Google senior AI product manager Shubham Saboo has turned one of the thorniest problems in agent design into an open-source engineering exercise: persistent memory.

This week, he published an open-source “Always On Memory Agent” on the official Google Cloud Platform Github page under a permissive MIT License, allowing for commercial usage.

It was built with Google’s Agent Development Kit, or ADK introduced last Spring in 2025, and Gemini 3.1 Flash-Lite, a low-cost model Google introduced on March 3, 2026 as its fastest and most cost-efficient Gemini 3 series model.

The project serves as a practical reference implementation for something many AI teams want but few have productionized cleanly: an agent system that can ingest information continuously, consolidate it in the background, and retrieve it later without relying on a conventional vector database.

For enterprise developers, the release matters less as a product launch than as a signal about where agent infrastructure is headed.

The repo packages a view of long-running autonomy that is increasingly attractive for support systems, research assistants, internal copilots and workflow automation. It also brings governance questions into sharper focus as soon as memory stops being session-bound.

What the repo appears to do — and what it does not clearly claim

The repo also appears to use a multi-agent internal architecture, with specialist components handling ingestion, consolidation and querying.

But the supplied materials do not clearly establish a broader claim that this is a shared memory framework for multiple independent agents.

That distinction matters. ADK as a framework supports multi-agent systems, but this specific repo is best described as an always-on memory agent, or memory layer, built with specialist subagents and persistent storage.

Even at this narrower level, it addresses a core infrastructure problem many teams are actively working through.

The architecture favors simplicity over a traditional retrieval stack

According to the repository, the agent runs continuously, ingests files or API input, stores structured memories in SQLite, and performs scheduled memory consolidation every 30 minutes by default.

A local HTTP API and Streamlit dashboard are included, and the system supports text, image, audio, video and PDF ingestion. The repo frames the design with an intentionally provocative claim: “No vector database. No embeddings. Just an LLM that reads, thinks, and writes structured memory.”

That design choice is likely to draw attention from developers managing cost and operational complexity. Traditional retrieval stacks often require separate embedding pipelines, vector storage, indexing logic and synchronization work.

Saboo’s example instead leans on the model to organize and update memory directly. In practice, that can simplify prototypes and reduce infrastructure sprawl, especially for smaller or medium-memory agents. It also shifts the performance question from vector search overhead to model latency, memory compaction logic and long-run behavioral stability.

Flash-Lite gives the always-on model some economic logic

That is where Gemini 3.1 Flash-Lite enters the story.

Google says the model is built for high-volume developer workloads at scale and priced at $0.25 per 1 million input tokens and $1.50 per 1 million output tokens.

The company also says Flash-Lite is 2.5 times faster than Gemini 2.5 Flash in time to first token and delivers a 45% increase in output speed while maintaining similar or better quality.

On Google’s published benchmarks, the model posts an Elo score of 1432 on Arena.ai, 86.9% on GPQA Diamond and 76.8% on MMMU Pro. Google positions those characteristics as a fit for high-frequency tasks such as translation, moderation, UI generation and simulation.

Those numbers help explain why Flash-Lite is paired with a background-memory agent. A 24/7 service that periodically re-reads, consolidates and serves memory needs predictable latency and low enough inference cost to avoid making “always on” prohibitively expensive.

Google’s ADK documentation reinforces the broader story. The framework is presented as model-agnostic and deployment-agnostic, with support for workflow agents, multi-agent systems, tools, evaluation and deployment targets including Cloud Run and Vertex AI Agent Engine. That combination makes the memory agent feel less like a one-off demo and more like a reference point for a broader agent runtime strategy.

The enterprise debate is about governance, not just capability

Public reaction shows why enterprise adoption of persistent memory will not hinge on speed or token pricing alone.

Several responses on X highlighted exactly the concerns enterprise architects are likely to raise. Franck Abe called Google ADK and 24/7 memory consolidation “brilliant leaps for continuous agent autonomy,” but warned that an agent “dreaming” and cross-pollinating memories in the background without deterministic boundaries becomes “a compliance nightmare.”

