Astell&Kern doesn’t dabble at the shallow end of the pool. The Korean brand has spent years defining the upper tier of the digital audio player market, pushing prices into territory where performance, build quality, and long-term relevance actually matter. The PD10 lands squarely in the upper tier at $2,749 with the dock ($2,410 without it), placing it in direct competition with the most serious portable players available. At nearly three grand, sound quality and prestige are no longer enough. At this level, Astell&Kern isn’t competing on specs alone—it’s competing on purpose.
The high-end DAP market is brutally competitive right now, and Astell&Kern is leading the charge; but leadership alone isn’t enough when buyers have real alternatives and very high expectations. The real question isn’t whether the PD10 sounds good; that’s table stakes at this level. The question is whether this is just another ultra-luxury portable player for headphones and IEMs, or whether Astell&Kern has built something with a broader mission in mind—something that makes sense not only on the move, but also alongside a serious home two-channel system.
PD10 Technical Overview: Power, Connectivity, and Storage
The PD10’s specifications aren’t about box-checking or bragging rights. They exist to solve real-world use cases—driving sensitive IEMs, powering full-size headphones, and functioning as a legitimate digital source beyond portable duty.
The 6-inch 1080×2160 IPS display gives the PD10 a modern, smartphone-like interface that’s responsive and easy to navigate, which matters when you’re dealing with large libraries and multiple playback modes. Output power is substantial: in low gain, the PD10 delivers 2.6Vrms from the unbalanced output and 5.6Vrms balanced, keeping noise under control for high-efficiency IEMs. Switch to high gain and those numbers jump to 4Vrms unbalanced and a very serious 8.3Vrms balanced—enough voltage to comfortably drive high-impedance and current-hungry headphones without external amplification.
Output impedance stays sensibly low at 1 ohm from the 3.5mm jack and 1.6 ohms from the 4.4mm balanced output, which means stable frequency response and predictable behavior with multi-driver IEMs. At the heart of the PD10 is a no-nonsense AKM DAC implementation, pairing dual AKM4191EQ modulators with four AKM4498EX DACs. This multi-chip approach isn’t about marketing—it allows Astell&Kern to separate digital and analog stages more effectively, reducing noise and preserving dynamic range in both portable and docked use.
Advertisement
Astell&Kern’s Advanced DAR (Digital Audio Remaster) is an optional two-stage processing system that upsamples audio before it reaches the DAC. It can be enabled or disabled at will, and whether it’s useful depends on the source material and listener preference.
The first stage uses A&K’s VSE (Virtual Sound Extender) processing to reconstruct missing harmonic information before upsampling. The second stage performs the actual conversion. PCM files in the 44.1kHz family are upsampled to 352.8kHz, while 48kHz-based files are converted to 384kHz. DSD files are left untouched in PCM mode.
When DSD conversion is selected, PCM files below 96kHz are converted to DSD128, higher-rate PCM files are converted to DSD256, and native DSD below DSD256 is also converted to DSD256. DAR never exceeds the PD10’s supported playback limits and avoids unnecessary processing.
DAR is strictly optional. Leave it off for native playback, or use it selectively if you prefer the presentation it brings to certain recordings.
Advertisement
Connectivity is current, but not exhaustive. Dual-band Wi-Fi (2.4 and 5GHz) ensures reliable high-resolution streaming, and Bluetooth 5.3 support includes aptX HD, LDAC, LHDC, AAC, and SBC. What’s notably absent, however, is aptX Lossless, a codec that’s starting to appear on competing high-end portable devices. For wired listeners, this omission won’t matter. For those expecting the latest Bluetooth standards at this price, it’s worth flagging.
Storage is generous out of the box at 256GB and expandable up to 1.5TB via microSD, which is essential for anyone sitting on a large hi-res or DSD library. Physically, the PD10 is unapologetically substantial. At just under 6 inches tall, nearly 3 inches wide, and weighing roughly 15.3 ounces, it’s clearly built for stability and performance rather than pocket-friendly minimalism. Powering all of this is a 5,770mAh battery, sized to support long listening sessions despite the high output stages and large display.
Advertisement. Scroll to continue reading.
Taken together, these specs point to a player that’s designed to do more than just sound good on the go. The PD10 has the power, connectivity, and architectural headroom to operate as a serious digital front end—whether it’s feeding headphones, IEMs, or a larger system through its dock.
Advertisement
File Support, Bit-Perfect Playback, and Output Choices
The PD10’s file support makes it clear who this player is designed for. It handles every major lossless and lossy format that actually matters—WAV, FLAC, AIFF, ALAC, APE, and AAC—alongside legacy formats like MP3 and WMA for anyone with older libraries. More importantly, native DSD support extends all the way up to DSD512, covering DSD64, 128, and 256 without conversion. That puts the PD10 squarely in “bring your entire archive” territory, not just high-res streaming playlists.
On the PCM side, support runs from 8kHz to a frankly excessive 768kHz at up to 32-bit depth. While very few real-world recordings exist at the top end of that range, the takeaway isn’t bragging rights—it’s headroom. The PD10 is capable of bit-perfect playback without resampling or truncation, which matters if you’re particular about preserving the integrity of your files from storage to output.
USB-C serves double duty here, handling charging as well as data for PC and Mac connections. Used this way, the PD10 can function as an external DAC, extending its usefulness well beyond portable playback and reinforcing its role as a flexible digital source.
Output options are practical and well chosen. The 3.5mm jack covers both unbalanced headphone output and optical digital output, allowing the PD10 to feed an external DAC or integrated amplifier in a home system. Balanced output is handled via a 4.4mm five-pole connection, which has become the de facto standard at this level and avoids the fragility and channel-matching issues of older balanced formats.
