Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
Meta has a new AI model out, this time dedicated to generating and editing AI images. And yes, you can use it on Instagram. But if you have a public account, you need to change your settings now to avoid ending up the unwitting subject of anyone’s AI creations.
The model, called Muse Image, is the first creative model from the new family of Muse Spark models made by Meta’s superintelligence labs. The company said in a blog post that it’s built to handle more complex requests, create composite photos and edit existing images. It’s available now on the Meta AI app, Instagram and WhatsApp, with plans to eventually bring it to Facebook, Messenger and advertisers.
CEO Mark Zuckerberg showed off the new model on his Instagram on Tuesday. He showed some of the 30 new AI editing effects the model is powering for Instagram Stories, including images of numerous Zuckerberg clones, a 360 camera view with AI lead Alexandr Wang and an exposure portrait mode with Andrew Bosworth, Meta’s chief technology officer.
CEO Mark Zuckerberg demonstrates the new AI model’s editing abilities in Instagram stories featuring Alexandr Wang (center), Andrew Bosworth (right) and many AI clones of himself (left).
This isn’t the first time an AI company has tried to entice people to use its creative AI by offering to place you and your friends into the AI scenery. That was OpenAI’s pitch when it launched its ill-fated Sora video app in 2024. But OpenAI still drew ire from regular people and celebrities for its role in easily creating deepfakes. Meta’s new AI model poses the same risk.
Let’s momentarily step aside from the fact that this new model will probably lead to even more AI slop on Instagram. And that the pictures you upload to the Meta AI app are used to improve Meta’s services. There’s an important detail in the settings everyone with a public Instagram account should know. If you’re over 18 and have a public account, anyone with a Meta AI account can “tag” you in their AI image prompts and create hyperrealistic AI images including your likeness — otherwise known as deepfakes.
I gave the new model a spin to see just how easy it could be to create deepfakes. My CNET colleague Abrar Al-Heeti has a public Instagram account, and I was able to make an AI image of her as a pirate in less than a minute by including her Instagram username in my prompt. When I tried the same for myself, tagging my private Instagram account, Meta AI couldn’t complete the request.
While Meta AI and I didn’t need to get my colleague Abrar Al-Heeti’s permission to make this AI-generated image of her as a pirate, I did get her consent before including it in this story.
Meta confirmed to CNET that creators with a public Instagram account can block people from creating AI content with their likeness with a setting toggle. Go to Instagram Settings > Sharing and reuse > Toggle off “Allow people to reuse your content on Instagram and with AI features at Meta.” You can adjust this control for posts and reels. Private accounts automatically don’t have their content accessible for anyone to remix or create with. (After our testing, Al-Heeti turned off this permission.)
You can also limit your risk of being deepfaked when tagging yourself in an image request for the first time in the Meta AI app. It will walk you through some steps to help the app recognize you. That includes taking a picture of your face and, optionally, uploading three photos of yourself. In this process, you can choose who is allowed to use your likeness, including only yourself, followers you approve, mutuals or everyone. You can adjust this in the app by going to Settings > Your likeness.
These controls will be essential for professional creators and influencers, whose names and likenesses are their brand and therefore their livelihood. Meta says its models have built-in protections to prevent the model from creating illegal, abusive or defamatory content. But like we saw with Sora, motivated bad actors can get around a model’s safeguards. We will have to wait and see if Meta’s are up to the challenge.
Anthropic on Tuesday launched Claude Cowork on mobile and web, expanding a tool that has quietly become the company’s bridge between the developer-centric world of AI coding agents and the far larger market of knowledge workers who never open a terminal.
The rollout, which begins in beta with Max subscribers before expanding to additional plans, marks a strategic inflection for Anthropic. It transforms Cowork from a desktop-only agent into a cross-device platform where tasks can start on a laptop, continue autonomously in the background, and be reviewed from a phone — even after the user closes the app entirely.
“Your work goes everywhere with you, and keeps going without you,” Anthropic writes in its announcement.
The timing is deliberate. Alongside the mobile launch, Anthropic published usage data from 1.2 million anonymized Claude Cowork sessions sampled between May 11 and May 31, drawn from more than 600,000 organizations. The data paints a striking picture: the overwhelming majority of what people do with Cowork has nothing to do with writing software.
VB Transform · July 14–15 · Menlo Park · LLMs, ops & evals
Standard benchmarks fail. Amazon and Waymo explain what they test instead.
The evals track goes deep on the four dimensions of reliability — consistency, robustness, predictability, safety — and how teams at Amazon and Waymo are operationalizing them in production.
The numbers tell a story that cuts against the dominant narrative in enterprise AI, which has fixated on coding assistants and developer productivity as the primary use case for large language models.
Business process and operations — tasks like pulling scattered updates into a single report, building onboarding checklists, and reconciling spreadsheets — accounted for 33.4% of all sampled Cowork sessions, making it the single largest category by a wide margin. Content creation and copywriting — producing drafts, slide decks, posts, and proposals — came in second at 16.4%.
