Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
Tech
Palworld’s studio won’t use generative AI because “gamers don’t want it”
Crystal ball: The company accused of making Pokémon copycats “with guns” says it is not interested in using generative AI in its games. It argues that gamers are largely opposed to this kind of content, while noting that generative AI is likely to remain a controversial topic in the industry for a range of reasons.
The debate around AI-generated assets in games is heating up, and Pocketpair has already taken a clear stance. The Japanese studio, best known for Palworld, says it is not using generative AI in its games, arguing that potential customers are rejecting “fake” assets and other AI-generated content.
In a recent interview, Pocketpair’s Head of Publishing & Communications John Buckley said that “gamers don’t want it.” And “if the gamers don’t want it, I guess that’s it, right? Not much of a conversation to be had.”
The Palworld developer has previously faced accusations of both plagiarism and the use of generative AI in creating some of the game’s assets and creature designs. Nintendo is pursuing legal action against the studio, though the dispute has not unfolded entirely in the company’s favor so far.
During the interview, Buckley also said that some developers are already using generative AI in their games. However, he believes the trend is not yet widespread, and added that Pocketpair has no interest in extensively adopting the technology in any case.
Some companies are exploring chatbots and large language models to save time and reduce reliance on human creators, but growing public pushback suggests the generative AI “bubble” could eventually burst. Pocketpair already has all the in-house artists it needs, Buckley said, arguing there is no “pointless” reason to replace staff with AI systems doing the same work.
The controversy around generative AI in gaming continues to intensify. Established studios such as Crystal Dynamics have found themselves explaining the use of AI-generated assets as placeholders in the latest Tomb Raider remake. Meanwhile, Sega faced significant backlash after introducing the new Crazy Taxi game as an AI-assisted production.
Steam now requires developers to disclose whether and how they have used AI in their games. Epic Games CEO Tim Sweeney, however, has argued that Valve’s disclosure requirement is unnecessary, claiming that nearly all future games will incorporate generative AI in some form.
Pocketpair’s John Buckley is less convinced by Sweeney’s stance. He suggests the industry could eventually split, with some studios leaning into a heavily marketed “human-made” identity as a response to growing concerns over “AI slop” in digital storefronts. He also believes AI adoption could become a regional divide.
Developers in parts of Asia, including China and South Korea, may adopt AI more rapidly than competitors, while Western studios – and players – remain more resistant. Stellar Blade developer Shift Up has also said that generative AI could help South Korean studios compete with much larger companies in China and the US.
Continue Reading
Although there’s more competition than ever from the likes of Samsung, OnePlus and Honor, iPads still reign as some of the best tablet computers you can buy. Even if you are a longtime Apple fan however, it can be tricky to know which iPad is best suited for your needs given just how many options there are in 2026. If you’re tempted to upgrade or buy your very first iPad tablet then here are our current rankings.
One of the best things about buying an iPad in 2026 is that there’s a model to suit pretty much every use case and budget. For instance, the standard entry-level iPad is ideal for budget buyers, whilst the iPad Air is ideal for students who need a solid all-rounder for their studies. The iPad Pro is perfect for professionals who require all the power they can get, and the iPad Mini is made with artists in mind who love to draw and sketch throughout the day.
There are lots of great reasons to buy each for the aforementioned models but what unites them all is iPadOS. Easily the biggest reason as to why you should buy an iPad over one of the best Android tablets, iPadOS is unparalleled when it comes to offering a robust App Store filled with all of your go-to apps, alongside a UI that now allows for seamless multitasking.
iPadOS also comes into its own if you’re already part of the wider Apple ecosystem. AirPods of all varieties will immediately swap from your iPhone to your iPad depending on which device you’re using in the moment, and you can see health data collected via your Apple Watch as well.
There are plenty of other reasons as to why iPads are largely unbeaten in the tablet space, but the important thing to know is that this list can pair you with the model that makes the most sense for your needs so that you don’t inadvertently overspend. Keep reading to see which iPads impressed our team the most, or check out our round-up of the best tablets to see what Apple’s devices are up against. The best cheap tablets are also an instant win for anyone tied to a strict budget.
SQUIRREL_ANCHOR_LIST
Every tablet in this list has been properly tested and used for an extended period of time by one of our product experts. We will never recommend a tablet to you that we haven’t personally used and put through a set series of tests. These tests can include colourimeter checks to gauge screen accuracy and brightness levels, various benchmarks to evaluate performance, and battery drains to judge endurance.
Our reviewer will also always judge performance for everyday use. This will see them use it as their primary tablet to conduct typical tasks like gaming, web browsing and video calling.
If the device is targeted at a specific market such as digital artists, they’ll also consider areas such as digital stylus support and whether it can effectively run relevant applications.
The performance of the mid-range iPad continues to improve
Improved connectivity
Two size options is always welcome
Great accessories
No ProMotion
Colour options are welcome, but a little drab
Even though it’s not the cheapest iPad in the range, the iPad Air is easily the best value option of the bunch given just how much you get in return for your money, especially with the new iPad Air M4. This is a tablet that boasts iPad Pro-levels of power but without the hefty price tag that typically comes with it.
Apple fans may remember that the launch of the iPad Pro M4 was a big deal as it was the first Apple device anywhere to feature the M4 chip, leapfrogging the various MacBooks available at the time. Well, that power has now trickled down to the iPad Air range and it blows pretty much every other tablet around the £599/$599 mark out of the water.
You probably won’t notice that much up an uptick if you own the iPad Air M3, but compared to older M-series chips it’s a big leap. Multitasking happens without issue and you can indulge in fairly heavy-duty video and photo editing without ever seeing where the limits are. It’s all very impressive for a tablet, and it’s made even better with the Magic Keyboard in tow. There’s also improved connectivity in this iPad Air with the N1 network chip which adds Wi-Fi 7 for faster internet speeds as you work. Of course, for as great as the iPad Air is for productivity, it still remains a solid entertainment device with a bright, vibrant screen that really shows off some impressive detail when streaming the latest shows on Apple TV.
It would have been nice for Apple to finally bring the 120Hz ProMotion display down to the iPad Air range in a similar fashion to the entry-level iPhone 17, but it’s so much of an issue to detract from how much fun the tablet is to use on a daily basis.
SQUIRREL_PLAYLIST_10208285
Upgraded base RAM
Wi-Fi 7 support
The best screen on any tablet
iPadOS is getting better and better
Give us some fun colours
A fairly minor update
If you want the absolute best that Apple’s iPad lineup has to offer, the iPad Pro M5 is it.
Loaded with premium hardware, the finest screen you’ll find on any iPad, and performance that genuinely impresses. It’s also the best-looking tablet money can buy right now. Thin, light, and supremely sleek, the design carries over from the previous generation, and that’s no bad thing.
Under the hood, however, things have moved on. A new M5 chip handles everything from casual browsing to demanding creative work without breaking a sweat, and an N1 networking chip joins the party too.
