Apple’s largest memory suppliers are being sued in California, with consumers and small businesses alleging Samsung Electronics, SK hynix and Micron coordinated DRAM production cuts that drove up memory prices.

Apple isn’t accused of wrongdoing in the lawsuit. Samsung, SK hynix and Micron supply memory used across Apple’s hardware lineup, putting the dispute much closer to customers than it might first appear.

The company has already raised prices on several Mac, iPad and other products after saying higher RAM and storage costs had become too expensive to absorb. Court filings argue coordinated DRAM production cuts contributed to those higher costs, though the plaintiffs still have to prove that claim.

Court filings argue the shift reduced supplies of mainstream DRAM, including DDR3 and DDR4, and drove prices higher across the market. The allegations haven’t been proven, and Micron denied the claims and said it will defend itself, according to Investor’s Business Daily.

The lawsuit targets the AI memory shift

The complaint centers on DRAM, the working memory used in computers, smartphones, tablets, servers and many other electronic devices. Samsung, SK hynix and Micron dominate the global DRAM market, giving them enormous influence over memory supply.

Counterpoint Research said Samsung held a 38% share of global DRAM revenue during the first quarter of 2026, followed by SK hynix at 29% and Micron at 22%. Plaintiffs argue that concentration is central to the lawsuit because a competitive commodity market would normally encourage at least one supplier to expand production as prices rise.

Instead, the complaint alleges Samsung, SK hynix and Micron shifted manufacturing capacity toward HBM, which commands much higher prices from AI companies. Companies are free to pursue more profitable products, and that business decision isn’t illegal by itself.

The lawsuit ultimately turns on whether Samsung, SK hynix and Micron coordinated those production decisions or reached the same conclusion independently. Antitrust law prohibits agreements among competitors, not similar business decisions driven by the same economic incentives.

Why Apple customers should care

Apple has spent months navigating the same memory market pressures described in the lawsuit. Industry analysts have widely attributed rising RAM and storage prices to AI demand, and the company cited higher component costs when it raised prices on some hardware.

Industry analysts have widely attributed rising RAM and storage prices to AI demand

Plaintiffs argue coordinated supply restrictions offer a competing explanation for those higher memory costs. The companies maintain they independently responded to the same market conditions.

Court-ordered discovery could become the most important stage of the case if the lawsuit survives early legal challenges. Emails, production plans and other internal records could show whether Samsung, SK hynix and Micron coordinated production decisions or acted independently.

The DRAM industry has faced price-fixing cases before

The lawsuit arrives against the backdrop of earlier DRAM antitrust cases. Samsung and Hynix pleaded guilty in the 2000s to participating in a DRAM price-fixing conspiracy investigated by the U.S. Department of Justice.

Samsung agreed to pay a $300 million criminal fine in 2005, and Hynix agreed to pay a $185 million criminal fine that same year. Several executives also received prison sentences for participating in that conspiracy.

The earlier convictions don’t establish that Samsung, SK hynix or Micron violated antitrust law in this case. The earlier cases do show the DRAM industry has faced similar allegations before, adding context as the current lawsuit moves through the courts.

A new Supreme Court ruling will require police to have probable cause before using sweeping geofence warrants that rely on people’s personal location data to find criminals.

Police subpoena Apple, Google, and other tech companies for precious user location data using so-called “geofence warrants,” which can serve as a dragnet to catch a single criminal while implicating many others. The Supreme Court says this method is no longer an option without probable cause.

According to SCOTUSblog, breaking down the ruling, a geofence warrant meets the criteria of a “search” as defined by the Fourth Amendment. Simply put, this means that anyone included in a warrant must be there with a reason.

In short, dragnet-style searches with no suspects identified by other evidence will no longer be an option except in very specific circumstances.

That isn’t to say user location data is off-limits for law enforcement. A subpoena to Apple or Google with an individual’s identity that is reasonably suspected of a crime with evidence gathered from other sources remains legal and viable.

There’s also the option of using geofence warrants when tracking a group of criminals or trying to find associates of a known criminal. Of course, warrants will need to be provided on a case-by-case basis.

Previously, law enforcement would simply ask for the location data of everyone that was within an area for a select period of time even when a suspect wasn’t known. If you happened to be passing by, you could be implicated for no reason other than being there with a smartphone.

