Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
A new study from the University of Colorado Boulder confirms something that sounds both impressive and concerning. People find interacting with AI simulations of their dead loved ones deeply meaningful, and most will come away wanting to do it again.
The researchers call it a “generative ghost,” which is a clear reference to generative AI, but I’d still prefer to call it unsettling.

Doctoral candidate Jack Manning and associate professor Jed Brubaker recruited 16 participants aged 22 to 50, all of whom had lost someone close to them.
During individual Zoom sessions, a second researcher quietly used an LLM to build a ghost of the deceased (in real time) from details provided by the participant, an AI-based reincarnation, if you will.
Each participant chatted with two versions of the generative ghost: one that spoke in first person (“I remember going to the beach together”) and one that used third person (“She loved going to the beach with you,” where you is the participant).
Participants unanimously preferred the first-person “reincarnation” over the third-person “representative,” which, I’ll admit, is the part I find most unsettling.

Small factual inaccuracies were forgiven during the interaction. However, wrong terms of endearment were not. For instance, when one stepfather’s ghost called his stepson “champ,” a word he’d never used, the participant nearly ended the session.
This is the first user experience research on AI ghosts, published by the Association for Computing Machinery (via CU Boulder). And if you don’t already know, commercial services like Project December and HereAfterAI are already selling AI ghosts as a product.
The study’s own participants flagged a significant concern. While everyone said they’d use a ghost again, almost all worried people who’ve lost their loved ones would become addicted to one. The lab has already initiated a follow-up study with mental health professionals to assess the psychological benefits and risks of generative ghost interactions.
The massive FortiBleed credential theft campaign has been linked to the INC and Lynx ransomware operations, suggesting the stolen Fortinet credentials were intended to fuel future network intrusions.
Earlier this month, a server containing credentials stolen from more than 73,000 Fortinet devices was discovered exposed on the internet. Researchers found the server contained downloaded FortiGate configuration files, credentials harvested from compromised devices, and infrastructure used to crack password hashes and perform credential-stuffing attacks.
The campaign was dubbed “FortiBleed” due to the large number of exposed credentials and the massive credential-theft operation.
Follow-up investigations by SOCRadar revealed that the operation used a custom packet-sniffing tool called “FortiGate Sniffer” on compromised FortiGate firewalls, allowing attackers to intercept VPN credentials and other authentication data directly from network traffic.
SOCRadar’s Threat Research Unit (STRU) latest research now ties the credential theft operation directly to members of the INC and Lynx ransomware-as-a-service (RaaS) groups.
The researchers told BleepingComputer that they discovered this link after identifying a Windows server used as part of the FortiBleed infrastructure.
“Our threat researchers identified a Windows server belonging to the FortiBleed infrastructure, which provided further insight into the threat actors’ modus operandi,” SOCRadar told BleepingComputer.
“During the investigation of that server, analysis of the collected artifacts revealed that the threat actor had accessed the ransomware negotiation panels of both the Lynx / INC ransomware group.”
SOCRadar shared screenshots with BleepingComputer showing browser sessions accessing the administration panels for both ransomware groups. The images show negotiation dashboards containing victim chats used during ransomware negotiations.
According to the researchers, this provides direct evidence that an individual with access to FortiBleed infrastructure was also involved with the ransomware groups’ negotiation platforms.
The company also says it identified more than 200 additional operational servers beyond those originally associated with the campaign, discovered victim information harvested during FortiBleed that overlaps with organizations later listed on the INC ransomware leak site, and uncovered evidence suggesting the operation consists of roughly 20 members with defined roles.
SOCRadar also says the campaign was considerably larger than originally understood.
According to the researchers, the operation targeted more than 430,000 FortiGate firewalls worldwide and deployed traffic sniffers on approximately 19,000 devices.
After notifying impacted organizations, the number has fallen to around 11,000 compromised devices. The researchers also say they identified roughly 500 servers used by the operation.
The researchers also believe the attackers exploited a previously undisclosed Nextcloud zero-day vulnerability as part of their operations to expand access after initial compromise. However, technical details have not yet been released.
SOCRadar also told BleepingComputer it found persistent backdoor accounts using the username “adminin” on compromised systems and is continuing efforts to recover ransomware decryption keys.
INC Ransom has operated as a ransomware-as-a-service platform since mid-2023, targeting organizations across healthcare, education, government, and other sectors worldwide.