The specific chip configuration varies depending on which storage tier you go for, but every version of the Pro M5 delivers serious power. Apple has also bumped the base RAM up to 12GB, a genuine step up from the 8GB found in the older model, and the difference is felt in day-to-day use. iPadOS has matured significantly as well, and the software now feels worthy of the hardware it runs on.
What truly sets the Pro apart from something like the Air is the screen. That OLED panel remains in a league of its own, hitting peak brightness of 1600 nits with rich, accurate colours and excellent HDR support. Whether you’re watching films, editing photos, or cutting video, it looks stunning throughout.
The design is a massive upgrade
USB-C is far more convenient than Lightning
Smart front camera placement
Unbeatable tablet apps and software
Huge price jump, especially in Europe makes its position in Apple’s iPad range confusing
Odd Apple Pencil integration
64GB isn’t enough (256GB probably too much)
Apple’s baffling decision to increase the price of the iPad in its 10th generation made the tablet tricky to recommend at launch. However, a recent drop down to $329/£329 has pulled the iPad 10 back to an affordable price, making it our go-to budget iPad once again.
The iPad has taken design queues from the pricier iPad Air, including flat edges, slimmer bezels and the absence of a home button. The tablet is also 10g lighter and chargers via USB-C, meaning it can share its charger with more devices.
While the 10.9-inch Liquid Retina Display lacks the P3 colour gamut and anti-glare coating found on higher-end iPads, it still has a higher resolution than that of the iPad 9, making it an easy upgrade compared to its predecessor, while producing a sharp, colourful image.
There’s a 12-megapixel rear camera for snapping photos and scanning documents, along with a 12-megapixel ultra-wide front camera that now sits on the long edge for holding video calls in landscape orientation. The A14 Bionic chip delivers strong performance, including a noticeable improvement in gaming performance and video export times compared to previous generations. The RAM is up from 3GB to 4GB too, though the storage remains lacking with 64GB being the base configuration.
The 10-hour battery life is in line with most iPads, while Apple Pencil and Magic Keyboard Folio compatibility makes the iPad 10 a very versatile device.
Great new design
Works with the second-gen Apple Pencil
Super-speedy thanks to the A15 Bionic chipset
5G option makes for great portability
Odd storage sizes
Expensive
Some iOS elements are too small
The iPad Mini 6 won’t be everyone. It’s expensive, lacks the Magic Keyboard support of the Air and Pro and suffers from slightly inferior battery life. However, if you’re after a small iPad for watching videos, reading or note-taking then this is still an option we’re happy to recommend,
Most of the features here are stripped from the iPad Air series. It mirrors that slate’s design, colour choices and screen tech. However the performance isn’t quite as high-end, so it scores lower in benchmark tests. In real-world use though, it’s still very snappy in all ways.
The smaller 8.3-inch display makes this a different proposition from the iPad Air. It’s less of a laptop replacement and more of a companion; a media-centric device that fits in smaller bags. Pair it with the Apple Pencil (2nd gen) and you’ve got a fantastic mini notebook and sketchpad. The smaller display also makes it great for gaming, especially if you pair up a Bluetooth controller.
We found that the battery life is a little shorter than the iPad Air, but at least there’s a USB-C port on the bottom.
No, no iPad can natively run Mac apps – even if you have an M1 iPad and the app is built for an M1 Mac. Instead, all apps for an iPad must come from the App Store.
The original Apple Pencil has a glossy finish and charges by plugging directly into an iPad’s Lightning port – though no iPad in our list supports this older accessory. The Apple Pencil 2nd Gen charges wirelessly and has a matte finish. Any iPad with a USB-C port will support this Pencil. The new Apple Pencil Pro, with support for rotation and squeeze gestures, will only work with the latest iPad Air and iPad Pro M4 due to the relocation of the magnets within the iPad chassis.How we test all the iPads we review
FAQs
Can an M5 iPad Pro run Mac Apps?
What is the difference between the three versions of Apple Pencil?
Test Data
Apple iPad Air M4
Apple iPad Pro M5
Apple iPad (10th gen)
iPad Mini 6
Geekbench 5 single core
–
–
1557
1594
Geekbench 5 multi core
–
–
3190
4687
Geekbench 6 single core
3726
4081
–
–
Geekbench 6 multi core
13286
16441
–
–
Geekbench 6 GPU
52607
74536
–
–
3DMark Solar Bay
12727
–
–
–
sRGB
–
–
–
90 %
Adobe RGB
–
–
–
62.8 %
DCI-P3
–
–
–
64 %
Max brightness
–
–
467 nits
439 nits
1 hour video playback (Netflix, HDR)
–
3 %
6 %
6 %
30 minute gaming (intensive)
–
–
7 %
9 %
30 minute gaming (light)
–
–
5 %
8 %
1 hour music streaming (online)
–
–
–
1 %
1 hour music streaming (offline)
–
–
1 %
1 %
Time from 0-100% charge
–
–
120 min
–
GFXBench – Aztec Ruins
60 fps
60 fps
–
–
GFXBench – Car Chase
60 fps
60 fps
–
–
Full Specs
Apple iPad Air M4 Review
Apple iPad Pro M5 Review
Apple iPad (10th gen) Review
iPad Mini 6 Review
UK RRP
£599
£999
£349
£479
USA RRP
$599
$995
$349
$499
EU RRP
–
–
€439
€559
CA RRP
–
–
–
CA$649
AUD RRP
–
–
–
AU$749
Manufacturer
Apple
Apple
Apple
Apple
Screen Size
11 inches
11 inches
10.9 inches
8.2 inches
Storage Capacity
128GB, 256GB, 512GB, 1TB
256GB, 512GB, 1TB, 2TB
64GB
256GB, 64GB
Rear Camera
12MP
12MP
12MP
12MP
Front Camera
12MP
12MP
12MP
12MP
Video Recording
Yes
Yes
Yes
Yes
IP rating
No
No
IP57
No
Battery
28.93 Whr
31.29 Whr
–
19.3 Whr
Fast Charging
Yes
Yes
–
Yes
Size (Dimensions)
x x INCHES
x x INCHES
179.5 x 248.6 x 7 MM
5.3 x 7.69 x 0.25 INCHES
Weight
462 G
446 G
477 G
293 G
ASIN
–
–
B0BJLG85NS
B09G9LDWYQ
Operating System
iPadOS 26
iPadOS
iPadOS 16.1
iPadOS 15
Release Date
2026
2025
2022
2021
First Reviewed Date
09/03/2026
16/06/2026
–
08/10/2021
Resolution
2360 x 1640
2420 x 1668
1640 x 2360
2266 x 1488
HDR
–
Yes
Yes
Yes
Refresh Rate
60 Hz
120 Hz
60 Hz
60 Hz
Ports
USB-C
Thunderbolt / USB 4 port
USB-C
USB-C
Chipset
Apple M4
Apple M5
Apple A14 Bionic (5 nm)
A15
RAM
12GB
12GB, 16GB
4GB
12GB
Colours
Blue, Purple, Starlight, Space Grey
Grey, Silver
Silver, Blue, Pink, White
Space Gray, Pink, Purple, Starlight
Your AI agent did exactly what it was designed to do. The framework underneath it just handed an attacker a shell on the box that holds your OpenAI key, your database credentials, and your CRM tokens.