Advertisement
Taken together, the PD10’s format support and output flexibility point to a player that isn’t just designed to sound good on headphones. It’s meant to sit comfortably at the center of a serious digital library and transition easily between portable listening and fixed-system use—without forcing compromises or workarounds.
Build Quality That Matches the Asking Price?
Astell&Kern’s biggest selling point has always been its command of industrial design and materials. One look at their players tells you they aren’t inexpensive—and the PD10 continues that tradition, even as it makes a few deliberate departures from past models. Longtime owners will immediately notice the absence of the scroll wheel found on many earlier A&K designs. It’s a controversial move for some, but in day-to-day use it doesn’t meaningfully impact usability. In its place is a set of stainless-steel buttons mounted along the right side of the chassis.
Visually, those polished buttons look the part. Tactilely, they fall just short. They have a slight amount of play and can rattle faintly, which is noticeable and disappointing on a device at this price. Small details matter when you’re spending several thousand dollars. Thankfully, that’s the extent of my criticism. The USB-C port is solid and secure, the microSD card slot inspires confidence, and the chassis itself feels dense and well assembled.
If the looseness of the side buttons bothers you, the included leather case effectively masks the issue. It’s precisely cut, comfortable in hand, and finished to a level that feels appropriate for the PD10. Astell&Kern even varies the texture around the button area, making it easy to locate controls by touch alone—an appreciated detail that shows the company is still thinking about real-world use, not just shelf appeal.
Advertisement
The PD10’s status-light power button is a thoughtful touch. It remains off when playback is stopped and changes color to reflect different operating states. In practice, however, the implementation could use refinement. There’s no quick way to dim or disable the light, which becomes an issue in low-light environments. As shipped, the LEDs are bright enough to be distracting—and in a dark room, potentially disruptive to anyone trying to sleep.
The Price Is Fixed. The Features Aren’t.
Digital audio sources hit the point of diminishing returns well before $2,700. In 2026, portable audio makes that especially clear, with capable DACs and premium dongles pushing that threshold closer to $200. The PD10 only makes sense if it goes beyond raw specifications—and that’s where Astell&Kern makes its case.
Rather than chasing numbers, the PD10 layers a broad feature set onto a solid technical foundation. Alongside its integrated 256GB of storage, it supports Roon, Qobuz Connect, LDAC, and aptX HD, with access to a wide range of streaming services via the Google Play Store. Wireless playback can be handled through AirPlay, while local file management is simplified through AK File Drop, allowing FTP transfers across a home network without plugging anything in.
Advertisement. Scroll to continue reading.
At this price, you’re not paying for incremental sonic gains alone. You’re paying for integration, flexibility, and the kind of polish that turns a capable digital player into a genuinely high-end experience—one that feels considered rather than cobbled together.
Advertisement
The Full-ish Android Experience
One of the PD10’s more compelling features is its access to the Google Play Store. Few high-end audio players offer this level of openness, and those that do often burden third-party apps with restrictions that make everyday use frustrating. On the PD10, Play Store access is handled cleanly and without ceremony. Sign in to a Google account, tap the shortcut, and you’re in—no workarounds required.
From there, installing a familiar set of Android apps is straightforward. I used Microsoft Word for note-taking and set up Syncthing to automate real-time synchronization of my music library with a home media server. Even with relatively heavy background processes running, the PD10 remained responsive and stable, with no audible impact on playback. It behaves like a mature Android device first—and a high-end audio player that just happens to run Android second, which is exactly how it should be.
The Death of a Streamer
You can opt to purchase the PD10 with its all-metal cradle, and this is where the product stops behaving like a conventional DAP. The cradle allows the PD10 to dock much like a Nintendo Switch, routing audio directly to a speaker system or receiver. In practice, it turns the PD10 into a steel-clad, Android-enabled streamer—one that happens to detach and leave the room with you.
Docking is seamless and largely foolproof, provided you’re not using the leather case, and the PD10 automatically switches to XLR output mode without drama. Output from the dock measures a healthy 5.6Vrms, which is sufficient to drive most power amplifiers directly, eliminating the need for a separate preamp. That level of integration isn’t a gimmick—it’s the PD10’s strongest differentiator and a compelling reason to choose it over both cheaper and more expensive Astell&Kern alternatives.
By allowing the PD10 to function either as a premium handheld player or a fixed streamer in a speaker-based system, Astell&Kern has addressed a real-world use case. Audiophiles who split their time between headphones, speakers, and long car rides can maintain a consistent interface and sound signature across all of it without duplicating hardware or compromising convenience.
Advertisement
Listening
Docking and streaming aside, the core job of any DAP is straightforward: play locally stored audio files through IEMs and headphones without getting in the way. Most of my time with the PD10 was spent focused on exactly that. In practice, it powered nearly everything I threw at it without complaint. I took it to CES 2026, where it had no trouble with sensitive IEMs and handled planar headphones with ease. More demanding full-size models; particularly some from Dan Clark Audio, do ask for more current than the PD10 can comfortably deliver, which is worth noting if those are your daily drivers.
The PD10’s low and predictable output impedance makes it especially well suited to IEM use, including models with complex passive crossovers. Higher output impedances can interact with those crossovers and subtly alter frequency response. With the PD10, that simply didn’t happen. My most sensitive multi-driver IEM, the Campfire Audio Andromeda, sounded dynamic, smooth, and warm—exactly as intended. The player imposed no audible character of its own, which is precisely what you want from a high-end source.
