The unified Alexa for Shopping assistant absorbs Rufus and arrives in the main search flow as Amazon sues to keep external AI agents like Perplexity’s Comet off its marketplace.
Amazon is moving its AI shopping assistant into the main search bar. Starting this week, US customers typing into the search field on Amazon.com or in the Amazon app will be routed through Alexa for Shopping, a unified version of the company’s Rufus chatbot and its Alexa+ assistant that returns conversational answers, product comparisons, up to a year of price history, and personalised shopping guides alongside the standard product listings.
The Rufus brand is being retired from the shopping interface. The chatbot, launched in 2024 and used by more than 300 million customers in 2025, is being folded into the Alexa for Shopping name across Amazon’s app, website, and Echo devices.
Amazon says the new assistant can also automate reordering of household staples, track prices, alert customers to new products in tracked categories, and build out shopping carts based on stated preferences.
It is available without a Prime membership, an Echo device, or the standalone Alexa app, and is free for any signed-in US account.
The structural change is that the AI now sits inside the default search flow rather than behind a separate icon. Rufus, in its original form, was accessible but optional.
Alexa for Shopping reframes the search box itself as a conversational interface, in the same way Google’s AI Overviews changed what happens after a query on Google.com.
Amazon’s own framing is that the move makes the assistant “agentic,” meaning able to complete multi-step tasks like comparison, cart construction, and reorder, on the customer’s behalf.
The competitive backdrop is what makes the placement significant. OpenAI launched Instant Checkout in September 2025 with Stripe and an open-source Agentic Commerce Protocol that lets ChatGPT complete purchases inside its own interface.
Google is building Buy for Me into Gemini and runs its A2A agent-to-agent protocol with 150-plus supporting organisations. Perplexity’s Comet browser has had a Buy with Pro feature since late 2024, with checkout via PayPal across 5,000-plus merchants.
In China, Alibaba integrated its Qwen AI directly into Taobao for end-to-end agentic shopping last quarter. Each of those routes the buy flow through someone other than Amazon.
The Perplexity case sharpens the picture. Amazon sued the AI search company in November, alleging its Comet shopping agent was accessing Amazon.com in violation of the site’s terms and creating problems for ad-impression measurement.
A federal judge granted Amazon a preliminary injunction in March; Perplexity took the case to the Ninth Circuit, which has temporarily paused parts of the order while the appeal is heard.
The legal argument is over agent access, but the commercial argument is over who captures the high-intent search query at the top of the funnel.
That is what Alexa for Shopping is designed to defend. Amazon’s $56 billion advertising business, all of it built around sponsored placements inside search and product pages, depends on Amazon being the first and last surface a buyer touches.
If a third-party AI agent does the comparison and the click on a customer’s behalf, the sponsored slot loses its target.
The internal answer is to make Amazon’s own AI assistant the most fluent shopper on Amazon.com, with access to the price history, recommendation graph, and account-level purchase data that an external agent does not have.
Whether it works as a product is a separate question. Amazon has tried to make Alexa the front door to its shopping business for the better part of a decade, with mixed results.
Voice shopping never reached the share the company once projected, and the original Rufus chatbot, while widely used, has been described in trade reporting as more useful for product research than for closing transactions.
The unification with Alexa+ is also a tacit acknowledgement that running two AI assistants, one for the home and one for the cart, was confusing to customers and expensive to maintain.
The rollout this week is US-only, with international expansion timed to Alexa+’s broader availability, which Amazon has been pushing through 2026.
Last month, Denon unveiled its first new A/V receiver (AVR) since 2023, the AV-S980H, the most powerful in their budget-priced “S” series lineup. But it turns out, this was just the beginning. Today, Denon unveiled two more new AVR models, this time in their upgraded “X Series,” which is known for its higher performance, broad feature set and punchy dynamic sound. The AVR-X2900H ($1,349) replaces the AVR-X2800H and the AVR-X3900H ($1,849) replaces the venerable AVR-X3800H, an eCoustics Editors’ Choice Award winner.
Stylistically, the new models bear a strong resemblance to their predecessors, though Denon reps tell us they have been tweaked internally for higher performance as well as adding some interesting new features like the ability to add wireless rear speakers.
We got a chance to check out these new receivers at Denon’s headquarters in Japan last month, and were impressed by what we saw and heard. In a series of movie clips, the AVR-X3900H filled a large listening room with immersive Dolby Atmos sound, powering a 7.2.2-channel Bowers & Wilkins speaker system featuring the company’s 800 series flagship speakers. The system was able to reach near cinematic reference output levels with no audible strain.
Both the AVR-X2900H and AVR-X3900H feature the latest HEOS module for whole home wireless music streaming, with support for lossless and high resolution audio from compatible streaming services such as TIDAL, Spotify, Amazon Music, Qobuz and Apple Music (via Air Play 2). Also, both receivers will support the use of Denon’s new Home 200, Home 400 and Home 600 speakers as wireless rear channels, via a future free over-the-air software upgrade. This gives home theater fans and A/V hobbyists the ability to do real discrete immersive surround sound without having to run speaker wires to the back of their rooms.
Both new models feature updated internal components and a high performance 32-bit multi channel DAC (Digital Analog Conversion) architecture to deliver improved imaging, clearer high frequency detail and more authoritative low frequency energy to every speaker. Both models include Audyssey calibration on-board with the option to upgrade to DIRAC Live room correction for an additional fee.
