At IO-AI Tech, a startup about 45 minutes north of downtown Shenzhen, China, I glimpsed a wacky new frontier of blue-collar work. Workers wearing the company’s VR headsets, handheld controllers, and motion-tracking gear remotely control humanoid robots for workplaces like factory floors and convenience stores. The company wants the robots to do useful work, like stocking shelves and picking items out of bins, but it also wants to gather training data that could one day let the bots operate autonomously.
To show off the tech, the company invited me to its offices, where I was allowed to control 10 humanoid robotic hands, each from a different company, using a custom motion-tracking glove. The device instantly transferred my finger movements to all 50 robotic digits.
I’m a little embarrassed to say that the first thing I tried with this futuristic gear was getting all 10 hands to flip the bird. After getting this out of my system, I was impressed by how quickly my movements transferred to the robot hands, and how easily the tech went both ways—I was able to feel a ball placed in one of the electronic hands.
Courtesy of Will Knight
Advertisement
The company also let me try a system that’s being tested by a Chinese convenience store chain. Using a VR headset and a pair of grippers, I tried picking up boxes of medication from a shelf. It was disorienting at first: I had to adjust to a slight difference between my movements and those of the robot I could see through the headset. After a little practice, however, I was stacking shelves like a robot-boss.
Elsewhere, I watched people wearing virtual reality headsets and body-tracking sensors reminiscent of Ready Player One. In one large room, I saw workers using a range of different systems to control diminutive Unitree humanoids. One person marched around with a Unitree robot next to them, and the machine mirrored their movements within a mocked-up apartment. The human operator, wearing a headset and viewing the scene through the robot’s eye-level cameras, went through the motions needed to remove a shirt from a hanger and fold it.
IO-AI develops technology that transfers a person’s movements to different robot forms—a useful offering because there are dozens of different humanoids and robot hands on the market in China today. The startup’s algorithms also need to combine human control with some level of autonomy because a person and a robot aren’t always going to be the same shape, size, and weight. Without some ability to move independently, the robot may lose its balance.
wiredmikey shares a report from SecurityWeek: Microsoft on Wednesday published an advisory acknowledging the public disclosure of a vulnerability in Defender that could lead to privilege escalation. The security defect, tracked as CVE-2026-50656 (CVSS score of 7.8), was dropped last week by security researcher Nightmare Eclipse (also known as Chaotic Eclipse). “We are working to provide a high-quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available,” Microsoft adds.
RoguePlanet, Nightmare Eclipse explained last week, targets a race condition in Microsoft Defender and allows attackers to gain System privileges. The researcher released a proof-of-concept (PoC) exploit that demonstrates local privilege escalation (LPE) on Windows 11 and Windows 10 systems with the June 2026 patches installed. […] On Wednesday, Nightmare Eclipse pointed out that the PoC works regardless of whether Defender’s real-time protection is enabled or disabled. It may even work in passive mode, the researcher said.
Tesco is also dealing with migration challenges related to data security because its new, unnamed virtualization software is incompatible with the Veeam and Zerto products it uses.
“Manifestly unfair and excessive” price hike
Tesco initially requested at least 100 million pounds (about $133.6 million) in damages each from Broadcom, VMware, and reseller Computacenter, plus interest.
In its recent filings, Tesco said it turned down at least four offers from Broadcom to continue using VMware and Broadcom’s mainframe tech. One offer charged $23.5 million (about 17.6 million pounds) for VMware Cloud Foundation 9.0 and mainframe software and support services for a year, The Register reported. Tesco said that was “around 175 percent” more expensive than what it believes it should have had to pay for VMware and a 350 percent price hike for the mainframe offerings. The prices were “manifestly unfair and excessive,” one of Tesco’s filings said, according to The Register.
In an amended defense, Broadcom denied that the price hike was unfair, The Register reported. Additionally, Broadcom argued that it shouldn’t have to pay damages in relation to Tesco struggling to find VMware and Broadcom alternatives before Tesco’s support expired, as the retail firm has since found replacement products.