I also stress-tested the PD10’s file handling by aggressively scrubbing through large local AIFF and WAV files. Skipping to random points in massive files was instant, with no buffering or hesitation. That kind of responsiveness suggests Astell&Kern didn’t cut corners on internal storage quality—a detail that matters more than it gets credit for in real-time playback scenarios. Cheap or slow storage has a way of revealing itself quickly here, and the PD10 never gave me a reason to question it.
This Is Not a Flagship Smartphone
Despite costing more than most flagship smartphones, the Astell&Kern PD10 is not built on cutting-edge mobile hardware. That distinction matters. While Astell&Kern clearly prioritizes audio components and does so successfully, the company relies on lower-tier system-on-chip and compute hardware to get there. The result is a device that sounds exceptional but behaves very differently from a modern phone.
Discerning mobile users will notice it immediately. The PD10’s display is sharp and vibrant, but touch responsiveness lags behind even relatively affordable smartphones. Compared to devices like the Asus Zenfone 9 or Google Pixel 10 Pro, the PD10 feels slower and less fluid. Part of that comes down to modern phones running 120Hz displays, but it’s also a consequence of conservative hardware choices under the hood.
Advertisement
None of this makes the PD10 unusable—far from it. Its interface is perfectly adequate for its primary job: selecting music and playing it reliably. But for users accustomed to high-end smartphones, the difference in responsiveness is noticeable and occasionally frustrating, especially when navigating with more complex touch gestures. It’s a reminder that the PD10 is an audio-first device that happens to run Android, not a luxury smartphone replacement—and expectations should be set accordingly.
Advertisement. Scroll to continue reading.
The Bottom Line
The PD10 isn’t perfect, and it isn’t priced to be forgiven for much. What it delivers—long battery life, a vanishingly low noise floor, and enough output power for the vast majority of real-world headphones and IEMs—it delivers with confidence. But the real differentiator isn’t sound quality alone. It’s the dock.
With its all-metal cradle, the PD10 stops being just another high-end DAP and becomes something closer to a modular digital source. Docked, it operates as a capable, Android-based streamer with XLR output and enough voltage to drive most power amplifiers directly, sidelining traditional streamers in the process. That single feature fundamentally separates it from alternatives in Astell&Kern’s own lineup and from competitors alike.
For buyers focused strictly on portable performance, there are clear options. Astell&Kern’s own SP4000 offers higher outright output and refinement as a pure DAP, while players like the iBasso DX340 deliver strong performance at a lower cost. Likewise, anyone already invested in a dedicated streamer may find little justification for replacing it.
Advertisement
Sound wise, the PD10 belongs exactly where Astell&Kern priced it. It delivers the refined, low noise, high resolution presentation expected from top tier DAPs, and in several cases it equals or exceeds the sound quality of dedicated streamers I have tested. That matters, because without that level of performance the rest of the PD10’s argument falls apart. It does not.
The PD10 only makes sense for a very specific audiophile, and Astell&Kern is not pretending otherwise. $2,750 is serious money, but Astell&Kern buyers already understand that reality. If you are strictly a portable listener or strictly a two channel listener, there are cheaper and in some cases better options available. But for listeners who genuinely split time between headphones on the move and a serious speaker system at home, the PD10 does something few products attempt. It replaces multiple components without compromising sound quality, usability, or overall polish. That combination of performance, Android flexibility, and cradle based system integration is what gives the PD10 its value and why for the right listener it stands alone.
Pros:
Excellent sound quality with an imperceptible noise floor
Plenty of output power for most IEMs and full-size headphones
Low, stable output impedance makes it ideal for sensitive multi-driver IEMs
Extensive format support, including native DSD up to DSD512 and high-rate PCM
Unrestricted Google Play Store access with stable performance
Smooth handling of large local files and high-quality internal storage
Roon Ready, Qobuz Connect, AirPlay, LDAC, aptX HD
Optional cradle transforms the PD10 into home hi-fi streamer
Can drive power amplifiers directly when docked, eliminating the need for a preamp
Premium materials and overall build quality appropriate for the price
Well-executed leather case included
Cons:
Very expensive, with limited value for price-to-performance focused buyers
Does not support aptX Lossless, Spotify Connect, TIDAL Connect
Android performance lags behind modern flagship smartphones
Touchscreen latency can be noticeable to experienced smartphone users
Side buttons exhibit slight looseness and rattle
Status-light power button is too bright with no easy way to dim or disable it
This Belfast-based company uses machine learning and hyperlocal rainfall forecasting to predict sewer levels, detect blockages and optimise the performance of wastewater networks.
Brian Moloney has spent many years working in the area of environmental engineering.
After obtaining a degree in civil, structural and environmental engineering from Trinity College Dublin, Moloney spent more than 15 years working in drainage and flood prevention, having led major civil engineering projects in Ireland, the UK and Australia.
This civil engineering experience allowed him to see an opportunity for a data-driven approach to tackle pollution and flooding, leading him to co-found our latest Start-up of the Week – StormHarvester.
Advertisement
StormHarvester is a Belfast-based start-up that uses AI to help wastewater utilities better manage their networks and prevent serious flooding and pollution. The start-up achieves this by using AI to monitor rainfall and wastewater networks, providing real-time insights.
“Urbanisation, climate change and population growth are putting huge strain on our water supply systems,” says Moloney. “This is resulting in increased threats of flooding and pollution.
“At StormHarvester, we use machine learning and hyperlocal rainfall forecasting to predict sewer levels, detect blockages and inflow, and optimise the performance of wastewater networks.”