“Denon’s X-Series has always been about uncompromised performance,” said Lyle Smith, President of Sound United at Denon’s parent company, HARMAN. “With our newest additions to the series, we’ve gone further by combining expanded room calibration capabilities with adaptable system designs to deliver enhanced audio quality and greater flexibility for people who take their sound seriously.”
We also had a chat with Denon’s Sound Master, Shinichi Yamauchi. His job is to listen to Denon’s new product designs throughout their development cycle at Shirakawa Audio Works in Japan. With a trained ear and a background in engineering, Yamauchi-San makes suggestions to the development and engineering team, based on his extensive listening sessions with each new product. A new Denon product only makes it into production once Yamauchi-San signs off on it. And both the X2900H and X3900H got his seal of approval earlier this year.
The Denon AVR-X2900H offers seven channels of amplification and dual subwoofer outputs. It’s rated at 95 watts/channel into 8 ohms (2 channels driven). It can decode Dolby Atmos and DTS-X immersive sound formats with discrete height and surround speaker outputs for a 5.2.2-channel implementation. While Audyssey MultEQ XT calibration software is included, the X2900H is Denon’s most affordable AVR that also offers an optional upgrade to DIRAC Live room correction and calibration software. The license for DIRAC Live currently costs $259 for the limited bandwidth version or $299 for the full bandwidth version.
The receiver offers six HDMI inputs with support for VRR, ALLM, 8K/60 Hz or 4K/120 Hz and dual HDMI outputs, including one with ARC/eARC audio return channel. It also offers multiple analog and digital inputs for legacy gear, including a turntable input with built-in moving magnet phono preamp.
In addition to a fully wired speaker set-up, the AVR-X2900H will support wireless rear channels using the Denon Home 200, Home 400 or Home 600 speakers (this will be delivered in a future software update). While the 95-watt power rating is measured with two channels driven, Denon guarantees that the AVR-X2900H will deliver at least 70% of that power rating when five channels are driven. It supports Bluetooth, Wi-Fi and hard-wired network connectivity with HEOS built-in for whole home music streaming from a wide selection of compatible streaming apps.
The Denon AVR-X3900H includes nine channels of amplification and four independently controlled subwoofer outputs for precise in-room bass optimization. It is rated at 105 watts/channel with two channels driven with a guarantee of at least 70% of that rated output when driving five channels. Out of the box, the X3900H supports 5.4.4 or 7.4.2-channel immersive sound applications.
With eleven channels of processing, the X3900H can be upgraded to support a 7.4.4 channel surround system by adding a 2-channel power amplifier. If you only need a five or seven channel surround system, you can use the additional on-board amps to drive speakers in another room. And if you need more power, the AVR-X3900H has a full set of eleven preamp outputs which can be connected to outboard power amplifiers.
In addition to Dolby Atmos and DTS:X, the AVR-X3900H can decode Sony 360 Reality Audio, MPEG-H and AURO-3D immersive surround formats, for maximum compatibility and flexibility. It is also IMAX Enhanced certified so it can apply IMAX EQ to DTS-X soundtracks that are IMAX Enhanced.
The X3900H includes Audyssey MultEQ XT32 calibration software on-board, and can be upgraded to DIRAC Live – all the way up to DIRAC Live ART – via an additional license purchase (currently priced at $259 to $799, depending on options).
Like the X2900H, the X3900H includes six HDMI inputs with support for VRR, ALLM and resolution up to 8K @ 60 Hz or 4K @ 120 Hz. But the X3900H adds a third HDMI output for a projector, monitor or TV. The X3900H also supports HDMI ARC/eARC for single cable connection to your display of choice. It also offers multiple analog and digital audio inputs for legacy gear, including a turntable input with built-in moving magnet phono preamp.
Interestingly enough, unlike some competitive models, like the Onkyo TX-RZ30, neither of these new Denon receivers offers any analog video inputs (composite, component or S-Video). So if you’re still rocking a VCR or LaserDisc player, you’ll need to plug these directly into your TV or get an analog to digital video converter. I should note that this is nothing new as the predecessor models also lacked analog video inputs. It’s also not particularly critical to most potential buyers. The current AVR-X4800H model does include analog video inputs so we’d imagine any future replacement step-up model may continue that tradition.
Like the X2900H, the AVR-X3900H will get an update later this year to support wireless rear surround channels by adding a pair of Home 200, Home 400 or Home 600 speakers.
Two things I had hoped to see on the new receivers (but didn’t) were support for Dolby Atmos music within the HEOS streaming platform and on-board decoding for Eclipsa Audio (IAMF) immersive surround. For now, Denon recommends connecting an outboard source device like an Apple TV 4K or FireTV stick to one of the receiver’s HDMI ports if you want to listen to Dolby Atmos music from streaming sources like Amazon Music Unlimited, TIDAL or Apple Music. I listen to Dolby Atmos and 360RA music this way on my current AVR-X3800H and it works reliably (which is nice).