ELED made a related point, arguing that the main cost of always-on agents is not tokens but “drift and loops.”

Those critiques go directly to the operational burden of persistent systems: who can write memory, what gets merged, how retention works, when memories are deleted, and how teams audit what the agent learned over time?

Another reaction, from Iffy, challenged the repo’s “no embeddings” framing, arguing that the system still has to chunk, index and retrieve structured memory, and that it may work well for small-context agents but break down once memory stores become much larger.

That criticism is technically important. Removing a vector database does not remove retrieval design; it changes where the complexity lives.

For developers, the tradeoff is less about ideology than fit. A lighter stack may be attractive for low-cost, bounded-memory agents, while larger-scale deployments may still demand stricter retrieval controls, more explicit indexing strategies and stronger lifecycle tooling.

ADK broadens the story beyond a single demo

Other commenters focused on developer workflow. One asked for the ADK repo and documentation and wanted to know whether the runtime is serverless or long-running, and whether tool-calling and evaluation hooks are available out of the box.

Based on the supplied materials, the answer is effectively both: the memory-agent example itself is structured like a long-running service, while ADK more broadly supports multiple deployment patterns and includes tools and evaluation capabilities.

The always-on memory agent is interesting on its own, but the larger message is that Saboo is trying to make agents feel like deployable software systems rather than isolated prompts. In that framing, memory becomes part of the runtime layer, not just an add-on feature.

What Saboo has shown — and what he has not

What Saboo has not shown yet is just as important as what he’s published.

The provided materials do not include a direct Flash-Lite versus Anthropic Claude Haiku benchmark for agent loops in production use.

They also do not lay out enterprise-grade compliance controls specific to this memory agent, such as: deterministic policy boundaries, retention guarantees, segregation rules or formal audit workflows.

And while the repo appears to use multiple specialist agents internally, the materials do not clearly prove a larger claim about persistent memory shared across multiple independent agents.

For now, the repo reads as a compelling engineering template rather than a complete enterprise memory platform.

Why this matters now

Still, the release lands at the right time. Enterprise AI teams are moving beyond single-turn assistants and into systems expected to remember preferences, preserve project context and operate across longer horizons.

Saboo’s open-source memory agent offers a concrete starting point for that next layer of infrastructure, and Flash-Lite gives the economics some credibility.

But the strongest takeaway from the reaction around the launch is that continuous memory will be judged on governance as much as capability.

That is the real enterprise question behind Saboo’s demo: not whether an agent can remember, but whether it can remember in ways that stay bounded, inspectable and safe enough to trust in production.

This included a Persian turmeric chicken with dill-currant rice that fits seamlessly into Marley Spoon’s repertoire, deglazing with lemon juice instead of wine. The rice was toasted, then cooked with currants and spinach. It was simple, elegant, and kind of a treat. Among the pan-Asian dishes, this was the most successful.

Other international meals are less faithful translations.

The essence of a Moroccan tagine is the hours it spends braising and caramelizing in a conical clay pot. The challenge for a meal kit is translating this to a 45-minute meal. Marley Spoon’s chefs achieved this on a beef and apricot tagine largely by calling for fast-browning the onions and carrots rather than slowly caramelizing them, and using ground beef in place of a richer cut that would require a slower cook.

The flavors, a mix of almond and dried apricot and northern African baharat spice, were delicious. The cook was easy and intuitive, with minimal prep. When the recipe called for 30 to 40 minutes of cooking, it was actually true. But the dish doesn’t contain the depth or sweetness of long-braised meat and onion. It was the Rachael Ray version of global cooking, the one where we get real with ourselves and admit we don’t want to try so hard.

An Indian-derived keema matar was likewise the tired-parent version, made with tomato paste and Cento tomato sauce: It resembled, more than anything, a garam masala sloppy joe. That said, it promised to be a 20-minute recipe and nearly achieved this.

A similar effect arrived with a crispy rice and braised-beef bibimbap oven bake, which involved crisping up precooked jasmine rice in an aluminum baking tray. Making my own ssamjang was a fun little exercise, and I’ll always like beef over lightly crispy rice. But the resulting meal was no substitute for marinated and wok-fried beef with rice crisped on a stone.