Together, those two categories make up roughly half of all Claude Cowork usage. Software development, by contrast, accounted for just 8.7%. DevOps and infrastructure followed at 7%, with research and intelligence at 6.4%, data analysis and business intelligence at 5.8%, document processing and extraction at 4.1%, and sales and revenue operations at 4%.
The remaining 12 categories each represented less than 4% of usage, including personal assistance at 3.8%, education at 2.4%, and meeting intelligence at 1.8%.
Anthropic describes these dominant use cases as “the work around the work” — tasks that span nearly every role in an organization but rarely appear in anyone’s core job description. “People are using it for a variety of tasks that aren’t necessarily the hallmark of a specific role, but instead represent the connective work around a role that moves projects forward and keeps businesses running,” the company writes. “That means tasks like drafting a status update, building a slide deck, or condensing reams of research into a single report.”
That phrase — “the work around the work” — is Anthropic’s attempt to define and claim an entirely new category of AI productivity. It’s a calculated reframing: rather than positioning AI as a tool that replaces what professionals do, Anthropic is arguing that the most valuable current application is handling everything professionals do around their actual expertise.
The expansion to mobile and web introduces three concrete capabilities that reflect how Anthropic envisions Cowork fitting into daily workflows.
First, sessions now sync across devices. A user can start a task at their desk, check on its progress from a phone, and retrieve the finished output from any device. Second — and arguably more significant — Cowork can now run tasks in the background with no device online at all. Users can schedule work for a specific time, and Claude will execute it autonomously. Anthropic offers the example of setting Monday morning client prep for 6 a.m.: “Claude works through the email threads, transcripts, and recent news, builds the briefing doc, and leaves the follow-up email drafted but unsent. Review it over coffee.”
Third, when Claude encounters a decision that requires human judgment, it surfaces the question to the user’s phone. “Nothing ships until you’ve reviewed and approved it,” Anthropic states.
Desktop remains the most fully featured surface, with access to local files and the browser. But the web version also opens Cowork to users who cannot install a desktop application — a meaningful expansion in enterprise environments where IT departments control software installation.
The company also unified its interface: on web and desktop, chat and Cowork now share a single home screen, and projects and artifacts persist across both modes.
To encourage adoption, Anthropic is extending doubled Cowork usage limits through August 5.
The usage data and the mobile launch together reveal a company executing a two-track strategy. Claude Code, its terminal-based coding agent, dominates among software developers. But Cowork is designed to capture the vastly larger population of professionals whose work involves creating, organizing, and communicating information rather than writing code.
The contrast between the two products is instructive. As Anthropic notes, Claude Code “is most often used by software developers for the key parts of their role: building, debugging, and shipping code.” When developers do use Cowork, they tend to use it not for programming but for the communications-focused work that surrounds every role — status updates, documentation, and coordination.
This pattern — where AI handles the connective tissue of work rather than its core substance — aligns with what Anthropic describes as people using “Claude Cowork to assemble and structure the information they can use to act on their expertise.” The company illustrates this with three examples: a lawyer using Cowork for document formatting and filing while reserving legal judgment for themselves, a hiring manager synthesizing interview feedback while spending more time on candidate conversations, and a team lead producing a slide deck that explains a decision while focusing on actually making that decision.
The implications for Anthropic’s business model are significant. Developer-focused tools, while high-profile, serve a relatively narrow market. The Ramp AI Index published in May showed Anthropic pulling ahead of OpenAI in business adoption for the first time — with 34.4% of firms paying for Anthropic’s services compared to OpenAI’s 32.3% — and suggests the company’s enterprise push is gaining traction. Claude Code was identified as the primary driver of that shift. But Cowork targets an addressable market that is orders of magnitude larger: every knowledge worker with a laptop, a pile of spreadsheets, and a slide deck due by Friday.
The mobile launch arrives during one of Anthropic’s busiest — and most turbulent — stretches in its history.
Just last week, Anthropic launched Claude Sonnet 5, a new model that narrows the performance gap with its more expensive Opus-class models while maintaining lower pricing. The model is available at introductory pricing of $2 per million input tokens through August 31 before rising to $3 per million input tokens. Sonnet 5 serves as the engine underneath Cowork, and its improved agentic capabilities — better reasoning, tool use, and sustained task completion — directly enhance Cowork’s ability to handle complex, multi-step workflows.
Two weeks before that, Anthropic released Claude Tag, a Slack-native AI agent designed for team collaboration. Where Cowork focuses on individual task delegation, Claude Tag operates as a multiplayer tool — a single Claude identity that everyone in a Slack channel can interact with, building context from conversations over time.
According to Anthropic’s announcement, 65% of the company’s own product team’s code is created by its internal version of Claude Tag. Fortune reported that Anthropic’s head of product for Claude Code and Cowork, Cat Wu, described the distinction: “Claude Code, Cowork, and chat are very single-player, whereas Claude Tag is built to be interactive and multiplayer.”
Together, Cowork and Claude Tag represent a pincer strategy: Cowork captures individual productivity workflows across devices, while Claude Tag embeds AI into team communication channels. Both are designed to push Anthropic deeper into enterprise operations, beyond the developer seat.