With the company’s recent acquisition by Harman (which in turn is owned by Samsung), we believe it would be a natural fit for Denon receivers to support the new open IAMF/Eclipsa Audio immersive sound format, which was developed by Samsung, Google and others. Although it isn’t widely used yet, Eclipsa Audio is the only immersive surround format supported on YouTube so over time it could become more popular.
| Model | AVR-X2900H | AVR-X3900H |
| MSRP | $1,349 | $1,849 |
| Number of Processing Channels | 7.1 | 11.4 |
| Subwoofer Out | 2 | 4 (Independent) |
| Number of Power Amps | 7 | 9 |
| Power Output | 95 W (8 ohm, 20 Hz – 20 kHz, 0.08% 2ch Drive) 125 W (6 ohm, 1 kHz, 0.7% 2ch Drive) |
105 W (8 ohm, 20 Hz – 20 kHz, 0.08% 2ch Drive) 135 W (6 ohm, 1 kHz, 0.7% 2ch Drive) |
| Multi-Source/Multi-Zone | 2 | 2 |
| GUI Languages | 3 (English/ Français/ Español) | 3 (English/ Français/ Español) |
| HDMI In/Out | 6/2 | 6/2 |
| Analog In/Out | 4/- | 5/- |
| Phono (MM) In | Yes | Yes |
| Digital In: Optical, Coaxial | 2, 1 | 2, 2 |
| Multi-Zone Analog Preouts | 1 | 1 |
| Multi-channel Pre-Out | Yes (2.2) | Yes (11.4) |
| Number of Speaker Terminals | 7 | 11 |
| Speaker A/B | Assignable | Assignable |
| Bi-amp Drive | Assignable | Assignable |
| Multi-Zone Speaker Terminal | Assignable | Assignable |
| System Remote Control | RC-1262 | RC-1262 |
| Power Consumption | 500W | 660W |
| Power Consumption No-Sound (ECO on/off) | 35W / 75W | 60W / 100W |
| Dimensions (W x D x H) | 17.1 x 13.0 x 6.6 inches | 17.1 x 14.9 x 6.6 inches |
| Weight | 21.4 lbs | 27.6 lbs |
They say, “If it ain’t broke, don’t fix it” and this saying holds true for Denon’s latest X series receivers. The models they replaced were highly rated and were popular sellers in the category and these new models look and feel quite similar, offering everything from their predecessors and more. The AVR-X2900H brings DIRAC Live room correction to Denon’s most affordable price point yet, though it does require an additional license purchase to use. Also, both models will get the option for wireless rear speakers in a future software update.
While we were disappointed to find out that the receivers don’t support Dolby Atmos music in HEOS yet or Eclipsa Audio decoding, it’s possible that either or both of these features could be added at some time in the future via a software upgrade. In the meantime, the otherwise comprehensive immersive format support of the AVR-X3900H is unmatched in the industry at this price point and we’d highly recommend it to anyone in search of a robust and future-proofed A/V receiver.
Both new 2026 Denon X-Series AVRs will be available to order on May 14, 2026 at the following prices:
Linux distros are rolling out patches for a new high-severity kernel privilege escalation vulnerability that allows attackers to run malicious code as root.
Known as Fragnasia and tracked as CVE-2026-46300, this security flaw stems from a logic bug in the Linux XFRM ESP-in-TCP subsystem that can enable unprivileged local attackers to gain root privileges by writing arbitrary bytes to the kernel page cache of read-only files.
Zellic’s head of assurance, William Bowling, who discovered this new universal local privilege escalation flaw, also shared a proof-of-concept (PoC) exploit that achieves a memory-write primitive in the kernel that is used to corrupt the page cache memory of the /usr/bin/su binary to get a shell with root privileges on vulnerable systems.
Bowling said this flaw belongs to the Dirty Frag vulnerability class, which was disclosed last week, and affects all Linux kernels released before May 13, 2026. Just as Fragnasia, Dirty Frag has a publicly available PoC exploit that local attackers can use to gain root privileges on major Linux distributions.
However, Dirty Frag works by chaining two separate kernel flaws, the xfrm-ESP Page-Cache Write vulnerability (CVE-2026-43284) and a RxRPC Page-Cache Write security issue (CVE-2026-43500), to achieve privilege escalation by modifying protected system files in memory.
“Fragnesia is a member of the Dirty Frag vulnerability class. This is a separate bug in the ESP/XFRM from dirtyfrag which has received its own patch. However, it is in the same surface and the mitigation is the same as for dirtyfrag,” Bowling said.
“It abuses a logic bug in the Linux XFRM ESP-in-TCP subsystem to achieve arbitrary byte writes into the kernel page cache of read-only files, without requiring any race condition.”
another day, another universal linux LPE https://t.co/GANYkAJwZS pic.twitter.com/XfzTsmg7kl
— V12 (@v12sec) May 13, 2026
To secure systems against attacks, Linux users are advised to apply kernel updates for their environment as soon as possible.
Those who can’t immediately patch their devices should use the same mitigation used for Dirty Frag commands to remove vulnerable kernel modules (however, it’s important to note that this will break AFS distributed network file systems and IPsec VPNs):
rmmod esp4 esp6 rxrpc
printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf
Fragnasia’s disclosure comes as Linux distros are still rolling out patches for “Copy Fail,” another privilege escalation vulnerability now actively exploited in the wild.
CISA added Copy Fail to its catalog of flaws exploited in attacks on May 1 and ordered federal agencies to secure their Linux systems within two weeks, by May 15.