How it works
As Moloney – who is also CEO of the company – tells SiliconRepublic.com, StormHarvester’s initial work focused on understanding the relationship between rainfall and drainage networks.
Advertisement
“Once this was understood, we focused on predicting the future network performance using rainfall datasets,” he says. “After investing time and effort into machine learning, our CTO Stevie Gallagher and I created a quality blockage and anomaly detection product which helped us win our first major competition, winning Wessex Water and beating many established industry analytics providers.”
Today, Moloney says the start-up works with 11 UK wastewater utilities and has onboarded “tens of thousands” of sensors globally.
StormHarvester has released a number of products since its establishment, encompassing a range of areas including inflow and infiltration detection, blockage detection, pump station alerting, rising main alerting and spill verification.
“Our advanced anomaly detection system analyses data from thousands of sensors, turning it into precise, actionable insights that drive smarter decisions,” says Moloney. “Proactive real-time monitoring allows utilities to have visibility over their network, prevent issues before they escalate and move from lagging indicators to live insights.”
Advertisement
How it’s going
To date, StormHarvester has hit a number of milestones.
“In the last year alone, we have doubled our headcount, fueling our expansion and growth strategy further to create exciting opportunities globally,” says Moloney.
According to Moloney, the company has deployed more than 270,000 sensors worldwide, and in January 2025, StormHarvester announced plans to double its workforce over three years and expand into new countries after raising £8.4m in Series A funding.
Meanwhile, in December, StormHarvester was named as Ireland’s fastest-growing technology company at the annual Deloitte Technology Fast 50 awards, which ranks Ireland’s 50 fastest-growing tech companies based on revenue growth over a four-year period.
Advertisement
But while the company experienced rapid scaling, Moloney says this introduced a challenge for the team.
“As we grew, we hired quickly, introduced more structure and refined processes while trying to keep culture and communication consistent,” he explains. “Balancing fast growth with maintaining alignment was a challenge.”
Currently, Moloney says the company is planning further expansion. He says the start-up’s successful move into Australia and New Zealand has shown that StormHarvester can “scale sustainably while keeping our culture and quality intact” – adding that the company is now preparing for entry into the US market.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
Discord is attempting to distance itself from the age verification provider Persona following a steady stream of user backlash. From a report: In an emailed statement to The Verge, Discord’s head of product policy, Savannah Badalich, confirms the company “ran a limited test of Persona in the UK where age assurance had previously launched and that test has since concluded.”
After Discord announced plans to implement age verification globally starting next month, users across social media accused Discord of “lying” about how it plans on handling face scans and ID uploads. Much of the criticism was directed toward Discord’s partnership with Persona, an age verification provider also used by Reddit and Roblox.
Apple CEO Tim Cook lost sleep after the CIA briefed him four years ago that China would move on Taiwan by 2027. With that day approaching, not enough has been done about it.
Tim Cook reportedly said he has slept “with one eye open” after his CIA briefing — image credit: Apple
Apple has been reshoring some manufacturing to the US, in initiatives that have been known for years. But now according to The New York Times, Apple and others also had a classified CIA briefing that warned how precarious chip manufacturing is in Taiwan, but have failed to heed it. Tim Cook from Apple, Jensen Huang of Nvidia, Lisa Su of Advanced Micro Devices, and Qualcomm CEO Cristiano Amon were briefed in July 2023. Following the briefing, Apple’s Tim Cook is reported to have said that he slept “with one eye open.” Continue Reading on AppleInsider | Discuss on our Forums
Panasonic has announced its full 2026 European TV lineup, headlined by new OLED models and a expanded Mini-LED range.
The new series focuses on brighter panels and larger screen options up to 86-inches. In addition, it offers improved viewing in well-lit rooms thanks to new Glare Free technology.
The range spans OLED, QD Mini-LED, QLED, 4K LED and 2K LED. Smart platforms vary by region and model — including Fire TV built in, Google TV, Roku and TiVo. Notably, 2026 marks Panasonic’s first Roku-powered models in the UK.
At the top of the lineup sits the Z95B OLED, which carries over as Panasonic’s flagship model in 55-, 65- and 77-inch sizes with LG Display’s Primary RGB Tandem Panel married with Panasonic’s own race-inspired ThermalFlow cooling system for brighter images without compromising on colour accuracy. The Z95B won Trusted Review’s best TV award of 2025
Advertisement
Below it, the fantastic Z90B OLED returns as a more accessible premium option while in the OLED line-up is the Z85C (Europe) and Z86C (UK) models which brings a new 120Hz OLED panel into the fold at this price point. The UK will get Fire TV support, while other European territories it’ll be Google TV.
Advertisement
There will be more Mini LED models this year, with the The W97C / W95C QD Mini LED models that feature over 1,000 local dimming zones, up to 1500 nits peak brightness, and claim they can hit 105% DCI-P3 coverage while for gamers there’s VRR suppprt up to 144Hz.
These sets also debut Panasonic’s Glare Free Ultra, which is aimed at reducing reflections in bright living rooms without washing out colours and contrast.
Advertisement
Further down the range, Panasonic is expanding (quite literally) its QLED and LED offerings with screen sizes that range from a compact 32-inches up to 86-inches.
However, the biggest news isn’t the newer models that will feature in Panasonic’s line-up, but that the TV division has had a big shake-up.
At its Panasonic Experience event held in Ottobrun, Germany; Panasonic annoucned that it had entered into a strategic partnership with Shenzhen Skyworth Display Technology Co Ltd, not too dissimilar to what’s happened with Sony and TCL. Though if you read between the lines, this is less a new venture between two companies and closer to Panasonic’s home TV division now under the jurisdiction of Skyworth from April 1st onwards.