Moving Forward

Photograph: Matthew Korfhage

These streamlined recipes aren’t a problem, though the excellent cooking technique of the classic recipes remains Marley Spoon’s backbone and chief strength. Many households will be glad of the 15-minute meals as a weeknight option. Ease is what a meal kit is designed to do. A meal kit gives you a roadmap to flavors you wouldn’t have arrived at yourself, while streamlining effort. I enjoyed each of Marley’s 15-minute dishes on its merits, the way you enjoy a breezy ride on a short track.

The microwavable meals are further convenience, though I don’t overly recommend them. And a ready-to-mix market salad offered rough, stemmy kale and supermarket Ken’s Caesar dressing, whose main flavor note was soybean oil.

This renewed focus on ease of prep does amount to a repositioning of what kind of meal kit Marley Spoon actually is. If it previously was the meal kit that stood best on fundamentals, it’s now competing on seemingly the exact same ground as HelloFresh: variety, convenience, breezy globetrotting flavors. What’s less clear is whether it will be as successful in doing so.

Marley Spoon still fares best when it hews to its strengths. Good cooking. Good recipe development. Chefs who make real meals.

A case retailer has accidentally become one of the more interesting sources of Google Pixel 11 Pro information this week.

Thinborne, a Texas-based accessories brand known for its ultra-thin aramid fiber cases, has quietly listed a Pixel 11 Pro XL case on its website — and while the case itself is unremarkable, what its camera cutout suggests about the phone’s design is worth talking about.

The case itself isn’t the story

The case is classic Thinborne: 0.9mm thick on the back, 0.6mm on the sides, made from 600D aramid fiber, MagSafe compatible, and bundled with a tempered glass screen protector.

Nothing about it screams news story. But the camera cutout is where things get interesting — it lines up closely with the oval camera bar on the current Pixel 10 Pro XL, suggesting the Pixel 11 Pro might be landing with a very similar footprint and camera module layout to its predecessor.

That wouldn’t be entirely out of character for Google — the Pixel 10 Pro’s design was already described as a slight modification of the Pixel 9 Pro, keeping the same flat sides, rounded corners, and oval camera bar.

Google may be sticking with the same design

If the Pixel 11 Pro follows the same pattern, Google is clearly not in a rush to reinvent the look. What it might do — and typically does every generation — is refresh the colour lineup, which tends to be where the design energy goes anyway.

That said, take all of this with a generous pinch of salt. Thinborne is working from unconfirmed information, and the “Pixel 11 Pro XL” name on the listing could just as easily be a placeholder or a wrong product name entirely — case makers sometimes pre-list devices based on little more than educated guesses and supply chain whispers.

Google tends to announce its Pixel flagships in August, and there’s no reason to think 2026 will be any different.

So there’s still a good five months before anything becomes official — plenty of time for more case listings, more leaks, and more reading between very thin lines.

Deveillance also claims the Spectre can find nearby microphones by detecting radio frequencies (RF), but critics say finding a microphone via RF emissions is not effective unless the sensor is immediately beside it.

“If you could detect and recognize components via RF the way Spectre claims to, it would literally be transformative to technology,” Jordan wrote in a text to WIRED after he built a device to test detecting RF signatures in microphones. “You’d be able to do radio astronomy in Manhattan.”

Deveillance is also looking at ways to integrate nonlinear junction detection (NLJD), a very high-frequency radio signal used by security professionals to find hidden mics and bugs. NLJD detectors are expensive and used primarily in professional contexts like military operations.

Even if a device could detect a microphone’s exact location, objects around a room can change how the frequencies spread and interact. The emitted frequencies could also be a problem. There haven’t been adequate studies to show what effects ultrasonic frequencies have on the human ear, but some people and many pets can hear them and find them obnoxious or even painful. Baradari acknowledges that her team needs to do more testing to see how pets are affected.