The expansion also arrives against a backdrop of unresolved security concerns. On July 1, security firm Armadin — led by Mandiant founder Kevin Mandia — published research detailing what it described as a full sandbox escape in Claude Cowork on Windows, as reported by SiliconANGLE. The attack chain involved DLL sideloading against the Claude desktop executable to gain trusted access to Cowork’s virtual machine service, then exploiting undocumented parameters to achieve root access and bypass network restrictions.
Anthropic responded that the vulnerability did not qualify as a security issue because exploiting it requires an attacker to already have local code execution on the host machine. Armadin, however, raised a broader concern: that deploying local virtual machines on nontechnical users’ systems creates visibility gaps that endpoint security products struggle to monitor.
This tension takes on new dimensions as Cowork moves to mobile and web. The web and mobile versions run tasks server-side rather than in a local virtual machine, which eliminates the specific attack surface Armadin identified but introduces different questions about data handling, especially for scheduled background tasks that process email threads, calendar data, and documents without real-time user oversight.
Anthropic’s announcement states that “the decisions still come to you” and that nothing ships without review and approval. But as Cowork takes on increasingly complex autonomous workflows — processing contract folders, building client briefings from multiple data sources, drafting emails — the surface area for prompt injection and data exposure grows correspondingly.
When Cowork first launched in January, TechCrunch reported that Anthropic explicitly warned about prompt injection risks, noting in its blog post: “These risks aren’t new with Cowork, but it might be the first time you’re using a more advanced tool that moves beyond a simple conversation.”
Anthropic’s enterprise push is also colliding with geopolitical reality. CNBC reported Monday that Alibaba will ban employees from using Anthropic’s AI tools starting July 10, placing Claude Code on a high-risk software list. The move followed Anthropic’s June letter to the U.S. Senate accusing Alibaba of carrying out what it called “the largest known distillation attack” against its models.
The Alibaba ban, combined with reports that Anthropic is closing loopholes that allowed Chinese companies to access Claude through third-country entities, underscores the increasingly fraught environment for AI companies attempting to serve global enterprise customers while navigating U.S. export and security restrictions.
At the same time, Anthropic is investing massively in infrastructure. Reuters reported Monday that Anthropic signed a $19 billion, 20-year lease with TeraWulf for a data center being built in Hawesville, Kentucky, with 401 megawatts of computing power expected to become fully operational in 2028.
That kind of capital commitment only makes sense if the company expects enterprise demand — not just from developers, but from the millions of knowledge workers that Cowork targets — to grow dramatically.
Anthropic is transparent about the limitations of its usage analysis. The taxonomy classifies sessions by the type of work being performed, not by the job title of the person doing it.
There are no standalone categories for marketing, finance, or HR — functions that are likely absorbed into the dominant “business process and operations” bucket, which may partly explain why that category commands a third of all usage.
The sample is also rate-capped rather than proportional to traffic, meaning the numbers are shares of sampled sessions, not absolute volumes. Usage during peak hours is somewhat underrepresented. And roughly 5% of sampled sessions involved personal, non-work use — hobbies, personal assistance, and companionship-style conversations — meaning the data doesn’t purely reflect workplace activity.
The company also acknowledged that its labeling pipeline changed around May 11, which is why the analysis window begins on that date rather than covering a longer period.
Anthropic’s mobile launch and usage data arrive at a moment when the enterprise AI market is shifting from proof of concept to proof of value. The question facing every company deploying AI tools is no longer whether the technology works — but whether it delivers measurable productivity gains across an organization, not just within engineering teams.
The usage data suggests that the answer, at least for Cowork, is emerging in an unexpected place. It’s not in the glamorous work of building software or conducting research. It’s in the unglamorous, universal labor of turning messy information into structured outputs that move organizations forward — the status reports, the onboarding checklists, the variance memos, the client decks.
By untethering that capability from the desktop and making it available on every device, Anthropic is betting that the most valuable AI agent isn’t the one that writes code. It’s the one that handles everything else.
Ever since Meta launched its first smart glasses developed in collaboration with Ray-Ban, they have built a reputation as a creep’s weapon. The outrage is justified, as a lot of people are not comfortable being recorded or captured without being told about it. Now, Meta is taking concrete steps to make sure that the camera-equipped smart glasses do not violate any person’s privacy. To that end, the company has announced that it will disable the onboard camera on its smart glasses if someone covers or tampers with the white LED indicator light.
Meta argues that the white LED indicator serves as an alert signal for any other person who might be in the field of view. “We are continuouslyimproving our ability to detect tampering, and now we’re updating the glasses to disable the camera if they detect the LED was physically tampered with or destroyed. No other kind of camera has done this, and we’re proud to lead the industry forward,” the company said in an official announcement.

Meta says that it is updating the smart glasses to ensure that if the LED system is physically disabled or covered, the camera will be entirely disabled. The change will be first implemented on the second-generation Meta smart glasses. To recall, Meta now offers smart glasses that have been developed in collaboration with Ray-Ban and Oakley. Just over a week ago, the company also introduced an in-house line-up that was developed without any third-party brand collaboration and with a lower asking price, as well.