These are interesting times for the TV industry as the sands continue to shift in seismic ways.
Anthropic pointed its most advanced AI model, Claude Opus 4.6, at production open-source codebases and found a plethora of security holes: more than 500 high-severity vulnerabilities that had survived decades of expert review and millions of hours of fuzzing, with each candidate vetted through internal and external security review before disclosure.
Fifteen days later, the company productized the capability and launched Claude Code Security.
Security directors responsible for seven-figure vulnerability management stacks should expect a common question from their boards in the next review cycle. VentureBeat anticipates the emails and conversations will start with, “How do we add reasoning-based scanning before attackers get there first?”, because as Anthropic’s review found, simply pointing an AI model at exposed code can be enough to identify — and in the case of malicious actors, exploit — security lapses in production code.
The answer matters more than the number, and it is primarily structural: how your tooling and processes allocate work between pattern-based scanners and reasoning-based analysis. CodeQL and the tools built on it match code against known patterns.
Advertisement
Claude Code Security, which Anthropic launched February 20 as a limited research preview, reasons about code the way a human security researcher would. It follows how data moves through an application and catches flaws in business logic and access control that no rule set covers.
The board conversation security leaders need to have this week
Five hundred newly discovered zero-days is less a scare statistic than a standing budget justification for rethinking how you fund code security.
The reasoning capability Claude Code Security represents, and its inevitable competitors, need to drive the procurement conversation. Static application security testing (SAST) catches known vulnerability classes. Reasoning-based scanners find what pattern-matching was never designed to detect. Both have a role.
Anthropic published the zero-day research on February 5. Fifteen days later, they shipped the product. While it’s the same model and capabilities, it is now available to Enterprise and Team customers.
Advertisement
What Claude does that CodeQL couldn’t
GitHub has offered CodeQL-based scanning through Advanced Security for years, and added Copilot Autofix in August 2024 to generate LLM-suggested fixes for alerts. Security teams rely on it. But the detection boundary is the CodeQL rule set, and everything outside that boundary stays invisible.
Claude Code Security extends that boundary by generating and testing its own hypotheses about how data and control flow through an application, including cases where no existing rule set describes. CodeQL solves the problem it was built to solve: data-flow analysis within predefined queries. It tells you whether tainted input reaches a dangerous function.
CodeQL is not designed to autonomously read a project’s commit history, infer an incomplete patch, trace that logic into another file, and then assemble a working proof-of-concept exploit end to end. Claude did exactly that on GhostScript, OpenSC, and CGIF, each time using a different reasoning strategy.
“The real shift is from pattern-matching to hypothesis generation,” said Merritt Baer, CSO at Enkrypt AI, advisor to Andesite and AppOmni, and former Deputy CISO at AWS, in an exclusive interview with VentureBeat. “That’s a step-function increase in discovery power, and it demands equally strong human and technical controls.”
Advertisement
Three proof points from Anthropic’s published methodology show where pattern-matching ends and hypothesis generation begins.
Commit history analysis across files. GhostScript is a widely deployed utility for processing PostScript and PDF files. Fuzzing turned up nothing, and neither did manual analysis. Then Claude pulled the Git commit history, found a patch that added stack bounds checking for font handling in gstype1.c, and reversed the logic: if the fix was needed there, every other call to that function without the fix was still vulnerable. In gdevpsfx.c, a completely different file, the call to the same function lacked the bounds checking patched elsewhere. Claude built a working proof-of-concept crash. No CodeQL rule describes that bug today. The maintainers have since patched it.
Reasoning about preconditions that fuzzers can’t reach. OpenSC processes smart card data. Standard approaches failed here, too, so Claude searched the repository for function calls that are frequently vulnerable and found a location where multiple strcat operations ran in succession without length checking on the output buffer. Fuzzers rarely reached that code path because too many preconditions stood in the way. Claude reasoned about which code fragments looked interesting, constructed a buffer overflow, and proved the vulnerability.
Algorithm-level edge cases that no coverage metric catches. CGIF is a library for processing GIF files. This vulnerability required understanding how LZW compression builds a dictionary of tokens. CGIF assumed compressed output would always be smaller than uncompressed input, which is almost always true. Claude recognized that if the LZW dictionary filled up and triggered resets, the compressed output could exceed the uncompressed size, overflowing the buffer. Even 100% branch coverage wouldn’t catch this. The flaw demands a particular sequence of operations that exercises an edge case in the compression algorithm itself. Random input generation almost never produces it. Claude did.
Advertisement
Baer sees something broader in that progression. “The challenge with reasoning isn’t accuracy, it’s agency,” she told VentureBeat. “Once a system can form hypotheses and pursue them, you’ve shifted from a lookup tool to something that can explore your environment in ways that are harder to predict and constrain.”
How Anthropic validated 500+ findings
Anthropic placed Claude inside a sandboxed virtual machine with standard utilities and vulnerability analysis tools. The red team didn’t provide any specialized instructions, custom harnesses, or task-specific prompting. Just the model and the code.
The red team focused on memory corruption vulnerabilities because they’re the easiest to confirm objectively. Crash monitoring and address sanitizers don’t leave room for debate. Claude filtered its own output, deduplicating and reprioritizing before human researchers touched anything. When the confirmed count kept climbing, Anthropic brought in external security professionals to validate findings and write patches.
Every target was an open-source project underpinning enterprise systems and critical infrastructure. Small teams maintain many of them, staffed by volunteers, not security professionals. When a vulnerability sits in one of these projects for a decade, every product that pulls from it inherits the risk.