Advertisement
The case is expected to go to court between November 1, 2027, and February 25, 2028, The Register reported. Afterward, it could go to trial.
Still, virtualization rivals, like Hewlett Packard Enterprise and Nutanix, have been making aggressive pushes to attract disgruntled VMware users.
Simultaneously, Broadcom has stuck to its VMware strategy and has reported financial success, especially among its target of large enterprises. It has also dealt with other public legal disputes with large customers, including AT&T, with which it reached an undisclosed settlement, and Siemens, which Broadcom accused of software pirating in an ongoing case in the US District Court for the District of Delaware.
Audiophiles all know everything sounds better fed through vacuum tubes, but did you know visualizers look better with them, too? That’s what we’re forced to conclude looking at the Tachyscope Laser, a 360-degree oscilloscope display that is [Daniel Ross]’s entry into the ongoing Frikkin Lasers contest.
The diagram makes it look easier than building it probably was.
The laser is a good old-fashioned helium–neon tube — something we see less and less of in this era of solid state lasers — and the wavelength gives the waveform display a retro charm. The actual display is unique in our experience, with the beam shining up through a hollow shaft to bounce off a galvanometer mirror on a spinning platform. Galvo sweeps the laser across a translucent target, which creates the waveform by persistence of vision as it spins at 100 RPM or so.
Does the fact that the audio signal feeds through a tube amp to drive the single galvanometer actually improve the visuals? Only in the sense that those tubes make the steampunk-style enclosure look really, really cool, as does the exposed laser tube. That all of the steampunk elements obviously have a point to them rather than just being a another “glue some gears on it” project is icing on the laser-flavored cake.
The contest runs until July 23rd, so there’s lots of time to get laserin’ — and remember that there are categories for DIY lasers and anything that isn’t a display, just in case you think this project puts the bar too high for a light show. We’ve actually featured one of [Daniel]’s tachyscope waveform visualizers before, but that one, madly enough, spun an actual CRT.
CCS Insight expects global smartphone shipments to fall 15% this year as AI-driven demand pushes memory manufacturers toward higher-margin server chips. “[S]ome entry-level devices have already seen their sticker prices go up by more than 50 percent since last year,” reports The Register. From the report: The firm found that the primary smartphone market (meaning new devices) contracted 4.4 percent in the first quarter of this year, despite sales channels front-loading (meaning stockpiling) product inventory, as device prices begin to rise sharply. As CCS notes, this casts an ominous shadow on the outlook for the rest of the year, and it seems things have worsened since The Register first started reporting on the smartphone memory woes.
Back in January, the forecast was for handset price rises of 6-8 percent, while the most pessimistic outlook was that the global market might contract as much as 5.2 percent. By February, analysts were expecting to see a decline in shipments of around 8 percent across the global market, and for prices to increase by about 14 percent.
The root cause of all this is the AI craze, which has seen huge demand for high-performance GPU-filled servers to process it all. Chipmakers have moved to capitalize on this by prioritizing production of high-margin memory components for those servers, rather than making the plain old DRAM and NAND needed for PCs and phones. “The memory chip crisis shows no sign of slowing down in the near future, ramping up the pressure on manufacturers and consumers. Memory components now account for more than 30 percent of a manufacturer’s bill of materials in some smartphones.” said CCS research analyst Ben Hatton. “The full impact has yet to be felt in many regions, but it’s clear that device prices will accelerate over the rest of the year.”
Magda Balazinska, director of the UW Allen School of Computer Science & Engineering, at an event last year. (GeekWire Photo)
As students, teachers and employers wrestle with the demands of an increasingly AI-powered world, the University of Washington has a new proposition: an interdisciplinary AI minor, with an anthropologist and a computer scientist at the helm.
Set for launch in Spring 2027 at the Seattle campus, the program is the latest of several moves the university has made to push itself toward global leadership in AI education and research — including new graduate programs, a partnership with Microsoft and a $10 million AI initiative.