Over the past few months, numerous reports have uncovered an underground market where owners of the Meta AI smart glasses can get the LED indicator lights disabled. Numerous listings have also been spotted on online platforms where such services have been offered. Meta is going to take action against such activities, as well.

Meta says that it is not only going to disable the camera capture on devices with a tampered or obstructed LED light. Going a step ahead, the company will remove all the ads, posts, and online listings on its platform that advertise such services. Additionally, the company says it will also be implementing a ban on accounts that offer such services and hopes to take legal action against entities or businesses that are doing it.

Summer stretches days longer and pulls people toward trails, water, and full days outside. A watch that handles knocks, stays readable in bright light, and runs for extended stretches without a charger becomes more than nice to have. The Apple Watch Ultra 3, priced at $699.99 (was $799), fills that role for many who want one device to cover serious activity and everyday tracking.
The casing is 49mm of solid titanium on the wrist, which feels right at home and like a little additional muscle, despite the fact that it still fits securely on your wrist for regular wear. The fact that Grade 5 titanium handles dents and scratches with easily, as opposed to other aluminum models that are just battered around, is a significant advantage. The true show-stopper is the flat sapphire crystal, which protects the screen from the inevitable bumps into rocks or equipment during a climb, surf session, or simply fooling around and bumping items into other gear. Water resistance extends to 100m, and it has a depth gauge and a water temperature sensor, making it ideal for pool laps, snorkeling, or even assessing diving conditions. If everything else fails and you’re in a remote location, a built-in siren will sound a reassuring 86 decibels to summon rescue. All of this adds up to a watch that feels like it can take on everything the season throws at it, rather than something delicate that needs to be handled with care.
Sale
The screen now has a larger active area, although the case size remains unchanged. It still packs a punch, with a peak brightness of 3000 nits, making it visible even in the midday light. So you can still read the time and examine your maps even in the most extreme situations. By moving to LTPO3 technology, battery efficiency has actually increased, allowing you to leave the screen on in the background without draining the battery. It’s a godsend whether you’re out on a walk or a bike ride because you don’t have to lift your wrist every few minutes to view the screen. Night mode and viewing angles have also been improved, reducing eye strain as light levels change.
Battery life has to be the number one reason this watch is worth considering right now; with normal use, it lasts roughly 42 hours, and with battery saver mode, you can extend it to 72 hours on a long journey. Real-world testing indicates that it’s not just talk; actual users have reported constant drain times even with GPS and other tracking equipment functioning in the background. If that’s not enough to put your mind at ease, the watch also charges quickly, reaching 80% in 45 minutes. So, if you have a long day ahead or a multi-day vacation planned, a fast charge in the morning or during a break will keep you going for another full day. For anyone who has experienced the stress of running out of power in the middle of nowhere, this is a game changer.
New capabilities such as satellite messaging let you to send a text or contact emergency services when you’re out of range of a cell tower, and dual-frequency GPS provides super-accurate position data no matter where your activities take you. If you find yourself in a region with 5G, the watch will connect quickly for calls, texts, and data. These features combine to make the Ultra 3 a more comprehensive off-grid companion without making it heavier or more difficult to use in everyday life.
Health insights have just become much more practical with the addition of hypertension notifications following a brief calibration time. Your watch already tracks your ECG, heart rate variability, temperature, blood oxygen, and sleep patterns; now recovery data is right alongside your training metrics, allowing you to understand how all that hard work is affecting your rest time. When it comes to striking the right balance between fitness and general wellness, your sleep scores and apnea alarms are all important factors to consider.

The watch stays spot on with fitness tracking whether you’re jogging through difficult terrain, swimming in open water, or participating in any other sport. Its dual-frequency GPS keeps locked in even when things get complicated, and the depth and water temperature sensors are useful for tracking your dives. Then there’s the workout guidance and stats, training load, heart rate zones, and anything else you need to organize your workouts without having to carry any additional gadgets. Whether you’re hitting the trails or sailing through the water at high speeds, this watch can handle it.

Running your watch’s software on a daily basis feels snappy thanks to the S10 chip’s power and 64GB of available storage. Complications update quickly, programs launch instantly, and on-board processing ensures that everyday tasks remain smooth and responsive. Like before, pairing it with an iPhone is simple, with notifications, music control, and data synchronization all operating as expected. And as new watch faces and tools are released, they simply slip in without requiring you to learn a completely new method of using the watch.

Bitluni has spent years pushing DIY electronics further than most people expect. His earlier clusters packed a few hundred small RISC-V chips onto compact boards and proved they could outperform a regular desktop processor on certain tasks while using almost no power. That success led him to ask what would happen if he kept scaling. The answer sits on his bench now: an ultra cluster built around 8,192 individual microcontrollers running at 100 MHz, managed by 256 larger controller chips.