Advertisement
Anthropic didn’t start with the product launch. The defensive research spans more than a year. The company entered Claude in competitive Capture-the-Flag events where it ranked in the top 3% of PicoCTF globally, solved 19 of 20 challenges in the HackTheBox AI vs Human CTF, and placed 6th out of 9 teams defending live networks against human red team attacks at Western Regional CCDC.
Anthropic also partnered with Pacific Northwest National Laboratory to test Claude against a simulated water treatment plant. PNNL’s researchers estimated that the model completed adversary emulation in three hours. The traditional process takes multiple weeks.
The dual-use question security leaders can’t avoid
The same reasoning that finds a vulnerability can help an attacker exploit one. Frontier Red Team leader Logan Graham acknowledged this directly to Fortune’s Sharon Goldman. He told Fortune the models can now explore codebases autonomously and follow investigative leads faster than a junior security researcher.
Gabby Curtis, Anthropic’s communications lead, told VentureBeat in an exclusive interview the company built Claude Code Security to make defensive capabilities more widely available, “tipping the scales towards defenders.” She was equally direct about the tension: “The same reasoning that helps Claude find and fix a vulnerability could help an attacker exploit it, so we’re being deliberate about how we release this.”
Advertisement
In interviews with more than 40 CISOs across industries, VentureBeat found that formal governance frameworks for reasoning-based scanning tools are the exception, not the norm. The most common responses are that the area was considered so nascent that many CISOs didn’t think this capability would arrive so early in 2026.
The question every security director has to answer before deploying this: if I give my team a tool that finds zero-days through reasoning, have I unintentionally expanded my internal threat surface?
“You didn’t weaponize your internal surface, you revealed it,” Baer told VentureBeat. “These tools can be helpful, but they also may surface latent risk faster and more scalably. The same tool that finds zero-days for defense can expose gaps in your threat model. Keep in mind that most intrusions don’t come from zero-days, they come from misconfigurations.”
“In addition to the access and attack path risk, there is IP risk,” she said. “Not just exfiltration, but transformation. Reasoning models can internalize and re-express proprietary insights in ways that blur the line between use and leakage.”
Advertisement
The release is deliberately constrained. Enterprise and Team customers only, through a limited research preview. Open-source maintainers apply for free expedited access. Findings go through multi-stage self-verification before reaching an analyst, with severity ratings and confidence scores attached. Every patch requires human approval.
Anthropic also built detection into the model itself. In a blog post detailing the safeguards, the company described deploying probes that measure activations within the model as it generates responses, with new cyber-specific probes designed to track potential misuse. On the enforcement side, Anthropic is expanding its response capabilities to include real-time intervention, including blocking traffic it detects as malicious.
Graham was direct with Axios: the models are extremely good at finding vulnerabilities, and he expects them to get much better still. VentureBeat asked Anthropic for the false-positive rate before and after self-verification, the number of disclosed vulnerabilities with patches landed versus still in triage, and the specific safeguards that distinguish attacker use from defender use. The lead researcher on the 500-vulnerability project was unavailable, and the company declined to share specific attacker-detection mechanisms to avoid tipping off threat actors.
“Offense and defense are converging in capability,” Baer said. “The differentiator is oversight. If you can’t audit and bound how the tool is used, you’ve created another risk.”
Advertisement
That speed advantage doesn’t favor defenders by default. It favors whoever adopts it first. Security directors who move early set the terms.
Anthropic isn’t alone. The pattern is repeating.
Security researcher Sean Heelan used OpenAI’s o3 model with no custom tooling and no agentic framework to discover CVE-2025-37899, a previously unknown use-after-free vulnerability in the Linux kernel’s SMB implementation. The model analyzed over 12,000 lines of code and identified a race condition that traditional static analysis tools consistently missed because detecting it requires understanding concurrent thread interactions across connections.
Separately, AI security startup AISLE discovered all 12 zero-day vulnerabilities announced in OpenSSL’s January 2026 security patch, including a rare high-severity finding (CVE-2025-15467, a stack buffer overflow in CMS message parsing that is potentially remotely exploitable without valid key material). AISLE co-founder and chief scientist Stanislav Fort reported that his team’s AI system accounted for 13 of the 14 total OpenSSL CVEs assigned in 2025. OpenSSL is among the most scrutinized cryptographic libraries on the planet. Fuzzers have run against it for years. The AI found what they were not designed to find.
The window is already open
Those 500 vulnerabilities live in open-source projects that enterprise applications depend on. Anthropic is disclosing and patching, but the window between discovery and adoption of those patches is where attackers operate today.
Advertisement
The same model improvements behind Claude Code Security are available to anyone with API access.
If your team is evaluating these capabilities, the limited research preview is the right place to start, with clearly defined data handling rules, audit logging, and success criteria agreed up front.
Russia has opened an investigation into Telegram founder Pavel Durov for “abetting terrorist activities,” [non-paywalled source] in the latest sign that his uneasy relationship with the Kremlin has broken down. From a report: Two Russian newspapers, including the state-run Rossiiskaya Gazeta and Kremlin-friendly tabloid Komsomolskaya Pravda, alleged on Tuesday that the messaging app had become a tool of western and Ukrainian intelligence services.
The articles, credited to materials from Russia’s FSB security service, accused Telegram of enabling attacks in Russia and said that Durov’s “actions … are under criminal investigation.” Russia has restricted Telegram’s functions, accusing it of flouting the law and is seeking to divert users towards Max, a state-run rival messenger. The steps escalate pressure on a platform that remains deeply embedded in Russian public life.