Lynx emerged in mid-2024 and is believed by security researchers to be a rebrand of the INC ransomware gang rather than a new extortion group.
SOCRadar says a second technical white paper containing indicators of compromise, attribution evidence, and additional technical analysis will be released once its investigation is complete.
Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

A 360-degree camera records everything in every direction at once. That freedom comes with trade-offs in most models, whether through high prices, fiddly controls, or footage that needs heavy cleanup later. DJI’s first dedicated effort in this category, the Osmo 360, priced at $349 (was $467), arrives with larger sensors than most rivals, strong stabilization, and a price that lands the Standard Combo in a more reachable range for enthusiasts who want immersive video without jumping to the most expensive options on the market.
The camera body is approximately 61 by 36 by 81 millimeters and weighs 183 grams, resulting in a compact brick-like design with lenses on either side and a 2-inch touchscreen on one side of the camera, making it quite simple to navigate. A few physical buttons control power, shutter, and quick view modes; meanwhile, a 1/4-inch tripod thread is neatly tucked away at the bottom, along with DJI’s magnetic fast-release technology, which allows you to use mounts common with its action-cam series. Overall, it’s a little, unobtrusive product that fits neatly into a pocket or attaches onto a bag.
Inside are two 1/1.1-inch sensors with 2.4-micron pixels and f/1.9 apertures. The square design allows the camera to get more information from each sensor for the spherical image, which improves detail and light gathering. You can shoot video in a native 8K resolution (7680 by 3840) at 50 frames per second in full 360 mode, with 10-bit color depth and D-Log M profile support for color grading later if you want to get serious about it. Single lens modes can capture 5K at 60fps or 4K at 120fps for more classic wide-angle shots. For still images, you get a stunning 120 megapixels in complete 360 panoramic form, or approximately 31 megapixels from a single lens.
Real-world footage from reviewers shows some pretty sharp results, decent colors, and a strong dynamic range that holds up in daylight. The bigger pixels significantly improve low-light performance, and there is even a specific SuperNight mode, however very low-light/high-motion movies will require additional post-production effort. Stabilization is excellent, combining RockSteady 3.0 with HorizonSteady to keep vistas flat and smooth out any walking/panning movement. Furthermore, the software does an excellent job of removing hardware from the final spherical file the majority of the time, so you can wave goodbye to a lot of selfie-stick crap.

The battery life is approximately 100 minutes of continuous 8K recording at 30 frames per second with the included 1950mAh pack, and I was pleasantly surprised to see that this actually holds up well in testing. The battery is replaceable and compatible with some of the most recent Osmo Action models, which can be useful when traveling with several devices. Charging is done via USB-C Power Delivery and isn’t too slow; a full recharge takes a decent amount of time given the capacity. Storage is a generous 128 GB to begin with, with approximately 105 GB usable, and there is also a microSD slot that takes cards up to 1 TB, which helps to lessen the need to swap cards mid-shoot on longer days.

Four standard built-in microphones provide great audio, but when you combine the camera directly with DJI wireless microphones, things become interesting. You can connect two microphones to the camera without needing a separate receiver, allowing you to record high-quality speech tracks with the 360 footage. The Standard Combo, which includes the camera, a battery, pouch, cleaning cloth, USB-C cable, and lens cover, is a nice place to start; however, if you want more goods, you might be better off looking at higher-tier bundles or purchasing them individually.
cyber-crime
It’s a ‘complete BEC operations environment,’ Talos researcher says
EvilTokens, the device-code phishing kit that can allow criminals to bypass multi-factor authentication (MFA) and silently authenticate as the victim to the organization’s Microsoft 365 applications, appears to be even more insidious than we all thought.
Cisco Talos incident responders on Wednesday described how the lure reaches a victim’s inbox, and revealed new capabilities alongside a “more sophisticated evasion approach” than documented in earlier EvilTokens research.
Talos uncovered a phishing-as-a-service (PhaaS) operator panel, branded “ARToken,” that appears to be an EvilTokens customer, according to security research engineer Michael Kelley, who noted the phishing operation shares infrastructure, API contracts, and operational patterns with the EvilTokens platform.
EvilTokens was first documented by French cybersecurity firm Sekoia in March, and in April Microsoft said the device-code phishing campaign was compromising hundreds of organizations daily.
“Since March 15, 2026, we have observed 10 to 15 distinct campaigns launching every 24 hours,” Microsoft VP of security research Tanmay Ganacharya told El Reg at the time. “Each campaign is distributed at scale, targeting hundreds of organizations with highly varied and unique payloads, making pattern-based detection more challenging.”
