Though the Poco X8 Pro faces stiffer competition than ever, it’s still an easy recommendation for anyone after strong performance and fast charging at a less-than-premium price. It’s not the most powerful or polished phone around, but for the money, there’s enough here to keep it competitive – even if the Iron Man finish does it no favours.
Solid performance in virtually every situation
Gorgeous 120Hz AMOLED display for HDR gaming
Good enough camera in good conditions
Noticable background battery drain
Iron Man stylings are lackluster
Fair bit of pre-installed bloat
Review Price:
£349
Dimensity 8500-Ultra SoC
Matched with the Mali-G720, GPU, this 3.4Ghz chipset can handle the most demanding games and everyday tasks with ease.
6500mAh battery with 100W charging
Ultra-fast 100W charging from compatible power plugs lets you max out the massive battery in just over an hour.
3D dual-layer IceLoop cooling system
The 5300mm² surface area cooling solution promises to chill the chipset by up to three degrees Celsius for to avoid throttling when gaming in humid areas.
As top-tier specs continue to trickle down into budget blowers, some of the long-standing bargain brands of the last ten years are still finding ways to stay firmly in the middle. For Xiaomi’s Poco brand, that’s the Poco X8 Pro line. It’s easy to see where the inspiration lies with this one.
With the Poco X8 Pro, we’re specifically looking at the Iron Man variant. It isn’t the first time a Poco handset has been adorned with Marvel graphics. But don’t let Tony Stark’s billion-dollar projects fool you: this isn’t a cutting-edge device.
Instead, it’s a solid performer for the cost, just with a frankly hideous interface that’s closer in appeal to the sort you’ll find in an after-market theme shop app than anything you’ll have seen in a Marvel movie. The best-looking part of this phone is its themed packaging. So it’s a good thing everything else functions well enough.
The Poco X8 Pro Iron Man sits well in the hand. It’s a comfortable device with just enough material-lending heft to feel premium without being uncomfortable. Generously rounded along each corner and with a stainless steel frame, it reminded me a lot of the first phone I decided to pony up a pretty penny for – a Nokia Lumia I lost on a press trip in Stockholm too long ago.
Along the suitably smooth outer edges are a single-piece volume rocker, a separate power button, a down-firing speaker, a super-speedy USB-C port, and plenty of microphones to make calls feel as clear as they reasonably need to be. Given the choice of materials here, the Poco X8 Pro is a solid device, with IP68 dust and water resistance, and a cool, smooth feel.
Unless you opt for the Iron Man look, you’ll be getting a flagship-style appearance in some appealing colours. Whether that’s what you want in a £349 device is up to you. I’m partial to how Motorola helps its budget blowers stand out with unique vegan leather looks, but the Iron Man version of the Poco X8 Pro sadly looks like a cheap sticker on a printed plastic back.
A tight screen-to-body ratio means the Poco X8 Pro’s curves create a display that’s pleasing to the eye – a full-screen look that would have cost a premium a few years back. The 120Hz AMOLED display clocks in at a sharp-enough 1.5k resolution, getting more than bright enough to stand against piercing outdoor glare and helping the AMOLED display show off its glossy colours.
Poco’s standing with streaming giants means you’ll struggle to put that high brightness to use with HDR content outside of your own photos and some games. Still, if you can find supported content, there’s HDR10+ capabilities and Dolby Vision certification to make use of.
Auto-HDR wizardry can offer a sample of bright, bold colours and tight contrast in games, too, but you’ll be banking on the nature of AMOLED to work its own magic on streamed content for the most part.
For gamers – of which Poco tends to attract many – there are some solid features here, too. The 480Hz touch sampling should already ensure your slides and taps register at rocket speed, but you can crank this all the way to 2560Hz through Game Turbo Mode just to be sure.
Similarly, the Wet Touch display 2.0 claim works well to stop a little splash or a drop of rain from making general use difficult, so it should work to offset any misplays in tense, sweaty conditions, too.
What is a shame, though, is its lack of adaptive refresh rates. Though you can set 120Hz to kick in only on specific apps, it can’t slow to 24Hz for an optimal movie-viewing experience, and it certainly can’t drop to 1Hz for comfortable, battery-efficient reading. It’s all go all the time.
With the Poco line initially gaining traction as one good for gaming at half the price of competing products, it isn’t surprising to see the Poco spec sheet rife with chatter about ‘revolutionary performance,’ various ‘boost’ features, and cooling tech with embellished titles.
In practice, the Poco X8 Pro is a powerful device for just £349, sporting a high-end (if not proper flagship) MediaTek Dimensity 8500 Ultra chipset and ample 12GB of RAM that leaves most phones at the price point in the dust.
Given its dominance in regions like India, where the go-to games are far from bleeding-edge gacha titles and console ports, the Poco X8 Pro maintains rock-solid frame rates, imperceivable input lag, and crams just enough passive cooling tech in there to keep gamers snagging chicken dinners in low-fidelity esports titles in the heat.
In fast-paced, graphically intense combat titles that push the boundaries of mobile chipsets, a solid 60fps is easily attainable at the highest settings. Zenless Zone Zero, we’re looking at you. In general use, the situation is much the same – solid, stable, and snappy. Flicking between apps and drawers is like butter. Your Chrome tab hoarding won’t phase this one.