The Supreme Court has ruled 6-3 that this violates the Fourth Amendment.

Justice Elena Kagan wrote that “an individual has a reasonable expectation of privacy in records about his cell phone’s location, and police intrude on that constitutionally protected interest when they demand the information — even though for only a limited time, and from a third-party tech company.” In other words, suspects will have to be identified using other means.

According to Harvard Law Review, Google was served with more than 11,500 warrants across 2020 for sweeping geofence searches. With this ruling, that number will now be zero without cause for every individual affected by the search.

Robbing a bank with a smartphone

The reason the Supreme Court shared this ruling today is due to a case from 2019 involving a bank robbery. A man escaped with nearly $200,000 and the police had zero suspects. The “zero suspects” bit is key to the ruling.

A geofence warrant was sent to Google, and the company provided 19 accounts that were within 150 meters of the bank robbery spanning that hour. Law enforcement narrowed it down to 9 accounts and requested location information for 2 hours surrounding the robbery.

The results were narrowed to three individuals — one was a man named Okello Chatrie. The location data led police to a residence with nearly $100,000, a gun, and demand notes.

The individual was arrested and pled guilty. However, Chatrie still argued that his Fourth Amendment rights were violated. After two escalating appeals on opposite sides of the issue, the case was pushed up to the Supreme Court.

With Monday’s ruling, Chatrie’s case isn’t over. It is being passed back down to the Circuit Court to determine if the police had reason to access the location data.

Regardless of that outcome, know that your location data is protected by a constitutional right. Police will need more than “wrong place, wrong time” tactics to find suspects in the future.

Apple is contesting a ruling that would force it to pay Optis $502 million for LTE patent infringement, but the UK Supreme Court has yet to reach a verdict.

The legal battle between Apple and Optis goes back to February 2019, and there’s still no end in sight all these years later. Apple was accused of infringing upon Optis’ LTE patents, which ultimately led to lawsuits in both the United Kingdom and the United States.

The latter case resulted in Apple’s victory, as it avoided paying Optis $300M in damages in February 2026. The outcome of the UK lawsuit, however, isn’t quite as clear-cut.

As spotted by 9to5mac and reported by The Financial Times, Apple now wants the UK Supreme Court to overturn a 2023 Court of Appeal ruling that would force it to pay Optis $502 million.

Initially, Apple was only supposed to pay $56 million, as decided by the High Court in London. Later, the Court of Appeal increased that amount to $502 million by using Optis’ deal with Google as a baseline and adding royalties dating back to 2013.

Apple, however, claims the increase was “arbitrary” and that the Court of Appeal “erred in law.” The outcome of the UK lawsuit remains to be seen, but the case could drag on for years to come.

Apple vs. Optis: The progression of the UK lawsuit

Back in 2020, the UK Supreme Court ruled that UK courts can set the payment rate for patents worldwide, even though the court can only consider the infringement of UK patents. This was good news for Optis, as it was free to seek more damages from Apple.

Optis claims that Apple violated its patents on LTE technology.

Advertisement

In July 2021, Optis wanted to force Apple into paying $7 billion in damages, along with a global royalty rate. Apple called the fee “commercially unacceptable” and threatened to leave the UK market if it was forced to pay such a high amount.

Later, in March 2022, the London High Court declared that Apple infringed two 4G patents held by Optis, which it described as “standard essential patents.”

Apple tried to argue that none of the patents were essential, and said it hadn’t committed any infringement. Still, its appeal was ultimately denied in July 2023.

Instead of the $7B sought by Optis, the London High Court said Apple had to pay only $56.43 million. However, Optis filed an appeal, which was ultimately successful. A $502 million fine was imposed by the UK Court of Appeal in May 2025.

This amount represents a lump sum covering 2013 to 2027, and was supposed to serve as a global license to use Optis LTE patents in the iPhone, Apple Watch, and other devices.

“[We are] pleased the UK Court of Appeal has recognized and corrected a clearly flawed prior ruling,” an Optis spokesperson told AppleInsider at the time, “and has made meaningful progress toward affirming the true value of our patents to Apple devices.”

Now, however, it’s up to the UK Supreme Court to decide just how much Apple will have to pay.