While most subsequent analysis has covered EvilTokens’ panel and phishing kit, “what it has not shown is how an ARToken lure actually reaches an inbox,” Kelley said on Wednesday. “Talos recovered two near-identical messages, sent roughly four minutes apart on April 20, 2026, that initiate the chain. The tradecraft is targeted, not spray-and-pray.”
Specifically, the email lure abused a real vendor relationship between a US life-sciences company and a legitimate plumbing and fire-protection contractor. The email uses an outstanding-invoice lure, telling the life-sciences company that “the following invoices appear to still be outstanding,” and the “from” header presents the contractor’s real domain. The reply-to, however, redirects replies to an unrelated domain.
Even the visible anchor text in the body of the email reads as the vendor’s genuine SharePoint tenant, we’re told. The actual href, however, points to a near-identical copycat tenant under a different, attacker-controlled Microsoft 365 workspace. But because the destination is still a legitimate sharepoint.com host, the email is less likely to be flagged as a phish.
During its investigation into the ARToken phishing infrastructure, Cisco uncovered the connections to EvilTokens – including an identical API contract to the one originally documented by Sekoia and matching deployment and operational models – as well as “notably more sophisticated” anti-analysis and evasion capabilities.
ARToken’s panel also revealed a very comprehensive post-exploitation toolkit that provides token management and persistence mechanisms, and a built-in business email compromise (BEC) tool with full Microsoft Outlook inbox read access, email sending capabilities as the victim, inbox rule creation for forwarding and deleting messages, and keyword-based monitoring across all compromised accounts.
“These features indicate the platform is more mature than a simple device code phishing kit – it is a complete BEC operations environment,” Kelley wrote. ®

Venice.ai, a privacy-focused AI startup with strong Seattle ties, has raised $65 million in its first outside funding, valuing the 2-year-old company at $1 billion.
The company positions itself as a private and unrestricted alternative to mainstream AI services, offering access to a range of open-source and commercial AI models. Venice says it doesn’t log or store users’ prompts and responses on its servers, keeping conversations on people’s own devices. It also strips out many of the content filters built into competing tools.
The Series A round, announced Wednesday morning, was led by Dragonfly, a crypto-focused investment firm, with participation from North Island Ventures, Coinbase Ventures, Archetype, Morgan Creek, Liquid2 Ventures and Seattle-based Founders’ Co-op.
The company was founded in 2024 by crypto entrepreneur Erik Voorhees, its CEO, who runs the company from San Francisco. Voorhees founded the crypto exchange ShapeShift and has long argued against heavy government regulation of cryptocurrency.
Seattle tech veteran and serial entrepreneur Jesse Proudman is Venice’s president, CTO and co-founder. The two met as classmates at the University of Puget Sound in Tacoma.
“We want Venice to be thought of in the consumer landscape on the same terms as a ChatGPT or an Anthropic,” Proudman said in an interview. “We want people to open their phones and have our app sitting alongside those apps.”
The case for privacy comes from how people are starting to use AI. As chatbots become go-to tools for sensitive matters — medical questions, legal issues, job negotiations, relationship advice — users hand over intimate details that accumulate in the databases of companies like OpenAI and Anthropic.
That data, Proudman said, is only as safe as the company holding it.
“It only takes one breach, one disgruntled employee who is going through that data, a government subpoena, a change in government policy — and then all of that data no longer is private to you,” he said. “It can be health records, it can be legal questions, it can be job negotiations, it can be relationship advice.”
Venice’s answer is to create no central trove to breach or subpoena in the first place.
Marketing AI with fewer restrictions can make Venice more useful in some cases, but it also raises the misuse questions that lead mainstream services to build in guardrails in the first place. Proudman said Venice includes some safeguards to prevent abuse and illegal activity.
The company nonetheless bills itself as an “AI safety company,” casting the surveillance of users’ thoughts — rather than the content of their prompts — as the greater danger.
Proudman is based in Seattle, where he has spent more than two decades starting and selling technology companies. He founded cloud-computing company Blue Box, which IBM acquired in 2015, and crypto trading startup Strix Leviathan, acquired by hedge fund Parataxis in early 2025. Strix spun out Makara, a crypto investing startup, in 2021, and Betterment acquired Makara the following year.
Proudman spent about three years as a VP at Betterment, where he started moonlighting on Venice in 2024 — building it nights and weekends before leaving to go full-time.