To put things into numbers, our typical Geekbench 6 benchmark came back with a single-core result of 1724, with multicore clocking in at 6614. The Mali-G720 GPU returned an impressive score of 12,549 there, too, translating to a 24fps average in 3DMark Wildlife Extreme and around 26fps in the lighting-heavy Solar Bay test, all of which align with the premium, but not quite top-end, chipset on offer.
The stress test showed barely any change in performance as the temperature slowly rose before plateauing at 38°C in 20°C ambient room temperatures. Now, that’s obviously not a good enough test for a cooler designed to keep you gaming in arid conditions, but proof enough that it can hold its own.
Overall, it’s a decent improvement over last year’s Poco X7 Pro, but probably not enough to justify an upgrade.
Running Xiaomi HyperOS fork of Android 16, what you’re getting here is a fairly up-to-date handset. It’s worth noting that if you get the Iron Man Edition, you’ll also get a custom theme to enjoy.
You’ll find a few iconic bits of app bloat here, but they’re largely the big names: TikTok, Spotify, Facebook, Amazon Music, and the rest, which is honestly fascinating. But that doesn’t mean it’s bereft of the usual slew of basic waiting room games. Oh, and Mi/Poco-branded apps with infuriating full-screen startup ads.
You’ll have to dig through the search bar to uninstall them, but removing them from the dashboard sends things off in a nice little pop of a bubble – at least on our Iron Man-inspired review device. Is it an annoyance? Always. But at least Poco made cleaning things up a relatively satisfying experience.
You also get the admittedly handy Gemini AI assistant. Camera and Circle to Search features are all intact, and getting Google to voice what it sees through the camera is always a fun little party trick – a way for an older person to quickly read their mail without their glasses, or a great way to identify pretty foliage on a morning walk.
Dig through the settings, and you’ll find Poco’s own AI App Boost options. Beyond smart uses of sometimes scary technological buzzwords like auto-translate/transcribe and image sharpening, you’ll find options to turn photos into dynamic wallpapers and expand them with additional details.
Packing a 50MP Sony lens on the rear, the Poco X8 isn’t out of its depth when it comes to photography, either. As long as you keep your expectations in check.
Today’s chips and AI enhancements mean there’s enough computational gubbins here to grab some great shots with little effort. In the bright Spring sunshine around the Greek Isles, I had a great time capturing the rare snow-covered caps of Crete from Chania and photographing traffic jams.
The lack of a telephoto means you won’t be zooming in to shoot distant details in a hurry, but there’s enough detail here to pinch in to reframe shots. Again, within reason. The depth sensor pairs well with today’s processors to make portrait shots look particularly pleasing, too, with frankly fantastic edge detection in perfect conditions. The 8MP ultrawide helps to cram more detail into cramped scenes, too.
Where once a budget gaming blower meant sacrificing a half-decent snapper in your pocket, the sensor of the Poco X8 Pro could genuinely be a solid upgrade for some. Paired with speedy UFS 4.1 storage, another previously premium option, there’s enough general performance here to please most amateur shutterbugs, but low-light isn’t a strong suit. Unsurprising, given the price point.
A massive 6500mAh cell keeps the Poco X8 Pro going for days at a time. Paired with increasingly scary 100W charging with a compatible plug, it doesn’t take long at all to get back in the game.
With such a focus on playing hours of matches before needing to recharge, it would have been nice to see Poco lean on the teachings of the now-absent Asus ROG Phone with a side-mounted USB-C plug for comfortable charging while gaming. That would really put the cooling tech to the test.
Interestingly, the reverse wired charging came in clutch while away from home, enabling it to be used akin to a power bank for other devices, saving me from needing to buy yet another travel adapter to litter a drawer back home.
Bewildering background battery drain was a concern, though. It’s difficult to chalk up the reason why, but it often lost far more power overnight than my ageing iPhone 13 Pro Max. Hopefully it’s something an update will fix, but it’s worth keeping in mind if you’re often away from a charger.
At £349 (or cheaper with the launch discount), the Poco X8 Pro is considerably cheaper than its fancy-sounding name would suggest. And in raw performance, it’s a value king.
Poco handsets often focus on raw power, and the X8 Pro is no different – it can take good shots in bright conditions, but its certainly not a strong suit.
Though the Poco line has stiffer competition today than ever before, the X8 Pro is still an easy recommendation for those looking for a powerful handset at a less-than-premium price.
Sturdy construction means it sits just fine alongside today’s more fashion-forward phones. And if you’re the type to savour every minute, its lightning-fast charging is part of what makes this one not a big deal, but a great deal.
It’s far from the most powerful device on the market today, but at this price, there’s enough going on to keep it (and you) competitive, making it one of the best budget phones around (even in its Iron Man finish).
We test every mobile phone we review thoroughly. We use industry-standard tests to compare features properly and we use the phone as our main device over the review period. We’ll always tell you what we find and we never, ever, accept money to review a product.
No, there’s no included charger with the Poco X8 Pro despite its 100W HyperCharge capabilities. The Iron Man version doesn’t include one, either.