“Students will be able to come to the University of Washington, study a field they are passionate about, and also understand AI and how it relates to that field of study,” said Magda Balazinska, director of the Paul G. Allen School of Computer Science & Engineering and co-chair of the group designing the new curriculum.
Nationwide, universities are racing to build AI literacy into their curricula. Cornell launched an AI minor in Fall 2024, open to students across all majors. Michigan, Columbia, Carnegie Mellon and Georgia Tech have similar programs underway, and Northeastern Illinois University recently announced a standalone undergraduate AI degree.
‘Many perspectives to AI’
In February 2024, Provost Tricia Serio announced a university-wide AI task force, saying an institutional AI strategy was “no longer a choice.” With 80 members across five groups, the task force spent months developing a comprehensive plan.
Advertisement
Anthropology professor Ben Marwick is leading the development of the new minor with Balazinska. (UW Photo)
Among several recommendations, the task force proposed creating an AI minor to engage the “societal aspects of AI” beyond technical training. Balazinska and anthropology professor Ben Marwick are co-leading the development of the new minor, alongside representatives from 18 academic units spanning Architecture to the School of Nursing.
“All units will be welcome to propose and teach courses in the minor,” Balazinska told GeekWire, “because there are many perspectives to AI.”
In a recent survey, about 53% of employers said they struggle to find graduates with the right AI skills, and most said universities are not keeping up, according to a Pearson and Amazon Web Services report. Meanwhile, a review of AI literacy studies found that most efforts skew toward technical literacy over the critical and ethical literacy that UW is looking to provide.
The proposed curriculum has four key pillars:
Students will be required to take at least one course on the ethics, implications, impacts and limitations of AI;
Students will complete core technical courses that cover data-driven predictive models, AI-driven decision-making and generative AI;
Students will complete a project using AI tools or techniques to solve a problem in their discipline, comparing the AI approach against what they would have achieved without it; and
Students will have access to a broad suite of AI-focused electives.
Balazinska’s team is revising the proposal after circulating it across campus for feedback. With the academic year now wrapped up, further review is set for the fall.
UW’s growing AI investment
The minor is part of an expanding array of AI-focused programs at UW. In 2025, the Allen School launched a stackable Graduate Certificate in Modern AI Methods, a part-time evening program for those in various industries who want to develop AI and machine learning expertise.
Advertisement
In October, UW was named one of nine universities to benefit from Amazon’s AI PhD Fellowship program, allotted $2.2 million over two years for doctoral research in AI. This February, the university and Microsoft announced an expanded partnership to provide students with AI computing resources and internship opportunities, launch an AI course for working Washingtonians, and, starting this fall, pair students with Microsoft employees on the Redmond campus.
The university also launched a campus-wide AI initiative, thanks to a $10 million gift from Microsoft pioneer Charles Simonyi. The initiative, AI@UW, coordinates AI investments across student success, research, teaching and resources — including grants for developing AI-integrated teaching projects across disciplines.
Surrounding an AI@UW launch event earlier this year, some faculty pushed back on AI use and questioned the technology’s role in education. A survey of UW Arts & Sciences students also found mixed reviews, including concerns about losing academic skills to AI and inconsistent faculty guidance across departments.
“There’s no getting away from AI now,” one international studies major said in the survey report. “But it’s important that we understand what we stand to lose when we use these services more and more.”
Advertisement
Is an AI Institute on the horizon?
The minor may be a first step toward an interdisciplinary AI Institute at UW, one of several suggestions from the task force. Recommendations ranged from hiring 100 new AI-focused faculty to upgrading the university’s supercomputing infrastructure.
“Within five years, more than 10% of our faculty would have expertise in AI resulting in national and international leadership in AI across the full campus,” read the report, published in late 2024.
Other suggestions included rollouts of advanced AI tools across the administrative backend as well as in teaching environments, such as using ChatGPT to answer questions on course message boards. They recommended every first-year student complete a basic AI literacy module, similar to Title IX requirements.