Venice says it reached 3 million users in April and turned profitable in the first quarter.
“That hockey stick that we always hear about, and that I’ve spent 25 years trying to build companies to find, finally manifested,” Proudman said.
Venice makes money through consumer subscriptions and paid access to its developer API. It also has its own cryptocurrency, the VVV token, which developers can buy and lock up to reserve a share of the company’s computing capacity instead of paying per use.
Proudman said Venice will use the funding to build its own data center infrastructure — owning the GPUs that power its service rather than renting computing capacity — and to invest in growth as it tries to establish itself as a mainstream consumer brand.
The company has grown to about 45 employees, up from roughly 15 people a year ago, with six in Seattle. It operates as a remote team and doesn’t currently have an office.
Whether Venice expands its Seattle footprint long-term may hinge on state politics. Proudman has publicly opposed Washington’s new 9.9% “millionaires tax” — a state income tax on household income above $1 million that was signed into law in March and takes effect in 2028 — and said he won’t stay in the state if it does.
He’s pinning his hopes on a repeal campaign that backers are trying to get on the November ballot.
“I love it here … Seattle is a unique and phenomenal place to build a company, and I’ve been building companies here my entire life,” Proudman said. “I want to see us continue to be competitive against the Bay Area.”
The name OCCT comes from OverClock Checking Tool. This application will let you benchmark and overclock your system components. OCCT is the most popular all-in-one stability check and stress test tool available.
It generates heavy loads on your components while checking for errors, and will detect stability issues faster than anything else. OCCT embeds HwInfo’s monitoring engine to get precise readings and diagnose issues faster.
OCCT is primarily a stress test tool used for checking stability issues. With this program you can stress test your CPU, GPU and determine the memory usage on your system. You can configure the app to stop the test when the temperature is too high or when it finds any error so you can prevent hardware failures.
With OCCT you can run stability tests on your hardware from one minute to as long as ten hours. However, it is advisable to stress test your CPU for at least an hour.
OCCT integrates coil whine detection helping users identify electrical noise from their GPU under load. By controlling GPU stress patterns and fan speeds, OCCT can make your card “sing” with distinct tones, making it easier to detect coil whine even in noisy environments. Results vary by GPU model, cooling design, and case acoustics.
Yes, but it’s intentionally very demanding. The storage test pushes drives to their thermal and workload limits to verify stability and endurance. While it’s safe for occasional diagnostics, running it too frequently may shorten the lifespan of SSDs or HDDs due to sustained high temperatures and write cycles.
OCCT is free for personal use, but some features such as the Stability Certificate are reserved for paid users. For commercial use there are paid versions that start at $5 per month that include more features such as unlimited time duration.
Don’t let your work go to waste
Ensure your computer is stable before working on your beloved projects – don’t let a reboot or memory corruption put your hard work to waste
Is this a game bug or my computer?
Find out by stress-testing your components. If anything’s wrong, OCCT will pick it up and tell you ! By having a wide-range of test integrated, you’ll be able to pinpoint which one is faulty.
Stop wasting time with after-sale services
Find out which component is faulty and gain time by giving after-sale services proof your hardware is faulty. I don’t promise you it’ll go smooth, but at least, you’ll have backup.
Modern monitoring dashboard
Create easy-to-read, attractive monitoring dashboards showing how your component is behaving in real-time.
Check your cooling
OCCT test will make your components go all out. If anything is wrong with your cooling, you’ll quickly know.
The ultimate CPU test
OCCT’s CPU test gives you full control on which core is tested – Cycle through cores, know which one generated an error, invert them… Lots of fun there.
Squeeze every MHz of your components
OCCT will help you pinpoint ideal values for your overclocked components and ensures rock-stable day-to-day usage.
Last month, we introduced one of the biggest evolutions in OCCT’s history: a completely redesigned and fully modular Memory Test.
Today, we’re excited to officially release OCCT v17, bringing together the new Memory Test system alongside a new launcher for OCCT and major optimizations and quality-of-life improvements across the entire application.
This release also comes with new presets for the memory test, including a community-made preset by Stephen Shanks, with even more to come in future releases.
A New Memory Test
OCCT v17 introduces a full redesign of the Memory Test, rebuilt entirely from scratch around a highly modular architecture.
Currently, the new system includes 16 individual testing blocks that can be freely combined to create highly customized memory stress tests. This makes the new OCCT Memory Test one of the most flexible and customizable memory validation solutions available.
