While schools have made progress in technology adoption — from artificial intelligence guidelines to vetting education technology — they still struggle with the lack of resources, funding and expertise, according to a new report.

The annual State of EdTech report from the Consortium for School Networking polled roughly 600 chief technology officers for K-12 schools. One of the biggest takeaways, according to CoSN CEO Keith Krueger: AI adoption is higher than ever. According to the report, nearly three-quarters (79%) of school districts have AI guidelines in place, up from 57% in 2025.

“Given how many school districts we have, given how many small and rural ones there are, it’s shocking at how quickly at least the guidance around responsible use of AI is,” Krueger says. “As a foundational step, we’re seeing movement.”

But respondents repeatedly stated they are running into roadblocks of insufficient staffing and funding.

“There’s never going to be enough training, and we have to make sure the training is quality and meeting administrators with what they want and need,” Krueger says, adding it’s not just about training on a specific tool, but “helping them think in new ways how to use the tools.”

Most of the districts polled are in favor of AI guidelines, either set by the districts themselves or state education agencies, but do not want state or federal mandates. Typically, mandates are formed, then approved, by a board — something that is time-consuming and does not lend itself well in the fast-moving world of AI.

“This week, this month, this year is changing rapidly,” Krueger says. “It doesn’t mean we change fundamental beliefs of what’s cheating (with AI), for example, but things are moving rapidly. You don’t want to have too many solidly, board-approved things which can get locked in when you need to evolve.”

The most common AI initiative among districts is training staff on the use of instruction-focused generative AI tools, with 7 out of 10 respondents saying they do so. Productivity-focused measures focused on instructional staff and teachers followed, with 54% and 53%, respectively, deploying those initiatives. One of the largest jumps was the amount of districts having initiatives focused on AI’s operational purposes, from 37% in 2025, to 64% in 2026.

Less than half (41%) of initiatives focus on using AI for teaching and learning.

“I would say the low hanging fruit is on the operational and teacher productivity side,” Krueger says. “We should continue to explore and think through the great uses that are in the classroom. But, overnight we shouldn’t just wildly go trying to do those things when it’s going to take time to figure out the instructional piece.”

Cybersecurity

The largest concern about AI use: cybersecurity attacks. According to the report, nearly all respondents (98%) are concerned that AI can bring in new forms of cyber attacks, with just 2% stating they are “not at all concerned.” That same percentage also has concerns on student data and AI’s effect on its privacy.

While the concern over cybersecurity is strong, two-thirds of respondents state they have insufficient staffing and budget to address those challenges.

Cybersecurity concerns continue to cause schools woe, most recently with the Instructure attack in May that caused several schools to pay a ransom and shut down one of the world’s largest digital education platforms.

“The high visibility breaches and attacks that we’ve seen underscore the real cost to our school system by not investing in better cybersecurity,” Krueger says.

After 17 years of utilizing the State of EdTech report, Krueger says he believes a tipping point may have finally been reached on addressing cyber concerns.

“Certainly those in charge of technology have been yelling loudly that cybersecurity is a problem,” he says, adding the issue has become more well-known among superintendents and school board members. “I think they will start to say, ‘We can’t just have these broadband networks and not have them safe and secure.’ But it’s a huge challenge, given the lack of human capacity in schools for cybersecurity.”

EdTech

Another major finding from the report is an issue that has been bubbling beneath the surface in both tech evangelist and oppositional circles: vetting educational technology.

Edtech vetting has been under consideration amid the screen-time backlash in classrooms, with some states pushing for better review of the vetting process. Oftentimes, schools rely on the vendors’ own data and are unequipped to review the software themselves to ensure children’s safety.

“There is nobody right now that is confirming these products are safe, effective and legal,” Kim Whitman, co-lead for Smartphone Free Childhood US, said in a previous interview with EdSurge. “It should not fall on the district’s IT director; it would be impossible for them to do it. And the companies should not be tasked with doing it — that would be like nicotine companies vetting their own cigarettes.”

According to the report, most schools now have a process for vetting free edtech tools before they’re used in schools, either through IT or a list of approved vendors.

But that process still has some gaps: only 29 percent require information about if the product is inclusive and accessible for all learners. That is particularly worrisome for accessibility advocates who already fear they are being left out of the conversation.

“Parents with children who have a disability must have a seat at the table,” Sambhavi Chandrashekar, global accessibility lead for D2L, an online learning platform, said in a previous EdSurge interview. “Blanket rules that are blind to fundamental human differences will do more disservice than good to students at the margins.”