“This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise,” the U.S. cybersecurity agency warned. “Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”
In April, Linux distros patched another root-privilege escalation vulnerability (dubbed Pack2TheRoot) in the PackageKit daemon that had gone unnoticed for a decade.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
EV battery charging technology has always had to find the right balance between charging speed and battery longevity. If the charging speed is too fast, it wears down the battery. If the charging is too slow, nobody is happy.
Researchers Meng Yuan from Victoria University of Wellington and Changfu Zou from Chalmers University of Technology in Sweden may have cracked this long-standing problem using an AI technique called deep reinforcement learning, and the results are pretty encouraging.
Their study, published in IEEE Transactions on Transportation Electrification, introduces a new AI charging system that learns to charge a battery quickly while actively protecting its long-term health.
The system uses a machine learning method called TD3, which is a fancy way of saying the AI learns by trial and error across thousands of simulated charging sessions. What makes it different is that it adapts its charging strategy based on how degraded the battery already is.
Most traditional chargers use a fixed routine. They start with full power and taper off as the battery reaches its capacity. The problem is that this routine doesn’t care whether the battery is brand new or has been through hundreds of charge cycles.
The new AI-based charging strategy sidesteps this by learning a relationship between the battery’s health and the maximum safe charging voltage, then using that information to make smarter decisions in real time.
In simulations using a real-world battery model, the proposed method extended battery life by nearly 23% over standard charging methods, reaching 703 equivalent full cycles compared to just 572 with conventional charging. Charging time also remained competitive at around 24 minutes for an 80% charge.
The team trained the entire system on a consumer-grade desktop with an Intel i5 processor and an NVIDIA RTX 3060 GPU. As the researchers note, this “demonstrates that the proposed framework can be effectively trained on widely available hardware without needing access to specialized high-performance computing clusters.”
It is still early days, and the method needs testing outside of simulations. But if it holds up, smarter charging could quietly become one of the biggest upgrades your next EV gets.
Honor’s 2026 mid-range series is made up of two handsets, the Honor 600 and the pricier Honor 600 Pro, but how do they differ?
Is it a guarantee that the Honor 600 Pro is the better option? Or is the Honor 600 well-rounded enough to suit most needs?
To help you decide between the two smartphones, we’ve compared our hands-on experience with both below. Keep reading to see what really separates the two Androids and see which one is likely to suit you best.
Otherwise, we’ve also rounded up a list of the best Android phones, best mid-range phones and best smartphones too.
Both the Honor 600 and Honor 600 Pro are available to buy now. As its name suggests, the Honor 600 Pro is the pricier of the two with an official RRP of £899 for the 512GB handset.
SQUIRREL_PLAYLIST_10208520
In comparison, the Honor 600 is more of an affordable option and has a starting RRP of £549.99. At the time of writing, you can even nab the Honor 600 with a healthy £150 discount too.
SQUIRREL_PLAYLIST_10208521
Specs Comparison Table
Honor 600 Review
Honor 600 Pro Review
UK RRP
£-1
–
EU RRP
€549.99
€999
Manufacturer
Honor
Honor
Screen Size
6.57 inches
6.57 inches
Storage Capacity
512GB
512GB
Rear Camera
200MP 1/1.4-inch main sensor, f/1.9, CIPA 6.0 & 12MP ultrawide, f/2.2
200MP 1/1.4-inch main sensor, f/1.9, CIPA 6.5, 12MP ultrawide, f/2.2, 50MP telephoto with 3.5x optical zoom and f/2.8
Front Camera
50MP selfie camera
50MP selfie camera
Video Recording
Yes
Yes
IP rating
IP69K
IP69K
Battery
6400 mAh
6400 mAh
Wireless charging
–
Yes
Fast Charging
Yes
Yes
Size (Dimensions)
74.7 x 7.8 x 156 MM
74.7 x 7.8 x 156 MM
Weight
190 G
195 G
Operating System
MagicOS10 (Android 16)
MagicOS10 (Android 16)
Release Date
2026
2025
First Reviewed Date
27/04/2026
05/05/2026
Resolution
1264 x 2728
1264 x 2728
HDR
Yes
Yes
Refresh Rate
120 Hz
120 Hz
Ports
USB-C, SIM card
USB-C
Chipset
Qualcomm Snapdragon 7 Gen 4
Qualcomm Snapdragon 8 Elite
RAM
8GB
12GB
Colours
Black, Golden White
Black, Golden White, Orange
There aren’t many design differences between the Honor 600 and Honor 600 Pro, as both have 6.57-inch displays, an impressively thin 0.98mm bezel and come with a plethora of IP ratings. In addition, both are fitted with a rectangular camera shelf that spans the width of the phone’s rear which is reminiscent of the iPhone 17 Pro’s own.
Speaking of which, we probably should address the fact Honor’s 600 series seems to borrow the vibrant (and divisive) orange hue of the iPhone 17 Pro. However, it also comes in more standard black or white shades too.
Otherwise, both handsets are also fitted with a brushed aluminium frame that gives each device a more premium feel. This is especially welcome for the Honor 600, considering it’s much cheaper than the Pro.
Winner: Tie
The biggest difference between the Honor 600 and Honor 600 Pro is with each phone’s respective LTPO technology. Although the Honor 600 does sport a 120Hz refresh rate, it isn’t LTPO-enabled which means the variable refresh rate isn’t quite as smooth. In comparison, the Honor 600 Pro boasts an LTPO-enabled 120Hz refresh rate.