Whether you’re validating system stability, investigating intermittent memory issues, or creating specialized test scenarios, the new framework gives you complete control over how memory is stressed and analyzed.
Optimizations and Quality-of-Life Improvements
Alongside the new Memory Test, OCCT v17 delivers major improvements to performance, reliability, and overall usability.
Community Presets
Previous Release Notes:
Adding support for Arrow Lake CPUs
With V16.1, the System Tuning tool now supports Intel Arrow Lake CPUs, including the newly released Arrow Lake Refresh, allowing users to take full advantage of native tuning capabilities directly within OCCT.
System Tuning in v16.1
The System Tuning tool was designed to simplify and unify the CPU tuning process by combining configuration and testing within a single software.
With OCCT V16.1, users can:
Work on both Windows and Linux
This approach removes the need for multiple tools while improving the speed and reliability of system stability and overclocking validation.
Continuing to expand support
Expanding hardware compatibility remains a key focus. With Arrow Lake now supported alongside Granite Rapids, we’re already working on bringing the System Tuning feature to more current and previous generations of CPUs.
As always, we welcome your feedback as we continue to improve the System Tuning tool and expand its capabilities.
OCCT 15 Release notes
We’re thrilled to announce that OCCT v15 is now officially out of beta! A big thank you to everyone who helped us test and refine this release over the past few weeks.
This update includes:
Storage Test and Benchmark Stable Release
Major 3D Adaptive Test Update
New Coil Whine Detection Feature
New OCCT Skins
It’s a question that plagued car designers for over a century: How do we make a car go faster? Instinctually, one would assume that you could throw horsepower at it until you achieve the numbers you want, but that only works to a point. After all, the definition of “fast” extends beyond just how hard a car accelerates and the top speed it can hit; otherwise, supercars would more closely resemble drag cars. Rather, what makes a supercar quick is a combination of two elements: power-to-weight ratio and grip.
Power-to-weight ratio influences how quickly the car can get up to speed and how easily it maintains that speed, while grip reflects how well it holds to the road and is influenced by elements like aerodynamics and tires. Combine both elements, and presto, you have a car that’s fast on the straights and maintains speed through the corners. A fast supercar, by design, will have a lower power-to-weight ratio than your average car, as well as aero parts like functional front and rear wings, a rear diffuser, and wide tires to increase grip. All that, combined with sophisticated systems and a modern, stiff chassis, makes up the recipe for most supercars today outside of certain specialized machines like the Caterham Seven — which, for all its greatness, is remarkably one of the worst cars ever in terms of aerodynamic efficiency.
Of course, the actual physics behind it all are far more nuanced than that. For instance, how do weight and power determine a car’s speed, beyond the obvious “more power is more fast?” Likewise, how do large tires, aerodynamic devices, and a low center of gravity help carry that momentum?
All cars need horsepower, but supercars take it a step further by (usually) having bigger engines with more power than the average car. That seems simple enough on the surface. But it’s not so straightforward. Think about it this way: The largest piston engine in the world produces over 100,000 hp, but the cargo ships it powers go only a fraction of the speed of a supercar. Similarly, some high-load big rigs produce around the same power as some supercars, but aren’t fast at all. That’s because these vehicles are all far heavier.
There’s a famous quote attributed to Sir Colin Chapman, founder of Lotus: “Simplify, then add lightness.” That formula went on to secure victories throughout the 1950s and 1960s, solidifying Lotus as an outstanding motorsports constructor and later influencing Lotus sports cars like the Elise and Exige. Put simply, having less weight to push around amplifies the horsepower an engine makes. You don’t need a massive engine to shove around a little car, which is how supercars go fast in the first place. Sure, a bigger power is nice, but weight is also a vital part of the equation.
Where that weight is placed is also vital. Supercars, much like racecars, ride close to the ground to lower their center of gravity, keeping the car balanced and planted. Engine placement also matters because engines are generally quite heavy and can affect handling. That’s why rear-engine Porsches tend to oversteer, and front-heavy cars understeer. Most modern supercars feature mid-engine layouts, affording their platforms an ideal front-to-rear weight balance.
Balance and weight matter when cornering, too; a car turns better if there’s less mass to throw around. It’s basic Newtonian physics — the car’s mass wants to keep moving in a straight line, so the tires have to coax it to turn. This means supercars, by necessity, must have good tires and a planted chassis to turn well.