The primary goal here wasn’t even to match a high-end graphics card for 4K gaming, as Bitluni preferred a much more minimalist approach. He reasoned that each cheap CPU was only required for one location on a display, allowing the individual chip to figure everything out on its own; merely connect them and you have a makeshift graphics system. It sounds strange, but in theory it is perfectly possible; simply take a lot of 13-cent chips and convert them into the foundation of a new graphics system. Bitluni chose the CH570 microcontroller because it fits the bill perfectly: it’s fast enough to perform the job, has 12 kilobytes of memory, and a hardware multiplier to boot, all for roughly 13 cents in bulk.
Building at this magnitude revealed some issues that are not typically encountered on smaller projects. One item that failed was using a shared clock signal, which became overwhelmed and stopped operating when there were thousands of chips on the board, so now each microcontroller has its own crystal oscillator. Packing all of those signals onto the board resulted in crosstalk, so they switched to six-layer boards with ground planes on the inner layers and staggered the traces so that signals from adjacent levels did not bleed over into each other. The physical shape, one large board, was simply too large to manufacture, so they divided it into modular blades. Each of these blades is simply a grid of CPUs and small RGB LEDs; simply slide them into the central circular backplane with edge connectors, and it resembles a modern art sculpture rather than normal computer hardware.

Getting power and keeping the thing cool turned into complete engineering projects on their own. With so many tiny chips running at 3.3v generating hundreds of amps, they need a 3kW power supply and efficient buck converters to keep everything going smoothly. The current version 1 still uses powerful fans rather than the immersion cooling tank that they had planned to employ. Programming the thing would have taken weeks if done by hand (which is insane, just think about it!), so they ended up modifying a 3D printer, installing some pogo pins on the gantry, and writing Python scripts that simply move the head across each board and flash the firmware through the exposed pads.

Right now, it’s running pretty well, as they have a decent light show going on with synchronized patterns spanning over a thousand processors, each driving its own 1mm x 1mm RGB LED, and it looks pretty cool when the blades light up in succession or in waves. They’ve even begun experimenting with distributed ray marching, which is the same method used in some of those fancy real-time rendering demos. Once they have a few more blades online, they will conduct some real testing.

The communication side of things is simply SPI buses, with each set of 32 worker chips sharing one bus, and the larger controllers handling the real coordination. The bandwidth is limited, so it will not be able to push high-resolution frames as quickly as a dedicated GPU – but that was never the goal of this project. It’s more about demonstrating how far you can push an idea when you have low-cost parts and open designs for others to follow along. Once the project moves on to the next step, the files and code will be made public.
[Source]
Microsoft will turn on Windows settings backup and restore by default for eligible Windows 11 business devices outside the EU, starting with Windows 11 26H2. The Register reports:
Now dubbed “Windows settings backup and restore,” the service backs up a device’s settings and a list of installed Microsoft Store apps, which can then be restored to a new device. Microsoft gave a use case for the technology: “Imagine a lost laptop, a hardware refresh, or an unexpected reset. These are some of the moments when your users need backup most. And that’s rarely when anyone wants to discover that backup was never turned on.”
However, some organizations might not want it on. Perhaps those with strict privacy or data sovereignty requirements, or those regulated by the EU Digital Markets Act (DMA), for whom the default-on behavior won’t apply. Windows 11 25H2 and earlier are also excluded, as is any device with a backup policy that explicitly disables the setting. Everything else running Windows 11 26H1 will get switched on after a feature update, and the same applies to 26H2, currently with Windows Insiders in the Experimental channel.
Administrators might reasonably be wary of this being opt-out rather than opt-in. Backups are useful, but Microsoft is clear that this is not a comprehensive backup solution, calling it only “one step in a broader Windows resiliency effort.” The implications still need consideration. An opt-out setting that quietly ships settings data off-device is exactly the sort of thing that adds to administrators’ workloads rather than lightening them.
OpenAI’s chief futurist, Joshua Achiam, notified colleagues on Tuesday that he is leaving the company later this month after nearly nine years, WIRED has learned. Achiam, who previously led a team tasked with upholding the organization’s nonprofit mission, told OpenAI staff that his departure was not motivated by any specific reason, but was something he’s been thinking about for a while.
“The world is in on the secret now and it feels possible to work on the mission from outside the walls of a frontier lab,” Achiam said in a note to staff obtained by WIRED. “I believe we can get to a world of peace, unprecedented prosperity, and unimaginable possibilities, social and scientific. Whatever I do next, I will continue to work with you on making this vision real.”
OpenAI has not yet announced if anyone will fill Achiam’s role, which sat at the intersection of the company’s AI safety and policy teams, and involved studying the potential harms and benefits caused by the rise of artificial intelligence. Achiam worked with senior company leaders, including global affairs chief Chris Lehane, to advocate for government regulations aligned with OpenAI’s mission: to ensure that AGI benefits all of humanity.
OpenAI has reorganized its safety, product, and research teams numerous times since ChatGPT launched in 2022, after which the company grew rapidly from a small research lab into a massive tech company. In 2024, OpenAI announced the formation of a “mission alignment team” led by Achiam that was tasked with upholding the company’s mission. OpenAI disbanded the group in February and announced that Achiam would be taking on a new role as chief futurist.