Otherwise, both handsets are equipped with a 6.57-inch 1264×2728 AMOLED panel while also benefiting from the impressively thin surrounding bezel too.
Winner: Honor 600 Pro
While the Honor 600 and 600 Pro have seen many similarities so far, their respective camera set-ups are slightly different, with the latter sporting a total of three rear cameras instead of just two.
The Honor 600 is equipped with a main 200MP 1/1.4-inch sensor and CIPA 6.0 image stabilisation, alongside a 12MP ultrawide. Although the 600 Pro also has a 200MP main lens, it benefits from CIPA 6.5 image stabilisation instead alongside the same 12MP ultrawide as the Honor 600.
The biggest difference is the Pro’s inclusion of a 50MP telephoto lens that’s fitted with a 3.5x optical range. This omission for the Honor 600 is apparent when you try and zoom beyond the 4x range, as you’ll notice AI-assisted image repair which looks pretty noticeable.
Either way, both 200MP main lenses are the star of each handset’s show, with plenty of detail and a solid performance across all lighting conditions too. We did note that colours had a slightly saturated look by default, however this can be changed via the phone’s settings.
Winner: Honor 600 Pro
Another key difference between the Honor 600 and Honor 600 Pro is with their chipsets, with the Pro sporting Qualcomm’s 2025 Snapdragon 8 Elite flagship. Naturally, this means the phone achieves similar benchmark scores to 2025 flagships such as the Samsung Galaxy S25 Ultra and Honor Magic 7 Pro.
Instead, the Honor 600 houses Snapdragon 7 Gen 4, a mid-range chip that launched back in 2025. While it certainly can’t compete with the Honor 600 Pro, generally the handset performs well in everyday use. It even does an admirable job at keeping things cool during prolonged and intensive use, thanks to its onboard vapour chamber cooling. However, heavier gaming will reveal the handset’s limitations.
Winner: Honor 600 Pro
Both the Honor 600 and 600 Pro run on Honor’s MagicOS 10 which borrows from Apple’s Liquid Glass design. That’s not necessarily a bad thing, as the design feels smart and fluid to use in everyday circumstances.
Both are also equipped with a dedicated AI button which can bring up Google’s useful Circle to Search function or Honor’s AI Memories. However, the headline AI-powered feature within both the Honor 600 and 600 Pro is undoubtedly Image to Video 2.0, which allows you to turn a photo into an AI-generated video.
While it’s definitely not the reason to opt for either Honor handset, it’s a novel tool that can be fun to play around with.
Otherwise, Honor promises that the Honor 600 and 600 Pro will see up to six years of software and Android updates. That’s just shy of Samsung and Google’s seven year promise, but is still a pretty generous offering overall.
Winner: Tie
Both handsets are fitted with hefty 6400mAh batteries, which we found resulted in around six hours of screen time that involved plenty of multitasking between apps, streaming and taking the odd photo.
While both support 80W wired charging, it’s only the Pro model that offers 50W wireless charging which is a shame.
Winner: Honor 600 Pro
With a year-old flagship chip, wireless charging support and a dedicated telephoto lens, the Honor 600 Pro is undoubtedly a brilliant well-rounded option that’ll suit most Android users. However, with the same starting price as the Galaxy S26, it’s perhaps not the best option for those seeking a mid-range Android.
In comparison, with a £549 price tag, the Honor 600 is a much more affordable option. Sure, its chipset isn’t flagship and it lacks a telephoto lens, it does borrow many features from its pricier Pro sibling. With that in mind, those seeking a true mid-ranger might be better suited to the Honor 600 Pro.
Security
Human IT managers thought they were being nice to the boss, but were assisting a threat actor
PWNED Welcome once again to PWNED, the column where we help you prepare for security success by studying others’ embarrassing failures. Today’s terrible tale involves individuals trying to do right by a company executive by letting their guard down, never a smart move.
Have a story about someone leaving a gaping hole in their network? Share it with us at pwned@sitpub.com. Anonymity is available upon request.
Our sad story comes from Brandon Dixon, who currently serves as CTO and co-founder of AI security firm Ent. In a prior life, however, Dixon was a penetration tester for hire and he saw some things that made all my remaining hairs stand on end just hearing about them.
During one pentesting assignment, Dixon tried to find out how easy it would be to steal someone’s account using social engineering. The answer: barely an inconvenience.
Dixon telephoned IT security and pretended that he was the head of security who had lost his password. When they asked him challenge questions, he said he had forgotten the answers to those also.
Then he gave them the password he wanted to use over the phone and they did a reset for him. After that, he was able to get into the network and do whatever he wanted there.
There’s so much that’s obviously wrong here that it’s hard to know where to begin with our lesson-taking. The IT support agents should not have taken Dixon’s word that he was the security manager, especially after he failed challenge questions, and should have denied his request to reset the password. They were probably thinking “this guy is an executive and we don’t want to piss him off” rather than “we have procedures that everyone must follow.”
The other problem here is that the IT department entered Dixon’s suggested password for him over the phone. First of all, the IT department should have sent a password reset to the real employee’s email or phone number. Second of all, it’s piss-poor security for anyone to know a user’s password other than the user themselves. And I say this as someone who used to work for a company where, if you had a problem, the IT support people would ask for your password via chat.