That is not a hypothetical. In a few months, three of the most widely deployed AI agent frameworks each turned a known, ordinary bug class into a way through. Check Point Research chained a SQL injection in LangGraph’s SQLite checkpointer to full remote code execution. Tenable and VulnCheck tracked a path traversal in Langflow’s file upload endpoint to active, in-the-wild RCE. Cyera documented a path traversal in LangChain-core’s prompt loader that reads your secrets off disk. Two paths to a shell, one to your keys. They are the same bug, wearing three frameworks.
These frameworks became production infrastructure faster than anyone secured them. They store agent state, take file uploads, load prompt configs, and hold the credentials to databases, CRMs, and internal APIs. The edge tools watch traffic. The endpoint tools watch processes. Neither was built to treat an imported framework as a boundary worth guarding, and that blind spot is exactly where all three chains live, widening every week as these frameworks ship to production.
The LangGraph chain, SQL injection to a Python shell
Start with the one most teams pulled into production this quarter. LangGraph gives AI agents memory through checkpointers, the persistence layer that stores execution state. It has cleared over 50 million downloads a month. Yarden Porat of Check Point Research took that layer apart and found three vulnerabilities. Two of them chain to RCE.
CVE-2025-67644, rated CVSS 7.3, is a SQL injection in the SQLite checkpointer. The function that builds the WHERE clause for checkpoint lookups drops user-controlled filter keys straight into the query with no parameterization and no escaping. This does not hit everyone, but where it hits, it is serious. A deployment is exposed when it self-hosts LangGraph on the SQLite or Redis checkpointer and lets untrusted input reach get_state_history() or a similar history endpoint. Meet those conditions, and an attacker who controls the filter writes a fabricated row straight into the checkpoint table. Run LangChain’s managed LangSmith platform on PostgreSQL, and the exposure is gone.
Then CVE-2026-28277, CVSS 6.8, finishes the job. LangGraph’s msgpack checkpoint decoder rebuilds Python objects from the stored data, which lets it import a module and call a named function with attacker-supplied arguments. That step needs write access to the checkpoint store; the SQL injection is what grants it remotely. LangGraph loads the forged row as a legitimate checkpoint, the decoder runs the specified function, including os.system, and code executes under the identity of the agent server. A third issue, CVE-2026-27022, CVSS 6.5, reaches the same place through the Redis checkpointer.
There has been no confirmed exploitation in the wild yet. A working proof-of-concept is public in Check Point’s disclosure. The fixes are version bumps: langgraph-checkpoint-sqlite to 3.0.1, langgraph to 1.0.10, and langgraph-checkpoint-redis to 1.0.2.
The Langflow chain, one unauthenticated request to RCE
Langflow is the one already under attack. CVE-2026-5027, CVSS 8.8, is a path traversal in the POST /api/v2/files endpoint, which takes the filename straight from the form data and writes it to disk unsanitized. An attacker packs that filename with traversal sequences and drops a file anywhere, such as a cron job in /etc/cron.d/. Because Langflow ships with auto-login enabled in its default configuration, an exposed instance needs no credentials at all. A single unauthenticated request reaches the endpoint, and the next cron run hands over a shell.
VulnCheck’s Caitlin Condon confirmed exploitation on June 9: “Our Canaries observed exploitation of CVE-2026-5027 that successfully leveraged the path traversal to write what appear to be test files on victim systems.” Censys put roughly 7,000 exposed instances on the internet, most in North America. This is the third Langflow flaw to draw active exploitation this year, after CVE-2025-34291, which the Iranian state-sponsored group MuddyWater weaponized and which CISA added to its Known Exploited Vulnerabilities catalog in May. CVE-2026-5027 itself was patched in version 1.9.0, released April 15.
The timeline is what sets the clock. The patch shipped April 15. Attacks started in June, and VulnCheck added CVE-2026-5027 to its exploited-vulnerabilities list June 8 once its sensors caught the first in-the-wild hits. Every instance left unpatched between those two dates has been sitting in the open for almost two months. The lesson for security teams is to start the patch clock at disclosure, not at a federal catalog entry.
The LangChain-core gap, arbitrary file reads through the prompt loader
LangChain-core, the foundation under both, disclosed CVE-2026-34070, CVSS 7.5, a path traversal in its legacy prompt-loading API. The load_prompt() functions read a file path out of a config dict with no check against traversal sequences or absolute paths, so an attacker who influences that path reads arbitrary files the process can reach, including the .env file holding OPENAI_API_KEY and ANTHROPIC_API_KEY. Cyera paired it with CVE-2025-68664, CVSS 9.3, a deserialization flaw that resolves environment secrets through a crafted object. The fix versions differ, which matters when you patch: CVE-2026-34070 lands in langchain-core 1.2.22 and 0.3.86; CVE-2025-68664 lands earlier in 1.2.5 and 0.3.81. Clear both, or the higher-severity flaw stays live behind a patched one.
Three frameworks, three classic AppSec bugs. Path traversal. SQL injection. Unsafe deserialization. Nothing exotic, nothing AI-specific, just old vulnerabilities living inside new infrastructure. None of this is a frontier-model problem. It is plumbing, sitting in the layer where AI meets the enterprise.
Why the scanner cannot see it
Merritt Baer, CSO at Enkrypt AI and former deputy CISO at AWS, has named what makes this kind of failure hard to see coming. It does not announce itself as an AI problem. “CISOs will experience MCP insecurity not in the abstract, but when an employee pastes sensitive data into a tool, or when an attacker finds an unauthenticated MCP server in your cloud,” Baer told VentureBeat. “It won’t feel like ‘AI risk.’ It will feel like your traditional security program failing.” The framework chains here are the same shape. An exposed Langflow instance is an unauthenticated server in your cloud, and the alert, if one fires, reads like an ordinary incident.
That is the gap in one sentence. The exploit lives in the framework your code imports. The WAF never sees a msgpack decoder running three layers down. The EDR watches the agent server make the same process calls it makes a thousand times a day and waves it through. Both tools are doing their job. Nobody scoped the framework itself as the thing that could turn on you.
The root cause is older than AI, and Baer names it. “MCP is shipping with the same mistake we’ve seen in every major protocol rollout: insecure defaults,” she told VentureBeat. “If we don’t build authentication and least privilege in from day one, we’ll be cleaning up breaches for the next decade.” Langflow’s auto-login is that mistake shipped. LangChain-core’s unguarded prompt loader is that mistake shipped. The convenient default is the vulnerability. And the moment an agent connects to anything, that risk compounds. “You’re not just trusting your own security, you’re inheriting the hygiene of every tool, every credential, every developer in that chain,” Baer said. “That’s a supply chain risk in real time.”