The Poco X8 Pro is rated for IP68, suggesting long-term water submersion shouldn’t be a problem if proper precautions are followed.
| Poco X8 Pro | |
|---|---|
| Geekbench 6 single core | 1724 |
| Geekbench 6 multi core | 6616 |
| Geekbench 6 GPU | 12549 |
| 3DMark Solar Bay | 26 |
| Time from 0-100% charge | 62 min |
| Time from 0-50% charge | 29 Min |
| 30-min recharge (no charger included) | 52 % |
| 15-min recharge (no charger included) | 31 % |
| 3D Mark – Wild Life | 4053 |
| Poco X8 Pro Review | |
|---|---|
| UK RRP | £349 |
| Manufacturer | Poco |
| Screen Size | 6.59 inches |
| Storage Capacity | 512GB |
| Rear Camera | 50MP + 8MP |
| Front Camera | 20MP |
| Video Recording | Yes |
| IP rating | IP68 |
| Battery | 6500 mAh |
| Fast Charging | Yes |
| Size (Dimensions) | 75.19 x 8.38 x 157.53 MM |
| Weight | 201 G |
| Operating System | HyperOS (Android 16) |
| Release Date | 2026 |
| First Reviewed Date | 08/05/2026 |
| Resolution | 2756 x 1268 |
| HDR | Yes |
| Refresh Rate | 120 Hz |
| Ports | USB-C |
| Chipset | MediaTek Dimensity 8500 Ultra |
| RAM | 12GB |
| Colours | Black, Mint Green, White, Iron Man |
Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign.
Users searching for “Claude mac download” may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on their Mac.
The campaign was spotted by Berk Albayrak, a security engineer at Trendyol Group, who shared his findings on LinkedIn.
Albayrak identified a Claude.ai shared chat that presents itself as an official “Claude Code on Mac” installation guide, attributed to “Apple Support.”
The chat walks users through opening Terminal and pasting a command, which silently downloads and runs malware on their Mac.
While attempting to verify Albayrak’s findings, BleepingComputer landed on a second shared Claude chat carrying out the same attack through entirely separate infrastructure.
The two chats follow an identical structure and social engineering approach but use different domains and payloads. Both chats were publicly accessible at the time of writing:
The base64 instructions shown in the shared Claude chat download an encoded shell script from domains such as:
The ‘loader.sh’ (served by the second link above) is another set of Gunzip-compressed shell instructions:
This compressed shell script runs entirely in memory, leaving little obvious trace on disk.
BleepingComputer observed the server serving a uniquely obfuscated version of the payload on each request (a technique known as polymorphic delivery), making it harder for security tools to flag the download based on a known hash or signature.
The variant BleepingComputer identified starts by checking whether the machine has Russian or CIS-region keyboard input sources configured. If it does, the script exits without doing anything, sending a quiet cis_blocked status ping to the attacker’s server on its way out. Only machines that pass this check get the next stage:
Before proceeding further, the script also collects the victim’s external IP address, hostname, OS version, and keyboard locale, sending all of it back to the attacker. This kind of victim profiling before payload delivery suggests the operators are being selective about who they target.
The script then pulls down a second-stage payload and runs it through osascript, macOS’s built-in scripting engine. This gives the attacker remote code execution without ever dropping a traditional application or binary.
The variant identified by Albayrak, however, appears to skip the profiling steps. It goes straight to execution.
It harvests browser credentials, cookies, and macOS Keychain contents, packages them up, and exfiltrates them to the attacker’s server. Albayrak identified this as a variant of the MacSync macOS infostealer:
The briskinternet[.]com domain shown above in the variant identified by Albayrak appeared to be down at the time of writing.
Malvertising has become a recurring delivery mechanism for malware.
BleepingComputer has previously reported on similar campaigns targeting users searching for software like GIMP, where a convincing Google ad would list a legitimate-looking domain but take visitors to a lookalike phishing site instead.
This campaign flips that, as there is no fake domain to spot.
Both Google ads seen here point to Anthropic’s real domain, claude.ai, since the attackers are hosting their malicious instructions inside Claude’s own shared chat feature. The destination URL in the ad is genuine.
It is not, however, the first time that attackers have abused AI platform shared chats this way. In December, BleepingComputer reported a similar campaign targeting ChatGPT and Grok users.
Users should navigate directly to claude.ai for downloading the native Claude app, rather than clicking sponsored search results. The legitimate Claude Code CLI is available through Anthropic’s official documentation and does not require pasting commands from a chat interface.
It is good practice to generally treat any instructions asking you to paste terminal commands with caution, regardless of where those instructions appear to come from.
BleepingComputer reached out to Anthropic and Google for comment prior to publishing.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
For years, Uber talked about becoming a super app. Then Waymo started picking up passengers in San Francisco, and the conversation grew more urgent. The company has been trying to embed itself inside the AV industry — as a data provider, an investor, and a distribution platform — but the consumer-facing bet may be just as important.
Two weeks ago, Uber held its annual GO-GET product event in New York and announced something its executives had been circling for a long time: users in the U.S. can now book hotels inside the Uber app, through a partnership with Expedia Group, with access to more than 700,000 properties worldwide. Uber One members — the company’s subscription tier at $9.99 a month — get 20% off a rotating list of 10,000 hotels and 10% back in credits. Vacation rentals through Vrbo will follow later this year, along with restaurant reservations via OpenTable. In the meantime, a “Shop for Me” feature lets users order from stores that aren’t even on the platform.
The announcements, taken together, were the most concrete picture yet of something Uber has been trying to conjure since at least 2019: that an app with 199 million monthly active users could become the app they use for nearly everything.
Praveen Neppalli Naga, Uber’s CTO, offered the clearest explanation of the company’s thinking at TechCrunch’s StrictlyVC event late last month in San Francisco. The super app concept has existed for years in India and Southeast Asia, he noted, but U.S. versions have mostly flopped by bolting services onto traffic rather than building toward a reason to stay.