Dixon also shared another story about social engineering from a time when he consulted for a pharmaceutical company. Members of the competition would call sales and marketing reps, pretend they were coworkers, and then extract information about upcoming drugs. This would allow competitors to know what was coming and how to respond to it.
To help solve the problem, Dixon instituted a system where real employees had to give a secret password at the beginning of a conversation.
“I built a system called ‘Chal-Resp,’ short for ‘challenge-response,’ that generated work pairings so a user could validate they were speaking with an actual employee,” he told The Register. “The caller would need to say the word and the end-user would need to respond with the proper challenge; only employees had access.”
What both of Dixon’s stories have in common is the proof that humans are eager to please and be helpful. But suspicion is the whole root of infosec, so it behooves us all to be a little less helpful to strangers in the workplace. ®
Most home security cameras demand either a complicated installation, a recurring subscription, or a battery you are replacing every few weeks, and the cheaper ones tend to ask for all three at once.
The Blink Outdoor 4 was built to sidestep every one of those frustrations, and it is currently down from $79.99 to $43.99, with $36 knocked off its usual retail price.
A big 45% saving puts the Blink Outdoor 4 within easy reach for anyone upgrading their home security
This Blink deal is very much ideal for anyone who wants capable outdoor coverage, and $36 saved at today’s price makes it an easy decision.
This is a fourth-generation wireless security camera that sets up in minutes, requires no drilling or hardwiring, and runs on two included AA Energizer lithium batteries for up to two years before you need to think about power again.
Video comes through at 1080p HD with a 143-degree diagonal field of view, infrared night vision for low-light coverage, and two-way audio so you can speak directly to whoever is at your door or in your garden from the Blink app on your phone.
The dual-zone enhanced motion detection lets you define exactly which areas of the frame trigger an alert, which cuts down on false notifications from passing cars or shifting shadows rather than actual movement that matters.
Person detection is also available, using embedded computer vision to distinguish a person from an animal or object, though this feature requires an optional Blink Subscription Plan sold separately and is not included in the base price.
Cloud video storage follows the same model, with a 30-day free trial included and a paid subscription needed to keep footage beyond that period, while local backup is possible via a Sync Module XR and MicroSD card, both of which are sold separately.
The included Sync Module Core acts as the system hub, supporting up to ten Blink devices and extending battery life across the camera range, meaning the Blink Outdoor 4 can grow into a wider whole-home setup over time.
Alexa compatibility allows you to pull up a live view, arm or disarm the camera, and set routines using any compatible Amazon device, which makes it a natural fit for households already inside the Amazon ecosystem.
This deal is very much ideal for anyone who wants capable outdoor coverage without a professional installation or a long-term commitment, and $36 saved at today’s price makes it a straightforward decision.
SQUIRREL_PLAYLIST_10148964
Sealy is a mattress brand that is tried and true for many people, given that it has been around since 1881. That’s a lot of time to refine your product. Sealy has kept pace with the times by offering modern variations like memory foam and hybrid mattresses while also maintaining a strong lineup of traditional innerspring beds.
For example, the Cocoon Chill by Sealy is one of our favorite cooling mattresses that passed our week of testing with flying colors. While I’ve only been in the mattress industry for five years (a blip compared to Sealy’s timeline), I’m the resident sleep writer, reviewer, and certified sleep science coach here at WIRED. These are beds to keep an eye on, especially when they go on sale. Without further ado, here are some Sealy promo codes for this very case.
But if Sealy isn’t the only brand you’re contemplating, you can find our top-tested picks on our best mattresses list, plus the best bedsheets to go with them.
Sealy doesn’t just make mattresses, and their coupons aren’t just for mattresses—you can also score deals on products like bed frames. The Sealy Ease Power Base allows you to modify the angle of the head and foot of the bed, along with adjustable leg heights to best match your stature. If you plan on getting one to accompany your new Sealy Elite mattress, use Sealy promo code on this page to knock $200 off your bed and Ease power base purchase.
Sealy’s Posturepedic Spring mattress isn’t messing around when it comes to lumbar support. Sealy’s PrecisionFit coils are also working hard within this bed, with firmer coils in the center of the bed right where your spine needs it most—keep that in mind if you have back pain. Gel memory foam layers to keep tension off your pressure points and lower back.
Your head and shoulders need as much support as your knees and toes, which is why you’re looking for the best pillow out there and a good deal. Sealy’s got a good thing going with its adjustable pillows, which have the same pressure-relieving memory foam that works to contour around your head. No Sealy promo code needed for this one, because you can bundle to save $29 with a purchase of two pillows.
Sealy beds are everywhere. And there’s a reason this mattress is so popular, as they have tons of different models for every type of sleeper. Be sure to check out their complete lineup, including some of their most popular mattresses: the Sealy Posturepedic Hybrid Mattress, the entire Posturepedic Elite Collection, which helps to cradle and support the whole body, and the Cocoon Chill Mattress, ever-popular with hot sleepers who need a cooling mattress.
Sealy offers you 90 nights and 10 years to back up your new mattress purchase, which is the industry standard. Your body needs at least 30 days to get used to the new bed, and 60 nights beyond that initial timeframe helps you be extra sure it’s the one for you. Ten years is generally how long you can expect a mattress to last, so this is another way of Sealy standing by the durability of its product, whether you plan on buying online or in-store.