“They simply cannot do this,” engineer and YouTuber Dave Jones (who runs the channel EEVblog) wrote in an email to WIRED. “They are using the classic trick of using wording to imply that it will detect every type of microphone, when all they are probably doing is scanning for Bluetooth audio devices. It’s totally lame.” Baradari reiterates that the Spectre uses a combination of RF and Bluetooth low energy to detect microphones.

WIRED asked Baradari to share any evidence of the Spectre’s effectiveness at identifying and blocking microphones in a person’s vicinity. Baradari shared a few short videoclips of people putting their phones to their ears listening to audioclips—which were presumably jammed by the Spectre—but these videos do little to prove that the device works.

Future Imperfect

Baradari has taken the critiques in stride, acknowledging that the tech is still in development. “I actually appreciate those comments, because they’re making me think and see more things as well,” Baradari says. “I do believe that with the ideas that we’re having and integrating into one device, these concerns can be addressed.”

People were quick to poke fun at the Spectre I online, calling the technology the cone of silence from Dune. Now, the Deveillance website reads, “Our goal is to make the cone of silence become reality.”

John Scott-Railton, a cybersecurity researcher at Citizen Lab, who is critical of the Spectre I, lauded the device’s virality as an indication of the real hunger for these kinds of gadgets to win back our privacy.

“The silver lining of this blowing up is that it is a Ring-like moment that highlights how quickly and intensely consumer attitudes have shifted around pervasive recording devices,” says Scott-Railton. “We need to be building products that do all the cool things that people want but that don’t have the massive privacy- and consent-violation undertow. You need device-level controls, and you need regulations of the companies that are doing this.”

Cooper Quintin, a senior staff technologist at the Electronic Frontier Foundation, echoed those sentiments, even if critics believe Deveillance’s efforts to be flawed.

“If this technology works, it could be a boon for many,” Quintin wrote in an email to WIRED. “It is nice to see a company creating something to protect privacy instead of working on new and creative ways to extract data from us.”

Craft Recordings continues to build momentum behind one of the most successful jazz reissue campaigns of the modern vinyl era. The label has announced three new additions to its widely praised Original Jazz Classics series: The Young Lions (self-titled), Lee Morgan’s Introducing Lee Morgan, and Bobby Timmons’ This Here Is Bobby Timmons.

Arriving April 24, the trio of releases digs back into the fertile late-1950s jazz scene with albums recorded between 1957 and 1960. The set captures Morgan at the very beginning of a career that would later reshape hard bop, documents a rare all-star studio meeting from The Young Lions collective, and spotlights Timmons’ first album as a bandleader after helping define the soulful hard-bop piano sound of the era.

The new titles continue the winning formula that has made Craft’s revival of the Original Jazz Classics imprint such a hit with collectors and audiophiles. Each release features lacquers cut directly from the original analog tapes (AAA) by mastering engineer Kevin Gray at Cohearent Audio, pressed on 180-gram vinyl at Record Technology Inc. (RTI), and packaged in period-correct tip-on jackets that faithfully replicate the original artwork.

All three titles are available for pre-order now and will also arrive on April 24 across digital platforms in 192kHz/24-bit hi-res audio. The OJC revival has already become one of the most consistently praised reissue programs in jazz today and we’ve covered most of the series so far, which you can explore here.

The Young Lions – The Young Lions

In 1960, tenor saxophonist Wayne Shorter, alto saxophonist Frank Strozier, trumpeter Lee Morgan, pianist Bobby Timmons, and bassist Bob Cranshaw joined forces, supported by alternating drummers Louis Hayes and Albert Heath to record a one-off session that quietly captured a turning point in modern jazz. The resulting album, The Young Lions, brought together a group of rising stars determined to bridge the widening divide between traditional hard bop and the increasingly exploratory avant-garde that was beginning to reshape the genre.

The collaboration proved fleeting, but the music left a mark. Named after Irwin Shaw’s wartime novel, the group embodied a moment when jazz stood with one foot planted in the blues-drenched language of the 1950s and the other stepping toward the freer, more experimental sounds of the decade to come. Decades later, a new generation led by Wynton Marsalis would inherit the “Young Lions” label, but this earlier incarnation captured the spirit first.