His answer to what fits? Membership. Every new category — food, groceries, now hotels — gives someone another reason to pay for Uber One. “I take Uber, go to the airport, take a flight, take another Uber, go to a hotel, go to a restaurant,” he said. “There is a flow you can actually build into it.”
Flights are not available yet, though Naga didn’t rule them out. Uber tried flight booking in Europe years ago without success. “First let’s get the hotel things done,” he said. Financial services sound like a possibility too — Uber already offers a debit card to drivers in Mexico — though how far that goes, or when, remains unclear. Said Naga: “Never say never.”
Uber isn’t alone in this race. Airbnb, arguably the company most directly threatened by Uber’s hotel push, announced its own transportation ambitions in late March — a partnership with Welcome Pickups to offer airport transfers in 125 cities across Asia, Europe, and Latin America, structured to keep users inside the Airbnb app rather than sending them to Uber. Meanwhile, Elon Musk has spent three years promising to turn X into an “everything app” in the WeChat mold, and is now nearing what he describes as a long-stated goal: X Money, a banking and payments platform built inside the social network, is expected to launch publicly soon. X claims 500 million monthly active users.
Techcrunch event
San Francisco, CA
|
October 13-15, 2026
The big question is how many super apps the American market will actually support. WeChat works in China partly because the alternative was a patchwork of inferior options. In the U.S., people already have apps they like for most of what Uber wants to do. Getting them to consolidate inside a single platform requires either a compelling reason — Uber One’s discounts, say — or a seamless enough experience that switching feels worth it.
Uber’s bet is that its installed base is the moat. Its users have already handed over a credit card. Convincing them to book a hotel, or order from a store they’d never find on Uber Eats, is an easy lift compared with convincing them to download something new. Its most recent earnings, reported a few days ago, suggest Uber Eats may be the strongest argument for that thesis: delivery revenue grew 34% year over year in the first quarter, to $5.07 billion, making it easily the fastest-growing part of the business and pulling almost even with mobility in gross bookings.
Uber’s stock is still down about 8% from a year ago — suggesting that Wall Street isn’t fully convinced. But the company says that 50 million people are now paying for Uber One, and together they account for roughly half the company’s total bookings.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
From affordable 34-inch LCDs to flagship 45-inch OLEDs, these are the best ultrawide gaming monitors you can buy right now, tested and recommended by us.
It’s a bird, it’s a plane, it’s a six-propeller flying vehicle with a nearly eight-foot wingspan.
For the next year, delivery drones operated by the British company Skyports are taking daily weekday trips across New York City’s East River, between the tip of Manhattan and a pier in Brooklyn. Since early May—a bit behind schedule—the drones have carried light cargo for a New York City health care system. Right now, those loads are basically a few pounds of paper; once the healthcare system is confident the setup works, it should include nonhazardous, non-biological packages, such as light pharmaceuticals.
The drones are part of an experiment run by two New York-New Jersey agencies to discover how a relatively new and sometimes controversial sky-bound delivery tech might fit into a hectic urban environment—and the airspace above it. The pilot program will also try to answer a question that hangs over the entire drone delivery industry: Where does it make sense?
“Will there be enough regular flights (1 to 2 per hour) that the client health care system finds true value?” Stephan Pezdek, the regional freight planning manager at the Port Authority of New York and New Jersey, which is operating the pilot, wrote in an email to WIRED. (The Port Authority declined to name the health care system for contractual reasons.) “Will deliveries make it to their destination faster and within the financial constraints of the current carriers they are using? Will the community appreciate the work and not feel like it is a disruption? All of this will inform our understanding of how the first corridor shapes up.”
The Port Authority, which is also working with the New York City Economic Development Corporation (NYCDEC) on this drone project, will also measure how the deliveries affect patient care, Pezdek says.
Globally, drone delivery is still in an experimental phase. What projects do exist mostly focus on carrying cargo to rural or suburban areas, where gaps in road networks and services, plus emptier skies, could make the tech a better fit. Skyports has been delivering mail in remote areas of Scotland since 2023, and carrying cargo to offshore wind turbines in Germany. The US company Zipline says it makes deliveries to and from some 5,000 health facilities across four continents; its oldest program delivers vaccines and blood products in Rwanda. In the US, companies including Alphabet’s Wing and Amazon’s Prime Air are working to expand delivery services across the South, with a focus on the suburban areas surrounding Houston, Austin, and Dallas, Texas.
For drones, dense cities present different challenges. First, there’s the safety question. New York City’s airspace is packed, hosting three international airports. In Manhattan alone, there are three publicly owned heliports. In May 2023, nearly 9,000 helicopter flights took place over city land or water, according to data compiled by the New York City Council. This drone pilot program’s start date was pushed back in part because another experimental aviation tech, an electric vertical takeoff and landing (eVTOL) vehicle, was demo-ing its own first-of-its-kind flights out of the same heliport.
That citified hustle and bustle leads to extra precautions. The pilot project was, as standard, approved by the US Federal Aviation Administration, which requires a certified drone pilot to supervise every flight. Each flight will take place over a fixed route away from residential buildings. The project must obtain a weekly NYPD permit to operate, and delays in acquiring the first one also led the city to push back its start date, says Amanda Kwan, a spokesperson for the Port Authority. The agency also spoke with three local community boards before it allowed the drones to take off.
Anthropic’s Claude Mythos Preview found thousands of zero-day vulnerabilities across major operating systems and browsers, prompting the Fed chair and Treasury secretary to convene bank CEOs. The company warns of a six-to-twelve month window before adversaries replicate the capability.