Samsung’s Galaxy Book6 Ultra is the latest attempt to take the thin-and-light workstation crown away from Apple’s MacBook Pro. There is a clear winner.
The premium notebook market is highly competitive, and Apple has been a big part of that particular industry for decades. The MacBook Pro is synonymous with the concept, being an aluminum-clad slab of portable computing for power users on the go.
Many have tried to emulate Apple’s aesthetic, and with some success, too. Even rival companies like Samsung have gone down a similar route with their premium notebooks.
Continue Reading on AppleInsider | Discuss on our Forums
Some Amazon employees are reportedly using the company’s internal agentic AI platform, MeshClaw, to automate unnecessary or trivial parts of their work simply to boost internal AI usage metrics.
This comes as company workers are being pressured from above to use more AI – Amazon wants four in five of its developers to be using the tech weekly, and has since started tracking AI token consumption on internal leaderboards.
With workers adoption still relatively slow, many have turned to behavior described as ‘tokenmaxxing’ to artificially inflate their AI usage metrics, the Financial Times has reported.
MeshClaw is one of the company’s internal systems designed to support the adoption of AI, allowing employees to create their own AI agents to navigate software, coding, emails and other regular workflows.
But workers are now said to be optimizing their usage to maximize token counts rather than useful outcomes, ultimately leading to unnecessary AI calls that are increasing Amazon’s compute costs without delivering true ROI.
And it’s not just Amazon looking to drive AI adoption internally, with Meta, Microsoft and other companies also reportedly gamifying uptake with internal leaderboards.
However, a recent study by engineering analytics firm Jellyfish (via Business Insider) reveals that, while the heaviest AI users consumed around 10x more tokens than average, they only achieved a 2x increase in productivity.
Conversely, Nvidia CEO Jensen Huang said in an interview with the All-In Podcast he would be “deeply alarmed” if workers like software engineers or AI researchers didn’t use half their annual salary’s worth of AI tokens annually – that’s $250,000 in tokens for a $500,000 worker.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
We may receive a commission on purchases made from links.
Folks looking to upgrade their day-to-day lives with smart technology have no particular shortage of options, with most of the major tech companies offering devices to manage almost any scenario you can fathom. But in the smart assistant game, it really comes down to a few major players in Apple’s Siri, Google’s Gemini (and its former iteration, Google Assistant), and, of course, Amazon’s very own Alexa.
Those AI assistants no doubt play a big role in the lives of most folks in the modern world. However, Alexa may own a slight advantage over the competition when it comes to hardware due solely to its ties to Amazon, which happens to be the largest e-commerce outlet in existence by a pretty wide margin. To that end, most of the major manufacturers of tech now make devices that are compatible with Alexa.
Amazon, naturally, also makes an entire line of smart devices that are Alexa enabled and ready to make your life a little easier whether you’re at home or out and about for the day. For this particular list, we’re focusing on that set of smart devices. Similarly, we are keeping to options which can be purchased directly through Amazon, as it sometimes must make sense to buy directly from the source. In any case, if you are looking for Alexa ready devices for your home and beyond, here’s a look at a few of the cheapest you can currently buy through Amazon.
Many of Amazon’s Alexa enabled devices are, of course, designed to provide some level of service to users by allowing them to control compatible devices through a single digital point of origin. Some of those devices are, however, are also geared towards providing users with entertainment options, and one of the more popular Alexa devices in that list is the SlashGear-approved Amazon Echo Show 5.
If you’re interested in the entertainment enabled device to your Alexa array, you can add an Echo Show 5 for a typical retail price of $89.99. It should be noted that the sticker price may be even lower on occasions when Amazon is running a sale. For that price, you get an Alexa device that is equipped with a 5.5-inch screen that can indeed be used to stream news programs and your favorite shows from Amazon and any number of streamers. The device can also be used to stream music from your favorite artists, with Amazon claiming dramatic upgrades in the audio setup over previous generations.
On top of that, you can connect the device to doorbell cameras like those from Ring, which is, of course, owned by Amazon. The Echo Show 5 can also be used for video calls if you like, and even possesses some smart home hub capabilities that can help you control smart lights, smart thermostats and your home security system. It can also serve as a digital frame for your favorite photographs.
If you don’t need an Alexa device equipped with all that video capability, and just want a little something that can help you kick out the jams in your kitchen, office or bedroom, Amazon’s Echo Pop may be just the stripped back speaker you need. It is also one of the cheaper Alexa enabled devices that Amazon makes, with the online retailer selling it for just $39.99 these days.
Don’t let the term “stripped back” put you off of this little speaker, as it is as well-designed and developed as any of Amazon’s Alexa devices. Though it may be small in stature, it’s also built to provide some solid punch on the audio front, with Amazon claiming it’ll easily fill any average sized room with big sound. It’ll do so directly through Alexa or through a mobile device connected via Bluetooth if you prefer to blast a playlist from your favorite streamer.
Its Alexa capabilities also extend to the control of certain smart devices like lights and plugs via voice commands. Like many other Alexa devices, the Echo Pop can also answer any number of questions, and is fitted with the now common light bar that lets you know when the AI assistant is engaged and when it’s not. According to Amazon, the device is pretty eco-friendly too, with its fabric covering made of 100% post consumer recycled yarn, and its casing being manufactured from 80% recycled aluminum. For the record, it’s also equipped to run the new Alexa+ program.