However, that’s only the tip of the iceberg. Now, we’ll get into aerodynamics. To keep things brief, the faster the car goes, the more air it must move out of the way. Some of that air becomes drag, preventing the car from going faster. A body that minimizes drag lets the car slice through the air and leave a smaller wake, granting it a higher top speed. That’s why supercars are shaped the way they are.
The second core component of aerodynamics rests not in drag, but in downforce. More aggressive aerodynamic elements like a pronounced front and rear wing, diffusers, and canards all work to push a car to the ground. The more force it pushes down with, the faster it can corner (generally with the trade-off of top speed). That’s why many modern supercars have movable aerodynamic devices like extendable wings — these extend to keep the cars planted at speed and retract for better aerodynamic efficiency in a straight line. Some also take advantage of ground effect, which sucks the car to the ground for even more downforce. Good examples include the McLaren F1, which had a secret pair of fans that provided downforce and decreased drag, and the GMA T.50 fan car.
The Clicks Communicator has made its first proper appearance in action. This gives us our clearest look yet at the modern take on the BlackBerry-style smartphone. The planned launch is later this year.
In a newly published demo, Clicks showed a working pre-production version of the Communicator. This revealed how its physical keyboard, custom Android interface and hardware features come together.
While the company has previously teased the device, this is the first time it’s been seen running day-to-day apps and core features. We got the chance to play with a non-working model at CES 2026, and came away impressed.
The biggest draw remains the physical keyboard. However, the demo suggests there’s more to the Communicator than nostalgia. A vertical ribbon of favourite apps anchors the home screen. This makes it easy to jump into Gmail, Telegram, WhatsApp and Spotify without digging through an app drawer. Users can also begin typing straight from the home screen to quickly search for installed apps.
The keyboard itself packs a few tricks, too. The spacebar doubles as a fingerprint reader. This allows users to unlock the phone or authenticate with their thumb while keeping their hands in a natural typing position. Clicks also confirmed that more software features are on the way, including a touch-sensitive keyboard, Message Hub, Prompt Key, Signal Light and a hardware kill switch. However, these weren’t demonstrated in detail.
The hardware looks surprisingly well equipped for a keyboard-first phone. The Communicator includes a 3.5mm headphone jack, stereo speakers and three microphones for clearer voice calls and recordings. It also has a barometric pressure sensor to improve GPS accuracy and weather data.
Around the back, the removable cover reveals room for both a physical SIM card and a microSD card. The device supports storage expansion up to 2TB. The demo also showed the device connected to a 5G network. In addition, it demonstrated working Wi-Fi, Bluetooth and other core smartphone features.
Clicks stressed that the hardware is still in the pre-production stage and expects to refine the internal layout before launch. Even so, the latest demo suggests the Communicator is much closer to becoming a real product than just another nostalgic concept. The company is still targeting a Q4 release.
Russia is putting pressure on Apple with a proposed $52M fine for discriminating against state-backed apps and not having them installed on every iPhone.
On June 25, the Kremlin demanded answers as to why Russian applications made by VK were removed from the App Store. Apple was accused of removing VK apps and services without “warning or explanation,” and Russia threatened to withdraw its cooperation with Apple entirely over the issue.
Now, the country has taken even stricter measures, issuing a warning to Apple, saying the company could face an almost $52 million fine for discriminating against Russian software. Russia’s Federal Antimonopoly Service said Apple devices will need to have the Max messenger and Russian search engines pre-installed.
As noted by Reuters, unless Apple complies with the demands of Russian authorities by July 15, it will face a fine equating to roughly $51.6 million. Even with the threat, though, it’s unlikely Apple will ever include Max or Russian search engines as pre-installed software on iPhones and iPads sold in the country.
Apple hasn’t sold its products in Russia since March 2022, after the Russian invasion of Ukraine. There are no Authorized Apple Resellers in the country, either.
Consequently, every iPhone and iPad sold in Russia makes its way into the country through the grey market. Hardware aside, the App Store remains available on iOS devices in Russia, and Apple has occasionally complied with app-related requests from Russian authorities.
In July 2024, Apple removed VPN apps from the App Store in Russia. In October 2024 and November 2024, the company similarly removed independent media apps that contained content labeled “undesirable” by Russian authorities.
In February 2023, Apple also paid a $12.12 million antitrust fine for forcing iOS users to rely on its in-app purchase system. After Apple Ireland was fined for breaking sanctions against Russia in March 2026, however, subscriptions and payments for Apple Services are no longer available in Russia.