Sources recently informed Windows Central that Xbox Insiders who own Asus ROG Xbox Ally handheld gaming PCs can test a feature that uses the system’s embedded NPU to capture notable gaming moments. The functionality works without interrupting gameplay. Read Entire Article Source link
Nvidia has become shorthand for the AI market itself. In the years since generative models reshaped computing, the company’s GPUs have powered everything from large-scale training clusters to real-time inference infrastructure.
That dominance helped Nvidia’s stock surge over 1,500 percent from 2022 into 2025 and made it one of the most valuable tech firms in history.
Yet as its newest earnings report approaches, investors aren’t just asking whether revenue is growing, they’re asking whether the AI boom still has room to run.
Scaling AI isn’t just about silicon anymore
Analysts expect Nvidia to post another blockbuster quarter, with revenue forecasts between roughly $65 billion and $66 billion and adjusted gross margins near 75 percent.
Advertisement
That kind of performance would mark continued strength in demand for high-end AI accelerators, particularly from cloud providers and hyperscalers that underpin much of the industry’s infrastructure.
The 💜 of EU tech
The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!
On the surface, those numbers look almost routine at this point, after all, Nvidia has beaten estimates for revenue and earnings for more than a dozen straight quarters. But markets have shifted, and so has investor psychology.
Advertisement
The question now isn’t just “how much growth?”, but “for how long?” and “toward what?”
One reason for that shift is the growing push by major AI users to develop or adopt alternatives to Nvidia’s hardware.
Meta, Google and other hyperscalers are investing heavily in custom silicon or alternative accelerators designed to cut costs, optimize specific workloads, or gain strategic independence from Nvidia’s ecosystem.
Those moves don’t immediately undercut Nvidia’s sales, but they signal a longer-term competitive environment that didn’t exist a few years ago.
Advertisement
This isn’t entirely new, the chip industry has always been cyclic and competitive, but it matters more now because so much of global AI infrastructure hangs off a single architecture. When customers start hedging that exposure, it naturally ripples through valuations and strategic forecasts.
Investor expectations are part of the story
Another reason this earnings cycle feels different is the backdrop in broader markets. AI names have led the rally in tech stocks, but sentiment has softened.
Over the first weeks of 2026, Nvidia’s share price has barely budged compared with steep gains in previous years, even as other industries waver under economic uncertainty.
Some analysts read this as a sign that markets are increasingly focused on profitability timelines and real-world deployment metrics rather than narrative alone.
Advertisement
Part of that recalibration reflects broader anxiety about what some observers call an “AI bubble,” where valuations in the sector may be disconnected from underlying economic fundamentals.
Whether or not that label is fair, it reflects genuine investor nervousness about sustainability, return on investment, and how soon large companies will convert AI hype into consistent revenue growth.
What Nvidia can and must deliver
For Nvidia, this means earnings won’t be judged simply on topline figures. The market will be listening closely to a few specific signals:
Demand trajectory from hyperscalers and cloud providers. Are capex cycles still accelerating, or showing signs of plateauing?
Guidance on future quarters. Vague or cautious outlooks could spook markets that have priced high growth into Nvidia’s valuation.
Comments on competitive strategy, particularly around partnerships, software ecosystems, and how the company plans to respond to custom silicon trends.
Supply chain and geopolitical risks, including memory pricing and export restrictions that affect where Nvidiacan sell its most advanced chips.
A strong earnings beat with confident guidance could reassure markets that AI spending isn’t slowing and that Nvidia remains the core engine of that demand. A modest beat or mixed signals, however, might validate some of the more cautious narratives and lead to broader tech sell-offs.
Nvidia’s report matters because it has become the default bellwether for AI infrastructure spending, and by extension, for how investors value growth in technology sectors.
Advertisement
If the company shows that demand and pricing power remain robust, it supports a broader bull case for AI adoption. If not, we may see a re-rating of AI as an investment theme, with implications far beyond one company’s earnings call.
In that sense, this quarter isn’t just about chips or quarterly revenue. It’s about confidence: in AI’s staying power, in enterprise capex cycles, and in the narrative that has driven one of the most remarkable growth stories in recent market history.
Qilin ransomware group claims breach of TWU Local 100 in New York
Data allegedly leaked to dark web; union represents 41,000 workers and 26,000 retirees
Stolen PII could fuel phishing and fraud; members urged to stay vigilant
The dreaded Qilin ransomware operators has added the Transport Workers Union of America (TWU) Local 100 chapter to its data leak site, saying it broke into the organization and has already leaked everything it stole onto the dark web.
The Local 100 chapter of the TWU is the local union which represents tens of thousands of transportation workers in and around New York City, including people who operate and maintain the subways, buses, and other transit services, as well as workers at some private bus and ferry companies.
It primarily organizes workers for representation and labor rights with different employers, such as the Metropolitan Transportation Authority (MTA), or various private operators. It negotiates contracts, handles grievances, advocates for better pay and working conditions, and more.
What kind of data was stored?
Qilin is a Russia-linked ransomware operator, blamed for some of the more disruptive attacks in recent history.
Qilin did not say exactly how much data it stole, what it contains, or how many people are affected – but in total, TWA Local 100 represents roughly 41,000 workers and 26,000 retirees.
Cybernews notes unions are often a high-value target due to the “prolific amounts” of sensitive data they hold on their workers. The Local 100’s website says it collects and keeps personally identifiable information (PII) such as full names, basic contact information, job titles, and salary information, medical and insurance benefits, as well as retirement and pension planning. However, it also keeps data on services such as housing assistance, safety and health, grievances and disciplinary actions, and more.