In the last year, OpenAI has worked to bridge the gap between its AI research and policy teams as part of an effort to develop rules and standards that anticipate where its technology is headed. As the two departments began collaborating more closely, several OpenAI researchers, including Boaz Barak, Noam Brown, and Adrien Ecoffet say they have become more involved in policy work.
Former White House AI adviser Dean Ball started at OpenAI this week as the company’s head of strategic futures, and he will briefly overlap with Achiam. Ball is also expected to work with researchers and policy leaders in his role.
Achiam is the latest safety-focused leader to depart OpenAI, joining a growing list of exits as the company prepares to go public. Jan Leike, who co-led OpenAI’s Superalignment team researching how to keep advanced AI models under human control, left to join Anthropic in 2024.
That same year, head of policy research Miles Brundage and Steven Adler, who led research on dangerous capabilities of AI models, both departed OpenAI to found nonprofits that advocate for AI labs to adhere to strong safety and security standards. Andrea Vallone, who led OpenAI’s research on how ChatGPT should respond to users experiencing mental or emotional distress, left to join Leike’s team at Anthropic at the end of 2025.
After joining OpenAI as an intern in 2017, Achiam went on to become a research scientist focused on AI safety. He was known internally as a stalwart defender of OpenAI’s safety-focused mission, but was also controversial for his occasional criticisms of the broader AI safety community.
Earlier this year, he testified in federal court that he interrupted Elon Musk’s parting speech when he left OpenAI in 2018, remarking that the then-billionaire’s plan to develop AGI at Tesla could come at the expense of safety. Musk allegedly responded by calling Achiam a “jackass,” a moment that Dario Amodei (now the CEO of Anthropic) and David Luan (who went on to become the head of Amazon’s AGI lab) commemorated by gifting Achiam a statue of a golden donkey’s rear end, inscribed with the words, “Never stop being a jackass for safety.”
IT services giant Accenture has confirmed it suffered a security breach after a threat actor claimed to have stolen 35 GB of source code and other data from the company.
“We are aware of this isolated matter, and we have remediated its source. There is no impact to Accenture operations and service delivery,” Accenture told BleepingComputer.
Accenture is a global professional services company that provides consulting, technology, cloud, engineering, and managed services to businesses and governments worldwide.
The statement comes after a threat actor known as “888” claimed to have stolen 35 GB of data from the company in July and began offering the data for sale on a cybercrime forum.
“Today I am selling the Accenture Data Breach, thanks for reading and enjoy!,” reads the forum post.
“In July 2026, Accenture suffered a data breach which resulted in just over 35gb of source codes getting stolen from the company.”
According to the threat actor, the data includes source code, RSA keys, SSH keys, Azure PAT (personal access tokens), Azure Storage access keys, and configuration files.

To support their claims, the threat actor shared a screenshot that appears to show them cloning an Azure DevOps repository named “121123_AtriasTalentAcademy” that was hosted under a redacted accenture.com hostname. BleepingComputer could not independently verify the full scope of the data being stolen.
While Accenture confirmed the breach, the company did not comment on the threat actor’s claims regarding the amount or type of data that may have been accessed or exfiltrated.
Accenture also did not disclose how attackers gained access or whether customer data was affected.
The same threat actor previously attempted to sell Accenture employee data following a third-party breach in 2024.
Accenture also suffered a data breach in 2021 after the LockBit ransomware gang stole data from its systems.
BleepingComputer has asked Accenture further questions about the breach and will update this story if additional information becomes available.
Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
Sold by German DIY store OBI, the OBI Energy Tracker is a €15 set of two devices, one of which you essentially stick on top of your existing electricity meter. This then allows for electricity usage to be measured and tracked, with the data sent to the second, gateway device. This latter cloud-bound device is linked to an OBI account via the heyOBI app. This correspondingly called for the gateway device to be reverse-engineered and freed from its cloud-based shackles, a task that [Aaron Christophel] happily took upon himself.
The whole process is also covered in two videos, with the first providing all the essentials on reprovisioning the original firmware for a local MQTT server in English, while the second, German-language video focuses on custom firmware for the ESP32-C3 inside of the gateway device.
Inside the reader device is a Cortex-M0+-based BAT32G135 MCU that communicates with the meter via its IR protocol. This is then communicated via 868 MHz LoRa to the gateway device that will be placed somewhere within Wi-Fi reach by the user. Inside this latter device is as mentioned the ESP32-C3, which by default runs firmware that communicates via secure MQTT with an AWS cloud instance for the typical cloud-based shenanigans.
The aforementioned reprovisioning option doesn’t require firmware flashing, just a handful of steps to follow. This involves fetching the 32-bit TEA key, generating your own PKI, running your own MQTTS-capable broker and having the provided Python script handle the rest from there.
Flashing custom firmware is the other option, with straightforward UART/JTAG reflashing sadly disabled by the manufacturer. With the effort required here you could perhaps argue that simply connecting the reader device to a custom gateway device might be a lot easier, especially if you already have a LoRa transceiver and associated hardware.
cyber-crime
Along with other telemetry, Windows GDID makes online activity more traceable
Your Windows is watching you. The US Justice Department’s complaint against Peter Stokes for alleged involvement in the Scattered Spider hacking group offers a reminder that it’s difficult to hide online activity from Microsoft’s operating system (or any other).