“As AI systems become embedded in the tools, workflows and decisions that shape daily life,” Balazinska said, “students in every discipline need more than passing familiarity with these technologies.”
Swami Sivasubramanian, AWS VP of agentic AI, shows the Amazon Quick knowledge graph at the AWS Summit in New York. (Screenshot via live stream)
Amazon Web Services is announcing a new set of AI agents for businesses, developers, and individual users, capable of everything from fixing security vulnerabilities to triaging email.
The agents, unveiled at the AWS Summit in New York, reflect an attempt to maximize autonomy while ultimately keeping humans in control of how much the AI does on its own.
It’s part of a broader industry push into agents, with Google, Microsoft, Anthropic, OpenAI and others developing AI that can do more work and increasingly complete tasks on their own.
A new security agent, dubbed AWS Continuum, starts in a supervised “learn mode” and earns the right to act alone only as customers grant it permission, category by category.
The Amazon Quick AI assistant will now let users build their own background agents in plain language to handle tasks like following up on stalled business deals or flagging regulatory changes.
Advertisement
Amazon gave Quick a redesigned activity feed that triages email, messages, and calendar items into one prioritized view; new links to services including Adobe, Figma, Snowflake, and WhatsApp; and the ability to tap multiple connected services to answer a single question.
On the developer side, AWS is also pushing its coding agents to take on more of the grunt work, checking and testing new code before it ships and cleaning up old code, while leaving the final decision to merge or deploy in the hands of humans. A new iPhone app for Kiro, the company’s AI coding assistant, will let developers start and monitor that work from their phones.
Deepak Singh, the AWS VP who leads the Kiro team, said the overarching idea is to take the background work AI has piled onto people — reviewing code, triaging security findings, keeping software current — and let agents handle it with minimal human intervention.
The faster AI writes code and surfaces problems, he said, the more there is for humans to review, test, and maintain: “Those are all good problems to have, but they are real problems.”
Advertisement
AWS also expanded AgentCore, its platform for building agents, and introduced AWS Context, a service that organizes a company’s data so agents can reason over it.
Announcing the new Continuum security agent, AWS cited the rise of powerful AI models — most notably Anthropic’s Claude Mythos — that can now find software flaws and chain them into serious attacks faster than any human team can respond.
Amazon made headlines for raising concerns about those same models, reportedly warning Trump administration officials about security risks in Anthropic’s most advanced AI, before a government order forced the lab to take its two newest models offline.
Continuum is starting with code vulnerabilities, and AWS says it will expand to other aspects of security in the future. It works through issues the way a human team would, if given the time: triaging the findings, testing whether a vulnerability is exploitable, and then proposing a fix, with an estimate of what else the change might break.
Advertisement
In categories where the customer has granted the agent autonomy, Continuum can apply the fix itself, feeding the change into an existing deployment pipeline.
Neha Rungta, AWS director of applied science, said in an interview that this kind of speed is necessary given the acceleration of the threats. AI can now chain minor flaws together, she said, combining two medium-severity findings and a low one into something critical.
“That was something that would have taken a lot of effort, expertise, and determination for an attacker to get through — so the floor has been lowered,” said Rungta, who led the work on Continuum. “The goal is to raise that floor up again.”
Researchers urge developers to see that less is more when it comes to instructions
If you’re exposing your agent to a strong odor, it’s time to clean up your instructions.
Risky or poorly structured code patterns are known as “code smells,” and it turns out coding agent directives can be similarly redolent, leading to wasted tokens and worse output.
Advertisement
Coding agents rely on configuration files that summarize expected agent behavior. These context-enhancing files are commonly written in Markdown and named either CLAUDE.md for those using Anthropic models or AGENTS.md for pretty much everyone else.
They include various text instructions that advise the coding agent about desired behavior and tool use. And they can get rather wordy. Anthropic advises no more than 200 lines of text because longer files consume model context and may hinder model coherence.