The original liner notes by soul-jazz icon Cannonball Adderley set the tone, opening with the biting line, “We are living the era of the glorification of mediocrity,” before celebrating the group’s refusal to play it safe. Much of the album’s most memorable material comes from Shorter, whose compositions “Seeds of Sin” and “Scourn’” serve as confident sonic torchbearers for the band’s fluid, swinging approach—music rooted in bop tradition but already looking beyond it.

(Available April 24, 2026)

Lee Morgan – Introducing Lee Morgan

It’s almost absurd to consider that trumpeter Lee Morgan was only 18 years old when Introducing Lee Morgan arrived in 1957. Already a prodigy on the Philadelphia scene, Morgan had absorbed the language of bebop and hard bop with frightening speed, helped along by a trumpet reportedly gifted to him by his hero Dizzy Gillespie, complete with the tilted bell that became part of his visual signature.

Morgan’s tone on this debut bears the unmistakable influence of the late Clifford Brown; bright, confident, and full of youthful fire but the session remains grounded thanks to the steady presence of tenor saxophonist Hank Mobley and his quintet backing the young trumpeter. The result is a straight-ahead hard bop showcase that lets Morgan stretch his legs across a range of moods, from the blistering drive of “Hank’s Shout” to the more reflective reading of “P.S., I Love You.”

Even at this early stage, the album hinted at the trajectory of one of jazz’s most important trumpet voices. Morgan would go on to record a string of landmark sessions including The Sidewinder, Search for the New Land, and Cornbread that pushed hard bop toward funkier rhythms and more exploratory territory. That career arc makes Introducing Lee Morgan all the more fascinating: the sound of a teenager already playing like a veteran, laying the groundwork for a run of recordings that would define the next decade of modern jazz before his life was tragically cut short at just 33.

(Available April 24, 2026)

Bobby Timmons This Here Is Bobby Timmons

When Bobby Timmons stepped into the studio in 1960 to record This Here Is Bobby Timmons, he was already one of the defining pianists of the hard bop era. Timmons had built his reputation with Art Blakey’s Jazz Messengers and the Cannonball Adderley Quintet, where his writing and playing helped shape a more soulful, groove driven direction in modern jazz. This first album under his own name feels like a statement of purpose, with Timmons stepping out front to show just how deep his musical roots ran.

Those roots came from the church. Raised in Philadelphia where his father was a minister, Timmons grew up surrounded by gospel music, and that influence flows through the entire record. You hear it immediately in the infectious title track, while the relaxed swing of “Dat Dere” reveals the same gospel touch in a lighter, playful groove.

Timmons had already written one of the most recognizable compositions in modern jazz. “Moanin’,” first recorded by Blakey and the Jazz Messengers, became an instant classic and was later inducted into the GRAMMY Hall of Fame. The tune gained a second life when Jon Hendricks added lyrics, with vocalists including Sarah Vaughan helping turn it into a standard. Along with “Dat Dere” and the title track “This Here,” those songs helped establish Timmons as one of the architects of soul jazz, a pianist whose church rooted groove could swing hard while speaking directly to the listener.

(Available April 24, 2026)

Related Reading:

Looking for the most recent Mini Crossword answer? Click here for today’s Mini Crossword hints, as well as our daily answers and hints for The New York Times Wordle, Strands, Connections and Connections: Sports Edition puzzles.

Need some help with today’s Mini Crossword? It’s a long one, as always on Saturday. Read on for all the answers. And if you could use some hints and guidance for daily solving, check out our Mini Crossword tips.

If you’re looking for today’s Wordle, Connections, Connections: Sports Edition and Strands answers, you can visit CNET’s NYT puzzle hints page.

Read more: Tips and Tricks for Solving The New York Times Mini Crossword

Let’s get to those Mini Crossword clues and answers.