Amazon does make a few devices that allow you to take Alexa with you. Its Echo Buds wireless earbuds would likely have been the accessory listed here if they hadn’t been listed as “currently unavailable” through Amazon for some time now. Even as some might think Alexa shouldn’t have a place in a moving car, the Echo Auto accessory is designed to put the AI assistant there for any vehicle owner who does.
No, the Echo Auto does not put Alexa at the wheel of our vehicle. Rather, this device is designed to provide more hands-free functionality to drivers on the road. The microphone equipped device — it’s actually got 5-mics built in to ensure you are heard over in-cabin noise – is designed to mount anywhere in your vehicle, and is powered/connected to it via USB connection. Once it’s up and running, you’ve basically got a mobile Alexa device that can perform many of the same functions as the one in your living room, and will do so by way of simple voice commands.
That list includes playing music, podcasts or radio broadcasts, sending text messages and making phone calls. You can also connect the device to your Alexa enabled home hub and use it to engage smart locks on your home, turn lights on and off inside, and even adjust the thermostat while away. Echo Auto may seem like overkill to some, but at $54.99, many may be willing to give it a go.
In the context of smart home upgrades, alarm clocks are one place where technology has largely failed us, because, well, even as necessary as they are, they are still just infuriatingly loud and limited in personalization. We’re not here to make any claims that Amazon has fixed the long-running alarm clock conundrum. Nonetheless, the Echo Spot Alarm Clock feels like a solid enough step in the right direction if you’re looking for a new one.
The first version of the Spot was, of course, discontinued a couple of years back. The re-imagined Spot is basically a modified version of the Echo Dot, with Amazon flattening the face of that high-tech orb and replacing it with a flat surface that is half shiny digital display and half speaker. That display is customizable to each user’s needs, but is also designed to prominently feature the time, the date and the temperature. Perhaps more importantly, the device allows users to tailor their wake-up routine to their specific desires, making it easier than ever to rise and shine on your own terms.
Yes, like most Alexa tech, the Echo Spot is also equipped to play music, audiobooks, and podcasts at your request, and provide a myriad of other voice-activated functions. It can also connect to your home hub and aid actions like dimming lights, and can even use motion detection to tweak the thermostat in your home. At $79.99, it’s also a pretty affordable option for such a major alarm clock upgrade.
In the smart home tech market, the home hub is essentially one device to rule them all sort of option. By that standard, “cheap” is sort of a relative term, as the hub offers such a wide range of functionality. Still, there are plenty of budget-friendly smart home hub options on the market, with Amazon’s Alexa enabled Echo Hub 8 — which can be purchased for well under $200 — ranking among them.
For the record, Echo Hub 8 typically sells for $179.99, and yes, the device is indeed compatible with Amazon’s upgraded Alexa+ AI assistant. That means it can be used to run thousands of other compatible devices and seriously streamline your smart home setup. Fronting an 8-inch touch screen, the wall-mountable Echo Hub can be plugged into a standard outlet or hard-wired for a cleaner on-wall look. It’s also easy to set up via the voice command, “Alexa, discover my devices.”
As for what that hub will discover, you can count pretty much any Alexa smart device on that list, as well as a myriad of others, with the easy-to-use Echo Hub able to operate lighting and smart plugs in every room in the house. It can also adjust the thermostat, operate any connected speaker systems, show feeds from doorbell and other security cameras, and provide easy-access control over home security systems. You can even connect it to your smartphone through the Alexa App so you can check the status of all of those smart devices and setting while you’re out.
HarrisX Poll Found 52% of Registered Voters Support the CLARITY Act
Weekend Open Thread: Marianne Dress
Upbit adds B3 Korean won pair as Base token gains Korea access
Coffee Break: Travel Steam Iron
Auto Enthusiast Carves Functional Two-Stroke Engine from Solid Metal
What to Know Before Buying a Curling Wand or Curling Iron
What to expect when you’re expecting a budget
Ignore market noise, India’s long-term story intact, say D-Street bulls Ramesh Damani and Sunil Singhania
Politics Home Article | Starmer Enters The Danger Zone
GM Agrees To Pay $12.75 Million To Settle California Lawsuit Over Misuse Of Customers’ Driving Data
Simon Cowell Says He Was ‘Horrible’ To Susan Boyle During BGT Audition
General Hospital: Ric & Ava Bombshell – Ric’s Massive Secret Exposed!
Why David Letterman Called CBS ‘Lying Weasels’
Hayden Panettiere reveals she's estranged from mom, addresses brother Jansen's sudden death: 'I was floored'
Paramount+’s ‘Landman’ Season 3 Gets Promising New Update From Returning Director
Bayern Munich vs PSG UEFA Champions League SF2 live match time, streaming | Football News
YNW Melly Denied Bond Again Ahead Of Double Murder Retrial
GM agrees to $12.75M California settlement over sale of drivers’ data
Euphoria Creator Praises Sydney Sweeney Amid Season 3 Scenes Backlash
Hantavirus — cause of death for Gene Hackman's wife — at the center of Dutch cruise outbreak
You must be logged in to post a comment Login