Scattered Spider, according to US authorities, targeted numerous companies in the US by compromising employee accounts in order to access more than 100 corporate networks and exfiltrate or encrypt data that would be ransomed for payment. The group is said to have obtained over $100 million in ransom payments.
The complaint, arrest, and extradition of Stokes relied in part on a Microsoft Windows Global Device Identifier (GDID), among other telemetry records, to link online activity to the suspect.
“According to a Microsoft representative, a Global Device Identifier in the Windows ecosystem is a persistent, device-level identifier designed to uniquely identify an installation of a Windows operating system on a device, either a physical device (e.g., a mobile phone or laptop) or virtual machine, across certain Microsoft services and scenarios,” explained FBI special agent Ali Sadiq in an affidavit accompanying the DOJ’s criminal complaint.
The court filing also notes that Microsoft made criminal referrals to the DOJ implicating Stokes. It points to an October 2024 referral that cites online service telemetry that company security researchers believe linked Stokes to other hacking group members. Social media posts relevant to Scattered Spider, supposedly sent and received by Stokes, look unlikely to help his defense.
The affidavit says that members of Scattered Spider used a web tunneling tool called ngrok to avoid network barriers and maintain access to compromised servers, as well as a VPN service called Tzulo.
Investigators obtained IP address records from ngrok and the VPN provider and then obtained records from Microsoft that matched the time when that ngrok account had been set up on a Windows machine through a specific GDID.
“According to Microsoft records, on or about May 12, 2025, at 19:21 UTC – when, according to ngrok records, the ngrok account was created – the device with the GDID accessed, among other ngrok pages, ‘https://dashboard.ngrok.com/signup,’ the ngrok page to set up an ngrok account,” the affidavit explains.
Microsoft’s GDID records also showed that the Windows device with that GDID accessed Tzulo servers assigned to the IP address identified by ngrok. And the GDID was subsequently linked to an IP address in Estonia where Stokes resided.
The Windows GDID, or at least the infrastructure for it, is said to date back to the release of Windows 10 in 2015. The GDID itself doesn’t show up much in online documentation until 2021 or thereabouts.
According to a developer writeup posted to GitHub, wlidsvc (Microsoft Account service) provisions the device with login.live.com and gets back a device PUID. The identifier is then stored in the registry. The Connected Devices Platform (cdp.dll / CDPSvc) reads it and registers it into the Device Directory Service (DDS) graph. And after that, Delivery Optimization reports it as the documented UCDOStatus.GlobalDeviceId.
Apple maintains similar identifiers, including a hardware UUID and a DSID (Destination Signaling Identifier) [PDF] tied to iCloud, among others. Linux also supports a machine-id. And when presented with a lawful demand for information, most service providers will cooperate and provide whatever information they store. ®
Presented by Box
Content access, governance, and platform flexibility are emerging as the dividing lines between AI leaders and laggards, according to the new State of AI in the enterprise report from Box, which surveyed 1,640 IT decision makers across the US, UK, France, and Japan. One of the report’s major findings is the speed of the shift: the combined share of organizations describing themselves as advanced or leading edge soared from 8% to 64% just over the past year, while the share calling themselves early stage or not yet started collapsed from 53% to just 9%. Eighty percent of organizations reported a notable return on their AI investment, defined in the survey as an improvement of at least 10%, and more than half saw measurable business impact within six months of getting a project approved.
The swing is largely due to how enterprises are now organizing their AI use rather than to any single technical breakthrough, says Olivia Nottebohm, COO of Box.
“We’ve moved from standalone experimentation that lived at the individual level into systematized, integrated agentic operations, agents that are in production and can be used in a repeatable manner,” Nottebohm says. “That’s where the impact is coming from.”
The divide between tiers is a matter of execution. Significantly, half of leading-edge companies reported AI-driven ROI above 25%, compared with just 11% of early-stage companies, with the advanced (33%) and developing (16%) tiers falling steadily in between. But Nottebohm says the real differentiator was not whether companies adopted AI, but how rigorously they integrated and managed it.
“What separates the leading edge is the operating muscle they’ve built: the right teams to deploy agents, formal governance to control them, and consistency in the content layer those agents work from,” she explains. “Earlier stage companies are approaching it in a much more ad hoc, experimental way, letting people play around with it without the same intent or structured design.”
Content, rather than model quality, is the defining bottleneck of 2026. Ninety-six percent of organizations say agents need access to company-specific content, yet only 36% have connected agents to trusted content across many use cases. It’s an issue of trust rather than raw capability.
“We started this journey assuming enterprise AI was about access to the latest model,” Nottebohm says. “But the question now is whether agents have access to the right content, and whether that content is protected, because those agents are only as good as the content they can reference, and only as safe as the security around it.”