TL;DR
Anthropic built an AI model that found thousands of zero-day vulnerabilities in every major operating system and web browser. The Federal Reserve chair and the Treasury secretary called bank CEOs to discuss it. The company says there is a six-to-twelve month window to patch the flaws before adversaries build models that can do the same thing. The cybersecurity industry says the threat was already here. Both are right.
Claude Mythos Preview is the model. It is not yet publicly released. In controlled testing, it surpassed all but the most skilled humans at finding and exploiting software vulnerabilities, identifying flaws that had existed undetected for decades, including a 27-year-old bug in OpenBSD and a 17-year-old remote code execution flaw in FreeBSD. Anthropic CEO Dario Amodei described the current period as a “moment of danger” and warned of “some enormous increase in the amount of vulnerabilities, in the amount of breaches, in the financial damage that’s done from ransomware on schools, hospitals, not to mention banks.”
Mozilla released Firefox 150 with fixes for 271 security vulnerabilities identified by Mythos in a single evaluation pass. The number is striking not because Firefox is unusually insecure but because no human team had found them. The vulnerabilities had accumulated across years of development, each one a potential entry point for an attacker with the right tools. Mythos found all 271 in one run.
The 💜 of EU tech
The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!
The model’s capability raises a question that the cybersecurity industry has been theorising about for years and now must answer practically: what happens when the cost of finding vulnerabilities drops to near zero? The traditional economics of cybersecurity depend on the asymmetry between attackers, who must find one flaw, and defenders, who must secure all of them. Mythos collapses the cost on both sides. Defenders can now scan their entire codebase for flaws they never knew existed. Attackers, once they build or obtain equivalent models, can do the same.
Anthropic chose a controlled rollout, which it calls Project Glasswing. Approximately 40 technology companies and institutions have initial access to Mythos to bolster their systems. The list does not include most central banks and governments. The asymmetry is intentional: give defenders a head start before the capability becomes widely available.
The response from financial regulators was immediate. Federal Reserve Chairman Jerome Powell and Treasury Secretary Scott Bessent convened a meeting with major US bank CEOs to discuss the cyber risks raised by Mythos. The IMF flagged AI-powered cyber threats to the global banking system. The concern is not that Mythos itself will be used to attack banks. It is that the capability Mythos demonstrates, automated discovery of vulnerabilities at superhuman speed, will be replicated by adversaries who are not bound by Anthropic’s responsible disclosure practices.
Anthropic shipped financial services agents the day after announcing its 1.5 billion dollar Wall Street joint venture, a sequence that illustrates the company’s dual positioning: it is simultaneously the entity warning banks about AI-powered cyber threats and the entity selling AI products to banks. The joint venture with Blackstone and Hellman and Friedman is anchored at approximately 300 million dollars from Anthropic and will deploy AI across private equity operations.
Amodei’s six-to-twelve month window is a prediction about how long it will take Chinese AI companies to build models with equivalent vulnerability-discovery capabilities. The window is not about whether adversaries will develop the capability. It is about when. The controlled rollout of Mythos is designed to give the companies that receive early access enough time to patch their most critical flaws before the window closes.
OpenAI released GPT-5.4-Cyber for vetted security teams, scaling its Trusted Access programme in direct response to the Mythos disclosure. The competitive dynamic between Anthropic and OpenAI has extended from commercial AI products into cybersecurity, with both companies positioning themselves as defenders of the software infrastructure their own models could be used to compromise.
Researchers have already demonstrated that AI agents from Anthropic, Google, and Microsoft can be hijacked via prompt injection to steal API keys and tokens, and all three vendors paid bounties but skipped public disclosure. The irony is precise: the AI agents that companies deploy to improve security are themselves vulnerable to attacks that could compromise the systems they are meant to protect.
The cybersecurity community’s response to the Mythos disclosure has been a mixture of alarm and scepticism. Security researchers note that AI-assisted vulnerability discovery has been developing for years and that the capabilities Mythos demonstrates, while impressive in scale, are an acceleration of existing trends rather than a discontinuous leap. The threat of AI-powered cyberattacks was identified by the UK’s National Cyber Security Centre more than a year ago. What Mythos changes is not the existence of the threat but the specificity of the evidence.
Anthropic occupies an unusual position. It is a company whose business model depends on selling AI capabilities to enterprises, including banks, while simultaneously arguing that AI capabilities of the kind it is developing pose an existential threat to the cybersecurity of those same enterprises. The resolution of the contradiction is commercial: Anthropic’s pitch is that you need its AI to defend against AI of the kind it builds. The logic is circular but the threat is real.
The 271 Firefox vulnerabilities were real. The 27-year-old OpenBSD bug was real. The meeting between the Fed chair and bank CEOs was real. The question is not whether AI will transform cybersecurity. The question is whether the six-to-twelve months Amodei describes is enough time to patch decades of accumulated vulnerabilities across every operating system, browser, and financial platform in production, or whether the window is an estimate designed to create urgency for a problem that cannot be solved on any timeline. Mythos found the flaws. Fixing them is a human problem.
In modern datacenters, storage can live anywhere — local to the machine, remotely accessed over the network, and/or shared between systems.
The next generation of servers will treat system memory in much the same way. Systems will still have some local DDR5, but the bulk of it will be remotely accessed from what some have taken to calling the memory godbox.