There is a governance failure layered on top of the technical one, and it is the same miscategorization Assaf Keren, chief security officer at Qualtrics and former CISO at PayPal, has flagged in adjacent tooling. “Most security teams still classify experience management platforms as ‘survey tools,’ which sit in the same risk tier as a project management app,” Keren told VentureBeat. “This is a massive miscategorization.” Swap in AI agent frameworks, and it still holds. Teams file LangGraph, Langflow, and LangChain under developer convenience, then wire them into databases, CRMs, and provider keys. “Security has to be an enabler,” Keren said, “or teams route around it.” These frameworks are what routing around it looks like.
Follow the money and it points at the same layer. On its Q1 fiscal 2027 earnings call, CrowdStrike reported its AI detection and response line up more than 250% sequentially, and on June 17 it extended that runtime coverage to agent, LLM, and MCP traffic on AWS. George Kurtz, the company’s co-founder and CEO, named the reason in plain terms: “Agents run on the endpoint. They make tool calls, access files, invoke APIs, and move data at the process level.” That is the exact plumbing these chains abuse, and real money is now moving to the layer your AppSec scan skips.
What to put in front of the board
The board does not need the CVE numbers. It needs the consequence, and Keren draws the line the board cares about. Most teams have mapped the technical blast radius. “But not the business blast radius,” Keren told VentureBeat. “When an AI engine triggers a compensation adjustment based on poisoned data, the damage is not a security incident. It is a wrong business decision executed at machine speed.” A framework RCE is the same problem one layer earlier. The agent does not just leak a credential; it acts on production systems with it, and the business sees an outcome no one can explain.
So frame it the way a board frames it: we run AI agent frameworks in production that can be turned into remote shells through bugs our scanners are not built to find, all three are patched, one is under active attack, and here is the date every instance is verified and closed. None of this required custom malware or a zero-day.
The six-question checklist
Six trust boundaries, one per row, each with the question, the proof point, the command, the fix, and the board line. Run it tonight.
|
Trust-Boundary Question |
Proof Point |
What Broke |
Verify Before You Install |
The Fix |
Board Language |
|
1. Can the agent’s state store be poisoned with code? |
LangGraph SQLi-to-RCE chain. CVE-2025-67644 (CVSS 7.3) chains into CVE-2026-28277 (CVSS 6.8). PoC public, no in-the-wild use yet. |
Filter keys interpolated into SQL with an f-string. Forged checkpoint row hits the msgpack decoder, which imports and runs an attacker-named callable. |
pip show langgraph-checkpoint-sqlite. Below 3.0.1 = vulnerable. Confirm get_state_history() is not exposed to network input. |
Upgrade langgraph-checkpoint-sqlite to 3.0.1, langgraph to 1.0.10, langgraph-checkpoint-redis to 1.0.2. |
“Our agent memory layer can be tricked into running attacker code. Vendor has patched it. We are upgrading and confirming the endpoint is not exposed.” |
|
2. Can an unauthenticated request write a file to our agent server? |
Langflow CVE-2026-5027 (CVSS 8.8). On VulnCheck KEV (June 8). Active exploitation confirmed June 9. ~7,000 exposed instances (Censys). |
Path traversal in POST /api/v2/files. Filename unsanitized. Auto-login on by default. Two HTTP calls drop a cron job and earn a shell. |
Query Censys or Shodan for your Langflow, Flowise, n8n, and Dify instances on the perimeter. Check whether auto-login is enabled. |
Upgrade Langflow to 1.9.0+. Disable auto-login. Pull AI dev tools behind VPN or zero-trust. Isolate port 7860. |
“Our AI dev tools are reachable from the internet with login off. This exact flaw is under active attack now. We are pulling them behind access controls today.” |
|
3. Can our prompt loader read files it should never touch? |
LangChain-core CVE-2026-34070 (CVSS 7.5), path traversal in the prompt-loading API. Paired with deserialization CVE-2025-68664 (CVSS 9.3). |
load_prompt() reads a config-supplied path with no traversal check, returning files such as the .env holding OPENAI_API_KEY and ANTHROPIC_API_KEY. |
pip show langchain-core. Below 1.2.22 (1.x) or 0.3.86 (0.x) = vulnerable. Audit any code passing user-influenced paths to load_prompt(). |
Upgrade langchain-core past both fixes: 1.2.22 / 0.3.86 (CVE-2026-34070) and 1.2.5 / 0.3.81 (CVE-2025-68664). Replace load_prompt() with an allowlisted directory. Run as non-root. |
“Our prompt system could be steered to read our API keys off disk. We are patching and removing the legacy loader.” |
|
4. Does a compromised framework hand over every credential at once? |
These frameworks are often deployed with provider keys, database credentials, and integration tokens available to the process environment. Cyera documents the credential-exfiltration path. |
One RCE on the agent server exposes every secret the process can read. Blast radius is the full credential set, not one app. |
Inventory which secrets each framework process can reach. Confirm keys come from a secrets manager, not static .env files. |
Move provider keys to ephemeral injection. Rotate any key a vulnerable instance could have read. Scope each key to least privilege. |
“A single break in one AI framework exposes the keys to every model and data store it touches. We are rotating and scoping them now.” |
|
5. Are these frameworks running outside security governance? |
A prior Langflow flaw, CVE-2025-34291, was weaponized by Iranian-linked MuddyWater and added to CISA KEV in May. Shadow AI is the new shadow IT. |
Teams stand frameworks up for speed, give them credentials, and never bring them under review. The security team cannot see what it does not know exists. |
Run a discovery sweep for AI frameworks outside change management. Map each to an owner and an approval record. |
Assign every framework a documented owner and a place in the approval process. Offer a sanctioned alternative so teams do not route around you. |
“We have AI frameworks in production that no one formally approved. We are bringing them under governance, not banning them.” |
|
6. Can our scanners even see inside the framework at runtime? |
Runtime detection is forming around this layer: CrowdStrike Falcon AIDR expanded to AWS June 17 (Bedrock, Kiro, Strands); its QuiltWorks coalition now covers cloud workloads. |
WAF reads HTTP at the edge. EDR watches the endpoint. By default, neither reliably models a msgpack decoder or a prompt loader three layers down in an imported framework as a separate trust boundary. |
Test whether your AppSec scan covers third-party framework internals. Track CVEs by dependency, not just by what your edge tools can parse. |
Add framework dependencies to vuln management. Treat agent output and stored state as untrusted. Patch on disclosure, not on KEV listing. |
“Our scanners check our code, not the frameworks our code imports. We are closing that blind spot and patching on disclosure, not waiting for the federal catalog.” |
How to read this table: each row is one trust boundary, left to right, from the question to ask to the line to read your board.
Give the board the deadline, not the technology
The fixes are not a re-architecture. They are version bumps and config changes you can land this week. The exposure is the gap between the day the patch shipped and the day your team runs the checks, and right now that gap is measured in months. The frameworks did exactly what they were built to do.