Despite Apple’s periodic willingness to appease Russian authorities, the two continue to have a strained relationship. In September 2023, Apple warned Russian journalists of state-sponsored spyware, while Russian authorities claimed Apple was helping the United States spy on iPhone users.
Overall, Apple’s only attempts at complying with demands from Russia involve removing apps from the App Store. Beyond that, there’s little the company is seemingly willing to do.
At best, App Store users in Russia might see the return of VK apps. It’s unlikely Apple will develop a region-specific product configuration for Russia, as it does not sell its devices in the country. That ultimately means the state-backed Max app will probably never be preinstalled on iPhones in Russia.
A global memory shortage is pushing Apple to consider alternate RAM suppliers. In all likelihood, this will draw scrutiny from U.S. lawmakers.
The companies in question are ChangXin Memory Technologies Inc. and Yangtze Memory Technologies Co. The companies are on a Department of Defense list of Chinese companies believed to support Beijing’s military.
According to Bloomberg, talks are still ongoing and nothing is final yet. However, Apple’s goal is to reduce the impact of a global memory shortage, which recently caused the company to increase prices across its hardware lineup.
Outgoing CEO Tim Cook, who is set to step down in September, has appealed to the Trump administration, including Treasury Secretary Scott Bessent. Technically, Apple doesn’t need formal approval; the company would likely seek it to avoid any blowback from working with blacklisted entities.
Apple previously attempted to buy Chips from YMTC, specifically for iPhones to be sold in China. At the time, Marco Rubio, the top Republican on the Senate Intelligence Committee, said Apple was “playing with fire.”
Presented by Splunk
Agentic AI is making IT and security teams dramatically more efficient. But it’s also removing the apprenticeship that has long produced experienced operators.
As organizations automate more of the work once performed by junior analysts and engineers, they’re confronting a challenge that’s as much about workforce design as architecture design: how to build the next generation of experts when AI handles the work that once trained them.
For two decades, the path to becoming a world-class SecOps analyst, SRE, or NetOps engineer ran through repetition.
Triaging false positives. Hunting through dashboards for context. Reading logs at 2 a.m. that turned out to be benign. The industry treated this work as drudgery, and in many ways it was.
But it also served as the apprenticeship.
The thousands of hours an analyst spent staring at traffic patterns built the intuition that made them invaluable when a real attack arrived. That intuition was not taught in a single course or captured in a runbook. It was accumulated through exposure, pattern recognition, failure, and escalation. Over time, this is how people earn deep analytical experience.
However, agentic AI is now beginning to automate the very tasks that once served as the training ground for that expertise. That is not a reason to slow down. The drudgery was costly. The burnout was real. Organizations should use agents to reduce toil wherever they can.
At the same time, as we remove that apprenticeship loop, we need to provide operators something better in its place. How organizations approach this issue today will determine the winners for the future.
Organizations that approach this deliberately will produce the operators skilled to succeed in the next decade. Organizations that punt on this may find themselves with faster systems today, but with fewer people who understand them deeply enough to govern them tomorrow.
There is also a second dimension to this conversation that gets less attention than it should.
In regulated environments, the drudgery of apprenticeship is part of the accountability layer. Frameworks from SOX to PCI DSS to HIPAA to NIS2 assume there is a chain of human judgments behind a control decision.
Auditors do not interview models. They interview people who can explain why a system did what it did, why the decision was sound, and whether the right controls were in place.
When the population of professionals who can explain that chain begins to thin, the risk may not appear immediately. The control may still pass. The workflow may still be executed. The dashboard may still look green.
But the underlying organizational memory begins to hollow out.
This is not simply a tooling problem. It is also a workforce skill and design problem. And for organizations moving quickly on agentic adoption, the risk is closer than many think.
When we lose part of the accountability layer to agents, humans will step into a different type of governance role. Governing an agentic system means implementing automated guardrails that adapt to non-deterministic agent behavior and ensures agents behave appropriately under conditions no one fully anticipated. It means designing escalation criteria that catch the right anomalies without overwhelming humans with the wrong ones. It means implementing dynamic tools, alerts, and processes to review machine decisions to detect drift, bias, and reasoning failures that no individual case would reveal.
The ability to evaluate and respond to these exceptions requires judgment built over years of experience, learning pattern recognition that the old apprenticeship model used to produce.