And while more than half (55%) of the edtech processes require vendors to provide information about safety, that leaves roughly 45% not addressing safety concerns.

“It’s a huge warning sign; there’s a whole lot of progress and work that has to happen in this area,” Krueger says.

He suggested reviewing the five quality indicators for edtech and AI products, with districts benchmarking their current status and set it as a priority to push forward.

“One of the biggest powers we have is procurement, so getting serious about how we buy them, and when,” Krueger says. “Whether or not we move forward will depend on if we set it as a priority and get serious about the awareness, the training and the policies.”

Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators.

The attacks were detected by WordPress security firm Defiant, whose Wordfence firewall blocked over 222 attempts against its customers in the past 24 hours.

The full name of the plugin is Kirki – Freeform Page Builder, Website Builder & Customizer. It is a freeform visual builder and advanced theme customizer active on more than 500,000 websites.

Wordfence reports that the issue was introduced in a recent major release, version 6.0.0, and impacts plugin versions up to 6.0.6, which are used by nearly 40% of the plugin’s userbase, according to download statistics from WordPress.org.

CVE-2026-8206 is caused by the exposure of a custom REST API endpoint for password resets through the ‘handle_forgot_password()’ function.

The flaw stems from the plugin accepting an arbitrary email address during password reset requests.

When a username is provided, the plugin generates a valid password reset link for the associated account, but sends it to the attacker-supplied email address rather than the account owner’s registered email address.

This behavior makes it trivial for unauthenticated attackers to generate password reset links for any user registered on the site to email addresses under their control, easily hijacking them.

Once an attacker gains admin-level access, they could install malicious plugins, modify website content, deploy web shells or persistent backdoors, and access private databases.

The flaw was discovered by security researcher CHOIGYENGMIN, who reported it to Wordfence on May 4, 2026. The company notified the vendor on May 16 and released a fix with version 6.0.7 on May 18, 2026.

Given the active exploitation status of CVE-2026-8206 and the very low requirements for launching attacks, it is critical that website owners/administrators upgrade to version 6.0.7 or disable the plugin.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.

This guide covers the 6 surfaces you actually need to validate.

Download Now

You can pre-order the Faden siblings’ next adventure now.

Qualcomm and Microsoft believe cloud-based AI wearables are the future, rather than entirely optional and secure on-device features like Apple Intelligence.

Big tech has all but embraced the proliferation of AI. Microsoft and Qualcomm are the latest to suggest the future of hardware and software development lies in AI-first devices.

On June 2, Microsoft CEO Satya Nadella and Qualcomm CEO Cristiano Amon discussed a new wearable device dubbed Project Solara, a joint venture of the two companies.

“We’re moving from building operating systems, devices for apps, to agents,” said Nadella.

Qualcomm’s CEO describes Project Solara as “a much more personalized and bespoke experience than an app in itself,” and as a product “that’s changing the nature of devices.”

In essence, the two companies are working on a device that does tasks for you through AI agents, rather than a product with an established operating system and apps that let you do things on your own. Additionally, the “whole silicon is designed for you to have a cloud-native experience,” according to Amon.

Design-wise, Project Solara resembles a smartphone attached to a lanyard. Commenting on the product’s design, Amon said that we’ve started to see “incredible new form factors” like Project Solara.

Realistically, though, it’s not a far cry from the ill-fated Rabbit R1 or the Humane AI Pin.

Inside, Microsoft and Qualcomm’s new device will house a power-efficient CPU, along with a variety of sensors to help it understand the world around its wearer. In that respect, the device sounds like most AI wearables on the market, though less convenient than something like Google’s smart glasses.

Microsoft’s AI approach vs. Apple’s ideas

Project Solara stands at odds with Apple’s privacy-first AI philosophy, where on-device models are prioritized over cloud-based processing. The product has an inherent security risk, relative to an iPhone, as information is constantly shared over the internet.

Qualcomm CEO Cristiano Amon spoke about “incredible new form factors,” but the device looks like a smartphone on a lanyard. Image Credit: Qualcomm.

However, there is a small commonality between the AI ideas of Microsoft and Apple. Project Solara will feature an open ecosystem where wearers can choose the AI agents they want to use.

Apple, meanwhile, is said to be working on improved third-party AI support for iOS 27, though its own on-device AI will continue to be the backbone of Apple Intelligence.