“We thought that’s probably the one that’s least likely to pop up,” Geisbert says. “We guessed wrong.”
Concerned by that knowledge gap, in 2011 he decided to modify a vaccine, which led to the crab-eating macaque study. In the same study, he also finally tested a blend of existing ebola vaccines on the Bundibugyo strain, but they didn’t provide 100-percent protection.
If the 2012 outbreak had occurred after the major Zaire outbreak, Geisbert says, it’s possible pharmaceutical companies might’ve been more keen to commercialize a vaccine that protects against the Bundibugyo strain.
But with the present outbreak rivaling the 2013 to 2016 one in terms of scale and scope, efforts to play catch-up are going into high gear. Geisbert suspects WHO’s experience with Ervebo is one of the reasons they favor his vaccine candidate, which is basically “Bundibugyo Ervebo,” he says.
WHO also noted the success of a similar rVSV-based vaccine targeting the Sudan strain of ebola in a ring vaccination trial in 2025.
The rVSV-based Bundibugyo candidate’s suitability for ring vaccination was backed by a 2023 study showing most of the monkeys were protected from the virus even after they were exposed if they had been vaccinated. That is crucial for ring vaccination to work. While the researchers vaccinated the monkeys an unrealistically quick 20 minutes after exposure, the proof of concept sets it apart from Moderna and the University of Oxford’s candidates under development.
“There hasn’t really been much development since that 2023 study, because we weren’t really expecting to see that strain and also because historically it’s been associated with lower-rate mortality as well,” said Courtney Woolsey, the lead author on the paper (Geisbert was a coauthor) and an assistant professor within the University of Texas Medical Branch.
“Nobody really makes money off these vaccines,” she adds, “so there are funding barriers as well to advance these vaccines where people likely aren’t going to make money.”
The nonprofit Coalition for Epidemic Preparedness Innovations has offered funding of up to $3.2 million to prepare and start testing the material needed to manufacture Gesbert’s vaccine, which would be the first step towards human trials.
The “extensive safety data and prior regulatory experience” from the rVSV-based vaccines used to combat the Zaire strain “could help expedite approval pathways if it is shown to be successful,” Rachael Bonawitz, filovirus disease programme lead at CEPI, tells WIRED over email, adding that developers would also be able to build on existing manufacturing processes.
“Even if it’s not used in this outbreak, hopefully there will be clinical material that can be used in humans available for the next outbreak,” Geisbert says, “because it will probably pop up again.”
Even as it shows promise, there is still a chance his vaccine won’t work. Scientists have not been able to obtain a live Bundibugyo virus sample for testing due to stretched resources in the DRC and the logistical and bureaucratic complexity of obtaining and transporting refrigerated blood back to the US. While scientists believe the current strain is around 98-percent similar to the strain that caused the previous outbreaks, that unknown 2 percent presents a risk the vaccine won’t be as effective as it was against the previous strain.
“When you look at the sequences it’s not different enough that I would predict that there would be a problem, but nothing’s foolproof,” Geisbert says.
The International AIDS Vaccine Initiative in New York will prepare the vaccine candidate for production. The nonprofit biomedical research organization focuses on developing vaccines for global diseases where there is little financial incentive for development.
“The baton has been handed off, and I just sit back and hope that it works, whether it’s the vaccine, whether it’s somebody else’s vaccine,” Geisbert says.
What’s the most cliche possible gift you can give a relative? A digital photo frame, displaying a rotating slideshow of family photos. Now Aura has completely refreshed this product space with its gorgeous Aura Ink frame, which uses e-ink to create a display that doesn’t even look digital.
Digital frames have always been so popular (yet mostly disappointing) because there’s an undeniable allure to the idea of them — it feels like magic to imagine hanging artwork on your wall that you can change depending on your mood. In practice, these devices usually look clunky. You need to plug them in and figure out how to hide a bulky cord, and does anyone even want another bright screen in their home anyway? This problem was already on the Aura founders’ minds when they started the company 10 years ago, but color e-ink wasn’t feasible until now to use in a digital frame.
“E-ink is definitely next level,” co-founder and CTO Eric Jensen told TechCrunch. “We have people tell us that they hung it up, had friends over, and their friends were like, ‘How did you print that picture so quickly?’”
E-ink is the same technology that you see on e-readers, which lets you read a book without feeling the same strain that you get from staring at an LED screen for too long. But there aren’t that many color e-ink devices on the market aside from the Kindle Colorsoft, because the company that manufactures e-ink displays can only currently produce six colors: red, blue, green, yellow, white, and black.
It’s hard to imagine what your favorite family portraits and travel photos would look like with only six colors. But Aura has created a dithering algorithm — a technique that blends a limited color palette into patterns the eye reads as smooth gradients — that renders images close enough to the originals that its e-ink frame could finally go to market.
“I’m learning color theory from our chief scientists, and as far as I understand it, there’s not a good definition for how many colors this represents well,” Jensen said. “It’s all sort of theoretical and comes down to how people perceive it. Everyone’s a little different, so it’s actually taken a lot of testing with a lot of people in a lot of different spaces and different lighting conditions in order to get where we are today.”
All of Aura’s frames connect to the Aura app, which is where you can upload photos from your phone, web, email, iCloud, or Google Photos. I found the process to be pretty user-friendly — easy enough for a less tech-savvy relative to navigate, which matters for a product that lives or dies on whether non-technical users will actually set it up.
The app also has social features, so if your sister has a great new photo of her baby, she can upload it to your shared library and it will appear on your frame. (I didn’t try this, since I don’t know anyone else with an Aura frame, but if I did, I would probably use this feature to prank my family members with ridiculous photos. Am I a bad person?)
In addition to the 13.3-inch Ink frame, Aura also sent me its more classic, 12-inch LED Aspen frame as a point of comparison. But the LED frame surprised me with how good it looks in its own right (it feels like the Prada of digital frames). The lighting is about as unobtrusive as an LED screen can be, and it’s anti-glare, which makes the frame look way more premium. Aura’s frames also benefit by surrounding the LED screen with a paper-like matting display, which helps trick the eye into reading it as a printed photograph.
Aura says it designed its dithering algorithm for portraits of people, since users tend to highlight family photos. I’m a rebel, so I decided to load my frames with travel photos. When comparing the same photo on the Ink and the Aspen, it’s very clear that the colors aren’t exact, but as a digital photographer who isn’t that picky, I didn’t care very much. The distorted color palette almost seems like an artistic choice, even if I know it’s reflective of a technological limitation. But when I showed the two Aura frames to an analog film photographer who painstakingly studies the small color aberrations in his darkroom prints, he thought that the Ink frame needed some work. I disagree, but if you look at the photos below and are bothered that the white balance isn’t perfectly consistent across each of the three image from my phone, then you might not like the Ink frame.
By default, the Ink frame changes photos once per day, and it will usually do this change in the middle of the night, when you’re least likely to be paying attention. If you manually change the pictures via the app, do not be alarmed if the frame looks like it’s glitching — it takes about a minute for the hardware to run the dithering process and render the six-color, e-ink version of your image.