That is why the workforce question and the architecture question are now the same question. If we expect humans to govern increasingly autonomous systems, we need intentional pathways that help people manage the scale and speed of AI systems while building the intuition and judgment in human operators required to do that work.
In the AI era, the most valuable platforms will not simply automate the most tasks. They will help people become more capable, more credible, and more essential as the systems around them become faster and more intelligent.
That means organizations need to invest in the full ecosystem of expertise for operators: communities that spread shared practices, certifications or other proofs that make expertise visible, and human-oriented explanations and verifications in the AI along with learning paths that build capability. Empowerment is an architecture design choice
Human empowerment is a critical part of the conversation around the practical use of AI. However, without an intentional strategy to back this up, it risks becoming the kind of phrase that means nothing because it can mean anything.
Empowerment for agentic systems cannot just be a conceptual requirement. It has to be a set of design choices baked into how systems behave. An agentic system that empowers its human operators and grows their professional skillset does four things:
Every recommendation an agent makes should be traceable to the data it considered, the logic it applied, and the provenance of the inputs it used. Operators who can see reasoning develop judgment about when to trust it. Operators handed only conclusions do not.
Familiar, low-risk patterns can be handled autonomously. Novel situations or actions with meaningful blast radius should escalate by default. The boundary should be explicit and configurable by the teams that own the consequences.
When an experienced engineer overrides an agent, they are doing more than disagreeing. They are correcting the system with judgment the model did not have: a fragile dependency, a quirk in the environment, a constraint the data never saw. A system that registers the override but ignores the reasoning behind it learns nothing from the one moment a human knew better.
How an incident gets resolved is a lesson that rarely stays in one lane. A SecOps incident may expose an ITOps weakness. A network issue may trace back to business impact. When that connection lives only inside a closed ticket, the next team to hit it starts from zero. Resolutions should travel across domains, not die where they were filed.
These are not aspirational qualities. They are testable product capabilities. Leaders evaluating agentic systems should be able to identify where these capabilities live, what happens when they fail, and whether operator skill improves after deployment.
For AI systems to be practical, trusted, and work at scale, the critical design point is for the AI to work deeply alongside and empower human operators.
As such, the agentic era is not a story about replacing humans. It is a story about redesigning the systems humans operate so that these operations can happen at machine speed and scale, while human expertise grows at the same time. Together, rather than at each other’s expense.
That outcome is not a given. It will happen only where leaders treat operator development as a priority, not an afterthought. To achieve this, agentic systems have to be intentionally designed to expose reasoning, capture learning, and route work back to humans in ways that build skill and career rather than erode both.
The agents will keep getting smarter and faster. The ability of operators who work alongside them to learn and grow in lockstep, will determine whether the next decade of digital resilience is something organizations truly own, or something they rent from a shrinking pool of expertise.
Learn more about how Cisco Data Fabric powered by the Splunk Platform is helping teams accelerate agentic operations.
Kamal Hathi is SVP and GM of Splunk, a Cisco Company.
Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. For more information, contact sales@venturebeat.com.
Weekend Open Thread: Staud – Corporette.com
The House | Manchesterism won’t survive the painful trade-offs unless it gets citizens on board
Strategy authorizes up to $1.25B in Bitcoin sales under new capital plan
Potential 2028er World Cup attendee leaderboard
Asia stock markets slide as tech shares slump
MAJOR BITCOIN & MARKET UPDATE!!!! (MUST WATCH ASAP!!!)
A Look At A Gaggle Of Transputer Boards
Dell (DELL) Shares Tumble Over 5% Following Analyst Downgrade to Hold
Coinbase, Circle Deepen Crypto Stock Losses Despite Resilient S&P 500
Australia treasurer says alleged access of prime minister’s bank data ’incredibly concerning’
Kraken's xStocks Opens Bending Spoons IPO Registration to EEA Retail
FIH Pro League: India defeat Pakistan 7-1, register biggest win of campaign | Other Sports News
Bitcoin Sparks $600M Hourly Liquidations With $65,000 Set To Become Resistance
Bluekit phishing kit adopts browser-in-the-middle for login theft
Russian hackers now target Signal backup recovery keys
Hyperliquid Named on Singapore MAS Investor Alert Register
RTX holders must register wallets before token distribution begins
Ripple and SBI launch RLUSD in Japan after JFSA approval
Anonymous researcher drops 0-day ‘exploitarium’ repo
Broncos roster: OL Ben Powers (No. 74) entering final year of contract
You must be logged in to post a comment Login