In essence, Microsoft will prioritize convenience over privacy, security, and long-term usability. Both Apple and Microsoft will give users freedom of choice when it comes to AI models, though.

When viewed through the context of failures like the Humane AI Pin and Rabbit R1, though, Apple’s idea of offering AI with existing products makes more sense. Google Gemini is similarly available across Android devices, as Apple Intelligence is on iOS.

More importantly, Apple Intelligence is an entirely optional set of features, an auxiliary set of tools. AI is not the cornerstone of the iPhone, and Apple understands that users want the freedom to do things without LLMs. Microsoft’s AI approach is arguably the exact opposite.

However, rumors of an Apple-branded AI pin continue to circulate, and OpenAI is working on an AI-themed device with former Apple designer Jony Ive. Even with the nonexistent success of AI companion devices, tech companies seem to believe there’s still hope for this sort of platform.

Whether any AI-themed device, be it from Apple or Microsoft, will achieve mainstream success remains to be seen.

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions.

Tool and payload development was assisted by Cursor and Claude Opus agents in various stages, including initial coding, analysis, and revisioning. Additionally, some agents were tasked with checking security research posts for various bypass techniques.

Some of the malware created this way was tested in virtual environments against EDR tools from Sophos, CrowdStrike, and Microsoft.

Despite the malware research and development orchestrated using AI technology, the researchers note that the workflow is entirely human-driven.

Rapid EDR-bypass development

Researchers at cybersecurity company Sophos detected activity from the toolkit on a system at a customer environment that triggered alerts for payloads stored in C:\Users\User\Documents\test.

The malicious files suggested they were part of an attack framework that focused on evading detection:

• Cobalt Strike profiles designed to make beacon traffic resemble legitimate web requests
• A Telegram bot API–based external command and control (C2) mechanism that routed communication through Telegram’s infrastructure rather than using direct connections
• Python-based malware development scripts for injecting shellcode into legitimate Windows executables while preserving original functionality
• A Cloudflare Worker acting as a front-end redirector to obscure the actual backend C2 server

The researchers say that while the tool may appear as a “red team” post-exploitation framework, it is used in cybercriminal activity related to ransomware.

“Our initial assessment included the possibility that a legitimate Red Team was engaged, but our investigation revealed further artifacts that indicated malicious and criminal activity,” Sophos told BleepingComputer.

The discovery in Cobalt Strike operator logs of entries pointing to a ransom note and details on multiple organizations listed on a ransomware data leak site clarified that the framework was used for cybercrime operations.

Agentic malware development

In a report published today, Sophos says that multiple Python scripts on the compromised host were written in Russian and generated with the help of AI tools.

During the investigation, the researchers found a Git repository with components related to “an automated Active Directory (AD) discovery panel and a lab that uses an iterative approach to developing and testing malware against the Sophos, CrowdStrike, and Windows Defender endpoint detection and response (EDR) agents.”

They say that AD discovery is driven by collecting observations from completed tasks and selecting the next action from predefined choices. The next step is delegated to remote agents, with results being reassessed.

The framework has multiple AI agents, each with a distinct role and function. For instance, a Claude Opus 4.5 agent acts as the coordinator of the R&D process, while others handle testing, OPSEC hardening, documentation, proxy stress testing, VM deployment, and other related tasks.

For the development stage, some agents documented bypass techniques in research from Kaspersky, Palo Alto Networks, Bishop Fox, and SpecterOps, as well as details published in social media posts.

The agents extracted the techniques, mapped them to the MITRE ATT&CK knowledge base of adversary behaviors, identified what was needed for reproduction, prepared a test lab, executed the technique, and reported the outcome.

The main component in the malicious framework is a Python tool that generates payloads, mostly in Rust and Go, based on an evasion technique. Close to 80 modules were generated and tested against more than 70 techniques.

While the agents initially suggested a high failure rate, the modules appeared to bypass almost all EDR solutions after several iterations. However, Sophos noticed discrepancies between the test output and the framework’s internal reporting in some instances, although the reasons are unclear.

Sophos found no evidence that AI was embedded in deployed malware or operating independently in victim environments. Instead, the technology was used to accelerate the iterative process of developing, testing, and refining payloads against security products.

AI tools are shortening the period between the publication of offensive security research and its practical implementation by threat actors.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.

This guide covers the 6 surfaces you actually need to validate.