Getting that content layer right has a second benefit beyond safety, since it’s also what finally lets agents work across departments that previously operated in isolation from one another. And while roughly a quarter of organizations point to data fragmented across systems, 24% cite difficulty integrating AI into existing systems, 21% say they lack adequate permissions and access controls, and 18% describe their content as too unorganized to make accessible at all. Among the most mature organizations, 63% now treat unstructured documents, contracts, and reports as a competitive advantage rather than dead weight sitting in a digital filing cabinet.
Nearly half of all organizations say they have already experienced an AI-related data exposure incident. That figure rises to 60% among leading-edge companies, which may face greater exposure from more agents and connected systems — but may also be better equipped to detect it.
The share of organizations reporting established or advanced governance frameworks rose from 24% in 2025 to 73% this year, but real gaps remain in instrumentation: only 39% have comprehensive visibility across sanctioned and unsanctioned AI use, 34% have formal standards for how agents access company data, and 27% still describe their governance as ad hoc. But those incidents function as a forcing mechanism rather than a setback, Nottebohm says.
“Governance used to be seen as something that slowed people down, but 93% of respondents told us better governance is actually what let them move faster,” she explains. “It makes scaling AI survivable. Once content is secured and highly permissioned, you can run multiple agents across multiple processes and get a real multiplier effect.”
One practical consequence of that shift is that permission structures built for human employees are now being revisited with agents in mind, a process most enterprises are only partway through.
“The permissions enterprises set up two years ago need to be reviewed,” she explains. “Until fairly recently, people weren’t setting permissions on a document with how an agent might use it in mind, but now they’re much more deliberate about that. It leaves them with a whole corpus of unstructured data to go back through and either clean up or repermission.”
That’s part of a broader move away from governance designed for people and toward governance designed for agents from the start.
“Enterprises need to make the transition from governance that’s retrofitted from human workflows to governance that’s built specifically for agents,” Nottebohm says. “That means tracking what an agent has touched, whose permissions were applied, and which sources were used, and all of that is now shaping how governance gets applied.”
“The days of token-maxing are already gone,” Nottebohm says. “It’s now about the responsibility of delivering efficient AI. Organizations want to use the cheapest model that meets the quality bar they need, not necessarily the most expensive one, because different model families keep leapfrogging each other and companies want to preserve that choice.”
That means enterprises are avoiding lock-in more than ever. Sixty-eight percent say they’re concerned about depending on a single AI provider, the average number of officially adopted AI tools has climbed to 3.3, and 79% now consider it important or critical that agents operate headlessly, connecting directly to systems and APIs without a human interface in between.
It’s a trend similar to the shift toward multi-cloud infrastructure, and driven by a similar reluctance to hand any one vendor outsized negotiating power.
“A flexible architecture is built on platform interoperability,” Nottebohm says. “It runs on multiple models, operates headlessly, and keeps every part of the AI stack swappable, so organizations don’t have to bet on which individual tool wins, and that’s part of the broader shift away from defaulting to the biggest, most expensive model available.”
Over the next three years, businesses should prioritize organizing, classifying, and cleaning up unstructured content, actively hiring and building teams around emerging roles, and adopting a hybrid token compute budget model, where IT owns the core infrastructure and token budget while business units own the application-level spend. And right now, it’s easy to get up to speed fast.
“You don’t have to start at early maturity and slowly work your way up,” Nottebohm says. “If you build in the governance, the content layer, and the multi-model system from the start, you can enter as a leading company and capture that same outsized impact.”
Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. For more information, contact sales@venturebeat.com.
Weekend Open Thread: High Hopes
Taylor Swift and Travis Kelce wedding staffer hilariously struggles to keep her cool while checking in megastars
Open Thread: What Great Books Have You Read Recently?
Airdrop Registration Becomes Key Focus For Remittix As RTX Launch Updates Approach
The House | “Reframing the debate from a binary discussion of winners and losers”: Yuan Yang reviews ‘We Are Not Machines’
Standard Chartered Secures MiCA License as ESMA Adds 37 New Crypto Firms
AXT Shares Jump Nearly 14% as Semiconductor Materials Maker Rebounds on AI-Linked Indium Phosphide Demand
Broncos roster: OL Ben Powers (No. 74) entering final year of contract
Binance stock trading tops $1B in first month after launch
SK hynix (000660.KS) Stock Dips as $28B Nasdaq ADR Offering Drives AI Memory Expansion
Alibaba-affiliate Ant Group enters the humanoid robot market with 12 deals
South Africa proposes crypto tax guidance under existing rules
Best Time to Enter Small Caps Right Now? Another Bull Run? | Financially Free
Lenovo laptops are now shipping with YMTC SSDs, a sign of Chinese NAND entering the mainstream
Whats Hidden Inside This Cash Register? #treasure #reselling #money
Meta Platforms Stock Jumps 7% Today as Bloomberg Reports Company Plans to Enter the Cloud Business
New exhibition reflects five decades of movement between island of Ireland and GB
What a 10 Percent Drop Means for Buyers, Sellers and Renters
Binance Re-Enters Philippines As EU MiCA Rules Restrict Access
Avoid entering in FOMO #bitcoin #cryptocurrency #trading #scalping
You must be logged in to post a comment Login