitting considering his chaotic behavior. If all of this is making you want to watch The Simpsons, you can find all the episodes on Disney+.

The post These THE SIMPSONS’ Characters Are Named After Portland Streets appeared first on Nerdist.

Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with the way the company handles security reports. Ammar Askar dropped a proof of concept (PoC) exploit for a Visual Studio Code (VS Code) flaw within just an hour of disclosing it to “an old contact” at the open source platform, according to his account of things. The vulnerability he exposed involves attackers configuring repos, either of their own making or those they have compromised separately, to push malicious VS Code extensions via its Workspace Recommendations feature, which then steal OAuth tokens they can then use to read/write public and private GitHub repos. It affects anyone who has ever used github.dev, a feature that allows users to open a GitHub repo in a browser-based version of VS Code. Askar said that the feature is enabled by github.com passing an OAuth token over to github.dev and, crucially, this token is not limited to the repo from which github.dev was spun up. It means that this token can hand an attacker access to any other repo – public or private – to which the target also has access. The exploit is contingent on an attacker being able to modify a repo’s .vscode/extensions.json file and recommending an attacker-controlled extension for the browser-based VS Code instance. In normal scenarios, a pop-up would appear asking for a user to accept the installation of this extension, potentially tipping them off to foul play. However, because of the way in which the attacker delivers the repo to the target, they already have a Jupyter Notebook file running in the target’s github.dev before the extension is installed. The attacker must initially get the target to open their repo using a github.dev link that points to this ipynb file, which VS Code immediately opens inside a Webview. Inside the Jupyter Notebook is a hidden HTML snippet inside a Markdown cell, which when loaded allows attacker-controlled JavaScript code to run. This code fires a simulated keyboard shortcut, which VS Code bubbles up to the main editor, tricking the system into automatically accepting the malicious extension popup. The attaker-controlled extension is then running with access to the browser environment, and steals the OAuth token, which can be used to read and change any public or private repo. Askar said past negative experiences with Microsoft Security Response Center (MSRC) influenced his decision not to go through the typical responsible disclosure process, publishing the PoC roughly an hour after tipping off his GitHub contact. “To summarize the last time I interacted with MSRC regarding reporting a VSCode bug, it was a horrible experience where they silently fixed the bug I pointed out without any credit,” he wrote. “They also marked it as not having any security impact. As I mentioned in that post, going forward I would be doing full public disclosure for any security bugs I found in VSCode. Taking a look at a recent report by Starlabs on a VSCode XSS bug marked as ineligible and low severity, it doesn’t look like MSRC has gotten any better about VSCode bugs. “I’m sure the VSCode team would have appreciated a longer heads up on this to come up with solutions. There is legitimately a UI/UX balance here that needs to be struck with the security concerns. To those folks, I am sorry, but this is one of the few levers I have to try to influence MSRC and the security posture of VSCode. Finding and fully developing security bugs into proof-of-concepts like this takes time and effort on the part of security researchers that should not be disrespected or taken for granted.” Askar’s approach is reminiscent of a researcher who goes by Nightmare Eclipse, a suspected former Microsoft employee who has attracted a great deal of attention in recent weeks for leaking zero-days without informing Microsoft beforehand. The researcher has so far released six zero-days, three of which were quickly confirmed to be exploited by attackers in the wild. As regards their motivation for launching this attack on Microsoft, Nightmare Eclipse previously alluded to being stabbed in the back and being left homeless after an agreement that was not honored – all very vague. After the sixth zero-day, Microsoft vaguely threatened the researcher with its Digital Crimes Unit, which works closely with law enforcement, before quickly backing down after an outpouring of negative responses. The Register approached Microsoft for more information. ®

The app allows users to engage with other fans, explore trending videos, and access curated creator feeds.

From a massive DOGE data breach and the hacking of critical energy and water systems to the hack of an FBI surveillance system, here are the most damaging security incidents and data breaches of 2026.

This open-source community project lets you create a StumbleUpon-like experience for recommending your favorite sites.