Download Now

Instagram has a well-documented problem with how it treats teenage users, and Meta is finally taking a more concrete step to address it. The company announced it is testing a new feature on Instagram designed to stop teens from being repeatedly served the same type of content in Explore, Feed, and Reels.

The announcement is part of a broader global rollout of tightened teen account protections across Instagram, Facebook, and Messenger.

The evidence against Instagram’s algorithm has been building for years

Researchers set up fake teen profiles on Instagram and found that liking just one fitness-related post was enough to completely change what the algorithm recommended next. The Explore tab quickly filled up with weight-loss tips, extreme dieting content, and images of heavily edited body types. The pattern repeated across profiles mimicking teenagers of different ages and genders.

According to Harvard researchers, Instagram’s algorithm actively draws vulnerable teens into a damaging cycle of negative social comparison, worsening body image, anxiety, depression, and eating disorders.

Most damningly, Facebook’s own internal research found that 32% of teen girls said Instagram made them feel worse about their bodies when they were already struggling. The platform knew this and kept going.

What Meta is doing to protect teens from harmful content

Meta acknowledges that content around nutrition, fitness, or coping with anxiety can be useful, but argues it should be balanced rather than served on repeat. The new feature being tested is specifically aimed at breaking that loop.

Separately, the 13+ content setting, first launched last October, is now expanding globally across Instagram, Facebook, and Messenger. Nine out of ten teens have stayed within that setting since launch.

An independent assessment by online safety firm Alice found that teens in the default 13+ setting saw 68% less mature content than on a leading competitor’s teen experience. Those in the stricter Limited Content setting saw 96% less.

Meta also crowdsourced feedback from hundreds of thousands of parents who rated over 15 million pieces of content. In a survey at the end of April, fewer than 2% of posts were flagged as inappropriate by most parents. The stricter Limited Content setting is also coming to Facebook and Messenger later this year.

The European Union’s plan to build five massive AI data centres, each with one gigawatt of capacity and approximately 100,000 advanced chips, is stumbling before it starts. The bidding process, originally scheduled for May, has been pushed to July. A lack of funding clarity means only two of the five planned centres can receive money before the EU’s next budget cycle begins in 2028. At least two consortia are reconsidering whether to bid at all if the project is significantly downsized, according to people familiar with the matter.

The initiative, announced last year to accelerate European AI infrastructure investment, initially drew interest from about 70 companies across the bloc. That number has narrowed to approximately 10 groups expected to submit bids, with a maximum of one per country. The European Commission has delayed publishing its criteria for the data centres multiple times. “I think I’ve lost count” of all the delays, said Maria Nowicka, a Brussels-based policy researcher at the think tank Interface.

The funding gap

The €20 billion ($23.3 billion) plan envisions less than half coming from governments. The EU would provide €4.1 billion in subsidies, matched by an equal amount from member states hosting the centres, with private investors financing the rest. But the phased funding structure, with money earmarked in 2028 and 2030, means the subsidies arrive years after the infrastructure is needed. US utilities alone plan to spend $1.4 trillion on grid infrastructure for AI by 2030, and American hyperscalers are investing hundreds of billions annually in data centres, including on European soil.

The scale mismatch is stark. SoftBank recently announced up to €75 billion in data centre investment in France alone, more than three times the entire EU programme. Meta is raising $13 billion for a single Texas data centre. The EU’s €4.1 billion in direct subsidies, spread across five countries, is modest relative to what individual companies are spending per facility.

The consortium problem

Early proposals were structured as national consortia pooling resources from multiple companies. In Germany, the Schwarz Group (owner of Lidl) and Deutsche Telekom both expressed interest in leading bids. In Spain, Telefónica is leading a consortium. In France, Mistral AI is in discussions to join a €10 billion project.

But the moving goalposts are eroding enthusiasm. The Schwarz Group’s interest has dampened due to the complex and lengthy tender process, according to a person familiar with its business. The company is building its own data centre south of Berlin without waiting for EU subsidies. Deutsche Telekom CEO Tim Hoettges said the company will only participate if industry and government customers guarantee demand. Telefónica’s COO said the company is considering holding only 10% to 15% of a joint venture bid.

Mistral AI’s CEO Arthur Mensch criticised the programme’s national framing: “One of the problems is that it’s kind of thought at a national level, which is completely stupid. Any successful endeavour on that domain needs to be European-wide and much larger than what is actually framed in the programme.”