Mini across clues and answers

1A clue: Bird with keen eyesight
Answer: HAWK

5A clue: With 8-Across, helpful comment to an oblivious video call participant
Answer: YOURE

6A clue: Scooby-Doo or Air Bud
Answer: PETDOG

7A clue: Sticky notes
Answer: POSTITS

8A clue: See 5-Across
Answer: ONMUTE

9A clue: Protective layers over skin wounds
Answer: SCABS

10A clue: Roosters’ mates
Answer: HENS

Mini down clues and answers

1D clue: Places to find some small jets
Answer: HOTTUBS

2D clue: Reviews, as taxes
Answer: AUDITS

3D clue: Texted or emailed, e.g.
Answer: WROTE

4D clue: Barrels of beer
Answer: KEGS

5D clue: Overagreeable underling
Answer: YESMAN

6D clue: Spanish conquistador ___ de León
Answer: PONCE

7D clue: Swanky, like a certain Spice Girl
Answer: POSH

Nintendo filed a lawsuit against the U.S. government on Friday over its extraction of tariffs from global businesses. The gaming giant is seeking a refund for any duties it paid due to President Donald Trump’s executive orders that invoke the International Emergency Economic Powers Act (IEEPA).

This lawsuit, filed in the U.S. Court of International Trade, comes after a Supreme Court decision struck down the tariffs that the president imposed under IEEPA, arguing that he exceeded his authority. More than a thousand other companies have already sued for refunds on the tariffs that they pay; according to Nintendo’s complaint, viewed by TechCrunch, these tariffs have resulted in the collection of over $200 billion on imports in total.

“We can confirm that we have filed a request,” Nintendo told TechCrunch in a statement. “We have nothing else to share on the topic.”

In response to the Supreme Court’s decision — which he called “extraordinarily anti-American” — President Trump raised tariffs from 10% to 15%. Now, 24 states have sued to argue that the president has once again overstepped the limits of his power by making this change.

With $5.5 trillion in global AI risk exposure and 700,000 U.S. workers needing reskilling, four new AI certifications and Certified CISO v4 help close the gap between AI adoption and workforce readiness

EC-Council, creator of the world-renowned Certified Ethical Hacker (CEH) credential and a global leader in applied cybersecurity education, today launched its Enterprise AI Credential Suite, with four new role-based AI certifications debuting alongside Certified CISO v4, an overhauled executive cyber leadership program.

The dual launch is the largest single expansion of EC-Council’s portfolio in its 25-year history. It addresses a structural gap no single tool, platform, or policy can solve alone: AI is scaling faster than the workforce trained to run, secure, and govern it.

The launch aligns with U.S. priorities on workforce development and applied AI education outlined in Executive Order 14179, the July 2025 AI Action Plan’s workforce development pillar, and Executive Orders 14277 and 14278, which emphasize expanding AI education pathways and building job-relevant skills across professional and skilled-trade roles, at a time when organizations are moving AI from pilot projects into everyday operations and decision-making.

That urgency is visible in both economic exposure and workforce capacity. IDC estimates that unmanaged AI risk could reach $5.5 trillion globally, while Bain & Company projects a 700,000-person AI and cybersecurity reskilling gap in the United States.

The International Monetary Fund (IMF) and the World Economic Forum (WEF) have also pointed to workforce readiness, rather than access to technology, as a primary constraint on AI-driven productivity and growth, especially as adoption accelerates across sectors.

Security pressure is rising in parallel with adoption. Eighty-seven percent of organizations report AI-driven attacks, and generative AI traffic has surged by 890 percent, expanding attack surfaces that many teams are still learning how to defend, while AI capability remains concentrated, with 67 percent of AI talent located in just 15 U.S. cities and women representing only 28 percent of the AI workforce, highlighting persistent access and participation gaps as demand increases.

“AI is moving from experimentation to infrastructure, and the workforce has to move with it,” said Jay Bavisi, Group President, EC-Council. “These programs are built to give professionals practical capability across adoption, security, and governance, so organizations can scale AI with confidence and clear accountability.”

Role-Aligned Certifications

The Enterprise AI Credential Suite is structured to mirror how AI capability is developed in practice. Artificial Intelligence Essentials (AIE) serves as the baseline, building practical AI fluency and responsible usage across roles, and it is supported by EC-Council’s proprietary Adopt. Defend. Govern. (ADG) framework, which defines how AI should be operationalized at scale in real environments.