AI-related job loss fears grow each time another company announces a round of layoffs. Through May of 2026, companies announced that close to 90,000 job cuts were tied to AI, and, by some accounts, up to 15% of U.S. jobs are projected to be eliminated by AI over the next five years. Promises from the tech industry that AI will also create new jobs does little to ease fears, especially for the generation wondering if anyone will be hiring when they graduate. 

A recent report from Ramp and Revelio Labs, which track enterprise AI spend and workforce records from nearly 22,000 companies, respectively, complicates that gloomy narrative. 

The report found that companies spending heavily on AI are growing headcount faster, even in the entry-level roles that many fear are doomed. According to the report, “high-intensity adopters” — firms that spend on average $30 per employee per month on AI in the first three months — saw headcount increase 10.2%.

Headcount also rose across functions, including engineering, sales, administration, customer service, finance, marketing, and scientist roles. The strongest job growth among high-intensity adopters was in the information sector, which includes software, internet, media, and tech-adjacent firms. 

Despite these positive signals, the data isn’t as rosy as it seems. It skews heavily towards tech-forward, knowledge-work firms — ones that might have VC-backing and are growing fast anyway, making it difficult to say whether AI is contributing to the hiring or just showing up at companies that are expanding anyway.

“This paper does not show that AI universally creates jobs,” the paper’s authors admit, “but it does counter claims that AI will lead to broad job losses.”

It also counters claims that AI is killing all junior jobs. Recent research from Goldman Sachs found that AI has already erased about 16,000 net jobs per month over the past year, with Gen Z and entry level workers taking the brunt of the burden. But in tech-forward firms, the report finds that entry-level headcount actually rose by 12%.

So what can we take away from this? Perhaps that AI isn’t always a tool for labor substitution, but that it can be a tool for firm-expansion instead. 

“For software and technology firms, AI can make core output cheaper or faster to produce: writing code, debugging, building internal tools, producing technical documentation, and supporting product development,” the report reads. “Lower production costs in these workflows can raise the return to expanding the whole firm, not just the engineering team.”

But companies that buy subscriptions and run pilots, yet did not go on to make sustained investments, don’t tend to see any gains in headcount, per the report. 

That sets up the potential for a widening gap between firms that have the resources — like capital, technical staff, founder networks, and management bandwidth — to turn AI adoption into actual business gains and those that are stuck experimenting with subscriptions. In other words, this report suggests that firms that already have the resources are the ones who will see the largest gains. 

The paper’s authors speculate such a divide may continue to grow, saying: “Firms without those channels may fall behind.”

If you need to securely connect to your Mac desktop at home while on the move, Tailscale may be the answer. Here’s how to get started.

One of the main benefits of having a gigabit-class Internet connection is being able to connect to your home devices from outside the home. If you need a file from a home fileserver, you have tons of bandwidth so you know you can get it remotely, quickly.

However, while having the bandwidth is good, establishing the connection in the first place can be a problem.

In the old days, that used to simply mean setting up port forwarding on your router and connecting to a specific IP, or an address if you had set up a dynamic DNS service beforehand.

But with the rising use of Carrier-Grade NAT (CGNAT), this won’t work anymore. If you’re using an app like Jellyfin that lets you stream media outside the home, CGNAT will screw that up completely without something managing your connection.

Then there are the problems associated with firewall configuration, and many other small security and privacy-related things to consider. It quickly becomes a mountain of issues to mitigate.

What you ideally need is a way to connect your devices together that also handles most of the issues for you. Tailscale is one good answer.

What is Tailscale?

Tailscale describes itself as a “Zero Trust identity-based connectivity platform” that can replace a VPN, SASE, and PAM. That’s a lot of buzzwords in a sentence, but it is primarily pitched as an enterprise tool, not really a consumer app.

An example of a three-device setup in Tailscale’s macOS client.

It is a way to create a private mesh network between your devices, or more simply, so your devices can communicate directly with each other. Once set up, your iPhone could connect to your Mac over a cellular connection, or to a computer in a completely different country, all treated as if it’s on the same “local” network.

These connections are peer-to-peer and encrypted, protecting your privacy and your data in transit. As it’s an encrypted mesh network, the communications are also peer-to-peer, as direct as possible between your devices, without using an intermediary host server.