I am very bad with anything involving hammers and nails — all of the art in my apartment is hung up using Command strips — but mounting hardware that Aura includes feels sturdy. It’s easy to take the frame on and off the wall, but you probably only will need to take it down to charge the frame via USB-C once per month. (When the lights are off or you’re not in the room, the display will go to sleep, helping save battery.) I don’t think that the Ink frame looks too out of place, but if it does, maybe it’s because it’s surrounded by art made in other mediums. Or maybe it’s the black frame. Or I did a bad job at placement. Look, I can’t help that I added the Ink frame to a gallery wall that I assembled three years ago!
At $499, I wouldn’t call the Ink frame cheap (the Aspen runs $229, by the way). But aside from its color inconsistencies — which you can argue are more of a feature than a bug — I’ve loved having the Ink frame on my wall. With the unavoidable technical limitations of e-ink in mind, it’s hard for me to imagine how Aura could’ve made a better product.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
Go’s IPO — Japan’s biggest so far this year — has done more than provide a much-needed boost to the country’s languishing listing season. It has also supplied the taxi-hailing app with the capital required to address an existential issue: Japan’s shortage of drivers.
Go, which went public Tuesday, plans to use the ¥88.6 billion ($553 million) raised in its IPO to expand its robotaxi business and make acquisitions, according to a company spokesperson.
“We intend to use the proceeds from the sale of newly issued shares toward investment in research and development related to robotaxis and investment in business expansions, including strategic mergers and acquisitions in our business inside and outside of the taxi industry,” the spokesperson said.
The Japanese taxi-hailing company’s debut came in one of Japan’s quietest listing seasons, at a time when the government has been telling startups to sell themselves rather than go public. Go drew investments from BlackRock, Wellington Management, and M&G Investment Management in the process, underscoring where global institutional money is willing to go in Japan right now. The stock has since pulled back below its offering price, closing at ¥2,314 on Friday, down about 4% from the IPO price of ¥2,400.
Go’s robotaxi ambitions are rooted in a human problem. Japan’s taxi industry is running out of drivers. The number of taxi drivers has fallen roughly 20% in recent years, according to a report citing Japan’s Ministry of Land, Infrastructure, Transport and Tourism.
An aging population means that figure is unlikely to recover. Ride-share services launched in Japan in 2024, but remain limited to certain areas and require drivers to be employed by a taxi company; restrictions that have done little to address the shortage.
Go was founded in 1977 as a taxi operator and now runs Japan’s largest ride-hailing app with 35 million downloads, 85,000 partner vehicles, and an 80% share of Japan’s taxi app market by usage time, covering 46 of Japan’s 47 prefectures.
Go believes robotaxis will be part of its future — although it’s not clear when that vision will become a reality.
Go has partnered with Waymo, an autonomous driving subsidiary of Alphabet, alongside Nihon Kotsu, one of Japan’s biggest taxi operators. Go is responsible for strategic coordination of the partnership, according to the spokesperson. CEO Hiroshi Nakajima has previously said that Go will not invest in autonomous driving systems itself, according to Nikkei Asia.
Go has not set a timeline for fully driverless operations.
“We plan to begin driving fully autonomously, without a human specialist present, when we validate our technology and receive approval to do so,” the spokesperson said.
In the meantime, Go is looking for ways to give its traditional business a competitive edge. For instance, the company has partnered with Kakao T, Alipay, and WeChat Pay that allows inbound travelers from South Korea, China, and Taiwan to hail Go-affiliated taxis directly from their local apps.
Go is not the only company betting on Tokyo’s robotaxi future.
In March, Uber, Wayve, and Nissan announced plans to pilot robotaxi services in Tokyo by late 2026, marking Uber’s first autonomous vehicle partnership in Japan. The service will use Nissan Leaf electric vehicles powered by Wayve’s AI Driver, and will be bookable through the Uber app.
Uber has also teamed up with S.Ride to let international visitors book rides through the Uber app. Didi Mobility Japan, a joint venture between SoftBank and Didi Chuxing, has a similar arrangement.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
Honor of Kings is increasing its reach in India through the release of HOK Plus 2.0. This update comes with various enhancements, including more rewards, improved gameplay, creator programs, and esports developments. Another feature of this update is a new character named Devara, who draws inspiration from Indian culture.
Honor of Kings is rolling out a ₹10 million reward program for its users in India with the launch of HOK Plus 2.0. Through “Play to Earn”, players will be motivated to play the game, create content, participate in campus activities, and socialize. Players will get the opportunity to participate in the Treasure Hunt game and stand a chance of winning smartphones and Amazon gift cards. Honor of Kings will give even greater rewards to players as part of its celebration on June 27.
Devara Debuts as Honor of Kings’ New India-Inspired Hero
HOK Plus 2.0 will introduce Devara, a hero inspired by India, in the game Honor of Kings. Devara battles at the Clash Lane and uses his lightning abilities when he is battling. He is able to deal massive damage and perform well from the front line. Honor of Kings has been inviting people to suggest Hindi lines for their heroes. Some of these lines have been selected and used in Devara’s voice lines, which were recorded by Sanket Mhatre.
The launch of Devara will be marked by a range of offline events in Delhi, Mumbai, and Bengaluru. These will allow gamers to experience themed activities and engage with other players. The events aim to celebrate the hero’s debut and strengthen the game’s connection with its Indian player community.
HOK Studio Expands Support for Indian Content Creators
HOK Plus 2.0 introduces new opportunities for content creators through HOK Studio. The new creator policy rewards content creators for strong performance and regional rankings. Selected creators can move into the HOK Advanced Creator Program and receive exclusive benefits. The company has also partnered with Live Insaan to support community growth. Players will soon be able to join influencer-led teams in the HOK India Influencer Team Tournament.
Honor of Kings is also bringing new activities to campuses and gaming cafes across India. The campus program will cover 32 colleges in four cities between July and September. Students will have opportunities to compete, create content, and engage with the community. The game will also organize Devara-themed 1v1 challenges at selected gaming cafés. Participants can earn rewards and compete for cash prizes and smartphone giveaways.
Revenant XSpark has qualified to represent India at the 2026 Asian Games Esports Qualifiers. The team claimed its place by winning the NESC 2026 LAN Grand Finals held in Pune. The competition in Kuala Lumpur brings together top teams from across the region. Successful teams will secure spots at the 20th Asian Games in Nagoya, Japan. Their qualification showcases the progress of India’s Honor of Kings esports ecosystem.
New Heroes, Gameplay Modes, and Quality-of-Life Improvements
There are new updates in Honor of Kings to enhance its gameplay through HOK Plus 2.0. The players can get familiar with Annette, Lorion, and Florentino in Arena of Valor. Users can discover Super Flow Brawl 2.0 and apply strategic thinking and gameplay mechanics in this mode. There are even certain events happening during the match to affect its flow.