Another EU tech policy stumble

The gigafactory delays echo the EU’s experience with its 2022 Chips Act, which failed to boost the bloc’s share of global semiconductor production despite a target of doubling it by 2030. French companies bid €10 billion for one of the five planned gigafactory sites, demonstrating private sector willingness that the EU’s bureaucratic process has struggled to harness.

The strategic motivation remains urgent. With transatlantic relations strained under Trump’s current term, the EU is promoting tech sovereignty as a matter of security, privacy, and competitiveness. Europe has led on AI regulation through the AI Act, but regulation without infrastructure means setting rules for a game played on someone else’s hardware.

Polish digital minister Dariusz Standerski, participating in the EU talks, confirmed the July bidding timeline and the two-phase funding structure. A Commission spokesperson said a call for proposals is expected to be approved “shortly after thorough preparations.” For the companies that have already moved on, building their own facilities without waiting for subsidies that may not arrive in time, the EU’s assurances may come too late to matter.

Security

Meanwhile, Anthropic adds 150 partners to Project Glasswing

Bug hunting has become a whole lot more exciting in recent months with both Anthropic and OpenAI touting their latest models (that also happen to be super-scary exploit machines). On Tuesday, as Anthropic announced a fourfold expansion to its Mythos preview program, Cisco jumped into the fray, praising the transformative power of AI – but without disclosing how many bugs the latest frontier models found.

Cisco SVP Anthony Grieco in a Tuesday blog said that the advanced AI systems, including Anthropic’s Claude Mythos Preview and OpenAI’s GPT 5.5-Cyber, scanned 1.8 billion lines of code in eight weeks looking for vulnerabilities in Cisco products – a task that otherwise would have taken the networking giant’s advanced security team eight years to accomplish.

However, Grieco, who heads Cisco’s security and trust organization, didn’t say how many flaws Mythos and other frontier models uncovered, or if they have all been fixed. The company also did not respond to The Register’s questions about this.

Grieco did say that “speed is only half the story,” calling the “real breakthrough” the “scale, quality, and impact” of the models’ findings.

The 1.8 billion lines of code, written in more than 25 different languages, spanned Cisco’s portfolio, we’re told. Netzilla paired the models with a “human-guided harness,” and achieved a false positive rate of under 3 percent, Grieco wrote.

“Rather than focusing on a specific scope for a security evaluation, we can assess entire code bases of a product. It’s like switching from a flashlight to a flood light to illuminate a dark room,” he said. “Because each finding is validated through a hybrid of AI and human expertise, our engineering teams are receiving actionable intelligence rather than a wall of warnings.”  

Meanwhile, Anthropic on Tuesday said it expanded Project Glasswing to about 150 additional organizations, bringing the total partner count to about 200.

Project Glasswing is the AI giant’s controlled partner program for giving selected orgs access to Claude Mythos Preview. When it announced the new model and partner program in early April, Anthropic limited the preview to about 50 entities, claiming Mythos is so good at finding and exploiting security holes that all hell would break loose and the zombie apocalypse would hit should the model fall into the wrong hands.

Since April, these select government agencies and corporate partners – including Cisco – have been using Mythos to find and fix bugs in their own products.

Palo Alto Networks, one of the original Project Glasswing partners, said in May that after spending a month using frontier AI models, including Anthropic’s Mythos, to scan more than 130 products across its three platforms, it uncovered 26 CVEs representing 75 underlying security issues. 

For comparison, the cybersecurity giant said it typically discloses fewer than five CVEs per month.

At the time, a company exec forecast “a narrow three-to-five-month window for organizations to outpace the adversary before AI-driven exploits start to become the new norm.” 

The newly expanded Project Glasswing spans more than 15 countries, and, while an Anthropic spokesperson declined to name them or the new partner companies, it’s a safe bet that these are likely Western and/or “friendly” nations. So not China and Russia.

Rubrik, a data security and management vendor, said that it was among the new Glasswing partners. The expanded list also reportedly includes the Korea Internet and Security Agency (KISA), along with Samsung Electronics, SK hynix, and SK Telecom, among other Korean companies.

“The group covers several industries that weren’t well-represented in our initial cohort, such as power, water, healthcare, communications, and hardware,” according to a Tuesday Anthropic blog. “And many of the new partners are vendors – companies or nonprofits that maintain codebases that are relied upon by lots of other organizations around the world, including governments.”

Each new partner must meet Anthropic’s security requirements before they gain access to Mythos, the company added.  ®