The ongoing DRAM shortage has created a perfect storm for the proliferation of the appliances, which not only allow for memory to be pooled, but also data stored in that memory to be shared by multiple machines simultaneously. In effect, memory becomes a fungible resource.
More importantly, your next round of servers will probably support the tech, if they don’t already.
The technology at the heart of these memory godboxes isn’t new. Compute Express Link (CXL) has been slowly gaining traction since its introduction seven years ago.
As a quick refresher, CXL defines a common, cache-coherent interface for connecting CPUs, memory, accelerators, and other peripherals.
The technology comes in a couple of different flavors: CXL.mem, CXL.cache, and CXL.io, which, as a whole, have implications for disaggregated compute. Imagine a rack with a CPU node, GPU node, memory node, and storage node, which can talk to one another completely independently. That’s the core idea behind CXL.
CXL piggybacks off the PCIe standard, which means in theory it should be broadly compatible, but, up to this point, it’s primarily been used with memory devices.
The 1.0 spec opened the door to memory expansion modules, which allow you to add more memory by slotting them into a CXL-compatible PCIe slot. To the operating system — assuming you’re running Linux that is — the extra memory is largely transparent, showing up as if it were attached to another CPU socket, just one without any additional compute.
The 2.0 spec, which showed up in 2020, added basic support for switching, which meant memory could be pooled and then allocated to any number of connected systems.
AMD and Intel’s current crop of Epycs and Xeons already support these appliances. But while the memory can be partitioned and reallocated to different machines as needed, two machines can’t work on the same data simultaneously.
Unless you were memory-constrained, the added complexity of CXL 2.0 didn’t offer much benefit over simply using higher capacity DIMMs in the first place.
At least, not until memory prices went through the roof.
Where things really get interesting is when the 3.0 spec arrives in AMD and Intel’s next-generation of Epycs and Xeons. In fact, from what we understand, Amazon’s Graviton5 CPUs we looked at in December already support the spec.
CXL 3.0 introduces two key capabilities that make it particularly interesting for memory appliances. The first is support for larger topologies: Multiple CXL switches can be stitched together into a fabric. The second is support for memory sharing: Rather than partitioning memory into slices only accessible to one machine at a time, memory can be shared between machines.
In theory this could allow two machines running the same set of workloads to use the memory closer to that of one. It’s a bit like deduplication for memory. In fact, we already do this in virtualized environments like KVM, but it now works across machines.
There are security and performance implications to all of this. Thankfully in CXL 3.1 and later, the consortium introduced confidential computing capabilities into the spec, allowing for isolation where necessary.
On the performance end of things, CXL 3.0 moves to PCIe 6.0 as a baseline, which provides 16 GB/s of bidirectional bandwidth per lane. Assuming 64 lanes of CXL per CPU, that works out to an additional 512 GB/s of bandwidth. So memory bandwidth shouldn’t be too much of an issue for most applications. Latency, on the other hand, is a different story.
CXL-attached memory is going to add some latency. However, as we’ve previously discussed, the latency isn’t as bad as you’re probably thinking — on the order of a NUMA hop, or about 170 to 250 nanoseconds of round trip latency. Obviously, the farther the memory appliance is from the host CPU, the worse the latency is going to be.
Late last year, the CXL consortium ratified the 4.0 spec, which among other things doubles the bandwidth from 16 GB/s per lane to 32 GB/s by re-basing on PCIe 7.0. However, it’ll be a while before we see appliances based on the spec.
There are several companies developing hardware for these kinds of networked memory appliances.
Panmnesia’s CXL 3.2-compatible PanSwitch is one of the most sophisticated examples. The switch features 256 lanes of connectivity for CXL memory modules, devices, or CPUs to connect, pool, or share resources.
If you’re okay with memory pooling and don’t need the niceties of CXL 3.0, then there are already several memory appliances available that are compatible with the latest generation of Xeon 6 and Epyc Turin processors.
Liqid’s composable memory platform, for example, can provide a pool of up to 100 TB of DDR5 to as many as 32 hosts. Meanwhile, UnifabriX Max systems provide CXL 1.1 or 2.0 connectivity to 16 or more systems with support for CXL 3.2 already in the works.
We suspect that as more CXL 3.0 compatible CPUs and GPUs hit the market, more of these memory godboxes will appear.
Don’t get too excited. While network attached memory has the potential to reduce an enterprise’s infrastructure spend, those same qualities make it attractive for the very thing driving the memory shortage in the first place.
AI adoption has driven demand for DRAM off the charts. In addition to the HBM used by GPUs, DDR5 is being used for key value cache offload during inference.
These KV caches store model state and can chew significant amounts of memory — often more than the model itself — in multi-tenant serving scenarios.
Rather than discard these caches and recompile them when the model state is restored, it’s more efficient to offload them to system memory and eventually flash storage.
The problem with using flash storage is that it has a finite write endurance. After a while it wears out. Instead, CXL memory vendors are positioning the tech as a more resilient alternative.
That’s bad news for enterprises looking to these memory godboxes for salvation from the RAMpocalypse. ®
The story is part of a BBC report into people who experienced delusions while using AI. They are men and women from their 20s to 50s from six different countries, using a wide range of AI models.
Read Entire Article
Source link
Designer Matty Benedetto of Unnecessary Inventions runs a studio in Vermont where he makes contraptions to tackle problems that no one has ever asked about. His most recent project mixes two known elements to create something new, which has the potential to change how teams handle lengthy discussions around a table. He transformed conventional office chairs into a full seesaw that rocks up and down while spinning in a complete circle.