Adopt: Prepare teams to deploy AI deliberately, with readiness and safeguards

Defend: Secure AI systems against threats such as prompt injection, data poisoning, model exploitation, and AI supply-chain compromise

Govern: Embed accountability, oversight, and risk management into AI systems from the outset

Within this structure, the four new certifications align directly to specific workforce needs across the AI lifecycle.

• Artificial Intelligence Essentials (AIE) builds foundational AI literacy.

• Certified AI Program Manager (CAIPM) equips to translate AI strategy into execution, aligning teams, governance, and delivery to drive measurable ROI and enterprise-scale intelligence.

• Certified Offensive AI Security Professional (COASP) builds elite capabilities to test vulnerabilities in LLMs, simulate exploits, and secure AI infrastructure hardening enterprises against emerging threats.

• Certified Responsible AI Governance & Ethics (CRAGE) credential focuses on Responsible AI, Governance and Ethics at enterprise scale with NIST/ISO compliance.

Alongside the new AI certifications, Certified CISO v4 updates executive cyber leadership education for AI-driven risk environments, strengthening leadership readiness as intelligent systems become part of core business operations and security decision-making.

“Security leaders are now accountable for systems that learn, adapt, and influence outcomes at speed,” Bavisi added. “Certified CISO v4 prepares leaders to manage AI-driven risk with clarity, strengthen governance, and make informed decisions when responsibility is on the line.”

The portfolio also builds on EC-Council’s long-standing work with government and defense organizations, including its existing DoD 8140 baseline certification recognition, as AI security and workforce readiness take on greater national importance.

To explore the full range of training and certification opportunities, visit the EC-Council AI Courses library.

About EC-Council:

EC-Council is the creator of the Certified Ethical Hacker (CEH) program and a leader in cybersecurity education. Founded in 2001, EC-Council’s mission is to provide high-quality training and certifications for cybersecurity professionals to keep organizations safe from cyber threats. EC-Council offers over 200 certifications and degrees in various cybersecurity domains, including forensics, security analysis, threat intelligence, and information security.

An ISO/IEC 17024 accredited organization, EC-Council has certified over 350,000 professionals worldwide, with clients ranging from government agencies to Fortune 100 companies. EC-Council is the gold standard in cybersecurity certification, trusted by the U.S. Department of Defense, the Army, Navy, Air Force, and leading global corporations.

For more information, visit: www.eccouncil.org

Sponsored and written by EC-Council.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit.

As Google Threat Intelligence Group (GTIG) researchers revealed earlier this week, Coruna uses multiple exploit chains targeting 23 iOS vulnerabilities, many of which were deployed in zero-day attacks.

However, the exploits will not work on recent versions of iOS and will be blocked if the target is using private browsing or has enabled Apple’s Lockdown Mode anti-spyware protection feature.

Coruna provides threat actors with Pointer Authentication Code (PAC) bypass, sandbox escape, and PPL (Page Protection Layer) bypass capabilities, and enables them to gain WebKit remote code execution and escalate permissions to Kernel privileges on vulnerable devices.

GTIG observed the exploit kit being used by multiple threat actors last year, including a surveillance vendor customer, a suspected Russian state-backed hacking group (UNC6353), and a financially motivated Chinese threat actor (UNC6691).

The latter deployed it on fake gambling and crypto websites and used it to deliver a malware payload designed to steal infected victims’ cryptocurrency wallets.

Mobile security firm iVerify also said that Coruna is an example of “sophisticated spyware-grade capabilities” that migrated “from commercial surveillance vendors into the hands of nation-state actors and, ultimately, mass-scale criminal operations.”

On Thursday, CISA added three of the 23 Coruna vulnerabilities to its catalog of Known Exploited Vulnerabilities, ordering Federal Civilian Executive Branch (FCEB) agencies to secure their devices by March 26, as mandated by the Binding Operational Directive (BOD) 22-01.

“Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable,” CISA warned.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.”

Although BOD 22-01 applies only to federal agencies, CISA urged all organizations, including private sector companies, to prioritize patching these flaws to secure their devices against attacks as soon as possible.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report