Researchers affiliated with the computer science department of the Federal Institute of Minas Gerais in Brazil recently scoured some 532,000 files to build and analyze a dataset of 100 popular open-source projects containing either an AGENTS.md or a CLAUDE.md file.
“Our results show that configuration smells are widespread,” the authors state. “Lint Leakage was the most common smell, affecting 62 percent of the files, followed by Context Bloat (42 percent) and Skill Leakage (35 percent).”
Advertisement
Linting is the process of running automated tools to check code for programming and style errors. Lint Leakage refers to agent instructions that repeat rules already enforced by linters, format checkers, and static analysis tools. Duplicative rules waste tokens by burdening the underlying model with guidance for a task already handled reliably by programmatic tools.
Context Bloat, as its name suggests, describes the tendency of developers to overspecify code agent behavior. “Bloated configuration files increase token consumption, raise costs, and reduce the visibility of important instructions,” the authors observe, pointing to Anthropic’s recommendation of no more than 200 lines of text.
Skill Leakage, another common configuration smell, occurs when rarely used tools or practices get added to the AGENTS.md file, which gets loaded in every agent session. The agent instructions would be better in a separate skills file (e.g. SKILLs.md) that gets loaded only when needed. Skill leakage also expands the agent’s context unnecessarily and potentially distracts agents from other things.
Other agentic odors include: Blind References, which happens when configuration files reference external documents (e.g. via URLs) without explaining when that resource becomes relevant; Init Fossilization, configuration details set up upon a project’s initialization that are no longer relevant; and Conflicting Instructions, which occur when agent directives contradict each other.
Advertisement
The study authors say that they found at least one of these six smells in 91 of the 100 AGENTS.md files tested.
“These results suggest that developers could benefit from catalogs and tools designed to spot configuration issues in agent configuration files,” they conclude in the preprint paper, entitled “Configuration Smells in AGENTS.md Files: Common Mistakes in Configuring Coding Agents.” The authors are Helio Victor F. dos Santos, Vitor Costa, Joao Eduardo Montandon, Luciana Lourdes Silva, and Marco Tulio Valente.
The message here is that less is more when it comes to code agent configuration files, perhaps even to the point that anything is worse than nothing.
Similarly, when ETH Zurich boffins examined the impact of context files for agents a few months ago, they found [PDF] that developer-generated instructions raised costs and only improved code performance about 4 percent, while LLM-generated instructions had a small (3 percent) negative impact on agent-generated code.
Advertisement
They concluded “unnecessary requirements from context files make tasks harder, and human-written context files should describe only minimal requirements.” ®
The ultralight may become a permanent fixture in Apple’s smartphone lineup.
Sam Rutherford for Engadget
Apple could be making a follow-up to the iPhone Air, the ultralight smartphone introduced last fall. According to Mark Gurman at Bloomberg, plans may be in motion for the company to launch a second version of the device for spring 2027. Sources said the potential new product might add a second rear camera, improved battery life and a version of the A20 Pro processor.
Apple rarely offers specifics around sales figures for individual models, but our impression has been that the iPhone Air was not a big mover among buyers. The device has largely been viewed as a precursor for Apple’s eventual foldable smartphone, and many of us who watch the company closely didn’t expect it to have much staying power.
This rumor suggests that Apple may have higher aspirations for this ultralight form factor as a more permanent part of its mobile lineup. We did find the solitary rear camera to be a downside in our review of the iPhone Air, so alleviating some of the tradeoffs needed for such a slim chassis might increase the appeal.
Advertisement
The idea of a spring release for an iPhone Air 2 confirms how Apple has been rethinking its product calendar. Previously, all of its smartphone announcements came in the fall. Within the past 12 months, however, the company focused on its pricier models in September and pushed the announcement of its budget iPhone 17e to the spring. Since several of Apple’s efforts to have smaller smartphones have been abandoned (iPhone mini and iPhone SE, we hardly knew ye), maybe the new strategy is to try providing petiteness from a different perspective.