Benedetto started simple by collecting a couple of worn-out office chairs from storage. He wanted seats that everyone was familiar with, so no one felt out of place when they sat down. A simple test compared the wheels on each base to determine which pair rolled and slid the best across a floor. These results allowed him to choose the right parts without guesswork. He then gently separated the chairs, keeping the seats and center supports intact. A small 3D printed model allowed him to see how the elements would connect and move together. The initial chair bases already spun freely in all directions, so he retained that motion for the finished form. He then designed a bespoke bracket to connect everything at the midway point.
Sale
Ball bearings in the new bracket provided smooth, effortless seesaw movement as needed. He assessed the distances and opted on chairs spaced ten feet apart along a robust metal tube that cost him $100. That tube served as the main beam, measuring a solid 5 feet square to maintain equilibrium. A simple hex bolt held the tube in place and prevented it from slipping around during operation. The early brackets he created on his 3D printer were ideal for brief test runs, but they were too flimsy for real-world use. So he bought some CNC machined aluminum replacements and gave them a lovely bead blast finish with a layer of black anodizing to clean up the lines and make them more durable. These new pieces were high-quality, solidly constructed, and arrived with an aura of precision, so assembly seemed substantial right away.
Drilling guide holes in those printed copies ensured that everything fit together seamlessly. He inserted the machined brackets directly into the chair bases after a test run revealed that individual seat rotations were producing much too much wobbling. By removing the extra spin and lowering the overall height, he created a more stable configuration that let people to securely climb on and off. The new design secured the chairs in place, but the middle pivot allowed the entire seesaw to glide smoothly up and down and spin freely. When two people of nearly equal size sat down, equilibrium just happened. Benedetto persuaded his friend to accompany him on his first official test run.
They climbed to the opposite ends and adjusted their weight to see how it worked. The beam went up and down smoothly, while the base turned the entire seesaw in wonderful huge circles. In one humorous run, they pretended to be an office staff disputing deadlines over a stack of paperwork, but the soft, steady motion kept the mood light and enjoyable. The finished design measured ten feet long and was low enough to fit between two normal desks in a shared workspace. The chairs are linked beneath the worktable, allowing users to lean forward and type or write without having to climb off. After many test sessions, the bearings have demonstrated their ability to tolerate frequent rocking without making a noise or sticking, while remaining lovely and smooth.
Arjan Brussee, best known as a co-founder of Guerrilla Games and a former global director of product management for Unreal Engine at Epic Games, says he’s developing a new platform called The Immense Engine. The idea, as he describes it, is to create an alternative to the dominant engines that…
Read Entire Article
Source link
Google launched the 99 dollar screenless Fitbit Air and a 9.99 dollar per month Gemini-powered AI health coach. One day later, Whoop responded by adding on-demand video consultations with licensed clinicians to its app.
TL;DR
Google launched a 99 dollar screenless fitness tracker and a 9.99 dollar per month AI health coach powered by Gemini. One day later, Whoop announced that it would add on-demand video consultations with licensed clinicians to its app. Google is betting that artificial intelligence can interpret your health data. Whoop is betting that you still need a doctor. The US Food and Drug Administration, which relaxed its oversight of both AI health tools and consumer wearables in January, is betting that neither needs much regulation.
The sequence is not a coincidence. It is a philosophical split in the wearable health industry, articulated in product announcements issued 24 hours apart. The question both companies are answering is the same: what should happen after the sensor on your wrist collects the data? Google’s answer is an AI chatbot. Whoop’s answer is a human with a medical licence. The market will decide which one people trust with their bodies.
The Fitbit Air is a screenless band that costs 99 dollars. It is the smallest Fitbit ever made. It tracks heart rate, heart rate variability, SpO2, sleep stages, and activity continuously, with a battery life of approximately one week. It has no display. All data is accessed through the new Google Health app, which replaces the Fitbit app on 19 May.
The device ships on 26 May with a three-month free trial of Google Health Premium, which costs 9.99 dollars per month or 99 dollars per year. The premium tier includes the Google Health Coach, an AI assistant built on Gemini that generates personalised workout plans, interprets sleep trends, summarises health records, and answers questions about a user’s fitness and medical data.
Google’s strategy is not to sell hardware. It is to sell the AI layer on top of the data. The Google Health app is designed to be wearable-agnostic, with planned support for Apple Watch, Oura, and Garmin devices later this year. The Fitbit Air is the entry point, not the destination. Google wants to be the intelligence that sits between every wearable sensor and every health decision, regardless of which device collected the data.
Whoop’s announcement arrived on 8 May, exactly one day after Google’s. The company will offer on-demand video consultations with licensed clinicians through its app for users in the United States, launching this summer. The consultations begin with a review of the user’s continuous biometric data collected by the Whoop band. If the user has synced blood work or medical history through HealthEx, an electronic health records integration that Whoop is also launching, that information is included.
The distinction from Google’s approach is deliberate. A clinician can ask follow-up questions, identify patterns that require context a chatbot does not have, and carry the professional accountability that comes with a medical licence. An AI coach can tell you your heart rate variability is trending down. A doctor can tell you why.
Blossom Health raised 20 million dollars to put AI copilots alongside psychiatrists, a model that treats AI as support for clinicians rather than a replacement for them. Whoop is applying the same logic to wearable health data: the AI processes the numbers, but a human makes the call.