June 27 marks the date of the Peak Day festival, where players in Honor of Kings will have various opportunities to get rewarded during the event. Participants in the event will be able to engage in specific activities, collaborations, and community events at the festival. There are limited-time vouchers and unique collectibles for the participants. The participants will have access to free heroes and bonuses at the festival.
Collaboration between LEGO and Koenigsegg built a vehicle that turns heads for all the right reasons. The two companies created a full-scale version of the Sadair’s Spear using LEGO Technic pieces, and the finished machine drives under its own power on real roads and courses.
Over 327,906 unique components went into this massive effort, which resulted in an automobile weighing a whopping 1800 kilos, despite the fact that the bricks themselves only accounted for about 400 kg. The long and laborious procedure came to a conclusion after almost 9,400 hours of work, when the team gave their approval and declared it ready for testing.
Sale
LEGO Technic Koenigsegg Jesko Absolut Grey Hypercar, Sports Car Building Set for Boys and Girls, Vehicle…
- A hypercar toy for kids ages 10 and up – This LEGO Technic Koenigsegg Jesko Absolut Grey Hypercar car building toy set for kids features authentic…
- Build the features of this sport car toy – Builders explore lots of engineering concepts as they assemble the articulated V8 engine and the…
- Realistic door design – The model features a dihedral synchro-helix door system, which allows the doors to rotate 90 degrees while moving outwards…
The entire car is built from the ground up on a lightweight body made of LEGO Technic pieces, while a custom-made chassis underneath handles all structural stresses and houses the electric motor and complex mechanisms that bring this cool car to life, and then there’s that one show-stopping feature we can’t get enough of. The car has a working Ghost Mode, a trick that the real hypercar does as well, in which the rear body portion lifts up, the dihedral synchro-helix doors swing out on their own, and the mirrors fold flat.
The next challenge came on the Goodwood hillclimb track in the United Kingdom. Markus Lundh, the test driver, drove the brick-built automobile up the famed incline in reverse configuration, reaching a high speed of 111 kilometers per hour, or 69 miles per hour in the United States. This figure more than twice the previous record for the fastest drivable LEGO car manufactured by the LEGO Group.
Markus said he had a great time driving the thing; it reminded him of the time he got the Sadair’s Spear to the top of that hill the year before, but when he took the LEGO version up, he was particularly impressed with the engineering that the Technic team did. The massive life-size creation corresponds with a new official 1:8 scale LEGO Technic model of the same car, which has 4,104 pieces and reproduces many of the same features, but at a scale that allows it to be displayed on a desk or shelf. The smaller counterpart also includes a working Ghost Mode sequence, a detailed V8 engine with moving parts, a 9-speed transmission that moves, and suspension at both ends.
CarPlay is seeing one of its biggest updates in years thanks to the upcoming release of iOS 27. Here are all the new features, including Siri AI and Apple TV apps.
At WWDC 2026, Apple officially unveiled its next version of iOS. The update, iOS 27, will be released in the fall of 2026 and is packed full of useful new features.
CarPlay, Apple’s in-car UI, is powered by iOS, so this new software will bring a bunch of enhancements to your car. This year, at least one major feature will require some serious automaker support.
Siri AI in CarPlay
Apple Intelligence seemed to occupy almost half of Apple’s WWDC keynote. A lot is going on, and a good portion of that is reflected in the car.
On phones that support Apple Intelligence, Siri will become Siri AI. That means Siri will be more capable and get a new look.
When you invoke Siri AI, it now has a dark, glassy orb at the bottom of your car’s display. It mimics the look of the new UI that lives in the Dynamic Island on iPhone.
New Siri AI orb in CarPlay with iOS 27
Siri is more conversational now, going back and forth with you as you ask questions and follow-ups. Apple’s digital assistant has more personal context, too.
While testing it, I could ask more complicated questions with multiple action items. As I left the house, I asked Siri to turn off the lights in the studio, get me directions to my son’s school, and text my wife my ETA.
All of your Siri conversations are saved in the new Siri app. It has the same icon as on iPhone, iPad, and Mac, and allows you to go back to the previous conversation you’ve had.
Those conversations also sync across your platforms via iCloud. So if I start a conversation in the car, I can pick it up on my iPad when I get to where I’m going.
New chat-style interface for apps with iOS 27 CarPlay
Along with the new Siri AI, Apple is allowing any app to offer up a conversation mode. This was previously limited to AI apps like ChatGPT or Perplexity.
The idea is that those apps could possibly tap into Apple Intelligence models and offer you the ability to chat, rather than use physical taps within the app.
If you had a pizza app, you could open it, tell the app what you wanted with your voice, which could build your order, give you a total, and submit it with an estimated pickup time. There’s a new UI element for this that hovers over the app’s contents.
Both first-party and third-party media apps will get upgrades thanks to iOS 27. This includes the Apple Music and Apple Podcasts apps.
Apple Music looks more organized and has a richer layout thanks to added media graphics. The big change, though, is the addition of the mini player.
New mini player in Podcasts and Apple Music apps with iOS 27 CarPlay
The new mini player sits in the top-right corner of the display when you have something playing. It minimizes, showing the album art and a play/pause button.
That way, while something is playing, you can browse the rest of the app while still retaining quick control of the current media.
Before, it would be two taps to get to the media if you weren’t on the “now playing” screen. You would have to tap the play icon in the top-right corner, then hit pause, which isn’t ideal if you’re driving.
A similar refresh comes to the Apple Podcasts app. It has a streamlined UI and a mini player.
That mini player is a new UI element that isn’t going to be exclusive to Apple apps. Apple has made it available to anyone who is creating media apps for CarPlay, and you can expect many of the popular streaming apps to adopt it.
Apple TV and video support for CarPlay
Another major change is video support. This is much more robust than what was previously included in iOS 26.
As part of iOS 26, Apple allowed apps to stream their content on a car’s infotainment system via AirPlay. It was only on supported cars that had to get approved through Apple’s MFi Program.
Grid of apps in the simulator with iOS 27
Now, Apple is allowing full, native video streaming applications as a new app category with iOS 27. AirPlay is still an option, but now you can browse and select content from the car’s interface, too.
I was able to test this out for myself using Apple’s new CarPlay simulator in Xcode. Apple is offering up initial support with the inclusion of the Apple TV app inside of CarPlay.
Apple TV app in CarPlay with iOS 27
There are several asterisks here. Automakers themselves still have to enable this, which means that we most likely will be waiting for that to happen.
When a vehicle does add support, it must be in park for any videos to play. That counts whether the content is started via AirPlay or a native video player.
Playing a video in CarPlay with iOS 27
One neat trick is that if you are watching a video and you move the car from park to drive, your video will automatically fall back to audio-only. That’s great for things like sports when you still want to follow along, even if you can’t watch it.
Other small changes for CarPlay in iOS 27
Aside from the big new features, there are a lot of other changes, tweaks, and optimizations Apple is rolling out to its in-car solution.