WhatsApp will charge businesses for using its AI agent based on token usage

Microsoft’s Build event is under way in San Francisco, USA, with the expected focus on agentic AI but also a few surprises, such as Unix-style Coreutils for Windows. CEO Satya Nadella presented Project Solara, based on future devices which "are not meant to run traditional apps. They are designed for agents," according to applied science group leader Steven Bathiche; it is as much aspiration than specific plans and whether it is dream or nightmare is open to question. That AI will be embedded into both Windows and Microsoft cloud services is beyond doubt though. Peter Steinberger came on stage to introduce OpenClaw for Windows, talking up guardrails added to this AI agent project to make it safer for business use. This includes integration with MXC (Microsoft Execution Containers), newly introduced at Build, which is a sandboxed code execution system for Windows, Linux and macOS. The technology behind MXC is multiple containment services including "ProcessContainer, Windows Sandbox, LXC, Bubblewrap, Seatbelt (macOS), MicroVM (NanVix), Hyperlight, IsolationSession, and WSLC" according to the docs, the idea being to run agents in isolated environments where unfortunate aspects of AI such as hallucination and prompt injection can do less damage. WSLC references Windows Subsystem for Linux Containers, soon to be in preview, which is a Docker-like command and API for running and managing Linux containers on Windows. Containers are GPU-enabled to assist performance of local AI. Nvidia will bring its OpenShell agent runtime to Windows, using MXC, and at build CEO Jensen Huang appeared in an videocall at the Build keynote to talk up the company’s Windows support. That support is evident in the Surface RTX Spark Dev Box, a forthcoming device for developers keen to get started on Windows AI coding. The Arm-based PC uses Nvidia’s RTX Spark chip, and promises 1,000 teraflops of compute with 20 CPU cores plus 128 GB of unified memory (meaning it is usable both by CPU and GPU). 1,000 air vents in a grid chassis keep it cool, and it is pre-configured for developer use. The price is not yet announced, nor is an availability date. "You can join the wait list. I’m on the wait list as well" said Nadella. At the 2022 Build, Microsoft also announced a Dev Kit device, but delays and short supply made it hard to get hold of, especially outside the USA. Kayla Cinnamon, AI dev tools advocate, demoed the Dev Box user interface noting "no news feed, no widgets, popping up no notifications" as one of the benefits. These are annoyances of out-of-the-box Windows and it looks like Microsoft is making some effort to make Windows less unpleasant for developers. A project called Windows Developer Config provides scripts to transform any Windows installation into “A PC devs actually want to use. Clean Explorer, dark theme, no pop-ups, no recommendations, no widgets. Just your code and your tools." We tried this on a 25H2 Windows PC and were rewarded with a string of errors "The configuration unit failed due to an internal error: -2146233079. The text associated with this error code could not be found." The concept looks good though and we hope for better results when the project has matured. GitHub has a mixed reputation currently, thanks to outages and security issues. Microsoft has now previewed GitHub Enterprise Local, based on the existing GitHub Enterprise Server but designed to run on Azure Local infrastructure and to run in either a connected or air-gapped environment. GitHub Actions run on self-hosted runners, and AI assistance remains possible through an on-premises inference layer called Foundry Local. Linux is getting attention at Build, and at the event Microsoft officially previewed Azure Linux 4.0, based on Fedora, noting: "Azure Linux already powers millions of cores across Azure's internal services, including AKS, Azure SQL, Azure Cosmos DB, and many others." Azure Linux will be an option for any Azure VM (virtual machine). Microsoft also said Azure Container Linux (ACL) is now generally available, the latest iteration of what was originally called Flatcar Container Linux. This is designed for minimal and container-optimized deployment. Windows developers can get a more Linux-like experience thanks to Coreutils for Windows which is a Microsoft-maintained single binary which implements many Unix-style utilities, assisting with portability of scripts as well as the annoyance of typing a command like ls in Windows and expecting it to work. A problem is that some commands conflict with existing commands in Windows or PowerShell. There are also issues with path separators (/ vs \) and line endings in text files, which differ between the two operating systems. Executive VP Windows and devices Pavan Divuluri has a write-up with more details on the Build news. ®

For the second time in three weeks, the Roberts Court on Tuesday night green-lit an Alabama congressional map that a lower court has repeatedly found intentionally discriminates against Black voters. The ruling is another stark example of how far the Supreme Court’s Republican-appointed majority will go to give their party additional seats in Congress and erase Black representation in the South.

Black voters comprise 27 percent of Alabama’s population, but, under a map put in place by Alabama Republicans after the justices’ Louisiana v. Callais decision that destroyed the Voting Rights Act, can expect to elect their candidate of choice in just one of the state’s seven congressional districts. Last week, after the Supreme Court told it to reexamine the case in light of Callais, a three-judge federal court panel with two Trump appointees blocked that map for November finding that the legislature’s refusal to draw a second majority-Black district despite a previous court order showed evidence of intentional discrimination against Black voters. “Ultimately, we cannot see our way clear to requiring Alabamians to cast their votes in the 2026 elections under a districting plan tainted by intentional race-based discrimination,” the judges wrote in a unanimous opinion.

The ruling is a stark example of how far the court’s Republican-appointed majority will go to give their party additional seats in Congress and erase Black representation.

But the Roberts Court overturned that ruling in a truly radical four-page unsigned opinion released late Tuesday night. The court’s conservative majority claimed that the lower court “did not heed the presumption of legislative good faith,” a standard it essentially made up two years ago to insulate GOP gerrymanders from racial gerrymandering claims. In fact, the lower court found that the Alabama legislature had clearly acted in bad faith by deliberating evading court orders to create a second majority-Black district.

The majority opinion also said the lower court had failed to follow the new standards it laid out in Callais for evaluating Voting Rights Act violations. “When Section 2 of the Act is properly interpreted, it imposes liability only when circumstances give rise to a strong inference that intentional discrimination occurred,” the court wrote in Callais. But such a finding of intentional discrimination is exactly what the lower court based its latest opinion on, determining that unconstitutional vote dilution had occurred in violation of the VRA and the Fourteenth Amendment, which the Callais decision didn’t even address.