Google has started rolling out Wear OS 7 to Pixel Watch users. This brings what is arguably the biggest software update of the year to the company’s smartwatch lineup.
The update introduces new Gemini-powered features, redesigned widgets, and battery life improvements. However, it won’t be coming to the original Pixel Watch.
According to Google, the rollout is now underway for the Pixel Watch 2, Pixel Watch 3, and Pixel Watch 4. Availability is expected to expand gradually over the coming days. Alongside a refreshed interface, Wear OS 7 is designed to improve efficiency. Google claims battery life could increase by up to 10%. This depends on how the watch is used.
One of the most noticeable changes is the shift from full-screen tiles to a new widget system. This system looks much closer to Android’s smartphone widgets. The update also adds live notifications. This allows users to see real-time updates directly on their watch. It works in a similar way to Android’s Live Updates feature.
Advertisement
Google has also focused on improving how the Pixel Watch works with other devices. After updating, users will be able to interact more seamlessly with compatible accessories. For example, photos captured with supported AR glasses can be viewed directly on the watch. Meanwhile, a redesigned audio panel makes it easier to switch playback between speakers and headphones.
Advertisement
The biggest additions, however, come from Gemini Intelligence. A new feature called Create My Widget lets users generate personalised dashboards using voice commands. In addition, Gemini-powered automations can trigger actions across multiple apps from a single request.
Google is also giving its voice assistant deeper access to personal data, including Gmail and previous conversations. This allows it to provide more contextual responses and complete tasks more intelligently.
Advertisement
While many smartwatch updates focus on a handful of new features, Wear OS 7 appears to be a broader overhaul. There are battery gains, Gemini integrations and a redesigned interface. As a result, it could end up being one of the most significant Pixel Watch updates Google has delivered so far.
Hudson Rock said the attackers went on to “actively intercept SSL VPN authentication hashes and crack them using a massive, dedicated 45-GPU cluster managed via Hashtopolis.” From there, they used the GPU cluster to crack the hashes, meaning to try massive combinations of plain-text passwords until they found the right one. These passwords allowed the threat actors to move laterally to compromise Active Directory environments and other centralized authentication systems.
“This aggressive methodology has led to severe, real-world consequences,” Hudson Rock said. “Diachenko’s research confirmed full network compromises at multiple organizations across Japan, Taiwan, Vietnam, Iraq, and Turkey. Most alarmingly, this includes a Turkish NATO defense contractor from which classified defense documents were successfully exfiltrated by the group.”
In the interview, Diachenko put it more succinctly. “The scale is the sophistication,” he said.
The scale didn’t stop there. The attackers used the massive cluster to run a” feedback-driven, 12-level recursive system.” In other words, there wasn’t a single flat dictionary run. Password candidates came from custom dictionaries with as many as eight words, common keyboard patterns, and cracking rules. Each one looped back with each step. When guesses were successful, the passwords were fed back as seeds to generate still more candidates. In other words, the cracking techniques improved with each successful guess.
Advertisement
“They were quite innovative on that,” the researcher said.
The innovation contrasts sharply with the operational security of the attackers, who left artifacts on the server they used. In hacker circles, such moves are considered amateur mistakes.
Hudson Rock said that the top countries where compromised devices were found were India, the US, Taiwan, Mexico, Turkey, and Thailand. The top industries affected were IT services, construction materials, telecommunications, construction and engineering, industrial equipment, and financial services. Other organizations whose data appeared in the database included: Foxconn, Samsung, Comcast, Siemens, PwC, and Accenture. Hudson Rock said that the database listed thousands of others, including major government agencies and critical infrastructure providers.
Firewalls have long been a favorite network entry point for hackers. These devices accept connections from the outside Internet, sit at the perimeter of a network, and have access to valuable resources deep inside.
Advertisement
The links above list a number of steps Fortinet firewall users should take to ensure their networks are secure. Given that the data has been available to cybercriminals and potentially other threat actors who, like Diachenko, found it, the risk is substantial.
You must be logged in to post a comment Login