Wireless connection is now said to be more stable than before. Hopefully, that reduces the audio lag that can sometimes be present.
Navigation apps are now able to communicate with the car’s system. The idea behind this is that the car can see your route and suggest any changes.
The most obvious use case here is for EVs. If you put in a route, and your car realizes you only have so much battery remaining, it may propose the ideal charging station to add to the trip.
This whole back and forth is permission-based, so you must OK it before the communication happens, and you must OK any changes to the route. Otherwise, no information or route is shared with your car.
There are a few new icons with iOS 27. In Wi-Fi settings, if you use wireless CarPlay, there is a new CarPlay icon on the network to help identify it, and there is an updated battery icon system-wide.
New wallpapers in CarPlay with iOS 27
Finally, there are new wallpapers. Apple added 12 wallpapers for CarPlay in iOS 27, and they all have a similar swirl, like with the iOS 27 ones for iPhone, iPad, and Mac.
By going into the settings app, users can choose one of the new wallpapers that come in various colors.
CarPlay will be updated automatically when iOS 27 is released to the public.
from the ctrl-alt-speech dept
Ctrl-Alt-Speech is a weekly podcast about the latest news in online speech, from Mike Masnick and Everything in Moderation‘s Ben Whitelaw.
Subscribe now on Apple Podcasts, Overcast, Spotify, Pocket Casts, YouTube, or your podcast app of choice — or go straight to the RSS feed. To get extended episodes with additional coverage, support us on Patreon.
In this week’s roundup of the latest news in online speech, content moderation and internet regulation, Ben is joined by Jen Weedon, a T&S veteran of Meta and Niantic. She is currently consulting and teaching at Columbia school of International and Public Affairs. Together, Ben and Jen discuss:
And in the extended episode for Patreon supporters, they cover:
Our fun links this week are the How Alberta eradicated rats (Ben) and Mogwooooo’s Instagram account (Jen).
If you’re already a Patreon supporter, you can get the extended episode on Patreon.
Filed Under: age verification, ai, ai slop, artificial intelligence, content moderation, jen weedon, trust and safety, uk
Companies: anthropic, telegram
Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites.
The flaw is tracked as CVE-2026-4020 and received a medium severity rating. It affects all versions of the plugin from 2.1.4 and older and has been addressed in version 2.1.5, released on March 17.
WordPress security company Defiant is warning that hackers are actively exploiting the vulnerability. The company’s Wordfence firewall has blocked more than 17 million attempts against protected customers.
The issue stems from an exposed REST API endpoint in Gravity SMTP, whose ‘permission_callback’ always returns ‘true,’ allowing unauthenticated GET requests to receive a comprehensive JSON “System Report” generated by the plugin. The exposed information may contain:
- API keys, secrets, and OAuth tokens for configured email integrations
- Credentials for third-party email services, including Amazon SES, Google, Mailjet, Resend, and Zoho
- WordPress configuration details, including installed plugins, themes, and software versions
- Server and PHP environment information
- Database configuration details, including server version and table names
Despite its medium-severity rating, the CVE-2026-4020 vulnerability can be exploited without authentication, and the exposed information can be used to steal email service credentials.
This allows an attacker to impersonate the victim to third parties and also to gain detailed information about the site’s software stack and the potential vulnerabilities present.
“The exposure of live third-party API credentials means an attacker could abuse the site’s connected email services, while the detailed system report significantly lowers the effort required to plan further attacks against the site,” Wordfence researchers warn.
Wordfence says exploitation activity spiked on June 7, with 4 million requests being blocked that day. Similar activity was recorded for several days afterward.
Source: Wordfence
The security firm listed the most prolific source IP addresses for exploit requests, which website administrators should add to their blocklists.
A key indicator of compromise is requests to ‘/wp-json/gravitysmtp/v1/tests/mock-data’ found in web server access logs, particularly those including the ‘?page=gravitysmtp-settings’ query parameter.
Yesterday, the company issued a separate advisory about a critical, unauthenticated, arbitrary file-deletion flaw in the Avada Builder WordPress plugin, used on one million sites.
This vulnerability is identified as CVE-2026-8713 and allows attackers to delete arbitrary files on the server through a path traversal flaw, provided a published Avada form is configured to save submissions to the database.
Deleting critical files, such as wp-config.php, can revert the site to its initial setup state, potentially leading to a full site takeover and remote code execution.
The issue was fixed in version 3.15.4, which is the recommended upgrade target for website administrators. No active exploitation of CVE-2026-8713 has been observed yet, but this is a good candidate, so quick action is advised.
NewsBeat2 minutes ago
‘Ireland’s greatest ever sporting champion’: Boxer Katie Taylor awarded honorary degree
Business3 minutes ago
KNOT Offshore Partners: There Are Way Better Options Out There
Crypto World4 minutes ago
Ethereum Foundation Loses Second Co-Executive Director as Hsiao-Wei Wang Steps Down
-
Business5 days agoNo Jackpot Winner as $257 Million Prize Rolls Over to $269 Million Monday Draw
-
Crypto World5 days agoZimbabwe Requires Crypto Businesses to Register Annually Under New FIU Regulations
-
Crypto World7 days agoBitget enters Argentina’s regulated crypto market through PSAV registration
-
Tech7 days agoNanoClaw integrates JFrog registries to secure AI agent downloads
-
Entertainment5 days agoMatt Damon’s Viral Sci-Fi Thriller Has Taken Over HBO Max
-
Business5 days agoAnthropic staff to meet White House officials next week, Axios reports
-
Tech5 days agoAs AI companies race to go public, who else is along for the ride?
-
Crypto World5 days agoBitcoin could crash to $48,000, if this historical pattern is triggered
-
Politics5 days ago“Israel’s” ban on ICRC visits ruled illegal, but Knesset moves to stop them permanently
-
NewsBeat5 days agoWarning of disruption as Cardiff Crossrail works to start
-
News Videos5 days agoFinancial Accounting | Last Day Revision Strategy and Booster | CMA Inter – June 2026
-
NewsBeat5 days agoTributes to former deputy head teacher at Cambridge school among death and funeral notices
-
NewsBeat5 days agowhat doctors are seeing in ebike crashes
-
Entertainment6 days agoDeion Sanders Shares Powerful Post After Viral Advice To Deiondra
-
Entertainment5 days agoKate Middleton Glare Goes Viral After Kids Booed At Royal Event
-
Crypto World5 days agoXRP ETFs Outperform As Bitcoin And Ethereum Funds Extend Outflow Trend
-
Crypto World5 days agoMarket Preview: SpaceX (SPCX) IPO Record, Federal Reserve Meeting, and Iran Nuclear Agreement
-
Tech5 days agoOver 400 Arch Linux packages compromised to push rootkit, infostealer
-
Business5 days agoInvesco Quality Income Fund Q1 2026 Commentary
-
Entertainment7 days ago44 Years Later, This Is the Greatest Star Trek Quote in Sci-Fi History
You must be logged in to post a comment Login