You’re not using a VPN server itself. Instead, it’s a direct connection between computers.

What can you do with Tailscale?

The whole point of Tailscale is to establish a network that’s somewhat similar to your home or office network between devices. Even if they’re not on the same physical network.

Tailscale refers to this as a Tailnet.

At a bare minimum, that means you can connect to a server while remote to access files, or to upload them. This is a fairly useful service for home users.

Tailscale’s web admin view. Devices on a Tailnet are listed, alongside 100-range iP addresses assigned to that hardware.

Advertisement

Since there’s file sharing, you could also use it for facilities such as remote access. You could control your at-home Mac while away from home, knowing full well it’s protected.

Both of these use cases also apply to business users, who could work from home as well as being out of the office on a trip.

You can also treat Tailscale like a hyper-personalized VPN service. You can designate a computer, like a home Mac, as an “exit node” that acts as a gateway to the Internet for devices on the Tailscale network.

That means you could be sat in a cafe on public Wi-Fi, connecting using Tailscale to your Mac to access the Internet via your home connection, all while encrypted.

How does Tailscale work?

Tailscale is all based on the idea of getting devices within a group to communicate with each other, even if there are obstacles in the way.

It all starts by having an account set up and clients installed on your devices. There are clients for macOS and iOS, as well as Windows, Linux, and Android.

The base of the platform is WireGuard, which creates encrypted tunnels between devices. This is normally between the user’s device and a VPN gateway or server, but in this case it’s between devices.

Rather than using a central hub server that all traffic is ferried through, the client devices connect to each other directly as a mesh network.

To actually set up the connections in the first place, as well as the encryption key exchange, the clients do connect to a central coordination server. However, that is only a minimal connection to establish communications, as the mesh network itself handles the data transfers.

The central communications server is also important as it is a place for the clients to contact that is a known quantity. With firewalls, CGNAT, and other things getting in the way, it’s to be assumed that the user doesn’t know what stands in the way of the connection itself.

Tailscale uses this as an opportunity to traverse the network obstacles between the clients, regardless of what connection they’re using. In some cases, it uses standards like STUN, ICE, and Designated Encrypted Relay for Packets (DERP) to keep things running.

How to get started with Tailscale

The first thing to do is to download and install the Tailscale client onto your devices. It is easiest to set up the account on a Mac, but install the iOS client on your iPhone too.

Go to the sign-up page, select Personal, and use one of the existing identity provider services. That is, use the links for Google, Microsoft, Apple, or GitHub.

You will need to set up under a public domain email account, for example, Gmail or iCloud.com, to be enrolled into the Personal plan automatically.

If you use a custom domain, you’ll be enrolled into the Enterprise plan for a 14-day trial. However you can also opt out of the trial and go onto the Personal plan anyway, through the service’s administration console.

The Personal plan, which is for individuals, is a free account for an unlimited number of devices and up to six users. For most home users, this is the one you will want to use.

The paid plans start from $8 per user per month for the Standard, rising to $18 for Premium, and custom pricing for enterprise customers. There are a number of paid add-ons you can also get, but most home users won’t need to touch these at all.

Adding the first device to Tailscale

The online signup will pause after authentication on a screen, requiring you to set up a first device. Open your Mac client and click Get Started.

You’ll be asked to allow VPN configuration. Click Allow VPN Configuration, then on the popup, click Allow to permit Tailscale to make changes.

In the Menu Bar, select Tailscale, then Settings. Click Add Account, which will open a browser for authentication via the same service as the initial registration.

When asked to Connect Device, click Connect. You’ll also be asked if you want to start on log-in, which you should agree to, or face starting it manually each time.

At that point, you will be informed that your device is set up for your Tailscale account, that you can find other network devices in the Menu Bar, and you can connect to them using specially designated IP addresses.

The browser will hint that you should set up and connect a second device. Do this now, using the appropriate app.

Tailscale on iPadOS

The authentication on iOS and iPadOS is relatively similar to macOS, in that you’re asked to configure VPN settings and notifications. After that, you sign in with your authentication details once more.

In the browser, you’ll be asked to test the connection between devices. Copy the ping command and paste it into Terminal, and ensure there’s no packet loss.

Click “Success, it works!”