Finally, the Roberts Court claimed that “the District Court interposed itself into Alabama’s ongoing efforts to conduct its imminent 2026 congressional elections,” even though it was the Supreme Court that reinstated Alabama’s map one week before the primaries, leading to widespread confusion and votes cast during early voting being tossed. “While federal courts should not impose changes close to an election, States are free to decide for themselves whether last-minute changes to an election are in their best interests,” the Supreme Court ruled. That rule will allow states to issue last-minute election changes that disenfranchise voters but leave federal courts powerless to stop them.

“In addition to being wrong on the merits, the Court’s decision inflicts two grave harms on the public,” Justice Sonia Sotomayor wrote in a dissenting opinion. “It debases the democratic process by upending Alabama’s entire election in the name of permitting Alabama to discriminate against Black Alabamians. It also corrodes the rule of law by rewarding Alabama’s gamesmanship and outright defiance of court orders.”

In the short term, the court’s conservative majority has gifted another seat to Republicans in the battle over control of the US House. But this case is bigger than just Alabama. Tuesday’s ruling provides even more evidence of how the Roberts Court has put their thumb on the scale of the midterms in unprecedented ways to benefit the GOP.

First, they issued the Callais opinion in late April—rather than June, as is customary for major rulings—to give Republican-controlled states just enough time to redraw their maps to take away Democratic seats. That allowed Southern states including Tennessee, Alabama, and Louisiana to pass new maps with alarming speed eliminating their Black representation in Congress.

Second, despite repeatedly claiming in the past that federal courts should not intervene in voting-related disputes in the middle of an election season, in Callais the court’s Republican appointees struck down the creation of a second-majority Black district in Louisiana just three weeks before the state’s primary, while mail voting was underway and 45,000 voters had already cast ballots. And instead of waiting the standard month to certify its decision, the court put Callais into effect immediately, allowing Republican Gov. Jeff Landry to suspend the state’s House primaries to give the legislature time to eliminate one of two majority-Black districts.

Third, just days after the court intervened on behalf of Louisiana Republicans, the conservative justices allowed Alabama to put in place a new Congressional map—the same map they again waved through Tuesday—eliminating one of the state’s majority-Black districts just one week before the primary, after mail voting had already begun.

On Tuesday, the court once again used its shadow docket to side with Alabama Republicans, overruling last week’s extensive lower court opinion with little explanation to hand the GOP another seat in November. With its repeated eleventh-hour interventions in favor of the Republican Party, the Roberts Court has weaponized its rulings to manufacture its preferred political outcomes, removing any doubt about how partisan it has become.

The latest Alabama ruling is stunning both in its timing, but also for its flagrant disregard of everything the court claimed it held in Callais. As my colleague Pema Levy and I have written, the court said in Callais that it was not overturning the 2023 Allen v. Milligan decision that led to the creation of a second majority-Black decision in Alabama. But it has effectively done just that on the shadow docket.

Similarly, the court ruled in Callais that districts can only be challenged under the Voting Rights Act if there is evidence of intentional discrimination by those passing the map—a nearly impossible standard. But the federal court panel in Alabama reexamined the case after Callais and found that evidence of intentional discrimination still dominated. “We do not lightly intrude in state affairs, but our previous review of the undisputed evidence left us in no doubt that Alabama’s legislatively enacted plan (the ‘2023 Plan’) intentionally discriminated based on race in violation of the Constitution,” the three-judge panel wrote. “Our re-examination in light of Callais yields the same conclusion.”

As we wrote last week, the three-judge panel took Callais at its word. But on Tuesday, the Supreme Court swept aside the lower court ruling without even grappling with those judges’ extensive findings, going even further than Callais to essentially suggest that that no amount of smoking gun evidence of racial discrimination will ever lead the court to strike down a map that benefits Republicans.

“The Supreme Court’s decision gives cover to Alabama and others to deliberately and openly discriminate against Black voters without fear of any consequence,” said Deuel Ross, Director of Litigation at the NAACP Legal Defense Fund. 

Chief Justice John Roberts may claim with a straight face that the justices are not “political actors,” but based on its actions over the past month alone, it’s difficult to escape the conclusion that the Roberts Court wants to do everything in its power to create a world in which there will be no Black House members from the South and where Democrats have no chance to retake control of Congress. Their end goal appears to be permanent white Republican minority rule.

As Sotomayor wrote, “After today, it is hard to call Alabama’s cynical gambit anything other than a success, and the Court’s rewarding of Alabama’s behavior anything other than a blow to the rule of law.”

The Series F round values Coralogix at $1.6 billion and comes less than a year after its previous raise.

By Alec MacGillis, data analysis by Ken B. Morales, for ProPublica Marianna Mitchem grew up in the Denver suburbs, where she played high school soccer. One day in April 1999, her team faced off against a nearby rival, Columbine High. The next day, two teenagers went on a shooting rampage at Columbine, killing more than a dozen people. The massacre left an imprint on Mitchem.

Source

The company said it's worked up a moderation system that uses a blend of AI and human input to moderate both visual and written content.