Will Ahmed, Whoop’s founder and chief executive, posted an image on X of a Whoop circuit board with the words “Don’t bother copying us, we will win” engraved on it. The message was originally aimed at Amazon, which launched and subsequently killed the Halo fitness band. It now reads as a response to a company with considerably more resources than Amazon’s wearables division.
Whoop raised 575 million dollars in March 2026 at a valuation of 10.1 billion dollars, with investors including the Qatar Investment Authority, Mubadala, Abbott, and the Mayo Clinic. The company reported 1.1 billion dollars in annualised revenue in 2025, up 103 per cent year over year, and said it was cash-flow positive. It has more than 2.5 million members.
Whoop’s subscription costs between 199 and 359 dollars per year depending on the tier. Google Health Premium costs 99 dollars per year. The Fitbit Air costs 99 dollars. A year of Fitbit Air plus Google Health Premium costs less than a year of Whoop’s cheapest plan. The clinician consultations that Whoop is adding will cost extra, with pricing not yet announced.
The price gap frames the competitive question. Google is offering AI health coaching at a price point that undercuts Whoop’s subscription by more than half. Whoop is offering human medical consultations at a price that will push its total cost higher. One company is driving the cost of health guidance toward zero. The other is arguing that the value of a human clinician justifies a premium. Both positions are coherent. Neither has been tested at scale in the wearable market.
ChatGPT Health launched in January 2026, connecting Apple Health data to OpenAI’s models. Microsoft followed a week later with Copilot Health. Perplexity launched Perplexity Health, pulling together electronic health records, wearable data, and lab results into a single AI-powered dashboard. Amazon opened its Health AI to all US customers, backed by its One Medical clinical network and pharmacy.
Every major AI platform now has a health product. The wearable data that Fitbit, Whoop, Apple Watch, and Oura collect has become the input for a competition between AI models, each promising to turn continuous biometric monitoring into personalised health advice. The differentiation is not in the data. Heart rate, sleep stages, and SpO2 are measured by every device on the market. The differentiation is in what happens next.
Corti’s Symphony AI outperformed models from OpenAI and Anthropic on medical coding benchmarks, demonstrating that specialised health AI can exceed general-purpose models on clinical tasks. The implication for the wearable market is that the AI interpreting your health data may matter more than the sensor collecting it. Google is building that AI into a consumer subscription. Whoop is routing around it to a human.
In January 2026, the FDA updated two guidance documents that collectively loosened oversight of both consumer wearables and AI-enabled health tools. The General Wellness Guidance clarified that low-risk wellness devices using optical sensing to estimate physiological parameters, which describes every screenless fitness tracker on the market, can be sold without premarket review as long as they make wellness claims rather than clinical ones. The Clinical Decision Support Guidance softened the agency’s approach to AI tools that help users navigate diagnoses and health decisions.
The regulatory shift creates space for both Google and Whoop. Google’s AI health coach can offer personalised guidance without triggering medical device classification, provided it frames its outputs as wellness advice. Whoop’s clinician consultations operate under existing telemedicine frameworks. The FDA’s position is that neither the AI chatbot nor the wearable sensor requires the level of scrutiny applied to medical devices, as long as neither claims to diagnose or treat disease.
The gap between what these products do and what they claim to do is where the regulatory question lives. An AI coach that tells a user their recovery score suggests they should rest is wellness advice. An AI coach that tells a user their heart rate variability pattern is consistent with early atrial fibrillation is a clinical claim. The line between the two is a sentence, and the incentive to cross it increases with every subscription dollar at stake.
Google built a 99 dollar tracker and a 9.99 dollar AI coach. Whoop is adding doctors to an app attached to a 10 billion dollar company. The FDA says both are fine. The user strapping a screenless band to their wrist and asking what their data means will not be choosing between two products. They will be choosing between two theories of what health data is for: a prompt for an algorithm, or a conversation with a person who went to medical school.
HarrisX Poll Found 52% of Registered Voters Support the CLARITY Act
Upbit adds B3 Korean won pair as Base token gains Korea access
Weekend Open Thread: Marianne Dress
Image AI models now drive app growth, beating chatbot upgrades
NCP car park operator enters administration putting 340 UK sites at risk of closure
Ignore market noise, India’s long-term story intact, say D-Street bulls Ramesh Damani and Sunil Singhania
Politics Home Article | Starmer Enters The Danger Zone
Olivia Wilde Reacts To Viral ‘Corpse’ Comparison
Inter Milan Win Serie A Title After Victory Over Parma
La Liga: Vinicius Jr scores twice as Real Madrid win to keep Barcelona waiting for title
UAE Free Zone Deploys Blockchain IDs to Verify Registered Firms
Every word of Arne Slot’s heated rant after Manchester United win vs Liverpool
Joel Embiid urges Sixers fans not to sell playoff tickets to Knicks fans
2026 NHL playoff picks: Second-round predictions, series odds, Stanley Cup bracket
Jennifer Lawrence’s Mary Jane Sneakers Are Spring’s It-Girl Shoe
Moroccan Reacts To Nick Cannon’s Dating Rules For His Sister
Robinhood says Wall Street is building onchain
Kylie Jenner and Timothee Chalamet Hold Hands in NYC Outing
BlackRock CEO Larry Fink Discusses a New Asset Class
Post Malone Delays Tour With Jelly Roll Amid Ongoing Backlash
You must be logged in to post a comment Login