At this point, you will have two or more devices connected using Tailscale’s Tailnet and communicating with each other.

Tailscale basics

Once you have established your Tailnet, you can immediately do a few things.

For a start, open the Tailscale app to see your account-connected devices, designated Tailnet IP addresses, and other essential information.

You can also get some of this information from the Menu Bar in macOS.

The apps include a function known as Taildrop, which you can think of as AirDrop but just for your Tailnet. You can select a file to send to another device, and it will transfer over automatically.

Tailscale’s presence in the macOS Menu Bar.

Since you also have access to IP addresses, you can also use them in network applications to connect to other devices on the Tailnet.

For example, you can use the Files app on an iPhone and use the Connect to Server with that IP address to access shared files on your Mac.

Another thing you can do is set your Mac as an Exit Node, which can funnel the Internet connections of other Tailnet devices through it like a private VPN.

On the Tailscale app on the Mac, select Exit Nodes to view any already set up on the network. If none are available, click the Settings icon then, under Exit Nodes, check Run as exit node then Ok on the warning box.

Tailscale macOS client settings include options to launch at login and to set the Mac as an Exit Node.

Go to the Admin Console, which opens in a browser window. Select the Mac, which also has the blue Exit Node status icon. Under Routing Settings, click Edit under Exit Node Awaiting approval.

Add the checkmark to Use as exit node and click Save.

In the Tailscale app on another device, select Exit Node. In the options, select your Mac to immediately reroute your traffic.

To stop the connection, tap Disable.

This is a very simple overview of using Tailscale as a personal user. But, it’s something that has a considerable number of features, if you’re prepared to dig deeper.

It is an enterprise tool at heart, after all.

The vast majority of these extra tools are handled in the admin console, in the browser. This includes setting up and managing users and changing settings for individual devices, at the more basic end of things.

However, you can go down the route of setting up DNS settings, network services, access to third-party SaaS apps, and connecting to cloud providers. Access controls and logs will also help you manage your virtual network here, too.

For AI researchers, Tailscale has Aperture in beta, which is a reverse proxy going between LLM clients and providers like OpenAI and Anthropic. It can be used to automatically ferry the right requests through to the right service, which could result in more accurate or suitable responses or reduced spending.

There’s a lot more beyond the scope of this article that an advanced user can go into. While most won’t necessarily care about these more technical aspects of Tailscale, it’s nice to know that there are options to tweak it to fit your exact networking needs.

Federal authorities are offering a reward of up to $10 million for information leading to the identification or location of a Russian state cyber group that has compromised thousands of Signal and WhatsApp accounts belonging to investigative reporters and US government employees.

The operation has been active since at least March, when the FBI published an advisory warning of ongoing phishing campaigns targeting high-value targets by attackers associated with Russian intelligence services. Messages masquerading as automated support communications ask that users click a link or provide verification codes or account passcodes. In the event the user complies, they unknowingly link the attacker’s device to their account or have their account completely taken over and are locked out.

Advertisement

Thousands of accounts already compromised

With that, the attackers can read any new messages sent to the compromised account. A safety feature built into Signal, however, prevents the attackers from reading any previous conversations. The messages are sent to “individuals of high intelligence value, such as current and former US government officials, military personnel, political figures, and journalists.”

Last week, the FBI published an update that said the campaign had evolved. In addition to trying to post as support bots trying to trick recipients into linking their account to an attacker device, the messages also urge users to create a backup of all previous communications following the directions here. A follow-up message then instructs the targets to send the long passcode that’s used to encrypt backups stored on Signal servers. With that, the attackers have access to past Signal conversations. The update said two Russian government groups responsible were tracked as UNC5792 and UNC4221.

One message has text similar to this:

Signal is here

Recently, attempts to hack users of our messenger with the connection of third-party devices to the account have become more frequent.

Advertisement

An investigation conducted jointly with the US government and European partners revealed that the attacks on accounts were carried out by hackers from Iran and post-Soviet countries.

In this regard, Signal updates Terms of Service & Privacy Policy, and introduces Mandatory Two-factor Verification for users.

Not to lose your messages and media, set up your Signal Backup (Settings -> Backups -> Enable backups -> View recovery key -> Copy to clipboard -> Next -> Enter the recovery key -> Next -> Continue -> Choose your backup plan).