Advertisement
Cybercriminals can use this information to create highly convincing phishing emails, through which they can trick the victims into sharing valuable login details, or even making fraudulent wire transfers. Potential victims should be careful with incoming email messages, especially those claiming to be coming from the TWU and carrying a sense of urgency.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
We may receive a commission on purchases made from links.
Costco is a popular membership-based club that offers warehouse-style shopping with discounted prices on bulk-packaged products. Costco offers two annual membership levels, Gold Star for $65 and Executive for $130.
Whichever membership level you choose you’ll have access to Costco gas stations, which could actually save you money if you buy enough fuel, discounted name-brand items, and the private-label Kirkland Signature store brand. Inside Costco and online, you’ll find a variety of household needs like food and drinks, personal items like clothes and shoes, and automotive essentials including car tires and batteries.
Advertisement
With a selection like that it’s no surprise that Costco offers a number of handy finds to upgrade your garage. However, as with most shopping experiences, not every Costco aimed at fulfilling a need in the garage is perfect for everyone. Some items fail to meet the expectations of Costco’s invested buyers, or there are simply better options available at other retailers where you don’t have to buy a membership to buy their products.
Advertisement
Iris 45-quart clear storage bins
Among the garage essentials with the lowest Costco customer ratings is the Iris 45-quart clear storage bin six-pack (item 1410576). With 2,066 reviews to date, the set of bins holds a 3.6-star rating. The storage bins, member-priced at $44.99, are not available inside your local Costco. Instead, you’ll have to order them online and they’ll ship to your door via free standard shipping or express, which promises arrival a few days earlier for an additional $38.94.
While having the bulky storage bins shipped straight to your door seems like an advantage, many of the negative reviews left by Costco members report the bins suffered damage during shipping. To make matters worse, as an online-only item, the bins cannot be returned to a local Costco according to reviews, they must be re-packaged and returned to the online warehouse.
As an alternative, HDX storage containers from Home Depot have better ratings, the clear 12-gallon flip-top version for example has a 4.2-star rating. While they are more expensive than the Iris bins at $13.98 each, they’re available inside your local Home Depot or shipped to your door for free, and you don’t need to buy a membership to get them.
Advertisement
Saferacks storage bin rack
Whichever storage bins, containers, or totes you decide to use to organize items in your garage, you’ll want a way to store and access them that doesn’t require unstacking and restacking them all just to access the one near the bottom. Costco’s Saferacks storage bin rack is one solution, but you should carefully consider some of its features before making the purchase.
The Saferacks storage bin rack is priced at $79.99, features tool-free assembly, and has a 250-pound weight capacity with 50 pounds on each shelf. Per the product page on Costco’s website, the rack is “designed specifically for Greenmade 27 gallon bins,” comes in either black or silver, and measures 23 inches wide, 31 inches deep, and 68 inches to the top shelf.
Advertisement
While Costco’s Saferack storage bin rack holds a 4.6-star rating on its site, negative reviews point to missing welds, assembly difficulties, missing hardware, and its incompatibility with storage bins other than the Greenmade 27-gallon containers. In a video review by the Mother Daughter Projects DIY YouTube channel, the pair points out some of the storage rack’s flaws. One thing they didn’t appreciate was the awkward access to removing and replacing bins. The bins sit on side rails under the outside edge of the tote, requiring lifting and pulling from the end until it’s out far enough to lift it. While the design appears to allow access to bin contents without removing them, it didn’t work that way for the mother and daughter team.
Slatwalls are among the budget-friendly ways to organize your garage items. They have a similar function to pegboard while offering a cleaner look and come in a variety of materials, including wood, metal, and PVC.
Costco’s Proslat PVC slatwall kit includes a set of 10 black hooks for $159.99. The kit holds a 4.0-star rating with just 15 reviews. While reviewers generally report acceptable quality of the components, what kills its overall rating are broken or missing pieces and lost shipments.
The Proslat kit from Costco provides materials to cover wall surfaces 48 inches high by 80 inches wide, an area of 26.67 square feet. In addition to the 10-piece set of hooks, the kit contains all the slats, trim, and hardware to complete the installation. While it’s only available for purchase online, shipping and handling are included in the price, and it’s estimated to arrive in seven days from the time it’s ordered. However, keep in mind that you need a Costco membership to buy this product, which is effectively an added cost. If you’re not a member, buying the cheapest subscription along with this slatwall pushes the price to $224.99, or $8.44 per square-foot.
Advertisement
If you don’t already have a Costco membership, the Proslat PVC 8-feet by 4-feet slatwall kit from Home Depot is a better value, even at $199.99. While you’ll have to buy the hooks separately, Home Depot sells a variety-pack of 25 slatwall hooks for $29.82. Home Depot’s slatwall kit covers 32 square feet, has a 4.3-star rating with 458 reviews, and ships to a local store or your door for no additional charge in as little as five days. For $229.81, the Home Depot combo delivers a bigger slatwall and more hooks, averaging $7.18 per square-foot.
Advertisement
Why we’re thinking twice about these garage essentials from Costco
Erman Gunes/Shutterstock
We picked these specific examples due to poor ratings or reviews found at Costco and YouTube, or ones we felt represented a poor value for the money. However, these items are just a few examples of garage essentials we should think twice about before we buy them from Costco, especially if it’s the only reason you’re buying a membership.
We’re not saying that Costco membership isn’t a good choice for anyone, although it’s certainly not the best option for everyone. If you find yourself frequently traveling near a Costco location that offers fuel for your vehicle, a Costco membership could pay for itself with fuel savings alone. Just be aware that Costco’s gas pumps are usually very busy at certain times of the day.