Click the “Accept” button in the pop-up and stay tuned for security updates on our messenger.

Advertisement

Stay safe and thank you for using the most secure messenger with end-to-end encryption.

If you have any questions, send /help

Other text looks like this:

AI + ML

If you want a picture of the future of LLM security, imagine Whac-a-Mole meets Groundhog Day

Researchers say that machine learning models cannot reliably distinguish between authorized and unauthorized input, ensuring that prompt injection will continue to present a threat until developers find new ways to have machine learning systems process inputs.

AI models provide responses to user-supplied prompts. The problem is that AI models may receive adversarial prompts – directly from a user or indirectly from an ingested document – that tell the model to take action contrary to its built-in system prompt.

Various techniques mitigate prompt injection, but defenders have not found ways to prevent such attacks. 

According to independent researchers Charles Ye and Jasmine Cui, and MIT associate professor Dylan Hadfield-Menell, no one is likely to do so under the current fragile LLM security model.

As they observe in a paper titled “Prompt Injection as Role Confusion” in the proceedings of next week’s ICML 2026 conference, LLMs have come to rely on a text tagging system that defines “roles” to separate system text from user text. And roles, they argue, do not guarantee security.

“Role tags were a formatting trick that became the security architecture and the cognitive scaffolding of modern LLMs,” the authors explain in a blog post. “We’ve shown that this architecture doesn’t survive into the model’s actual representations, and that such role confusion is linked to prompt injection.”

When OpenAI’s ChatGPT arrived in 2022, it implemented the concept of roles – described by Anthropic a year earlier – as a way to tell the underlying model to behave in a certain way. The user role would make a request and the model, acting in the role of a helpful assistant, would respond to that request.

“A formatting trick had become the mechanism that turned autocomplete into an assistant,” the authors observe.

Developers introduced other roles over time. In addition to and , there’s , , and . These roles served to draw a line between different objectives so they could be individually optimized during the training process. Model makers want to balance conflicting objectives like being helpful and preventing harm, and this involves role distinctions.

But roles, the researchers say, have become overloaded with responsibilities they cannot reliably carry out. They’ve become like a fuzzier version of permission levels, determining how prompts are trusted and treated.

The problem, the authors contend, is that roles are determined in a fundamentally insecure way: writing style.

“LLMs identify roles from an insecure feature (style),” they explain. “This is like identifying a stranger’s profession from how they talk and dress rather than by checking their ID. Usually everything agrees, so this works fine. But when attackers intentionally create a mismatch, the LLM uses the insecure method (writing style) to identify its role instead of the secure method (tags).”

The authors developed an attack called CoT (Chain of Thought) Forgery that involves using an LLM to spoof the terse style of OpenAI mode and add that to the prompt. The technique won the 2025 OpenAI Kaggle red-teaming contest.

“We asked a bunch of LLMs how to synthesize cocaine, inserting fake reasoning that says it’s fine because we’re wearing a green shirt,” the authors explain. “The LLMs comply. The rationale is transparently dumb, but the models don’t evaluate it as an external claim to be scrutinized. They treat it as their already-reached conclusion, and simply act on it. We’ve stolen the trust given to the role.”

On a standard jailbreaking benchmark, they say, CoT Forgery took the attack success rate from near zero to about 60 percent on the models tested. And whereas most jailbreaks are fragile and work only for certain models, this one transferred because it exploits a structural flaw. It’s not attempting to persuade the model but duping the model into treating the request as something that’s already settled.

The authors also note that while many models report near-perfect safety scores on prompt-injection benchmarks, human red-teamers achieve attack success rates close to 100 percent.

“The discrepancy is straightforward: skilled humans test and adapt attacks until they work, benchmarks don’t,” they state. “Static benchmarks measure attacks models have already learned to catch.”

Roles, the authors argue, deserve more attention from the research community because they’ve become one of the most important abstractions in the AI stack.

“Unless LLMs achieve genuine role perception, we think injection defense will remain a perpetual whack-a-mole game,” they conclude. “And the continuous nature of role boundaries opens the threat of injections designed to subtly shift LLM states through seemingly innocuous text, legally and at scale.” ®

Smartphones are welcoming the agentic AI overlords.